/** * Copyright Notice: * Copyright 2021-2024 DMTF. All rights reserved. * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md **/ #ifndef SPDM_RESPONDER_LIB_INTERNAL_H #define SPDM_RESPONDER_LIB_INTERNAL_H #include "library/spdm_responder_lib.h" #include "library/spdm_secured_message_lib.h" #include "internal/libspdm_common_lib.h" #include "hal/library/responder/watchdoglib.h" /** * Process the SPDM request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ typedef libspdm_return_t (*libspdm_get_spdm_response_func)( libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Build the response when the response state is incorrect. * * @param spdm_context A pointer to the SPDM context. * @param request_code The SPDM request code. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_responder_handle_response_state(libspdm_context_t *spdm_context, uint8_t request_code, size_t *response_size, void *response); /** * Process the SPDM RESPONSE_IF_READY request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_respond_if_ready(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM GET_VERSION request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_version(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM GET_CAPABILITIES request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_capabilities(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM NEGOTIATE_ALGORITHMS request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_algorithms(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #if LIBSPDM_ENABLE_CAPABILITY_CERT_CAP /** * Process the SPDM GET_DIGESTS request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_digests(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM GET_CERTIFICATE request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_certificate(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_CERT_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP /** * Process the SPDM CHALLENGE request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_challenge_auth(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP /** * Process the SPDM GET_MEASUREMENT request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP /** * Process the SPDM KEY_EXCHANGE request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_key_exchange(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM FINISH request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_finish(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP /** * Process the SPDM PSK_EXCHANGE request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_psk_exchange(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM PSK_FINISH request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_psk_finish(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */ #if (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP) /** * Process the SPDM END_SESSION request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_end_session(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM KEY_UPDATE request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_key_update(libspdm_context_t*spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM HEARTBEAT request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_heartbeat(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP) */ #if LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP /** * Process the SPDM ENCAPSULATED_REQUEST request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_encapsulated_request( libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); /** * Process the SPDM ENCAPSULATED_RESPONSE_ACK request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_encapsulated_response_ack( libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT) /** * Get the SPDM encapsulated GET_DIGESTS request. * * @param spdm_context A pointer to the SPDM context. * @param encap_request_size size in bytes of the encapsulated request data. * On input, it means the size in bytes of encapsulated request data buffer. * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param encap_request A pointer to the encapsulated request data. * * @retval RETURN_SUCCESS The encapsulated request is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. **/ libspdm_return_t libspdm_get_encap_request_get_digest(libspdm_context_t *spdm_context, size_t *encap_request_size, void *encap_request); /** * Process the SPDM encapsulated DIGESTS response. * * @param spdm_context A pointer to the SPDM context. * @param encap_response_size size in bytes of the encapsulated response data. * @param encap_response A pointer to the encapsulated response data. * @param need_continue Indicate if encapsulated communication need continue. * * @retval RETURN_SUCCESS The encapsulated response is processed. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_process_encap_response_digest( libspdm_context_t *spdm_context, size_t encap_response_size, const void *encap_response, bool *need_continue); /** * Get the SPDM encapsulated GET_CERTIFICATE request. * * @param spdm_context A pointer to the SPDM context. * @param encap_request_size size in bytes of the encapsulated request data. * On input, it means the size in bytes of encapsulated request data buffer. * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param encap_request A pointer to the encapsulated request data. * * @retval RETURN_SUCCESS The encapsulated request is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. **/ libspdm_return_t libspdm_get_encap_request_get_certificate(libspdm_context_t *spdm_context, size_t *encap_request_size, void *encap_request); /** * Process the SPDM encapsulated CERTIFICATE response. * * @param spdm_context A pointer to the SPDM context. * @param encap_response_size size in bytes of the encapsulated response data. * @param encap_response A pointer to the encapsulated response data. * @param need_continue Indicate if encapsulated communication need continue. * * @retval RETURN_SUCCESS The encapsulated response is processed. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_process_encap_response_certificate( libspdm_context_t *spdm_context, size_t encap_response_size, const void *encap_response, bool *need_continue); #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT) */ #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_CHALLENGE_SUPPORT) /** * Get the SPDM encapsulated CHALLENGE request. * * @param spdm_context A pointer to the SPDM context. * @param encap_request_size size in bytes of the encapsulated request data. * On input, it means the size in bytes of encapsulated request data buffer. * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param encap_request A pointer to the encapsulated request data. * * @retval RETURN_SUCCESS The encapsulated request is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. **/ libspdm_return_t libspdm_get_encap_request_challenge(libspdm_context_t *spdm_context, size_t *encap_request_size, void *encap_request); /** * Process the SPDM encapsulated CHALLENGE_AUTH response. * * @param spdm_context A pointer to the SPDM context. * @param encap_response_size size in bytes of the encapsulated response data. * @param encap_response A pointer to the encapsulated response data. * @param need_continue Indicate if encapsulated communication need continue. * * @retval RETURN_SUCCESS The encapsulated response is processed. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_process_encap_response_challenge_auth( libspdm_context_t *spdm_context, size_t encap_response_size, const void *encap_response, bool *need_continue); #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_CHALLENGE_SUPPORT) */ /** * Get the SPDM encapsulated KEY_UPDATE request. * * @param spdm_context A pointer to the SPDM context. * @param encap_request_size size in bytes of the encapsulated request data. * On input, it means the size in bytes of encapsulated request data buffer. * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param encap_request A pointer to the encapsulated request data. * * @retval RETURN_SUCCESS The encapsulated request is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. **/ libspdm_return_t libspdm_get_encap_request_key_update(libspdm_context_t *spdm_context, size_t *encap_request_size, void *encap_request); /** * Process the SPDM encapsulated KEY_UPDATE response. * * @param spdm_context A pointer to the SPDM context. * @param encap_response_size size in bytes of the encapsulated response data. * @param encap_response A pointer to the encapsulated response data. * @param need_continue Indicate if encapsulated communication need continue. * * @retval RETURN_SUCCESS The encapsulated response is processed. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_process_encap_response_key_update( libspdm_context_t *spdm_context, size_t encap_response_size, const void *encap_response, bool *need_continue); #endif /* LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP */ /** * Return the GET_SPDM_RESPONSE function via request code. * * @param request_code The SPDM request code. * * @return GET_SPDM_RESPONSE function according to the request code. **/ libspdm_get_spdm_response_func libspdm_get_response_func_via_request_code(uint8_t request_code); #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP /** * This function initializes the mut_auth encapsulated state. * * @param spdm_context A pointer to the SPDM context. * @param mut_auth_requested Indicate of the mut_auth_requested through KEY_EXCHANGE response. **/ void libspdm_init_mut_auth_encap_state(libspdm_context_t *spdm_context, uint8_t mut_auth_requested); #if LIBSPDM_SEND_CHALLENGE_SUPPORT /** * This function initializes the basic_mut_auth encapsulated state. * * @param spdm_context A pointer to the SPDM context. **/ void libspdm_init_basic_mut_auth_encap_state(libspdm_context_t *spdm_context); #endif /* LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT */ #endif /* LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP */ /** * This function handles the encap error response. * * @param spdm_context A pointer to the SPDM context. * @param error_code Indicate the error code. * * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. **/ libspdm_return_t libspdm_handle_encap_error_response_main( libspdm_context_t *spdm_context, uint8_t error_code); /** * Set session_state to an SPDM secured message context and trigger callback. * * @param spdm_context A pointer to the SPDM context. * @param session_id Indicate the SPDM session ID. * @param session_state Indicate the SPDM session state. */ void libspdm_set_session_state(libspdm_context_t *spdm_context, uint32_t session_id, libspdm_session_state_t session_state); /** * Set connection_state to an SPDM context and trigger callback. * * @param spdm_context A pointer to the SPDM context. * @param connection_state Indicate the SPDM connection state. */ void libspdm_set_connection_state(libspdm_context_t *spdm_context, libspdm_connection_state_t connection_state); #if LIBSPDM_ENABLE_CAPABILITY_CSR_CAP /** * Process the SPDM GET_CSR request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_csr(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_CSR_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP /** * Process the SPDM SET_CERTIFICATE request and return the response. * * | Cert State in Slot | Req(KeyPairID,CertMode) | Req(Erase) | Res(KeyPairID,CertMode) | Action | * |-----------------------|-------------------------|------------|-----------------------------|--------------------------| * | Not exist | - | - | - | Invalid | * | exist and empty | Valid | No | Not exist | Provision | * | exist and empty | Valid | Yes | Not exist | Invalid | * | exist with key | Valid | No | KeyPairID/CertMode match | Provision | * | exist with key | Valid | Yes | KeyPairID/CertMode match | Invalid | * | exist with key | Valid | No | KeyPairID/CertMode not match| Invalid(or OverWrite) | * | exist with key | Valid | Yes | KeyPairID/CertMode not match| Invalid | * |exist with key and cert| Valid | No | KeyPairID/CertMode match | Invalid(or OverWrite) | * |exist with key and cert| Valid | Yes | KeyPairID/CertMode match | Erase Cert | * |exist with key and cert| Valid | No | KeyPairID/CertMode not match| Invalid | * |exist with key and cert| Valid | Yes | KeyPairID/CertMode not match| Invalid | * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_set_certificate(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP /** * Process the SPDM CHUNK_GET request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_chunk_get(libspdm_context_t *spdm_context, size_t request_size, const void* request, size_t* response_size, void* response); /** * Process the SPDM CHUNK_SEND request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. * @param response A pointer to the response data. * * @retval RETURN_SUCCESS The request is processed and the response is returned. * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. * @retval RETURN_SECURITY_VIOLATION Any verification fails. **/ libspdm_return_t libspdm_get_response_chunk_send(libspdm_context_t *spdm_context, size_t request_size, const void* request, size_t* response_size, void* response); #endif /* LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP */ #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP /** * Process the SPDM GET_SUPPORTED_EVENT_TYPES request and return the response. **/ libspdm_return_t libspdm_get_response_supported_event_types(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */ #if LIBSPDM_ENABLE_VENDOR_DEFINED_MESSAGES /** * Process the SPDM VENDOR_DEFINED_REQUEST request and return the response. * * @param spdm_context A pointer to the SPDM context. * @param request_size size in bytes of the request data. * @param request A pointer to the request data. * @param response_size size in bytes of the response data. * On input, it means the size in bytes of response data buffer. * On output, it means the size in bytes of copied response data * @param response A pointer to the response data. * **/ libspdm_return_t libspdm_get_vendor_defined_response(libspdm_context_t *spdm_context, size_t request_size, const void *request, size_t *response_size, void *response); #endif /* LIBSPDM_ENABLE_VENDOR_DEFINED_MESSAGES */ /** * This function allocates half of session ID for a responder. * * @param spdm_context A pointer to the SPDM context. * * @return half of session ID for a responder. **/ uint16_t libspdm_allocate_rsp_session_id(const libspdm_context_t *spdm_context, bool use_psk); /** * Build opaque data version selection. * * This function should be called in KEY_EXCHANGE/PSK_EXCHANGE response generation. * * @param data_out_size Size in bytes of the data_out. * On input, it means the size in bytes of data_out buffer. * On output, it means the size in bytes of copied data_out buffer. * @param data_out A pointer to the destination buffer to store the opaque data version selection. **/ void libspdm_build_opaque_data_version_selection_data(const libspdm_context_t *spdm_context, size_t *data_out_size, void *data_out); /** * Process opaque data supported version. * * This function should be called in KEY_EXCHANGE/PSK_EXCHANGE request parsing in responder. * * @param data_in_size Size in bytes of the data_in. * @param data_in A pointer to the buffer to store the opaque data supported version. **/ libspdm_return_t libspdm_process_opaque_data_supported_version_data(libspdm_context_t *spdm_context, size_t data_in_size, const void *data_in); /** * This function verifies the finish HMAC based upon TH. * * @param spdm_context A pointer to the SPDM context. * @param session_info The session info of an SPDM session. * @param hmac_data The HMAC data buffer. * @param hmac_data_size Size in bytes of the HMAC data buffer. * * @retval true HMAC verification pass. * @retval false HMAC verification fail. **/ bool libspdm_verify_finish_req_hmac(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, const uint8_t *hmac, size_t hmac_size); #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP /** * This function verifies the finish signature based upon TH. * * @param spdm_context A pointer to the SPDM context. * @param session_info The session info of an SPDM session. * @param sign_data The signature data buffer. * @param sign_data_size size in bytes of the signature data buffer. * * @retval true signature verification pass. * @retval false signature verification fail. **/ bool libspdm_verify_finish_req_signature(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, const void *sign_data, const size_t sign_data_size); #endif /** * This function generates the finish HMAC based upon TH. * * @param spdm_context A pointer to the SPDM context. * @param session_info The session info of an SPDM session. * @param hmac The buffer to store the finish HMAC. * * @retval true finish HMAC is generated. * @retval false finish HMAC is not generated. **/ bool libspdm_generate_finish_rsp_hmac(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, uint8_t *hmac); /** * This function generates the key exchange HMAC based upon TH. * * @param spdm_context A pointer to the SPDM context. * @param session_info The session info of an SPDM session. * @param hmac The buffer to store the key exchange HMAC. * * @retval true key exchange HMAC is generated. * @retval false key exchange HMAC is not generated. **/ bool libspdm_generate_key_exchange_rsp_hmac(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, uint8_t *hmac); /** * This function generates the key exchange signature based upon TH. * * @param spdm_context A pointer to the SPDM context. * @param session_info The session info of an SPDM session. * @param signature The buffer to store the key exchange signature. * * @retval true key exchange signature is generated. * @retval false key exchange signature is not generated. **/ bool libspdm_generate_key_exchange_rsp_signature(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, uint8_t *signature); #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP /** * This function generates the measurement signature to response message based upon l1l2. * If session_info is NULL, this function will use M cache of SPDM context, * else will use M cache of SPDM session context. * * @param spdm_context A pointer to the SPDM context. * @param session_info A pointer to the SPDM session context. * @param signature The buffer to store the signature. * * @retval true measurement signature is generated. * @retval false measurement signature is not generated. **/ bool libspdm_generate_measurement_signature(libspdm_context_t *spdm_context, libspdm_session_info_t *session_info, uint8_t *signature); #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP*/ #endif /* SPDM_RESPONDER_LIB_INTERNAL_H */