1 /** 2 * Copyright Notice: 3 * Copyright 2021-2022 DMTF. All rights reserved. 4 * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md 5 **/ 6 7 #ifndef SPDM_RESPONDER_LIB_INTERNAL_H 8 #define SPDM_RESPONDER_LIB_INTERNAL_H 9 10 #include "library/spdm_responder_lib.h" 11 #include "library/spdm_secured_message_lib.h" 12 #include "internal/libspdm_common_lib.h" 13 #include "hal/library/responder/watchdoglib.h" 14 15 /** 16 * Process the SPDM request and return the response. 17 * 18 * @param spdm_context A pointer to the SPDM context. 19 * @param request_size size in bytes of the request data. 20 * @param request A pointer to the request data. 21 * @param response_size size in bytes of the response data. 22 * On input, it means the size in bytes of response data buffer. 23 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 24 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 25 * @param response A pointer to the response data. 26 * 27 * @retval RETURN_SUCCESS The request is processed and the response is returned. 28 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 29 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 30 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 31 **/ 32 typedef libspdm_return_t (*libspdm_get_spdm_response_func)( 33 libspdm_context_t *spdm_context, size_t request_size, const void *request, 34 size_t *response_size, void *response); 35 36 /** 37 * Build the response when the response state is incorrect. 38 * 39 * @param spdm_context A pointer to the SPDM context. 40 * @param request_code The SPDM request code. 41 * @param response_size size in bytes of the response data. 42 * On input, it means the size in bytes of response data buffer. 43 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 44 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 45 * @param response A pointer to the response data. 46 * 47 * @retval RETURN_SUCCESS The response is returned. 48 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 49 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 50 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 51 **/ 52 libspdm_return_t libspdm_responder_handle_response_state(libspdm_context_t *spdm_context, 53 uint8_t request_code, 54 size_t *response_size, 55 void *response); 56 57 /** 58 * Process the SPDM RESPONSE_IF_READY request and return the response. 59 * 60 * @param spdm_context A pointer to the SPDM context. 61 * @param request_size size in bytes of the request data. 62 * @param request A pointer to the request data. 63 * @param response_size size in bytes of the response data. 64 * On input, it means the size in bytes of response data buffer. 65 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 66 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 67 * @param response A pointer to the response data. 68 * 69 * @retval RETURN_SUCCESS The request is processed and the response is returned. 70 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 71 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 72 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 73 **/ 74 libspdm_return_t libspdm_get_response_respond_if_ready(libspdm_context_t *spdm_context, 75 size_t request_size, 76 const void *request, 77 size_t *response_size, 78 void *response); 79 80 /** 81 * Process the SPDM GET_VERSION request and return the response. 82 * 83 * @param spdm_context A pointer to the SPDM context. 84 * @param request_size size in bytes of the request data. 85 * @param request A pointer to the request data. 86 * @param response_size size in bytes of the response data. 87 * On input, it means the size in bytes of response data buffer. 88 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 89 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 90 * @param response A pointer to the response data. 91 * 92 * @retval RETURN_SUCCESS The request is processed and the response is returned. 93 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 94 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 95 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 96 **/ 97 libspdm_return_t libspdm_get_response_version(libspdm_context_t *spdm_context, 98 size_t request_size, const void *request, 99 size_t *response_size, 100 void *response); 101 102 /** 103 * Process the SPDM GET_CAPABILITIES request and return the response. 104 * 105 * @param spdm_context A pointer to the SPDM context. 106 * @param request_size size in bytes of the request data. 107 * @param request A pointer to the request data. 108 * @param response_size size in bytes of the response data. 109 * On input, it means the size in bytes of response data buffer. 110 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 111 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 112 * @param response A pointer to the response data. 113 * 114 * @retval RETURN_SUCCESS The request is processed and the response is returned. 115 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 116 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 117 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 118 **/ 119 libspdm_return_t libspdm_get_response_capabilities(libspdm_context_t *spdm_context, 120 size_t request_size, 121 const void *request, 122 size_t *response_size, 123 void *response); 124 125 /** 126 * Process the SPDM NEGOTIATE_ALGORITHMS request and return the response. 127 * 128 * @param spdm_context A pointer to the SPDM context. 129 * @param request_size size in bytes of the request data. 130 * @param request A pointer to the request data. 131 * @param response_size size in bytes of the response data. 132 * On input, it means the size in bytes of response data buffer. 133 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 134 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 135 * @param response A pointer to the response data. 136 * 137 * @retval RETURN_SUCCESS The request is processed and the response is returned. 138 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 139 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 140 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 141 **/ 142 libspdm_return_t libspdm_get_response_algorithms(libspdm_context_t *spdm_context, 143 size_t request_size, 144 const void *request, 145 size_t *response_size, 146 void *response); 147 148 #if LIBSPDM_ENABLE_CAPABILITY_CERT_CAP 149 /** 150 * Process the SPDM GET_DIGESTS request and return the response. 151 * 152 * @param spdm_context A pointer to the SPDM context. 153 * @param request_size size in bytes of the request data. 154 * @param request A pointer to the request data. 155 * @param response_size size in bytes of the response data. 156 * On input, it means the size in bytes of response data buffer. 157 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 158 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 159 * @param response A pointer to the response data. 160 * 161 * @retval RETURN_SUCCESS The request is processed and the response is returned. 162 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 163 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 164 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 165 **/ 166 libspdm_return_t libspdm_get_response_digests(libspdm_context_t *spdm_context, 167 size_t request_size, const void *request, 168 size_t *response_size, 169 void *response); 170 /** 171 * Process the SPDM GET_CERTIFICATE request and return the response. 172 * 173 * @param spdm_context A pointer to the SPDM context. 174 * @param request_size size in bytes of the request data. 175 * @param request A pointer to the request data. 176 * @param response_size size in bytes of the response data. 177 * On input, it means the size in bytes of response data buffer. 178 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 179 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 180 * @param response A pointer to the response data. 181 * 182 * @retval RETURN_SUCCESS The request is processed and the response is returned. 183 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 184 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 185 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 186 **/ 187 188 libspdm_return_t libspdm_get_response_certificate(libspdm_context_t *spdm_context, 189 size_t request_size, 190 const void *request, 191 size_t *response_size, 192 void *response); 193 #endif /* LIBSPDM_ENABLE_CAPABILITY_CERT_CAP */ 194 195 #if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP 196 /** 197 * Process the SPDM CHALLENGE request and return the response. 198 * 199 * @param spdm_context A pointer to the SPDM context. 200 * @param request_size size in bytes of the request data. 201 * @param request A pointer to the request data. 202 * @param response_size size in bytes of the response data. 203 * On input, it means the size in bytes of response data buffer. 204 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 205 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 206 * @param response A pointer to the response data. 207 * 208 * @retval RETURN_SUCCESS The request is processed and the response is returned. 209 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 210 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 211 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 212 **/ 213 libspdm_return_t libspdm_get_response_challenge_auth(libspdm_context_t *spdm_context, 214 size_t request_size, 215 const void *request, 216 size_t *response_size, 217 void *response); 218 #endif /* LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */ 219 220 #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP 221 /** 222 * Process the SPDM GET_MEASUREMENT request and return the response. 223 * 224 * @param spdm_context A pointer to the SPDM context. 225 * @param request_size size in bytes of the request data. 226 * @param request A pointer to the request data. 227 * @param response_size size in bytes of the response data. 228 * On input, it means the size in bytes of response data buffer. 229 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 230 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 231 * @param response A pointer to the response data. 232 * 233 * @retval RETURN_SUCCESS The request is processed and the response is returned. 234 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 235 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 236 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 237 **/ 238 libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_context, 239 size_t request_size, 240 const void *request, 241 size_t *response_size, 242 void *response); 243 #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */ 244 245 #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP 246 /** 247 * Process the SPDM KEY_EXCHANGE request and return the response. 248 * 249 * @param spdm_context A pointer to the SPDM context. 250 * @param request_size size in bytes of the request data. 251 * @param request A pointer to the request data. 252 * @param response_size size in bytes of the response data. 253 * On input, it means the size in bytes of response data buffer. 254 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 255 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 256 * @param response A pointer to the response data. 257 * 258 * @retval RETURN_SUCCESS The request is processed and the response is returned. 259 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 260 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 261 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 262 **/ 263 libspdm_return_t libspdm_get_response_key_exchange(libspdm_context_t *spdm_context, 264 size_t request_size, 265 const void *request, 266 size_t *response_size, 267 void *response); 268 269 /** 270 * Process the SPDM FINISH request and return the response. 271 * 272 * @param spdm_context A pointer to the SPDM context. 273 * @param request_size size in bytes of the request data. 274 * @param request A pointer to the request data. 275 * @param response_size size in bytes of the response data. 276 * On input, it means the size in bytes of response data buffer. 277 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 278 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 279 * @param response A pointer to the response data. 280 * 281 * @retval RETURN_SUCCESS The request is processed and the response is returned. 282 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 283 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 284 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 285 **/ 286 libspdm_return_t libspdm_get_response_finish(libspdm_context_t *spdm_context, 287 size_t request_size, const void *request, 288 size_t *response_size, 289 void *response); 290 #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP */ 291 292 #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP 293 /** 294 * Process the SPDM PSK_EXCHANGE request and return the response. 295 * 296 * @param spdm_context A pointer to the SPDM context. 297 * @param request_size size in bytes of the request data. 298 * @param request A pointer to the request data. 299 * @param response_size size in bytes of the response data. 300 * On input, it means the size in bytes of response data buffer. 301 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 302 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 303 * @param response A pointer to the response data. 304 * 305 * @retval RETURN_SUCCESS The request is processed and the response is returned. 306 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 307 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 308 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 309 **/ 310 libspdm_return_t libspdm_get_response_psk_exchange(libspdm_context_t *spdm_context, 311 size_t request_size, 312 const void *request, 313 size_t *response_size, 314 void *response); 315 316 /** 317 * Process the SPDM PSK_FINISH request and return the response. 318 * 319 * @param spdm_context A pointer to the SPDM context. 320 * @param request_size size in bytes of the request data. 321 * @param request A pointer to the request data. 322 * @param response_size size in bytes of the response data. 323 * On input, it means the size in bytes of response data buffer. 324 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 325 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 326 * @param response A pointer to the response data. 327 * 328 * @retval RETURN_SUCCESS The request is processed and the response is returned. 329 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 330 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 331 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 332 **/ 333 libspdm_return_t libspdm_get_response_psk_finish(libspdm_context_t *spdm_context, 334 size_t request_size, 335 const void *request, 336 size_t *response_size, 337 void *response); 338 #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */ 339 340 #if (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP) 341 /** 342 * Process the SPDM END_SESSION request and return the response. 343 * 344 * @param spdm_context A pointer to the SPDM context. 345 * @param request_size size in bytes of the request data. 346 * @param request A pointer to the request data. 347 * @param response_size size in bytes of the response data. 348 * On input, it means the size in bytes of response data buffer. 349 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 350 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 351 * @param response A pointer to the response data. 352 * 353 * @retval RETURN_SUCCESS The request is processed and the response is returned. 354 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 355 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 356 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 357 **/ 358 libspdm_return_t libspdm_get_response_end_session(libspdm_context_t *spdm_context, 359 size_t request_size, 360 const void *request, 361 size_t *response_size, 362 void *response); 363 364 /** 365 * Process the SPDM KEY_UPDATE request and return the response. 366 * 367 * @param spdm_context A pointer to the SPDM context. 368 * @param request_size size in bytes of the request data. 369 * @param request A pointer to the request data. 370 * @param response_size size in bytes of the response data. 371 * On input, it means the size in bytes of response data buffer. 372 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 373 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 374 * @param response A pointer to the response data. 375 * 376 * @retval RETURN_SUCCESS The request is processed and the response is returned. 377 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 378 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 379 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 380 **/ 381 libspdm_return_t libspdm_get_response_key_update(libspdm_context_t*spdm_context, 382 size_t request_size, 383 const void *request, 384 size_t *response_size, 385 void *response); 386 387 /** 388 * Process the SPDM HEARTBEAT request and return the response. 389 * 390 * @param spdm_context A pointer to the SPDM context. 391 * @param request_size size in bytes of the request data. 392 * @param request A pointer to the request data. 393 * @param response_size size in bytes of the response data. 394 * On input, it means the size in bytes of response data buffer. 395 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 396 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 397 * @param response A pointer to the response data. 398 * 399 * @retval RETURN_SUCCESS The request is processed and the response is returned. 400 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 401 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 402 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 403 **/ 404 libspdm_return_t libspdm_get_response_heartbeat(libspdm_context_t *spdm_context, 405 size_t request_size, 406 const void *request, 407 size_t *response_size, 408 void *response); 409 #endif /* (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP) */ 410 411 #if LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP 412 /** 413 * Process the SPDM ENCAPSULATED_REQUEST request and return the response. 414 * 415 * @param spdm_context A pointer to the SPDM context. 416 * @param request_size size in bytes of the request data. 417 * @param request A pointer to the request data. 418 * @param response_size size in bytes of the response data. 419 * On input, it means the size in bytes of response data buffer. 420 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 421 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 422 * @param response A pointer to the response data. 423 * 424 * @retval RETURN_SUCCESS The request is processed and the response is returned. 425 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 426 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 427 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 428 **/ 429 libspdm_return_t libspdm_get_response_encapsulated_request( 430 libspdm_context_t *spdm_context, size_t request_size, const void *request, 431 size_t *response_size, void *response); 432 433 /** 434 * Process the SPDM ENCAPSULATED_RESPONSE_ACK request and return the response. 435 * 436 * @param spdm_context A pointer to the SPDM context. 437 * @param request_size size in bytes of the request data. 438 * @param request A pointer to the request data. 439 * @param response_size size in bytes of the response data. 440 * On input, it means the size in bytes of response data buffer. 441 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 442 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 443 * @param response A pointer to the response data. 444 * 445 * @retval RETURN_SUCCESS The request is processed and the response is returned. 446 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 447 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 448 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 449 **/ 450 libspdm_return_t libspdm_get_response_encapsulated_response_ack( 451 libspdm_context_t *spdm_context, size_t request_size, const void *request, 452 size_t *response_size, void *response); 453 454 #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT) 455 /** 456 * Get the SPDM encapsulated GET_DIGESTS request. 457 * 458 * @param spdm_context A pointer to the SPDM context. 459 * @param encap_request_size size in bytes of the encapsulated request data. 460 * On input, it means the size in bytes of encapsulated request data buffer. 461 * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, 462 * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. 463 * @param encap_request A pointer to the encapsulated request data. 464 * 465 * @retval RETURN_SUCCESS The encapsulated request is returned. 466 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 467 **/ 468 libspdm_return_t libspdm_get_encap_request_get_digest(libspdm_context_t *spdm_context, 469 size_t *encap_request_size, 470 void *encap_request); 471 472 /** 473 * Process the SPDM encapsulated DIGESTS response. 474 * 475 * @param spdm_context A pointer to the SPDM context. 476 * @param encap_response_size size in bytes of the encapsulated response data. 477 * @param encap_response A pointer to the encapsulated response data. 478 * @param need_continue Indicate if encapsulated communication need continue. 479 * 480 * @retval RETURN_SUCCESS The encapsulated response is processed. 481 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 482 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 483 **/ 484 libspdm_return_t libspdm_process_encap_response_digest( 485 libspdm_context_t *spdm_context, size_t encap_response_size, 486 const void *encap_response, bool *need_continue); 487 488 489 /** 490 * Get the SPDM encapsulated GET_CERTIFICATE request. 491 * 492 * @param spdm_context A pointer to the SPDM context. 493 * @param encap_request_size size in bytes of the encapsulated request data. 494 * On input, it means the size in bytes of encapsulated request data buffer. 495 * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, 496 * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. 497 * @param encap_request A pointer to the encapsulated request data. 498 * 499 * @retval RETURN_SUCCESS The encapsulated request is returned. 500 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 501 **/ 502 libspdm_return_t libspdm_get_encap_request_get_certificate(libspdm_context_t *spdm_context, 503 size_t *encap_request_size, 504 void *encap_request); 505 506 /** 507 * Process the SPDM encapsulated CERTIFICATE response. 508 * 509 * @param spdm_context A pointer to the SPDM context. 510 * @param encap_response_size size in bytes of the encapsulated response data. 511 * @param encap_response A pointer to the encapsulated response data. 512 * @param need_continue Indicate if encapsulated communication need continue. 513 * 514 * @retval RETURN_SUCCESS The encapsulated response is processed. 515 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 516 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 517 **/ 518 libspdm_return_t libspdm_process_encap_response_certificate( 519 libspdm_context_t *spdm_context, size_t encap_response_size, 520 const void *encap_response, bool *need_continue); 521 #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT) */ 522 523 #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_CHALLENGE_SUPPORT) 524 /** 525 * Get the SPDM encapsulated CHALLENGE request. 526 * 527 * @param spdm_context A pointer to the SPDM context. 528 * @param encap_request_size size in bytes of the encapsulated request data. 529 * On input, it means the size in bytes of encapsulated request data buffer. 530 * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, 531 * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. 532 * @param encap_request A pointer to the encapsulated request data. 533 * 534 * @retval RETURN_SUCCESS The encapsulated request is returned. 535 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 536 **/ 537 libspdm_return_t libspdm_get_encap_request_challenge(libspdm_context_t *spdm_context, 538 size_t *encap_request_size, 539 void *encap_request); 540 541 /** 542 * Process the SPDM encapsulated CHALLENGE_AUTH response. 543 * 544 * @param spdm_context A pointer to the SPDM context. 545 * @param encap_response_size size in bytes of the encapsulated response data. 546 * @param encap_response A pointer to the encapsulated response data. 547 * @param need_continue Indicate if encapsulated communication need continue. 548 * 549 * @retval RETURN_SUCCESS The encapsulated response is processed. 550 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 551 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 552 **/ 553 libspdm_return_t libspdm_process_encap_response_challenge_auth( 554 libspdm_context_t *spdm_context, size_t encap_response_size, 555 const void *encap_response, bool *need_continue); 556 #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_SEND_CHALLENGE_SUPPORT) */ 557 558 /** 559 * Get the SPDM encapsulated KEY_UPDATE request. 560 * 561 * @param spdm_context A pointer to the SPDM context. 562 * @param encap_request_size size in bytes of the encapsulated request data. 563 * On input, it means the size in bytes of encapsulated request data buffer. 564 * On output, it means the size in bytes of copied encapsulated request data buffer if RETURN_SUCCESS is returned, 565 * and means the size in bytes of desired encapsulated request data buffer if RETURN_BUFFER_TOO_SMALL is returned. 566 * @param encap_request A pointer to the encapsulated request data. 567 * 568 * @retval RETURN_SUCCESS The encapsulated request is returned. 569 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 570 **/ 571 libspdm_return_t libspdm_get_encap_request_key_update(libspdm_context_t *spdm_context, 572 size_t *encap_request_size, 573 void *encap_request); 574 575 /** 576 * Process the SPDM encapsulated KEY_UPDATE response. 577 * 578 * @param spdm_context A pointer to the SPDM context. 579 * @param encap_response_size size in bytes of the encapsulated response data. 580 * @param encap_response A pointer to the encapsulated response data. 581 * @param need_continue Indicate if encapsulated communication need continue. 582 * 583 * @retval RETURN_SUCCESS The encapsulated response is processed. 584 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 585 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 586 **/ 587 libspdm_return_t libspdm_process_encap_response_key_update( 588 libspdm_context_t *spdm_context, size_t encap_response_size, 589 const void *encap_response, bool *need_continue); 590 #endif /* LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP */ 591 592 /** 593 * Return the GET_SPDM_RESPONSE function via request code. 594 * 595 * @param request_code The SPDM request code. 596 * 597 * @return GET_SPDM_RESPONSE function according to the request code. 598 **/ 599 libspdm_get_spdm_response_func libspdm_get_response_func_via_request_code(uint8_t request_code); 600 601 #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP 602 /** 603 * This function initializes the mut_auth encapsulated state. 604 * 605 * @param spdm_context A pointer to the SPDM context. 606 * @param mut_auth_requested Indicate of the mut_auth_requested through KEY_EXCHANGE response. 607 **/ 608 void libspdm_init_mut_auth_encap_state(libspdm_context_t *spdm_context, uint8_t mut_auth_requested); 609 610 #if LIBSPDM_SEND_CHALLENGE_SUPPORT 611 /** 612 * This function initializes the basic_mut_auth encapsulated state. 613 * 614 * @param spdm_context A pointer to the SPDM context. 615 **/ 616 void libspdm_init_basic_mut_auth_encap_state(libspdm_context_t *spdm_context); 617 #endif /* LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT */ 618 #endif /* LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP */ 619 620 /** 621 * This function handles the encap error response. 622 * 623 * @param spdm_context A pointer to the SPDM context. 624 * @param error_code Indicate the error code. 625 * 626 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 627 **/ 628 libspdm_return_t libspdm_handle_encap_error_response_main( 629 libspdm_context_t *spdm_context, uint8_t error_code); 630 631 /** 632 * Set session_state to an SPDM secured message context and trigger callback. 633 * 634 * @param spdm_context A pointer to the SPDM context. 635 * @param session_id Indicate the SPDM session ID. 636 * @param session_state Indicate the SPDM session state. 637 */ 638 void libspdm_set_session_state(libspdm_context_t *spdm_context, 639 uint32_t session_id, 640 libspdm_session_state_t session_state); 641 642 /** 643 * Set connection_state to an SPDM context and trigger callback. 644 * 645 * @param spdm_context A pointer to the SPDM context. 646 * @param connection_state Indicate the SPDM connection state. 647 */ 648 void libspdm_set_connection_state(libspdm_context_t *spdm_context, 649 libspdm_connection_state_t connection_state); 650 651 #if LIBSPDM_ENABLE_CAPABILITY_CSR_CAP 652 /** 653 * Process the SPDM GET_CSR request and return the response. 654 * 655 * @param spdm_context A pointer to the SPDM context. 656 * @param request_size size in bytes of the request data. 657 * @param request A pointer to the request data. 658 * @param response_size size in bytes of the response data. 659 * On input, it means the size in bytes of response data buffer. 660 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 661 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 662 * @param response A pointer to the response data. 663 * 664 * @retval RETURN_SUCCESS The request is processed and the response is returned. 665 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 666 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 667 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 668 **/ 669 libspdm_return_t libspdm_get_response_csr(libspdm_context_t *spdm_context, 670 size_t request_size, const void *request, 671 size_t *response_size, void *response); 672 #endif /* LIBSPDM_ENABLE_CAPABILITY_CSR_CAP */ 673 674 #if LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP 675 /** 676 * Process the SPDM SET_CERTIFICATE request and return the response. 677 * 678 * @param spdm_context A pointer to the SPDM context. 679 * @param request_size size in bytes of the request data. 680 * @param request A pointer to the request data. 681 * @param response_size size in bytes of the response data. 682 * On input, it means the size in bytes of response data buffer. 683 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 684 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 685 * @param response A pointer to the response data. 686 * 687 * @retval RETURN_SUCCESS The request is processed and the response is returned. 688 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 689 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 690 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 691 **/ 692 libspdm_return_t libspdm_get_response_set_certificate(libspdm_context_t *spdm_context, 693 size_t request_size, const void *request, 694 size_t *response_size, void *response); 695 #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP */ 696 697 #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP 698 /** 699 * Process the SPDM CHUNK_GET request and return the response. 700 * 701 * @param spdm_context A pointer to the SPDM context. 702 * @param request_size size in bytes of the request data. 703 * @param request A pointer to the request data. 704 * @param response_size size in bytes of the response data. 705 * On input, it means the size in bytes of response data buffer. 706 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 707 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 708 * @param response A pointer to the response data. 709 * 710 * @retval RETURN_SUCCESS The request is processed and the response is returned. 711 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 712 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 713 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 714 **/ 715 libspdm_return_t libspdm_get_response_chunk_get(libspdm_context_t *spdm_context, 716 size_t request_size, 717 const void* request, 718 size_t* response_size, 719 void* response); 720 721 /** 722 * Process the SPDM CHUNK_SEND request and return the response. 723 * 724 * @param spdm_context A pointer to the SPDM context. 725 * @param request_size size in bytes of the request data. 726 * @param request A pointer to the request data. 727 * @param response_size size in bytes of the response data. 728 * On input, it means the size in bytes of response data buffer. 729 * On output, it means the size in bytes of copied response data buffer if RETURN_SUCCESS is returned, 730 * and means the size in bytes of desired response data buffer if RETURN_BUFFER_TOO_SMALL is returned. 731 * @param response A pointer to the response data. 732 * 733 * @retval RETURN_SUCCESS The request is processed and the response is returned. 734 * @retval RETURN_BUFFER_TOO_SMALL The buffer is too small to hold the data. 735 * @retval RETURN_DEVICE_ERROR A device error occurs when communicates with the device. 736 * @retval RETURN_SECURITY_VIOLATION Any verification fails. 737 **/ 738 libspdm_return_t libspdm_get_response_chunk_send(libspdm_context_t *spdm_context, 739 size_t request_size, 740 const void* request, 741 size_t* response_size, 742 void* response); 743 744 #endif /* LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP */ 745 746 /** 747 * This function allocates half of session ID for a responder. 748 * 749 * @param spdm_context A pointer to the SPDM context. 750 * 751 * @return half of session ID for a responder. 752 **/ 753 uint16_t libspdm_allocate_rsp_session_id(const libspdm_context_t *spdm_context, bool use_psk); 754 755 /** 756 * Build opaque data version selection. 757 * 758 * This function should be called in KEY_EXCHANGE/PSK_EXCHANGE response generation. 759 * 760 * @param data_out_size Size in bytes of the data_out. 761 * On input, it means the size in bytes of data_out buffer. 762 * On output, it means the size in bytes of copied data_out buffer. 763 * @param data_out A pointer to the destination buffer to store the opaque data version selection. 764 **/ 765 void libspdm_build_opaque_data_version_selection_data(const libspdm_context_t *spdm_context, 766 size_t *data_out_size, 767 void *data_out); 768 769 /** 770 * Process opaque data supported version. 771 * 772 * This function should be called in KEY_EXCHANGE/PSK_EXCHANGE request parsing in responder. 773 * 774 * @param data_in_size Size in bytes of the data_in. 775 * @param data_in A pointer to the buffer to store the opaque data supported version. 776 **/ 777 libspdm_return_t 778 libspdm_process_opaque_data_supported_version_data(libspdm_context_t *spdm_context, 779 size_t data_in_size, 780 const void *data_in); 781 782 /** 783 * This function verifies the finish HMAC based upon TH. 784 * 785 * @param spdm_context A pointer to the SPDM context. 786 * @param session_info The session info of an SPDM session. 787 * @param hmac_data The HMAC data buffer. 788 * @param hmac_data_size Size in bytes of the HMAC data buffer. 789 * 790 * @retval true HMAC verification pass. 791 * @retval false HMAC verification fail. 792 **/ 793 bool libspdm_verify_finish_req_hmac(libspdm_context_t *spdm_context, 794 libspdm_session_info_t *session_info, 795 const uint8_t *hmac, size_t hmac_size); 796 797 #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP 798 /** 799 * This function verifies the finish signature based upon TH. 800 * 801 * @param spdm_context A pointer to the SPDM context. 802 * @param session_info The session info of an SPDM session. 803 * @param sign_data The signature data buffer. 804 * @param sign_data_size size in bytes of the signature data buffer. 805 * 806 * @retval true signature verification pass. 807 * @retval false signature verification fail. 808 **/ 809 bool libspdm_verify_finish_req_signature(libspdm_context_t *spdm_context, 810 libspdm_session_info_t *session_info, 811 const void *sign_data, 812 const size_t sign_data_size); 813 #endif 814 815 /** 816 * This function generates the finish HMAC based upon TH. 817 * 818 * @param spdm_context A pointer to the SPDM context. 819 * @param session_info The session info of an SPDM session. 820 * @param hmac The buffer to store the finish HMAC. 821 * 822 * @retval true finish HMAC is generated. 823 * @retval false finish HMAC is not generated. 824 **/ 825 bool libspdm_generate_finish_rsp_hmac(libspdm_context_t *spdm_context, 826 libspdm_session_info_t *session_info, 827 uint8_t *hmac); 828 829 /** 830 * This function generates the key exchange HMAC based upon TH. 831 * 832 * @param spdm_context A pointer to the SPDM context. 833 * @param session_info The session info of an SPDM session. 834 * @param hmac The buffer to store the key exchange HMAC. 835 * 836 * @retval true key exchange HMAC is generated. 837 * @retval false key exchange HMAC is not generated. 838 **/ 839 bool libspdm_generate_key_exchange_rsp_hmac(libspdm_context_t *spdm_context, 840 libspdm_session_info_t *session_info, 841 uint8_t *hmac); 842 843 /** 844 * This function generates the key exchange signature based upon TH. 845 * 846 * @param spdm_context A pointer to the SPDM context. 847 * @param session_info The session info of an SPDM session. 848 * @param signature The buffer to store the key exchange signature. 849 * 850 * @retval true key exchange signature is generated. 851 * @retval false key exchange signature is not generated. 852 **/ 853 bool libspdm_generate_key_exchange_rsp_signature(libspdm_context_t *spdm_context, 854 libspdm_session_info_t *session_info, 855 uint8_t *signature); 856 857 /** 858 * This function generates the measurement signature to response message based upon l1l2. 859 * If session_info is NULL, this function will use M cache of SPDM context, 860 * else will use M cache of SPDM session context. 861 * 862 * @param spdm_context A pointer to the SPDM context. 863 * @param session_info A pointer to the SPDM session context. 864 * @param signature The buffer to store the signature. 865 * 866 * @retval true measurement signature is generated. 867 * @retval false measurement signature is not generated. 868 **/ 869 bool libspdm_generate_measurement_signature(libspdm_context_t *spdm_context, 870 libspdm_session_info_t *session_info, 871 uint8_t *signature); 872 873 #endif /* SPDM_RESPONDER_LIB_INTERNAL_H */ 874