Skip to content

Commit

Permalink
forbid PUB_KEY_ID with GET_KEY_PAIR_INFO or SET_KEY_PAIR_INFO
Browse files Browse the repository at this point in the history 
Signed-off-by: Jiewen Yao <[email protected]>
  • Loading branch information
@jyao1
jyao1 committed Dec 13, 2023
1 parent 9c0deab commit 93cd9b2
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions library/spdm_requester_lib/libspdm_req_get_capabilities.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ static bool validate_responder_capability(uint32_t capabilities_flag, uint8_t ve
const uint8_t event_cap = (uint8_t)(capabilities_flag >> 25) & 0x01;
const uint8_t multi_key_cap = (uint8_t)(capabilities_flag >> 26) & 0x03;
const uint8_t get_key_pair_info_cap = (uint8_t)(capabilities_flag >> 28) & 0x01;
/* const uint8_t set_key_pair_info_cap = (uint8_t)(capabilities_flag >> 29) & 0x01; */
const uint8_t set_key_pair_info_cap = (uint8_t)(capabilities_flag >> 29) & 0x01;

/* Checks common to all SPDM versions. */

Expand Down Expand Up @@ -164,8 +164,11 @@ static bool validate_responder_capability(uint32_t capabilities_flag, uint8_t ve
return false;
}
/* check multi-key and pub_key_id */
if ((multi_key_cap != 0) && (pub_key_id_cap == 1)) {
return false;
if (pub_key_id_cap == 1) {
if ((multi_key_cap != 0) || (get_key_pair_info_cap == 1) ||
(set_key_pair_info_cap == 1)) {
return false;
}
}
}

Expand Down

0 comments on commit 93cd9b2

Please sign in to comment.