Add 1.3 Encap CERT

Signed-off-by: Jiewen Yao <[email protected]>
DMTF · Nov 30, 2023 · bd37ac8 · bd37ac8
1 parent d4911d6
commit bd37ac8
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/library/spdm_requester_lib/libspdm_req_encap_certificate.c b/library/spdm_requester_lib/libspdm_req_encap_certificate.c
@@ -71,6 +71,15 @@ libspdm_return_t libspdm_get_encap_response_certificate(void *spdm_context,
 
     offset = spdm_request->offset;
     length = spdm_request->length;
+
+    if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        if (spdm_request->header.param2 &
+            SPDM_GET_CERTIFICATE_REQUEST_ATTRIBUTES_SLOT_SIZE_REQUESTED) {
+            offset = 0;
+            length = 0;
+        }
+    }
+
     if (length > LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN) {
         length = LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN;
     }
@@ -107,6 +116,10 @@ libspdm_return_t libspdm_get_encap_response_certificate(void *spdm_context,
     spdm_response->header.request_response_code = SPDM_CERTIFICATE;
     spdm_response->header.param1 = slot_id;
     spdm_response->header.param2 = 0;
+    if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        spdm_response->header.param2 = context->local_context.local_cert_info[slot_id];
+    }
+
     spdm_response->portion_length = length;
     spdm_response->remainder_length = (uint16_t)remainder_length;
     libspdm_copy_mem(spdm_response + 1,

diff --git a/library/spdm_responder_lib/libspdm_rsp_encap_get_certificate.c b/library/spdm_responder_lib/libspdm_rsp_encap_get_certificate.c
@@ -118,9 +118,30 @@ libspdm_return_t libspdm_process_encap_response_certificate(
                request_offset + spdm_response->portion_length + spdm_response->remainder_length) {
         return LIBSPDM_STATUS_INVALID_MSG_FIELD;
     }
-    if (spdm_response->header.param1 != spdm_context->encap_context.req_slot_id) {
+    slot_id = spdm_context->encap_context.req_slot_id;
+    if ((spdm_response->header.param1 & SPDM_CERTIFICATE_RESPONSE_SLOT_ID_MASK) != slot_id) {
         return LIBSPDM_STATUS_INVALID_MSG_FIELD;
     }
+    if (spdm_response->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cert_info - 0x%02x\n",
+                       spdm_response->header.param2));
+        if ((spdm_response->header.param2 &
+             SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK) ==
+             SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE) {
+            return LIBSPDM_STATUS_INVALID_MSG_FIELD;
+        }
+        if (spdm_context->connection_info.peer_cert_info[slot_id] ==
+            SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE) {
+            spdm_context->connection_info.peer_cert_info[slot_id] =
+                (spdm_response->header.param2 &
+                 SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK);
+        } else if (spdm_context->connection_info.peer_cert_info[slot_id] !=
+                   (spdm_response->header.param2 &
+                    SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK)) {
+            return LIBSPDM_STATUS_INVALID_MSG_FIELD;
+        }
+    }
+
     if (spdm_response_size < sizeof(spdm_certificate_response_t) + spdm_response->portion_length) {
         return LIBSPDM_STATUS_INVALID_MSG_SIZE;
     }