Add 1.3 GET_CERT handling

jyao1 · jyao1 · commit d4911d61e74c · 2023-11-30T15:52:08.000+08:00
Signed-off-by: Jiewen Yao &lt;jiewen.yao@intel.com&gt;
diff --git a/library/spdm_requester_lib/libspdm_req_get_certificate.c b/library/spdm_requester_lib/libspdm_req_get_certificate.c
@@ -229,6 +229,29 @@ static libspdm_return_t libspdm_try_get_certificate(libspdm_context_t *spdm_cont
             status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
             goto done;
         }
+        if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+            LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cert_info - 0x%02x\n",
+                           spdm_response->header.param2));
+            if ((spdm_response->header.param2 &
+                 SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK) ==
+                SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE) {
+                libspdm_release_receiver_buffer (spdm_context);
+                status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
+                goto done;
+            }
+            if (spdm_context->connection_info.peer_cert_info[slot_id] ==
+                SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE) {
+                spdm_context->connection_info.peer_cert_info[slot_id] =
+                    (spdm_response->header.param2 &
+                     SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK);
+            } else if (spdm_context->connection_info.peer_cert_info[slot_id] !=
+                       (spdm_response->header.param2 &
+                        SPDM_CERTIFICATE_RESPONSE_ATTRIBUTES_CERTIFICATE_INFO_MASK)) {
+                libspdm_release_receiver_buffer (spdm_context);
+                status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
+                goto done;
+            }
+        }
         if (spdm_response_size < sizeof(spdm_certificate_response_t) +
             spdm_response->portion_length) {
             libspdm_release_receiver_buffer (spdm_context);
diff --git a/library/spdm_responder_lib/libspdm_rsp_certificate.c b/library/spdm_responder_lib/libspdm_rsp_certificate.c
@@ -96,6 +96,14 @@ libspdm_return_t libspdm_get_response_certificate(libspdm_context_t *spdm_contex
     offset = spdm_request->offset;
     length = spdm_request->length;
 
+    if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        if (spdm_request->header.param2 &
+            SPDM_GET_CERTIFICATE_REQUEST_ATTRIBUTES_SLOT_SIZE_REQUESTED) {
+            offset = 0;
+            length = 0;
+        }
+    }
+
     if (offset >= spdm_context->local_context.local_cert_chain_provision_size[slot_id]) {
         return libspdm_generate_error_response(spdm_context,
                                                SPDM_ERROR_CODE_INVALID_REQUEST, 0,
@@ -130,6 +138,10 @@ libspdm_return_t libspdm_get_response_certificate(libspdm_context_t *spdm_contex
     spdm_response->header.request_response_code = SPDM_CERTIFICATE;
     spdm_response->header.param1 = slot_id;
     spdm_response->header.param2 = 0;
+    if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        spdm_response->header.param2 = spdm_context->local_context.local_cert_info[slot_id];
+    }
+
     spdm_response->portion_length = length;
     spdm_response->remainder_length = (uint16_t)remainder_length;
 
