Skip to content

Commit 2312ef6

Browse files
steven-bellockjyao1
steven-bellock
authored and
jyao1
committed
Pass request Context field to Integrator
Fix #3308. Signed-off-by: Steven Bellock <[email protected]>
1 parent c616787 commit 2312ef6

File tree

11 files changed

+144
-7
lines changed

11 files changed

+144
-7
lines changed

include/hal/library/requester/reqasymsignlib.h

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,10 @@ extern bool libspdm_requester_data_sign(
4848
* @param spdm_context A pointer to the SPDM context.
4949
* @param spdm_version Indicates the negotiated version.
5050
*
51-
* @param slot_id The number of slot for the certificate chain.
51+
* @param slot_id The number of slot for the certificate chain.
52+
* @param request_context_size The size, in bytes, of request_context.
53+
* @param request_context If spdm_version is greater than 1.2, then it is a pointer to the
54+
* Context field in the request message, else it is NULL and ignored.
5255
*
5356
* @param measurement_summary_hash The measurement summary hash.
5457
* @param measurement_summary_hash_size The size of measurement summary hash.
@@ -65,6 +68,8 @@ extern bool libspdm_encap_challenge_opaque_data(
6568
void *spdm_context,
6669
spdm_version_number_t spdm_version,
6770
uint8_t slot_id,
71+
size_t request_context_size,
72+
const void *request_context,
6873
uint8_t *measurement_summary_hash,
6974
size_t measurement_summary_hash_size,
7075
void *opaque_data,

include/hal/library/responder/asymsignlib.h

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,10 @@
1919
* @param spdm_context A pointer to the SPDM context.
2020
* @param spdm_version Indicates the negotiated version.
2121
*
22-
* @param slot_id The number of slot for the certificate chain.
22+
* @param slot_id The number of slot for the certificate chain.
23+
* @param request_context_size The size, in bytes, of request_context.
24+
* @param request_context If spdm_version is greater than 1.2, then it is a pointer to the
25+
* Context field in the request message, else it is NULL and ignore
2326
*
2427
* @param measurement_summary_hash The measurement summary hash.
2528
* @param measurement_summary_hash_size The size of measurement summary hash.
@@ -36,6 +39,8 @@ extern bool libspdm_challenge_opaque_data(
3639
void *spdm_context,
3740
spdm_version_number_t spdm_version,
3841
uint8_t slot_id,
42+
size_t request_context_size,
43+
const void *request_context,
3944
uint8_t *measurement_summary_hash,
4045
size_t measurement_summary_hash_size,
4146
void *opaque_data,

include/hal/library/responder/measlib.h

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,10 @@
4545
*
4646
* @param request_attribute A bitmask who fields are SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_*.
4747
*
48+
* @param request_context_size The size, in bytes, of request_context.
49+
* @param request_context If spdm_version is greater than 1.2, then it is a pointer to the
50+
* Context field in the request message, else it is NULL and ignore
51+
*
4852
* @param measurements_count
4953
* When "measurement_index" is zero, returns the total count of
5054
* measurements available for the device. None of the actual measurements are
@@ -72,6 +76,8 @@ extern libspdm_return_t libspdm_measurement_collection(
7276
uint32_t measurement_hash_algo,
7377
uint8_t measurement_index,
7478
uint8_t request_attribute,
79+
size_t request_context_size,
80+
const void *request_context,
7581
uint8_t *content_changed,
7682
uint8_t *measurements_count,
7783
void *measurements,
@@ -96,6 +102,10 @@ extern libspdm_return_t libspdm_measurement_collection(
96102
*
97103
* @param request_attribute A bitmask who fields are SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_*.
98104
*
105+
* @param request_context_size The size, in bytes, of request_context.
106+
* @param request_context If spdm_version is greater than 1.2, then it is a pointer to the
107+
* Context field in the request message, else it is NULL and ignore
108+
*
99109
* @param opaque_data
100110
* A pointer to a destination buffer whose size, in bytes, is opaque_data_size. The opaque data is
101111
* copied to this buffer.
@@ -111,6 +121,8 @@ extern bool libspdm_measurement_opaque_data(
111121
uint32_t measurement_hash_algo,
112122
uint8_t measurement_index,
113123
uint8_t request_attribute,
124+
size_t request_context_size,
125+
const void *request_context,
114126
void *opaque_data,
115127
size_t *opaque_data_size);
116128

library/spdm_requester_lib/libspdm_req_encap_challenge_auth.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,8 @@ libspdm_return_t libspdm_get_encap_response_challenge_auth(
2626
uint8_t auth_attribute;
2727
libspdm_return_t status;
2828
uint8_t slot_mask;
29+
size_t request_context_size;
30+
const void *request_context;
2931
uint8_t *opaque_data;
3032
size_t opaque_data_size;
3133
size_t spdm_request_size;
@@ -114,6 +116,14 @@ libspdm_return_t libspdm_get_encap_response_challenge_auth(
114116
SPDM_NONCE_SIZE + measurement_summary_hash_size + sizeof(uint16_t) +
115117
SPDM_REQ_CONTEXT_SIZE + signature_size);
116118

119+
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
120+
request_context_size = SPDM_REQ_CONTEXT_SIZE;
121+
request_context = spdm_request + 1;
122+
} else {
123+
request_context_size = 0;
124+
request_context = NULL;
125+
}
126+
117127
libspdm_zero_mem(response, *response_size);
118128
spdm_response = response;
119129

@@ -167,6 +177,8 @@ libspdm_return_t libspdm_get_encap_response_challenge_auth(
167177
spdm_context,
168178
context->connection_info.version,
169179
slot_id,
180+
request_context_size,
181+
request_context,
170182
measurement_summary_hash, measurement_summary_hash_size,
171183
opaque_data, &opaque_data_size);
172184
if (!result) {

library/spdm_responder_lib/libspdm_rsp_challenge_auth.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ libspdm_return_t libspdm_get_response_challenge_auth(libspdm_context_t *spdm_con
3030
uint8_t slot_mask;
3131
uint8_t *opaque_data;
3232
size_t opaque_data_size;
33+
size_t request_context_size;
34+
const void *request_context;
3335
size_t spdm_response_size;
3436

3537
spdm_request = request;
@@ -141,6 +143,14 @@ libspdm_return_t libspdm_get_response_challenge_auth(libspdm_context_t *spdm_con
141143
0, response_size, response);
142144
}
143145

146+
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
147+
request_context_size = SPDM_REQ_CONTEXT_SIZE;
148+
request_context = spdm_request + 1;
149+
} else {
150+
request_context_size = 0;
151+
request_context = NULL;
152+
}
153+
144154
/* response_size should be large enough to hold a challenge response without opaque data. */
145155
LIBSPDM_ASSERT(*response_size >= sizeof(spdm_challenge_auth_response_t) + hash_size +
146156
SPDM_NONCE_SIZE + measurement_summary_hash_size + sizeof(uint16_t) +
@@ -265,6 +275,8 @@ libspdm_return_t libspdm_get_response_challenge_auth(libspdm_context_t *spdm_con
265275
spdm_context,
266276
spdm_context->connection_info.version,
267277
slot_id,
278+
request_context_size,
279+
request_context,
268280
measurement_summary_hash, measurement_summary_hash_size,
269281
opaque_data, &opaque_data_size);
270282
if (!result) {

library/spdm_responder_lib/libspdm_rsp_measurements.c

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,8 @@ libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_conte
8787
libspdm_session_state_t session_state;
8888
uint8_t content_changed;
8989
uint8_t *fill_response_ptr;
90+
size_t request_context_size;
91+
const void *request_context;
9092

9193
spdm_request = request;
9294

@@ -229,6 +231,19 @@ libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_conte
229231
}
230232
}
231233

234+
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
235+
request_context_size = SPDM_REQ_CONTEXT_SIZE;
236+
237+
if ((spdm_request->header.param1 &
238+
SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_GENERATE_SIGNATURE) == 0) {
239+
request_context = (const uint8_t *)spdm_request + sizeof(spdm_message_header_t);
240+
} else {
241+
request_context = spdm_request + 1;
242+
}
243+
} else {
244+
request_context_size = 0;
245+
request_context = NULL;
246+
}
232247

233248
/* response_size should be large enough to hold a MEASUREMENTS response without
234249
* measurements or opaque data. */
@@ -253,6 +268,8 @@ libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_conte
253268
spdm_context->connection_info.algorithm.measurement_hash_algo,
254269
measurements_index,
255270
spdm_request->header.param1,
271+
request_context_size,
272+
request_context,
256273
&content_changed,
257274
&measurements_count,
258275
measurements,
@@ -299,6 +316,8 @@ libspdm_return_t libspdm_get_response_measurements(libspdm_context_t *spdm_conte
299316
spdm_context->connection_info.algorithm.measurement_hash_algo,
300317
measurements_index,
301318
spdm_request->header.param1,
319+
request_context_size,
320+
request_context,
302321
opaque_data,
303322
&opaque_data_size);
304323

os_stub/spdm_device_secret_lib_null/lib.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,8 @@ libspdm_return_t libspdm_measurement_collection(
2626
uint32_t measurement_hash_algo,
2727
uint8_t measurements_index,
2828
uint8_t request_attribute,
29+
size_t request_context_size,
30+
const void *request_context,
2931
uint8_t *content_changed,
3032
uint8_t *device_measurement_count,
3133
void *device_measurement,
@@ -41,6 +43,8 @@ bool libspdm_measurement_opaque_data(
4143
uint32_t measurement_hash_algo,
4244
uint8_t measurement_index,
4345
uint8_t request_attribute,
46+
size_t request_context_size,
47+
const void *request_context,
4448
void *opaque_data,
4549
size_t *opaque_data_size)
4650
{
@@ -66,6 +70,8 @@ bool libspdm_challenge_opaque_data(
6670
void *spdm_context,
6771
spdm_version_number_t spdm_version,
6872
uint8_t slot_id,
73+
size_t request_context_size,
74+
const void *request_context,
6975
uint8_t *measurement_summary_hash,
7076
size_t measurement_summary_hash_size,
7177
void *opaque_data,
@@ -80,6 +86,8 @@ bool libspdm_encap_challenge_opaque_data(
8086
void *spdm_context,
8187
spdm_version_number_t spdm_version,
8288
uint8_t slot_id,
89+
size_t request_context_size,
90+
const void *request_context,
8391
uint8_t *measurement_summary_hash,
8492
size_t measurement_summary_hash_size,
8593
void *opaque_data,

os_stub/spdm_device_secret_lib_sample/chal.c

Lines changed: 27 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/**
22
* Copyright Notice:
3-
* Copyright 2024 DMTF. All rights reserved.
3+
* Copyright 2024-2025 DMTF. All rights reserved.
44
* License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
55
**/
66

@@ -20,11 +20,15 @@
2020

2121
#if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP
2222
size_t libspdm_secret_lib_challenge_opaque_data_size;
23+
bool g_check_challenge_request_context = false;
24+
uint64_t g_challenge_request_context;
2325

2426
bool libspdm_challenge_opaque_data(
2527
void *spdm_context,
2628
spdm_version_number_t spdm_version,
2729
uint8_t slot_id,
30+
size_t request_context_size,
31+
const void *request_context,
2832
uint8_t *measurement_summary_hash,
2933
size_t measurement_summary_hash_size,
3034
void *opaque_data,
@@ -34,6 +38,16 @@ bool libspdm_challenge_opaque_data(
3438

3539
LIBSPDM_ASSERT(libspdm_secret_lib_challenge_opaque_data_size <= *opaque_data_size);
3640

41+
if (g_check_challenge_request_context) {
42+
if ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SPDM_MESSAGE_VERSION_13) {
43+
LIBSPDM_ASSERT(request_context_size == SPDM_REQ_CONTEXT_SIZE);
44+
LIBSPDM_ASSERT(libspdm_read_uint64(request_context) == g_challenge_request_context);
45+
} else {
46+
LIBSPDM_ASSERT(request_context_size == 0);
47+
LIBSPDM_ASSERT(request_context == NULL);
48+
}
49+
}
50+
3751
*opaque_data_size = libspdm_secret_lib_challenge_opaque_data_size;
3852

3953
for (index = 0; index < *opaque_data_size; index++)
@@ -43,13 +57,13 @@ bool libspdm_challenge_opaque_data(
4357

4458
return true;
4559
}
46-
#endif /* LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */
4760

48-
#if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP
4961
bool libspdm_encap_challenge_opaque_data(
5062
void *spdm_context,
5163
spdm_version_number_t spdm_version,
5264
uint8_t slot_id,
65+
size_t request_context_size,
66+
const void *request_context,
5367
uint8_t *measurement_summary_hash,
5468
size_t measurement_summary_hash_size,
5569
void *opaque_data,
@@ -59,6 +73,16 @@ bool libspdm_encap_challenge_opaque_data(
5973

6074
LIBSPDM_ASSERT(libspdm_secret_lib_challenge_opaque_data_size <= *opaque_data_size);
6175

76+
if (g_check_challenge_request_context) {
77+
if ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SPDM_MESSAGE_VERSION_13) {
78+
LIBSPDM_ASSERT(request_context_size == SPDM_REQ_CONTEXT_SIZE);
79+
LIBSPDM_ASSERT(libspdm_read_uint64(request_context) == g_challenge_request_context);
80+
} else {
81+
LIBSPDM_ASSERT(request_context_size == 0);
82+
LIBSPDM_ASSERT(request_context == NULL);
83+
}
84+
}
85+
6286
*opaque_data_size = libspdm_secret_lib_challenge_opaque_data_size;
6387

6488
for (index = 0; index < *opaque_data_size; index++)

os_stub/spdm_device_secret_lib_sample/meas.c

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -377,13 +377,18 @@ size_t libspdm_fill_measurement_device_mode_block (
377377
return sizeof(spdm_measurement_block_dmtf_t) + sizeof(device_mode);
378378
}
379379

380+
bool g_check_measurement_request_context = false;
381+
uint64_t g_measurement_request_context;
382+
380383
libspdm_return_t libspdm_measurement_collection(
381384
void *spdm_context,
382385
spdm_version_number_t spdm_version,
383386
uint8_t measurement_specification,
384387
uint32_t measurement_hash_algo,
385388
uint8_t measurements_index,
386389
uint8_t request_attribute,
390+
size_t request_context_size,
391+
const void *request_context,
387392
uint8_t *content_changed,
388393
uint8_t *measurements_count,
389394
void *measurements,
@@ -396,12 +401,21 @@ libspdm_return_t libspdm_measurement_collection(
396401
bool use_bit_stream;
397402
size_t measurement_block_size;
398403

399-
if ((measurement_specification !=
400-
SPDM_MEASUREMENT_SPECIFICATION_DMTF) ||
404+
if ((measurement_specification != SPDM_MEASUREMENT_SPECIFICATION_DMTF) ||
401405
(measurement_hash_algo == 0)) {
402406
return LIBSPDM_STATUS_UNSUPPORTED_CAP;
403407
}
404408

409+
if (g_check_measurement_request_context) {
410+
if ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SPDM_MESSAGE_VERSION_13) {
411+
LIBSPDM_ASSERT(request_context_size == SPDM_REQ_CONTEXT_SIZE);
412+
LIBSPDM_ASSERT(libspdm_read_uint64(request_context) == g_measurement_request_context);
413+
} else {
414+
LIBSPDM_ASSERT(request_context_size == 0);
415+
LIBSPDM_ASSERT(request_context == NULL);
416+
}
417+
}
418+
405419
hash_size = libspdm_get_measurement_hash_size(measurement_hash_algo);
406420
LIBSPDM_ASSERT(hash_size != 0);
407421

@@ -615,13 +629,25 @@ bool libspdm_measurement_opaque_data(
615629
uint32_t measurement_hash_algo,
616630
uint8_t measurement_index,
617631
uint8_t request_attribute,
632+
size_t request_context_size,
633+
const void *request_context,
618634
void *opaque_data,
619635
size_t *opaque_data_size)
620636
{
621637
size_t index;
622638

623639
LIBSPDM_ASSERT(libspdm_secret_lib_meas_opaque_data_size <= *opaque_data_size);
624640

641+
if (g_check_measurement_request_context) {
642+
if ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SPDM_MESSAGE_VERSION_13) {
643+
LIBSPDM_ASSERT(request_context_size == SPDM_REQ_CONTEXT_SIZE);
644+
LIBSPDM_ASSERT(libspdm_read_uint64(request_context) == g_measurement_request_context);
645+
} else {
646+
LIBSPDM_ASSERT(request_context_size == 0);
647+
LIBSPDM_ASSERT(request_context == NULL);
648+
}
649+
}
650+
625651
*opaque_data_size = libspdm_secret_lib_meas_opaque_data_size;
626652

627653
for (index = 0; index < *opaque_data_size; index++)
@@ -669,6 +695,8 @@ bool libspdm_generate_measurement_summary_hash(
669695
measurement_hash_algo,
670696
0xFF, /* Get all measurements*/
671697
0,
698+
0,
699+
NULL,
672700
NULL,
673701
&device_measurement_count, device_measurement,
674702
&device_measurement_size);

0 commit comments

Comments
 (0)