From nobody Thu Apr 2 17:17:47 2026 Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C446C345CAF for ; Wed, 11 Feb 2026 03:32:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770780759; cv=none; b=oELX2gE7fPlZYmwnHNf6BfCBwe1G968Hsp/nQrhRGxuu6IFh2rjEnMy5UahTyUB2VnSQ2ssEnvZ1tiX9p/7czBuGouuJ57dle14NMXLH7NYHG/v1Z2YmUx9ICd0I8icDcVr0lIqZhC2gt/hxj6ExFb0pwYaNmm+GYGXx925Y4ok= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770780759; c=relaxed/simple; bh=OHYeXBOEWikJ5tM3JO1c9NWGzCdzDjoaW7Gx9KKZKx4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qQZN730m3qMK3JthMMRCqlu4vL+HstLAfCwQnFCq6osVGgSGPK059qhdetT9PkiSS47PkZXnIO8CqHdr8bHb8DI8uZGTvGOEJAd0hLdg/iY3TGbDizQ/owUnPk/UZqN2jV2panI1tAMPGxQF+bcC64U5pIQ8lxKZEQXdwWLzX6k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=QIeZhnER; arc=none smtp.client-ip=209.85.210.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QIeZhnER" Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-81f4ba336b4so5140808b3a.1 for ; Tue, 10 Feb 2026 19:32:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770780756; x=1771385556; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gBL0ioZW+u5dvBBFyAK8qPVd1Z14bb+2hhlX3XvqGrU=; b=QIeZhnER28hP6UgNV0hd6NQ2DCUMiwDDCFWLkhFBo/rtbS2BwAs4ZUyNIfoie8IWHM WnQ6p/3EOoGOBRP1y4fE6WojiqnTGzp2obuD3dijZ5Nac++h0nt2IVAc/r8IGlnWoUZA iyRxMl/dhFKJ5P9ut7tOertyGtk0xh8+BstcP4eMwlTWuCNsA9RUgTdkREPPjoPTnrE1 TWFliBLObGijLuombhz9/On9T7fzzcLbcIlljr2vXRqln8BgD2UUyGSvgiwWnKTe5zf6 Zw3eF5f3XeraX2Iu3f60lfeH7LMclaM1SvPTz09VcM1BfbP6gAC+mbCn1dnvWc3DA1Eh ZfpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770780756; x=1771385556; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=gBL0ioZW+u5dvBBFyAK8qPVd1Z14bb+2hhlX3XvqGrU=; b=ltk+dhB1MKEwyqCvh+iSOe0LCL0rzdLnZctScCHqXZiGC5hfYfKpVyFTHc+xs9orUh 14nBGKi4I2t1BI/DgoYoENMvsSF9C6hzwoTCFuXF/aUN3eujHsnhSgnpImFnjRandbQj PPqMp0fkdcWRQKY+OzWjggE9OfYTVa/wJdizH2OC7QbPWlsrOJrPiRhachLLaC7A5e7+ f9gOsP2XzcAlNVZmK+PiFaXbsq3kN4dEoq3vdFJscE6Lul0EmqjdvO3cYC3JApme75JK 7/7xWJ/usr0yCFC27MC6wN765XV2+jMfMh0aJ4p9r4wHVD1s1HTGtL9LPlGSj4iLF7+O RdUg== X-Forwarded-Encrypted: i=1; AJvYcCVadwCXNLgqYwDgu6w7BtS3DyAvQR9c0nqCDpIlILXA9astppmAsi2QasiyeMk18X6AATQLc11rwIGCyP4=@vger.kernel.org X-Gm-Message-State: AOJu0YwGiK18m7NAO+N/FJJo2qU3fshUq25xVOHXKDz1LYRF1RNZz/0+ TvH8VWhcCb14QhMkb6F9yfFQT2VXmD4qRWOcroEV3VKsW6wqvVB2m4/t X-Gm-Gg: AZuq6aKFiJ3ukhjTAnVwmRRq9pPQOfFpGEq/wVaLaP5q66rzXTD8XiDIJd4mY6uDsYz wXgWMYcs/SmSOVjlQDsHUm0VbRlvSPZuMQpcXASknieRZsiRJP8lrI/UqHE7jOYXxT1NG4QvhAL PukckBPQgRgfD8JNZx/4QguQ0R3VPtTcwOn2HY2AvCDA1stSyhuTDy2e2FBSHj9F+VTESRQawh0 oeijJgn1IOv/KIhAJYAAnvreZKc2RAqF8j6QjkWFKJ3UFYkRB4FRqYoE0xnhnsiRkQP1Je8CWNc 584uCclpeU7bpT6Dv46MmbIPoMOV0M+6xtCxyG/QV4GuIZsY8vrBEfMKxfOYPgls2+u40UhAh5O TJe0jfNG4aMlFJy+rK52Rmk6SYq+kFUc1hq8PlcK+3Loy8Rrt7YLHPXNjG/jeI1VTflaizbu39V QRGQcL+8w3G9cCOs9YkWpaz9BDIoInm6KxHyfXZ4F1ZA== X-Received: by 2002:a05:6a20:cfa6:b0:366:14ac:e1ee with SMTP id adf61e73a8af0-394324a76d9mr666383637.64.1770780756092; Tue, 10 Feb 2026 19:32:36 -0800 (PST) Received: from toolbx.alistair23.me ([2403:581e:fdf9:0:6209:4521:6813:45b7]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-c6e197d63c9sm464856a12.20.2026.02.10.19.32.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Feb 2026 19:32:35 -0800 (PST) From: alistair23@gmail.com X-Google-Original-From: alistair.francis@wdc.com To: bhelgaas@google.com, lukas@wunner.de, rust-for-linux@vger.kernel.org, akpm@linux-foundation.org, linux-pci@vger.kernel.org, Jonathan.Cameron@huawei.com, linux-cxl@vger.kernel.org, linux-kernel@vger.kernel.org Cc: alex.gaynor@gmail.com, benno.lossin@proton.me, boqun.feng@gmail.com, a.hindborg@kernel.org, gary@garyguo.net, bjorn3_gh@protonmail.com, tmgross@umich.edu, alistair23@gmail.com, ojeda@kernel.org, wilfred.mallawa@wdc.com, aliceryhl@google.com, Alistair Francis Subject: [RFC v3 24/27] lib: rspdm: Support SPDM challenge Date: Wed, 11 Feb 2026 13:29:31 +1000 Message-ID: <20260211032935.2705841-25-alistair.francis@wdc.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20260211032935.2705841-1-alistair.francis@wdc.com> References: <20260211032935.2705841-1-alistair.francis@wdc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alistair Francis Support the CHALLENGE SPDM command. Signed-off-by: Alistair Francis --- lib/rspdm/consts.rs | 6 + lib/rspdm/lib.rs | 8 +- lib/rspdm/state.rs | 218 +++++++++++++++++++++++++++++++- lib/rspdm/validator.rs | 65 +++++++++- rust/bindings/bindings_helper.h | 1 + 5 files changed, 289 insertions(+), 9 deletions(-) diff --git a/lib/rspdm/consts.rs b/lib/rspdm/consts.rs index eaf2132da290..904d8272a1d0 100644 --- a/lib/rspdm/consts.rs +++ b/lib/rspdm/consts.rs @@ -176,6 +176,8 @@ fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core= ::fmt::Result { =20 pub(crate) const SPDM_GET_CERTIFICATE: u8 =3D 0x82; =20 +pub(crate) const SPDM_CHALLENGE: u8 =3D 0x83; + #[cfg(CONFIG_CRYPTO_RSA)] pub(crate) const SPDM_ASYM_RSA: u32 =3D SPDM_ASYM_RSASSA_2048 | SPDM_ASYM_RSASSA_3072 | SPDM_ASYM_RSASSA_4096; @@ -205,3 +207,7 @@ fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core= ::fmt::Result { // pub(crate) const SPDM_MAX_REQ_ALG_STRUCT: usize =3D 4; =20 pub(crate) const SPDM_OPAQUE_DATA_FMT_GENERAL: u8 =3D 1 << 1; + +pub(crate) const SPDM_PREFIX_SZ: usize =3D 64; +pub(crate) const SPDM_COMBINED_PREFIX_SZ: usize =3D 100; +pub(crate) const SPDM_MAX_OPAQUE_DATA: usize =3D 1024; diff --git a/lib/rspdm/lib.rs b/lib/rspdm/lib.rs index c016306116a3..05fa471bb1e2 100644 --- a/lib/rspdm/lib.rs +++ b/lib/rspdm/lib.rs @@ -136,17 +136,23 @@ provisioned_slots &=3D !(1 << slot); } =20 + let mut verify =3D true; let mut provisioned_slots =3D state.provisioned_slots; while (provisioned_slots as usize) > 0 { let slot =3D provisioned_slots.trailing_zeros() as u8; =20 if let Err(e) =3D state.validate_cert_chain(slot) { - return e.to_errno() as c_int; + pr_debug!("Certificate in slot {slot} failed to verify: {e:?}"= ); + verify =3D false; } =20 provisioned_slots &=3D !(1 << slot); } =20 + if let Err(e) =3D state.challenge(state.provisioned_slots.trailing_zer= os() as u8, verify) { + return e.to_errno() as c_int; + } + 0 } =20 diff --git a/lib/rspdm/state.rs b/lib/rspdm/state.rs index 728b920beace..a4d803af48fe 100644 --- a/lib/rspdm/state.rs +++ b/lib/rspdm/state.rs @@ -14,23 +14,27 @@ bindings, error::{code::EINVAL, from_err_ptr, to_result, Error}, str::CStr, + str::CString, validate::Untrusted, }; =20 use crate::consts::{ SpdmErrorCode, SPDM_ASYM_ALGOS, SPDM_ASYM_ECDSA_ECC_NIST_P256, SPDM_AS= YM_ECDSA_ECC_NIST_P384, SPDM_ASYM_ECDSA_ECC_NIST_P521, SPDM_ASYM_RSASSA_2048, SPDM_ASYM_RSASSA= _3072, - SPDM_ASYM_RSASSA_4096, SPDM_ERROR, SPDM_GET_VERSION_LEN, SPDM_HASH_ALG= OS, SPDM_HASH_SHA_256, - SPDM_HASH_SHA_384, SPDM_HASH_SHA_512, SPDM_KEY_EX_CAP, SPDM_MAX_VER, S= PDM_MEAS_CAP_MASK, - SPDM_MEAS_SPEC_DMTF, SPDM_MIN_DATA_TRANSFER_SIZE, SPDM_MIN_VER, SPDM_O= PAQUE_DATA_FMT_GENERAL, + SPDM_ASYM_RSASSA_4096, SPDM_COMBINED_PREFIX_SZ, SPDM_ERROR, SPDM_GET_V= ERSION_LEN, + SPDM_HASH_ALGOS, SPDM_HASH_SHA_256, SPDM_HASH_SHA_384, SPDM_HASH_SHA_5= 12, SPDM_KEY_EX_CAP, + SPDM_MAX_OPAQUE_DATA, SPDM_MAX_VER, SPDM_MEAS_CAP_MASK, SPDM_MEAS_SPEC= _DMTF, + SPDM_MIN_DATA_TRANSFER_SIZE, SPDM_MIN_VER, SPDM_OPAQUE_DATA_FMT_GENERA= L, SPDM_PREFIX_SZ, SPDM_REQ, SPDM_RSP_MIN_CAPS, SPDM_SLOTS, SPDM_VER_10, SPDM_VER_11, SPD= M_VER_12, }; use crate::validator::{ - GetCapabilitiesReq, GetCapabilitiesRsp, GetCertificateReq, GetCertific= ateRsp, GetDigestsReq, - GetDigestsRsp, GetVersionReq, GetVersionRsp, NegotiateAlgsReq, Negotia= teAlgsRsp, RegAlg, - SpdmErrorRsp, SpdmHeader, + ChallengeReq, ChallengeRsp, GetCapabilitiesReq, GetCapabilitiesRsp, Ge= tCertificateReq, + GetCertificateRsp, GetDigestsReq, GetDigestsRsp, GetVersionReq, GetVer= sionRsp, + NegotiateAlgsReq, NegotiateAlgsRsp, RegAlg, SpdmErrorRsp, SpdmHeader, }; =20 +const SPDM_CONTEXT: &str =3D "responder-challenge_auth signing"; + /// The current SPDM session state for a device. Based on the /// C `struct spdm_state`. /// @@ -78,6 +82,14 @@ /// @slot_sz: Certificate chain size (in bytes). /// @leaf_key: Public key portion of leaf certificate against which to che= ck /// responder's signatures. +/// @transcript: Concatenation of all SPDM messages exchanged during an +/// authentication or measurement sequence. Used to verify the signature, +/// as it is computed over the hashed transcript. +/// @next_nonce: Requester nonce to be used for the next authentication +/// sequence. Populated from user space through sysfs. +/// If user space does not provide a nonce, the kernel uses a random one. +/// +/// `authenticated`: Whether device was authenticated successfully. pub struct SpdmState { pub(crate) dev: *mut bindings::device, pub(crate) transport: bindings::spdm_transport, @@ -105,9 +117,15 @@ pub struct SpdmState { pub(crate) desc: Option<&'static mut bindings::shash_desc>, pub(crate) hash_len: usize, =20 + pub(crate) authenticated: bool, + // Certificates pub(crate) certs: [KVec; SPDM_SLOTS], pub(crate) leaf_key: Option<*mut bindings::public_key>, + + transcript: VVec, + + next_nonce: Option<&'static mut [u8]>, } =20 #[repr(C, packed)] @@ -147,8 +165,11 @@ pub(crate) fn new( shash: core::ptr::null_mut(), desc: None, hash_len: 0, + authenticated: false, certs: [const { KVec::new() }; SPDM_SLOTS], leaf_key: None, + transcript: VVec::new(), + next_nonce: None, } } =20 @@ -256,7 +277,7 @@ fn spdm_err(&self, rsp: &SpdmErrorRsp) -> Result<(), Er= ror> { /// The data in `request_buf` is sent to the device and the response is /// stored in `response_buf`. pub(crate) fn spdm_exchange( - &self, + &mut self, request_buf: &mut [u8], response_buf: &mut [u8], ) -> Result { @@ -264,6 +285,8 @@ pub(crate) fn spdm_exchange( let request: &mut SpdmHeader =3D Untrusted::new_mut(request_buf).v= alidate_mut()?; let response: &SpdmHeader =3D Untrusted::new_ref(response_buf).val= idate()?; =20 + self.transcript.extend_from_slice(request_buf, GFP_KERNEL)?; + let transport_function =3D self.transport.ok_or(EINVAL)?; // SAFETY: `transport_function` is provided by the new(), we are // calling the function. @@ -331,6 +354,12 @@ pub(crate) fn get_version(&mut self) -> Result<(), Err= or> { unsafe { response_vec.inc_len(rc as usize) }; =20 let response: &mut GetVersionRsp =3D Untrusted::new_mut(&mut respo= nse_vec).validate_mut()?; + let rsp_sz =3D core::mem::size_of::() + + 2 + + response.version_number_entry_count as usize * 2; + + self.transcript + .extend_from_slice(&response_vec[..rsp_sz], GFP_KERNEL)?; =20 let mut foundver =3D false; for i in 0..response.version_number_entry_count { @@ -395,6 +424,9 @@ pub(crate) fn get_capabilities(&mut self) -> Result<(),= Error> { let response: &mut GetCapabilitiesRsp =3D Untrusted::new_mut(&mut response_vec).validate_mut()?; =20 + self.transcript + .extend_from_slice(&response_vec[..rsp_sz], GFP_KERNEL)?; + self.rsp_caps =3D u32::from_le(response.flags); if (self.rsp_caps & SPDM_RSP_MIN_CAPS) !=3D SPDM_RSP_MIN_CAPS { to_result(-(bindings::EPROTONOSUPPORT as i32))?; @@ -533,6 +565,9 @@ pub(crate) fn negotiate_algs(&mut self) -> Result<(), E= rror> { let response: &mut NegotiateAlgsRsp =3D Untrusted::new_mut(&mut response_vec).validate_mut()?; =20 + self.transcript + .extend_from_slice(&response_vec, GFP_KERNEL)?; + self.base_asym_alg =3D response.base_asym_sel; self.base_hash_alg =3D response.base_hash_sel; self.meas_hash_alg =3D response.measurement_hash_algo; @@ -593,6 +628,10 @@ pub(crate) fn get_digests(&mut self) -> Result<(), Err= or> { unsafe { response_vec.inc_len(rc as usize) }; =20 let response: &mut GetDigestsRsp =3D Untrusted::new_mut(&mut respo= nse_vec).validate_mut()?; + let rsp_sz =3D core::mem::size_of::() + response.param= 2 as usize * self.hash_len; + + self.transcript + .extend_from_slice(&response_vec[..rsp_sz], GFP_KERNEL)?; =20 if rc < (core::mem::size_of::() @@ -654,6 +693,10 @@ fn get_cert_exchange( unsafe { response_vec.inc_len(rc as usize) }; =20 let response: &mut GetCertificateRsp =3D Untrusted::new_mut(respon= se_vec).validate_mut()?; + let rsp_sz =3D core::mem::size_of::() + 4 + response.p= ortion_length as usize; + + self.transcript + .extend_from_slice(&response_vec[..rsp_sz], GFP_KERNEL)?; =20 if rc < (core::mem::size_of::() + response.portio= n_length as usize) as i32 @@ -834,4 +877,165 @@ pub(crate) fn validate_cert_chain(&mut self, slot: u8= ) -> Result<(), Error> { =20 Ok(()) } + + pub(crate) fn challenge_rsp_len(&mut self, nonce_len: usize, opaque_le= n: usize) -> usize { + let mut length =3D + core::mem::size_of::() + self.hash_len + nonce_len= + opaque_len + 2; + + if self.version >=3D 0x13 { + length +=3D 8; + } + + length + self.sig_len + } + + fn verify_signature(&mut self, response_vec: &mut [u8]) -> Result<(), = Error> { + let sig_start =3D response_vec.len() - self.sig_len; + let mut sig =3D bindings::public_key_signature::default(); + let mut mhash: KVec =3D KVec::new(); + + sig.s =3D &mut response_vec[sig_start..] as *mut _ as *mut u8; + sig.s_size =3D self.sig_len as u32; + sig.encoding =3D self.base_asym_enc.as_ptr() as *const u8; + sig.hash_algo =3D self.base_hash_alg_name.as_ptr() as *const u8; + + let mut m: KVec =3D KVec::new(); + m.extend_with(SPDM_COMBINED_PREFIX_SZ + self.hash_len, 0, GFP_KERN= EL)?; + + if let Some(desc) =3D &mut self.desc { + desc.tfm =3D self.shash; + + unsafe { + to_result(bindings::crypto_shash_digest( + *desc, + self.transcript.as_ptr(), + (self.transcript.len() - self.sig_len) as u32, + m[SPDM_COMBINED_PREFIX_SZ..].as_mut_ptr(), + ))?; + }; + } else { + to_result(-(bindings::EPROTO as i32))?; + } + + if self.version <=3D 0x11 { + sig.m =3D m[SPDM_COMBINED_PREFIX_SZ..].as_mut_ptr(); + } else { + let major =3D self.version >> 4; + let minor =3D self.version & 0xF; + + let output =3D CString::try_from_fmt(fmt!("dmtf-spdm-v{major:x= }.{minor:x}.*dmtf-spdm-v{major:x}.{minor:x}.*dmtf-spdm-v{major:x}.{minor:x}= .*dmtf-spdm-v{major:x}.{minor:x}.*"))?; + let mut buf =3D output.into_vec(); + let zero_pad_len =3D SPDM_COMBINED_PREFIX_SZ - SPDM_PREFIX_SZ = - SPDM_CONTEXT.len() - 1; + + buf.extend_with(zero_pad_len, 0, GFP_KERNEL)?; + buf.extend_from_slice(SPDM_CONTEXT.as_bytes(), GFP_KERNEL)?; + + m[..SPDM_COMBINED_PREFIX_SZ].copy_from_slice(&buf); + + mhash.extend_with(self.hash_len, 0, GFP_KERNEL)?; + + if let Some(desc) =3D &mut self.desc { + desc.tfm =3D self.shash; + + unsafe { + to_result(bindings::crypto_shash_digest( + *desc, + m.as_ptr(), + m.len() as u32, + mhash.as_mut_ptr(), + ))?; + }; + } else { + to_result(-(bindings::EPROTO as i32))?; + } + + sig.m =3D mhash.as_mut_ptr(); + } + + sig.m_size =3D self.hash_len as u32; + + if let Some(leaf_key) =3D self.leaf_key { + unsafe { to_result(bindings::public_key_verify_signature(leaf_= key, &sig)) } + } else { + to_result(-(bindings::EPROTO as i32)) + } + } + + pub(crate) fn challenge(&mut self, slot: u8, verify: bool) -> Result<(= ), Error> { + let mut request =3D ChallengeReq::default(); + request.version =3D self.version; + request.param1 =3D slot; + + let nonce_len =3D request.nonce.len(); + + if let Some(nonce) =3D &self.next_nonce { + request.nonce.copy_from_slice(&nonce); + self.next_nonce =3D None; + } else { + unsafe { + bindings::get_random_bytes(&mut request.nonce as *mut _ as= *mut c_void, nonce_len) + }; + } + + let req_sz =3D if self.version <=3D 0x12 { + core::mem::size_of::() - 8 + } else { + core::mem::size_of::() + }; + + let rsp_sz =3D self.challenge_rsp_len(nonce_len, SPDM_MAX_OPAQUE_D= ATA); + + // SAFETY: `request` is repr(C) and packed, so we can convert it t= o a slice + let request_buf =3D unsafe { from_raw_parts_mut(&mut request as *m= ut _ as *mut u8, req_sz) }; + + let mut response_vec: KVec =3D KVec::with_capacity(rsp_sz, GFP= _KERNEL)?; + // SAFETY: `request` is repr(C) and packed, so we can convert it t= o a slice + let response_buf =3D unsafe { from_raw_parts_mut(response_vec.as_m= ut_ptr(), rsp_sz) }; + + let rc =3D self.spdm_exchange(request_buf, response_buf)?; + + if rc < (core::mem::size_of::() as i32) { + pr_err!("Truncated challenge response\n"); + to_result(-(bindings::EIO as i32))?; + } + + // SAFETY: `rc` is the length of data read, which will be smaller + // then the capacity of the vector + unsafe { response_vec.inc_len(rc as usize) }; + + let _response: &mut ChallengeRsp =3D Untrusted::new_mut(&mut respo= nse_vec).validate_mut()?; + + let opaque_len_offset =3D core::mem::size_of::() + sel= f.hash_len + nonce_len; + let opaque_len =3D u16::from_le_bytes( + response_vec[opaque_len_offset..(opaque_len_offset + 2)] + .try_into() + .unwrap_or([0, 0]), + ); + + let rsp_sz =3D self.challenge_rsp_len(nonce_len, opaque_len as usi= ze); + + if rc < rsp_sz as i32 { + pr_err!("Truncated challenge response\n"); + to_result(-(bindings::EIO as i32))?; + } + + self.transcript + .extend_from_slice(&response_vec[..rsp_sz], GFP_KERNEL)?; + + if verify { + /* Verify signature at end of transcript against leaf key */ + match self.verify_signature(&mut response_vec[..rsp_sz]) { + Ok(()) =3D> { + pr_info!("Authenticated with certificate slot {slot}"); + self.authenticated =3D true; + } + Err(e) =3D> { + pr_err!("Cannot verify challenge_auth signature: {e:?}= "); + self.authenticated =3D false; + } + }; + } + + Ok(()) + } } diff --git a/lib/rspdm/validator.rs b/lib/rspdm/validator.rs index a8bc3378676f..f8a5337841f0 100644 --- a/lib/rspdm/validator.rs +++ b/lib/rspdm/validator.rs @@ -17,7 +17,7 @@ }; =20 use crate::consts::{ - SPDM_ASYM_ALGOS, SPDM_CTEXPONENT, SPDM_GET_CAPABILITIES, SPDM_GET_CERT= IFICATE, + SPDM_ASYM_ALGOS, SPDM_CHALLENGE, SPDM_CTEXPONENT, SPDM_GET_CAPABILITIE= S, SPDM_GET_CERTIFICATE, SPDM_GET_DIGESTS, SPDM_GET_VERSION, SPDM_HASH_ALGOS, SPDM_MEAS_SPEC_DM= TF, SPDM_NEGOTIATE_ALGS, SPDM_REQ_CAPS, }; @@ -424,3 +424,66 @@ fn validate(unvalidated: &mut Unvalidated>) -= > Result Ok(rsp) } } + +#[repr(C, packed)] +pub(crate) struct ChallengeReq { + pub(crate) version: u8, + pub(crate) code: u8, + pub(crate) param1: u8, + pub(crate) param2: u8, + + pub(crate) nonce: [u8; 32], + pub(crate) context: [u8; 8], +} + +impl Default for ChallengeReq { + fn default() -> Self { + ChallengeReq { + version: 0, + code: SPDM_CHALLENGE, + param1: 0, + param2: 0, + nonce: [0; 32], + context: [0; 8], + } + } +} + +#[repr(C, packed)] +pub(crate) struct ChallengeRsp { + pub(crate) version: u8, + pub(crate) code: u8, + pub(crate) param1: u8, + pub(crate) param2: u8, + + pub(crate) cert_chain_hash: __IncompleteArrayField, + pub(crate) nonce: [u8; 32], + pub(crate) message_summary_hash: __IncompleteArrayField, + + pub(crate) opaque_data_len: u16, + pub(crate) opaque_data: __IncompleteArrayField, + + pub(crate) context: [u8; 8], + pub(crate) signature: __IncompleteArrayField, +} + +impl Validate<&mut Unvalidated>> for &mut ChallengeRsp { + type Err =3D Error; + + fn validate(unvalidated: &mut Unvalidated>) -> Result { + let raw =3D unvalidated.raw_mut(); + if raw.len() < mem::size_of::() { + return Err(EINVAL); + } + + let ptr =3D raw.as_mut_ptr(); + // CAST: `ChallengeRsp` only contains integers and has `repr(C)`. + let ptr =3D ptr.cast::(); + // SAFETY: `ptr` came from a reference and the cast above is valid. + let rsp: &mut ChallengeRsp =3D unsafe { &mut *ptr }; + + // rsp.opaque_data_len =3D rsp.opaque_data_len.to_le(); + + Ok(rsp) + } +} diff --git a/rust/bindings/bindings_helper.h b/rust/bindings/bindings_helpe= r.h index 52ad3e98e036..35e4378fb9dc 100644 --- a/rust/bindings/bindings_helper.h +++ b/rust/bindings/bindings_helper.h @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include --=20 2.52.0