From 499bb05cdfb8ae9a9c6cecfc0d900d1891a69657 Mon Sep 17 00:00:00 2001
From: Steven Bellock <sbellock@nvidia.com>
Date: Sun, 12 Jan 2025 16:39:33 -0800
Subject: [PATCH] Add algorithm masks and helper functions

These helper functions will be used to mask algorithms based on the negotiated SPDM version.

Signed-off-by: Steven Bellock <sbellock@nvidia.com>
---
 include/industry_standard/spdm.h              | 25 ++++++
 library/spdm_common_lib/libspdm_com_support.c | 85 ++++++++++++++++++-
 2 files changed, 109 insertions(+), 1 deletion(-)

diff --git a/include/industry_standard/spdm.h b/include/industry_standard/spdm.h
index 9148bb93ca4..bdf94e53cc5 100644
--- a/include/industry_standard/spdm.h
+++ b/include/industry_standard/spdm.h
@@ -348,6 +348,15 @@ typedef struct {
 #define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_REQ_BASE_ASYM_ALG 4
 #define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_KEY_SCHEDULE 5
 
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_DHE_11_MASK 0x003f
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_AEAD_11_MASK 0x0007
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_REQ_BASE_ASYM_ALG_11_MASK 0x01ff
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_KEY_SCHEDULE_11_MASK 0x0001
+
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_DHE_12_MASK 0x007f
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_AEAD_12_MASK 0x000f
+#define SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_REQ_BASE_ASYM_ALG_12_MASK 0x0fff
+
 typedef struct {
     uint8_t alg_type;
     uint8_t alg_count;
@@ -366,11 +375,15 @@ typedef struct {
 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384 0x00000080
 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521 0x00000100
 
+#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_10_MASK 0x000001FF
+
 /* SPDM NEGOTIATE_ALGORITHMS request base_asym_algo/REQ_BASE_ASYM_ALG (1.2) */
 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_SM2_ECC_SM2_P256 0x00000200
 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_EDDSA_ED25519 0x00000400
 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_EDDSA_ED448 0x00000800
 
+#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_12_MASK 0x00000FFF
+
 /* SPDM NEGOTIATE_ALGORITHMS request base_hash_algo */
 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256 0x00000001
 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384 0x00000002
@@ -379,9 +392,13 @@ typedef struct {
 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384 0x00000010
 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512 0x00000020
 
+#define SPDM_ALGORITHMS_BASE_HASH_ALGO_10_MASK 0x0000003F
+
 /* SPDM NEGOTIATE_ALGORITHMS request base_hash_algo (1.2) */
 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SM3_256 0x00000040
 
+#define SPDM_ALGORITHMS_BASE_HASH_ALGO_12_MASK 0x0000007F
+
 /* SPDM NEGOTIATE_ALGORITHMS request DHE */
 #define SPDM_ALGORITHMS_DHE_NAMED_GROUP_FFDHE_2048 0x00000001
 #define SPDM_ALGORITHMS_DHE_NAMED_GROUP_FFDHE_3072 0x00000002
@@ -442,9 +459,13 @@ typedef struct {
 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384 0x00000020
 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512 0x00000040
 
+#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_10_MASK 0x0000007F
+
 /* SPDM NEGOTIATE_ALGORITHMS response measurement_hash_algo (1.2) */
 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SM3_256 0x00000080
 
+#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_12_MASK 0x000000FF
+
 /* SPDM Opaque Data Format (1.2) */
 #define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_NONE 0x0
 #define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_0 0x1
@@ -715,6 +736,8 @@ typedef struct {
 
 #define SPDM_MEASUREMENT_SPECIFICATION_DMTF 0x01
 
+#define SPDM_MEASUREMENT_SPECIFICATION_10_MASK 0x01
+
 /* SPDM MEASUREMENTS block DMTF header */
 typedef struct {
     uint8_t dmtf_spec_measurement_value_type;
@@ -813,6 +836,8 @@ typedef struct {
 
 #define SPDM_MEL_SPECIFICATION_DMTF 0x01
 
+#define SPDM_MEL_SPECIFICATION_13_MASK 0x01
+
 /* SPDM ERROR response */
 typedef struct {
     spdm_message_header_t header;
diff --git a/library/spdm_common_lib/libspdm_com_support.c b/library/spdm_common_lib/libspdm_com_support.c
index 5ff191400ce..992557cc360 100644
--- a/library/spdm_common_lib/libspdm_com_support.c
+++ b/library/spdm_common_lib/libspdm_com_support.c
@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2024 DMTF. All rights reserved.
+ *  Copyright 2021-2025 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -374,3 +374,86 @@ uint32_t libspdm_mask_capability_flags(libspdm_context_t *spdm_context,
         return 0;
     }
 }
+
+uint32_t libspdm_mask_base_hash_algo(libspdm_context_t *spdm_context, uint32_t base_hash_algo)
+{
+    const uint8_t spdm_version = libspdm_get_connection_version(spdm_context);
+
+    if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+        return (base_hash_algo & SPDM_ALGORITHMS_BASE_HASH_ALGO_12_MASK);
+    } else {
+        return (base_hash_algo & SPDM_ALGORITHMS_BASE_HASH_ALGO_10_MASK);
+    }
+}
+
+uint32_t libspdm_mask_measurement_hash_algo(libspdm_context_t *spdm_context,
+                                            uint32_t measurement_hash_algo)
+{
+    const uint8_t spdm_version = libspdm_get_connection_version(spdm_context);
+
+    if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+        return (measurement_hash_algo & SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_12_MASK);
+    } else {
+        return (measurement_hash_algo & SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_10_MASK);
+    }
+}
+
+uint8_t libspdm_mask_measurement_specification(libspdm_context_t *spdm_context,
+                                               uint8_t measurement_specification)
+{
+    return (measurement_specification & SPDM_MEASUREMENT_SPECIFICATION_10_MASK);
+}
+
+uint8_t libspdm_mask_mel_specification(libspdm_context_t *spdm_context, uint8_t mel_specification)
+{
+    LIBSPDM_ASSERT(libspdm_get_connection_version(spdm_context) >= SPDM_MESSAGE_VERSION_13);
+
+    return (mel_specification & SPDM_MEL_SPECIFICATION_13_MASK);
+}
+
+uint32_t libspdm_mask_base_asym_algo(libspdm_context_t *spdm_context, uint32_t base_asym_algo)
+{
+    const uint8_t spdm_version = libspdm_get_connection_version(spdm_context);
+
+    if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+        return (base_asym_algo & SPDM_ALGORITHMS_BASE_ASYM_ALGO_12_MASK);
+    } else {
+        return (base_asym_algo & SPDM_ALGORITHMS_BASE_ASYM_ALGO_10_MASK);
+    }
+}
+
+uint16_t libspdm_mask_alg_supported(libspdm_context_t *spdm_context, uint8_t alg_type,
+                                    uint16_t alg_supported)
+{
+    const uint8_t spdm_version = libspdm_get_connection_version(spdm_context);
+
+    LIBSPDM_ASSERT(spdm_version >= SPDM_MESSAGE_VERSION_11);
+
+    switch (alg_type) {
+    case SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_DHE:
+        if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+            return (alg_supported & SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_DHE_12_MASK);
+        } else {
+            return (alg_supported & SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_DHE_11_MASK);
+        }
+    case SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_AEAD:
+        if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+            return (alg_supported & SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_AEAD_12_MASK);
+        } else {
+            return (alg_supported & SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_AEAD_11_MASK);
+        }
+    case SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_REQ_BASE_ASYM_ALG:
+        if (spdm_version >= SPDM_MESSAGE_VERSION_12) {
+            return (alg_supported &
+                    SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_REQ_BASE_ASYM_ALG_12_MASK);
+        } else {
+            return (alg_supported &
+                    SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_REQ_BASE_ASYM_ALG_11_MASK);
+        }
+    case SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_KEY_SCHEDULE:
+        return (alg_supported & SPDM_NEGOTIATE_ALGORITHMS_ALG_SUPPORTED_KEY_SCHEDULE_11_MASK);
+    default:
+        LIBSPDM_ASSERT(false);
+        return 0;
+    }
+}