static int attestation_requester_negotiate_algorithms_rsp_post

static int attestation_requester_negotiate_algorithms_rsp_post_processing()

in core/attestation/attestation_requester.c [892:1003]
93 lines of code
28 McCabe index (conditional complexity)

static int attestation_requester_negotiate_algorithms_rsp_post_processing (
	const struct attestation_requester *attestation, uint8_t device_eid)
{
	struct spdm_negotiate_algorithms_response *rsp =
		(struct spdm_negotiate_algorithms_response*) attestation->state->txn.msg_buffer;

	// Currently, only SPDM measurement blocks following the DMTF format are supported
	if (rsp->measurement_specification != SPDM_MEASUREMENT_SPEC_DMTF) {
		debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
			ATTESTATION_LOGGING_MEASUREMENT_SPEC_UNSUPPORTED, device_eid,
			rsp->measurement_specification);

		return ATTESTATION_UNSUPPORTED_MEASUREMENT_SPEC;
	}

	if (attestation->state->txn.cert_supported) {
		if (rsp->base_asym_sel == SPDM_TPM_ALG_ECDSA_ECC_NIST_P256) {
			attestation->state->txn.alias_signature_len = ECC_KEY_LENGTH_256;
		}
#if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384
		else if (rsp->base_asym_sel == SPDM_TPM_ALG_ECDSA_ECC_NIST_P384) {
			attestation->state->txn.alias_signature_len = ECC_KEY_LENGTH_384;
		}
#endif
#if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521
		else if (rsp->base_asym_sel == SPDM_TPM_ALG_ECDSA_ECC_NIST_P521) {
			attestation->state->txn.alias_signature_len = ECC_KEY_LENGTH_521;
		}
#endif
		else {
			debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
				ATTESTATION_LOGGING_BASE_ASYM_KEY_SIG_ALG_UNSUPPORTED, device_eid,
				rsp->base_asym_sel);

			return ATTESTATION_UNSUPPORTED_ALGORITHM;
		}

		if ((rsp->base_hash_sel != SPDM_TPM_ALG_SHA_256)
#ifdef HASH_ENABLE_SHA384
			&& (rsp->base_hash_sel != SPDM_TPM_ALG_SHA_384)
#endif
#ifdef HASH_ENABLE_SHA512
			&& (rsp->base_hash_sel != SPDM_TPM_ALG_SHA_512)
#endif
		) {
			debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
				ATTESTATION_LOGGING_HASHING_ALGORITHM_UNSUPPORTED, device_eid, rsp->base_hash_sel);

			return ATTESTATION_UNSUPPORTED_ALGORITHM;
		}
	}
	else {
		/* DSP0274 SPDM spec indicates base_asym_sel and base_hash_sel shall be 0 if they are not
		 * supported by the device. */
		if (rsp->base_asym_sel != 0) {
			debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
				ATTESTATION_LOGGING_BASE_ASYM_KEY_SIG_ALG_UNSUPPORTED, device_eid,
				rsp->base_asym_sel);

			return ATTESTATION_UNSUPPORTED_ALGORITHM;
		}

		if (rsp->base_hash_sel != 0) {
			debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
				ATTESTATION_LOGGING_HASHING_ALGORITHM_UNSUPPORTED, device_eid, rsp->base_hash_sel);

			return ATTESTATION_UNSUPPORTED_ALGORITHM;
		}
	}

	if ((rsp->measurement_hash_algo != SPDM_MEAS_RSP_TPM_ALG_SHA_256) &&
		(rsp->measurement_hash_algo != SPDM_MEAS_RSP_TPM_ALG_SHA_384) &&
		(rsp->measurement_hash_algo != SPDM_MEAS_RSP_TPM_ALG_SHA_512)) {
		debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
			ATTESTATION_LOGGING_HASHING_MEAS_ALGORITHM_UNSUPPORTED, device_eid,
			rsp->measurement_hash_algo);

		return ATTESTATION_UNSUPPORTED_ALGORITHM;
	}

	if (!attestation->state->txn.device_discovery) {
		if (attestation->state->txn.cert_supported) {
			if (((rsp->base_hash_sel == SPDM_TPM_ALG_SHA_256) &&
				(attestation->state->txn.transcript_hash_type != HASH_TYPE_SHA256)) ||
				((rsp->base_hash_sel == SPDM_TPM_ALG_SHA_384) &&
				(attestation->state->txn.transcript_hash_type != HASH_TYPE_SHA384)) ||
				((rsp->base_hash_sel == SPDM_TPM_ALG_SHA_512) &&
				(attestation->state->txn.transcript_hash_type != HASH_TYPE_SHA512))) {
				debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
					ATTESTATION_LOGGING_UNEXPECTED_HASH_ALGO_IN_RSP, device_eid,
					rsp->base_hash_sel);

				return ATTESTATION_UNEXPECTED_ALG_IN_RESPONSE;
			}
		}

		if (((rsp->measurement_hash_algo == SPDM_MEAS_RSP_TPM_ALG_SHA_256) &&
			(attestation->state->txn.measurement_hash_type != HASH_TYPE_SHA256)) ||
			((rsp->measurement_hash_algo == SPDM_MEAS_RSP_TPM_ALG_SHA_384) &&
			(attestation->state->txn.measurement_hash_type != HASH_TYPE_SHA384)) ||
			((rsp->measurement_hash_algo == SPDM_MEAS_RSP_TPM_ALG_SHA_512) &&
			(attestation->state->txn.measurement_hash_type != HASH_TYPE_SHA512))) {
			debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_ATTESTATION,
				ATTESTATION_LOGGING_UNEXPECTED_MEAS_HASH_ALGO_IN_RSP, device_eid,
				rsp->measurement_hash_algo);

			return ATTESTATION_UNEXPECTED_ALG_IN_RESPONSE;
		}
	}

	return 0;
}