TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-RMM / tf-rmm / fabc0d0b77271ce592196855ac03da4c29c41f8e
commitfabc0d0b77271ce592196855ac03da4c29c41f8e[log] [tgz]
authorArunachalam Ganapathy <arunachalam.ganapathy@arm.com>Thu Jul 18 13:12:58 2024 +0100
committerSoby Mathew <soby.mathew@arm.com>Fri Jun 27 15:14:49 2025 +0100
tree93511369cdad2675a27be41accdf15e27a7c5280
parent55cd942359ef2ab4b45ff7812236be020a54fe7d [diff]
feat(app/device_assignment): add support for libspdm_get_certificate

In dev_assign_cmd_init_connection_main add support to do
libspdm_get_certificate. This retrivies device certificate in parts or
whole based on the size of device certificate and response buffer size.

As the device certificate is retrived, RMM does below steps
- Sets cache fields in DevCommExit for NS host to cache the device
  response.
- Computes spdm_cert_chain hash based on the negotiated hash algorithm.
- Computes x509_cert_chain hash based on the PDEV hash algorithm.
- Once the certificate is completed retrived, RMM sets the hash of the
  certificate in libspdm connection using custom set_data command
  LIBSPDM_DATA_PEER_USED_CERT_CHAIN_HASH.

Set LIBSPDM_MAX_CERT_CHAIN_SIZE to 0 as RMM do not store certificate
chain in libspdm context.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Change-Id: I56362c99c654178f4feb474fda031db2d9a74641
11 files changed
tree: 93511369cdad2675a27be41accdf15e27a7c5280
  1. .github/
  2. app/
  3. cmake/
  4. configs/
  5. docs/
  6. drivers/
  7. ext/
  8. lib/
  9. plat/
  10. runtime/
  11. toolchains/
  12. tools/
  13. .checkpatch.conf
  14. .clang-tidy
  15. .gitignore
  16. .gitmodules
  17. .readthedocs.yaml
  18. CMakeLists.txt
  19. DCO
  20. LICENSE
  21. requirements.txt