### Example CMake for Windows Release Build with mbedtls Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Windows x64 release build using VS2019 and mbedtls. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=mbedtls .. ``` -------------------------------- ### Install and Configure AFLplusplus Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Steps to install AFLplusplus, including cloning the repository, building the binary, and setting environment variables. Ensure the AFLplusplus binary is in your PATH. ```bash sudo apt-get install libssl-dev git clone https://github.com/AFLplusplus/AFLplusplus.git cd AFLplusplus/ make cp afl-fuzz afl-plusplus-fuzz export AFL_PATH=~/AFLplusplus/ export PATH=$PATH:$AFL_PATH ``` -------------------------------- ### Unit Test Execution Example Source: https://github.com/dmtf/libspdm/blob/main/README.md Example output from running unit tests. Ensure the command prompt's current working directory is set to 'libspdm/build/bin' before execution. ```text [==========] Running 2 test(s). [ RUN ] test_spdm_responder_version_case1 [ OK ] test_spdm_responder_version_case1 [ RUN ] test_spdm_responder_version_case2 [ OK ] test_spdm_responder_version_case2 [==========] 2 test(s) run. [ PASSED ] 2 test(s). ``` -------------------------------- ### Install and Configure AFLTurbo Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Steps to install AFLTurbo, including cloning the repository, building the tool, and setting environment variables. Ensure the AFLTurbo binary is in your PATH. ```bash sudo apt-get install libssl-dev git clone https://github.com/sleicasper/aflturbo.git cd aflturbo/ make cp afl-fuzz afl-turbo-fuzz export AFL_PATH=$(pwd) export PATH=$PATH:$AFL_PATH ``` -------------------------------- ### Example CMake for Windows Release Build with OpenSSL Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Windows x64 release build using VS2019 and OpenSSL. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl .. ``` -------------------------------- ### Install QEMU for Cross-Architecture Testing Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Installs QEMU, a machine emulator and virtualizer, required for testing on different architectures like ARM, AArch64, and RISC-V on Linux. ```bash sudo apt-get install build-essential pkg-config zlib1g-dev libglib2.0-0 libglib2.0-dev libsdl2-dev libpixman-1-dev libfdt-dev autoconf automake libtool librbd-dev libaio-dev flex bison -y wget https://download.qemu.org/qemu-4.2.0.tar.xz tar xvf qemu-4.2.0.tar.xz cd qemu-4.2.0 ./configure --prefix=/usr/local/qemu --audio-drv-list= sudo make -j 8 && sudo make install sudo ln -s /usr/local/qemu/bin/* /usr/local/bin ``` -------------------------------- ### Example CMake for Linux x64 Release Build with CLANG/mbedtls Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Linux x64 release build using CLANG and mbedtls. ```bash cmake -DARCH=x64 -DTOOLCHAIN=CLANG -DTARGET=Release -DCRYPTO=mbedtls .. ``` -------------------------------- ### Run Docker Hello World Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Verify Docker installation by running the 'hello-world' image. This command downloads and executes a test container. ```bash sudo docker run hello-world ``` -------------------------------- ### Start Session (With PSK) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Initiates an SPDM session using Pre-Shared Keys (PSK). ```APIDOC ## libspdm_start_session (With PSK) ### Description Starts an SPDM session with PSK by sending PSK_EXCHANGE/PSK_FINISH messages. ### Method PSK_EXCHANGE/PSK_FINISH ### Parameters - **spdm_context**: Pointer to the SPDM context. - **TRUE**: Indicates KeyExchange is using PSK. - **psk_hint, psk_hint_size**: The PSK hint and its size. - **SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH**: Measurement hash type. - **slot_id**: The slot identifier. - **session_policy**: The session policy. ### Returns - **session_id**: Pointer to store the new session identifier. - **heartbeat_period**: Pointer to store the heartbeat period. - **measurement_hash**: Pointer to store the measurement hash. ``` -------------------------------- ### Run Tests with QEMU for Different Architectures Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Examples of how to run test binaries on various architectures using QEMU, specifying the appropriate QEMU executable and sysroot path. ```bash qemu-arm -L /usr/arm-linux-gnueabi ``` ```bash qemu-aarch64 -L /usr/aarch64-linux-gnu ``` ```bash qemu-riscv32 -L /opt/riscv32/sysroot ``` ```bash qemu-riscv64 -L /usr/riscv64-linux-gnu ``` -------------------------------- ### Example Stack Usage Output Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md This is an example of the content found in the .su file generated by GCC's -fstack-usage flag, showing function names, stack size, and linkage. ```text /library/spdm_requester_lib/libspdm_req_send_receive.c:25:15:libspdm_send_request 4736 static /library/spdm_requester_lib/libspdm_req_send_receive.c:76:15:libspdm_receive_response 4752 static /library/spdm_requester_lib/libspdm_req_send_receive.c:167:15:spdm_send_spdm_request 64 static /library/spdm_requester_lib/libspdm_req_send_receive.c:212:15:spdm_receive_spdm_response 64 static ``` -------------------------------- ### Install ARM GCC on Ubuntu/Debian Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Install the ARM GCC compiler for ARM targets on Debian-based systems using apt-get. ```bash sudo apt-get install gcc-arm-linux-gnueabi ``` -------------------------------- ### Install LLVM and CLANG Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Commands to install LLVM and CLANG on a Debian-based Linux system using apt. Ensure that the LLVM and CLANG binaries are added to your PATH. ```bash sudo apt install llvm sudo apt install clang ``` -------------------------------- ### Install RISC-V64 GCC on Ubuntu/Debian Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Installs the GCC cross-compiler for RISC-V64 on Ubuntu or Debian-based systems using apt. ```bash sudo apt-get install gcc-riscv64-linux-gnu ``` -------------------------------- ### Example CMake for Windows Debug Build with mbedtls Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Windows x64 debug build using VS2019 and mbedtls. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Debug -DCRYPTO=mbedtls .. ``` -------------------------------- ### Fuzzing Output Path Example Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md This is an example of the output directory structure generated by the fuzzing script, indicating the crypto library and a git commit hash. ```bash libspdm/unit_test/fuzzing/out_libfuzz_mbedtls_05e7bb4/ ``` -------------------------------- ### Example CMake for Linux IA32 Release Build with OpenSSL Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Linux ia32 release build using GCC and OpenSSL. ```bash cmake -DARCH=ia32 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl .. ``` -------------------------------- ### Example CMake for Windows Debug Build with OpenSSL Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Windows x64 debug build using VS2019 and OpenSSL. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Debug -DCRYPTO=openssl .. ``` -------------------------------- ### Start SPDM Session (With PSK) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Establish an SPDM session using Pre-Shared Keys (PSK) by calling libspdm_start_session with the KeyExchange flag set to TRUE and providing PSK hint information. This is used for authenticated session establishment. ```C libspdm_start_session ( spdm_context, TRUE, // KeyExchange psk_hint, psk_hint_size, SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, slot_id, session_policy, &session_id, &heartbeat_period, &measurement_hash); ``` -------------------------------- ### Setup Windows Build Environment for ARM/AARCH64 Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Configure environment variables for ARM Development Studio on Windows. Ensure the ARM compiler and license file paths are correctly set. ```bash export PATH=$PATH:/c/ArmStudio/sw/ARMCompiler6.18/bin export CC=/c/ArmStudio/sw/ARMCompiler6.18/bin/armclang.exe export ARM_PRODUCT_DEF=/c/ArmStudio/sw/mappings/gold.elmap export ARMLMD_LICENSE_FILE= ``` -------------------------------- ### libspdm_init_connection Source: https://github.com/dmtf/libspdm/blob/main/doc/api/requester_api.md Sends the `GET_VERSION`, `GET_CAPABILITIES`, and `NEGOTIATE_ALGORITHM` to start a connection with an SPDM Responder. Initializes the SPDM context and populates it with configuration parameters. If successful, the SPDM context can be queried for Responder capabilities and algorithms. If it fails, the context should be reset. ```APIDOC ## libspdm_init_connection ### Description Sends the `GET_VERSION`, `GET_CAPABILITIES`, and `NEGOTIATE_ALGORITHM` to start a connection with an SPDM Responder. ### Parameters - **spdm_context** (The SPDM context.) - **get_version_only** (If `true` then only `GET_VERSION` is sent. If `false` then all three messages are sent.) ### Details Before calling this function the Integrator should have initialized the SPDM context and populated it with configuration parameters, such as the Requester's capabilities and supported cryptography algorithms. When this function returns with value `LIBSPDM_STATUS_SUCCESS` then the SPDM context can be queried to determine the capabilities and algorithms supported by the Responder. If this function returns early with value not equal to `LIBSPDM_STATUS_SUCCESS` then the SPDM context should be reset before attempting establish a new connection. ``` -------------------------------- ### Install and Build AFL Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Steps to download, build, and set up the AFL fuzzer environment on Linux. Ensure the AFL binary is added to your PATH. ```bash tar zxvf afl-latest.tgz cd afl-2.52b/ make export AFL_PATH= export PATH=$PATH:$AFL_PATH ``` -------------------------------- ### Compile and Link with libspdm (Shared Library) Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Example of compiling an application object file and then linking it with the libspdm shared library using pkg-config for flags. ```bash gcc `pkg-config --cflags libspdm` -c libspdm_app.c -o libspdm_app.o gcc libspdm_app.o `pkg-config --libs libspdm` libspdm_app ``` -------------------------------- ### Start Session (Without PSK) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Initiates an SPDM session without using Pre-Shared Keys (PSK). ```APIDOC ## libspdm_start_session (Without PSK) ### Description Starts an SPDM session without PSK by sending KEY_EXCHANGE/FINISH messages. ### Method KEY_EXCHANGE/FINISH ### Parameters - **spdm_context**: Pointer to the SPDM context. - **FALSE**: Indicates KeyExchange is not using PSK. - **NULL, 0**: Placeholder for PSK hint and size. - **SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH**: Measurement hash type. - **slot_id**: The slot identifier. - **session_policy**: The session policy. ### Returns - **session_id**: Pointer to store the new session identifier. - **heartbeat_period**: Pointer to store the heartbeat period. - **measurement_hash**: Pointer to store the measurement hash. ``` -------------------------------- ### Example CMake for Linux IA32 Debug Build with OpenSSL Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Linux ia32 debug build using GCC and OpenSSL. ```bash cmake -DARCH=ia32 -DTOOLCHAIN=GCC -DTARGET=Debug -DCRYPTO=openssl .. ``` -------------------------------- ### Example CMake for Linux ARM Debug Build with OpenSSL Source: https://github.com/dmtf/libspdm/blob/main/README.md Example CMake command for a Linux ARM debug build using GCC and OpenSSL. ```bash cmake -DARCH=arm -DTOOLCHAIN=GCC -DTARGET=Debug -DCRYPTO=openssl .. ``` -------------------------------- ### Setup Linux Build Environment for ARM GNU Bare Metal Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Add ARM GNU bare metal toolchain paths to the PATH environment variable for cross-compiling on Linux. ```bash echo 'export PATH=~/gcc-arm-11.2-2022.02-x86_64-arm-none-eabi/bin:$PATH' | sudo tee -a ~/.bashrc echo 'export PATH=~/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf/bin:$PATH' | sudo tee -a ~/.bashrc source ~/.bashrc ``` -------------------------------- ### Setup Linux Build Environment for ARM GNU (Linux Target) Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Add ARM GNU toolchain paths for Linux targets to the PATH environment variable. This is for cross-compiling on Linux. ```bash echo 'export PATH=~/gcc-arm-11.2-2022.02-x86_64-arm-none-linux-gnueabihf/bin:$PATH' | sudo tee -a ~/.bashrc echo 'export PATH=~/gcc-arm-11.2-2022.02-x86_64-aarch64-none-linux-gnu/bin:$PATH' | sudo tee -a ~/.bashrc source ~/.bashrc ``` -------------------------------- ### General Linux Build Steps for libspdm Source: https://github.com/dmtf/libspdm/blob/main/README.md Standard build procedure for libspdm on Linux using Makefiles. Install 'gcc-multilib' if performing ia32 builds on a 64-bit system. ```bash cd libspdm mkdir build cd build cmake -DARCH= -DTOOLCHAIN= -DTARGET= -DCRYPTO= .. make copy_sample_key make ``` -------------------------------- ### Setup Linux Build Environment for ARM/AARCH64 with ARM Development Studio Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Configure environment variables for ARM Development Studio on Linux. This involves adding the ARM compiler to the PATH and setting the product definition and license file paths. ```bash echo 'export PATH=$PATH:/opt/arm/developmentstudio-2022.1/sw/ARMCompiler6.18/bin' | sudo tee -a ~/.bashrc echo 'export ARM_PRODUCT_DEF=/opt/arm/developmentstudio-2022.1/sw/mappings/gold.elmap' | sudo tee -a ~/.bashrc echo 'export ARMLMD_LICENSE_FILE=' | sudo tee -a ~/.bashrc source ~/.bashrc ``` -------------------------------- ### Configure and Build RISC-V GNU Toolchain for RISC-V64 Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Configures the RISC-V GNU toolchain for the riscv64 architecture and builds it. The toolchain will be installed to the specified prefix. ```bash cd riscv-gnu-toolchain ./configure --prefix=/opt/riscv sudo make linux sudo ln -s /opt/riscv/bin/* /usr/bin ``` -------------------------------- ### Set up Klocwork Environment Variables Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Set these environment variables before running Klocwork commands. Ensure the paths are correct for your installation. ```bash set KW_HOME=C:\Klocwork set KW_ROOT=%KW_HOME%\\projects_root set KW_TABLE_ROOT=%KW_HOME%\Tables set KW_CONFIG=%KW_ROOT%\projects\workspace\rules\analysis_profile.pconf set KW_PROJECT_NAME=libspdm ``` -------------------------------- ### Start SPDM Session (Without PSK) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Initiate an SPDM session without using Pre-Shared Keys (PSK) by calling libspdm_start_session with the KeyExchange flag set to FALSE. This establishes a secure channel for subsequent communication. ```C libspdm_start_session ( spdm_context, FALSE, // KeyExchange NULL, 0, SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, slot_id, session_policy, &session_id, &heartbeat_period, &measurement_hash); ``` -------------------------------- ### Get libspdm Context Size Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Use `libspdm_get_context_size()` to determine the required size for the `spdm_context` structure. This size can be printed using printf, for example, within the spdm emulator. ```c printf("context_size - 0x%x\n", (uint32_t)libspdm_get_context_size()); ``` -------------------------------- ### Example Encapsulated State Management Handler Source: https://github.com/dmtf/libspdm/blob/main/doc/internal/encapsulated_flow.md This C code demonstrates a state handler for encapsulated flows. The Integrator implements this handler to manage requests like getting digests, certificates, or endpoint information, and to terminate the flow. It shows how to access session-specific or general SPDM context. ```C /* libspdm receives a GET_ENCAPSULATED_REQUEST or DELIVER_ENCAPSULATED_RESPONSE message and calls * into libspdm_encap_state_handler. */ libspdm_return_t libspdm_encap_state_handler (void *spdm_context, uint32_t *session_id, libspdm_encap_flow_type_t encap_flow_type, ...) { /* Integrator can use a pointer in libspdm_session_info or non-session spdm_context to access * Integrator-defined state related to the encapsulated flow. */ switch (state) { case a: /* Get digests. Information can be retrieved via LIBSPDM_DATA_PEER_* and libspdm_get_data. */ return libspdm_encap_get_digest(..., session_id); case b: /* Get certificate chain from certificate slot 5. */ return libspdm_encap_get_certificate(..., session_id, 5); case c: /* Get endpoint information using certificate slot 5. */ return libspdm_encap_get_endpoint_info(..., session_id, ..., 5, ...); case d: /* Terminate encapsulated flow. */ return libspdm_encap_terminate_flow(..., session_id); } } ``` -------------------------------- ### Install RISC-V64 GCC on Fedora Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Installs the GCC cross-compiler for RISC-V64 on Fedora systems using dnf. ```bash sudo dnf install gcc-riscv64-linux-gnu ``` -------------------------------- ### Install AARCH64 GCC on Fedora Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Install the AARCH64 GCC compiler for AARCH64 targets on Fedora systems using dnf. ```bash sudo dnf install gcc-aarch64-linux-gnu ``` -------------------------------- ### Install AARCH64 GCC on Ubuntu/Debian Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Install the AARCH64 GCC compiler for AARCH64 targets on Debian-based systems using apt-get. ```bash sudo apt-get install gcc-aarch64-linux-gnu ``` -------------------------------- ### Message Logging Functions Source: https://github.com/dmtf/libspdm/blob/main/doc/api/requester_api.md Functions for initializing, setting mode, getting status, getting size, and resetting message logging. ```APIDOC ## Message Logging libspdm allows an Integrator to log request and response messages to an Integrator-provided buffer. It is currently only supported by a Requester. --- ### libspdm_init_msg_log ### Description Initializes message logging. ### Parameters **spdm_context**
The SPDM context. **msg_buffer**
A pointer to a buffer to store the messages. **msg_buffer_size**
The size, in bytes, of the `msg_buffer` buffer. ### Details TBD

--- ### libspdm_set_msg_log_mode ### Description Sets the mode in which message logging operates. ### Parameters **spdm_context**
The SPDM context. **mode**
Sets the mode in which the message logger operates. It is a bitmask and its value can contain - `LIBSPDM_MSG_LOG_MODE_ENABLE` - If set then message logger is enabled. - If not set then message logger is disabled. ### Details TBD

--- ### libspdm_get_msg_log_status ### Description Returns the status of the message logger. ### Parameters **spdm_context**
The SPDM context. ### Details TBD

--- ### libspdm_get_msg_log_size ### Description Returns the size of the message log. ### Parameters **spdm_context**
The SPDM context. ### Details TBD

--- ### libspdm_reset_msg_log ### Description Resets the state of the message log. ### Parameters **spdm_context**
The SPDM context. ### Details TBD

``` -------------------------------- ### Install RISC-V GNU Toolchain Dependencies Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Installs necessary development packages required for building the RISC-V GNU toolchain on Debian/Ubuntu-based systems. ```bash sudo apt-get install autoconf automake autotools-dev curl python3 libmpc-dev libmpfr-dev libgmp-dev gawk build-essential bison flex texinfo gperf libtool patchutils bc zlib1g-dev libexpat-dev ``` -------------------------------- ### Initialize SPDM Connection Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Initiate the SPDM connection with the responder by sending GET_VERSION, GET_CAPABILITIES, and NEGOTIATE_ALGORITHM messages. ```C libspdm_init_connection (spdm_context, FALSE); ``` -------------------------------- ### Configure Coverity Static Analysis Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Set up Coverity by adding its bin directory to the PATH and configuring the analysis with a specified XML configuration file. This is typically done in a Visual Studio x64 Native Tools Command Prompt. ```bash set PATH=%PATH%;C:\Program Files\Coverity\Coverity Static Analysis\bin\ cov-configure --msvc --config C:\libspdm\CoverityConfig\coverity-config.xml ``` -------------------------------- ### Install RISC-V ELF Toolchain on Arch Linux Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Installs RISC-V 32-bit and 64-bit ELF toolchain components on Arch Linux using pacman. ```bash sudo pacman -Syu riscv32-elf-binutils riscv32-elf-newlib riscv64-elf-binutils riscv64-elf-gcc riscv64-elf-newlib ``` -------------------------------- ### Initialize SPDM Context and Scratch Buffer Source: https://context7.com/dmtf/libspdm/llms.txt Demonstrates the allocation and initialization of the SPDM context and a scratch buffer. This is a prerequisite for any SPDM communication, as the context stores connection state and negotiated parameters. The scratch buffer is used for internal message processing. ```c #include "library/spdm_common_lib.h" #include "library/spdm_requester_lib.h" void *spdm_context; void *scratch_buffer; size_t scratch_buffer_size; /* Allocate and initialize the main context */ spdm_context = malloc(libspdm_get_context_size()); if (spdm_context == NULL) { /* handle OOM */ } libspdm_init_context(spdm_context); /* Allocate the scratch buffer (size depends on config) */ scratch_buffer_size = libspdm_get_sizeof_required_scratch_buffer(spdm_context); scratch_buffer = malloc(scratch_buffer_size); if (scratch_buffer == NULL) { /* handle OOM */ } libspdm_set_scratch_buffer(spdm_context, scratch_buffer, scratch_buffer_size); /* --- Optional: isolate session keys in secure memory --- */ /* size_t secured_ctx_size = libspdm_secured_message_get_context_size(); * void *secured_ctx[2] = { secure_alloc(secured_ctx_size), * secure_alloc(secured_ctx_size) }; * spdm_context = malloc(libspdm_get_context_size_without_secured_context()); * libspdm_init_context_with_secured_context(spdm_context, secured_ctx, 2); */ /* Zero and free both buffers when done */ /* memset(spdm_context, 0, libspdm_get_context_size()); * free(spdm_context); free(scratch_buffer); */ ``` -------------------------------- ### Initialize SPDM Context with Scratch Buffer Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Allocate and initialize the SPDM context and scratch buffer. Ensure both are zeroed before freeing or reusing. ```C spdm_context = (void *)malloc (libspdm_get_context_size()); libspdm_init_context (spdm_context); scratch_buffer_size = libspdm_get_sizeof_required_scratch_buffer(m_spdm_context); scratch_buffer = (void *)malloc(scratch_buffer_size); libspdm_set_scratch_buffer (spdm_context, m_scratch_buffer, scratch_buffer_size); ``` -------------------------------- ### Build Command with mbedTLS (Release) Source: https://github.com/dmtf/libspdm/blob/main/os_stub/spdm_cert_verify_callback_sample/README.md Use this command to build the reference implementation with mbedTLS for release builds. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=mbedtls -DX509_IGNORE_CRITICAL=ON .. ``` -------------------------------- ### Build Command with OpenSSL (Release) Source: https://github.com/dmtf/libspdm/blob/main/os_stub/spdm_cert_verify_callback_sample/README.md Use this command to build the reference implementation with OpenSSL for release builds. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl -DX509_IGNORE_CRITICAL=ON .. ``` -------------------------------- ### Establish SPDM Connection and Query Negotiated Algorithms Source: https://context7.com/dmtf/libspdm/llms.txt Initiates the SPDM handshake (GET_VERSION, GET_CAPABILITIES, NEGOTIATE_ALGORITHMS) using `libspdm_init_connection`. If an error occurs, the context is reset. After a successful handshake, negotiated peer algorithms can be retrieved using `libspdm_get_data`. ```c libspdm_return_t status; /* Full handshake (GET_VERSION + GET_CAPABILITIES + NEGOTIATE_ALGORITHMS) */ status = libspdm_init_connection(spdm_context, false); if (LIBSPDM_STATUS_IS_ERROR(status)) { /* Reset context before retrying */ libspdm_init_context(spdm_context); return status; } /* Query negotiated peer algorithm */ libspdm_data_parameter_t param; memset(¶m, 0, sizeof(param)); param.location = LIBSPDM_DATA_LOCATION_CONNECTION; uint32_t peer_asym_algo; size_t data_size = sizeof(peer_asym_algo); libspdm_get_data(spdm_context, LIBSPDM_DATA_BASE_ASYM_ALGO, ¶m, &peer_asym_algo, &data_size); /* peer_asym_algo now contains the algorithm chosen during NEGOTIATE_ALGORITHMS */ /* Version-only query (GET_VERSION only, skip capabilities/algorithms) */ /* status = libspdm_init_connection(spdm_context, true); */ ``` -------------------------------- ### CMake for Windows OpenSSL Binary Build Support Source: https://github.com/dmtf/libspdm/blob/main/README.md Enables binary build support for OpenSSL on Windows. Ensure OpenSSL is installed and its library paths are correctly specified. Requires 'nmake install' for OpenSSL. ```bash cmake -G"Visual Studio 16 2019" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=openssl -DENABLE_BINARY_BUILD=1 -DCOMPILED_LIBCRYPTO_PATH=/libcrypto.lib -DCOMPILED_LIBSSL_PATH=/libssl.lib .. ``` -------------------------------- ### Generate OSS-Fuzz Configuration Files Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Use this command to generate the initial configuration files for OSS-Fuzz. Ensure you are in the oss-fuzz directory and have set the project name and language. ```bash cd oss-fuzz export PROJECT_NAME=libspdm export LANGUAGE=c python3 infra/helper.py generate $PROJECT_NAME --language=$LANGUAGE ``` -------------------------------- ### Build WinAFL with Visual Studio Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Instructions to build WinAFL on Windows using Visual Studio. This involves creating build directories and configuring CMake with DynamoRIO and Drsyms options. Refer to the provided GitHub issue for potential linker errors. ```bash mkdir [build32|build64] cd [build32|build64] cmake -G"Visual Studio 16 2019" -A [Win32|x64] .. -DDynamoRIO_DIR=%DRIO_PATH%\cmake -DUSE_DRSYMS=1 cmake --build . --config Release ``` -------------------------------- ### CMake for Linux OpenSSL Binary Build Support Source: https://github.com/dmtf/libspdm/blob/main/README.md Enables binary build support for OpenSSL on Linux. Ensure OpenSSL is installed and its library paths are correctly specified. Requires 'sudo make install' for OpenSSL. ```bash cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Release -DCRYPTO=openssl -DENABLE_BINARY_BUILD=1 -DCOMPILED_LIBCRYPTO_PATH=/libcrypto.a -DCOMPILED_LIBSSL_PATH=/libssl.a .. ``` -------------------------------- ### Get Certificate Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Retrieves the certificate chain from the SPDM Responder. ```APIDOC ## libspdm_get_certificate ### Description Retrieves the certificate chain from the SPDM Responder. ### Signature ```C libspdm_get_certificate (spdm_context, session_id, slot_id, cert_chain_size, cert_chain); ``` ``` -------------------------------- ### Build libspdm with Coverity Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md This sequence configures the build environment using CMake, builds the project, and then uses `cov-build` to capture the build process for Coverity analysis. Ensure you are in the libspdm directory. ```bash cd libspdm mkdir build cd build cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Release -DCRYPTO=mbedtls .. nmake copy_sample_key cov-build --config C:\libspdm\CoverityConfig\coverity-config.xml --dir C:\libspdm\coverity-output nmake ``` -------------------------------- ### Get Measurement (One by One) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Retrieves measurements one by one from the SPDM Responder. ```APIDOC ## libspdm_get_measurement (One by One) ### Description Sends GET_MEASUREMENT requests iteratively to retrieve each measurement block. ### Method GET_MEASUREMENT ### Parameters - **spdm_context**: Pointer to the SPDM context. - **session_id**: The session identifier. - **request_attribute**: Attributes for the request (set to generate signature for the last block). - **index**: The current measurement block index (1-based). - **slot_id**: The slot identifier. ### Returns - **content_changed**: Pointer to a boolean indicating if content has changed. - **number_of_block**: Pointer to store the number of the current block. - **measurement_record_length**: Pointer to store the length of the measurement record. - **measurement_record**: Pointer to store the measurement record data. ``` -------------------------------- ### Build with Native Toolchain (Buildroot/OpenEmbedded) Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Use this command when the toolchain is set to NONE to utilize the native toolchain of the build environment, suitable for environments like Buildroot or OpenEmbedded. ```bash cd libspdm mkdir build cd build cmake -DARCH= -DTOOLCHAIN=NONE -DTARGET= -DCRYPTO= .. make ``` -------------------------------- ### Get Measurement (Total Number) Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Queries the total number of measurements available from the SPDM Responder. ```APIDOC ## libspdm_get_measurement (Total Number) ### Description Sends a GET_MEASUREMENT request to query the total number of measurements available. ### Method GET_MEASUREMENT ### Parameters - **spdm_context**: Pointer to the SPDM context. - **session_id**: The session identifier. - **request_attribute**: Attributes for the request. - **measurement_operation**: SPDM_GET_MEASUREMENTS_REQUEST_MEASUREMENT_OPERATION_TOTAL_NUMBER_OF_MEASUREMENTS. - **slot_id**: The slot identifier. ### Returns - **content_changed**: Pointer to a boolean indicating if content has changed. - **number_of_blocks**: Pointer to store the total number of measurement blocks. - **NULL**: Placeholder for measurement record length. - **NULL**: Placeholder for measurement record data. ``` -------------------------------- ### General Windows Build Steps for libspdm Source: https://github.com/dmtf/libspdm/blob/main/README.md Use this command sequence for building libspdm on Windows with NMake Makefiles. Ensure you are in the correct Native Tools Command Prompt for your architecture (x86 or x64). ```bash cd libspdm mkdir build cd build cmake -G"NMake Makefiles" -DARCH= -DTOOLCHAIN= -DTARGET= -DCRYPTO= .. nmake copy_sample_key nmake ``` -------------------------------- ### Build Command with mbedTLS (Debug) Source: https://github.com/dmtf/libspdm/blob/main/os_stub/spdm_cert_verify_callback_sample/README.md Use this command to build the reference implementation with mbedTLS for debugging purposes. ```bash cmake -G"NMake Makefiles" -DARCH=x64 -DTOOLCHAIN=VS2019 -DTARGET=Debug -DCRYPTO=mbedtls -DX509_IGNORE_CRITICAL=ON .. ``` -------------------------------- ### Set OpenSSL Install Directory Scope Source: https://github.com/dmtf/libspdm/blob/main/os_stub/openssllib/CMakeLists.txt Sets the OPENSSL_INSTALL_DIR variable with PARENT_SCOPE, making it available to parent CMake directories. ```cmake set(OPENSSL_INSTALL_DIR ${OPENSSL_INSTALL_DIR} PARENT_SCOPE) ``` -------------------------------- ### Set Interface Include Directories Source: https://github.com/dmtf/libspdm/blob/main/os_stub/openssllib/CMakeLists.txt Configures the interface include directories for the openssllib target to include the OpenSSL installation directory. ```cmake target_include_directories(openssllib INTERFACE ${OPENSSL_INSTALL_DIR}/include ) ``` -------------------------------- ### Get TPM Public Key Handle Source: https://github.com/dmtf/libspdm/blob/main/doc/tpm_usage.md Retrieves an opaque handle for the TPM-backed public key. Used for certificate and verification flows. ```c void *pub_ctx = NULL; if (!libspdm_tpm_get_pub_key_handle(NULL, &pub_ctx)) { printf("Failed to get public key\n"); return -1; } ``` -------------------------------- ### Build libspdm on Linux for LOONGARCH64 with LOONGARCH64_GNU Toolchain Source: https://github.com/dmtf/libspdm/blob/main/doc/build.md Use these commands to build libspdm on Linux for LOONGARCH64 targets with the LOONGARCH64_GNU toolchain. Configure the TARGET and CRYPTO options as required. ```bash cd libspdm mkdir build cd build cmake -DARCH=loongarch64 -DTOOLCHAIN=LOONGARCH64_GNU -DTARGET= -DCRYPTO= .. make copy_sample_key make ``` ```bash cmake -DARCH=loongarch64 -DTOOLCHAIN=LOONGARCH64_GNU -DTARGET=Release -DCRYPTO=mbedtls .. ``` -------------------------------- ### Initialize SPDM Context Source: https://github.com/dmtf/libspdm/blob/main/doc/user_guide.md Allocate and initialize the SPDM context and scratch buffer. Ensure buffers are zeroed before freeing or reusing. ```C spdm_context = (void *)malloc (spdm_get_context_size()); libspdm_init_context (spdm_context); scratch_buffer_size = libspdm_get_sizeof_required_scratch_buffer(m_spdm_context); libspdm_set_scratch_buffer (spdm_context, m_scratch_buffer, scratch_buffer_size); ``` -------------------------------- ### Get TPM Private Key Handle Source: https://github.com/dmtf/libspdm/blob/main/doc/tpm_usage.md Retrieves an opaque handle for the TPM-backed private key. Used for signing operations like SPDM CHALLENGE_AUTH. ```c void *priv_ctx = NULL; if (!libspdm_tpm_get_pvt_key_handle(NULL, &priv_ctx)) { printf("Failed to get private key\n"); return -1; } ``` -------------------------------- ### AFLplusplus Fuzzing and Coverage Output Paths Source: https://github.com/dmtf/libspdm/blob/main/doc/test.md Example paths for fuzzing output (SummaryList.csv) and code coverage reports (index.html) generated by the fuzzing_AFLplusplus.sh script. ```bash #libspdm/unit_test/fuzzing/out___/SummaryList.csv libspdm/unit_test/fuzzing/out_mbedtls/SummaryList.csv #libspdm/unit_test/fuzzing/out___/coverage_log/index.html libspdm/unit_test/fuzzing/out_mbedtls/coverage_log/index.html ```