From 11fcec9bd75f576ed9afdd6b36ec3263305ab917 Mon Sep 17 00:00:00 2001
From: Jiewen Yao <jiewen.yao@intel.com>
Date: Mon, 20 Nov 2023 15:40:43 +0800
Subject: [PATCH 1/2] Add 1.3 DIGEST to transcript.

Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 spdm_dump/spdm/spdm_dump_spdm.c | 44 +++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/spdm_dump/spdm/spdm_dump_spdm.c b/spdm_dump/spdm/spdm_dump_spdm.c
index aad5aad..47428a7 100644
--- a/spdm_dump/spdm/spdm_dump_spdm.c
+++ b/spdm_dump/spdm/spdm_dump_spdm.c
@@ -43,6 +43,8 @@ uint16_t m_spdm_aead_cipher_suite;
 uint16_t m_spdm_req_base_asym_alg;
 uint16_t m_spdm_key_schedule;
 uint8_t m_spdm_other_params_support;
+bool m_multi_key_conn_req;
+bool m_multi_key_conn_rsp;
 
 dispatch_table_entry_t m_spdm_vendor_dispatch[] = {
     { SPDM_REGISTRY_ID_DMTF, "DMTF", NULL },
@@ -71,6 +73,11 @@ value_string_entry_t m_spdm_requester_capabilities_string_table[] = {
       "HANDSHAKE_IN_CLEAR" },
     { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP, "PUB_KEY_ID" },
     { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHUNK_CAP, "CHUNK" },
+    { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_NO_SIG, "EP_INFO_NO_SIG" },
+    { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG, "EP_INFO_SIG" },
+    { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EVENT_CAP, "EVENT" },
+    { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MULTI_KEY_CAP_ONLY, "MULTI_KEY_ONLY" },
+    { SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MULTI_KEY_CAP_NEG, "MULTI_KEY_NEG" },
 };
 size_t m_spdm_requester_capabilities_string_table_count =
     LIBSPDM_ARRAY_SIZE(m_spdm_requester_capabilities_string_table);
@@ -100,6 +107,14 @@ value_string_entry_t m_spdm_responder_capabilities_string_table[] = {
     { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP, "SET_CERT" },
     { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CSR_CAP, "CSR" },
     { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP, "CERT_INSTALL_RESET" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EP_INFO_CAP_NO_SIG, "EP_INFO_NO_SIG" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EP_INFO_CAP_SIG, "EP_INFO_SIG" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEL_CAP, "MEL" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP, "EVENT" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MULTI_KEY_CAP_ONLY, "MULTI_KEY_ONLY" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MULTI_KEY_CAP_NEG, "MULTI_KEY_NEG" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP, "GET_KEY_PAIR_INFO" },
+    { SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP, "SET_KEY_PAIR_INFO" },
 };
 size_t m_spdm_responder_capabilities_string_table_count =
     LIBSPDM_ARRAY_SIZE(m_spdm_responder_capabilities_string_table);
@@ -186,6 +201,7 @@ size_t m_spdm_measurement_spec_value_string_table_count =
 
 value_string_entry_t m_spdm_other_param_value_string_table[] = {
     { SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1, "OPAQUE_FMT_1" },
+    { SPDM_ALGORITHMS_MULTI_KEY_CONN, "MULTI_KEY_CONN" },
 };
 size_t m_spdm_other_param_value_string_table_count =
     LIBSPDM_ARRAY_SIZE(m_spdm_other_param_value_string_table);
@@ -612,6 +628,13 @@ void dump_spdm_negotiate_algorithms(const void *buffer, size_t buffer_size)
         return;
     }
 
+    m_multi_key_conn_rsp = false;
+    if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        if ((spdm_request->other_params_support & SPDM_ALGORITHMS_MULTI_KEY_CONN) != 0) {
+            m_multi_key_conn_rsp = true;
+        }
+    }
+
     if (!m_param_quite_mode) {
         printf("(MeasSpec=0x%02x(",
                spdm_request->measurement_specification);
@@ -736,6 +759,13 @@ void dump_spdm_algorithms(const void *buffer, size_t buffer_size)
         return;
     }
 
+    m_multi_key_conn_req = false;
+    if (spdm_response->header.spdm_version >= SPDM_MESSAGE_VERSION_13) {
+        if ((spdm_response->other_params_selection & SPDM_ALGORITHMS_MULTI_KEY_CONN) != 0) {
+            m_multi_key_conn_req = true;
+        }
+    }
+
     if (!m_param_quite_mode) {
         printf("(MeasSpec=0x%02x(",
                spdm_response->measurement_specification_sel);
@@ -898,6 +928,10 @@ void dump_spdm_algorithms(const void *buffer, size_t buffer_size)
                      &m_spdm_key_schedule, sizeof(uint16_t));
     libspdm_set_data(m_spdm_context, LIBSPDM_DATA_OTHER_PARAMS_SUPPORT, &parameter,
                      &m_spdm_other_params_support, sizeof(uint8_t));
+    libspdm_set_data(m_spdm_context, LIBSPDM_DATA_MULTI_KEY_CONN_REQ, &parameter,
+                     &m_multi_key_conn_req, sizeof(bool));
+    libspdm_set_data(m_spdm_context, LIBSPDM_DATA_MULTI_KEY_CONN_RSP, &parameter,
+                     &m_multi_key_conn_rsp, sizeof(bool));
 
     libspdm_append_message_a(m_spdm_context, buffer, message_size);
 }
@@ -969,6 +1003,16 @@ void dump_spdm_digests(const void *buffer, size_t buffer_size)
         }
     }
 
+    if (!m_encapsulated) {
+        if (m_multi_key_conn_rsp) {
+            libspdm_append_message_d(m_spdm_context, buffer, message_size);
+        }
+    } else {
+        if (m_multi_key_conn_req && (m_current_session_info != NULL)) {
+            libspdm_append_message_encap_d(m_spdm_context, m_current_session_info, true,
+                                           buffer, message_size);
+        }
+    }
     printf("\n");
 }
 

From f9349fd6ee7399ee939267e86ec78952ab7cedfd Mon Sep 17 00:00:00 2001
From: Jiewen Yao <jiewen.yao@intel.com>
Date: Tue, 21 Nov 2023 10:48:05 +0800
Subject: [PATCH 2/2] Update 1.3 help info

Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 doc/spdm_dump.md      | 6 +++---
 spdm_dump/spdm_dump.c | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/doc/spdm_dump.md b/doc/spdm_dump.md
index 3985063..7309464 100644
--- a/doc/spdm_dump.md
+++ b/doc/spdm_dump.md
@@ -23,8 +23,8 @@ This document describes spdm_dump tool. It can be used to parse the SPDM message
          [-x] (dump message in hex)
          [--psk <pre-shared key>]
          [--dhe_secret <session DHE secret>]
-         [--req_cap       CERT|CHAL|                                ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|                 ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID]
-         [--rsp_cap CACHE|CERT|CHAL|MEAS_NO_SIG|MEAS_SIG|MEAS_FRESH|ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|PSK_WITH_CONTEXT|ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|SET_CERT|CSR|CERT_INSTALL_RESET]
+         [--req_cap       CERT|CHAL|                                ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|                 ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|                                EP_INFO_NO_SIG|EP_INFO_SIG|    EVENT|MULTI_KEY_ONLY|MULTI_KEY_NEG]
+         [--rsp_cap CACHE|CERT|CHAL|MEAS_NO_SIG|MEAS_SIG|MEAS_FRESH|ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|PSK_WITH_CONTEXT|ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|SET_CERT|CSR|CERT_INSTALL_RESET|EP_INFO_NO_SIG|EP_INFO_SIG|MEL|EVENT|MULTI_KEY_ONLY|MULTI_KEY_NEG|GET_KEY_PAIR_INFO|SET_KEY_PAIR_INFO]
          [--hash SHA_256|SHA_384|SHA_512|SHA3_256|SHA3_384|SHA3_512|SM3_256]
          [--meas_spec DMTF]
          [--meas_hash RAW_BIT|SHA_256|SHA_384|SHA_512|SHA3_256|SHA3_384|SHA3_512|SM3_256]
@@ -33,7 +33,7 @@ This document describes spdm_dump tool. It can be used to parse the SPDM message
          [--dhe FFDHE_2048|FFDHE_3072|FFDHE_4096|SECP_256_R1|SECP_384_R1|SECP_521_R1|SM2_P256]
          [--aead AES_128_GCM|AES_256_GCM|CHACHA20_POLY1305|SM4_128_GCM]
          [--key_schedule HMAC_HASH]
-         [--other_param OPAQUE_FMT_1]
+         [--other_param OPAQUE_FMT_1|MULTI_KEY_CONN]
          [--cert_chain_format SPDM|RAW]
          [--req_cert_chain_slot_id <0~7|0xFF>]
          [--req_cert_chain <input requester public cert chain file>]
diff --git a/spdm_dump/spdm_dump.c b/spdm_dump/spdm_dump.c
index 91f3142..efa1a20 100644
--- a/spdm_dump/spdm_dump.c
+++ b/spdm_dump/spdm_dump.c
@@ -223,9 +223,9 @@ void print_usage(void)
     printf("   [--psk <pre-shared key>]\n");
     printf("   [--dhe_secret <session DHE secret>]\n");
     printf(
-        "   [--req_cap       CERT|CHAL|                                ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|                 ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID]\n");
+        "   [--req_cap       CERT|CHAL|                                ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|                 ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|                                EP_INFO_NO_SIG|EP_INFO_SIG|    EVENT|MULTI_KEY_ONLY|MULTI_KEY_NEG]\n");
     printf(
-        "   [--rsp_cap CACHE|CERT|CHAL|MEAS_NO_SIG|MEAS_SIG|MEAS_FRESH|ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|PSK_WITH_CONTEXT|ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|SET_CERT|CSR|CERT_INSTALL_RESET]\n");
+        "   [--rsp_cap CACHE|CERT|CHAL|MEAS_NO_SIG|MEAS_SIG|MEAS_FRESH|ENCRYPT|MAC|MUT_AUTH|KEY_EX|PSK|PSK_WITH_CONTEXT|ENCAP|HBEAT|KEY_UPD|HANDSHAKE_IN_CLEAR|PUB_KEY_ID|SET_CERT|CSR|CERT_INSTALL_RESET|EP_INFO_NO_SIG|EP_INFO_SIG|MEL|EVENT|MULTI_KEY_ONLY|MULTI_KEY_NEG|GET_KEY_PAIR_INFO|SET_KEY_PAIR_INFO]\n");
     printf("   [--hash SHA_256|SHA_384|SHA_512|SHA3_256|SHA3_384|SHA3_512|SM3_256]\n");
     printf("   [--meas_spec DMTF]\n");
     printf("   [--meas_hash RAW_BIT|SHA_256|SHA_384|SHA_512|SHA3_256|SHA3_384|SHA3_512|SM3_256]\n");
@@ -237,7 +237,7 @@ void print_usage(void)
         "   [--dhe FFDHE_2048|FFDHE_3072|FFDHE_4096|SECP_256_R1|SECP_384_R1|SECP_521_R1|SM2_P256]\n");
     printf("   [--aead AES_128_GCM|AES_256_GCM|CHACHA20_POLY1305|SM4_128_GCM]\n");
     printf("   [--key_schedule HMAC_HASH]\n");
-    printf("   [--other_param OPAQUE_FMT_1]\n");
+    printf("   [--other_param OPAQUE_FMT_1|MULTI_KEY_CONN]\n");
     printf("   [--cert_chain_format SPDM|RAW]\n");
     printf("   [--req_cert_chain_slot_id <0~7|0xFF>]\n");
     printf("   [--req_cert_chain <input requester public cert chain file>]\n");