/src/spdm-rs/spdmlib/src/error.rs

Source (jump to first uncovered line)
// Copyright (c) 2023 Intel Corporation
//
// SPDX-License-Identifier: Apache-2.0 or MIT

use core::{
    convert::{TryFrom, TryInto},
    fmt::{self, Debug},
};

/// Reference: https://github.com/DMTF/libspdm/blob/main/include/library/spdm_return_status.h
#[repr(u8)]
#[allow(dead_code)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusSeverity {
    SUCCESS = 0,
    ERROR = 8,
}

impl Default for StatusSeverity {
    fn default() -> Self {
        Self::ERROR
    }
}

impl TryFrom<u8> for StatusSeverity {
    type Error = ();

    fn try_from(value: u8) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::SUCCESS),
            8 => Ok(Self::ERROR),
            _ => Err(()),
        }
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeCore {
    SUCCESS = 0,
    INVALID_PARAMETER = 1,
    UNSUPPORTED_CAP = 2,
    INVALID_STATE_LOCAL = 3,
    INVALID_STATE_PEER = 4,
    INVALID_MSG_FIELD = 5,
    INVALID_MSG_SIZE = 6,
    NEGOTIATION_FAIL = 7,
    BUSY_PEER = 8,
    NOT_READY_PEER = 9,
    ERROR_PEER = 10,
    RESYNCH_PEER = 11,
    BUFFER_FULL = 12,
    BUFFER_TOO_SMALL = 13,
    SESSION_NUMBER_EXCEED = 14,
    SESSION_MSG_ERROR = 15,
    ACQUIRE_FAIL = 16,
    SESSION_TRY_DISCARD_KEY_UPDATE = 17,

    // only in spdm-rs
    DECODE_AEAD_FAIL = 0xFE,
}

impl TryFrom<u16> for StatusCodeCore {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::SUCCESS),
            1 => Ok(Self::INVALID_PARAMETER),
            2 => Ok(Self::UNSUPPORTED_CAP),
            3 => Ok(Self::INVALID_STATE_LOCAL),
            4 => Ok(Self::INVALID_STATE_PEER),
            5 => Ok(Self::INVALID_MSG_FIELD),
            6 => Ok(Self::INVALID_MSG_SIZE),
            7 => Ok(Self::NEGOTIATION_FAIL),
            8 => Ok(Self::BUSY_PEER),
            9 => Ok(Self::NOT_READY_PEER),
            10 => Ok(Self::ERROR_PEER),
            11 => Ok(Self::RESYNCH_PEER),
            12 => Ok(Self::BUFFER_FULL),
            13 => Ok(Self::BUFFER_TOO_SMALL),
            14 => Ok(Self::SESSION_NUMBER_EXCEED),
            15 => Ok(Self::SESSION_MSG_ERROR),
            16 => Ok(Self::ACQUIRE_FAIL),
            17 => Ok(Self::SESSION_TRY_DISCARD_KEY_UPDATE),
            0xFE => Ok(Self::DECODE_AEAD_FAIL),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeCore {
    fn default() -> Self {
        Self::INVALID_PARAMETER
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeCrypto {
    CRYPTO_ERROR = 0,
    VERIF_FAIL = 1,
    SEQUENCE_NUMBER_OVERFLOW = 2,
    VERIF_NO_AUTHORITY = 3,
    FIPS_SELF_TEST_FAIL = 4,
}

impl TryFrom<u16> for StatusCodeCrypto {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::CRYPTO_ERROR),
            1 => Ok(Self::VERIF_FAIL),
            2 => Ok(Self::SEQUENCE_NUMBER_OVERFLOW),
            3 => Ok(Self::VERIF_NO_AUTHORITY),
            4 => Ok(Self::FIPS_SELF_TEST_FAIL),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeCrypto {
    fn default() -> Self {
        Self::CRYPTO_ERROR
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeCertParse {
    INVALID_CERT = 0,
}

impl TryFrom<u16> for StatusCodeCertParse {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::INVALID_CERT),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeCertParse {
    fn default() -> Self {
        Self::INVALID_CERT
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeTransport {
    SEND_FAIL = 0,
    RECEIVE_FAIL = 1,

    // only in spdm-rs
    DECAP_FAIL = 0xFE,
    DECAP_APP_FAIL = 0xFD,
    ENCAP_FAIL = 0xFC,
    ENCAP_APP_FAIL = 0xFB,
}

impl TryFrom<u16> for StatusCodeTransport {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::SEND_FAIL),
            1 => Ok(Self::RECEIVE_FAIL),
            0xFE => Ok(Self::DECAP_FAIL),
            0xFD => Ok(Self::DECAP_APP_FAIL),
            0xFC => Ok(Self::ENCAP_FAIL),
            0xFB => Ok(Self::ENCAP_APP_FAIL),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeTransport {
    fn default() -> Self {
        Self::SEND_FAIL
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeMeasCollect {
    MEAS_INVALID_INDEX = 0,
    MEAS_INTERNAL_ERROR = 1,
}

impl TryFrom<u16> for StatusCodeMeasCollect {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::MEAS_INVALID_INDEX),
            1 => Ok(Self::MEAS_INTERNAL_ERROR),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeMeasCollect {
    fn default() -> Self {
        Self::MEAS_INTERNAL_ERROR
    }
}

#[repr(u16)]
#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCodeRNG {
    LOW_ENTROPY = 0,
}

impl TryFrom<u16> for StatusCodeRNG {
    type Error = ();

    fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
        match value {
            0 => Ok(Self::LOW_ENTROPY),
            _ => Err(()),
        }
    }
}

impl Default for StatusCodeRNG {
    fn default() -> Self {
        Self::LOW_ENTROPY
    }
}

#[allow(dead_code)]
#[allow(non_camel_case_types)]
#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
pub enum StatusCode {
    SUCCESS,
    CORE(StatusCodeCore),
    CRYPTO(StatusCodeCrypto),
    CERT_PARSE(StatusCodeCertParse),
    TRANSPORT(StatusCodeTransport),
    MEAS_COLLECT(StatusCodeMeasCollect),
    RNG(StatusCodeRNG),
}

impl Default for StatusCode {
    fn default() -> Self {
        Self::CORE(StatusCodeCore::default())
    }
}

impl TryFrom<u24> for StatusCode {
    type Error = ();

    fn try_from(value: u24) -> core::result::Result<Self, Self::Error> {
        let source: u8 = ((value.get() & 0xFF_00_00) >> 16) as u8;
        let code: u16 = (value.get() & 0x00_00_FF_FF) as u16;
        match source {
            0 => Ok(StatusCode::SUCCESS),
            1 => Ok(StatusCode::CORE(StatusCodeCore::try_from(code)?)),
            2 => Ok(StatusCode::CRYPTO(StatusCodeCrypto::try_from(code)?)),
            3 => Ok(StatusCode::CERT_PARSE(StatusCodeCertParse::try_from(code)?)),
            4 => Ok(StatusCode::TRANSPORT(StatusCodeTransport::try_from(code)?)),
            5 => Ok(StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::try_from(
                code,
            )?)),
            6 => Ok(StatusCode::RNG(StatusCodeRNG::try_from(code)?)),
            _ => Err(()),
        }
    }
}

impl TryInto<u24> for StatusCode {
    type Error = ();

    fn try_into(self) -> Result<u24, Self::Error> {
        match self {
            StatusCode::SUCCESS => Ok(u24::new(0)),
            StatusCode::CORE(c) => Ok(u24::new((1 << 16) as u32 + (c as u16) as u32)),
            StatusCode::CRYPTO(c) => Ok(u24::new((2 << 16) as u32 + (c as u16) as u32)),
            StatusCode::CERT_PARSE(c) => Ok(u24::new((3 << 16) as u32 + (c as u16) as u32)),
            StatusCode::TRANSPORT(t) => Ok(u24::new((4 << 16) as u32 + (t as u16) as u32)),
            StatusCode::MEAS_COLLECT(m) => Ok(u24::new((5 << 16) as u32 + (m as u16) as u32)),
            StatusCode::RNG(r) => Ok(u24::new((6 << 16) as u32 + (r as u16) as u32)),
        }
    }
}

pub const SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH: usize = 36; // "SPDM error response message format":
                                                          //     'SPDMVersion' (1B) +
                                                          //     'RequestResponseCode' (1B) +
                                                          //     'Param1' (1B) +
                                                          //     'Param1' (1B) +
                                                          //     'ExtendedErrorData' (0-32B)
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub struct SpdmErrorMessageData {
    pub length: usize,
    pub data: [u8; SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH],
}
impl Default for SpdmErrorMessageData {
    fn default() -> Self {
        SpdmErrorMessageData {
            length: Default::default(),
            data: [Default::default(); SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH],
        }
    }
}

#[derive(Copy, Clone, Debug, Eq, Default)]
pub struct SpdmStatus {
    pub severity: StatusSeverity,
    pub status_code: StatusCode,
    pub error_data: Option<SpdmErrorMessageData>,
}
impl PartialEq for SpdmStatus {
    fn eq(&self, other: &Self) -> bool {
        // SpdmStatus with same serverity and status_code but different error_data shall be
        // considered as same SpdmStatus.
        // Thus, do not care about the error_data here.
        self.severity == other.severity && self.status_code == other.status_code
    }
}

impl Codec for SpdmStatus {
    fn encode(&self, bytes: &mut codec::Writer) -> Result<usize, codec::EncodeErr> {
        let mut sc = 0u32;
        sc += (((self.severity as u8) & 0x0F) as u32) << 28;
        sc += <StatusCode as TryInto<u24>>::try_into(self.status_code)
            .map_err(|_| codec::EncodeErr)?
            .get();
        sc.encode(bytes)?;
        Ok(4)
    }

    fn read(r: &mut codec::Reader) -> Option<Self> {
        let sc = u32::read(r)?;
        let severity = ((sc & 0xF0_00_00_00) >> 28) as u8;
        let severity = StatusSeverity::try_from(severity).ok()?;
        if (sc & 0x0F_00_00_00) != 0 {
            return None; //the reserve field
        }
        let status_code = u24::new(sc & 0x00_FF_FF_FF);
        let status_code = StatusCode::try_from(status_code).ok()?;

        Some(Self {
            severity,
            status_code,
            error_data: None,
        })
    }
}

impl SpdmStatus {
    /// return the u32 encoding
    pub fn get_u32(&self) -> u32 {
        let mut r = [0u8; 4];
        let _ = self.encode(&mut Writer::init(&mut r));
        u32::from_le_bytes(r)
    }

    /// get SpdmStatus structure from u32 value
    pub fn from_u32(status: u32) -> Option<Self> {
        Self::read_bytes(&status.to_le_bytes())
    }

    /// Returns true if severity is StatusSeverity::SUCCESS else it returns false.
    pub fn spdm_status_is_success(&self) -> bool {
        self.severity == StatusSeverity::SUCCESS
    }

    /// Returns true if severity is StatusSeverity::ERROR else it returns false.
    pub fn spdm_status_is_error(&self) -> bool {
        self.severity == StatusSeverity::ERROR
    }

    pub fn spdm_status_set_error_data(&mut self, error_data: &[u8]) {
        // Ensure the slice has no more data than SpdmErrorMessageData  capacity
        if error_data.len() <= SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH {
            let mut ed = SpdmErrorMessageData {
                length: error_data.len(),
                ..Default::default()
            };
            ed.data[..ed.length].copy_from_slice(error_data);
            self.error_data = Some(ed);
        } else {
            // Do not expect more data than SpdmErrorMessageData  capacity.
            self.error_data = None;
        }
    }
}

impl fmt::Display for SpdmStatus {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(
            f,
            "Severity: {:?}, Status: {:?}, Code: {})",
            self.severity,
            self.status_code,
            self.get_u32()
        )
    }
}

#[macro_export]
macro_rules! spdm_return_status {
    ($severity:expr,  $status_code:expr) => {
        SpdmStatus {
            severity: $severity,
            status_code: $status_code,
            error_data: None,
        }
    };
}

use codec::{u24, Codec, Writer};
pub use spdm_return_status;

pub const SPDM_STATUS_SUCCESS: SpdmStatus =
    spdm_return_status!(StatusSeverity::SUCCESS, StatusCode::SUCCESS);

/* - Core Errors - */

/* The function input parameter is invalid. */
pub const SPDM_STATUS_INVALID_PARAMETER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::INVALID_STATE_LOCAL)
);

/* Unable to complete operation due to unsupported capabilities by either the caller, the peer,
 * or both. */
pub const SPDM_STATUS_UNSUPPORTED_CAP: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::UNSUPPORTED_CAP)
);

/* Unable to complete operation due to caller's state. */
pub const SPDM_STATUS_INVALID_STATE_LOCAL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::INVALID_STATE_LOCAL)
);

/* Unable to complete operation due to peer's state. */
pub const SPDM_STATUS_INVALID_STATE_PEER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::INVALID_STATE_PEER)
);

/* The received message contains one or more invalid message fields. */
pub const SPDM_STATUS_INVALID_MSG_FIELD: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::INVALID_MSG_FIELD)
);

/* The received message's size is invalid. */
pub const SPDM_STATUS_INVALID_MSG_SIZE: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::INVALID_MSG_SIZE)
);

/* Unable to derive a common set of versions, algorithms, etc. */
pub const SPDM_STATUS_NEGOTIATION_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::NEGOTIATION_FAIL)
);

/* Received a Busy error message. */
pub const SPDM_STATUS_BUSY_PEER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::BUSY_PEER)
);

/* Received a NotReady error message. */
pub const SPDM_STATUS_NOT_READY_PEER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::NOT_READY_PEER)
);

/* Received an unexpected error message. */
pub const SPDM_STATUS_ERROR_PEER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::ERROR_PEER)
);

/* Received a RequestResynch error message. */
pub const SPDM_STATUS_RESYNCH_PEER: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::RESYNCH_PEER)
);

/* Unable to append new data to buffer due to resource exhaustion. */
pub const SPDM_STATUS_BUFFER_FULL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::BUFFER_FULL)
);

/* Unable to return data because caller does not provide big enough buffer. */
pub const SPDM_STATUS_BUFFER_TOO_SMALL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::BUFFER_TOO_SMALL)
);

/* Unable to allocate more session. */
pub const SPDM_STATUS_SESSION_NUMBER_EXCEED: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::SESSION_NUMBER_EXCEED)
);

/* Decrypt error from peer. */
pub const SPDM_STATUS_SESSION_MSG_ERROR: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::SESSION_MSG_ERROR)
);

/*  Unable to acquire resource. */
pub const SPDM_STATUS_ACQUIRE_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::ACQUIRE_FAIL)
);

/*  Re-triable decrypt error from peer - must rollback to backup keys. */
pub const SPDM_STATUS_SESSION_TRY_DISCARD_KEY_UPDATE: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::SESSION_TRY_DISCARD_KEY_UPDATE)
);

/*  Failed to decode AEAD. */
pub const SPDM_STATUS_DECODE_AEAD_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CORE(StatusCodeCore::DECODE_AEAD_FAIL)
);

/* - Cryptography Errors - */

/*  Generic failure originating from the cryptography module. */
pub const SPDM_STATUS_CRYPTO_ERROR: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CRYPTO(StatusCodeCrypto::CRYPTO_ERROR)
);

/*  Verification of the provided signature digest, signature, or AEAD tag failed. */
pub const SPDM_STATUS_VERIF_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CRYPTO(StatusCodeCrypto::VERIF_FAIL)
);

/*  AEAD sequence number overflow. */
pub const SPDM_STATUS_SEQUENCE_NUMBER_OVERFLOW: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CRYPTO(StatusCodeCrypto::SEQUENCE_NUMBER_OVERFLOW)
);

/*  Provided cert is valid but is not authoritative(mismatch the root cert). */
pub const SPDM_STATUS_VERIF_NO_AUTHORITY: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CRYPTO(StatusCodeCrypto::VERIF_NO_AUTHORITY)
);

/*  FIPS self test failed. */
pub const SPDM_STATUS_FIPS_SELF_TEST_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CRYPTO(StatusCodeCrypto::FIPS_SELF_TEST_FAIL)
);

/* - Certificate Parsing Errors - */

/*  Certificate is malformed or does not comply to x.509 standard. */
pub const SPDM_STATUS_INVALID_CERT: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::CERT_PARSE(StatusCodeCertParse::INVALID_CERT)
);

/* - Transport Errors - */

/*  Unable to send message to peer. */
pub const SPDM_STATUS_SEND_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::SEND_FAIL)
);

/*  Unable to receive message from peer. */
pub const SPDM_STATUS_RECEIVE_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::RECEIVE_FAIL)
);

/*  Unable to decap transport buffer. */
pub const SPDM_STATUS_DECAP_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::DECAP_FAIL)
);

/*  Unable to decap app buffer. */
pub const SPDM_STATUS_DECAP_APP_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::DECAP_APP_FAIL)
);

/*  Unable to encap transport buffer. */
pub const SPDM_STATUS_ENCAP_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::ENCAP_FAIL)
);

/*  Unable to encap app buffer. */
pub const SPDM_STATUS_ENCAP_APP_FAIL: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::TRANSPORT(StatusCodeTransport::ENCAP_APP_FAIL)
);

/* - Measurement Collection Errors - */

/*  Unable to collect measurement because of invalid index. */
pub const SPDM_STATUS_MEAS_INVALID_INDEX: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::MEAS_INVALID_INDEX)
);

/*  Unable to collect measurement because of internal error. */
pub const SPDM_STATUS_MEAS_INTERNAL_ERROR: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::MEAS_INTERNAL_ERROR)
);

/* - Random Number Generation Errors - */

/*  Unable to produce random number due to lack of entropy. */
pub const SPDM_STATUS_LOW_ENTROPY: SpdmStatus = spdm_return_status!(
    StatusSeverity::ERROR,
    StatusCode::RNG(StatusCodeRNG::LOW_ENTROPY)
);

pub type SpdmResult<T = ()> = core::result::Result<T, SpdmStatus>;

Coverage Report

Created: 2025-07-18 06:52

Line	Count	Source (jump to first uncovered line)
1		// Copyright (c) 2023 Intel Corporation
2		//
3		// SPDX-License-Identifier: Apache-2.0 or MIT
4
5		use core::{
6		convert::{TryFrom, TryInto},
7		fmt::{self, Debug},
8		};
9
10		/// Reference: https://github.com/DMTF/libspdm/blob/main/include/library/spdm_return_status.h
11		#[repr(u8)]
12		#[allow(dead_code)]
13		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
14		pub enum StatusSeverity {
15		SUCCESS = 0,
16		ERROR = 8,
17		}
18
19		impl Default for StatusSeverity {
20	0	fn default() -> Self {
21	0	Self::ERROR
22	0	}
23		}
24
25		impl TryFrom<u8> for StatusSeverity {
26		type Error = ();
27
28	0	fn try_from(value: u8) -> core::result::Result<Self, Self::Error> {
29	0	match value {
30	0	0 => Ok(Self::SUCCESS),
31	0	8 => Ok(Self::ERROR),
32	0	_ => Err(()),
33		}
34	0	}
35		}
36
37		#[repr(u16)]
38		#[allow(dead_code)]
39		#[allow(non_camel_case_types)]
40		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
41		pub enum StatusCodeCore {
42		SUCCESS = 0,
43		INVALID_PARAMETER = 1,
44		UNSUPPORTED_CAP = 2,
45		INVALID_STATE_LOCAL = 3,
46		INVALID_STATE_PEER = 4,
47		INVALID_MSG_FIELD = 5,
48		INVALID_MSG_SIZE = 6,
49		NEGOTIATION_FAIL = 7,
50		BUSY_PEER = 8,
51		NOT_READY_PEER = 9,
52		ERROR_PEER = 10,
53		RESYNCH_PEER = 11,
54		BUFFER_FULL = 12,
55		BUFFER_TOO_SMALL = 13,
56		SESSION_NUMBER_EXCEED = 14,
57		SESSION_MSG_ERROR = 15,
58		ACQUIRE_FAIL = 16,
59		SESSION_TRY_DISCARD_KEY_UPDATE = 17,
60
61		// only in spdm-rs
62		DECODE_AEAD_FAIL = 0xFE,
63		}
64
65		impl TryFrom<u16> for StatusCodeCore {
66		type Error = ();
67
68	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
69	0	match value {
70	0	0 => Ok(Self::SUCCESS),
71	0	1 => Ok(Self::INVALID_PARAMETER),
72	0	2 => Ok(Self::UNSUPPORTED_CAP),
73	0	3 => Ok(Self::INVALID_STATE_LOCAL),
74	0	4 => Ok(Self::INVALID_STATE_PEER),
75	0	5 => Ok(Self::INVALID_MSG_FIELD),
76	0	6 => Ok(Self::INVALID_MSG_SIZE),
77	0	7 => Ok(Self::NEGOTIATION_FAIL),
78	0	8 => Ok(Self::BUSY_PEER),
79	0	9 => Ok(Self::NOT_READY_PEER),
80	0	10 => Ok(Self::ERROR_PEER),
81	0	11 => Ok(Self::RESYNCH_PEER),
82	0	12 => Ok(Self::BUFFER_FULL),
83	0	13 => Ok(Self::BUFFER_TOO_SMALL),
84	0	14 => Ok(Self::SESSION_NUMBER_EXCEED),
85	0	15 => Ok(Self::SESSION_MSG_ERROR),
86	0	16 => Ok(Self::ACQUIRE_FAIL),
87	0	17 => Ok(Self::SESSION_TRY_DISCARD_KEY_UPDATE),
88	0	0xFE => Ok(Self::DECODE_AEAD_FAIL),
89	0	_ => Err(()),
90		}
91	0	}
92		}
93
94		impl Default for StatusCodeCore {
95	0	fn default() -> Self {
96	0	Self::INVALID_PARAMETER
97	0	}
98		}
99
100		#[repr(u16)]
101		#[allow(dead_code)]
102		#[allow(non_camel_case_types)]
103		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
104		pub enum StatusCodeCrypto {
105		CRYPTO_ERROR = 0,
106		VERIF_FAIL = 1,
107		SEQUENCE_NUMBER_OVERFLOW = 2,
108		VERIF_NO_AUTHORITY = 3,
109		FIPS_SELF_TEST_FAIL = 4,
110		}
111
112		impl TryFrom<u16> for StatusCodeCrypto {
113		type Error = ();
114
115	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
116	0	match value {
117	0	0 => Ok(Self::CRYPTO_ERROR),
118	0	1 => Ok(Self::VERIF_FAIL),
119	0	2 => Ok(Self::SEQUENCE_NUMBER_OVERFLOW),
120	0	3 => Ok(Self::VERIF_NO_AUTHORITY),
121	0	4 => Ok(Self::FIPS_SELF_TEST_FAIL),
122	0	_ => Err(()),
123		}
124	0	}
125		}
126
127		impl Default for StatusCodeCrypto {
128	0	fn default() -> Self {
129	0	Self::CRYPTO_ERROR
130	0	}
131		}
132
133		#[repr(u16)]
134		#[allow(dead_code)]
135		#[allow(non_camel_case_types)]
136		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
137		pub enum StatusCodeCertParse {
138		INVALID_CERT = 0,
139		}
140
141		impl TryFrom<u16> for StatusCodeCertParse {
142		type Error = ();
143
144	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
145	0	match value {
146	0	0 => Ok(Self::INVALID_CERT),
147	0	_ => Err(()),
148		}
149	0	}
150		}
151
152		impl Default for StatusCodeCertParse {
153	0	fn default() -> Self {
154	0	Self::INVALID_CERT
155	0	}
156		}
157
158		#[repr(u16)]
159		#[allow(dead_code)]
160		#[allow(non_camel_case_types)]
161		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
162		pub enum StatusCodeTransport {
163		SEND_FAIL = 0,
164		RECEIVE_FAIL = 1,
165
166		// only in spdm-rs
167		DECAP_FAIL = 0xFE,
168		DECAP_APP_FAIL = 0xFD,
169		ENCAP_FAIL = 0xFC,
170		ENCAP_APP_FAIL = 0xFB,
171		}
172
173		impl TryFrom<u16> for StatusCodeTransport {
174		type Error = ();
175
176	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
177	0	match value {
178	0	0 => Ok(Self::SEND_FAIL),
179	0	1 => Ok(Self::RECEIVE_FAIL),
180	0	0xFE => Ok(Self::DECAP_FAIL),
181	0	0xFD => Ok(Self::DECAP_APP_FAIL),
182	0	0xFC => Ok(Self::ENCAP_FAIL),
183	0	0xFB => Ok(Self::ENCAP_APP_FAIL),
184	0	_ => Err(()),
185		}
186	0	}
187		}
188
189		impl Default for StatusCodeTransport {
190	0	fn default() -> Self {
191	0	Self::SEND_FAIL
192	0	}
193		}
194
195		#[repr(u16)]
196		#[allow(dead_code)]
197		#[allow(non_camel_case_types)]
198		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
199		pub enum StatusCodeMeasCollect {
200		MEAS_INVALID_INDEX = 0,
201		MEAS_INTERNAL_ERROR = 1,
202		}
203
204		impl TryFrom<u16> for StatusCodeMeasCollect {
205		type Error = ();
206
207	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
208	0	match value {
209	0	0 => Ok(Self::MEAS_INVALID_INDEX),
210	0	1 => Ok(Self::MEAS_INTERNAL_ERROR),
211	0	_ => Err(()),
212		}
213	0	}
214		}
215
216		impl Default for StatusCodeMeasCollect {
217	0	fn default() -> Self {
218	0	Self::MEAS_INTERNAL_ERROR
219	0	}
220		}
221
222		#[repr(u16)]
223		#[allow(dead_code)]
224		#[allow(non_camel_case_types)]
225		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
226		pub enum StatusCodeRNG {
227		LOW_ENTROPY = 0,
228		}
229
230		impl TryFrom<u16> for StatusCodeRNG {
231		type Error = ();
232
233	0	fn try_from(value: u16) -> core::result::Result<Self, Self::Error> {
234	0	match value {
235	0	0 => Ok(Self::LOW_ENTROPY),
236	0	_ => Err(()),
237		}
238	0	}
239		}
240
241		impl Default for StatusCodeRNG {
242	0	fn default() -> Self {
243	0	Self::LOW_ENTROPY
244	0	}
245		}
246
247		#[allow(dead_code)]
248		#[allow(non_camel_case_types)]
249		#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
250		pub enum StatusCode {
251		SUCCESS,
252		CORE(StatusCodeCore),
253		CRYPTO(StatusCodeCrypto),
254		CERT_PARSE(StatusCodeCertParse),
255		TRANSPORT(StatusCodeTransport),
256		MEAS_COLLECT(StatusCodeMeasCollect),
257		RNG(StatusCodeRNG),
258		}
259
260		impl Default for StatusCode {
261	0	fn default() -> Self {
262	0	Self::CORE(StatusCodeCore::default())
263	0	}
264		}
265
266		impl TryFrom<u24> for StatusCode {
267		type Error = ();
268
269	0	fn try_from(value: u24) -> core::result::Result<Self, Self::Error> {
270	0	let source: u8 = ((value.get() & 0xFF_00_00) >> 16) as u8;
271	0	let code: u16 = (value.get() & 0x00_00_FF_FF) as u16;
272	0	match source {
273	0	0 => Ok(StatusCode::SUCCESS),
274	0	1 => Ok(StatusCode::CORE(StatusCodeCore::try_from(code)?)),
275	0	2 => Ok(StatusCode::CRYPTO(StatusCodeCrypto::try_from(code)?)),
276	0	3 => Ok(StatusCode::CERT_PARSE(StatusCodeCertParse::try_from(code)?)),
277	0	4 => Ok(StatusCode::TRANSPORT(StatusCodeTransport::try_from(code)?)),
278	0	5 => Ok(StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::try_from(
279	0	code,
280	0	)?)),
281	0	6 => Ok(StatusCode::RNG(StatusCodeRNG::try_from(code)?)),
282	0	_ => Err(()),
283		}
284	0	}
285		}
286
287		impl TryInto<u24> for StatusCode {
288		type Error = ();
289
290	0	fn try_into(self) -> Result<u24, Self::Error> {
291	0	match self {
292	0	StatusCode::SUCCESS => Ok(u24::new(0)),
293	0	StatusCode::CORE(c) => Ok(u24::new((1 << 16) as u32 + (c as u16) as u32)),
294	0	StatusCode::CRYPTO(c) => Ok(u24::new((2 << 16) as u32 + (c as u16) as u32)),
295	0	StatusCode::CERT_PARSE(c) => Ok(u24::new((3 << 16) as u32 + (c as u16) as u32)),
296	0	StatusCode::TRANSPORT(t) => Ok(u24::new((4 << 16) as u32 + (t as u16) as u32)),
297	0	StatusCode::MEAS_COLLECT(m) => Ok(u24::new((5 << 16) as u32 + (m as u16) as u32)),
298	0	StatusCode::RNG(r) => Ok(u24::new((6 << 16) as u32 + (r as u16) as u32)),
299		}
300	0	}
301		}
302
303		pub const SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH: usize = 36; // "SPDM error response message format":
304		// 'SPDMVersion' (1B) +
305		// 'RequestResponseCode' (1B) +
306		// 'Param1' (1B) +
307		// 'Param1' (1B) +
308		// 'ExtendedErrorData' (0-32B)
309		#[derive(Copy, Clone, Debug, PartialEq, Eq)]
310		pub struct SpdmErrorMessageData {
311		pub length: usize,
312		pub data: [u8; SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH],
313		}
314		impl Default for SpdmErrorMessageData {
315	0	fn default() -> Self {
316	0	SpdmErrorMessageData {
317	0	length: Default::default(),
318	0	data: [Default::default(); SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH],
319	0	}
320	0	}
321		}
322
323		#[derive(Copy, Clone, Debug, Eq, Default)]
324		pub struct SpdmStatus {
325		pub severity: StatusSeverity,
326		pub status_code: StatusCode,
327		pub error_data: Option<SpdmErrorMessageData>,
328		}
329		impl PartialEq for SpdmStatus {
330	0	fn eq(&self, other: &Self) -> bool {
331	0	// SpdmStatus with same serverity and status_code but different error_data shall be
332	0	// considered as same SpdmStatus.
333	0	// Thus, do not care about the error_data here.
334	0	self.severity == other.severity && self.status_code == other.status_code
335	0	}
336		}
337
338		impl Codec for SpdmStatus {
339	0	fn encode(&self, bytes: &mut codec::Writer) -> Result<usize, codec::EncodeErr> {
340	0	let mut sc = 0u32;
341	0	sc += (((self.severity as u8) & 0x0F) as u32) << 28;
342	0	sc += <StatusCode as TryInto<u24>>::try_into(self.status_code)
343	0	.map_err(\|_\| codec::EncodeErr)?
344	0	.get();
345	0	sc.encode(bytes)?;
346	0	Ok(4)
347	0	}
348
349	0	fn read(r: &mut codec::Reader) -> Option<Self> {
350	0	let sc = u32::read(r)?;
351	0	let severity = ((sc & 0xF0_00_00_00) >> 28) as u8;
352	0	let severity = StatusSeverity::try_from(severity).ok()?;
353	0	if (sc & 0x0F_00_00_00) != 0 {
354	0	return None; //the reserve field
355	0	}
356	0	let status_code = u24::new(sc & 0x00_FF_FF_FF);
357	0	let status_code = StatusCode::try_from(status_code).ok()?;
358
359	0	Some(Self {
360	0	severity,
361	0	status_code,
362	0	error_data: None,
363	0	})
364	0	}
365		}
366
367		impl SpdmStatus {
368		/// return the u32 encoding
369	0	pub fn get_u32(&self) -> u32 {
370	0	let mut r = [0u8; 4];
371	0	let _ = self.encode(&mut Writer::init(&mut r));
372	0	u32::from_le_bytes(r)
373	0	}
374
375		/// get SpdmStatus structure from u32 value
376	0	pub fn from_u32(status: u32) -> Option<Self> {
377	0	Self::read_bytes(&status.to_le_bytes())
378	0	}
379
380		/// Returns true if severity is StatusSeverity::SUCCESS else it returns false.
381	0	pub fn spdm_status_is_success(&self) -> bool {
382	0	self.severity == StatusSeverity::SUCCESS
383	0	}
384
385		/// Returns true if severity is StatusSeverity::ERROR else it returns false.
386	0	pub fn spdm_status_is_error(&self) -> bool {
387	0	self.severity == StatusSeverity::ERROR
388	0	}
389
390	0	pub fn spdm_status_set_error_data(&mut self, error_data: &[u8]) {
391	0	// Ensure the slice has no more data than SpdmErrorMessageData capacity
392	0	if error_data.len() <= SPDM_ERROR_MESSAGE_DATA_MAX_LENGTH {
393	0	let mut ed = SpdmErrorMessageData {
394	0	length: error_data.len(),
395	0	..Default::default()
396	0	};
397	0	ed.data[..ed.length].copy_from_slice(error_data);
398	0	self.error_data = Some(ed);
399	0	} else {
400	0	// Do not expect more data than SpdmErrorMessageData capacity.
401	0	self.error_data = None;
402	0	}
403	0	}
404		}
405
406		impl fmt::Display for SpdmStatus {
407	0	fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
408	0	write!(
409	0	f,
410	0	"Severity: {:?}, Status: {:?}, Code: {})",
411	0	self.severity,
412	0	self.status_code,
413	0	self.get_u32()
414	0	)
415	0	}
416		}
417
418		#[macro_export]
419		macro_rules! spdm_return_status {
420		($severity:expr, $status_code:expr) => {
421		SpdmStatus {
422		severity: $severity,
423		status_code: $status_code,
424		error_data: None,
425		}
426		};
427		}
428
429		use codec::{u24, Codec, Writer};
430		pub use spdm_return_status;
431
432		pub const SPDM_STATUS_SUCCESS: SpdmStatus =
433		spdm_return_status!(StatusSeverity::SUCCESS, StatusCode::SUCCESS);
434
435		/* - Core Errors - */
436
437		/* The function input parameter is invalid. */
438		pub const SPDM_STATUS_INVALID_PARAMETER: SpdmStatus = spdm_return_status!(
439		StatusSeverity::ERROR,
440		StatusCode::CORE(StatusCodeCore::INVALID_STATE_LOCAL)
441		);
442
443		/* Unable to complete operation due to unsupported capabilities by either the caller, the peer,
444		* or both. */
445		pub const SPDM_STATUS_UNSUPPORTED_CAP: SpdmStatus = spdm_return_status!(
446		StatusSeverity::ERROR,
447		StatusCode::CORE(StatusCodeCore::UNSUPPORTED_CAP)
448		);
449
450		/* Unable to complete operation due to caller's state. */
451		pub const SPDM_STATUS_INVALID_STATE_LOCAL: SpdmStatus = spdm_return_status!(
452		StatusSeverity::ERROR,
453		StatusCode::CORE(StatusCodeCore::INVALID_STATE_LOCAL)
454		);
455
456		/* Unable to complete operation due to peer's state. */
457		pub const SPDM_STATUS_INVALID_STATE_PEER: SpdmStatus = spdm_return_status!(
458		StatusSeverity::ERROR,
459		StatusCode::CORE(StatusCodeCore::INVALID_STATE_PEER)
460		);
461
462		/* The received message contains one or more invalid message fields. */
463		pub const SPDM_STATUS_INVALID_MSG_FIELD: SpdmStatus = spdm_return_status!(
464		StatusSeverity::ERROR,
465		StatusCode::CORE(StatusCodeCore::INVALID_MSG_FIELD)
466		);
467
468		/* The received message's size is invalid. */
469		pub const SPDM_STATUS_INVALID_MSG_SIZE: SpdmStatus = spdm_return_status!(
470		StatusSeverity::ERROR,
471		StatusCode::CORE(StatusCodeCore::INVALID_MSG_SIZE)
472		);
473
474		/* Unable to derive a common set of versions, algorithms, etc. */
475		pub const SPDM_STATUS_NEGOTIATION_FAIL: SpdmStatus = spdm_return_status!(
476		StatusSeverity::ERROR,
477		StatusCode::CORE(StatusCodeCore::NEGOTIATION_FAIL)
478		);
479
480		/* Received a Busy error message. */
481		pub const SPDM_STATUS_BUSY_PEER: SpdmStatus = spdm_return_status!(
482		StatusSeverity::ERROR,
483		StatusCode::CORE(StatusCodeCore::BUSY_PEER)
484		);
485
486		/* Received a NotReady error message. */
487		pub const SPDM_STATUS_NOT_READY_PEER: SpdmStatus = spdm_return_status!(
488		StatusSeverity::ERROR,
489		StatusCode::CORE(StatusCodeCore::NOT_READY_PEER)
490		);
491
492		/* Received an unexpected error message. */
493		pub const SPDM_STATUS_ERROR_PEER: SpdmStatus = spdm_return_status!(
494		StatusSeverity::ERROR,
495		StatusCode::CORE(StatusCodeCore::ERROR_PEER)
496		);
497
498		/* Received a RequestResynch error message. */
499		pub const SPDM_STATUS_RESYNCH_PEER: SpdmStatus = spdm_return_status!(
500		StatusSeverity::ERROR,
501		StatusCode::CORE(StatusCodeCore::RESYNCH_PEER)
502		);
503
504		/* Unable to append new data to buffer due to resource exhaustion. */
505		pub const SPDM_STATUS_BUFFER_FULL: SpdmStatus = spdm_return_status!(
506		StatusSeverity::ERROR,
507		StatusCode::CORE(StatusCodeCore::BUFFER_FULL)
508		);
509
510		/* Unable to return data because caller does not provide big enough buffer. */
511		pub const SPDM_STATUS_BUFFER_TOO_SMALL: SpdmStatus = spdm_return_status!(
512		StatusSeverity::ERROR,
513		StatusCode::CORE(StatusCodeCore::BUFFER_TOO_SMALL)
514		);
515
516		/* Unable to allocate more session. */
517		pub const SPDM_STATUS_SESSION_NUMBER_EXCEED: SpdmStatus = spdm_return_status!(
518		StatusSeverity::ERROR,
519		StatusCode::CORE(StatusCodeCore::SESSION_NUMBER_EXCEED)
520		);
521
522		/* Decrypt error from peer. */
523		pub const SPDM_STATUS_SESSION_MSG_ERROR: SpdmStatus = spdm_return_status!(
524		StatusSeverity::ERROR,
525		StatusCode::CORE(StatusCodeCore::SESSION_MSG_ERROR)
526		);
527
528		/* Unable to acquire resource. */
529		pub const SPDM_STATUS_ACQUIRE_FAIL: SpdmStatus = spdm_return_status!(
530		StatusSeverity::ERROR,
531		StatusCode::CORE(StatusCodeCore::ACQUIRE_FAIL)
532		);
533
534		/* Re-triable decrypt error from peer - must rollback to backup keys. */
535		pub const SPDM_STATUS_SESSION_TRY_DISCARD_KEY_UPDATE: SpdmStatus = spdm_return_status!(
536		StatusSeverity::ERROR,
537		StatusCode::CORE(StatusCodeCore::SESSION_TRY_DISCARD_KEY_UPDATE)
538		);
539
540		/* Failed to decode AEAD. */
541		pub const SPDM_STATUS_DECODE_AEAD_FAIL: SpdmStatus = spdm_return_status!(
542		StatusSeverity::ERROR,
543		StatusCode::CORE(StatusCodeCore::DECODE_AEAD_FAIL)
544		);
545
546		/* - Cryptography Errors - */
547
548		/* Generic failure originating from the cryptography module. */
549		pub const SPDM_STATUS_CRYPTO_ERROR: SpdmStatus = spdm_return_status!(
550		StatusSeverity::ERROR,
551		StatusCode::CRYPTO(StatusCodeCrypto::CRYPTO_ERROR)
552		);
553
554		/* Verification of the provided signature digest, signature, or AEAD tag failed. */
555		pub const SPDM_STATUS_VERIF_FAIL: SpdmStatus = spdm_return_status!(
556		StatusSeverity::ERROR,
557		StatusCode::CRYPTO(StatusCodeCrypto::VERIF_FAIL)
558		);
559
560		/* AEAD sequence number overflow. */
561		pub const SPDM_STATUS_SEQUENCE_NUMBER_OVERFLOW: SpdmStatus = spdm_return_status!(
562		StatusSeverity::ERROR,
563		StatusCode::CRYPTO(StatusCodeCrypto::SEQUENCE_NUMBER_OVERFLOW)
564		);
565
566		/* Provided cert is valid but is not authoritative(mismatch the root cert). */
567		pub const SPDM_STATUS_VERIF_NO_AUTHORITY: SpdmStatus = spdm_return_status!(
568		StatusSeverity::ERROR,
569		StatusCode::CRYPTO(StatusCodeCrypto::VERIF_NO_AUTHORITY)
570		);
571
572		/* FIPS self test failed. */
573		pub const SPDM_STATUS_FIPS_SELF_TEST_FAIL: SpdmStatus = spdm_return_status!(
574		StatusSeverity::ERROR,
575		StatusCode::CRYPTO(StatusCodeCrypto::FIPS_SELF_TEST_FAIL)
576		);
577
578		/* - Certificate Parsing Errors - */
579
580		/* Certificate is malformed or does not comply to x.509 standard. */
581		pub const SPDM_STATUS_INVALID_CERT: SpdmStatus = spdm_return_status!(
582		StatusSeverity::ERROR,
583		StatusCode::CERT_PARSE(StatusCodeCertParse::INVALID_CERT)
584		);
585
586		/* - Transport Errors - */
587
588		/* Unable to send message to peer. */
589		pub const SPDM_STATUS_SEND_FAIL: SpdmStatus = spdm_return_status!(
590		StatusSeverity::ERROR,
591		StatusCode::TRANSPORT(StatusCodeTransport::SEND_FAIL)
592		);
593
594		/* Unable to receive message from peer. */
595		pub const SPDM_STATUS_RECEIVE_FAIL: SpdmStatus = spdm_return_status!(
596		StatusSeverity::ERROR,
597		StatusCode::TRANSPORT(StatusCodeTransport::RECEIVE_FAIL)
598		);
599
600		/* Unable to decap transport buffer. */
601		pub const SPDM_STATUS_DECAP_FAIL: SpdmStatus = spdm_return_status!(
602		StatusSeverity::ERROR,
603		StatusCode::TRANSPORT(StatusCodeTransport::DECAP_FAIL)
604		);
605
606		/* Unable to decap app buffer. */
607		pub const SPDM_STATUS_DECAP_APP_FAIL: SpdmStatus = spdm_return_status!(
608		StatusSeverity::ERROR,
609		StatusCode::TRANSPORT(StatusCodeTransport::DECAP_APP_FAIL)
610		);
611
612		/* Unable to encap transport buffer. */
613		pub const SPDM_STATUS_ENCAP_FAIL: SpdmStatus = spdm_return_status!(
614		StatusSeverity::ERROR,
615		StatusCode::TRANSPORT(StatusCodeTransport::ENCAP_FAIL)
616		);
617
618		/* Unable to encap app buffer. */
619		pub const SPDM_STATUS_ENCAP_APP_FAIL: SpdmStatus = spdm_return_status!(
620		StatusSeverity::ERROR,
621		StatusCode::TRANSPORT(StatusCodeTransport::ENCAP_APP_FAIL)
622		);
623
624		/* - Measurement Collection Errors - */
625
626		/* Unable to collect measurement because of invalid index. */
627		pub const SPDM_STATUS_MEAS_INVALID_INDEX: SpdmStatus = spdm_return_status!(
628		StatusSeverity::ERROR,
629		StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::MEAS_INVALID_INDEX)
630		);
631
632		/* Unable to collect measurement because of internal error. */
633		pub const SPDM_STATUS_MEAS_INTERNAL_ERROR: SpdmStatus = spdm_return_status!(
634		StatusSeverity::ERROR,
635		StatusCode::MEAS_COLLECT(StatusCodeMeasCollect::MEAS_INTERNAL_ERROR)
636		);
637
638		/* - Random Number Generation Errors - */
639
640		/* Unable to produce random number due to lack of entropy. */
641		pub const SPDM_STATUS_LOW_ENTROPY: SpdmStatus = spdm_return_status!(
642		StatusSeverity::ERROR,
643		StatusCode::RNG(StatusCodeRNG::LOW_ENTROPY)
644		);
645
646		pub type SpdmResult<T = ()> = core::result::Result<T, SpdmStatus>;