From 97d23cbedeac85fa24e59de8c38e313509634752 Mon Sep 17 00:00:00 2001
From: Wenxing Hou <wenxing.hou@intel.com>
Date: Thu, 30 Jun 2022 20:13:16 +0800
Subject: [PATCH] Add slot_id check

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
---
 library/spdm_responder_lib/libspdm_rsp_certificate.c    | 2 +-
 library/spdm_responder_lib/libspdm_rsp_challenge_auth.c | 9 +++++++++
 library/spdm_responder_lib/libspdm_rsp_key_exchange.c   | 9 +++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/library/spdm_responder_lib/libspdm_rsp_certificate.c b/library/spdm_responder_lib/libspdm_rsp_certificate.c
index 9cee81f4bd8..dfc14472ece 100644
--- a/library/spdm_responder_lib/libspdm_rsp_certificate.c
+++ b/library/spdm_responder_lib/libspdm_rsp_certificate.c
@@ -107,7 +107,7 @@ libspdm_return_t libspdm_get_response_certificate(void *context,
     if (spdm_context->local_context
         .local_cert_chain_provision[slot_id] == NULL) {
         return libspdm_generate_error_response(
-            spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
+            spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
             0, response_size, response);
     }
 
diff --git a/library/spdm_responder_lib/libspdm_rsp_challenge_auth.c b/library/spdm_responder_lib/libspdm_rsp_challenge_auth.c
index 90c7976a0f8..c6249584caf 100644
--- a/library/spdm_responder_lib/libspdm_rsp_challenge_auth.c
+++ b/library/spdm_responder_lib/libspdm_rsp_challenge_auth.c
@@ -99,6 +99,15 @@ libspdm_return_t libspdm_get_response_challenge_auth(void *context,
                                                response_size, response);
     }
 
+    if (slot_id != 0xFF) {
+        if (spdm_context->local_context
+            .local_cert_chain_provision[slot_id] == NULL) {
+            return libspdm_generate_error_response(
+                spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
+                0, response_size, response);
+        }
+    }
+
     signature_size = libspdm_get_asym_signature_size(
         spdm_context->connection_info.algorithm.base_asym_algo);
     hash_size = libspdm_get_hash_size(
diff --git a/library/spdm_responder_lib/libspdm_rsp_key_exchange.c b/library/spdm_responder_lib/libspdm_rsp_key_exchange.c
index b406e2f9cc3..39626427a02 100644
--- a/library/spdm_responder_lib/libspdm_rsp_key_exchange.c
+++ b/library/spdm_responder_lib/libspdm_rsp_key_exchange.c
@@ -107,6 +107,15 @@ libspdm_return_t libspdm_get_response_key_exchange(void *context,
                                                response_size, response);
     }
 
+    if (slot_id != 0xFF) {
+        if (spdm_context->local_context
+            .local_cert_chain_provision[slot_id] == NULL) {
+            return libspdm_generate_error_response(
+                spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
+                0, response_size, response);
+        }
+    }
+
     if (slot_id == 0xFF) {
         slot_id = spdm_context->local_context.provisioned_slot_id;
     }