Merge libspdm_get_certificate_ex with libspdm_get_certificate_choose_length_ex

Signed-off-by: Shital Jumbad <[email protected]>

Author: ShitalJumbad

doc/api/requester_api.md

@@ -102,7 +102,7 @@ libspdm will perform the following checks over the leaf certificate.
 <br/><br/>
 
 ---
-### libspdm_get_certificate_choose_length_ex
+### libspdm_get_certificate_ex
 ---
 
 ### Description
@@ -120,7 +120,7 @@ Indicates if it is a secured message (non-NULL) or an unsecured message (NULL).
 The certificate chain slot number.
 
 **length**<br/>
-The length of the certificate chain block to be retrieved.
+The length of the certificate chain block to be retrieved. If `length` is 0, libspdm uses the default maximum block size.
 
 **cert_chain_size**<br/>
 On input, indicates the size, in bytes, of the buffer in which the certificate chain will be stored.

include/library/spdm_requester_lib.h

@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2025 DMTF. All rights reserved.
+ *  Copyright 2021-2026 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -108,63 +108,36 @@ libspdm_return_t libspdm_get_certificate(void *spdm_context,
                                          size_t *cert_chain_size,
                                          void *cert_chain);
 
-/**
- * This function sends GET_CERTIFICATE to get certificate chain in one slot from device.
- *
- * This function verify the integrity of the certificate chain.
- * root_hash -> Root certificate -> Intermediate certificate -> Leaf certificate.
- *
- * If the peer root certificate hash is deployed,
- * this function also verifies the digest with the root hash in the certificate chain.
- *
- * @param  spdm_context       A pointer to the SPDM context.
- * @param  session_id         Indicates if it is a secured message protected via SPDM session.
- *                            If session_id is NULL, it is a normal message.
- * @param  slot_id            The number of slot for the certificate chain.
- * @param  cert_chain_size    On input, indicate the size in bytes of the destination buffer to store the digest buffer.
- *                            On output, indicate the size in bytes of the certificate chain.
- * @param  cert_chain         A pointer to a destination buffer to store the certificate chain.
- * @param  trust_anchor       A buffer to hold the trust_anchor which is used to validate the peer certificate, if not NULL.
- * @param  trust_anchor_size  A buffer to hold the trust_anchor_size, if not NULL.
- **/
-libspdm_return_t libspdm_get_certificate_ex(void *spdm_context,
-                                            const uint32_t *session_id,
-                                            uint8_t slot_id,
-                                            size_t *cert_chain_size,
-                                            void *cert_chain,
-                                            const void **trust_anchor,
-                                            size_t *trust_anchor_size);
-
 /**
  * This function sends GET_CERTIFICATE to get certificate chain in one slot from the device,
  * and allows the Integrator to specify the size of the certificate chain blocks.
  *
- * This function verify the integrity of the certificate chain.
+ * This function verifies the integrity of the certificate chain:
  * root_hash -> Root certificate -> Intermediate certificate -> Leaf certificate.
  *
- * If the peer root certificate hash is deployed,
- * this function also verifies the digest with the root hash in the certificate chain.
+ * If the peer root certificate hash is deployed, this function also verifies the digest with the
+ * root hash in the certificate chain.
  *
  * @param  spdm_context       A pointer to the SPDM context.
  * @param  session_id         Indicates if it is a secured message protected via SPDM session.
  *                            If session_id is NULL, it is a normal message.
  * @param  slot_id            The number of slot for the certificate chain.
  * @param  length             The length of the certificate chain block to retrieve.
  *                            If length is 0, the default maximum block size will be used.
- * @param  cert_chain_size    On input, indicate the size in bytes of the destination buffer to store the digest buffer.
+ * @param  cert_chain_size    On input, indicate the size in bytes of the destination buffer.
  *                            On output, indicate the size in bytes of the certificate chain.
  * @param  cert_chain         A pointer to a destination buffer to store the certificate chain.
  * @param  trust_anchor       A buffer to hold the trust_anchor which is used to validate the peer certificate, if not NULL.
  * @param  trust_anchor_size  A buffer to hold the trust_anchor_size, if not NULL.
  **/
-libspdm_return_t libspdm_get_certificate_choose_length_ex(void *spdm_context,
-                                                          const uint32_t *session_id,
-                                                          uint8_t slot_id,
-                                                          uint32_t length,
-                                                          size_t *cert_chain_size,
-                                                          void *cert_chain,
-                                                          const void **trust_anchor,
-                                                          size_t *trust_anchor_size);
+libspdm_return_t libspdm_get_certificate_ex(void *spdm_context,
+                                           const uint32_t *session_id,
+                                           uint8_t slot_id,
+                                           uint32_t length,
+                                           size_t *cert_chain_size,
+                                           void *cert_chain,
+                                           const void **trust_anchor,
+                                           size_t *trust_anchor_size);
 #endif /* LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT */
 
 #if LIBSPDM_SEND_CHALLENGE_SUPPORT

library/spdm_requester_lib/libspdm_req_get_certificate.c

@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2025 DMTF. All rights reserved.
+ *  Copyright 2021-2026 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -500,36 +500,13 @@ static libspdm_return_t libspdm_try_get_large_certificate(libspdm_context_t *spd
     return status;
 }
 
-libspdm_return_t libspdm_get_certificate(void *spdm_context, const uint32_t *session_id,
-                                         uint8_t slot_id,
-                                         size_t *cert_chain_size,
-                                         void *cert_chain)
-{
-    return libspdm_get_certificate_choose_length_ex(spdm_context, session_id, slot_id,
-                                                    0, cert_chain_size, cert_chain,
-                                                    NULL, NULL);
-}
-
 libspdm_return_t libspdm_get_certificate_ex(void *spdm_context, const uint32_t *session_id,
                                             uint8_t slot_id,
+                                            uint32_t length,
                                             size_t *cert_chain_size,
                                             void *cert_chain,
                                             const void **trust_anchor,
                                             size_t *trust_anchor_size)
-{
-    return libspdm_get_certificate_choose_length_ex(spdm_context, session_id, slot_id,
-                                                    0, cert_chain_size, cert_chain,
-                                                    trust_anchor, trust_anchor_size);
-}
-
-libspdm_return_t libspdm_get_certificate_choose_length_ex(void *spdm_context,
-                                                          const uint32_t *session_id,
-                                                          uint8_t slot_id,
-                                                          uint32_t length,
-                                                          size_t *cert_chain_size,
-                                                          void *cert_chain,
-                                                          const void **trust_anchor,
-                                                          size_t *trust_anchor_size)
 {
     libspdm_context_t *context;
     size_t retry;
@@ -554,4 +531,14 @@ libspdm_return_t libspdm_get_certificate_choose_length_ex(void *spdm_context,
     return status;
 }
 
+libspdm_return_t libspdm_get_certificate(void *spdm_context, const uint32_t *session_id,
+                                         uint8_t slot_id,
+                                         size_t *cert_chain_size,
+                                         void *cert_chain)
+{
+    return libspdm_get_certificate_ex(spdm_context, session_id, slot_id, 0,
+                                      cert_chain_size, cert_chain,
+                                      NULL, NULL);
+}
+
 #endif /* LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT */

unit_test/fuzzing/test_requester/test_spdm_requester_get_certificate/get_certificate.c

@@ -300,7 +300,7 @@ void libspdm_test_requester_get_certificate_ex_case1(void **State)
 
     cert_chain_size = sizeof(cert_chain);
     libspdm_zero_mem(cert_chain, sizeof(cert_chain));
-    libspdm_get_certificate_ex(spdm_context, NULL, 0, &cert_chain_size, cert_chain,NULL,NULL);
+    libspdm_get_certificate_ex(spdm_context, NULL, 0, 0, &cert_chain_size, cert_chain, NULL, NULL);
 
     free(data);
     libspdm_reset_message_b(spdm_context);
@@ -394,7 +394,7 @@ void libspdm_test_requester_get_certificate_in_session_case1(void **State)
 #endif
     cert_chain_size = sizeof(cert_chain);
     libspdm_zero_mem(cert_chain, sizeof(cert_chain));
-    libspdm_get_certificate_ex(spdm_context, &session_id, 0, &cert_chain_size, cert_chain,
+    libspdm_get_certificate_ex(spdm_context, &session_id, 0, 0, &cert_chain_size, cert_chain,
                                NULL, NULL);
 
     free(data);

unit_test/test_spdm_requester/get_certificate.c

@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2025 DMTF. All rights reserved.
+ *  Copyright 2021-2026 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -3250,7 +3250,7 @@ static void req_get_certificate_case14(void **state)
 
     cert_chain_size = sizeof(cert_chain);
     libspdm_zero_mem(cert_chain, sizeof(cert_chain));
-    status = libspdm_get_certificate_choose_length_ex(
+    status = libspdm_get_certificate_ex(
         spdm_context, NULL, 0, get_cert_length,
         &cert_chain_size, cert_chain, NULL, NULL);
     /* It may fail because the spdm does not support too many messages.
@@ -4126,7 +4126,7 @@ static void req_get_certificate_case26(void **state)
     cert_chain_size = sizeof(cert_chain);
     libspdm_zero_mem(cert_chain, sizeof(cert_chain));
     status = libspdm_get_certificate_ex(spdm_context, &session_id,
-                                        0, &cert_chain_size,
+                                        0, 0, &cert_chain_size,
                                         cert_chain, NULL, 0);
     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
 #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT