Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "library/spdm_common_lib.h"
9 : #include "spdm_crypt_ext_lib/spdm_crypt_ext_lib.h"
10 :
11 : /* https://lapo.it/asn1js/#MCQGCisGAQQBgxyCEgEMFkFDTUU6V0lER0VUOjEyMzQ1Njc4OTA*/
12 : uint8_t m_libspdm_subject_alt_name_buffer1[] = {
13 : 0x30, 0x24, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83,
14 : 0x1C, 0x82, 0x12, 0x01, 0x0C, 0x16, 0x41, 0x43, 0x4D, 0x45,
15 : 0x3A, 0x57, 0x49, 0x44, 0x47, 0x45, 0x54, 0x3A, 0x31, 0x32,
16 : 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30
17 : };
18 :
19 : /* https://lapo.it/asn1js/#MCYGCisGAQQBgxyCEgGgGAwWQUNNRTpXSURHRVQ6MTIzNDU2Nzg5MA*/
20 : uint8_t m_libspdm_subject_alt_name_buffer2[] = {
21 : 0x30, 0x26, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83,
22 : 0x1C, 0x82, 0x12, 0x01, 0xA0, 0x18, 0x0C, 0x16, 0x41, 0x43,
23 : 0x4D, 0x45, 0x3A, 0x57, 0x49, 0x44, 0x47, 0x45, 0x54, 0x3A,
24 : 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30
25 : };
26 :
27 : /* https://lapo.it/asn1js/#MCigJgYKKwYBBAGDHIISAaAYDBZBQ01FOldJREdFVDoxMjM0NTY3ODkw*/
28 : uint8_t m_libspdm_subject_alt_name_buffer3[] = {
29 : 0x30, 0x28, 0xA0, 0x26, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01,
30 : 0x83, 0x1C, 0x82, 0x12, 0x01, 0xA0, 0x18, 0x0C, 0x16, 0x41, 0x43,
31 : 0x4D, 0x45, 0x3A, 0x57, 0x49, 0x44, 0x47, 0x45, 0x54, 0x3A, 0x31,
32 : 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30
33 : };
34 :
35 : uint8_t m_libspdm_dmtf_oid[] = { 0x2B, 0x06, 0x01, 0x4, 0x01,
36 : 0x83, 0x1C, 0x82, 0x12, 0x01 };
37 :
38 1 : void libspdm_test_crypt_spdm_get_dmtf_subject_alt_name_from_bytes(void **state)
39 : {
40 : size_t common_name_size;
41 : char common_name[64];
42 : size_t dmtf_oid_size;
43 : uint8_t dmtf_oid[64];
44 : bool status;
45 :
46 1 : common_name_size = 64;
47 1 : dmtf_oid_size = 64;
48 1 : libspdm_zero_mem(common_name, common_name_size);
49 1 : libspdm_zero_mem(dmtf_oid, dmtf_oid_size);
50 1 : status = libspdm_get_dmtf_subject_alt_name_from_bytes(
51 : m_libspdm_subject_alt_name_buffer1, sizeof(m_libspdm_subject_alt_name_buffer1),
52 : common_name, &common_name_size, dmtf_oid, &dmtf_oid_size);
53 1 : assert_true(status);
54 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
55 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
56 :
57 1 : common_name_size = 64;
58 1 : dmtf_oid_size = 64;
59 1 : libspdm_zero_mem(common_name, common_name_size);
60 1 : libspdm_zero_mem(dmtf_oid, dmtf_oid_size);
61 1 : status = libspdm_get_dmtf_subject_alt_name_from_bytes(
62 : m_libspdm_subject_alt_name_buffer2, sizeof(m_libspdm_subject_alt_name_buffer2),
63 : common_name, &common_name_size, dmtf_oid, &dmtf_oid_size);
64 1 : assert_true(status);
65 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
66 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
67 :
68 1 : common_name_size = 64;
69 1 : dmtf_oid_size = 64;
70 1 : libspdm_zero_mem(common_name, common_name_size);
71 1 : libspdm_zero_mem(dmtf_oid, dmtf_oid_size);
72 1 : status = libspdm_get_dmtf_subject_alt_name_from_bytes(
73 : m_libspdm_subject_alt_name_buffer3, sizeof(m_libspdm_subject_alt_name_buffer3),
74 : common_name, &common_name_size, dmtf_oid, &dmtf_oid_size);
75 1 : assert_true(status);
76 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
77 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
78 1 : }
79 :
80 1 : void libspdm_test_crypt_spdm_get_dmtf_subject_alt_name(void **state)
81 : {
82 : size_t common_name_size;
83 : char common_name[64];
84 : size_t dmtf_oid_size;
85 : uint8_t dmtf_oid[64];
86 : uint8_t *file_buffer;
87 : size_t file_buffer_size;
88 : bool status;
89 :
90 1 : status = libspdm_read_input_file("rsa2048/end_requester.cert.der",
91 : (void **)&file_buffer, &file_buffer_size);
92 1 : assert_true(status);
93 1 : dmtf_oid_size = 64;
94 1 : common_name_size = 64;
95 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
96 : common_name, &common_name_size,
97 : dmtf_oid, &dmtf_oid_size);
98 1 : assert_true(status);
99 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
100 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
101 1 : free(file_buffer);
102 :
103 1 : status = libspdm_read_input_file("rsa3072/end_requester.cert.der",
104 : (void **)&file_buffer, &file_buffer_size);
105 1 : assert_true(status);
106 1 : dmtf_oid_size = 64;
107 1 : common_name_size = 64;
108 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
109 : common_name, &common_name_size,
110 : dmtf_oid, &dmtf_oid_size);
111 1 : assert_true(status);
112 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
113 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
114 1 : free(file_buffer);
115 :
116 1 : status = libspdm_read_input_file("rsa4096/end_requester.cert.der",
117 : (void **)&file_buffer, &file_buffer_size);
118 1 : assert_true(status);
119 1 : dmtf_oid_size = 64;
120 1 : common_name_size = 64;
121 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
122 : common_name, &common_name_size,
123 : dmtf_oid, &dmtf_oid_size);
124 1 : assert_true(status);
125 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
126 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
127 1 : free(file_buffer);
128 :
129 1 : status = libspdm_read_input_file("ecp256/end_requester.cert.der",
130 : (void **)&file_buffer, &file_buffer_size);
131 1 : assert_true(status);
132 1 : dmtf_oid_size = 64;
133 1 : common_name_size = 64;
134 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
135 : common_name, &common_name_size,
136 : dmtf_oid, &dmtf_oid_size);
137 1 : assert_true(status);
138 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
139 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
140 1 : free(file_buffer);
141 :
142 1 : status = libspdm_read_input_file("ecp384/end_requester.cert.der",
143 : (void **)&file_buffer, &file_buffer_size);
144 1 : assert_true(status);
145 1 : dmtf_oid_size = 64;
146 1 : common_name_size = 64;
147 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
148 : common_name, &common_name_size,
149 : dmtf_oid, &dmtf_oid_size);
150 1 : assert_true(status);
151 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
152 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
153 1 : free(file_buffer);
154 :
155 1 : status = libspdm_read_input_file("ecp521/end_requester.cert.der",
156 : (void **)&file_buffer, &file_buffer_size);
157 1 : assert_true(status);
158 1 : dmtf_oid_size = 64;
159 1 : common_name_size = 64;
160 1 : status = libspdm_get_dmtf_subject_alt_name(file_buffer, file_buffer_size,
161 : common_name, &common_name_size,
162 : dmtf_oid, &dmtf_oid_size);
163 1 : assert_true(status);
164 1 : assert_memory_equal(m_libspdm_dmtf_oid, dmtf_oid, sizeof(m_libspdm_dmtf_oid));
165 1 : assert_string_equal(common_name, "ACME:WIDGET:1234567890");
166 1 : free(file_buffer);
167 1 : }
168 :
169 1 : void libspdm_test_crypt_spdm_x509_certificate_check(void **state)
170 : {
171 : bool status;
172 : uint8_t *file_buffer;
173 : size_t file_buffer_size;
174 :
175 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
176 1 : status = libspdm_read_input_file("rsa2048/end_requester.cert.der",
177 : (void **)&file_buffer, &file_buffer_size);
178 1 : assert_true(status);
179 :
180 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
181 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
182 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
183 : true, true);
184 1 : assert_true(status);
185 1 : free(file_buffer);
186 : }
187 : if ((LIBSPDM_RSA_SSA_3072_SUPPORT) && (LIBSPDM_SHA384_SUPPORT)) {
188 1 : status = libspdm_read_input_file("rsa3072/end_requester.cert.der",
189 : (void **)&file_buffer, &file_buffer_size);
190 1 : assert_true(status);
191 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
192 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072,
193 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384,
194 : true, true);
195 1 : assert_true(status);
196 1 : free(file_buffer);
197 : }
198 : if ((LIBSPDM_RSA_SSA_4096_SUPPORT) && (LIBSPDM_SHA512_SUPPORT)) {
199 1 : status = libspdm_read_input_file("rsa4096/end_requester.cert.der",
200 : (void **)&file_buffer, &file_buffer_size);
201 1 : assert_true(status);
202 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
203 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096,
204 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512,
205 : true, true);
206 1 : assert_true(status);
207 1 : free(file_buffer);
208 : }
209 :
210 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
211 1 : status = libspdm_read_input_file("ecp256/end_requester.cert.der",
212 : (void **)&file_buffer, &file_buffer_size);
213 1 : assert_true(status);
214 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
215 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
216 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
217 : true, true);
218 1 : assert_true(status);
219 1 : free(file_buffer);
220 : }
221 : if ((LIBSPDM_ECDSA_P384_SUPPORT) && (LIBSPDM_SHA384_SUPPORT)) {
222 1 : status = libspdm_read_input_file("ecp384/end_requester.cert.der",
223 : (void **)&file_buffer, &file_buffer_size);
224 1 : assert_true(status);
225 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
226 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384,
227 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384,
228 : true, true);
229 1 : assert_true(status);
230 1 : free(file_buffer);
231 : }
232 : if ((LIBSPDM_ECDSA_P521_SUPPORT) && (LIBSPDM_SHA512_SUPPORT)) {
233 1 : status = libspdm_read_input_file("ecp521/end_requester.cert.der",
234 : (void **)&file_buffer, &file_buffer_size);
235 1 : assert_true(status);
236 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
237 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521,
238 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512,
239 : true, true);
240 1 : assert_true(status);
241 1 : free(file_buffer);
242 : }
243 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
244 : /*check for leaf cert basic constraints, CA = true,pathlen:none*/
245 1 : status = libspdm_read_input_file("ecp256/end_requester_ca_false.cert.der",
246 : (void **)&file_buffer, &file_buffer_size);
247 1 : assert_true(status);
248 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
249 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
250 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
251 : true, true);
252 1 : assert_false(status);
253 1 : free(file_buffer);
254 :
255 :
256 : /*check for leaf cert basic constraints, basic constraints is excluded*/
257 1 : status = libspdm_read_input_file("ecp256/end_requester_without_basic_constraint.cert.der",
258 : (void **)&file_buffer, &file_buffer_size);
259 1 : assert_true(status);
260 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
261 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
262 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
263 : true, true);
264 1 : assert_true(status);
265 1 : free(file_buffer);
266 : }
267 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
268 : /*check for leaf cert spdm defined eku*/
269 1 : status = libspdm_read_input_file("rsa2048/end_requester_with_spdm_req_rsp_eku.cert.der",
270 : (void **)&file_buffer, &file_buffer_size);
271 1 : assert_true(status);
272 :
273 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
274 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
275 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
276 : true, true);
277 1 : assert_true(status);
278 1 : free(file_buffer);
279 :
280 1 : status = libspdm_read_input_file("rsa2048/end_requester_with_spdm_req_eku.cert.der",
281 : (void **)&file_buffer, &file_buffer_size);
282 1 : assert_true(status);
283 :
284 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
285 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
286 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
287 : true, true);
288 1 : assert_true(status);
289 1 : free(file_buffer);
290 :
291 1 : status = libspdm_read_input_file("rsa2048/end_requester_with_spdm_rsp_eku.cert.der",
292 : (void **)&file_buffer, &file_buffer_size);
293 1 : assert_true(status);
294 :
295 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
296 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
297 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
298 : true, true);
299 1 : assert_false(status);
300 1 : free(file_buffer);
301 :
302 1 : status = libspdm_read_input_file("rsa2048/end_responder_with_spdm_req_rsp_eku.cert.der",
303 : (void **)&file_buffer, &file_buffer_size);
304 1 : assert_true(status);
305 :
306 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
307 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
308 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
309 : false, true);
310 1 : assert_true(status);
311 1 : free(file_buffer);
312 :
313 1 : status = libspdm_read_input_file("rsa2048/end_requester_with_spdm_req_eku.cert.der",
314 : (void **)&file_buffer, &file_buffer_size);
315 1 : assert_true(status);
316 :
317 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
318 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
319 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
320 : false, true);
321 1 : assert_false(status);
322 1 : free(file_buffer);
323 :
324 1 : status = libspdm_read_input_file("rsa2048/end_requester_with_spdm_rsp_eku.cert.der",
325 : (void **)&file_buffer, &file_buffer_size);
326 1 : assert_true(status);
327 :
328 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
329 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
330 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
331 : false, true);
332 1 : assert_true(status);
333 1 : free(file_buffer);
334 : }
335 : if ((LIBSPDM_RSA_SSA_3072_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
336 : /* cert mismatched negotiated base_aysm_algo check */
337 1 : status = libspdm_read_input_file("rsa2048/end_requester.cert.der",
338 : (void **)&file_buffer, &file_buffer_size);
339 1 : assert_true(status);
340 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
341 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072,
342 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
343 : true, true);
344 1 : assert_false(status);
345 1 : free(file_buffer);
346 :
347 1 : status = libspdm_read_input_file("ecp256/end_requester.cert.der",
348 : (void **)&file_buffer, &file_buffer_size);
349 1 : assert_true(status);
350 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
351 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072,
352 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
353 : true, true);
354 1 : assert_false(status);
355 1 : free(file_buffer);
356 : }
357 : if ((LIBSPDM_RSA_SSA_4096_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
358 : /*test web cert: cert public key algo is RSA case*/
359 1 : status = libspdm_read_input_file("test_web_cert/Google.cer",
360 : (void **)&file_buffer, &file_buffer_size);
361 1 : assert_true(status);
362 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
363 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096,
364 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
365 : false, true);
366 1 : assert_true(status);
367 1 : free(file_buffer);
368 : }
369 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
370 1 : status = libspdm_read_input_file("test_web_cert/Amazon.cer",
371 : (void **)&file_buffer, &file_buffer_size);
372 1 : assert_true(status);
373 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
374 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
375 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
376 : false, true);
377 1 : assert_true(status);
378 1 : free(file_buffer);
379 : }
380 :
381 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
382 : /*test web cert: ccert public key algo is ECC case*/
383 1 : status = libspdm_read_input_file("test_web_cert/GitHub.cer",
384 : (void **)&file_buffer, &file_buffer_size);
385 1 : assert_true(status);
386 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
387 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
388 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
389 : false, true);
390 1 : assert_true(status);
391 1 : free(file_buffer);
392 : }
393 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
394 1 : status = libspdm_read_input_file("test_web_cert/YouTube.cer",
395 : (void **)&file_buffer, &file_buffer_size);
396 1 : assert_true(status);
397 1 : status = libspdm_x509_certificate_check(file_buffer, file_buffer_size,
398 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
399 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
400 : false, true);
401 1 : assert_true(status);
402 1 : free(file_buffer);
403 : }
404 1 : }
405 :
406 1 : void libspdm_test_crypt_spdm_x509_certificate_check_ex(void **state)
407 : {
408 : bool status;
409 : uint8_t *file_buffer;
410 : size_t file_buffer_size;
411 :
412 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
413 1 : status = libspdm_read_input_file("rsa2048/end_requester.cert.der",
414 : (void **)&file_buffer, &file_buffer_size);
415 1 : assert_true(status);
416 :
417 1 : status = libspdm_x509_certificate_check_ex(file_buffer, file_buffer_size,
418 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
419 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
420 : true,
421 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
422 1 : assert_true(status);
423 :
424 1 : status = libspdm_x509_certificate_check_ex(file_buffer, file_buffer_size,
425 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
426 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
427 : true,
428 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
429 1 : assert_true(status);
430 1 : free(file_buffer);
431 : }
432 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
433 1 : status = libspdm_read_input_file("ecp256/end_responder.cert.der",
434 : (void **)&file_buffer, &file_buffer_size);
435 1 : assert_true(status);
436 1 : status = libspdm_x509_certificate_check_ex(file_buffer, file_buffer_size,
437 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
438 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
439 : false,
440 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
441 1 : assert_true(status);
442 :
443 1 : status = libspdm_x509_certificate_check_ex(file_buffer, file_buffer_size,
444 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
445 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
446 : false,
447 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
448 1 : assert_false(status);
449 1 : free(file_buffer);
450 :
451 1 : status = libspdm_read_input_file("ecp256/end_requester_without_basic_constraint.cert.der",
452 : (void **)&file_buffer, &file_buffer_size);
453 1 : assert_true(status);
454 1 : status = libspdm_x509_certificate_check_ex(file_buffer, file_buffer_size,
455 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
456 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
457 : false,
458 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
459 : /*the expected result is false, because basic_constraint is mandatory in SPDM 1.3*/
460 1 : assert_false(status);
461 1 : free(file_buffer);
462 : }
463 :
464 1 : }
465 :
466 1 : void libspdm_test_crypt_spdm_x509_set_cert_certificate_check_ex(void **state)
467 : {
468 : bool status;
469 : uint8_t *file_buffer;
470 : size_t file_buffer_size;
471 :
472 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
473 1 : status = libspdm_read_input_file("rsa2048/end_responder.cert.der",
474 : (void **)&file_buffer, &file_buffer_size);
475 1 : assert_true(status);
476 :
477 1 : status = libspdm_x509_set_cert_certificate_check_ex(file_buffer, file_buffer_size,
478 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
479 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
480 : false,
481 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
482 1 : assert_true(status);
483 :
484 1 : status = libspdm_x509_set_cert_certificate_check_ex(file_buffer, file_buffer_size,
485 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
486 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
487 : false,
488 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
489 1 : assert_false(status);
490 1 : free(file_buffer);
491 : }
492 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
493 1 : status = libspdm_read_input_file("ecp256/end_requester.cert.der",
494 : (void **)&file_buffer, &file_buffer_size);
495 1 : assert_true(status);
496 1 : status = libspdm_x509_set_cert_certificate_check_ex(file_buffer, file_buffer_size,
497 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
498 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
499 : true,
500 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
501 1 : assert_true(status);
502 :
503 1 : status = libspdm_x509_set_cert_certificate_check_ex(file_buffer, file_buffer_size,
504 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
505 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
506 : true,
507 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
508 1 : assert_false(status);
509 :
510 1 : status = libspdm_read_input_file("ecp256/end_requester_ca_false.cert.der",
511 : (void **)&file_buffer, &file_buffer_size);
512 1 : assert_true(status);
513 1 : status = libspdm_x509_set_cert_certificate_check_ex(file_buffer, file_buffer_size,
514 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
515 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
516 : true,
517 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
518 1 : assert_true(status);
519 1 : free(file_buffer);
520 : }
521 :
522 1 : }
523 :
524 1 : void libspdm_test_crypt_spdm_verify_cert_chain_data_ex(void **state)
525 : {
526 : bool status;
527 : uint8_t *file_buffer;
528 : size_t file_buffer_size;
529 :
530 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
531 1 : status = libspdm_read_input_file("rsa2048/bundle_requester.certchain.der",
532 : (void **)&file_buffer, &file_buffer_size);
533 1 : assert_true(status);
534 :
535 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size,
536 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
537 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
538 : true,
539 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
540 1 : assert_true(status);
541 :
542 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size + 1,
543 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
544 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
545 : true,
546 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
547 1 : assert_false(status);
548 :
549 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size,
550 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
551 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
552 : true,
553 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
554 1 : assert_true(status);
555 1 : free(file_buffer);
556 : }
557 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
558 1 : status = libspdm_read_input_file("ecp256/bundle_responder.certchain.der",
559 : (void **)&file_buffer, &file_buffer_size);
560 1 : assert_true(status);
561 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size,
562 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
563 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
564 : false,
565 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
566 1 : assert_true(status);
567 :
568 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size + 1,
569 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
570 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
571 : false,
572 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
573 1 : assert_false(status);
574 :
575 1 : status = libspdm_verify_cert_chain_data_ex(file_buffer, file_buffer_size,
576 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
577 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
578 : false,
579 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
580 1 : assert_false(status);
581 1 : free(file_buffer);
582 : }
583 1 : }
584 :
585 :
586 1 : void libspdm_test_crypt_spdm_verify_certificate_chain_buffer_ex(void **state)
587 : {
588 : bool status;
589 : void *data;
590 : size_t data_size;
591 :
592 : if ((LIBSPDM_RSA_SSA_2048_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
593 1 : libspdm_read_responder_public_certificate_chain(
594 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
595 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
596 : &data,&data_size,
597 : NULL, NULL);
598 :
599 1 : status = libspdm_verify_certificate_chain_buffer_ex(
600 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
601 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
602 : data,data_size,
603 : true,
604 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
605 1 : assert_true(status);
606 :
607 1 : status = libspdm_verify_certificate_chain_buffer_ex(
608 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
609 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
610 : data,data_size + 1,
611 : true,
612 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
613 1 : assert_false(status);
614 :
615 1 : status = libspdm_verify_certificate_chain_buffer_ex(
616 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
617 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
618 : data,data_size,
619 : true,
620 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
621 1 : assert_true(status);
622 1 : free(data);
623 : }
624 :
625 : if ((LIBSPDM_ECDSA_P256_SUPPORT) && (LIBSPDM_SHA256_SUPPORT)) {
626 1 : libspdm_read_responder_public_certificate_chain(
627 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
628 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
629 : &data,&data_size,
630 : NULL, NULL);
631 :
632 1 : status = libspdm_verify_certificate_chain_buffer_ex(
633 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
634 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
635 : data,data_size,
636 : false,
637 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
638 1 : assert_true(status);
639 :
640 1 : status = libspdm_verify_certificate_chain_buffer_ex(
641 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
642 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
643 : data,data_size + 1,
644 : false,
645 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
646 1 : assert_false(status);
647 :
648 1 : status = libspdm_verify_certificate_chain_buffer_ex(
649 : SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256,
650 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
651 : data,data_size,
652 : false,
653 : SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT);
654 1 : assert_false(status);
655 1 : free(data);
656 : }
657 1 : }
658 :
659 1 : void libspdm_test_crypt_asym_verify(void **state)
660 : {
661 : spdm_version_number_t spdm_version;
662 : void *context;
663 : void *data;
664 : size_t data_size;
665 : uint8_t signature[LIBSPDM_MAX_SPDM_MSG_SIZE];
666 : size_t sig_size;
667 : uint8_t signature_endian;
668 : char *file;
669 : bool status;
670 :
671 1 : spdm_version = SPDM_MESSAGE_VERSION_11;
672 :
673 1 : file = "ecp256/end_responder.key";
674 1 : libspdm_read_input_file(file, &data, &data_size);
675 1 : status = libspdm_asym_get_private_key_from_pem(
676 : m_libspdm_use_asym_algo, data, data_size, NULL, &context);
677 :
678 1 : if (!status) {
679 0 : libspdm_zero_mem(data, data_size);
680 0 : free(data);
681 0 : assert_true(status);
682 : }
683 :
684 1 : const uint8_t message[] = {
685 : 0x19, 0x90, 0x2d, 0x02, 0x34, 0x6e, 0xd5, 0x90,
686 : 0x0e, 0x69, 0x51, 0x2f, 0xf2, 0xbd, 0x9d, 0x33,
687 : 0x26, 0x71, 0x8f, 0x62, 0xa0, 0x01, 0xbd, 0xfd,
688 : 0x94, 0xe2, 0x98, 0x17, 0x24, 0xfd, 0xca, 0xf0
689 : };
690 :
691 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_req_asym_algo);
692 :
693 1 : libspdm_asym_sign(spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
694 : SPDM_MEASUREMENTS,
695 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
696 : context,
697 : message, sizeof(message),
698 : signature, &sig_size);
699 :
700 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
701 : status = libspdm_asym_sign(spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
702 : SPDM_MEASUREMENTS,
703 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
704 : context,
705 : message, sizeof(message),
706 : signature, &sig_size);
707 : assert_true(status);
708 : #else
709 : uint8_t message_hash[LIBSPDM_MAX_HASH_SIZE];
710 1 : status = libspdm_hash_all(m_libspdm_use_hash_algo, message, sizeof(message), message_hash);
711 :
712 1 : assert_true(status);
713 1 : status = libspdm_asym_sign_hash(spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
714 : SPDM_MEASUREMENTS,
715 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
716 : context,
717 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
718 : signature, &sig_size);
719 1 : assert_true(status);
720 : #endif
721 :
722 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
723 : /* Big Endian Signature. Big Endian Verify */
724 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
725 : status = libspdm_asym_verify_ex(
726 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
727 : SPDM_MEASUREMENTS,
728 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
729 : context,
730 : message, sizeof(message),
731 : signature, sig_size,
732 : &signature_endian);
733 : assert_true(status);
734 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
735 :
736 : /* Error: Big Endian Signature. Little Endian Verify */
737 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
738 : status = libspdm_asym_verify_ex(
739 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
740 : SPDM_MEASUREMENTS,
741 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
742 : context,
743 : message, sizeof(message),
744 : signature, sig_size,
745 : &signature_endian);
746 : assert_true(!status);
747 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
748 :
749 : /* Big Endian Signature. Big or Little Endian Verify */
750 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
751 : status = libspdm_asym_verify_ex(
752 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
753 : SPDM_MEASUREMENTS,
754 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
755 : context,
756 : message, sizeof(message),
757 : signature, sig_size,
758 : &signature_endian);
759 : assert_true(status);
760 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
761 :
762 : libspdm_copy_signature_swap_endian(
763 : m_libspdm_use_asym_algo,
764 : signature, sig_size, signature, sig_size);
765 :
766 : /* Little Endian Signature. Little Endian Verify */
767 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
768 : status = libspdm_asym_verify_ex(
769 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
770 : SPDM_MEASUREMENTS,
771 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
772 : context,
773 : message, sizeof(message),
774 : signature, sig_size,
775 : &signature_endian);
776 : assert_true(status);
777 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
778 :
779 : /* Error: Little Endian Signature. Big Endian Verify */
780 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
781 : status = libspdm_asym_verify_ex(
782 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
783 : SPDM_MEASUREMENTS,
784 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
785 : context,
786 : message, sizeof(message),
787 : signature, sig_size,
788 : &signature_endian);
789 : assert_true(!status);
790 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
791 :
792 : /* Little Endian Signature. Big or Little Endian Verify */
793 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
794 : status = libspdm_asym_verify_ex(
795 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
796 : SPDM_MEASUREMENTS,
797 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
798 : context,
799 : message, sizeof(message),
800 : signature, sig_size,
801 : &signature_endian);
802 : assert_true(status);
803 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
804 : #else
805 : /* Big Endian Signature. Big Endian Verify */
806 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
807 2 : status = libspdm_asym_verify_hash_ex(
808 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
809 : SPDM_MEASUREMENTS,
810 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
811 : context,
812 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
813 : signature, sig_size,
814 : &signature_endian);
815 1 : assert_true(status);
816 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
817 :
818 : /* Error: Big Endian Signature. Little Endian Verify */
819 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
820 2 : status = libspdm_asym_verify_hash_ex(
821 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
822 : SPDM_MEASUREMENTS,
823 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
824 : context,
825 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
826 : signature, sig_size,
827 : &signature_endian);
828 1 : assert_true(!status);
829 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
830 :
831 : /* Big Endian Signature. Big or Little Endian Verify */
832 1 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
833 2 : status = libspdm_asym_verify_hash_ex(
834 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
835 : SPDM_MEASUREMENTS,
836 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
837 : context,
838 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
839 : signature, sig_size,
840 : &signature_endian);
841 1 : assert_true(status);
842 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
843 :
844 1 : libspdm_copy_signature_swap_endian(
845 : m_libspdm_use_asym_algo,
846 : signature, sig_size, signature, sig_size);
847 :
848 : /* Little Endian Signature. Little Endian Verify */
849 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
850 2 : status = libspdm_asym_verify_hash_ex(
851 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
852 : SPDM_MEASUREMENTS,
853 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
854 : context,
855 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
856 : signature, sig_size,
857 : &signature_endian);
858 1 : assert_true(status);
859 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
860 :
861 : /* Error: Little Endian Signature. Big Endian Verify */
862 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
863 2 : status = libspdm_asym_verify_hash_ex(
864 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
865 : SPDM_MEASUREMENTS,
866 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
867 : context,
868 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
869 : signature, sig_size,
870 : &signature_endian);
871 1 : assert_true(!status);
872 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
873 :
874 : /* Little Endian Signature. Big or Little Endian Verify */
875 1 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
876 2 : status = libspdm_asym_verify_hash_ex(
877 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
878 : SPDM_MEASUREMENTS,
879 : m_libspdm_use_asym_algo, m_libspdm_use_hash_algo,
880 : context,
881 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
882 : signature, sig_size,
883 : &signature_endian);
884 1 : assert_true(status);
885 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
886 :
887 : #endif
888 1 : }
889 :
890 1 : void libspdm_test_crypt_req_asym_verify(void **state)
891 : {
892 : spdm_version_number_t spdm_version;
893 : void *context;
894 : void *data;
895 : size_t data_size;
896 : uint8_t signature[LIBSPDM_MAX_SPDM_MSG_SIZE];
897 : size_t sig_size;
898 : uint8_t signature_endian;
899 : char *file;
900 : bool status;
901 :
902 1 : spdm_version = SPDM_MESSAGE_VERSION_11;
903 :
904 1 : const uint8_t message[] = {
905 : 0x19, 0x90, 0x2d, 0x02, 0x34, 0x6e, 0xd5, 0x90,
906 : 0x0e, 0x69, 0x51, 0x2f, 0xf2, 0xbd, 0x9d, 0x33,
907 : 0x26, 0x71, 0x8f, 0x62, 0xa0, 0x01, 0xbd, 0xfd,
908 : 0x94, 0xe2, 0x98, 0x17, 0x24, 0xfd, 0xca, 0xf0
909 : };
910 :
911 1 : file = "rsa2048/end_requester.key";
912 1 : status = libspdm_read_input_file(file, &data, &data_size);
913 1 : assert_true(status);
914 :
915 1 : status = libspdm_req_asym_get_private_key_from_pem(m_libspdm_use_req_asym_algo,
916 : data,
917 : data_size, NULL,
918 : &context);
919 1 : if (!status) {
920 0 : libspdm_zero_mem(data, data_size);
921 0 : free(data);
922 0 : assert_true(status);
923 : }
924 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_req_asym_algo);
925 :
926 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
927 : status = libspdm_req_asym_sign(spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
928 : SPDM_FINISH,
929 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
930 : context,
931 : message, sizeof(message),
932 : signature, &sig_size);
933 : assert_true(status);
934 : #else
935 : uint8_t message_hash[LIBSPDM_MAX_HASH_SIZE];
936 1 : status = libspdm_hash_all(m_libspdm_use_hash_algo, message, sizeof(message), message_hash);
937 1 : assert_true(status);
938 1 : status = libspdm_req_asym_sign_hash(spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
939 : SPDM_FINISH,
940 : m_libspdm_use_req_asym_algo,
941 : m_libspdm_use_hash_algo, context,
942 : message_hash,
943 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo),
944 : signature,
945 : &sig_size);
946 1 : assert_true(status);
947 : #endif
948 :
949 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
950 : /* Big Endian Signature. Big Endian Verify */
951 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
952 : status = libspdm_req_asym_verify_ex(
953 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
954 : SPDM_FINISH,
955 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
956 : context,
957 : message, sizeof(message),
958 : signature, sig_size,
959 : &signature_endian);
960 : assert_true(status);
961 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
962 :
963 : /* Error: Big Endian Signature. Little Endian Verify */
964 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
965 : status = libspdm_req_asym_verify_ex(
966 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
967 : SPDM_FINISH,
968 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
969 : context,
970 : message, sizeof(message),
971 : signature, sig_size,
972 : &signature_endian);
973 : assert_true(!status);
974 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
975 :
976 : /* Big Endian Signature. Big or Little Endian Verify */
977 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
978 : status = libspdm_req_asym_verify_ex(
979 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
980 : SPDM_FINISH,
981 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
982 : context,
983 : message, sizeof(message),
984 : signature, sig_size,
985 : &signature_endian);
986 : assert_true(status);
987 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
988 :
989 : libspdm_copy_signature_swap_endian(
990 : m_libspdm_use_req_asym_algo,
991 : signature, sig_size, signature, sig_size);
992 :
993 : /* Little Endian Signature. Little Endian Verify */
994 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
995 : status = libspdm_req_asym_verify_ex(
996 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
997 : SPDM_FINISH,
998 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
999 : context,
1000 : message, sizeof(message),
1001 : signature, sig_size,
1002 : &signature_endian);
1003 : assert_true(status);
1004 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
1005 :
1006 : /* Error: Little Endian Signature. Big Endian Verify */
1007 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
1008 : status = libspdm_req_asym_verify_ex(
1009 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1010 : SPDM_FINISH,
1011 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1012 : context,
1013 : message, sizeof(message),
1014 : signature, sig_size,
1015 : &signature_endian);
1016 : assert_true(!status);
1017 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
1018 :
1019 : /* Little Endian Signature. Big or Little Endian Verify */
1020 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
1021 : status = libspdm_req_asym_verify_ex(
1022 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1023 : SPDM_FINISH,
1024 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1025 : context,
1026 : message, sizeof(message),
1027 : signature, sig_size,
1028 : &signature_endian);
1029 : assert_true(status);
1030 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
1031 :
1032 : #else
1033 : /* Big Endian Signature. Big Endian Verify */
1034 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
1035 2 : status = libspdm_req_asym_verify_hash_ex(
1036 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1037 : SPDM_FINISH,
1038 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1039 : context,
1040 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1041 : signature, sig_size,
1042 : &signature_endian);
1043 1 : assert_true(status);
1044 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
1045 :
1046 : /* Error: Big Endian Signature. Little Endian Verify */
1047 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
1048 2 : status = libspdm_req_asym_verify_hash_ex(
1049 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1050 : SPDM_FINISH,
1051 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1052 : context,
1053 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1054 : signature, sig_size,
1055 : &signature_endian);
1056 1 : assert_true(!status);
1057 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
1058 :
1059 : /* Big Endian Signature. Big or Little Endian Verify */
1060 1 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
1061 2 : status = libspdm_req_asym_verify_hash_ex(
1062 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1063 : SPDM_FINISH,
1064 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1065 : context,
1066 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1067 : signature, sig_size,
1068 : &signature_endian);
1069 1 : assert_true(status);
1070 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
1071 :
1072 1 : libspdm_copy_signature_swap_endian(
1073 : m_libspdm_use_req_asym_algo,
1074 : signature, sig_size, signature, sig_size);
1075 :
1076 : /* Little Endian Signature. Little Endian Verify */
1077 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
1078 2 : status = libspdm_req_asym_verify_hash_ex(
1079 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1080 : SPDM_FINISH,
1081 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1082 : context,
1083 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1084 : signature, sig_size,
1085 : &signature_endian);
1086 1 : assert_true(status);
1087 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
1088 :
1089 : /* Error: Little Endian Signature. Big Endian Verify */
1090 1 : signature_endian = LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
1091 2 : status = libspdm_req_asym_verify_hash_ex(
1092 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1093 : SPDM_FINISH,
1094 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1095 : context,
1096 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1097 : signature, sig_size,
1098 : &signature_endian);
1099 1 : assert_true(!status);
1100 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY);
1101 :
1102 : /* Little Endian Signature. Big or Little Endian Verify */
1103 1 : signature_endian= LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
1104 2 : status = libspdm_req_asym_verify_hash_ex(
1105 1 : spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1106 : SPDM_FINISH,
1107 : m_libspdm_use_req_asym_algo, m_libspdm_use_hash_algo,
1108 : context,
1109 1 : message_hash, libspdm_get_hash_size(m_libspdm_use_hash_algo),
1110 : signature, sig_size,
1111 : &signature_endian);
1112 1 : assert_true(status);
1113 1 : assert_int_equal(signature_endian, LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY);
1114 : #endif
1115 1 : }
1116 :
1117 : bool libspdm_is_palindrome(const uint8_t *buf, size_t buf_size);
1118 :
1119 : bool libspdm_is_signature_buffer_palindrome(
1120 : uint32_t base_asym_algo, const uint8_t *buf, size_t buf_size);
1121 :
1122 1 : void libspdm_test_crypt_palindrome(void **state)
1123 : {
1124 : bool status;
1125 :
1126 : /* Test valid palindrome with even number of elements */
1127 1 : uint8_t buf1[] = {0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 3, 2, 1, 0};
1128 1 : status = libspdm_is_palindrome(buf1, sizeof(buf1));
1129 1 : assert_true(status);
1130 :
1131 : /* Test valid palindrome with odd number of elements */
1132 1 : uint8_t buf2[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 7, 6, 5, 4, 3, 2, 1, 0 };
1133 1 : status = libspdm_is_palindrome(buf2, sizeof(buf2));
1134 1 : assert_true(status);
1135 :
1136 : /* Test invalid palindrome where inner corner-case element is not matching */
1137 1 : uint8_t buf3[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 6, 5, 4, 3, 2, 1, 0 };
1138 1 : status = libspdm_is_palindrome(buf3, sizeof(buf3));
1139 1 : assert_false(status);
1140 :
1141 : /* Test invalid palindrome where outer corner-case element is not matching */
1142 1 : uint8_t buf4[] = { 0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 3, 2, 1, 8 };
1143 1 : status = libspdm_is_palindrome(buf4, sizeof(buf4));
1144 1 : assert_false(status);
1145 :
1146 : /* Test invalid palindrome where middle element is not matching */
1147 1 : uint8_t buf5[] = { 0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 4, 2, 1, 0 };
1148 1 : status = libspdm_is_palindrome(buf5, sizeof(buf5));
1149 1 : assert_false(status);
1150 1 : }
1151 :
1152 1 : void libspdm_test_crypt_rsa_palindrome(void **state)
1153 : {
1154 : /* Test RSA Buffers as palindrone */
1155 : int i;
1156 : bool status;
1157 :
1158 1 : const uint32_t rsa_algos[] = {
1159 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
1160 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048,
1161 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072,
1162 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072,
1163 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096,
1164 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096
1165 : };
1166 :
1167 : /* Palindrome for RSA */
1168 1 : uint8_t buf0[] = { 0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 3, 2, 1, 0 };
1169 :
1170 : /* Not Palindrome cases for RSA */
1171 :
1172 : /* Test invalid palindrome where inner corner-case element is not matching */
1173 1 : uint8_t buf1[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 6, 5, 4, 3, 2, 1, 0 };
1174 :
1175 : /* Test invalid palindrome where outer corner-case element is not matching */
1176 1 : uint8_t buf2[] = { 0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 3, 2, 1, 8 };
1177 :
1178 : /* Test invalid palindrome where middle element is not matching */
1179 1 : uint8_t buf3[] = { 0, 1, 2, 3, 4, 5, 6, 7, 7, 6, 5, 4, 4, 2, 1, 0 };
1180 :
1181 : /* Test each of these buffers against each RSA algo type */
1182 7 : for (i = 0; i < (sizeof(rsa_algos) / sizeof(rsa_algos[0])); i++) {
1183 : /* Test case where buffer is palindrone */
1184 6 : status = libspdm_is_signature_buffer_palindrome(rsa_algos[i], buf0, sizeof(buf0));
1185 6 : assert_true(status);
1186 :
1187 : /* Test cases where buffer is NOT palindrone */
1188 6 : status = libspdm_is_signature_buffer_palindrome(rsa_algos[i], buf1, sizeof(buf1));
1189 6 : assert_false(status);
1190 6 : status = libspdm_is_signature_buffer_palindrome(rsa_algos[i], buf2, sizeof(buf2));
1191 6 : assert_false(status);
1192 6 : status = libspdm_is_signature_buffer_palindrome(rsa_algos[i], buf3, sizeof(buf3));
1193 6 : assert_false(status);
1194 : }
1195 1 : }
1196 :
1197 1 : void libspdm_test_crypt_ecdsa_palindrome(void **state)
1198 : {
1199 : int i;
1200 : bool status;
1201 :
1202 : /* Test ECDSA Buffers as palindrome */
1203 1 : const uint32_t ecdsa_algos[] = {
1204 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256,
1205 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384,
1206 : SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521
1207 : };
1208 :
1209 : /* Test for valid ECDSA buffer palindrome */
1210 1 : uint8_t buf0[] = { 0, 1, 2, 3, 3, 2, 1, 0, 0, 1, 2, 3, 3, 2, 1, 0 };
1211 :
1212 : /* Tests for ECDSA buffer not palidrome */
1213 :
1214 : /* Test for invalid palindrome where outer element of 1st buffer does not match */
1215 1 : uint8_t buf1[] = { 0, 1, 2, 3, 3, 2, 1, 1, 0, 1, 2, 3, 3, 2, 1, 0 };
1216 :
1217 : /* Test for invalid palindrome where outer element of 2nd buffer does not match */
1218 1 : uint8_t buf2[] = { 0, 1, 2, 3, 3, 2, 1, 0, 0, 1, 2, 3, 3, 2, 1, 1 };
1219 :
1220 : /* Test for invalid palindrome where inner element of 1st buffer does not match */
1221 1 : uint8_t buf3[] = { 0, 1, 2, 3, 4, 2, 1, 0, 0, 1, 2, 3, 3, 2, 1, 0 };
1222 :
1223 : /* Test for invalid palindrome where inner element of 2nd buffer does not match */
1224 1 : uint8_t buf4[] = { 0, 1, 2, 3, 3, 2, 1, 0, 0, 1, 2, 3, 4, 2, 1, 0 };
1225 :
1226 : /* Test for invalid palindrome where middle element of 1st buffer does not match */
1227 1 : uint8_t buf5[] = { 0, 1, 2, 3, 3, 2, 0, 0, 0, 1, 2, 3, 3, 2, 1, 0 };
1228 :
1229 : /* Test for invalid palindrome where middle element of 2nd buffer does not match */
1230 1 : uint8_t buf6[] = { 0, 1, 2, 3, 3, 2, 1, 0, 0, 1, 2, 3, 3, 0, 1, 0 };
1231 :
1232 : /* Test each of the buffers against each ECDSA algo type */
1233 4 : for (i = 0; i < (sizeof(ecdsa_algos) / sizeof(ecdsa_algos[0])); i++) {
1234 : /* Test case where buffer is palindrone */
1235 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf0, sizeof(buf0));
1236 3 : assert_true(status);
1237 :
1238 : /* Test cases where buffer is NOT palindrone */
1239 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf1, sizeof(buf1));
1240 3 : assert_false(status);
1241 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf2, sizeof(buf2));
1242 3 : assert_false(status);
1243 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf3, sizeof(buf3));
1244 3 : assert_false(status);
1245 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf4, sizeof(buf4));
1246 3 : assert_false(status);
1247 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf5, sizeof(buf5));
1248 3 : assert_false(status);
1249 3 : status = libspdm_is_signature_buffer_palindrome(ecdsa_algos[i], buf6, sizeof(buf6));
1250 3 : assert_false(status);
1251 : }
1252 1 : }
1253 :
1254 1 : int libspdm_crypt_lib_setup(void **state)
1255 : {
1256 1 : return 0;
1257 : }
1258 :
1259 1 : int libspdm_crypt_lib_teardown(void **state)
1260 : {
1261 1 : return 0;
1262 : }
1263 :
1264 1 : int libspdm_crypt_lib_test_main(void)
1265 : {
1266 1 : const struct CMUnitTest spdm_crypt_lib_tests[] = {
1267 : cmocka_unit_test(
1268 : libspdm_test_crypt_spdm_get_dmtf_subject_alt_name_from_bytes),
1269 :
1270 : cmocka_unit_test(libspdm_test_crypt_spdm_get_dmtf_subject_alt_name),
1271 :
1272 : cmocka_unit_test(libspdm_test_crypt_spdm_x509_certificate_check),
1273 :
1274 : cmocka_unit_test(libspdm_test_crypt_spdm_x509_certificate_check_ex),
1275 :
1276 : cmocka_unit_test(libspdm_test_crypt_spdm_x509_set_cert_certificate_check_ex),
1277 :
1278 : cmocka_unit_test(libspdm_test_crypt_spdm_verify_cert_chain_data_ex),
1279 :
1280 : cmocka_unit_test(libspdm_test_crypt_spdm_verify_certificate_chain_buffer_ex),
1281 :
1282 : cmocka_unit_test(libspdm_test_crypt_asym_verify),
1283 :
1284 : cmocka_unit_test(libspdm_test_crypt_req_asym_verify),
1285 :
1286 : cmocka_unit_test(libspdm_test_crypt_palindrome),
1287 :
1288 : cmocka_unit_test(libspdm_test_crypt_rsa_palindrome),
1289 :
1290 : cmocka_unit_test(libspdm_test_crypt_ecdsa_palindrome),
1291 : };
1292 :
1293 1 : return cmocka_run_group_tests(spdm_crypt_lib_tests,
1294 : libspdm_crypt_lib_setup,
1295 : libspdm_crypt_lib_teardown);
1296 : }
1297 :
1298 1 : int main(void)
1299 : {
1300 1 : int return_value = 0;
1301 :
1302 1 : if (libspdm_crypt_lib_test_main() != 0) {
1303 0 : return_value = 1;
1304 : }
1305 :
1306 1 : return return_value;
1307 : }
|
