Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP
11 :
12 : static size_t m_libspdm_local_buffer_size;
13 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_M1M2_BUFFER_SIZE];
14 :
15 : static size_t m_libspdm_opaque_data_size;
16 : static uint8_t m_libspdm_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
17 :
18 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
19 :
20 45 : libspdm_return_t libspdm_requester_challenge_test_send_message(void *spdm_context,
21 : size_t request_size,
22 : const void *request,
23 : uint64_t timeout)
24 : {
25 : libspdm_test_context_t *spdm_test_context;
26 : const uint8_t *ptr;
27 :
28 45 : spdm_test_context = libspdm_get_test_context();
29 45 : ptr = (const uint8_t *)request;
30 45 : switch (spdm_test_context->case_id) {
31 1 : case 0x1:
32 1 : return LIBSPDM_STATUS_SEND_FAIL;
33 1 : case 0x2:
34 1 : m_libspdm_local_buffer_size = 0;
35 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
36 : request_size - 1);
37 1 : m_libspdm_local_buffer_size += (request_size - 1);
38 1 : return LIBSPDM_STATUS_SUCCESS;
39 0 : case 0x3:
40 0 : m_libspdm_local_buffer_size = 0;
41 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
42 : request_size - 1);
43 0 : m_libspdm_local_buffer_size += (request_size - 1);
44 0 : return LIBSPDM_STATUS_SUCCESS;
45 1 : case 0x4:
46 1 : m_libspdm_local_buffer_size = 0;
47 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
48 : request_size - 1);
49 1 : m_libspdm_local_buffer_size += (request_size - 1);
50 1 : return LIBSPDM_STATUS_SUCCESS;
51 1 : case 0x5:
52 1 : m_libspdm_local_buffer_size = 0;
53 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
54 : request_size - 1);
55 1 : m_libspdm_local_buffer_size += (request_size - 1);
56 1 : return LIBSPDM_STATUS_SUCCESS;
57 2 : case 0x6:
58 2 : m_libspdm_local_buffer_size = 0;
59 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
60 : request_size - 1);
61 2 : m_libspdm_local_buffer_size += (request_size - 1);
62 2 : return LIBSPDM_STATUS_SUCCESS;
63 1 : case 0x7:
64 1 : m_libspdm_local_buffer_size = 0;
65 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
66 : request_size - 1);
67 1 : m_libspdm_local_buffer_size += (request_size - 1);
68 1 : return LIBSPDM_STATUS_SUCCESS;
69 2 : case 0x8:
70 2 : m_libspdm_local_buffer_size = 0;
71 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
72 : request_size - 1);
73 2 : m_libspdm_local_buffer_size += (request_size - 1);
74 2 : return LIBSPDM_STATUS_SUCCESS;
75 2 : case 0x9: {
76 : static size_t sub_index = 0;
77 2 : if (sub_index == 0) {
78 1 : m_libspdm_local_buffer_size = 0;
79 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
80 : request_size - 1);
81 1 : m_libspdm_local_buffer_size += (request_size - 1);
82 1 : sub_index++;
83 : }
84 : }
85 2 : return LIBSPDM_STATUS_SUCCESS;
86 26 : case 0xA:
87 : case 0xB:
88 : case 0xC:
89 : case 0xD:
90 : case 0xE:
91 : case 0xF:
92 : case 0x10:
93 : case 0x11:
94 : case 0x12:
95 : case 0x13:
96 : case 0x14:
97 : case 0x15:
98 26 : m_libspdm_local_buffer_size = 0;
99 26 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
100 : request_size - 1);
101 26 : m_libspdm_local_buffer_size += (request_size - 1);
102 26 : return LIBSPDM_STATUS_SUCCESS;
103 1 : case 0x16: {
104 : /* arbitrary data must be inserted in the message buffer for computing
105 : * the response hash */
106 1 : m_libspdm_local_buffer_size = 0;
107 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
108 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 10, (uint8_t) 0xFF);
109 : m_libspdm_local_buffer_size += 10;
110 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 8, (uint8_t) 0xEE);
111 : m_libspdm_local_buffer_size += 8;
112 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 12, (uint8_t) 0xDD);
113 : m_libspdm_local_buffer_size += 12;
114 : #endif
115 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
116 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
117 1 : &ptr[1], request_size - 1);
118 1 : m_libspdm_local_buffer_size += (request_size - 1);
119 : }
120 1 : return LIBSPDM_STATUS_SUCCESS;
121 2 : case 0x17:
122 2 : m_libspdm_local_buffer_size = 0;
123 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
124 : request_size - 1);
125 2 : m_libspdm_local_buffer_size += (request_size - 1);
126 2 : return LIBSPDM_STATUS_SUCCESS;
127 3 : case 0x18:
128 : case 0x19:
129 : case 0x1A:
130 3 : m_libspdm_local_buffer_size = 0;
131 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
132 : request_size - 1);
133 3 : m_libspdm_local_buffer_size += (request_size - 1);
134 3 : return LIBSPDM_STATUS_SUCCESS;
135 2 : case 0x1B:
136 : case 0x1C:
137 2 : m_libspdm_local_buffer_size = 0;
138 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
139 : request_size - 1);
140 2 : m_libspdm_local_buffer_size += (request_size - 1);
141 2 : return LIBSPDM_STATUS_SUCCESS;
142 0 : default:
143 0 : return LIBSPDM_STATUS_SEND_FAIL;
144 : }
145 : }
146 :
147 44 : libspdm_return_t libspdm_requester_challenge_test_receive_message(
148 : void *spdm_context, size_t *response_size,
149 : void **response, uint64_t timeout)
150 : {
151 : libspdm_test_context_t *spdm_test_context;
152 :
153 44 : spdm_test_context = libspdm_get_test_context();
154 44 : switch (spdm_test_context->case_id) {
155 0 : case 0x1:
156 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
157 :
158 1 : case 0x2: { /*correct CHALLENGE_AUTH message*/
159 : spdm_challenge_auth_response_t *spdm_response;
160 : void *data;
161 : size_t data_size;
162 : uint8_t *ptr;
163 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
164 : size_t sig_size;
165 : size_t spdm_response_size;
166 : size_t transport_header_size;
167 :
168 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
169 : m_libspdm_use_asym_algo, &data,
170 : &data_size, NULL, NULL);
171 : ((libspdm_context_t *)spdm_context)
172 1 : ->local_context.local_cert_chain_provision_size[0] =
173 : data_size;
174 : ((libspdm_context_t *)spdm_context)
175 1 : ->local_context.local_cert_chain_provision[0] = data;
176 : ((libspdm_context_t *)spdm_context)
177 1 : ->connection_info.algorithm.base_asym_algo =
178 : m_libspdm_use_asym_algo;
179 : ((libspdm_context_t *)spdm_context)
180 1 : ->connection_info.algorithm.base_hash_algo =
181 : m_libspdm_use_hash_algo;
182 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
183 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
184 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
185 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
186 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
187 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
188 :
189 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
190 1 : spdm_response->header.request_response_code =
191 : SPDM_CHALLENGE_AUTH;
192 1 : spdm_response->header.param1 = 0;
193 1 : spdm_response->header.param2 = (1 << 0);
194 1 : ptr = (void *)(spdm_response + 1);
195 1 : libspdm_hash_all(
196 : m_libspdm_use_hash_algo,
197 : ((libspdm_context_t *)spdm_context)
198 : ->local_context.local_cert_chain_provision[0],
199 : ((libspdm_context_t *)spdm_context)
200 : ->local_context
201 : .local_cert_chain_provision_size[0],
202 : ptr);
203 1 : free(data);
204 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
205 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
206 1 : ptr += SPDM_NONCE_SIZE;
207 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
208 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
209 1 : *(uint16_t *)ptr = 0;
210 1 : ptr += sizeof(uint16_t);
211 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
212 : sizeof(m_libspdm_local_buffer) -
213 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
214 : m_libspdm_local_buffer),
215 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
216 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
217 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
218 : m_libspdm_local_buffer_size));
219 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
220 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
221 : m_libspdm_local_buffer_size, hash_data);
222 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
223 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
224 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
225 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
226 1 : libspdm_responder_data_sign(
227 : spdm_context,
228 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
229 : SPDM_CHALLENGE_AUTH,
230 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
231 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
232 : ptr, &sig_size);
233 1 : ptr += sig_size;
234 :
235 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
236 : false, spdm_response_size,
237 : spdm_response, response_size,
238 : response);
239 : }
240 1 : return LIBSPDM_STATUS_SUCCESS;
241 :
242 0 : case 0x3: { /*correct CHALLENGE_AUTH message*/
243 : spdm_challenge_auth_response_t *spdm_response;
244 : void *data;
245 : size_t data_size;
246 : uint8_t *ptr;
247 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
248 : size_t sig_size;
249 : size_t spdm_response_size;
250 : size_t transport_header_size;
251 :
252 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
253 : m_libspdm_use_asym_algo, &data,
254 : &data_size, NULL, NULL);
255 : ((libspdm_context_t *)spdm_context)
256 0 : ->local_context.local_cert_chain_provision_size[0] =
257 : data_size;
258 : ((libspdm_context_t *)spdm_context)
259 0 : ->local_context.local_cert_chain_provision[0] = data;
260 : ((libspdm_context_t *)spdm_context)
261 0 : ->connection_info.algorithm.base_asym_algo =
262 : m_libspdm_use_asym_algo;
263 : ((libspdm_context_t *)spdm_context)
264 0 : ->connection_info.algorithm.base_hash_algo =
265 : m_libspdm_use_hash_algo;
266 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
267 0 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
268 0 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
269 0 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
270 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
271 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
272 :
273 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
274 0 : spdm_response->header.request_response_code =
275 : SPDM_CHALLENGE_AUTH;
276 0 : spdm_response->header.param1 = 0;
277 0 : spdm_response->header.param2 = (1 << 0);
278 0 : ptr = (void *)(spdm_response + 1);
279 0 : libspdm_hash_all(
280 : m_libspdm_use_hash_algo,
281 : ((libspdm_context_t *)spdm_context)
282 : ->local_context.local_cert_chain_provision[0],
283 : ((libspdm_context_t *)spdm_context)
284 : ->local_context
285 : .local_cert_chain_provision_size[0],
286 : ptr);
287 0 : free(data);
288 0 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
289 0 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
290 0 : ptr += SPDM_NONCE_SIZE;
291 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
292 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
293 0 : *(uint16_t *)ptr = 0;
294 0 : ptr += sizeof(uint16_t);
295 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
296 : sizeof(m_libspdm_local_buffer) -
297 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
298 : m_libspdm_local_buffer),
299 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
300 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
301 0 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
302 : m_libspdm_local_buffer_size, hash_data);
303 0 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
304 0 : libspdm_responder_data_sign(
305 : spdm_context,
306 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
307 : SPDM_CHALLENGE_AUTH,
308 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
309 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
310 : ptr, &sig_size);
311 0 : ptr += sig_size;
312 :
313 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
314 : false, spdm_response_size,
315 : spdm_response, response_size,
316 : response);
317 : }
318 0 : return LIBSPDM_STATUS_SUCCESS;
319 :
320 1 : case 0x4: { /*correct ERROR message (invalid request)*/
321 : spdm_error_response_t *spdm_response;
322 : size_t spdm_response_size;
323 : size_t transport_header_size;
324 :
325 1 : spdm_response_size = sizeof(spdm_error_response_t);
326 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
327 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
328 :
329 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
330 1 : spdm_response->header.request_response_code = SPDM_ERROR;
331 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
332 1 : spdm_response->header.param2 = 0;
333 :
334 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
335 : false, spdm_response_size,
336 : spdm_response,
337 : response_size, response);
338 : }
339 1 : return LIBSPDM_STATUS_SUCCESS;
340 :
341 1 : case 0x5: { /*correct ERROR message (busy)*/
342 : spdm_error_response_t *spdm_response;
343 : size_t spdm_response_size;
344 : size_t transport_header_size;
345 :
346 1 : spdm_response_size = sizeof(spdm_error_response_t);
347 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
348 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
349 :
350 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
351 1 : spdm_response->header.request_response_code = SPDM_ERROR;
352 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
353 1 : spdm_response->header.param2 = 0;
354 :
355 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
356 : false, spdm_response_size,
357 : spdm_response,
358 : response_size, response);
359 : }
360 1 : return LIBSPDM_STATUS_SUCCESS;
361 :
362 2 : case 0x6: { /*correct ERROR message (busy) + correct CHALLENGE_AUTH message*/
363 : static size_t sub_index1 = 0;
364 2 : if (sub_index1 == 0) {
365 : spdm_error_response_t *spdm_response;
366 : size_t spdm_response_size;
367 : size_t transport_header_size;
368 :
369 1 : spdm_response_size = sizeof(spdm_error_response_t);
370 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
371 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
372 :
373 1 : spdm_response->header.spdm_version =
374 : SPDM_MESSAGE_VERSION_11;
375 1 : spdm_response->header.request_response_code = SPDM_ERROR;
376 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
377 1 : spdm_response->header.param2 = 0;
378 :
379 1 : libspdm_transport_test_encode_message(
380 : spdm_context, NULL, false, false,
381 : spdm_response_size, spdm_response,
382 : response_size, response);
383 1 : sub_index1++;
384 1 : } else if (sub_index1 == 1) {
385 : spdm_challenge_auth_response_t *spdm_response;
386 : void *data;
387 : size_t data_size;
388 : uint8_t *ptr;
389 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
390 : size_t sig_size;
391 : size_t spdm_response_size;
392 : size_t transport_header_size;
393 :
394 1 : libspdm_read_responder_public_certificate_chain(
395 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
396 : &data_size, NULL, NULL);
397 : ((libspdm_context_t *)spdm_context)
398 : ->local_context
399 1 : .local_cert_chain_provision_size[0] = data_size;
400 : ((libspdm_context_t *)spdm_context)
401 1 : ->local_context.local_cert_chain_provision[0] =
402 : data;
403 : ((libspdm_context_t *)spdm_context)
404 1 : ->connection_info.algorithm.base_asym_algo =
405 : m_libspdm_use_asym_algo;
406 : ((libspdm_context_t *)spdm_context)
407 1 : ->connection_info.algorithm.base_hash_algo =
408 : m_libspdm_use_hash_algo;
409 1 : spdm_response_size =
410 : sizeof(spdm_challenge_auth_response_t) +
411 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
412 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
413 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
414 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
415 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
416 :
417 1 : spdm_response->header.spdm_version =
418 : SPDM_MESSAGE_VERSION_11;
419 1 : spdm_response->header.request_response_code =
420 : SPDM_CHALLENGE_AUTH;
421 1 : spdm_response->header.param1 = 0;
422 1 : spdm_response->header.param2 = (1 << 0);
423 1 : ptr = (void *)(spdm_response + 1);
424 1 : libspdm_hash_all(
425 : m_libspdm_use_hash_algo,
426 : ((libspdm_context_t *)spdm_context)
427 : ->local_context
428 : .local_cert_chain_provision[0],
429 : ((libspdm_context_t *)spdm_context)
430 : ->local_context
431 : .local_cert_chain_provision_size[0],
432 : ptr);
433 1 : free(data);
434 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
435 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
436 1 : ptr += SPDM_NONCE_SIZE;
437 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
438 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
439 1 : *(uint16_t *)ptr = 0;
440 1 : ptr += sizeof(uint16_t);
441 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
442 : sizeof(m_libspdm_local_buffer)
443 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
444 : m_libspdm_local_buffer),
445 : spdm_response,
446 1 : (size_t)ptr - (size_t)spdm_response);
447 1 : m_libspdm_local_buffer_size +=
448 1 : ((size_t)ptr - (size_t)spdm_response);
449 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
450 : m_libspdm_local_buffer_size, hash_data);
451 1 : sig_size =
452 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
453 1 : libspdm_responder_data_sign(
454 : spdm_context,
455 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
456 : SPDM_CHALLENGE_AUTH,
457 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
458 : m_libspdm_use_hash_algo,
459 : false, m_libspdm_local_buffer,
460 : m_libspdm_local_buffer_size, ptr,
461 : &sig_size);
462 1 : ptr += sig_size;
463 :
464 1 : libspdm_transport_test_encode_message(
465 : spdm_context, NULL, false, false, spdm_response_size,
466 : spdm_response, response_size, response);
467 : }
468 : }
469 2 : return LIBSPDM_STATUS_SUCCESS;
470 :
471 1 : case 0x7: { /*correct ERROR message (request resync)*/
472 : spdm_error_response_t *spdm_response;
473 : size_t spdm_response_size;
474 : size_t transport_header_size;
475 :
476 1 : spdm_response_size = sizeof(spdm_error_response_t);
477 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
478 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
479 :
480 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
481 1 : spdm_response->header.request_response_code = SPDM_ERROR;
482 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
483 1 : spdm_response->header.param2 = 0;
484 :
485 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
486 : false, spdm_response_size,
487 : spdm_response,
488 : response_size, response);
489 : }
490 1 : return LIBSPDM_STATUS_SUCCESS;
491 :
492 2 : case 0x8: { /*correct ERROR message (response net ready)*/
493 : spdm_error_response_data_response_not_ready_t *spdm_response;
494 : size_t spdm_response_size;
495 : size_t transport_header_size;
496 :
497 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
498 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
499 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
500 :
501 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
502 2 : spdm_response->header.request_response_code = SPDM_ERROR;
503 2 : spdm_response->header.param1 =
504 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
505 2 : spdm_response->header.param2 = 0;
506 2 : spdm_response->extend_error_data.rd_exponent = 1;
507 2 : spdm_response->extend_error_data.rd_tm = 2;
508 2 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
509 2 : spdm_response->extend_error_data.token = 0;
510 :
511 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
512 : false, spdm_response_size,
513 : spdm_response,
514 : response_size, response);
515 : }
516 2 : return LIBSPDM_STATUS_SUCCESS;
517 :
518 2 : case 0x9: { /*correct ERROR message (response not ready) + correct CHALLENGE_AUTH message*/
519 : static size_t sub_index2 = 0;
520 2 : if (sub_index2 == 0) {
521 : spdm_error_response_data_response_not_ready_t
522 : *spdm_response;
523 : size_t spdm_response_size;
524 : size_t transport_header_size;
525 :
526 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
527 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
528 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
529 :
530 1 : spdm_response->header.spdm_version =
531 : SPDM_MESSAGE_VERSION_11;
532 1 : spdm_response->header.request_response_code = SPDM_ERROR;
533 1 : spdm_response->header.param1 =
534 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
535 1 : spdm_response->header.param2 = 0;
536 1 : spdm_response->extend_error_data.rd_exponent = 1;
537 1 : spdm_response->extend_error_data.rd_tm = 2;
538 1 : spdm_response->extend_error_data.request_code =
539 : SPDM_CHALLENGE;
540 1 : spdm_response->extend_error_data.token = 1;
541 :
542 1 : libspdm_transport_test_encode_message(
543 : spdm_context, NULL, false, false,
544 : spdm_response_size, spdm_response,
545 : response_size, response);
546 1 : sub_index2++;
547 1 : } else if (sub_index2 == 1) {
548 : spdm_challenge_auth_response_t *spdm_response;
549 : void *data;
550 : size_t data_size;
551 : uint8_t *ptr;
552 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
553 : size_t sig_size;
554 : size_t spdm_response_size;
555 : size_t transport_header_size;
556 :
557 1 : libspdm_read_responder_public_certificate_chain(
558 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
559 : &data_size, NULL, NULL);
560 : ((libspdm_context_t *)spdm_context)
561 : ->local_context
562 1 : .local_cert_chain_provision_size[0] = data_size;
563 : ((libspdm_context_t *)spdm_context)
564 1 : ->local_context.local_cert_chain_provision[0] =
565 : data;
566 : ((libspdm_context_t *)spdm_context)
567 1 : ->connection_info.algorithm.base_asym_algo =
568 : m_libspdm_use_asym_algo;
569 : ((libspdm_context_t *)spdm_context)
570 1 : ->connection_info.algorithm.base_hash_algo =
571 : m_libspdm_use_hash_algo;
572 1 : spdm_response_size =
573 : sizeof(spdm_challenge_auth_response_t) +
574 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
575 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
576 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
577 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
578 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
579 :
580 1 : spdm_response->header.spdm_version =
581 : SPDM_MESSAGE_VERSION_11;
582 1 : spdm_response->header.request_response_code =
583 : SPDM_CHALLENGE_AUTH;
584 1 : spdm_response->header.param1 = 0;
585 1 : spdm_response->header.param2 = (1 << 0);
586 1 : ptr = (void *)(spdm_response + 1);
587 1 : libspdm_hash_all(
588 : m_libspdm_use_hash_algo,
589 : ((libspdm_context_t *)spdm_context)
590 : ->local_context
591 : .local_cert_chain_provision[0],
592 : ((libspdm_context_t *)spdm_context)
593 : ->local_context
594 : .local_cert_chain_provision_size[0],
595 : ptr);
596 1 : free(data);
597 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
598 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
599 1 : ptr += SPDM_NONCE_SIZE;
600 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
601 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
602 1 : *(uint16_t *)ptr = 0;
603 1 : ptr += sizeof(uint16_t);
604 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
605 : sizeof(m_libspdm_local_buffer)
606 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
607 : m_libspdm_local_buffer),
608 : spdm_response,
609 1 : (size_t)ptr - (size_t)spdm_response);
610 1 : m_libspdm_local_buffer_size +=
611 1 : ((size_t)ptr - (size_t)spdm_response);
612 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
613 : m_libspdm_local_buffer_size, hash_data);
614 1 : sig_size =
615 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
616 1 : libspdm_responder_data_sign(
617 : spdm_context,
618 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
619 : SPDM_CHALLENGE_AUTH,
620 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
621 : m_libspdm_use_hash_algo,
622 : false, m_libspdm_local_buffer,
623 : m_libspdm_local_buffer_size, ptr,
624 : &sig_size);
625 1 : ptr += sig_size;
626 :
627 1 : libspdm_transport_test_encode_message(
628 : spdm_context, NULL, false, false, spdm_response_size,
629 : spdm_response, response_size, response);
630 : }
631 : }
632 2 : return LIBSPDM_STATUS_SUCCESS;
633 :
634 0 : case 0xA: /*correct CHALLENGE_AUTH message*/
635 : {
636 : spdm_challenge_auth_response_t *spdm_response;
637 : void *data;
638 : size_t data_size;
639 : uint8_t *Ptr;
640 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
641 : size_t sig_size;
642 : size_t spdm_response_size;
643 : size_t transport_header_size;
644 :
645 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
646 : m_libspdm_use_asym_algo,
647 : &data,
648 : &data_size, NULL, NULL);
649 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
650 : data_size;
651 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
652 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
653 : m_libspdm_use_asym_algo;
654 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
655 : m_libspdm_use_hash_algo;
656 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
657 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
658 : SPDM_NONCE_SIZE +
659 : 0 +
660 0 : sizeof(uint16_t) + 0 +
661 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
662 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
663 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
664 :
665 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
666 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
667 0 : spdm_response->header.param1 = 0;
668 0 : spdm_response->header.param2 = (1 << 0);
669 0 : Ptr = (void *)(spdm_response + 1);
670 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
671 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
672 : 0],
673 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
674 : 0],
675 : Ptr);
676 0 : free(data);
677 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
678 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
679 0 : Ptr += SPDM_NONCE_SIZE;
680 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
681 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
682 0 : *(uint16_t *)Ptr = 0;
683 0 : Ptr += sizeof(uint16_t);
684 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
685 : sizeof(m_libspdm_local_buffer) -
686 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
687 : m_libspdm_local_buffer),
688 : spdm_response,
689 0 : (size_t)Ptr - (size_t)spdm_response);
690 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
691 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
692 : m_libspdm_local_buffer_size, hash_data);
693 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
694 0 : libspdm_responder_data_sign(
695 : spdm_context,
696 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
697 : SPDM_CHALLENGE_AUTH,
698 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
699 : false, m_libspdm_local_buffer,
700 : m_libspdm_local_buffer_size, Ptr, &sig_size);
701 0 : Ptr += sig_size;
702 :
703 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
704 : spdm_response, response_size, response);
705 : }
706 0 : return LIBSPDM_STATUS_SUCCESS;
707 :
708 1 : case 0xB: /*CHALLENGE_AUTH message smaller than a SPDM header*/
709 : {
710 : spdm_challenge_auth_response_t *spdm_response;
711 : size_t spdm_response_size;
712 : size_t transport_header_size;
713 :
714 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
715 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
716 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) - 1; /*smaller than standard message size*/
717 :
718 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
719 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
720 1 : spdm_response->header.param1 = 0;
721 1 : spdm_response->header.param2 = (1 << 0);
722 :
723 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
724 : spdm_response, response_size, response);
725 : }
726 1 : return LIBSPDM_STATUS_SUCCESS;
727 :
728 1 : case 0xC: /*CHALLENGE_AUTH message with wrong version (1.0)*/
729 : {
730 : spdm_challenge_auth_response_t *spdm_response;
731 : void *data;
732 : size_t data_size;
733 : uint8_t *Ptr;
734 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
735 : size_t sig_size;
736 : size_t spdm_response_size;
737 : size_t transport_header_size;
738 :
739 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
740 : m_libspdm_use_asym_algo,
741 : &data,
742 : &data_size, NULL, NULL);
743 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
744 : data_size;
745 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
746 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
747 : m_libspdm_use_asym_algo;
748 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
749 : m_libspdm_use_hash_algo;
750 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
751 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
752 1 : SPDM_NONCE_SIZE +
753 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
754 1 : sizeof(uint16_t) + 0 +
755 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
756 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
757 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
758 :
759 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10; /*wrong version*/
760 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
761 1 : spdm_response->header.param1 = 0;
762 1 : spdm_response->header.param2 = (1 << 0);
763 1 : Ptr = (void *)(spdm_response + 1);
764 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
765 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
766 : 0],
767 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
768 : 0],
769 : Ptr);
770 1 : free(data);
771 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
772 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
773 1 : Ptr += SPDM_NONCE_SIZE;
774 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
775 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
776 1 : *(uint16_t *)Ptr = 0;
777 1 : Ptr += sizeof(uint16_t);
778 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
779 : sizeof(m_libspdm_local_buffer) -
780 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
781 : m_libspdm_local_buffer),
782 : spdm_response,
783 1 : (size_t)Ptr - (size_t)spdm_response);
784 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
785 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
786 : m_libspdm_local_buffer_size, hash_data);
787 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
788 1 : libspdm_responder_data_sign(
789 : spdm_context,
790 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
791 : SPDM_CHALLENGE_AUTH,
792 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
793 : false, m_libspdm_local_buffer,
794 : m_libspdm_local_buffer_size, Ptr, &sig_size);
795 1 : Ptr += sig_size;
796 :
797 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
798 : spdm_response, response_size, response);
799 : }
800 1 : return LIBSPDM_STATUS_SUCCESS;
801 :
802 1 : case 0xD: /*SPDM (mostly CHALLENGE_AUTH) message with wrong response code (0x83)*/
803 : {
804 : spdm_challenge_auth_response_t *spdm_response;
805 : void *data;
806 : size_t data_size;
807 : uint8_t *Ptr;
808 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
809 : size_t sig_size;
810 : size_t spdm_response_size;
811 : size_t transport_header_size;
812 :
813 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
814 : m_libspdm_use_asym_algo,
815 : &data,
816 : &data_size, NULL, NULL);
817 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
818 : data_size;
819 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
820 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
821 : m_libspdm_use_asym_algo;
822 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
823 : m_libspdm_use_hash_algo;
824 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
825 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
826 : SPDM_NONCE_SIZE +
827 : 0 +
828 1 : sizeof(uint16_t) + 0 +
829 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
830 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
831 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
832 :
833 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
834 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE; /*wrong response code*/
835 1 : spdm_response->header.param1 = 0;
836 1 : spdm_response->header.param2 = (1 << 0);
837 1 : Ptr = (void *)(spdm_response + 1);
838 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
839 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
840 : 0],
841 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
842 : 0],
843 : Ptr);
844 1 : free(data);
845 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
846 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
847 1 : Ptr += SPDM_NONCE_SIZE;
848 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
849 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
850 1 : *(uint16_t *)Ptr = 0;
851 1 : Ptr += sizeof(uint16_t);
852 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
853 : sizeof(m_libspdm_local_buffer) -
854 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
855 : m_libspdm_local_buffer),
856 : spdm_response,
857 1 : (size_t)Ptr - (size_t)spdm_response);
858 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
859 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
860 : m_libspdm_local_buffer_size, hash_data);
861 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
862 1 : libspdm_responder_data_sign(
863 : spdm_context,
864 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
865 : SPDM_CHALLENGE_AUTH,
866 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
867 : false, m_libspdm_local_buffer,
868 : m_libspdm_local_buffer_size, Ptr, &sig_size);
869 1 : Ptr += sig_size;
870 :
871 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
872 : spdm_response, response_size, response);
873 : }
874 1 : return LIBSPDM_STATUS_SUCCESS;
875 :
876 1 : case 0xE: /*correct CHALLENGE_AUTH message with wrong slot number*/
877 : {
878 : spdm_challenge_auth_response_t *spdm_response;
879 : void *data;
880 : size_t data_size;
881 : uint8_t *Ptr;
882 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
883 : size_t sig_size;
884 : size_t spdm_response_size;
885 : size_t transport_header_size;
886 :
887 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
888 : m_libspdm_use_asym_algo,
889 : &data,
890 : &data_size, NULL, NULL);
891 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
892 : data_size;
893 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
894 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
895 : m_libspdm_use_asym_algo;
896 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
897 : m_libspdm_use_hash_algo;
898 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
899 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
900 : SPDM_NONCE_SIZE +
901 : 0 +
902 1 : sizeof(uint16_t) + 0 +
903 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
904 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
905 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
906 :
907 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
908 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
909 1 : spdm_response->header.param1 = 1;
910 1 : spdm_response->header.param2 = (1 << 1); /*wrong slot number*/
911 1 : Ptr = (void *)(spdm_response + 1);
912 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
913 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
914 : 0],
915 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
916 : 0],
917 : Ptr);
918 1 : free(data);
919 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
920 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
921 1 : Ptr += SPDM_NONCE_SIZE;
922 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
923 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
924 1 : *(uint16_t *)Ptr = 0;
925 1 : Ptr += sizeof(uint16_t);
926 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
927 : sizeof(m_libspdm_local_buffer) -
928 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
929 : m_libspdm_local_buffer),
930 : spdm_response,
931 1 : (size_t)Ptr - (size_t)spdm_response);
932 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
933 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
934 : m_libspdm_local_buffer_size, hash_data);
935 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
936 1 : libspdm_responder_data_sign(
937 : spdm_context,
938 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
939 : SPDM_CHALLENGE_AUTH,
940 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
941 : false, m_libspdm_local_buffer,
942 : m_libspdm_local_buffer_size, Ptr, &sig_size);
943 1 : Ptr += sig_size;
944 :
945 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
946 : spdm_response, response_size, response);
947 : }
948 1 : return LIBSPDM_STATUS_SUCCESS;
949 :
950 0 : case 0xF: /*CHALLENGE_AUTH message with slot number overflow*/
951 : {
952 : spdm_challenge_auth_response_t *spdm_response;
953 : void *data;
954 : size_t data_size;
955 : uint8_t *Ptr;
956 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
957 : size_t sig_size;
958 : size_t spdm_response_size;
959 : size_t transport_header_size;
960 :
961 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
962 : m_libspdm_use_asym_algo,
963 : &data,
964 : &data_size, NULL, NULL);
965 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
966 : data_size;
967 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
968 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
969 : m_libspdm_use_asym_algo;
970 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
971 : m_libspdm_use_hash_algo;
972 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
973 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
974 : SPDM_NONCE_SIZE +
975 : 0 +
976 0 : sizeof(uint16_t) + 0 +
977 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
978 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
979 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
980 :
981 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
982 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
983 0 : spdm_response->header.param1 = 8; /*slot number overflow*/
984 0 : spdm_response->header.param2 = (1 << 0);
985 0 : Ptr = (void *)(spdm_response + 1);
986 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
987 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
988 : 0],
989 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
990 : 0],
991 : Ptr);
992 0 : free(data);
993 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
994 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
995 0 : Ptr += SPDM_NONCE_SIZE;
996 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
997 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
998 0 : *(uint16_t *)Ptr = 0;
999 0 : Ptr += sizeof(uint16_t);
1000 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1001 : sizeof(m_libspdm_local_buffer) -
1002 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1003 : m_libspdm_local_buffer),
1004 : spdm_response,
1005 0 : (size_t)Ptr - (size_t)spdm_response);
1006 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1007 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1008 : m_libspdm_local_buffer_size, hash_data);
1009 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1010 0 : libspdm_responder_data_sign(
1011 : spdm_context,
1012 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1013 : SPDM_CHALLENGE_AUTH,
1014 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1015 : false, m_libspdm_local_buffer,
1016 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1017 0 : Ptr += sig_size;
1018 :
1019 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1020 : spdm_response, response_size, response);
1021 : }
1022 0 : return LIBSPDM_STATUS_SUCCESS;
1023 :
1024 1 : case 0x10: /*correct CHALLENGE_AUTH message with "libspdm" opaque data*/
1025 : {
1026 : spdm_challenge_auth_response_t *spdm_response;
1027 : void *data;
1028 : size_t data_size;
1029 : uint8_t *Ptr;
1030 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1031 : size_t sig_size;
1032 : size_t spdm_response_size;
1033 : size_t transport_header_size;
1034 :
1035 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1036 : m_libspdm_use_asym_algo,
1037 : &data,
1038 : &data_size, NULL, NULL);
1039 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1040 : data_size;
1041 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1042 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1043 : m_libspdm_use_asym_algo;
1044 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1045 : m_libspdm_use_hash_algo;
1046 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1047 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1048 : SPDM_NONCE_SIZE +
1049 : 0 +
1050 1 : sizeof(uint16_t) + 8 +
1051 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1052 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1053 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1054 :
1055 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1056 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1057 1 : spdm_response->header.param1 = 0;
1058 1 : spdm_response->header.param2 = (1 << 0);
1059 1 : Ptr = (void *)(spdm_response + 1);
1060 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1061 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1062 : 0],
1063 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1064 : 0],
1065 : Ptr);
1066 1 : free(data);
1067 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1068 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1069 1 : Ptr += SPDM_NONCE_SIZE;
1070 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1071 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1072 1 : *(uint16_t *)Ptr = (uint16_t)strlen("libspdm");
1073 1 : Ptr += sizeof(uint16_t);
1074 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr, "libspdm",
1075 : strlen("libspdm"));
1076 1 : Ptr += strlen("libspdm");
1077 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1078 : sizeof(m_libspdm_local_buffer) -
1079 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1080 : m_libspdm_local_buffer),
1081 : spdm_response,
1082 1 : (size_t)Ptr - (size_t)spdm_response);
1083 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1084 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1085 : m_libspdm_local_buffer_size, hash_data);
1086 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1087 1 : libspdm_responder_data_sign(
1088 : spdm_context,
1089 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1090 : SPDM_CHALLENGE_AUTH,
1091 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1092 : false, m_libspdm_local_buffer,
1093 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1094 1 : Ptr += sig_size;
1095 :
1096 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1097 : spdm_response, response_size, response);
1098 : }
1099 1 : return LIBSPDM_STATUS_SUCCESS;
1100 :
1101 1 : case 0x11: /*correct CHALLENGE_AUTH message with invalid signature*/
1102 : {
1103 : spdm_challenge_auth_response_t *spdm_response;
1104 : void *data;
1105 : size_t data_size;
1106 : uint8_t *Ptr;
1107 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1108 : size_t sig_size;
1109 : size_t spdm_response_size;
1110 : size_t transport_header_size;
1111 :
1112 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1113 : m_libspdm_use_asym_algo,
1114 : &data,
1115 : &data_size, NULL, NULL);
1116 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1117 : data_size;
1118 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1119 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1120 : m_libspdm_use_asym_algo;
1121 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1122 : m_libspdm_use_hash_algo;
1123 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1124 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1125 : SPDM_NONCE_SIZE +
1126 : 0 +
1127 1 : sizeof(uint16_t) + 0 +
1128 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1129 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1130 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1131 :
1132 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1133 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1134 1 : spdm_response->header.param1 = 0;
1135 1 : spdm_response->header.param2 = (1 << 0);
1136 1 : Ptr = (void *)(spdm_response + 1);
1137 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1138 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1139 : 0],
1140 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1141 : 0],
1142 : Ptr);
1143 1 : free(data);
1144 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1145 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1146 1 : Ptr += SPDM_NONCE_SIZE;
1147 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1148 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1149 1 : *(uint16_t *)Ptr = 0;
1150 1 : Ptr += sizeof(uint16_t);
1151 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1152 : sizeof(m_libspdm_local_buffer) -
1153 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1154 : m_libspdm_local_buffer),
1155 : spdm_response,
1156 1 : (size_t)Ptr - (size_t)spdm_response);
1157 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1158 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1159 : m_libspdm_local_buffer_size, hash_data);
1160 1 : libspdm_hash_all (m_libspdm_use_hash_algo, hash_data, libspdm_get_hash_size (
1161 : m_libspdm_use_hash_algo), hash_data);
1162 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1163 1 : libspdm_responder_data_sign(
1164 : spdm_context,
1165 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1166 : SPDM_CHALLENGE_AUTH,
1167 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1168 1 : false, hash_data, libspdm_get_hash_size (
1169 : m_libspdm_use_hash_algo), Ptr, &sig_size);
1170 1 : Ptr += sig_size;
1171 :
1172 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1173 : spdm_response, response_size, response);
1174 : }
1175 1 : return LIBSPDM_STATUS_SUCCESS;
1176 :
1177 2 : case 0x12: /*correct CHALLENGE_AUTH message*/
1178 : case 0x13: /*correct CHALLENGE_AUTH message*/
1179 : {
1180 : spdm_challenge_auth_response_t *spdm_response;
1181 : void *data;
1182 : size_t data_size;
1183 : uint8_t *Ptr;
1184 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1185 : size_t sig_size;
1186 : size_t spdm_response_size;
1187 : size_t transport_header_size;
1188 :
1189 2 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1190 : m_libspdm_use_asym_algo,
1191 : &data,
1192 : &data_size, NULL, NULL);
1193 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1194 : data_size;
1195 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1196 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1197 : m_libspdm_use_asym_algo;
1198 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1199 : m_libspdm_use_hash_algo;
1200 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1201 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1202 2 : SPDM_NONCE_SIZE +
1203 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1204 2 : sizeof(uint16_t) + 0 +
1205 2 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1206 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1207 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1208 :
1209 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1210 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1211 2 : spdm_response->header.param1 = 0;
1212 2 : spdm_response->header.param2 = (1 << 0);
1213 2 : Ptr = (void *)(spdm_response + 1);
1214 2 : libspdm_hash_all (m_libspdm_use_hash_algo,
1215 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1216 : 0],
1217 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1218 : 0],
1219 : Ptr);
1220 2 : free(data);
1221 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1222 2 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1223 2 : Ptr += SPDM_NONCE_SIZE;
1224 2 : libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1225 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1226 2 : *(uint16_t *)Ptr = 0;
1227 2 : Ptr += sizeof(uint16_t);
1228 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1229 : sizeof(m_libspdm_local_buffer) -
1230 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1231 : m_libspdm_local_buffer),
1232 : spdm_response,
1233 2 : (size_t)Ptr - (size_t)spdm_response);
1234 2 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1235 2 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1236 : m_libspdm_local_buffer_size, hash_data);
1237 2 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1238 2 : libspdm_responder_data_sign(
1239 : spdm_context,
1240 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1241 : SPDM_CHALLENGE_AUTH,
1242 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1243 : false, m_libspdm_local_buffer,
1244 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1245 2 : Ptr += sig_size;
1246 :
1247 2 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1248 : spdm_response, response_size, response);
1249 : }
1250 2 : return LIBSPDM_STATUS_SUCCESS;
1251 :
1252 18 : case 0x14:
1253 : {
1254 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1255 :
1256 : spdm_error_response_t *spdm_response;
1257 : size_t spdm_response_size;
1258 : size_t transport_header_size;
1259 :
1260 18 : if(error_code <= 0xff) {
1261 18 : spdm_response_size = sizeof(spdm_error_response_t);
1262 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1263 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1264 :
1265 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1266 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1267 18 : spdm_response->header.param1 = (uint8_t) error_code;
1268 18 : spdm_response->header.param2 = 0;
1269 :
1270 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1271 : spdm_response_size, spdm_response,
1272 : response_size, response);
1273 : }
1274 :
1275 18 : error_code++;
1276 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1277 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1278 : }
1279 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
1280 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1281 : }
1282 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
1283 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1284 : }
1285 : }
1286 18 : return LIBSPDM_STATUS_SUCCESS;
1287 :
1288 0 : case 0x15: /*correct CHALLENGE_AUTH message with multiple slot numbers */
1289 : {
1290 : spdm_challenge_auth_response_t *spdm_response;
1291 : void *data;
1292 : size_t data_size;
1293 : uint8_t *ptr;
1294 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1295 : size_t sig_size;
1296 : size_t spdm_response_size;
1297 : size_t transport_header_size;
1298 :
1299 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1300 : m_libspdm_use_asym_algo,
1301 : &data,
1302 : &data_size, NULL, NULL);
1303 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1304 : data_size;
1305 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1306 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1307 : m_libspdm_use_asym_algo;
1308 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1309 : m_libspdm_use_hash_algo;
1310 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1311 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1312 : SPDM_NONCE_SIZE +
1313 : 0 +
1314 0 : sizeof(uint16_t) + 0 +
1315 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1316 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1317 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1318 :
1319 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1320 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1321 0 : spdm_response->header.param1 = 0;
1322 0 : spdm_response->header.param2 = 0x71; /*multiple slot numbers */
1323 0 : ptr = (void *)(spdm_response + 1);
1324 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
1325 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1326 : 0],
1327 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1328 : 0],
1329 : ptr);
1330 0 : free(data);
1331 0 : ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1332 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, ptr);
1333 0 : ptr += SPDM_NONCE_SIZE;
1334 0 : *(uint16_t *)ptr = 0;
1335 0 : ptr += sizeof(uint16_t);
1336 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1337 : sizeof(m_libspdm_local_buffer) -
1338 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1339 : m_libspdm_local_buffer),
1340 : spdm_response,
1341 0 : (size_t)ptr - (size_t)spdm_response);
1342 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1343 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1344 : m_libspdm_local_buffer_size, hash_data);
1345 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1346 0 : libspdm_responder_data_sign(
1347 : spdm_context,
1348 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1349 : SPDM_CHALLENGE_AUTH,
1350 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1351 : false, m_libspdm_local_buffer,
1352 : m_libspdm_local_buffer_size, ptr, &sig_size);
1353 0 : ptr += sig_size;
1354 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1355 : spdm_response, response_size, response);
1356 : }
1357 0 : return LIBSPDM_STATUS_SUCCESS;
1358 :
1359 1 : case 0x16: { /*correct CHALLENGE_AUTH message*/
1360 : spdm_challenge_auth_response_t *spdm_response;
1361 : void *data;
1362 : size_t data_size;
1363 : uint8_t *ptr;
1364 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1365 : size_t sig_size;
1366 : size_t spdm_response_size;
1367 : size_t transport_header_size;
1368 :
1369 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1370 : m_libspdm_use_asym_algo,
1371 : &data,
1372 : &data_size, NULL, NULL);
1373 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1374 : data_size;
1375 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1376 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1377 : m_libspdm_use_asym_algo;
1378 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1379 : m_libspdm_use_hash_algo;
1380 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1381 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1382 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1383 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1384 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1385 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1386 :
1387 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1388 1 : spdm_response->header.request_response_code =SPDM_CHALLENGE_AUTH;
1389 1 : spdm_response->header.param1 = 0;
1390 1 : spdm_response->header.param2 = (1 << 0);
1391 1 : ptr = (void *)(spdm_response + 1);
1392 1 : libspdm_hash_all(m_libspdm_use_hash_algo,
1393 : ((libspdm_context_t *)spdm_context)
1394 : ->local_context.local_cert_chain_provision[0],
1395 : ((libspdm_context_t *)spdm_context)
1396 : ->local_context.local_cert_chain_provision_size[0],
1397 : ptr);
1398 1 : free(data);
1399 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1400 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1401 1 : ptr += SPDM_NONCE_SIZE;
1402 : /* libspdm_zero_mem (ptr, spdm_get_hash_size (m_libspdm_use_hash_algo));
1403 : * ptr += spdm_get_hash_size (m_libspdm_use_hash_algo);*/
1404 1 : *(uint16_t *)ptr = 0;
1405 1 : ptr += sizeof(uint16_t);
1406 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1407 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1408 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1409 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1410 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
1411 : m_libspdm_local_buffer_size));
1412 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1413 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1414 : m_libspdm_local_buffer_size, hash_data);
1415 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1416 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1417 1 : libspdm_dump_hex(hash_data, libspdm_get_hash_size(m_libspdm_use_hash_algo));
1418 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1419 1 : libspdm_responder_data_sign(
1420 : spdm_context,
1421 1 : spdm_response->header.spdm_version <<
1422 : SPDM_VERSION_NUMBER_SHIFT_BIT,
1423 : SPDM_CHALLENGE_AUTH,
1424 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1425 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1426 : ptr, &sig_size);
1427 1 : ptr += sig_size;
1428 :
1429 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1430 : false, spdm_response_size,
1431 : spdm_response, response_size,
1432 : response);
1433 : }
1434 1 : return LIBSPDM_STATUS_SUCCESS;
1435 :
1436 2 : case 0x17: { /*correct CHALLENGE_AUTH message*/
1437 : spdm_challenge_auth_response_t *spdm_response;
1438 : void *data;
1439 : size_t data_size;
1440 : uint8_t *ptr;
1441 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1442 : size_t sig_size;
1443 : size_t spdm_response_size;
1444 : size_t transport_header_size;
1445 : static uint8_t slot_id = 0;
1446 :
1447 2 : if (slot_id == 0) {
1448 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1449 : m_libspdm_use_asym_algo, &data,
1450 : &data_size, NULL, NULL);
1451 : } else {
1452 1 : libspdm_read_responder_public_certificate_chain_per_slot(1,
1453 : m_libspdm_use_hash_algo,
1454 : m_libspdm_use_asym_algo, &data,
1455 : &data_size, NULL, NULL);
1456 : }
1457 : ((libspdm_context_t *)spdm_context)
1458 2 : ->local_context.local_cert_chain_provision_size[slot_id] =
1459 : data_size;
1460 : ((libspdm_context_t *)spdm_context)
1461 2 : ->local_context.local_cert_chain_provision[slot_id] = data;
1462 : ((libspdm_context_t *)spdm_context)
1463 2 : ->connection_info.algorithm.base_asym_algo =
1464 : m_libspdm_use_asym_algo;
1465 : ((libspdm_context_t *)spdm_context)
1466 2 : ->connection_info.algorithm.base_hash_algo =
1467 : m_libspdm_use_hash_algo;
1468 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1469 2 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1470 2 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1471 2 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1472 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1473 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1474 :
1475 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1476 2 : spdm_response->header.request_response_code =
1477 : SPDM_CHALLENGE_AUTH;
1478 2 : spdm_response->header.param1 = slot_id & 0xF;
1479 2 : spdm_response->header.param2 = (1 << slot_id);
1480 2 : ptr = (void *)(spdm_response + 1);
1481 2 : libspdm_hash_all(
1482 : m_libspdm_use_hash_algo,
1483 : ((libspdm_context_t *)spdm_context)
1484 : ->local_context.local_cert_chain_provision[slot_id],
1485 : ((libspdm_context_t *)spdm_context)
1486 : ->local_context
1487 : .local_cert_chain_provision_size[slot_id],
1488 : ptr);
1489 2 : free(data);
1490 2 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1491 2 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1492 2 : ptr += SPDM_NONCE_SIZE;
1493 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1494 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1495 2 : *(uint16_t *)ptr = 0;
1496 2 : ptr += sizeof(uint16_t);
1497 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1498 : sizeof(m_libspdm_local_buffer) -
1499 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1500 : m_libspdm_local_buffer),
1501 2 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1502 2 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1503 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1504 : m_libspdm_local_buffer_size));
1505 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1506 2 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1507 : m_libspdm_local_buffer_size, hash_data);
1508 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1509 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1510 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1511 2 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1512 2 : libspdm_responder_data_sign(
1513 : spdm_context,
1514 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1515 : SPDM_CHALLENGE_AUTH,
1516 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1517 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1518 : ptr, &sig_size);
1519 2 : ptr += sig_size;
1520 :
1521 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1522 : false, spdm_response_size,
1523 : spdm_response, response_size,
1524 : response);
1525 2 : slot_id++;
1526 : }
1527 2 : return LIBSPDM_STATUS_SUCCESS;
1528 :
1529 1 : case 0x18: { /* correct CHALLENGE_AUTH message using slot 0xFF */
1530 : spdm_challenge_auth_response_t *spdm_response;
1531 : void *data;
1532 : size_t data_size;
1533 : uint8_t *ptr;
1534 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1535 : size_t sig_size;
1536 : size_t spdm_response_size;
1537 : size_t transport_header_size;
1538 :
1539 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1540 : ((libspdm_context_t *)spdm_context)
1541 1 : ->local_context.local_public_key_provision_size = data_size;
1542 : ((libspdm_context_t *)spdm_context)
1543 1 : ->local_context.local_public_key_provision = data;
1544 : ((libspdm_context_t *)spdm_context)
1545 1 : ->connection_info.algorithm.base_asym_algo =
1546 : m_libspdm_use_asym_algo;
1547 : ((libspdm_context_t *)spdm_context)
1548 1 : ->connection_info.algorithm.base_hash_algo =
1549 : m_libspdm_use_hash_algo;
1550 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1551 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1552 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1553 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1554 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1555 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1556 :
1557 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1558 1 : spdm_response->header.request_response_code =
1559 : SPDM_CHALLENGE_AUTH;
1560 1 : spdm_response->header.param1 = 0x0F;
1561 1 : spdm_response->header.param2 = 0;
1562 1 : ptr = (void *)(spdm_response + 1);
1563 1 : libspdm_hash_all(
1564 : m_libspdm_use_hash_algo,
1565 : ((libspdm_context_t *)spdm_context)
1566 : ->local_context.local_public_key_provision,
1567 : ((libspdm_context_t *)spdm_context)
1568 : ->local_context
1569 : .local_public_key_provision_size,
1570 : ptr);
1571 1 : free(data);
1572 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1573 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1574 1 : ptr += SPDM_NONCE_SIZE;
1575 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1576 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1577 1 : *(uint16_t *)ptr = 0;
1578 1 : ptr += sizeof(uint16_t);
1579 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1580 : sizeof(m_libspdm_local_buffer) -
1581 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1582 : m_libspdm_local_buffer),
1583 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1584 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1585 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1586 : m_libspdm_local_buffer_size));
1587 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1588 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1589 : m_libspdm_local_buffer_size, hash_data);
1590 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1591 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1592 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1593 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1594 1 : libspdm_responder_data_sign(
1595 : spdm_context,
1596 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1597 : SPDM_CHALLENGE_AUTH,
1598 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1599 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1600 : ptr, &sig_size);
1601 1 : ptr += sig_size;
1602 :
1603 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1604 : false, spdm_response_size,
1605 : spdm_response, response_size,
1606 : response);
1607 : }
1608 1 : return LIBSPDM_STATUS_SUCCESS;
1609 :
1610 1 : case 0x19: /*CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed*/
1611 : {
1612 : spdm_challenge_auth_response_t *spdm_response;
1613 : void *data;
1614 : size_t data_size;
1615 : uint8_t *Ptr;
1616 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1617 : size_t sig_size;
1618 : size_t spdm_response_size;
1619 : size_t transport_header_size;
1620 : uint16_t opaque_length;
1621 1 : opaque_length = SPDM_MAX_OPAQUE_DATA_SIZE + 1; /*opaque_length greater than the maximum allowed*/
1622 :
1623 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1624 : m_libspdm_use_asym_algo,
1625 : &data,
1626 : &data_size, NULL, NULL);
1627 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1628 : data_size;
1629 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1630 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1631 : m_libspdm_use_asym_algo;
1632 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1633 : m_libspdm_use_hash_algo;
1634 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1635 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1636 : SPDM_NONCE_SIZE +
1637 : 0 +
1638 1 : sizeof(uint16_t) +
1639 1 : opaque_length +
1640 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1641 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1642 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1643 :
1644 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1645 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1646 1 : spdm_response->header.param1 = 0;
1647 1 : spdm_response->header.param2 = (1 << 0);
1648 1 : Ptr = (void *)(spdm_response + 1);
1649 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1650 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1651 : 0],
1652 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1653 : 0],
1654 : Ptr);
1655 1 : free(data);
1656 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1657 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1658 1 : Ptr += SPDM_NONCE_SIZE;
1659 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1660 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1661 1 : *(uint16_t *)Ptr = opaque_length;
1662 1 : Ptr += sizeof(uint16_t);
1663 1 : libspdm_set_mem(Ptr, opaque_length, 255);
1664 1 : Ptr += opaque_length;
1665 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1666 : sizeof(m_libspdm_local_buffer) -
1667 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1668 : m_libspdm_local_buffer),
1669 : spdm_response,
1670 1 : (size_t)Ptr - (size_t)spdm_response);
1671 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1672 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1673 : m_libspdm_local_buffer_size, hash_data);
1674 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1675 1 : libspdm_responder_data_sign(
1676 : spdm_context,
1677 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1678 : SPDM_CHALLENGE_AUTH,
1679 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1680 : false, m_libspdm_local_buffer,
1681 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1682 1 : Ptr += sig_size;
1683 :
1684 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1685 : spdm_response, response_size, response);
1686 : }
1687 1 : return LIBSPDM_STATUS_SUCCESS;
1688 :
1689 1 : case 0x1A:
1690 : {
1691 : spdm_challenge_auth_response_t *spdm_response;
1692 : spdm_general_opaque_data_table_header_t
1693 : *spdm_general_opaque_data_table_header;
1694 : opaque_element_table_header_t
1695 : *opaque_element_table_header;
1696 : void *data;
1697 : size_t data_size;
1698 : uint8_t *Ptr;
1699 : size_t sig_size;
1700 : size_t spdm_response_size;
1701 : size_t transport_header_size;
1702 : uint8_t element_num;
1703 : uint8_t element_index;
1704 : size_t current_element_len;
1705 : uint16_t opaque_element_data_len;
1706 :
1707 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1708 : m_libspdm_use_asym_algo,
1709 : &data,
1710 : &data_size, NULL, NULL);
1711 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1712 : data_size;
1713 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1714 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1715 : m_libspdm_use_asym_algo;
1716 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1717 : m_libspdm_use_hash_algo;
1718 :
1719 :
1720 1 : spdm_general_opaque_data_table_header = (void *)m_libspdm_opaque_data;
1721 1 : spdm_general_opaque_data_table_header->total_elements = 4;
1722 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1723 :
1724 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1725 1 : m_libspdm_opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1726 :
1727 5 : for (element_index = 0; element_index < element_num; element_index++) {
1728 4 : opaque_element_table_header->id = SPDM_REGISTRY_ID_MAX;
1729 4 : opaque_element_table_header->vendor_len = 0;
1730 4 : opaque_element_data_len = (uint16_t)strlen("libspdm");
1731 :
1732 4 : Ptr = (void *)(opaque_element_table_header + 1);
1733 4 : Ptr += opaque_element_table_header->vendor_len;
1734 :
1735 4 : libspdm_copy_mem((uint16_t *)Ptr,
1736 : sizeof(opaque_element_data_len),
1737 : &opaque_element_data_len,
1738 : sizeof(opaque_element_data_len));
1739 :
1740 4 : libspdm_copy_mem(Ptr + sizeof(opaque_element_data_len),
1741 : SPDM_MAX_OPAQUE_DATA_SIZE -
1742 : sizeof(opaque_element_table_header_t), "libspdm",
1743 : strlen("libspdm"));
1744 :
1745 4 : current_element_len = sizeof(opaque_element_table_header_t) +
1746 4 : opaque_element_table_header->vendor_len +
1747 4 : sizeof(opaque_element_data_len) +
1748 : opaque_element_data_len;
1749 4 : current_element_len = (current_element_len + 3) & ~3;
1750 :
1751 : /*move to next element*/
1752 4 : opaque_element_table_header =
1753 : (opaque_element_table_header_t *)
1754 : ((uint8_t *)opaque_element_table_header +
1755 : current_element_len);
1756 :
1757 4 : m_libspdm_opaque_data_size += current_element_len;
1758 : }
1759 :
1760 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1761 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1762 : SPDM_NONCE_SIZE +
1763 : 0 +
1764 2 : sizeof(uint16_t) + m_libspdm_opaque_data_size +
1765 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1766 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1767 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1768 :
1769 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
1770 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1771 1 : spdm_response->header.param1 = 0;
1772 1 : spdm_response->header.param2 = (1 << 0);
1773 1 : Ptr = (void *)(spdm_response + 1);
1774 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1775 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1776 : 0],
1777 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1778 : 0],
1779 : Ptr);
1780 1 : free(data);
1781 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1782 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1783 1 : Ptr += SPDM_NONCE_SIZE;
1784 1 : *(uint16_t *)Ptr = (uint16_t)m_libspdm_opaque_data_size;
1785 1 : Ptr += sizeof(uint16_t);
1786 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr,
1787 : m_libspdm_opaque_data,
1788 : m_libspdm_opaque_data_size);
1789 1 : Ptr += m_libspdm_opaque_data_size;
1790 :
1791 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1792 : sizeof(m_libspdm_local_buffer) -
1793 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1794 : m_libspdm_local_buffer),
1795 : spdm_response,
1796 1 : (size_t)Ptr - (size_t)spdm_response);
1797 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1798 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1799 1 : libspdm_responder_data_sign(
1800 : spdm_context,
1801 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1802 : SPDM_CHALLENGE_AUTH,
1803 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1804 : false, m_libspdm_local_buffer,
1805 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1806 1 : Ptr += sig_size;
1807 :
1808 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1809 : spdm_response, response_size, response);
1810 : }
1811 1 : return LIBSPDM_STATUS_SUCCESS;
1812 1 : case 0x1B: {
1813 : spdm_challenge_auth_response_t *spdm_response;
1814 : void *data;
1815 : size_t data_size;
1816 : uint8_t *ptr;
1817 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1818 : size_t sig_size;
1819 : size_t spdm_response_size;
1820 : size_t transport_header_size;
1821 1 : uint8_t slot_id = 0;
1822 :
1823 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1824 : m_libspdm_use_asym_algo, &data,
1825 : &data_size, NULL, NULL);
1826 : ((libspdm_context_t *)spdm_context)
1827 1 : ->local_context.local_cert_chain_provision_size[0] =
1828 : data_size;
1829 : ((libspdm_context_t *)spdm_context)
1830 1 : ->local_context.local_cert_chain_provision[0] = data;
1831 : ((libspdm_context_t *)spdm_context)
1832 1 : ->connection_info.algorithm.base_asym_algo =
1833 : m_libspdm_use_asym_algo;
1834 : ((libspdm_context_t *)spdm_context)
1835 1 : ->connection_info.algorithm.base_hash_algo =
1836 : m_libspdm_use_hash_algo;
1837 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1838 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1839 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1840 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1841 : SPDM_REQ_CONTEXT_SIZE;
1842 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1843 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1844 :
1845 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1846 1 : spdm_response->header.request_response_code =
1847 : SPDM_CHALLENGE_AUTH;
1848 1 : spdm_response->header.param1 = slot_id;
1849 1 : spdm_response->header.param2 = (1 << slot_id);
1850 1 : ptr = (void *)(spdm_response + 1);
1851 1 : libspdm_hash_all(
1852 : m_libspdm_use_hash_algo,
1853 : ((libspdm_context_t *)spdm_context)
1854 : ->local_context.local_cert_chain_provision[slot_id],
1855 : ((libspdm_context_t *)spdm_context)
1856 : ->local_context
1857 : .local_cert_chain_provision_size[slot_id],
1858 : ptr);
1859 1 : free(data);
1860 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1861 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1862 1 : ptr += SPDM_NONCE_SIZE;
1863 1 : *(uint16_t *)ptr = 0;
1864 1 : ptr += sizeof(uint16_t);
1865 1 : libspdm_copy_mem(ptr, SPDM_REQ_CONTEXT_SIZE, m_requester_context, SPDM_REQ_CONTEXT_SIZE);
1866 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1867 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1868 : sizeof(m_libspdm_local_buffer) -
1869 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1870 : m_libspdm_local_buffer),
1871 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1872 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1873 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1874 : m_libspdm_local_buffer_size));
1875 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1876 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1877 : m_libspdm_local_buffer_size, hash_data);
1878 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1879 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1880 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1881 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1882 1 : libspdm_responder_data_sign(
1883 : spdm_context,
1884 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1885 : SPDM_CHALLENGE_AUTH,
1886 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1887 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1888 : ptr, &sig_size);
1889 1 : ptr += sig_size;
1890 :
1891 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1892 : false, spdm_response_size,
1893 : spdm_response, response_size,
1894 : response);
1895 : }
1896 1 : return LIBSPDM_STATUS_SUCCESS;
1897 1 : case 0x1C: {
1898 : spdm_challenge_auth_response_t *spdm_response;
1899 : void *data;
1900 : size_t data_size;
1901 : uint8_t *ptr;
1902 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1903 : size_t sig_size;
1904 : size_t spdm_response_size;
1905 : size_t transport_header_size;
1906 1 : uint8_t slot_id = 0;
1907 :
1908 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1909 : m_libspdm_use_asym_algo, &data,
1910 : &data_size, NULL, NULL);
1911 : ((libspdm_context_t *)spdm_context)
1912 1 : ->local_context.local_cert_chain_provision_size[0] =
1913 : data_size;
1914 : ((libspdm_context_t *)spdm_context)
1915 1 : ->local_context.local_cert_chain_provision[0] = data;
1916 : ((libspdm_context_t *)spdm_context)
1917 1 : ->connection_info.algorithm.base_asym_algo =
1918 : m_libspdm_use_asym_algo;
1919 : ((libspdm_context_t *)spdm_context)
1920 1 : ->connection_info.algorithm.base_hash_algo =
1921 : m_libspdm_use_hash_algo;
1922 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1923 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1924 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1925 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1926 : SPDM_REQ_CONTEXT_SIZE;
1927 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1928 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1929 :
1930 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1931 1 : spdm_response->header.request_response_code =
1932 : SPDM_CHALLENGE_AUTH;
1933 1 : spdm_response->header.param1 = slot_id;
1934 1 : spdm_response->header.param2 = (1 << slot_id);
1935 1 : ptr = (void *)(spdm_response + 1);
1936 1 : libspdm_hash_all(
1937 : m_libspdm_use_hash_algo,
1938 : ((libspdm_context_t *)spdm_context)
1939 : ->local_context.local_cert_chain_provision[slot_id],
1940 : ((libspdm_context_t *)spdm_context)
1941 : ->local_context
1942 : .local_cert_chain_provision_size[slot_id],
1943 : ptr);
1944 1 : free(data);
1945 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1946 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1947 1 : ptr += SPDM_NONCE_SIZE;
1948 1 : *(uint16_t *)ptr = 0;
1949 1 : ptr += sizeof(uint16_t);
1950 1 : libspdm_get_random_number(SPDM_REQ_CONTEXT_SIZE,ptr);
1951 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1952 :
1953 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1954 : sizeof(m_libspdm_local_buffer) -
1955 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1956 : m_libspdm_local_buffer),
1957 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1958 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1959 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1960 : m_libspdm_local_buffer_size));
1961 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1962 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1963 : m_libspdm_local_buffer_size, hash_data);
1964 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1965 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1966 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1967 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1968 1 : libspdm_responder_data_sign(
1969 : spdm_context,
1970 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1971 : SPDM_CHALLENGE_AUTH,
1972 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1973 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1974 : ptr, &sig_size);
1975 1 : ptr += sig_size;
1976 :
1977 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1978 : false, spdm_response_size,
1979 : spdm_response, response_size,
1980 : response);
1981 : }
1982 1 : return LIBSPDM_STATUS_SUCCESS;
1983 0 : default:
1984 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1985 : }
1986 : }
1987 :
1988 : /**
1989 : * Test 1: when no CHALLENGE_AUTH message is received, and the client returns a
1990 : * device error.
1991 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1992 : **/
1993 1 : void libspdm_test_requester_challenge_case1(void **state)
1994 : {
1995 : libspdm_return_t status;
1996 : libspdm_test_context_t *spdm_test_context;
1997 : libspdm_context_t *spdm_context;
1998 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
1999 : void *data;
2000 : size_t data_size;
2001 : void *hash;
2002 : size_t hash_size;
2003 :
2004 1 : spdm_test_context = *state;
2005 1 : spdm_context = spdm_test_context->spdm_context;
2006 1 : spdm_test_context->case_id = 0x1;
2007 1 : spdm_context->connection_info.connection_state =
2008 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2009 1 : spdm_context->connection_info.capability.flags = 0;
2010 1 : spdm_context->connection_info.capability.flags |=
2011 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2012 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2013 : m_libspdm_use_asym_algo, &data,
2014 : &data_size, &hash, &hash_size)) {
2015 0 : assert(false);
2016 : }
2017 1 : libspdm_reset_message_a(spdm_context);
2018 1 : libspdm_reset_message_b(spdm_context);
2019 1 : libspdm_reset_message_c(spdm_context);
2020 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2021 : m_libspdm_use_hash_algo;
2022 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2023 : m_libspdm_use_asym_algo;
2024 :
2025 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2026 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2027 :
2028 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2029 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2030 : data_size;
2031 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2032 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2033 : data, data_size);
2034 : #else
2035 1 : libspdm_hash_all(
2036 : spdm_context->connection_info.algorithm.base_hash_algo,
2037 : data, data_size,
2038 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2039 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2040 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2041 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2042 : spdm_context->connection_info.algorithm.base_hash_algo,
2043 : spdm_context->connection_info.algorithm.base_asym_algo,
2044 : data, data_size,
2045 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2046 : #endif
2047 :
2048 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2049 1 : status = libspdm_challenge(
2050 : spdm_context, NULL, 0,
2051 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2052 : measurement_hash, NULL);
2053 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
2054 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2055 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2056 : #endif
2057 1 : free(data);
2058 1 : }
2059 :
2060 : /**
2061 : * Test 2: the requester is setup correctly to send a CHALLENGE message:
2062 : * - it has flags indicating that the previous messages were sent
2063 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2064 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2065 : * signature algorithms, and the use of challenges.
2066 : * - it has the responder's certificate chain.
2067 : * The CHALLENGE message requests usage of the first certificate in the chain
2068 : * (param1=0) and do not request measurements (param2=0).
2069 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2070 : * no opaque data and a signature on the sent nonce.
2071 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2072 : **/
2073 1 : void libspdm_test_requester_challenge_case2(void **state)
2074 : {
2075 : libspdm_return_t status;
2076 : libspdm_test_context_t *spdm_test_context;
2077 : libspdm_context_t *spdm_context;
2078 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2079 : void *data;
2080 : size_t data_size;
2081 : void *hash;
2082 : size_t hash_size;
2083 :
2084 1 : spdm_test_context = *state;
2085 1 : spdm_context = spdm_test_context->spdm_context;
2086 1 : spdm_test_context->case_id = 0x2;
2087 1 : spdm_context->connection_info.connection_state =
2088 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2089 1 : spdm_context->connection_info.capability.flags = 0;
2090 1 : spdm_context->connection_info.capability.flags |=
2091 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2092 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2093 : m_libspdm_use_asym_algo, &data,
2094 : &data_size, &hash, &hash_size)) {
2095 0 : assert(false);
2096 : }
2097 1 : libspdm_reset_message_a(spdm_context);
2098 1 : libspdm_reset_message_b(spdm_context);
2099 1 : libspdm_reset_message_c(spdm_context);
2100 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2101 : m_libspdm_use_hash_algo;
2102 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2103 : m_libspdm_use_asym_algo;
2104 :
2105 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2106 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2107 :
2108 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2109 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2110 : data_size;
2111 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2112 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2113 : data, data_size);
2114 : #else
2115 1 : libspdm_hash_all(
2116 : spdm_context->connection_info.algorithm.base_hash_algo,
2117 : data, data_size,
2118 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2119 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2120 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2121 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2122 : spdm_context->connection_info.algorithm.base_hash_algo,
2123 : spdm_context->connection_info.algorithm.base_asym_algo,
2124 : data, data_size,
2125 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2126 : #endif
2127 :
2128 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2129 1 : status = libspdm_challenge(
2130 : spdm_context, NULL, 0,
2131 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2132 : measurement_hash, NULL);
2133 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2134 :
2135 : /* Completion of CHALLENGE sets M1/M2 to null. */
2136 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2137 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2138 : #else
2139 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
2140 : #endif
2141 1 : free(data);
2142 1 : }
2143 :
2144 : /**
2145 : * Test 3: the requester is not setup correctly to send a CHALLENGE message:
2146 : * - it has *no* flags indicating that the previous messages were sent
2147 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS); but
2148 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2149 : * signature algorithms, and the use of challenges.
2150 : * - it has the responder's certificate chain.
2151 : * The CHALLENGE message requests usage of the first certificate in the chain
2152 : * (param1=0) and do not request measurements (param2=0).
2153 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2154 : * no opaque data and a signature on the sent nonce.
2155 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2156 : * transcript buffer is not set.
2157 : **/
2158 1 : void libspdm_test_requester_challenge_case3(void **state)
2159 : {
2160 : libspdm_return_t status;
2161 : libspdm_test_context_t *spdm_test_context;
2162 : libspdm_context_t *spdm_context;
2163 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2164 : void *data;
2165 : size_t data_size;
2166 : void *hash;
2167 : size_t hash_size;
2168 :
2169 1 : spdm_test_context = *state;
2170 1 : spdm_context = spdm_test_context->spdm_context;
2171 1 : spdm_test_context->case_id = 0x3;
2172 1 : spdm_context->connection_info.connection_state =
2173 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
2174 1 : spdm_context->connection_info.capability.flags = 0;
2175 1 : spdm_context->connection_info.capability.flags |=
2176 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2177 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2178 : m_libspdm_use_asym_algo, &data,
2179 : &data_size, &hash, &hash_size)) {
2180 0 : assert(false);
2181 : }
2182 1 : libspdm_reset_message_a(spdm_context);
2183 1 : libspdm_reset_message_b(spdm_context);
2184 1 : libspdm_reset_message_c(spdm_context);
2185 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2186 : m_libspdm_use_hash_algo;
2187 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2188 : m_libspdm_use_asym_algo;
2189 :
2190 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2191 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2192 :
2193 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2194 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2195 : data_size;
2196 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2197 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2198 : data, data_size);
2199 : #else
2200 1 : libspdm_hash_all(
2201 : spdm_context->connection_info.algorithm.base_hash_algo,
2202 : data, data_size,
2203 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2204 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2205 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2206 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2207 : spdm_context->connection_info.algorithm.base_hash_algo,
2208 : spdm_context->connection_info.algorithm.base_asym_algo,
2209 : data, data_size,
2210 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2211 : #endif
2212 :
2213 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2214 1 : status = libspdm_challenge(
2215 : spdm_context, NULL, 0,
2216 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2217 : measurement_hash, NULL);
2218 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2219 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2220 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2221 : #endif
2222 1 : free(data);
2223 1 : }
2224 :
2225 : /**
2226 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
2227 : * message indicating InvalidParameters.
2228 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2229 : * transcript buffer is reset.
2230 : **/
2231 1 : void libspdm_test_requester_challenge_case4(void **state)
2232 : {
2233 : libspdm_return_t status;
2234 : libspdm_test_context_t *spdm_test_context;
2235 : libspdm_context_t *spdm_context;
2236 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2237 : void *data;
2238 : size_t data_size;
2239 : void *hash;
2240 : size_t hash_size;
2241 :
2242 1 : spdm_test_context = *state;
2243 1 : spdm_context = spdm_test_context->spdm_context;
2244 1 : spdm_test_context->case_id = 0x4;
2245 1 : spdm_context->connection_info.connection_state =
2246 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2247 1 : spdm_context->connection_info.capability.flags = 0;
2248 1 : spdm_context->connection_info.capability.flags |=
2249 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2250 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2251 : m_libspdm_use_asym_algo, &data,
2252 : &data_size, &hash, &hash_size)) {
2253 0 : assert(false);
2254 : }
2255 1 : libspdm_reset_message_a(spdm_context);
2256 1 : libspdm_reset_message_b(spdm_context);
2257 1 : libspdm_reset_message_c(spdm_context);
2258 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2259 : m_libspdm_use_hash_algo;
2260 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2261 : m_libspdm_use_asym_algo;
2262 :
2263 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2264 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2265 :
2266 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2267 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2268 : data_size;
2269 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2270 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2271 : data, data_size);
2272 : #else
2273 1 : libspdm_hash_all(
2274 : spdm_context->connection_info.algorithm.base_hash_algo,
2275 : data, data_size,
2276 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2277 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2278 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2279 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2280 : spdm_context->connection_info.algorithm.base_hash_algo,
2281 : spdm_context->connection_info.algorithm.base_asym_algo,
2282 : data, data_size,
2283 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2284 : #endif
2285 :
2286 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2287 1 : status = libspdm_challenge(
2288 : spdm_context, NULL, 0,
2289 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2290 : measurement_hash, NULL);
2291 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
2292 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2293 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2294 : #endif
2295 1 : free(data);
2296 1 : }
2297 :
2298 : /**
2299 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
2300 : * message indicating the Busy status of the responder.
2301 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2302 : * transcript buffer is reset.
2303 : **/
2304 1 : void libspdm_test_requester_challenge_case5(void **state)
2305 : {
2306 : libspdm_return_t status;
2307 : libspdm_test_context_t *spdm_test_context;
2308 : libspdm_context_t *spdm_context;
2309 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2310 : void *data;
2311 : size_t data_size;
2312 : void *hash;
2313 : size_t hash_size;
2314 :
2315 1 : spdm_test_context = *state;
2316 1 : spdm_context = spdm_test_context->spdm_context;
2317 1 : spdm_test_context->case_id = 0x5;
2318 1 : spdm_context->connection_info.connection_state =
2319 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2320 1 : spdm_context->connection_info.capability.flags = 0;
2321 1 : spdm_context->connection_info.capability.flags |=
2322 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2323 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2324 : m_libspdm_use_asym_algo, &data,
2325 : &data_size, &hash, &hash_size)) {
2326 0 : assert(false);
2327 : }
2328 1 : libspdm_reset_message_a(spdm_context);
2329 1 : libspdm_reset_message_b(spdm_context);
2330 1 : libspdm_reset_message_c(spdm_context);
2331 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2332 : m_libspdm_use_hash_algo;
2333 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2334 : m_libspdm_use_asym_algo;
2335 :
2336 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2337 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2338 :
2339 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2340 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2341 : data_size;
2342 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2343 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2344 : data, data_size);
2345 : #else
2346 1 : libspdm_hash_all(
2347 : spdm_context->connection_info.algorithm.base_hash_algo,
2348 : data, data_size,
2349 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2350 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2351 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2352 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2353 : spdm_context->connection_info.algorithm.base_hash_algo,
2354 : spdm_context->connection_info.algorithm.base_asym_algo,
2355 : data, data_size,
2356 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2357 : #endif
2358 :
2359 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2360 1 : status = libspdm_challenge(
2361 : spdm_context, NULL, 0,
2362 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2363 : measurement_hash, NULL);
2364 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2365 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2366 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2367 : #endif
2368 1 : free(data);
2369 1 : }
2370 :
2371 : /**
2372 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2373 : * receiving a Busy ERROR message, and on retry, receiving a correct CHALLENGE_AUTH
2374 : * message to the challenge, with no opaque data and a signature on the sent nonce.
2375 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2376 : **/
2377 1 : void libspdm_test_requester_challenge_case6(void **state)
2378 : {
2379 : libspdm_return_t status;
2380 : libspdm_test_context_t *spdm_test_context;
2381 : libspdm_context_t *spdm_context;
2382 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2383 : void *data;
2384 : size_t data_size;
2385 : void *hash;
2386 : size_t hash_size;
2387 :
2388 1 : spdm_test_context = *state;
2389 1 : spdm_context = spdm_test_context->spdm_context;
2390 1 : spdm_test_context->case_id = 0x6;
2391 1 : spdm_context->retry_times = 3;
2392 1 : spdm_context->connection_info.connection_state =
2393 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2394 1 : spdm_context->connection_info.capability.flags = 0;
2395 1 : spdm_context->connection_info.capability.flags |=
2396 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2397 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2398 : m_libspdm_use_asym_algo, &data,
2399 : &data_size, &hash, &hash_size)) {
2400 0 : assert(false);
2401 : }
2402 1 : libspdm_reset_message_a(spdm_context);
2403 1 : libspdm_reset_message_b(spdm_context);
2404 1 : libspdm_reset_message_c(spdm_context);
2405 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2406 : m_libspdm_use_hash_algo;
2407 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2408 : m_libspdm_use_asym_algo;
2409 :
2410 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2411 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2412 :
2413 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2414 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2415 : data_size;
2416 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2417 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2418 : data, data_size);
2419 : #else
2420 1 : libspdm_hash_all(
2421 : spdm_context->connection_info.algorithm.base_hash_algo,
2422 : data, data_size,
2423 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2424 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2425 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2426 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2427 : spdm_context->connection_info.algorithm.base_hash_algo,
2428 : spdm_context->connection_info.algorithm.base_asym_algo,
2429 : data, data_size,
2430 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2431 : #endif
2432 :
2433 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2434 1 : status = libspdm_challenge(
2435 : spdm_context, NULL, 0,
2436 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2437 : measurement_hash, NULL);
2438 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2439 1 : free(data);
2440 1 : }
2441 :
2442 : /**
2443 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2444 : * message indicating the RequestResynch status of the responder.
2445 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, the "C"
2446 : * transcript buffer is reset, and the communication is reset to expect a new
2447 : * GET_VERSION message.
2448 : **/
2449 1 : void libspdm_test_requester_challenge_case7(void **state)
2450 : {
2451 : libspdm_return_t status;
2452 : libspdm_test_context_t *spdm_test_context;
2453 : libspdm_context_t *spdm_context;
2454 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2455 : void *data;
2456 : size_t data_size;
2457 : void *hash;
2458 : size_t hash_size;
2459 :
2460 1 : spdm_test_context = *state;
2461 1 : spdm_context = spdm_test_context->spdm_context;
2462 1 : spdm_test_context->case_id = 0x7;
2463 1 : spdm_context->connection_info.connection_state =
2464 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2465 1 : spdm_context->connection_info.capability.flags = 0;
2466 1 : spdm_context->connection_info.capability.flags |=
2467 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2468 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2469 : m_libspdm_use_asym_algo, &data,
2470 : &data_size, &hash, &hash_size)) {
2471 0 : assert(false);
2472 : }
2473 1 : libspdm_reset_message_a(spdm_context);
2474 1 : libspdm_reset_message_b(spdm_context);
2475 1 : libspdm_reset_message_c(spdm_context);
2476 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2477 : m_libspdm_use_hash_algo;
2478 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2479 : m_libspdm_use_asym_algo;
2480 :
2481 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2482 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2483 :
2484 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2485 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2486 : data_size;
2487 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2488 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2489 : data, data_size);
2490 : #else
2491 1 : libspdm_hash_all(
2492 : spdm_context->connection_info.algorithm.base_hash_algo,
2493 : data, data_size,
2494 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2495 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2496 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2497 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2498 : spdm_context->connection_info.algorithm.base_hash_algo,
2499 : spdm_context->connection_info.algorithm.base_asym_algo,
2500 : data, data_size,
2501 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2502 : #endif
2503 :
2504 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2505 1 : status = libspdm_challenge(
2506 : spdm_context, NULL, 0,
2507 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2508 : measurement_hash, NULL);
2509 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2510 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2511 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2512 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2513 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2514 : #endif
2515 1 : free(data);
2516 1 : }
2517 :
2518 : /**
2519 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2520 : * message indicating the ResponseNotReady status of the responder.
2521 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2522 : * buffer stores nothing.
2523 : **/
2524 1 : void libspdm_test_requester_challenge_case8(void **state)
2525 : {
2526 : libspdm_return_t status;
2527 : libspdm_test_context_t *spdm_test_context;
2528 : libspdm_context_t *spdm_context;
2529 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2530 : void *data;
2531 : size_t data_size;
2532 : void *hash;
2533 : size_t hash_size;
2534 :
2535 1 : spdm_test_context = *state;
2536 1 : spdm_context = spdm_test_context->spdm_context;
2537 1 : spdm_test_context->case_id = 0x8;
2538 1 : spdm_context->connection_info.connection_state =
2539 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2540 1 : spdm_context->connection_info.capability.flags = 0;
2541 1 : spdm_context->connection_info.capability.flags |=
2542 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2543 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2544 : m_libspdm_use_asym_algo, &data,
2545 : &data_size, &hash, &hash_size)) {
2546 0 : assert(false);
2547 : }
2548 1 : libspdm_reset_message_a(spdm_context);
2549 1 : libspdm_reset_message_b(spdm_context);
2550 1 : libspdm_reset_message_c(spdm_context);
2551 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2552 : m_libspdm_use_hash_algo;
2553 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2554 : m_libspdm_use_asym_algo;
2555 :
2556 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2557 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2558 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2559 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2560 : data_size;
2561 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2562 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2563 : data, data_size);
2564 : #else
2565 1 : libspdm_hash_all(
2566 : spdm_context->connection_info.algorithm.base_hash_algo,
2567 : data, data_size,
2568 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2569 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2570 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2571 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2572 : spdm_context->connection_info.algorithm.base_hash_algo,
2573 : spdm_context->connection_info.algorithm.base_asym_algo,
2574 : data, data_size,
2575 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2576 : #endif
2577 :
2578 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2579 :
2580 1 : status = libspdm_challenge(
2581 : spdm_context, NULL, 0,
2582 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2583 : measurement_hash, NULL);
2584 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2585 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2586 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2587 : #endif
2588 1 : free(data);
2589 1 : }
2590 :
2591 : /**
2592 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2593 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2594 : * CHALLENGE_AUTH message to the challenge, with no opaque data and a signature
2595 : * on the sent nonce.
2596 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2597 : **/
2598 1 : void libspdm_test_requester_challenge_case9(void **state)
2599 : {
2600 : libspdm_return_t status;
2601 : libspdm_test_context_t *spdm_test_context;
2602 : libspdm_context_t *spdm_context;
2603 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2604 : void *data;
2605 : size_t data_size;
2606 : void *hash;
2607 : size_t hash_size;
2608 :
2609 1 : spdm_test_context = *state;
2610 1 : spdm_context = spdm_test_context->spdm_context;
2611 1 : spdm_test_context->case_id = 0x9;
2612 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2613 1 : spdm_context->connection_info.capability.flags = 0;
2614 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2615 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2616 : m_libspdm_use_asym_algo, &data,
2617 : &data_size, &hash, &hash_size)) {
2618 0 : assert(false);
2619 : }
2620 1 : libspdm_reset_message_a(spdm_context);
2621 1 : libspdm_reset_message_b(spdm_context);
2622 1 : libspdm_reset_message_c(spdm_context);
2623 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2624 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2625 :
2626 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2627 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2628 :
2629 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2630 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2631 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2632 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2633 : data, data_size);
2634 : #else
2635 1 : libspdm_hash_all(
2636 : spdm_context->connection_info.algorithm.base_hash_algo,
2637 : data, data_size,
2638 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2639 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2640 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2641 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2642 : spdm_context->connection_info.algorithm.base_hash_algo,
2643 : spdm_context->connection_info.algorithm.base_asym_algo,
2644 : data, data_size,
2645 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2646 : #endif
2647 :
2648 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2649 1 : status = libspdm_challenge(
2650 : spdm_context, NULL, 0,
2651 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2652 : measurement_hash, NULL);
2653 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2654 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2655 : } else {
2656 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2657 : }
2658 1 : free(data);
2659 1 : }
2660 :
2661 : /**
2662 : * Test 10: the requester is not setup correctly to send a CHALLENGE message.
2663 : * Specifically, it has *not* received the capability for challenge, although it
2664 : * has received capability for executing both hash and signature algorithms.
2665 : * The remaining setup and message exchange were executed correctly (see Test 2).
2666 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2667 : * transcript buffer is not set.
2668 : **/
2669 1 : void libspdm_test_requester_challenge_case10(void **state) {
2670 : libspdm_return_t status;
2671 : libspdm_test_context_t *spdm_test_context;
2672 : libspdm_context_t *spdm_context;
2673 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2674 : void *data;
2675 : size_t data_size;
2676 : void *hash;
2677 : size_t hash_size;
2678 :
2679 1 : spdm_test_context = *state;
2680 1 : spdm_context = spdm_test_context->spdm_context;
2681 1 : spdm_test_context->case_id = 0xA;
2682 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2683 1 : spdm_context->connection_info.capability.flags = 0;
2684 : /* spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;*/
2685 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2686 : m_libspdm_use_asym_algo,
2687 : &data, &data_size,
2688 : &hash, &hash_size);
2689 1 : libspdm_reset_message_a(spdm_context);
2690 1 : libspdm_reset_message_b(spdm_context);
2691 1 : libspdm_reset_message_c(spdm_context);
2692 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2693 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2694 :
2695 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2696 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2697 :
2698 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2699 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2700 : data_size;
2701 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2702 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2703 : data, data_size);
2704 : #else
2705 1 : libspdm_hash_all(
2706 : spdm_context->connection_info.algorithm.base_hash_algo,
2707 : data, data_size,
2708 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2709 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2710 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2711 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2712 : spdm_context->connection_info.algorithm.base_hash_algo,
2713 : spdm_context->connection_info.algorithm.base_asym_algo,
2714 : data, data_size,
2715 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2716 : #endif
2717 :
2718 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2719 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2720 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2721 : measurement_hash, NULL);
2722 1 : assert_int_equal (status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2723 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2724 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2725 : #endif
2726 1 : free(data);
2727 1 : }
2728 :
2729 : /**
2730 : * Test 11: the requester is setup correctly (see Test 2), but receives a malformed
2731 : * response message, smaller then a standard SPDM message header.
2732 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR,.
2733 : **/
2734 1 : void libspdm_test_requester_challenge_case11(void **state) {
2735 : libspdm_return_t status;
2736 : libspdm_test_context_t *spdm_test_context;
2737 : libspdm_context_t *spdm_context;
2738 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2739 : void *data;
2740 : size_t data_size;
2741 : void *hash;
2742 : size_t hash_size;
2743 :
2744 1 : spdm_test_context = *state;
2745 1 : spdm_context = spdm_test_context->spdm_context;
2746 1 : spdm_test_context->case_id = 0xB;
2747 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2748 1 : spdm_context->connection_info.capability.flags = 0;
2749 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2750 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2751 : m_libspdm_use_asym_algo,
2752 : &data, &data_size,
2753 : &hash, &hash_size);
2754 1 : libspdm_reset_message_a(spdm_context);
2755 1 : libspdm_reset_message_b(spdm_context);
2756 1 : libspdm_reset_message_c(spdm_context);
2757 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2758 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2759 :
2760 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2761 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2762 :
2763 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2764 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2765 : data_size;
2766 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2767 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2768 : data, data_size);
2769 : #else
2770 1 : libspdm_hash_all(
2771 : spdm_context->connection_info.algorithm.base_hash_algo,
2772 : data, data_size,
2773 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2774 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2775 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2776 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2777 : spdm_context->connection_info.algorithm.base_hash_algo,
2778 : spdm_context->connection_info.algorithm.base_asym_algo,
2779 : data, data_size,
2780 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2781 : #endif
2782 :
2783 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2784 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2785 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2786 : measurement_hash, NULL);
2787 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2788 1 : free(data);
2789 1 : }
2790 :
2791 : /**
2792 : * Test 12: the requester is setup correctly (see Test 2), but receives a malformed
2793 : * response message, with version (1.0) different from the request (1.1).
2794 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2795 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2796 : **/
2797 1 : void libspdm_test_requester_challenge_case12(void **state) {
2798 : libspdm_return_t status;
2799 : libspdm_test_context_t *spdm_test_context;
2800 : libspdm_context_t *spdm_context;
2801 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2802 : void *data;
2803 : size_t data_size;
2804 : void *hash;
2805 : size_t hash_size;
2806 :
2807 1 : spdm_test_context = *state;
2808 1 : spdm_context = spdm_test_context->spdm_context;
2809 1 : spdm_test_context->case_id = 0xC;
2810 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2811 1 : spdm_context->connection_info.capability.flags = 0;
2812 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2813 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2814 : m_libspdm_use_asym_algo,
2815 : &data, &data_size,
2816 : &hash, &hash_size);
2817 1 : libspdm_reset_message_a(spdm_context);
2818 1 : libspdm_reset_message_b(spdm_context);
2819 1 : libspdm_reset_message_c(spdm_context);
2820 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2821 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2822 :
2823 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2824 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2825 :
2826 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2827 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2828 : data_size;
2829 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2830 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2831 : data, data_size);
2832 : #else
2833 1 : libspdm_hash_all(
2834 : spdm_context->connection_info.algorithm.base_hash_algo,
2835 : data, data_size,
2836 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2837 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2838 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2839 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2840 : spdm_context->connection_info.algorithm.base_hash_algo,
2841 : spdm_context->connection_info.algorithm.base_asym_algo,
2842 : data, data_size,
2843 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2844 : #endif
2845 :
2846 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2847 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2848 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2849 : measurement_hash, NULL);
2850 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2851 1 : free(data);
2852 1 : }
2853 :
2854 : /**
2855 : * Test 13: the requester is setup correctly (see Test 2), but receives a malformed
2856 : * response message, with wrong request_response_code (CHALLENGE 0x83 instead of
2857 : * CHALLENGE_AUTH 0x03).
2858 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2859 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2860 : **/
2861 1 : void libspdm_test_requester_challenge_case13(void **state) {
2862 : libspdm_return_t status;
2863 : libspdm_test_context_t *spdm_test_context;
2864 : libspdm_context_t *spdm_context;
2865 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2866 : void *data;
2867 : size_t data_size;
2868 : void *hash;
2869 : size_t hash_size;
2870 :
2871 1 : spdm_test_context = *state;
2872 1 : spdm_context = spdm_test_context->spdm_context;
2873 1 : spdm_test_context->case_id = 0xD;
2874 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2875 1 : spdm_context->connection_info.capability.flags = 0;
2876 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2877 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2878 : m_libspdm_use_asym_algo,
2879 : &data, &data_size,
2880 : &hash, &hash_size);
2881 1 : libspdm_reset_message_a(spdm_context);
2882 1 : libspdm_reset_message_b(spdm_context);
2883 1 : libspdm_reset_message_c(spdm_context);
2884 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2885 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2886 :
2887 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2888 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2889 :
2890 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2891 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2892 : data_size;
2893 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2894 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2895 : data, data_size);
2896 : #else
2897 1 : libspdm_hash_all(
2898 : spdm_context->connection_info.algorithm.base_hash_algo,
2899 : data, data_size,
2900 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2901 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2902 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2903 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2904 : spdm_context->connection_info.algorithm.base_hash_algo,
2905 : spdm_context->connection_info.algorithm.base_asym_algo,
2906 : data, data_size,
2907 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2908 : #endif
2909 :
2910 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2911 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2912 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2913 : measurement_hash, NULL);
2914 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2915 1 : free(data);
2916 1 : }
2917 :
2918 : /**
2919 : * Test 14: the requester is setup correctly (see Test 2), but receives a malformed
2920 : * response message, with a slot number different from the requested.
2921 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2922 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2923 : **/
2924 1 : void libspdm_test_requester_challenge_case14(void **state) {
2925 : libspdm_return_t status;
2926 : libspdm_test_context_t *spdm_test_context;
2927 : libspdm_context_t *spdm_context;
2928 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2929 : void *data;
2930 : size_t data_size;
2931 : void *hash;
2932 : size_t hash_size;
2933 :
2934 1 : spdm_test_context = *state;
2935 1 : spdm_context = spdm_test_context->spdm_context;
2936 1 : spdm_test_context->case_id = 0xE;
2937 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2938 1 : spdm_context->connection_info.capability.flags = 0;
2939 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2940 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2941 : m_libspdm_use_asym_algo,
2942 : &data, &data_size,
2943 : &hash, &hash_size);
2944 1 : libspdm_reset_message_a(spdm_context);
2945 1 : libspdm_reset_message_b(spdm_context);
2946 1 : libspdm_reset_message_c(spdm_context);
2947 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2948 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2949 :
2950 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2951 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2952 :
2953 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2954 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2955 : data_size;
2956 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2957 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2958 : data, data_size);
2959 : #else
2960 1 : libspdm_hash_all(
2961 : spdm_context->connection_info.algorithm.base_hash_algo,
2962 : data, data_size,
2963 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2964 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2965 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2966 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2967 : spdm_context->connection_info.algorithm.base_hash_algo,
2968 : spdm_context->connection_info.algorithm.base_asym_algo,
2969 : data, data_size,
2970 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2971 : #endif
2972 :
2973 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2974 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2975 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2976 : measurement_hash, NULL);
2977 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2978 1 : free(data);
2979 1 : }
2980 :
2981 : /**
2982 : * Test 15: free to be populated by test.
2983 : **/
2984 1 : void libspdm_test_requester_challenge_case15(void **state) {
2985 1 : }
2986 :
2987 : /**
2988 : * Test 16: the requester is setup correctly to send a CHALLENGE message:
2989 : * - it has flags indicating that the previous messages were sent
2990 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2991 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2992 : * signature algorithms, and the use of challenges.
2993 : * - it has the responder's certificate chain.
2994 : * The CHALLENGE message requests usage of the first certificate in the chain
2995 : * (param1=0) and do not request measurements (param2=0).
2996 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
2997 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
2998 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2999 : **/
3000 1 : void libspdm_test_requester_challenge_case16(void **state) {
3001 : libspdm_return_t status;
3002 : libspdm_test_context_t *spdm_test_context;
3003 : libspdm_context_t *spdm_context;
3004 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3005 : void *data;
3006 : size_t data_size;
3007 : void *hash;
3008 : size_t hash_size;
3009 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3010 : size_t opaque_data_size;
3011 :
3012 1 : spdm_test_context = *state;
3013 1 : spdm_context = spdm_test_context->spdm_context;
3014 1 : spdm_test_context->case_id = 0x10;
3015 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3016 1 : spdm_context->connection_info.capability.flags = 0;
3017 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3018 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3019 : m_libspdm_use_asym_algo,
3020 : &data, &data_size,
3021 : &hash, &hash_size);
3022 1 : libspdm_reset_message_a(spdm_context);
3023 1 : libspdm_reset_message_b(spdm_context);
3024 1 : libspdm_reset_message_c(spdm_context);
3025 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3026 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3027 :
3028 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3029 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3030 :
3031 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3032 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3033 : data_size;
3034 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3035 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3036 : data, data_size);
3037 : #else
3038 1 : libspdm_hash_all(
3039 : spdm_context->connection_info.algorithm.base_hash_algo,
3040 : data, data_size,
3041 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3042 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3043 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3044 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3045 : spdm_context->connection_info.algorithm.base_hash_algo,
3046 : spdm_context->connection_info.algorithm.base_asym_algo,
3047 : data, data_size,
3048 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3049 : #endif
3050 :
3051 1 : opaque_data_size = sizeof(opaque_data);
3052 :
3053 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3054 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3055 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3056 : measurement_hash, NULL, NULL, NULL, NULL,
3057 : opaque_data, &opaque_data_size);
3058 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3059 1 : assert_int_equal(opaque_data_size, strlen("libspdm"));
3060 1 : assert_memory_equal(opaque_data, "libspdm", opaque_data_size);
3061 1 : free(data);
3062 1 : }
3063 :
3064 : /**
3065 : * Test 17: the requester is setup correctly to send a CHALLENGE message:
3066 : * - it has flags indicating that the previous messages were sent
3067 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3068 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3069 : * signature algorithms, and the use of challenges.
3070 : * - it has the responder's certificate chain.
3071 : * The CHALLENGE message requests usage of the first certificate in the chain
3072 : * (param1=0) and do not request measurements (param2=0).
3073 : * The received CHALLENGE_AUTH message correctly responds to the challenge,
3074 : * but with an invalid signature.
3075 : * Expected behavior: client returns a status of RETURN_SECURITY_VIOLATION.
3076 : **/
3077 1 : void libspdm_test_requester_challenge_case17(void **state) {
3078 : libspdm_return_t status;
3079 : libspdm_test_context_t *spdm_test_context;
3080 : libspdm_context_t *spdm_context;
3081 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3082 : void *data;
3083 : size_t data_size;
3084 : void *hash;
3085 : size_t hash_size;
3086 :
3087 1 : spdm_test_context = *state;
3088 1 : spdm_context = spdm_test_context->spdm_context;
3089 1 : spdm_test_context->case_id = 0x11;
3090 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3091 1 : spdm_context->connection_info.capability.flags = 0;
3092 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3093 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3094 : m_libspdm_use_asym_algo,
3095 : &data, &data_size,
3096 : &hash, &hash_size);
3097 1 : libspdm_reset_message_a(spdm_context);
3098 1 : libspdm_reset_message_b(spdm_context);
3099 1 : libspdm_reset_message_c(spdm_context);
3100 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3101 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3102 :
3103 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3104 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3105 :
3106 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3107 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3108 : data_size;
3109 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3110 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3111 : data, data_size);
3112 : #else
3113 1 : libspdm_hash_all(
3114 : spdm_context->connection_info.algorithm.base_hash_algo,
3115 : data, data_size,
3116 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3117 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3118 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3119 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3120 : spdm_context->connection_info.algorithm.base_hash_algo,
3121 : spdm_context->connection_info.algorithm.base_asym_algo,
3122 : data, data_size,
3123 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3124 : #endif
3125 :
3126 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3127 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3128 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3129 : measurement_hash, NULL);
3130 1 : assert_int_equal (status, LIBSPDM_STATUS_VERIF_FAIL);
3131 1 : free(data);
3132 1 : }
3133 :
3134 : /**
3135 : * Test 18: the requester is setup correctly to send a CHALLENGE message:
3136 : * - it has flags indicating that the previous messages were sent
3137 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3138 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3139 : * signature algorithms, the use of challenges, and of measurements.
3140 : * - it has the responder's certificate chain.
3141 : * The CHALLENGE message requests usage of the first certificate in the chain
3142 : * (param1=0) and request TCB measurements (param2=1).
3143 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3144 : * no opaque data and a signature on the sent nonce.
3145 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3146 : **/
3147 1 : void libspdm_test_requester_challenge_case18(void **state) {
3148 : libspdm_return_t status;
3149 : libspdm_test_context_t *spdm_test_context;
3150 : libspdm_context_t *spdm_context;
3151 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3152 : void *data;
3153 : size_t data_size;
3154 : void *hash;
3155 : size_t hash_size;
3156 :
3157 1 : spdm_test_context = *state;
3158 1 : spdm_context = spdm_test_context->spdm_context;
3159 1 : spdm_test_context->case_id = 0x12;
3160 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3161 1 : spdm_context->connection_info.capability.flags = 0;
3162 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3163 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3164 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3165 : m_libspdm_use_asym_algo,
3166 : &data, &data_size,
3167 : &hash, &hash_size);
3168 1 : libspdm_reset_message_a(spdm_context);
3169 1 : libspdm_reset_message_b(spdm_context);
3170 1 : libspdm_reset_message_c(spdm_context);
3171 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3172 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3173 :
3174 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3175 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3176 :
3177 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3178 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3179 : data_size;
3180 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3181 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3182 : data, data_size);
3183 : #else
3184 1 : libspdm_hash_all(
3185 : spdm_context->connection_info.algorithm.base_hash_algo,
3186 : data, data_size,
3187 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3188 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3189 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3190 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3191 : spdm_context->connection_info.algorithm.base_hash_algo,
3192 : spdm_context->connection_info.algorithm.base_asym_algo,
3193 : data, data_size,
3194 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3195 : #endif
3196 :
3197 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3198 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3199 : SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH,
3200 : measurement_hash, NULL);
3201 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3202 1 : }
3203 :
3204 : /**
3205 : * Test 19: the requester is setup correctly to send a CHALLENGE message:
3206 : * - it has flags indicating that the previous messages were sent
3207 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3208 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3209 : * signature algorithms, the use of challenges, and of measurements.
3210 : * - it has the responder's certificate chain.
3211 : * The CHALLENGE message requests usage of the first certificate in the chain
3212 : * (param1=0) and request TCB measurements (param2=1).
3213 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3214 : * no opaque data and a signature on the sent nonce.
3215 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3216 : **/
3217 1 : void libspdm_test_requester_challenge_case19(void **state) {
3218 : libspdm_return_t status;
3219 : libspdm_test_context_t *spdm_test_context;
3220 : libspdm_context_t *spdm_context;
3221 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3222 : void *data;
3223 : size_t data_size;
3224 : void *hash;
3225 : size_t hash_size;
3226 :
3227 1 : spdm_test_context = *state;
3228 1 : spdm_context = spdm_test_context->spdm_context;
3229 1 : spdm_test_context->case_id = 0x13;
3230 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3231 1 : spdm_context->connection_info.capability.flags = 0;
3232 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3233 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3234 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3235 : m_libspdm_use_asym_algo,
3236 : &data, &data_size,
3237 : &hash, &hash_size);
3238 1 : libspdm_reset_message_a(spdm_context);
3239 1 : libspdm_reset_message_b(spdm_context);
3240 1 : libspdm_reset_message_c(spdm_context);
3241 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3242 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3243 :
3244 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3245 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3246 :
3247 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3248 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3249 : data_size;
3250 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3251 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3252 : data, data_size);
3253 : #else
3254 1 : libspdm_hash_all(
3255 : spdm_context->connection_info.algorithm.base_hash_algo,
3256 : data, data_size,
3257 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3258 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3259 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3260 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3261 : spdm_context->connection_info.algorithm.base_hash_algo,
3262 : spdm_context->connection_info.algorithm.base_asym_algo,
3263 : data, data_size,
3264 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3265 : #endif
3266 :
3267 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3268 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3269 : SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH,
3270 : measurement_hash, NULL);
3271 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3272 1 : }
3273 :
3274 : /**
3275 : * Test 20: receiving an unexpected ERROR message from the responder.
3276 : * There are tests for all named codes, including some reserved ones
3277 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
3278 : * However, for having specific test cases, it is excluded from this case:
3279 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
3280 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
3281 : **/
3282 1 : void libspdm_test_requester_challenge_case20(void **state) {
3283 : libspdm_return_t status;
3284 : libspdm_test_context_t *spdm_test_context;
3285 : libspdm_context_t *spdm_context;
3286 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3287 : void *data;
3288 : size_t data_size;
3289 : void *hash;
3290 : size_t hash_size;
3291 : uint16_t error_code;
3292 :
3293 1 : spdm_test_context = *state;
3294 1 : spdm_context = spdm_test_context->spdm_context;
3295 1 : spdm_test_context->case_id = 0x14;
3296 1 : spdm_context->connection_info.capability.flags = 0;
3297 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3298 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3299 : m_libspdm_use_asym_algo,
3300 : &data, &data_size,
3301 : &hash, &hash_size);
3302 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3303 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3304 :
3305 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3306 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3307 :
3308 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3309 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3310 : data_size;
3311 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3312 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3313 : data, data_size);
3314 : #else
3315 1 : libspdm_hash_all(
3316 : spdm_context->connection_info.algorithm.base_hash_algo,
3317 : data, data_size,
3318 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3319 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3320 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3321 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3322 : spdm_context->connection_info.algorithm.base_hash_algo,
3323 : spdm_context->connection_info.algorithm.base_asym_algo,
3324 : data, data_size,
3325 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3326 : #endif
3327 :
3328 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
3329 19 : while(error_code <= 0xff) {
3330 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3331 18 : libspdm_reset_message_a(spdm_context);
3332 18 : libspdm_reset_message_b(spdm_context);
3333 18 : libspdm_reset_message_c(spdm_context);
3334 :
3335 18 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3336 18 : status = libspdm_challenge (spdm_context, NULL, 0,
3337 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3338 : measurement_hash, NULL);
3339 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
3340 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3341 : /* assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);*/
3342 : LIBSPDM_ASSERT_INT_EQUAL_CASE (spdm_context->transcript.message_c.buffer_size, 0,
3343 : error_code);
3344 : #endif
3345 :
3346 18 : error_code++;
3347 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
3348 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
3349 : }
3350 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
3351 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
3352 : }
3353 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
3354 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
3355 : }
3356 : }
3357 :
3358 1 : free(data);
3359 1 : }
3360 :
3361 : /**
3362 : * Test 21: test correct CHALLENGE_AUTH message with multiple slot numbers
3363 : * Expected behavior: success and slot_id is included in slot_mask.
3364 : **/
3365 0 : void libspdm_test_requester_challenge_case21(void **state) {
3366 : libspdm_return_t status;
3367 : libspdm_test_context_t *spdm_test_context;
3368 : libspdm_context_t *spdm_context;
3369 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3370 : void *data;
3371 : size_t data_size;
3372 : void *hash;
3373 : size_t hash_size;
3374 : uint8_t slot_id;
3375 : uint8_t slot_mask;
3376 :
3377 0 : spdm_test_context = *state;
3378 0 : spdm_context = spdm_test_context->spdm_context;
3379 0 : spdm_test_context->case_id = 0x15;
3380 0 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3381 0 : spdm_context->connection_info.capability.flags = 0;
3382 0 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3383 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3384 : m_libspdm_use_asym_algo,
3385 : &data, &data_size,
3386 : &hash, &hash_size);
3387 0 : libspdm_reset_message_a(spdm_context);
3388 0 : libspdm_reset_message_b(spdm_context);
3389 0 : libspdm_reset_message_c(spdm_context);
3390 0 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3391 0 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3392 0 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3393 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3394 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3395 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3396 : data_size;
3397 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3398 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3399 : data, data_size);
3400 : #else
3401 0 : libspdm_hash_all(
3402 : spdm_context->connection_info.algorithm.base_hash_algo,
3403 : data, data_size,
3404 0 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3405 0 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3406 0 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3407 0 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3408 : spdm_context->connection_info.algorithm.base_hash_algo,
3409 : spdm_context->connection_info.algorithm.base_asym_algo,
3410 : data, data_size,
3411 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3412 : #endif
3413 :
3414 0 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3415 :
3416 0 : slot_id = 0;
3417 0 : status = libspdm_challenge (spdm_context, NULL, slot_id,
3418 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3419 : measurement_hash, &slot_mask);
3420 0 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3421 0 : assert_int_equal(1<<slot_id, slot_mask & (1<<slot_id));
3422 0 : free(data);
3423 0 : }
3424 :
3425 : /**
3426 : * Test 22: a request message is successfully sent and a response message is successfully received.
3427 : * Buffer C already has arbitrary data.
3428 : * Expected Behavior: requester returns the status RETURN_SUCCESS and a CHALLENGE_AUTH message is
3429 : * received, buffer C appends the exchanged CHALLENGE and CHALLENGE_AUTH messages.
3430 : **/
3431 1 : void libspdm_test_requester_challenge_case22(void **state)
3432 : {
3433 : libspdm_return_t status;
3434 : libspdm_test_context_t *spdm_test_context;
3435 : libspdm_context_t *spdm_context;
3436 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3437 : void *data;
3438 : size_t data_size;
3439 : void *hash;
3440 : size_t hash_size;
3441 :
3442 1 : spdm_test_context = *state;
3443 1 : spdm_context = spdm_test_context->spdm_context;
3444 1 : spdm_test_context->case_id = 0x16;
3445 1 : spdm_context->connection_info.connection_state =
3446 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3447 1 : spdm_context->connection_info.capability.flags = 0;
3448 1 : spdm_context->connection_info.capability.flags |=
3449 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3450 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3451 : m_libspdm_use_asym_algo, &data,
3452 : &data_size, &hash, &hash_size)) {
3453 0 : assert(false);
3454 : }
3455 1 : libspdm_reset_message_a(spdm_context);
3456 1 : libspdm_reset_message_b(spdm_context);
3457 1 : libspdm_reset_message_c(spdm_context);
3458 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3459 : m_libspdm_use_hash_algo;
3460 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3461 : m_libspdm_use_asym_algo;
3462 :
3463 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3464 : /*filling all buffers with arbitrary data*/
3465 : libspdm_set_mem(spdm_context->transcript.message_a.buffer, 10, (uint8_t) 0xFF);
3466 : spdm_context->transcript.message_a.buffer_size = 10;
3467 : libspdm_set_mem(spdm_context->transcript.message_b.buffer, 8, (uint8_t) 0xEE);
3468 : spdm_context->transcript.message_b.buffer_size = 8;
3469 : libspdm_set_mem(spdm_context->transcript.message_c.buffer, 12, (uint8_t) 0xDD);
3470 : spdm_context->transcript.message_c.buffer_size = 12;
3471 : #endif
3472 :
3473 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3474 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3475 :
3476 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3477 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3478 : data_size;
3479 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3480 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3481 : data, data_size);
3482 : #else
3483 1 : libspdm_hash_all(
3484 : spdm_context->connection_info.algorithm.base_hash_algo,
3485 : data, data_size,
3486 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3487 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3488 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3489 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3490 : spdm_context->connection_info.algorithm.base_hash_algo,
3491 : spdm_context->connection_info.algorithm.base_asym_algo,
3492 : data, data_size,
3493 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3494 : #endif
3495 :
3496 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3497 1 : status = libspdm_challenge(
3498 : spdm_context, NULL, 0,
3499 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3500 : measurement_hash, NULL);
3501 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3502 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3503 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3504 : m_libspdm_local_buffer_size));
3505 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3506 : #endif
3507 1 : free(data);
3508 1 : }
3509 :
3510 : /**
3511 : * Test 23: GetCert (Slot 0), GetCert (Slot 1), then Challenge (Slot 0), (Slot1):
3512 : * - it has flags indicating that the previous messages were sent
3513 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3514 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3515 : * signature algorithms, and the use of challenges.
3516 : * - it has the responder's certificate chain.
3517 : * The CHALLENGE message requests usage of the first certificate in the chain
3518 : * (param1=0) and do not request measurements (param2=0).
3519 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3520 : * no opaque data and a signature on the sent nonce.
3521 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3522 : **/
3523 1 : void libspdm_test_requester_challenge_case23(void **state)
3524 : {
3525 : libspdm_return_t status;
3526 : libspdm_test_context_t *spdm_test_context;
3527 : libspdm_context_t *spdm_context;
3528 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3529 : void *data;
3530 : void *data1;
3531 : size_t data_size;
3532 : size_t data1_size;
3533 : void *hash;
3534 : void *hash1;
3535 : size_t hash_size;
3536 : size_t hash1_size;
3537 : uint8_t slot_id;
3538 :
3539 1 : spdm_test_context = *state;
3540 1 : spdm_context = spdm_test_context->spdm_context;
3541 1 : spdm_test_context->case_id = 0x17;
3542 1 : spdm_context->connection_info.connection_state =
3543 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3544 1 : spdm_context->connection_info.capability.flags = 0;
3545 1 : spdm_context->connection_info.capability.flags |=
3546 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3547 :
3548 1 : libspdm_reset_message_a(spdm_context);
3549 1 : libspdm_reset_message_b(spdm_context);
3550 1 : libspdm_reset_message_c(spdm_context);
3551 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3552 : m_libspdm_use_hash_algo;
3553 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3554 : m_libspdm_use_asym_algo;
3555 :
3556 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3557 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3558 :
3559 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3560 : m_libspdm_use_asym_algo, &data,
3561 : &data_size, &hash, &hash_size)) {
3562 0 : assert(false);
3563 : }
3564 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3565 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3566 : data_size;
3567 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3568 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3569 : data, data_size);
3570 : #else
3571 1 : libspdm_hash_all(
3572 : spdm_context->connection_info.algorithm.base_hash_algo,
3573 : data, data_size,
3574 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3575 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3576 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3577 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3578 : spdm_context->connection_info.algorithm.base_hash_algo,
3579 : spdm_context->connection_info.algorithm.base_asym_algo,
3580 : data, data_size,
3581 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3582 : #endif
3583 :
3584 1 : libspdm_read_responder_public_certificate_chain_per_slot(
3585 : 1,
3586 : m_libspdm_use_hash_algo,
3587 : m_libspdm_use_asym_algo, &data1,
3588 : &data1_size, &hash1, &hash1_size);
3589 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3590 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size =
3591 : data1_size;
3592 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
3593 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
3594 : data1, data1_size);
3595 : #else
3596 1 : libspdm_hash_all(
3597 : spdm_context->connection_info.algorithm.base_hash_algo,
3598 : data1, data1_size,
3599 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
3600 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
3601 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3602 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3603 : spdm_context->connection_info.algorithm.base_hash_algo,
3604 : spdm_context->connection_info.algorithm.base_asym_algo,
3605 : data1, data1_size,
3606 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
3607 : #endif
3608 :
3609 3 : for (slot_id = 0; slot_id < 2; slot_id++) {
3610 2 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3611 2 : status = libspdm_challenge(
3612 : spdm_context, NULL, slot_id,
3613 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3614 : measurement_hash, NULL);
3615 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3616 : }
3617 1 : free(data);
3618 1 : free(data1);
3619 1 : }
3620 :
3621 : /**
3622 : * Test 24: Challenge using provisioned public key (slot_id 0xFF)
3623 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3624 : **/
3625 1 : void libspdm_test_requester_challenge_case24(void **state)
3626 : {
3627 : libspdm_return_t status;
3628 : libspdm_test_context_t *spdm_test_context;
3629 : libspdm_context_t *spdm_context;
3630 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3631 : void *data;
3632 : size_t data_size;
3633 :
3634 1 : spdm_test_context = *state;
3635 1 : spdm_context = spdm_test_context->spdm_context;
3636 1 : spdm_test_context->case_id = 0x18;
3637 1 : spdm_context->connection_info.connection_state =
3638 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3639 1 : spdm_context->connection_info.capability.flags = 0;
3640 1 : spdm_context->connection_info.capability.flags |=
3641 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3642 1 : spdm_context->connection_info.capability.flags |=
3643 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3644 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3645 1 : spdm_context->local_context.peer_public_key_provision = data;
3646 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3647 :
3648 1 : libspdm_reset_message_a(spdm_context);
3649 1 : libspdm_reset_message_b(spdm_context);
3650 1 : libspdm_reset_message_c(spdm_context);
3651 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3652 : m_libspdm_use_hash_algo;
3653 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3654 : m_libspdm_use_asym_algo;
3655 :
3656 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3657 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3658 :
3659 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3660 1 : status = libspdm_challenge(
3661 : spdm_context, NULL, 0xFF,
3662 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3663 : measurement_hash, NULL);
3664 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3665 1 : free(data);
3666 1 : }
3667 :
3668 : /**
3669 : * Test 25: Error case, CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed.
3670 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code.
3671 : **/
3672 1 : void libspdm_test_requester_challenge_case25(void **state) {
3673 : libspdm_return_t status;
3674 : libspdm_test_context_t *spdm_test_context;
3675 : libspdm_context_t *spdm_context;
3676 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3677 : void *data;
3678 : size_t data_size;
3679 : void *hash;
3680 : size_t hash_size;
3681 :
3682 1 : spdm_test_context = *state;
3683 1 : spdm_context = spdm_test_context->spdm_context;
3684 1 : spdm_test_context->case_id = 0x19;
3685 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3686 1 : spdm_context->connection_info.capability.flags = 0;
3687 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3688 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3689 : m_libspdm_use_asym_algo,
3690 : &data, &data_size,
3691 : &hash, &hash_size);
3692 1 : libspdm_reset_message_a(spdm_context);
3693 1 : libspdm_reset_message_b(spdm_context);
3694 1 : libspdm_reset_message_c(spdm_context);
3695 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3696 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3697 :
3698 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3699 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3700 :
3701 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3702 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3703 : data_size;
3704 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3705 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3706 : data, data_size);
3707 : #else
3708 1 : libspdm_hash_all(
3709 : spdm_context->connection_info.algorithm.base_hash_algo,
3710 : data, data_size,
3711 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3712 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3713 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3714 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3715 : spdm_context->connection_info.algorithm.base_hash_algo,
3716 : spdm_context->connection_info.algorithm.base_asym_algo,
3717 : data, data_size,
3718 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3719 : #endif
3720 :
3721 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3722 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3723 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3724 : measurement_hash, NULL);
3725 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3726 1 : free(data);
3727 1 : }
3728 :
3729 : /**
3730 : * Test 26: the requester is setup correctly to send a CHALLENGE message:
3731 : * - it has flags indicating that the previous messages were sent
3732 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3733 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3734 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3735 : **/
3736 1 : void libspdm_test_requester_challenge_case26(void **state) {
3737 : libspdm_return_t status;
3738 : libspdm_test_context_t *spdm_test_context;
3739 : libspdm_context_t *spdm_context;
3740 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3741 : void *data;
3742 : size_t data_size;
3743 : void *hash;
3744 : size_t hash_size;
3745 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3746 : size_t opaque_data_size;
3747 :
3748 1 : spdm_test_context = *state;
3749 1 : spdm_context = spdm_test_context->spdm_context;
3750 1 : spdm_test_context->case_id = 0x1A;
3751 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3752 1 : spdm_context->connection_info.capability.flags = 0;
3753 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3754 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3755 : m_libspdm_use_asym_algo,
3756 : &data, &data_size,
3757 : &hash, &hash_size);
3758 1 : libspdm_reset_message_a(spdm_context);
3759 1 : libspdm_reset_message_b(spdm_context);
3760 1 : libspdm_reset_message_c(spdm_context);
3761 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3762 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3763 :
3764 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
3765 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3766 :
3767 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3768 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3769 : data_size;
3770 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3771 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3772 : data, data_size);
3773 : #else
3774 1 : libspdm_hash_all(
3775 : spdm_context->connection_info.algorithm.base_hash_algo,
3776 : data, data_size,
3777 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3778 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3779 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3780 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3781 : spdm_context->connection_info.algorithm.base_hash_algo,
3782 : spdm_context->connection_info.algorithm.base_asym_algo,
3783 : data, data_size,
3784 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3785 : #endif
3786 1 : spdm_context->connection_info.algorithm.other_params_support =
3787 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
3788 1 : opaque_data_size = sizeof(opaque_data);
3789 :
3790 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3791 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3792 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3793 : measurement_hash, NULL, NULL, NULL, NULL,
3794 : opaque_data, &opaque_data_size);
3795 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3796 1 : assert_int_equal(opaque_data_size, m_libspdm_opaque_data_size);
3797 1 : assert_memory_equal(opaque_data, m_libspdm_opaque_data, opaque_data_size);
3798 1 : free(data);
3799 1 : }
3800 :
3801 : /**
3802 : * Test 27: Successful case , With the correct challenge context field
3803 : * Expected Behavior: client returns a status of RETURN_SUCCESS.
3804 : **/
3805 1 : void libspdm_test_requester_challenge_case27(void **state)
3806 : {
3807 : libspdm_return_t status;
3808 : libspdm_test_context_t *spdm_test_context;
3809 : libspdm_context_t *spdm_context;
3810 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3811 : void *data;
3812 : size_t data_size;
3813 : void *hash;
3814 : size_t hash_size;
3815 :
3816 1 : spdm_test_context = *state;
3817 1 : spdm_context = spdm_test_context->spdm_context;
3818 1 : spdm_test_context->case_id = 0x1B;
3819 1 : spdm_context->connection_info.connection_state =
3820 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3821 1 : spdm_context->connection_info.capability.flags = 0;
3822 1 : spdm_context->connection_info.capability.flags |=
3823 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3824 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3825 : m_libspdm_use_asym_algo, &data,
3826 : &data_size, &hash, &hash_size)) {
3827 0 : assert(false);
3828 : }
3829 1 : libspdm_reset_message_a(spdm_context);
3830 1 : libspdm_reset_message_b(spdm_context);
3831 1 : libspdm_reset_message_c(spdm_context);
3832 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3833 : m_libspdm_use_hash_algo;
3834 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3835 : m_libspdm_use_asym_algo;
3836 :
3837 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3838 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3839 :
3840 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3841 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3842 : data_size;
3843 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3844 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3845 : data, data_size);
3846 : #else
3847 1 : libspdm_hash_all(
3848 : spdm_context->connection_info.algorithm.base_hash_algo,
3849 : data, data_size,
3850 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3851 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3852 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3853 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3854 : spdm_context->connection_info.algorithm.base_hash_algo,
3855 : spdm_context->connection_info.algorithm.base_asym_algo,
3856 : data, data_size,
3857 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3858 : #endif
3859 :
3860 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3861 :
3862 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3863 :
3864 1 : status = libspdm_challenge_ex2(
3865 : spdm_context, NULL, 0, m_requester_context,
3866 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3867 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3868 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3869 :
3870 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3871 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
3872 : #else
3873 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
3874 : #endif
3875 1 : free(data);
3876 1 : }
3877 :
3878 : /**
3879 : * Test 28: Error case , challenge context fields are inconsistent
3880 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
3881 : **/
3882 1 : void libspdm_test_requester_challenge_case28(void **state)
3883 : {
3884 : libspdm_return_t status;
3885 : libspdm_test_context_t *spdm_test_context;
3886 : libspdm_context_t *spdm_context;
3887 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3888 : void *data;
3889 : size_t data_size;
3890 : void *hash;
3891 : size_t hash_size;
3892 :
3893 1 : spdm_test_context = *state;
3894 1 : spdm_context = spdm_test_context->spdm_context;
3895 1 : spdm_test_context->case_id = 0x1C;
3896 1 : spdm_context->connection_info.connection_state =
3897 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3898 1 : spdm_context->connection_info.capability.flags = 0;
3899 1 : spdm_context->connection_info.capability.flags |=
3900 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3901 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3902 : m_libspdm_use_asym_algo, &data,
3903 : &data_size, &hash, &hash_size)) {
3904 0 : assert(false);
3905 : }
3906 1 : libspdm_reset_message_a(spdm_context);
3907 1 : libspdm_reset_message_b(spdm_context);
3908 1 : libspdm_reset_message_c(spdm_context);
3909 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3910 : m_libspdm_use_hash_algo;
3911 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3912 : m_libspdm_use_asym_algo;
3913 :
3914 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3915 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3916 :
3917 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3918 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3919 : data_size;
3920 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3921 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3922 : data, data_size);
3923 : #else
3924 1 : libspdm_hash_all(
3925 : spdm_context->connection_info.algorithm.base_hash_algo,
3926 : data, data_size,
3927 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3928 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3929 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3930 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3931 : spdm_context->connection_info.algorithm.base_hash_algo,
3932 : spdm_context->connection_info.algorithm.base_asym_algo,
3933 : data, data_size,
3934 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3935 : #endif
3936 :
3937 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3938 :
3939 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3940 :
3941 1 : status = libspdm_challenge_ex2(
3942 : spdm_context, NULL, 0, m_requester_context,
3943 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3944 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3945 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3946 :
3947 1 : free(data);
3948 1 : }
3949 :
3950 1 : int libspdm_requester_challenge_test_main(void)
3951 : {
3952 1 : const struct CMUnitTest spdm_requester_challenge_tests[] = {
3953 : /* SendRequest failed*/
3954 : cmocka_unit_test(libspdm_test_requester_challenge_case1),
3955 : /* Successful response*/
3956 : cmocka_unit_test(libspdm_test_requester_challenge_case2),
3957 : /* connection_state check failed*/
3958 : cmocka_unit_test(libspdm_test_requester_challenge_case3),
3959 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3960 : cmocka_unit_test(libspdm_test_requester_challenge_case4),
3961 : /* Always SPDM_ERROR_CODE_BUSY*/
3962 : cmocka_unit_test(libspdm_test_requester_challenge_case5),
3963 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3964 : cmocka_unit_test(libspdm_test_requester_challenge_case6),
3965 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3966 : cmocka_unit_test(libspdm_test_requester_challenge_case7),
3967 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3968 : cmocka_unit_test(libspdm_test_requester_challenge_case8),
3969 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3970 : cmocka_unit_test(libspdm_test_requester_challenge_case9),
3971 : /* SpdmCmdReceiveState check failed*/
3972 : cmocka_unit_test(libspdm_test_requester_challenge_case10),
3973 : /* Successful response + device error*/
3974 : cmocka_unit_test(libspdm_test_requester_challenge_case11),
3975 : cmocka_unit_test(libspdm_test_requester_challenge_case12),
3976 : cmocka_unit_test(libspdm_test_requester_challenge_case13),
3977 : cmocka_unit_test(libspdm_test_requester_challenge_case14),
3978 : /* Invalid parameter*/
3979 : cmocka_unit_test(libspdm_test_requester_challenge_case15),
3980 : /* Successful response*/
3981 : cmocka_unit_test(libspdm_test_requester_challenge_case16),
3982 : /* Signature check failed*/
3983 : cmocka_unit_test(libspdm_test_requester_challenge_case17),
3984 : /* Successful response*/
3985 : cmocka_unit_test(libspdm_test_requester_challenge_case18),
3986 : cmocka_unit_test(libspdm_test_requester_challenge_case19),
3987 : /* Unexpected errors*/
3988 : cmocka_unit_test(libspdm_test_requester_challenge_case20),
3989 : /* Buffer verification*/
3990 : cmocka_unit_test(libspdm_test_requester_challenge_case22),
3991 : /* Challeng differenr slot with GetCert*/
3992 : cmocka_unit_test(libspdm_test_requester_challenge_case23),
3993 : /* Challeng using provisioned public key (slot_id 0xFF) */
3994 : cmocka_unit_test(libspdm_test_requester_challenge_case24),
3995 : /* opaque_length greater than the maximum allowed */
3996 : cmocka_unit_test(libspdm_test_requester_challenge_case25),
3997 : /* the OpaqueDataFmt1 bit is selected in OtherParamsSelection of ALGORITHMS*/
3998 : cmocka_unit_test(libspdm_test_requester_challenge_case26),
3999 : /* Successful response, With the correct challenge context field*/
4000 : cmocka_unit_test(libspdm_test_requester_challenge_case27),
4001 : /* Error response: challenge context fields are inconsistent*/
4002 : cmocka_unit_test(libspdm_test_requester_challenge_case28),
4003 : };
4004 :
4005 1 : libspdm_test_context_t test_context = {
4006 : LIBSPDM_TEST_CONTEXT_VERSION,
4007 : true,
4008 : libspdm_requester_challenge_test_send_message,
4009 : libspdm_requester_challenge_test_receive_message,
4010 : };
4011 :
4012 1 : libspdm_setup_test_context(&test_context);
4013 :
4014 1 : return cmocka_run_group_tests(spdm_requester_challenge_tests,
4015 : libspdm_unit_test_group_setup,
4016 : libspdm_unit_test_group_teardown);
4017 : }
4018 :
4019 : #endif /* SPDM_ENABLE_CHALLEGE*/
|
