Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP
11 :
12 : static size_t m_libspdm_local_buffer_size;
13 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_M1M2_BUFFER_SIZE];
14 :
15 : static size_t m_libspdm_opaque_data_size;
16 : static uint8_t m_libspdm_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
17 :
18 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
19 :
20 45 : libspdm_return_t libspdm_requester_challenge_test_send_message(void *spdm_context,
21 : size_t request_size,
22 : const void *request,
23 : uint64_t timeout)
24 : {
25 : libspdm_test_context_t *spdm_test_context;
26 : const uint8_t *ptr;
27 :
28 45 : spdm_test_context = libspdm_get_test_context();
29 45 : ptr = (const uint8_t *)request;
30 45 : switch (spdm_test_context->case_id) {
31 1 : case 0x1:
32 1 : return LIBSPDM_STATUS_SEND_FAIL;
33 1 : case 0x2:
34 1 : m_libspdm_local_buffer_size = 0;
35 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
36 : request_size - 1);
37 1 : m_libspdm_local_buffer_size += (request_size - 1);
38 1 : return LIBSPDM_STATUS_SUCCESS;
39 0 : case 0x3:
40 0 : m_libspdm_local_buffer_size = 0;
41 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
42 : request_size - 1);
43 0 : m_libspdm_local_buffer_size += (request_size - 1);
44 0 : return LIBSPDM_STATUS_SUCCESS;
45 1 : case 0x4:
46 1 : m_libspdm_local_buffer_size = 0;
47 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
48 : request_size - 1);
49 1 : m_libspdm_local_buffer_size += (request_size - 1);
50 1 : return LIBSPDM_STATUS_SUCCESS;
51 1 : case 0x5:
52 1 : m_libspdm_local_buffer_size = 0;
53 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
54 : request_size - 1);
55 1 : m_libspdm_local_buffer_size += (request_size - 1);
56 1 : return LIBSPDM_STATUS_SUCCESS;
57 2 : case 0x6:
58 2 : m_libspdm_local_buffer_size = 0;
59 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
60 : request_size - 1);
61 2 : m_libspdm_local_buffer_size += (request_size - 1);
62 2 : return LIBSPDM_STATUS_SUCCESS;
63 1 : case 0x7:
64 1 : m_libspdm_local_buffer_size = 0;
65 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
66 : request_size - 1);
67 1 : m_libspdm_local_buffer_size += (request_size - 1);
68 1 : return LIBSPDM_STATUS_SUCCESS;
69 2 : case 0x8:
70 2 : m_libspdm_local_buffer_size = 0;
71 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
72 : request_size - 1);
73 2 : m_libspdm_local_buffer_size += (request_size - 1);
74 2 : return LIBSPDM_STATUS_SUCCESS;
75 2 : case 0x9: {
76 : static size_t sub_index = 0;
77 2 : if (sub_index == 0) {
78 1 : m_libspdm_local_buffer_size = 0;
79 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
80 : request_size - 1);
81 1 : m_libspdm_local_buffer_size += (request_size - 1);
82 1 : sub_index++;
83 : }
84 : }
85 2 : return LIBSPDM_STATUS_SUCCESS;
86 26 : case 0xA:
87 : case 0xB:
88 : case 0xC:
89 : case 0xD:
90 : case 0xE:
91 : case 0xF:
92 : case 0x10:
93 : case 0x11:
94 : case 0x12:
95 : case 0x13:
96 : case 0x14:
97 : case 0x15:
98 26 : m_libspdm_local_buffer_size = 0;
99 26 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
100 : request_size - 1);
101 26 : m_libspdm_local_buffer_size += (request_size - 1);
102 26 : return LIBSPDM_STATUS_SUCCESS;
103 1 : case 0x16: {
104 : /* arbitrary data must be inserted in the message buffer for computing
105 : * the response hash */
106 1 : m_libspdm_local_buffer_size = 0;
107 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
108 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 10, (uint8_t) 0xFF);
109 : m_libspdm_local_buffer_size += 10;
110 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 8, (uint8_t) 0xEE);
111 : m_libspdm_local_buffer_size += 8;
112 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 12, (uint8_t) 0xDD);
113 : m_libspdm_local_buffer_size += 12;
114 : #endif
115 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
116 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
117 1 : &ptr[1], request_size - 1);
118 1 : m_libspdm_local_buffer_size += (request_size - 1);
119 : }
120 1 : return LIBSPDM_STATUS_SUCCESS;
121 2 : case 0x17:
122 2 : m_libspdm_local_buffer_size = 0;
123 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
124 : request_size - 1);
125 2 : m_libspdm_local_buffer_size += (request_size - 1);
126 2 : return LIBSPDM_STATUS_SUCCESS;
127 3 : case 0x18:
128 : case 0x19:
129 : case 0x1A:
130 3 : m_libspdm_local_buffer_size = 0;
131 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
132 : request_size - 1);
133 3 : m_libspdm_local_buffer_size += (request_size - 1);
134 3 : return LIBSPDM_STATUS_SUCCESS;
135 2 : case 0x1B:
136 : case 0x1C:
137 2 : m_libspdm_local_buffer_size = 0;
138 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
139 : request_size - 1);
140 2 : m_libspdm_local_buffer_size += (request_size - 1);
141 2 : return LIBSPDM_STATUS_SUCCESS;
142 0 : default:
143 0 : return LIBSPDM_STATUS_SEND_FAIL;
144 : }
145 : }
146 :
147 44 : libspdm_return_t libspdm_requester_challenge_test_receive_message(
148 : void *spdm_context, size_t *response_size,
149 : void **response, uint64_t timeout)
150 : {
151 : libspdm_test_context_t *spdm_test_context;
152 :
153 44 : spdm_test_context = libspdm_get_test_context();
154 44 : switch (spdm_test_context->case_id) {
155 0 : case 0x1:
156 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
157 :
158 1 : case 0x2: { /*correct CHALLENGE_AUTH message*/
159 : spdm_challenge_auth_response_t *spdm_response;
160 : void *data;
161 : size_t data_size;
162 : uint8_t *ptr;
163 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
164 : size_t sig_size;
165 : size_t spdm_response_size;
166 : size_t transport_header_size;
167 :
168 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
169 : m_libspdm_use_asym_algo, &data,
170 : &data_size, NULL, NULL);
171 : ((libspdm_context_t *)spdm_context)
172 1 : ->local_context.local_cert_chain_provision_size[0] =
173 : data_size;
174 : ((libspdm_context_t *)spdm_context)
175 1 : ->local_context.local_cert_chain_provision[0] = data;
176 : ((libspdm_context_t *)spdm_context)
177 1 : ->connection_info.algorithm.base_asym_algo =
178 : m_libspdm_use_asym_algo;
179 : ((libspdm_context_t *)spdm_context)
180 1 : ->connection_info.algorithm.base_hash_algo =
181 : m_libspdm_use_hash_algo;
182 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
183 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
184 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
185 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
186 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
187 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
188 :
189 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
190 1 : spdm_response->header.request_response_code =
191 : SPDM_CHALLENGE_AUTH;
192 1 : spdm_response->header.param1 = 0;
193 1 : spdm_response->header.param2 = (1 << 0);
194 1 : ptr = (void *)(spdm_response + 1);
195 1 : libspdm_hash_all(
196 : m_libspdm_use_hash_algo,
197 : ((libspdm_context_t *)spdm_context)
198 : ->local_context.local_cert_chain_provision[0],
199 : ((libspdm_context_t *)spdm_context)
200 : ->local_context
201 : .local_cert_chain_provision_size[0],
202 : ptr);
203 1 : free(data);
204 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
205 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
206 1 : ptr += SPDM_NONCE_SIZE;
207 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
208 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
209 1 : *(uint16_t *)ptr = 0;
210 1 : ptr += sizeof(uint16_t);
211 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
212 : sizeof(m_libspdm_local_buffer) -
213 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
214 : m_libspdm_local_buffer),
215 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
216 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
217 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
218 : m_libspdm_local_buffer_size));
219 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
220 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
221 : m_libspdm_local_buffer_size, hash_data);
222 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
223 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
224 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
225 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
226 1 : libspdm_responder_data_sign(
227 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
228 : spdm_context,
229 : #endif
230 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
231 : SPDM_CHALLENGE_AUTH,
232 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
233 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
234 : ptr, &sig_size);
235 1 : ptr += sig_size;
236 :
237 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
238 : false, spdm_response_size,
239 : spdm_response, response_size,
240 : response);
241 : }
242 1 : return LIBSPDM_STATUS_SUCCESS;
243 :
244 0 : case 0x3: { /*correct CHALLENGE_AUTH message*/
245 : spdm_challenge_auth_response_t *spdm_response;
246 : void *data;
247 : size_t data_size;
248 : uint8_t *ptr;
249 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
250 : size_t sig_size;
251 : size_t spdm_response_size;
252 : size_t transport_header_size;
253 :
254 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
255 : m_libspdm_use_asym_algo, &data,
256 : &data_size, NULL, NULL);
257 : ((libspdm_context_t *)spdm_context)
258 0 : ->local_context.local_cert_chain_provision_size[0] =
259 : data_size;
260 : ((libspdm_context_t *)spdm_context)
261 0 : ->local_context.local_cert_chain_provision[0] = data;
262 : ((libspdm_context_t *)spdm_context)
263 0 : ->connection_info.algorithm.base_asym_algo =
264 : m_libspdm_use_asym_algo;
265 : ((libspdm_context_t *)spdm_context)
266 0 : ->connection_info.algorithm.base_hash_algo =
267 : m_libspdm_use_hash_algo;
268 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
269 0 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
270 0 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
271 0 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
272 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
273 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
274 :
275 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
276 0 : spdm_response->header.request_response_code =
277 : SPDM_CHALLENGE_AUTH;
278 0 : spdm_response->header.param1 = 0;
279 0 : spdm_response->header.param2 = (1 << 0);
280 0 : ptr = (void *)(spdm_response + 1);
281 0 : libspdm_hash_all(
282 : m_libspdm_use_hash_algo,
283 : ((libspdm_context_t *)spdm_context)
284 : ->local_context.local_cert_chain_provision[0],
285 : ((libspdm_context_t *)spdm_context)
286 : ->local_context
287 : .local_cert_chain_provision_size[0],
288 : ptr);
289 0 : free(data);
290 0 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
291 0 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
292 0 : ptr += SPDM_NONCE_SIZE;
293 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
294 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
295 0 : *(uint16_t *)ptr = 0;
296 0 : ptr += sizeof(uint16_t);
297 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
298 : sizeof(m_libspdm_local_buffer) -
299 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
300 : m_libspdm_local_buffer),
301 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
302 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
303 0 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
304 : m_libspdm_local_buffer_size, hash_data);
305 0 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
306 0 : libspdm_responder_data_sign(
307 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
308 : spdm_context,
309 : #endif
310 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
311 : SPDM_CHALLENGE_AUTH,
312 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
313 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
314 : ptr, &sig_size);
315 0 : ptr += sig_size;
316 :
317 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
318 : false, spdm_response_size,
319 : spdm_response, response_size,
320 : response);
321 : }
322 0 : return LIBSPDM_STATUS_SUCCESS;
323 :
324 1 : case 0x4: { /*correct ERROR message (invalid request)*/
325 : spdm_error_response_t *spdm_response;
326 : size_t spdm_response_size;
327 : size_t transport_header_size;
328 :
329 1 : spdm_response_size = sizeof(spdm_error_response_t);
330 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
331 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
332 :
333 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
334 1 : spdm_response->header.request_response_code = SPDM_ERROR;
335 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
336 1 : spdm_response->header.param2 = 0;
337 :
338 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
339 : false, spdm_response_size,
340 : spdm_response,
341 : response_size, response);
342 : }
343 1 : return LIBSPDM_STATUS_SUCCESS;
344 :
345 1 : case 0x5: { /*correct ERROR message (busy)*/
346 : spdm_error_response_t *spdm_response;
347 : size_t spdm_response_size;
348 : size_t transport_header_size;
349 :
350 1 : spdm_response_size = sizeof(spdm_error_response_t);
351 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
352 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
353 :
354 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
355 1 : spdm_response->header.request_response_code = SPDM_ERROR;
356 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
357 1 : spdm_response->header.param2 = 0;
358 :
359 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
360 : false, spdm_response_size,
361 : spdm_response,
362 : response_size, response);
363 : }
364 1 : return LIBSPDM_STATUS_SUCCESS;
365 :
366 2 : case 0x6: { /*correct ERROR message (busy) + correct CHALLENGE_AUTH message*/
367 : static size_t sub_index1 = 0;
368 2 : if (sub_index1 == 0) {
369 : spdm_error_response_t *spdm_response;
370 : size_t spdm_response_size;
371 : size_t transport_header_size;
372 :
373 1 : spdm_response_size = sizeof(spdm_error_response_t);
374 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
375 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
376 :
377 1 : spdm_response->header.spdm_version =
378 : SPDM_MESSAGE_VERSION_11;
379 1 : spdm_response->header.request_response_code = SPDM_ERROR;
380 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
381 1 : spdm_response->header.param2 = 0;
382 :
383 1 : libspdm_transport_test_encode_message(
384 : spdm_context, NULL, false, false,
385 : spdm_response_size, spdm_response,
386 : response_size, response);
387 1 : sub_index1++;
388 1 : } else if (sub_index1 == 1) {
389 : spdm_challenge_auth_response_t *spdm_response;
390 : void *data;
391 : size_t data_size;
392 : uint8_t *ptr;
393 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
394 : size_t sig_size;
395 : size_t spdm_response_size;
396 : size_t transport_header_size;
397 :
398 1 : libspdm_read_responder_public_certificate_chain(
399 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
400 : &data_size, NULL, NULL);
401 : ((libspdm_context_t *)spdm_context)
402 : ->local_context
403 1 : .local_cert_chain_provision_size[0] = data_size;
404 : ((libspdm_context_t *)spdm_context)
405 1 : ->local_context.local_cert_chain_provision[0] =
406 : data;
407 : ((libspdm_context_t *)spdm_context)
408 1 : ->connection_info.algorithm.base_asym_algo =
409 : m_libspdm_use_asym_algo;
410 : ((libspdm_context_t *)spdm_context)
411 1 : ->connection_info.algorithm.base_hash_algo =
412 : m_libspdm_use_hash_algo;
413 1 : spdm_response_size =
414 : sizeof(spdm_challenge_auth_response_t) +
415 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
416 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
417 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
418 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
419 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
420 :
421 1 : spdm_response->header.spdm_version =
422 : SPDM_MESSAGE_VERSION_11;
423 1 : spdm_response->header.request_response_code =
424 : SPDM_CHALLENGE_AUTH;
425 1 : spdm_response->header.param1 = 0;
426 1 : spdm_response->header.param2 = (1 << 0);
427 1 : ptr = (void *)(spdm_response + 1);
428 1 : libspdm_hash_all(
429 : m_libspdm_use_hash_algo,
430 : ((libspdm_context_t *)spdm_context)
431 : ->local_context
432 : .local_cert_chain_provision[0],
433 : ((libspdm_context_t *)spdm_context)
434 : ->local_context
435 : .local_cert_chain_provision_size[0],
436 : ptr);
437 1 : free(data);
438 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
439 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
440 1 : ptr += SPDM_NONCE_SIZE;
441 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
442 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
443 1 : *(uint16_t *)ptr = 0;
444 1 : ptr += sizeof(uint16_t);
445 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
446 : sizeof(m_libspdm_local_buffer)
447 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
448 : m_libspdm_local_buffer),
449 : spdm_response,
450 1 : (size_t)ptr - (size_t)spdm_response);
451 1 : m_libspdm_local_buffer_size +=
452 1 : ((size_t)ptr - (size_t)spdm_response);
453 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
454 : m_libspdm_local_buffer_size, hash_data);
455 1 : sig_size =
456 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
457 1 : libspdm_responder_data_sign(
458 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
459 : spdm_context,
460 : #endif
461 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
462 : SPDM_CHALLENGE_AUTH,
463 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
464 : m_libspdm_use_hash_algo,
465 : false, m_libspdm_local_buffer,
466 : m_libspdm_local_buffer_size, ptr,
467 : &sig_size);
468 1 : ptr += sig_size;
469 :
470 1 : libspdm_transport_test_encode_message(
471 : spdm_context, NULL, false, false, spdm_response_size,
472 : spdm_response, response_size, response);
473 : }
474 : }
475 2 : return LIBSPDM_STATUS_SUCCESS;
476 :
477 1 : case 0x7: { /*correct ERROR message (request resync)*/
478 : spdm_error_response_t *spdm_response;
479 : size_t spdm_response_size;
480 : size_t transport_header_size;
481 :
482 1 : spdm_response_size = sizeof(spdm_error_response_t);
483 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
484 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
485 :
486 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
487 1 : spdm_response->header.request_response_code = SPDM_ERROR;
488 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
489 1 : spdm_response->header.param2 = 0;
490 :
491 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
492 : false, spdm_response_size,
493 : spdm_response,
494 : response_size, response);
495 : }
496 1 : return LIBSPDM_STATUS_SUCCESS;
497 :
498 2 : case 0x8: { /*correct ERROR message (response net ready)*/
499 : spdm_error_response_data_response_not_ready_t *spdm_response;
500 : size_t spdm_response_size;
501 : size_t transport_header_size;
502 :
503 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
504 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
505 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
506 :
507 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
508 2 : spdm_response->header.request_response_code = SPDM_ERROR;
509 2 : spdm_response->header.param1 =
510 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
511 2 : spdm_response->header.param2 = 0;
512 2 : spdm_response->extend_error_data.rd_exponent = 1;
513 2 : spdm_response->extend_error_data.rd_tm = 2;
514 2 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
515 2 : spdm_response->extend_error_data.token = 0;
516 :
517 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
518 : false, spdm_response_size,
519 : spdm_response,
520 : response_size, response);
521 : }
522 2 : return LIBSPDM_STATUS_SUCCESS;
523 :
524 2 : case 0x9: { /*correct ERROR message (response not ready) + correct CHALLENGE_AUTH message*/
525 : static size_t sub_index2 = 0;
526 2 : if (sub_index2 == 0) {
527 : spdm_error_response_data_response_not_ready_t
528 : *spdm_response;
529 : size_t spdm_response_size;
530 : size_t transport_header_size;
531 :
532 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
533 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
534 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
535 :
536 1 : spdm_response->header.spdm_version =
537 : SPDM_MESSAGE_VERSION_11;
538 1 : spdm_response->header.request_response_code = SPDM_ERROR;
539 1 : spdm_response->header.param1 =
540 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
541 1 : spdm_response->header.param2 = 0;
542 1 : spdm_response->extend_error_data.rd_exponent = 1;
543 1 : spdm_response->extend_error_data.rd_tm = 2;
544 1 : spdm_response->extend_error_data.request_code =
545 : SPDM_CHALLENGE;
546 1 : spdm_response->extend_error_data.token = 1;
547 :
548 1 : libspdm_transport_test_encode_message(
549 : spdm_context, NULL, false, false,
550 : spdm_response_size, spdm_response,
551 : response_size, response);
552 1 : sub_index2++;
553 1 : } else if (sub_index2 == 1) {
554 : spdm_challenge_auth_response_t *spdm_response;
555 : void *data;
556 : size_t data_size;
557 : uint8_t *ptr;
558 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
559 : size_t sig_size;
560 : size_t spdm_response_size;
561 : size_t transport_header_size;
562 :
563 1 : libspdm_read_responder_public_certificate_chain(
564 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
565 : &data_size, NULL, NULL);
566 : ((libspdm_context_t *)spdm_context)
567 : ->local_context
568 1 : .local_cert_chain_provision_size[0] = data_size;
569 : ((libspdm_context_t *)spdm_context)
570 1 : ->local_context.local_cert_chain_provision[0] =
571 : data;
572 : ((libspdm_context_t *)spdm_context)
573 1 : ->connection_info.algorithm.base_asym_algo =
574 : m_libspdm_use_asym_algo;
575 : ((libspdm_context_t *)spdm_context)
576 1 : ->connection_info.algorithm.base_hash_algo =
577 : m_libspdm_use_hash_algo;
578 1 : spdm_response_size =
579 : sizeof(spdm_challenge_auth_response_t) +
580 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
581 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
582 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
583 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
584 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
585 :
586 1 : spdm_response->header.spdm_version =
587 : SPDM_MESSAGE_VERSION_11;
588 1 : spdm_response->header.request_response_code =
589 : SPDM_CHALLENGE_AUTH;
590 1 : spdm_response->header.param1 = 0;
591 1 : spdm_response->header.param2 = (1 << 0);
592 1 : ptr = (void *)(spdm_response + 1);
593 1 : libspdm_hash_all(
594 : m_libspdm_use_hash_algo,
595 : ((libspdm_context_t *)spdm_context)
596 : ->local_context
597 : .local_cert_chain_provision[0],
598 : ((libspdm_context_t *)spdm_context)
599 : ->local_context
600 : .local_cert_chain_provision_size[0],
601 : ptr);
602 1 : free(data);
603 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
604 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
605 1 : ptr += SPDM_NONCE_SIZE;
606 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
607 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
608 1 : *(uint16_t *)ptr = 0;
609 1 : ptr += sizeof(uint16_t);
610 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
611 : sizeof(m_libspdm_local_buffer)
612 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
613 : m_libspdm_local_buffer),
614 : spdm_response,
615 1 : (size_t)ptr - (size_t)spdm_response);
616 1 : m_libspdm_local_buffer_size +=
617 1 : ((size_t)ptr - (size_t)spdm_response);
618 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
619 : m_libspdm_local_buffer_size, hash_data);
620 1 : sig_size =
621 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
622 1 : libspdm_responder_data_sign(
623 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
624 : spdm_context,
625 : #endif
626 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
627 : SPDM_CHALLENGE_AUTH,
628 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
629 : m_libspdm_use_hash_algo,
630 : false, m_libspdm_local_buffer,
631 : m_libspdm_local_buffer_size, ptr,
632 : &sig_size);
633 1 : ptr += sig_size;
634 :
635 1 : libspdm_transport_test_encode_message(
636 : spdm_context, NULL, false, false, spdm_response_size,
637 : spdm_response, response_size, response);
638 : }
639 : }
640 2 : return LIBSPDM_STATUS_SUCCESS;
641 :
642 0 : case 0xA: /*correct CHALLENGE_AUTH message*/
643 : {
644 : spdm_challenge_auth_response_t *spdm_response;
645 : void *data;
646 : size_t data_size;
647 : uint8_t *Ptr;
648 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
649 : size_t sig_size;
650 : size_t spdm_response_size;
651 : size_t transport_header_size;
652 :
653 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
654 : m_libspdm_use_asym_algo,
655 : &data,
656 : &data_size, NULL, NULL);
657 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
658 : data_size;
659 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
660 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
661 : m_libspdm_use_asym_algo;
662 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
663 : m_libspdm_use_hash_algo;
664 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
665 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
666 : SPDM_NONCE_SIZE +
667 : 0 +
668 0 : sizeof(uint16_t) + 0 +
669 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
670 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
671 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
672 :
673 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
674 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
675 0 : spdm_response->header.param1 = 0;
676 0 : spdm_response->header.param2 = (1 << 0);
677 0 : Ptr = (void *)(spdm_response + 1);
678 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
679 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
680 : 0],
681 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
682 : 0],
683 : Ptr);
684 0 : free(data);
685 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
686 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
687 0 : Ptr += SPDM_NONCE_SIZE;
688 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
689 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
690 0 : *(uint16_t *)Ptr = 0;
691 0 : Ptr += sizeof(uint16_t);
692 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
693 : sizeof(m_libspdm_local_buffer) -
694 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
695 : m_libspdm_local_buffer),
696 : spdm_response,
697 0 : (size_t)Ptr - (size_t)spdm_response);
698 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
699 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
700 : m_libspdm_local_buffer_size, hash_data);
701 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
702 0 : libspdm_responder_data_sign(
703 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
704 : spdm_context,
705 : #endif
706 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
707 : SPDM_CHALLENGE_AUTH,
708 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
709 : false, m_libspdm_local_buffer,
710 : m_libspdm_local_buffer_size, Ptr, &sig_size);
711 0 : Ptr += sig_size;
712 :
713 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
714 : spdm_response, response_size, response);
715 : }
716 0 : return LIBSPDM_STATUS_SUCCESS;
717 :
718 1 : case 0xB: /*CHALLENGE_AUTH message smaller than a SPDM header*/
719 : {
720 : spdm_challenge_auth_response_t *spdm_response;
721 : size_t spdm_response_size;
722 : size_t transport_header_size;
723 :
724 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
725 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
726 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) - 1; /*smaller than standard message size*/
727 :
728 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
729 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
730 1 : spdm_response->header.param1 = 0;
731 1 : spdm_response->header.param2 = (1 << 0);
732 :
733 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
734 : spdm_response, response_size, response);
735 : }
736 1 : return LIBSPDM_STATUS_SUCCESS;
737 :
738 1 : case 0xC: /*CHALLENGE_AUTH message with wrong version (1.0)*/
739 : {
740 : spdm_challenge_auth_response_t *spdm_response;
741 : void *data;
742 : size_t data_size;
743 : uint8_t *Ptr;
744 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
745 : size_t sig_size;
746 : size_t spdm_response_size;
747 : size_t transport_header_size;
748 :
749 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
750 : m_libspdm_use_asym_algo,
751 : &data,
752 : &data_size, NULL, NULL);
753 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
754 : data_size;
755 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
756 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
757 : m_libspdm_use_asym_algo;
758 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
759 : m_libspdm_use_hash_algo;
760 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
761 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
762 1 : SPDM_NONCE_SIZE +
763 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
764 1 : sizeof(uint16_t) + 0 +
765 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
766 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
767 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
768 :
769 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10; /*wrong version*/
770 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
771 1 : spdm_response->header.param1 = 0;
772 1 : spdm_response->header.param2 = (1 << 0);
773 1 : Ptr = (void *)(spdm_response + 1);
774 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
775 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
776 : 0],
777 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
778 : 0],
779 : Ptr);
780 1 : free(data);
781 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
782 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
783 1 : Ptr += SPDM_NONCE_SIZE;
784 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
785 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
786 1 : *(uint16_t *)Ptr = 0;
787 1 : Ptr += sizeof(uint16_t);
788 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
789 : sizeof(m_libspdm_local_buffer) -
790 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
791 : m_libspdm_local_buffer),
792 : spdm_response,
793 1 : (size_t)Ptr - (size_t)spdm_response);
794 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
795 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
796 : m_libspdm_local_buffer_size, hash_data);
797 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
798 1 : libspdm_responder_data_sign(
799 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
800 : spdm_context,
801 : #endif
802 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
803 : SPDM_CHALLENGE_AUTH,
804 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
805 : false, m_libspdm_local_buffer,
806 : m_libspdm_local_buffer_size, Ptr, &sig_size);
807 1 : Ptr += sig_size;
808 :
809 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
810 : spdm_response, response_size, response);
811 : }
812 1 : return LIBSPDM_STATUS_SUCCESS;
813 :
814 1 : case 0xD: /*SPDM (mostly CHALLENGE_AUTH) message with wrong response code (0x83)*/
815 : {
816 : spdm_challenge_auth_response_t *spdm_response;
817 : void *data;
818 : size_t data_size;
819 : uint8_t *Ptr;
820 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
821 : size_t sig_size;
822 : size_t spdm_response_size;
823 : size_t transport_header_size;
824 :
825 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
826 : m_libspdm_use_asym_algo,
827 : &data,
828 : &data_size, NULL, NULL);
829 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
830 : data_size;
831 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
832 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
833 : m_libspdm_use_asym_algo;
834 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
835 : m_libspdm_use_hash_algo;
836 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
837 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
838 : SPDM_NONCE_SIZE +
839 : 0 +
840 1 : sizeof(uint16_t) + 0 +
841 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
842 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
843 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
844 :
845 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
846 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE; /*wrong response code*/
847 1 : spdm_response->header.param1 = 0;
848 1 : spdm_response->header.param2 = (1 << 0);
849 1 : Ptr = (void *)(spdm_response + 1);
850 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
851 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
852 : 0],
853 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
854 : 0],
855 : Ptr);
856 1 : free(data);
857 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
858 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
859 1 : Ptr += SPDM_NONCE_SIZE;
860 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
861 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
862 1 : *(uint16_t *)Ptr = 0;
863 1 : Ptr += sizeof(uint16_t);
864 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
865 : sizeof(m_libspdm_local_buffer) -
866 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
867 : m_libspdm_local_buffer),
868 : spdm_response,
869 1 : (size_t)Ptr - (size_t)spdm_response);
870 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
871 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
872 : m_libspdm_local_buffer_size, hash_data);
873 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
874 1 : libspdm_responder_data_sign(
875 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
876 : spdm_context,
877 : #endif
878 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
879 : SPDM_CHALLENGE_AUTH,
880 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
881 : false, m_libspdm_local_buffer,
882 : m_libspdm_local_buffer_size, Ptr, &sig_size);
883 1 : Ptr += sig_size;
884 :
885 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
886 : spdm_response, response_size, response);
887 : }
888 1 : return LIBSPDM_STATUS_SUCCESS;
889 :
890 1 : case 0xE: /*correct CHALLENGE_AUTH message with wrong slot number*/
891 : {
892 : spdm_challenge_auth_response_t *spdm_response;
893 : void *data;
894 : size_t data_size;
895 : uint8_t *Ptr;
896 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
897 : size_t sig_size;
898 : size_t spdm_response_size;
899 : size_t transport_header_size;
900 :
901 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
902 : m_libspdm_use_asym_algo,
903 : &data,
904 : &data_size, NULL, NULL);
905 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
906 : data_size;
907 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
908 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
909 : m_libspdm_use_asym_algo;
910 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
911 : m_libspdm_use_hash_algo;
912 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
913 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
914 : SPDM_NONCE_SIZE +
915 : 0 +
916 1 : sizeof(uint16_t) + 0 +
917 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
918 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
919 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
920 :
921 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
922 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
923 1 : spdm_response->header.param1 = 1;
924 1 : spdm_response->header.param2 = (1 << 1); /*wrong slot number*/
925 1 : Ptr = (void *)(spdm_response + 1);
926 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
927 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
928 : 0],
929 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
930 : 0],
931 : Ptr);
932 1 : free(data);
933 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
934 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
935 1 : Ptr += SPDM_NONCE_SIZE;
936 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
937 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
938 1 : *(uint16_t *)Ptr = 0;
939 1 : Ptr += sizeof(uint16_t);
940 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
941 : sizeof(m_libspdm_local_buffer) -
942 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
943 : m_libspdm_local_buffer),
944 : spdm_response,
945 1 : (size_t)Ptr - (size_t)spdm_response);
946 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
947 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
948 : m_libspdm_local_buffer_size, hash_data);
949 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
950 1 : libspdm_responder_data_sign(
951 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
952 : spdm_context,
953 : #endif
954 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
955 : SPDM_CHALLENGE_AUTH,
956 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
957 : false, m_libspdm_local_buffer,
958 : m_libspdm_local_buffer_size, Ptr, &sig_size);
959 1 : Ptr += sig_size;
960 :
961 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
962 : spdm_response, response_size, response);
963 : }
964 1 : return LIBSPDM_STATUS_SUCCESS;
965 :
966 0 : case 0xF: /*CHALLENGE_AUTH message with slot number overflow*/
967 : {
968 : spdm_challenge_auth_response_t *spdm_response;
969 : void *data;
970 : size_t data_size;
971 : uint8_t *Ptr;
972 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
973 : size_t sig_size;
974 : size_t spdm_response_size;
975 : size_t transport_header_size;
976 :
977 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
978 : m_libspdm_use_asym_algo,
979 : &data,
980 : &data_size, NULL, NULL);
981 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
982 : data_size;
983 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
984 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
985 : m_libspdm_use_asym_algo;
986 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
987 : m_libspdm_use_hash_algo;
988 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
989 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
990 : SPDM_NONCE_SIZE +
991 : 0 +
992 0 : sizeof(uint16_t) + 0 +
993 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
994 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
995 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
996 :
997 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
998 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
999 0 : spdm_response->header.param1 = 8; /*slot number overflow*/
1000 0 : spdm_response->header.param2 = (1 << 0);
1001 0 : Ptr = (void *)(spdm_response + 1);
1002 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
1003 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1004 : 0],
1005 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1006 : 0],
1007 : Ptr);
1008 0 : free(data);
1009 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1010 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1011 0 : Ptr += SPDM_NONCE_SIZE;
1012 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1013 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1014 0 : *(uint16_t *)Ptr = 0;
1015 0 : Ptr += sizeof(uint16_t);
1016 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1017 : sizeof(m_libspdm_local_buffer) -
1018 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1019 : m_libspdm_local_buffer),
1020 : spdm_response,
1021 0 : (size_t)Ptr - (size_t)spdm_response);
1022 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1023 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1024 : m_libspdm_local_buffer_size, hash_data);
1025 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1026 0 : libspdm_responder_data_sign(
1027 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1028 : spdm_context,
1029 : #endif
1030 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1031 : SPDM_CHALLENGE_AUTH,
1032 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1033 : false, m_libspdm_local_buffer,
1034 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1035 0 : Ptr += sig_size;
1036 :
1037 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1038 : spdm_response, response_size, response);
1039 : }
1040 0 : return LIBSPDM_STATUS_SUCCESS;
1041 :
1042 1 : case 0x10: /*correct CHALLENGE_AUTH message with "libspdm" opaque data*/
1043 : {
1044 : spdm_challenge_auth_response_t *spdm_response;
1045 : void *data;
1046 : size_t data_size;
1047 : uint8_t *Ptr;
1048 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1049 : size_t sig_size;
1050 : size_t spdm_response_size;
1051 : size_t transport_header_size;
1052 :
1053 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1054 : m_libspdm_use_asym_algo,
1055 : &data,
1056 : &data_size, NULL, NULL);
1057 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1058 : data_size;
1059 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1060 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1061 : m_libspdm_use_asym_algo;
1062 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1063 : m_libspdm_use_hash_algo;
1064 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1065 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1066 : SPDM_NONCE_SIZE +
1067 : 0 +
1068 1 : sizeof(uint16_t) + 8 +
1069 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1070 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1071 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1072 :
1073 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1074 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1075 1 : spdm_response->header.param1 = 0;
1076 1 : spdm_response->header.param2 = (1 << 0);
1077 1 : Ptr = (void *)(spdm_response + 1);
1078 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1079 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1080 : 0],
1081 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1082 : 0],
1083 : Ptr);
1084 1 : free(data);
1085 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1086 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1087 1 : Ptr += SPDM_NONCE_SIZE;
1088 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1089 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1090 1 : *(uint16_t *)Ptr = (uint16_t)strlen("libspdm");
1091 1 : Ptr += sizeof(uint16_t);
1092 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr, "libspdm",
1093 : strlen("libspdm"));
1094 1 : Ptr += strlen("libspdm");
1095 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1096 : sizeof(m_libspdm_local_buffer) -
1097 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1098 : m_libspdm_local_buffer),
1099 : spdm_response,
1100 1 : (size_t)Ptr - (size_t)spdm_response);
1101 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1102 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1103 : m_libspdm_local_buffer_size, hash_data);
1104 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1105 1 : libspdm_responder_data_sign(
1106 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1107 : spdm_context,
1108 : #endif
1109 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1110 : SPDM_CHALLENGE_AUTH,
1111 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1112 : false, m_libspdm_local_buffer,
1113 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1114 1 : Ptr += sig_size;
1115 :
1116 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1117 : spdm_response, response_size, response);
1118 : }
1119 1 : return LIBSPDM_STATUS_SUCCESS;
1120 :
1121 1 : case 0x11: /*correct CHALLENGE_AUTH message with invalid signature*/
1122 : {
1123 : spdm_challenge_auth_response_t *spdm_response;
1124 : void *data;
1125 : size_t data_size;
1126 : uint8_t *Ptr;
1127 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1128 : size_t sig_size;
1129 : size_t spdm_response_size;
1130 : size_t transport_header_size;
1131 :
1132 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1133 : m_libspdm_use_asym_algo,
1134 : &data,
1135 : &data_size, NULL, NULL);
1136 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1137 : data_size;
1138 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1139 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1140 : m_libspdm_use_asym_algo;
1141 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1142 : m_libspdm_use_hash_algo;
1143 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1144 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1145 : SPDM_NONCE_SIZE +
1146 : 0 +
1147 1 : sizeof(uint16_t) + 0 +
1148 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1149 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1150 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1151 :
1152 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1153 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1154 1 : spdm_response->header.param1 = 0;
1155 1 : spdm_response->header.param2 = (1 << 0);
1156 1 : Ptr = (void *)(spdm_response + 1);
1157 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1158 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1159 : 0],
1160 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1161 : 0],
1162 : Ptr);
1163 1 : free(data);
1164 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1165 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1166 1 : Ptr += SPDM_NONCE_SIZE;
1167 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1168 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1169 1 : *(uint16_t *)Ptr = 0;
1170 1 : Ptr += sizeof(uint16_t);
1171 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1172 : sizeof(m_libspdm_local_buffer) -
1173 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1174 : m_libspdm_local_buffer),
1175 : spdm_response,
1176 1 : (size_t)Ptr - (size_t)spdm_response);
1177 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1178 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1179 : m_libspdm_local_buffer_size, hash_data);
1180 1 : libspdm_hash_all (m_libspdm_use_hash_algo, hash_data, libspdm_get_hash_size (
1181 : m_libspdm_use_hash_algo), hash_data);
1182 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1183 1 : libspdm_responder_data_sign(
1184 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1185 : spdm_context,
1186 : #endif
1187 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1188 : SPDM_CHALLENGE_AUTH,
1189 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1190 1 : false, hash_data, libspdm_get_hash_size (
1191 : m_libspdm_use_hash_algo), Ptr, &sig_size);
1192 1 : Ptr += sig_size;
1193 :
1194 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1195 : spdm_response, response_size, response);
1196 : }
1197 1 : return LIBSPDM_STATUS_SUCCESS;
1198 :
1199 2 : case 0x12: /*correct CHALLENGE_AUTH message*/
1200 : case 0x13: /*correct CHALLENGE_AUTH message*/
1201 : {
1202 : spdm_challenge_auth_response_t *spdm_response;
1203 : void *data;
1204 : size_t data_size;
1205 : uint8_t *Ptr;
1206 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1207 : size_t sig_size;
1208 : size_t spdm_response_size;
1209 : size_t transport_header_size;
1210 :
1211 2 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1212 : m_libspdm_use_asym_algo,
1213 : &data,
1214 : &data_size, NULL, NULL);
1215 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1216 : data_size;
1217 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1218 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1219 : m_libspdm_use_asym_algo;
1220 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1221 : m_libspdm_use_hash_algo;
1222 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1223 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1224 2 : SPDM_NONCE_SIZE +
1225 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1226 2 : sizeof(uint16_t) + 0 +
1227 2 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1228 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1229 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1230 :
1231 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1232 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1233 2 : spdm_response->header.param1 = 0;
1234 2 : spdm_response->header.param2 = (1 << 0);
1235 2 : Ptr = (void *)(spdm_response + 1);
1236 2 : libspdm_hash_all (m_libspdm_use_hash_algo,
1237 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1238 : 0],
1239 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1240 : 0],
1241 : Ptr);
1242 2 : free(data);
1243 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1244 2 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1245 2 : Ptr += SPDM_NONCE_SIZE;
1246 2 : libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1247 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1248 2 : *(uint16_t *)Ptr = 0;
1249 2 : Ptr += sizeof(uint16_t);
1250 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1251 : sizeof(m_libspdm_local_buffer) -
1252 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1253 : m_libspdm_local_buffer),
1254 : spdm_response,
1255 2 : (size_t)Ptr - (size_t)spdm_response);
1256 2 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1257 2 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1258 : m_libspdm_local_buffer_size, hash_data);
1259 2 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1260 2 : libspdm_responder_data_sign(
1261 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1262 : spdm_context,
1263 : #endif
1264 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1265 : SPDM_CHALLENGE_AUTH,
1266 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1267 : false, m_libspdm_local_buffer,
1268 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1269 2 : Ptr += sig_size;
1270 :
1271 2 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1272 : spdm_response, response_size, response);
1273 : }
1274 2 : return LIBSPDM_STATUS_SUCCESS;
1275 :
1276 18 : case 0x14:
1277 : {
1278 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1279 :
1280 : spdm_error_response_t *spdm_response;
1281 : size_t spdm_response_size;
1282 : size_t transport_header_size;
1283 :
1284 18 : if(error_code <= 0xff) {
1285 18 : spdm_response_size = sizeof(spdm_error_response_t);
1286 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1287 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1288 :
1289 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1290 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1291 18 : spdm_response->header.param1 = (uint8_t) error_code;
1292 18 : spdm_response->header.param2 = 0;
1293 :
1294 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1295 : spdm_response_size, spdm_response,
1296 : response_size, response);
1297 : }
1298 :
1299 18 : error_code++;
1300 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1301 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1302 : }
1303 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
1304 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1305 : }
1306 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
1307 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1308 : }
1309 : }
1310 18 : return LIBSPDM_STATUS_SUCCESS;
1311 :
1312 0 : case 0x15: /*correct CHALLENGE_AUTH message with multiple slot numbers */
1313 : {
1314 : spdm_challenge_auth_response_t *spdm_response;
1315 : void *data;
1316 : size_t data_size;
1317 : uint8_t *ptr;
1318 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1319 : size_t sig_size;
1320 : size_t spdm_response_size;
1321 : size_t transport_header_size;
1322 :
1323 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1324 : m_libspdm_use_asym_algo,
1325 : &data,
1326 : &data_size, NULL, NULL);
1327 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1328 : data_size;
1329 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1330 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1331 : m_libspdm_use_asym_algo;
1332 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1333 : m_libspdm_use_hash_algo;
1334 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1335 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1336 : SPDM_NONCE_SIZE +
1337 : 0 +
1338 0 : sizeof(uint16_t) + 0 +
1339 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1340 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1341 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1342 :
1343 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1344 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1345 0 : spdm_response->header.param1 = 0;
1346 0 : spdm_response->header.param2 = 0x71; /*multiple slot numbers */
1347 0 : ptr = (void *)(spdm_response + 1);
1348 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
1349 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1350 : 0],
1351 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1352 : 0],
1353 : ptr);
1354 0 : free(data);
1355 0 : ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1356 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, ptr);
1357 0 : ptr += SPDM_NONCE_SIZE;
1358 0 : *(uint16_t *)ptr = 0;
1359 0 : ptr += sizeof(uint16_t);
1360 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1361 : sizeof(m_libspdm_local_buffer) -
1362 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1363 : m_libspdm_local_buffer),
1364 : spdm_response,
1365 0 : (size_t)ptr - (size_t)spdm_response);
1366 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1367 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1368 : m_libspdm_local_buffer_size, hash_data);
1369 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1370 0 : libspdm_responder_data_sign(
1371 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1372 : spdm_context,
1373 : #endif
1374 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1375 : SPDM_CHALLENGE_AUTH,
1376 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1377 : false, m_libspdm_local_buffer,
1378 : m_libspdm_local_buffer_size, ptr, &sig_size);
1379 0 : ptr += sig_size;
1380 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1381 : spdm_response, response_size, response);
1382 : }
1383 0 : return LIBSPDM_STATUS_SUCCESS;
1384 :
1385 1 : case 0x16: { /*correct CHALLENGE_AUTH message*/
1386 : spdm_challenge_auth_response_t *spdm_response;
1387 : void *data;
1388 : size_t data_size;
1389 : uint8_t *ptr;
1390 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1391 : size_t sig_size;
1392 : size_t spdm_response_size;
1393 : size_t transport_header_size;
1394 :
1395 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1396 : m_libspdm_use_asym_algo,
1397 : &data,
1398 : &data_size, NULL, NULL);
1399 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1400 : data_size;
1401 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1402 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1403 : m_libspdm_use_asym_algo;
1404 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1405 : m_libspdm_use_hash_algo;
1406 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1407 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1408 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1409 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1410 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1411 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1412 :
1413 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1414 1 : spdm_response->header.request_response_code =SPDM_CHALLENGE_AUTH;
1415 1 : spdm_response->header.param1 = 0;
1416 1 : spdm_response->header.param2 = (1 << 0);
1417 1 : ptr = (void *)(spdm_response + 1);
1418 1 : libspdm_hash_all(m_libspdm_use_hash_algo,
1419 : ((libspdm_context_t *)spdm_context)
1420 : ->local_context.local_cert_chain_provision[0],
1421 : ((libspdm_context_t *)spdm_context)
1422 : ->local_context.local_cert_chain_provision_size[0],
1423 : ptr);
1424 1 : free(data);
1425 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1426 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1427 1 : ptr += SPDM_NONCE_SIZE;
1428 : /* libspdm_zero_mem (ptr, spdm_get_hash_size (m_libspdm_use_hash_algo));
1429 : * ptr += spdm_get_hash_size (m_libspdm_use_hash_algo);*/
1430 1 : *(uint16_t *)ptr = 0;
1431 1 : ptr += sizeof(uint16_t);
1432 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1433 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1434 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1435 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1436 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
1437 : m_libspdm_local_buffer_size));
1438 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1439 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1440 : m_libspdm_local_buffer_size, hash_data);
1441 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1442 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1443 1 : libspdm_dump_hex(hash_data, libspdm_get_hash_size(m_libspdm_use_hash_algo));
1444 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1445 1 : libspdm_responder_data_sign(
1446 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1447 : spdm_context,
1448 : #endif
1449 1 : spdm_response->header.spdm_version <<
1450 : SPDM_VERSION_NUMBER_SHIFT_BIT,
1451 : SPDM_CHALLENGE_AUTH,
1452 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1453 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1454 : ptr, &sig_size);
1455 1 : ptr += sig_size;
1456 :
1457 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1458 : false, spdm_response_size,
1459 : spdm_response, response_size,
1460 : response);
1461 : }
1462 1 : return LIBSPDM_STATUS_SUCCESS;
1463 :
1464 2 : case 0x17: { /*correct CHALLENGE_AUTH message*/
1465 : spdm_challenge_auth_response_t *spdm_response;
1466 : void *data;
1467 : size_t data_size;
1468 : uint8_t *ptr;
1469 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1470 : size_t sig_size;
1471 : size_t spdm_response_size;
1472 : size_t transport_header_size;
1473 : static uint8_t slot_id = 0;
1474 :
1475 2 : if (slot_id == 0) {
1476 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1477 : m_libspdm_use_asym_algo, &data,
1478 : &data_size, NULL, NULL);
1479 : } else {
1480 1 : libspdm_read_responder_public_certificate_chain_per_slot(1,
1481 : m_libspdm_use_hash_algo,
1482 : m_libspdm_use_asym_algo, &data,
1483 : &data_size, NULL, NULL);
1484 : }
1485 : ((libspdm_context_t *)spdm_context)
1486 2 : ->local_context.local_cert_chain_provision_size[slot_id] =
1487 : data_size;
1488 : ((libspdm_context_t *)spdm_context)
1489 2 : ->local_context.local_cert_chain_provision[slot_id] = data;
1490 : ((libspdm_context_t *)spdm_context)
1491 2 : ->connection_info.algorithm.base_asym_algo =
1492 : m_libspdm_use_asym_algo;
1493 : ((libspdm_context_t *)spdm_context)
1494 2 : ->connection_info.algorithm.base_hash_algo =
1495 : m_libspdm_use_hash_algo;
1496 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1497 2 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1498 2 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1499 2 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1500 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1501 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1502 :
1503 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1504 2 : spdm_response->header.request_response_code =
1505 : SPDM_CHALLENGE_AUTH;
1506 2 : spdm_response->header.param1 = slot_id & 0xF;
1507 2 : spdm_response->header.param2 = (1 << slot_id);
1508 2 : ptr = (void *)(spdm_response + 1);
1509 2 : libspdm_hash_all(
1510 : m_libspdm_use_hash_algo,
1511 : ((libspdm_context_t *)spdm_context)
1512 : ->local_context.local_cert_chain_provision[slot_id],
1513 : ((libspdm_context_t *)spdm_context)
1514 : ->local_context
1515 : .local_cert_chain_provision_size[slot_id],
1516 : ptr);
1517 2 : free(data);
1518 2 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1519 2 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1520 2 : ptr += SPDM_NONCE_SIZE;
1521 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1522 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1523 2 : *(uint16_t *)ptr = 0;
1524 2 : ptr += sizeof(uint16_t);
1525 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1526 : sizeof(m_libspdm_local_buffer) -
1527 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1528 : m_libspdm_local_buffer),
1529 2 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1530 2 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1531 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1532 : m_libspdm_local_buffer_size));
1533 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1534 2 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1535 : m_libspdm_local_buffer_size, hash_data);
1536 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1537 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1538 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1539 2 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1540 2 : libspdm_responder_data_sign(
1541 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1542 : spdm_context,
1543 : #endif
1544 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1545 : SPDM_CHALLENGE_AUTH,
1546 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1547 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1548 : ptr, &sig_size);
1549 2 : ptr += sig_size;
1550 :
1551 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1552 : false, spdm_response_size,
1553 : spdm_response, response_size,
1554 : response);
1555 2 : slot_id++;
1556 : }
1557 2 : return LIBSPDM_STATUS_SUCCESS;
1558 :
1559 1 : case 0x18: { /* correct CHALLENGE_AUTH message using slot 0xFF */
1560 : spdm_challenge_auth_response_t *spdm_response;
1561 : void *data;
1562 : size_t data_size;
1563 : uint8_t *ptr;
1564 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1565 : size_t sig_size;
1566 : size_t spdm_response_size;
1567 : size_t transport_header_size;
1568 :
1569 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1570 : ((libspdm_context_t *)spdm_context)
1571 1 : ->local_context.local_public_key_provision_size = data_size;
1572 : ((libspdm_context_t *)spdm_context)
1573 1 : ->local_context.local_public_key_provision = data;
1574 : ((libspdm_context_t *)spdm_context)
1575 1 : ->connection_info.algorithm.base_asym_algo =
1576 : m_libspdm_use_asym_algo;
1577 : ((libspdm_context_t *)spdm_context)
1578 1 : ->connection_info.algorithm.base_hash_algo =
1579 : m_libspdm_use_hash_algo;
1580 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1581 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1582 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1583 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1584 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1585 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1586 :
1587 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1588 1 : spdm_response->header.request_response_code =
1589 : SPDM_CHALLENGE_AUTH;
1590 1 : spdm_response->header.param1 = 0x0F;
1591 1 : spdm_response->header.param2 = 0;
1592 1 : ptr = (void *)(spdm_response + 1);
1593 1 : libspdm_hash_all(
1594 : m_libspdm_use_hash_algo,
1595 : ((libspdm_context_t *)spdm_context)
1596 : ->local_context.local_public_key_provision,
1597 : ((libspdm_context_t *)spdm_context)
1598 : ->local_context
1599 : .local_public_key_provision_size,
1600 : ptr);
1601 1 : free(data);
1602 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1603 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1604 1 : ptr += SPDM_NONCE_SIZE;
1605 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1606 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1607 1 : *(uint16_t *)ptr = 0;
1608 1 : ptr += sizeof(uint16_t);
1609 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1610 : sizeof(m_libspdm_local_buffer) -
1611 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1612 : m_libspdm_local_buffer),
1613 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1614 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1615 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1616 : m_libspdm_local_buffer_size));
1617 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1618 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1619 : m_libspdm_local_buffer_size, hash_data);
1620 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1621 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1622 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1623 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1624 1 : libspdm_responder_data_sign(
1625 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1626 : spdm_context,
1627 : #endif
1628 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1629 : SPDM_CHALLENGE_AUTH,
1630 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1631 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1632 : ptr, &sig_size);
1633 1 : ptr += sig_size;
1634 :
1635 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1636 : false, spdm_response_size,
1637 : spdm_response, response_size,
1638 : response);
1639 : }
1640 1 : return LIBSPDM_STATUS_SUCCESS;
1641 :
1642 1 : case 0x19: /*CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed*/
1643 : {
1644 : spdm_challenge_auth_response_t *spdm_response;
1645 : void *data;
1646 : size_t data_size;
1647 : uint8_t *Ptr;
1648 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1649 : size_t sig_size;
1650 : size_t spdm_response_size;
1651 : size_t transport_header_size;
1652 : uint16_t opaque_length;
1653 1 : opaque_length = SPDM_MAX_OPAQUE_DATA_SIZE + 1; /*opaque_length greater than the maximum allowed*/
1654 :
1655 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1656 : m_libspdm_use_asym_algo,
1657 : &data,
1658 : &data_size, NULL, NULL);
1659 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1660 : data_size;
1661 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1662 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1663 : m_libspdm_use_asym_algo;
1664 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1665 : m_libspdm_use_hash_algo;
1666 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1667 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1668 : SPDM_NONCE_SIZE +
1669 : 0 +
1670 1 : sizeof(uint16_t) +
1671 1 : opaque_length +
1672 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1673 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1674 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1675 :
1676 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1677 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1678 1 : spdm_response->header.param1 = 0;
1679 1 : spdm_response->header.param2 = (1 << 0);
1680 1 : Ptr = (void *)(spdm_response + 1);
1681 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1682 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1683 : 0],
1684 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1685 : 0],
1686 : Ptr);
1687 1 : free(data);
1688 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1689 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1690 1 : Ptr += SPDM_NONCE_SIZE;
1691 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1692 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1693 1 : *(uint16_t *)Ptr = opaque_length;
1694 1 : Ptr += sizeof(uint16_t);
1695 1 : libspdm_set_mem(Ptr, opaque_length, 255);
1696 1 : Ptr += opaque_length;
1697 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1698 : sizeof(m_libspdm_local_buffer) -
1699 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1700 : m_libspdm_local_buffer),
1701 : spdm_response,
1702 1 : (size_t)Ptr - (size_t)spdm_response);
1703 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1704 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1705 : m_libspdm_local_buffer_size, hash_data);
1706 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1707 1 : libspdm_responder_data_sign(
1708 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1709 : spdm_context,
1710 : #endif
1711 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1712 : SPDM_CHALLENGE_AUTH,
1713 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1714 : false, m_libspdm_local_buffer,
1715 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1716 1 : Ptr += sig_size;
1717 :
1718 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1719 : spdm_response, response_size, response);
1720 : }
1721 1 : return LIBSPDM_STATUS_SUCCESS;
1722 :
1723 1 : case 0x1A:
1724 : {
1725 : spdm_challenge_auth_response_t *spdm_response;
1726 : spdm_general_opaque_data_table_header_t
1727 : *spdm_general_opaque_data_table_header;
1728 : opaque_element_table_header_t
1729 : *opaque_element_table_header;
1730 : void *data;
1731 : size_t data_size;
1732 : uint8_t *Ptr;
1733 : size_t sig_size;
1734 : size_t spdm_response_size;
1735 : size_t transport_header_size;
1736 : uint8_t element_num;
1737 : uint8_t element_index;
1738 : size_t current_element_len;
1739 : uint16_t opaque_element_data_len;
1740 :
1741 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1742 : m_libspdm_use_asym_algo,
1743 : &data,
1744 : &data_size, NULL, NULL);
1745 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1746 : data_size;
1747 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1748 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1749 : m_libspdm_use_asym_algo;
1750 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1751 : m_libspdm_use_hash_algo;
1752 :
1753 :
1754 1 : spdm_general_opaque_data_table_header = (void *)m_libspdm_opaque_data;
1755 1 : spdm_general_opaque_data_table_header->total_elements = 4;
1756 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1757 :
1758 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1759 1 : m_libspdm_opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1760 :
1761 5 : for (element_index = 0; element_index < element_num; element_index++) {
1762 4 : opaque_element_table_header->id = SPDM_REGISTRY_ID_MAX;
1763 4 : opaque_element_table_header->vendor_len = 0;
1764 4 : opaque_element_data_len = (uint16_t)strlen("libspdm");
1765 :
1766 4 : Ptr = (void *)(opaque_element_table_header + 1);
1767 4 : Ptr += opaque_element_table_header->vendor_len;
1768 :
1769 4 : libspdm_copy_mem((uint16_t *)Ptr,
1770 : sizeof(opaque_element_data_len),
1771 : &opaque_element_data_len,
1772 : sizeof(opaque_element_data_len));
1773 :
1774 4 : libspdm_copy_mem(Ptr + sizeof(opaque_element_data_len),
1775 : SPDM_MAX_OPAQUE_DATA_SIZE -
1776 : sizeof(opaque_element_table_header_t), "libspdm",
1777 : strlen("libspdm"));
1778 :
1779 4 : current_element_len = sizeof(opaque_element_table_header_t) +
1780 4 : opaque_element_table_header->vendor_len +
1781 4 : sizeof(opaque_element_data_len) +
1782 : opaque_element_data_len;
1783 4 : current_element_len = (current_element_len + 3) & ~3;
1784 :
1785 : /*move to next element*/
1786 4 : opaque_element_table_header =
1787 : (opaque_element_table_header_t *)
1788 : ((uint8_t *)opaque_element_table_header +
1789 : current_element_len);
1790 :
1791 4 : m_libspdm_opaque_data_size += current_element_len;
1792 : }
1793 :
1794 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1795 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1796 : SPDM_NONCE_SIZE +
1797 : 0 +
1798 2 : sizeof(uint16_t) + m_libspdm_opaque_data_size +
1799 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1800 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1801 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1802 :
1803 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
1804 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1805 1 : spdm_response->header.param1 = 0;
1806 1 : spdm_response->header.param2 = (1 << 0);
1807 1 : Ptr = (void *)(spdm_response + 1);
1808 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1809 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1810 : 0],
1811 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1812 : 0],
1813 : Ptr);
1814 1 : free(data);
1815 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1816 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1817 1 : Ptr += SPDM_NONCE_SIZE;
1818 1 : *(uint16_t *)Ptr = (uint16_t)m_libspdm_opaque_data_size;
1819 1 : Ptr += sizeof(uint16_t);
1820 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr,
1821 : m_libspdm_opaque_data,
1822 : m_libspdm_opaque_data_size);
1823 1 : Ptr += m_libspdm_opaque_data_size;
1824 :
1825 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1826 : sizeof(m_libspdm_local_buffer) -
1827 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1828 : m_libspdm_local_buffer),
1829 : spdm_response,
1830 1 : (size_t)Ptr - (size_t)spdm_response);
1831 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1832 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1833 1 : libspdm_responder_data_sign(
1834 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1835 : spdm_context,
1836 : #endif
1837 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1838 : SPDM_CHALLENGE_AUTH,
1839 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1840 : false, m_libspdm_local_buffer,
1841 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1842 1 : Ptr += sig_size;
1843 :
1844 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1845 : spdm_response, response_size, response);
1846 : }
1847 1 : return LIBSPDM_STATUS_SUCCESS;
1848 1 : case 0x1B: {
1849 : spdm_challenge_auth_response_t *spdm_response;
1850 : void *data;
1851 : size_t data_size;
1852 : uint8_t *ptr;
1853 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1854 : size_t sig_size;
1855 : size_t spdm_response_size;
1856 : size_t transport_header_size;
1857 1 : uint8_t slot_id = 0;
1858 :
1859 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1860 : m_libspdm_use_asym_algo, &data,
1861 : &data_size, NULL, NULL);
1862 : ((libspdm_context_t *)spdm_context)
1863 1 : ->local_context.local_cert_chain_provision_size[0] =
1864 : data_size;
1865 : ((libspdm_context_t *)spdm_context)
1866 1 : ->local_context.local_cert_chain_provision[0] = data;
1867 : ((libspdm_context_t *)spdm_context)
1868 1 : ->connection_info.algorithm.base_asym_algo =
1869 : m_libspdm_use_asym_algo;
1870 : ((libspdm_context_t *)spdm_context)
1871 1 : ->connection_info.algorithm.base_hash_algo =
1872 : m_libspdm_use_hash_algo;
1873 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1874 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1875 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1876 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1877 : SPDM_REQ_CONTEXT_SIZE;
1878 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1879 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1880 :
1881 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1882 1 : spdm_response->header.request_response_code =
1883 : SPDM_CHALLENGE_AUTH;
1884 1 : spdm_response->header.param1 = slot_id;
1885 1 : spdm_response->header.param2 = (1 << slot_id);
1886 1 : ptr = (void *)(spdm_response + 1);
1887 1 : libspdm_hash_all(
1888 : m_libspdm_use_hash_algo,
1889 : ((libspdm_context_t *)spdm_context)
1890 : ->local_context.local_cert_chain_provision[slot_id],
1891 : ((libspdm_context_t *)spdm_context)
1892 : ->local_context
1893 : .local_cert_chain_provision_size[slot_id],
1894 : ptr);
1895 1 : free(data);
1896 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1897 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1898 1 : ptr += SPDM_NONCE_SIZE;
1899 1 : *(uint16_t *)ptr = 0;
1900 1 : ptr += sizeof(uint16_t);
1901 1 : libspdm_copy_mem(ptr, SPDM_REQ_CONTEXT_SIZE, m_requester_context, SPDM_REQ_CONTEXT_SIZE);
1902 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1903 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1904 : sizeof(m_libspdm_local_buffer) -
1905 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1906 : m_libspdm_local_buffer),
1907 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1908 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1909 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1910 : m_libspdm_local_buffer_size));
1911 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1912 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1913 : m_libspdm_local_buffer_size, hash_data);
1914 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1915 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1916 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1917 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1918 1 : libspdm_responder_data_sign(
1919 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
1920 : spdm_context,
1921 : #endif
1922 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1923 : SPDM_CHALLENGE_AUTH,
1924 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1925 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1926 : ptr, &sig_size);
1927 1 : ptr += sig_size;
1928 :
1929 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1930 : false, spdm_response_size,
1931 : spdm_response, response_size,
1932 : response);
1933 : }
1934 1 : return LIBSPDM_STATUS_SUCCESS;
1935 1 : case 0x1C: {
1936 : spdm_challenge_auth_response_t *spdm_response;
1937 : void *data;
1938 : size_t data_size;
1939 : uint8_t *ptr;
1940 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1941 : size_t sig_size;
1942 : size_t spdm_response_size;
1943 : size_t transport_header_size;
1944 1 : uint8_t slot_id = 0;
1945 :
1946 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1947 : m_libspdm_use_asym_algo, &data,
1948 : &data_size, NULL, NULL);
1949 : ((libspdm_context_t *)spdm_context)
1950 1 : ->local_context.local_cert_chain_provision_size[0] =
1951 : data_size;
1952 : ((libspdm_context_t *)spdm_context)
1953 1 : ->local_context.local_cert_chain_provision[0] = data;
1954 : ((libspdm_context_t *)spdm_context)
1955 1 : ->connection_info.algorithm.base_asym_algo =
1956 : m_libspdm_use_asym_algo;
1957 : ((libspdm_context_t *)spdm_context)
1958 1 : ->connection_info.algorithm.base_hash_algo =
1959 : m_libspdm_use_hash_algo;
1960 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1961 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1962 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1963 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1964 : SPDM_REQ_CONTEXT_SIZE;
1965 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1966 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1967 :
1968 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1969 1 : spdm_response->header.request_response_code =
1970 : SPDM_CHALLENGE_AUTH;
1971 1 : spdm_response->header.param1 = slot_id;
1972 1 : spdm_response->header.param2 = (1 << slot_id);
1973 1 : ptr = (void *)(spdm_response + 1);
1974 1 : libspdm_hash_all(
1975 : m_libspdm_use_hash_algo,
1976 : ((libspdm_context_t *)spdm_context)
1977 : ->local_context.local_cert_chain_provision[slot_id],
1978 : ((libspdm_context_t *)spdm_context)
1979 : ->local_context
1980 : .local_cert_chain_provision_size[slot_id],
1981 : ptr);
1982 1 : free(data);
1983 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1984 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1985 1 : ptr += SPDM_NONCE_SIZE;
1986 1 : *(uint16_t *)ptr = 0;
1987 1 : ptr += sizeof(uint16_t);
1988 1 : libspdm_get_random_number(SPDM_REQ_CONTEXT_SIZE,ptr);
1989 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1990 :
1991 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1992 : sizeof(m_libspdm_local_buffer) -
1993 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1994 : m_libspdm_local_buffer),
1995 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1996 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1997 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1998 : m_libspdm_local_buffer_size));
1999 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2000 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
2001 : m_libspdm_local_buffer_size, hash_data);
2002 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
2003 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
2004 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2005 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2006 1 : libspdm_responder_data_sign(
2007 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
2008 : spdm_context,
2009 : #endif
2010 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2011 : SPDM_CHALLENGE_AUTH,
2012 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2013 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
2014 : ptr, &sig_size);
2015 1 : ptr += sig_size;
2016 :
2017 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2018 : false, spdm_response_size,
2019 : spdm_response, response_size,
2020 : response);
2021 : }
2022 1 : return LIBSPDM_STATUS_SUCCESS;
2023 0 : default:
2024 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2025 : }
2026 : }
2027 :
2028 : /**
2029 : * Test 1: when no CHALLENGE_AUTH message is received, and the client returns a
2030 : * device error.
2031 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2032 : **/
2033 1 : void libspdm_test_requester_challenge_case1(void **state)
2034 : {
2035 : libspdm_return_t status;
2036 : libspdm_test_context_t *spdm_test_context;
2037 : libspdm_context_t *spdm_context;
2038 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2039 : void *data;
2040 : size_t data_size;
2041 : void *hash;
2042 : size_t hash_size;
2043 :
2044 1 : spdm_test_context = *state;
2045 1 : spdm_context = spdm_test_context->spdm_context;
2046 1 : spdm_test_context->case_id = 0x1;
2047 1 : spdm_context->connection_info.connection_state =
2048 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2049 1 : spdm_context->connection_info.capability.flags = 0;
2050 1 : spdm_context->connection_info.capability.flags |=
2051 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2052 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2053 : m_libspdm_use_asym_algo, &data,
2054 : &data_size, &hash, &hash_size);
2055 1 : libspdm_reset_message_a(spdm_context);
2056 1 : libspdm_reset_message_b(spdm_context);
2057 1 : libspdm_reset_message_c(spdm_context);
2058 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2059 : m_libspdm_use_hash_algo;
2060 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2061 : m_libspdm_use_asym_algo;
2062 :
2063 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2064 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2065 :
2066 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2067 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2068 : data_size;
2069 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2070 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2071 : data, data_size);
2072 : #else
2073 1 : libspdm_hash_all(
2074 : spdm_context->connection_info.algorithm.base_hash_algo,
2075 : data, data_size,
2076 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2077 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2078 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2079 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2080 : spdm_context->connection_info.algorithm.base_hash_algo,
2081 : spdm_context->connection_info.algorithm.base_asym_algo,
2082 : data, data_size,
2083 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2084 : #endif
2085 :
2086 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2087 1 : status = libspdm_challenge(
2088 : spdm_context, NULL, 0,
2089 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2090 : measurement_hash, NULL);
2091 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
2092 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2093 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2094 : #endif
2095 1 : free(data);
2096 1 : }
2097 :
2098 : /**
2099 : * Test 2: the requester is setup correctly to send a CHALLENGE message:
2100 : * - it has flags indicating that the previous messages were sent
2101 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2102 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2103 : * signature algorithms, and the use of challenges.
2104 : * - it has the responder's certificate chain.
2105 : * The CHALLENGE message requests usage of the first certificate in the chain
2106 : * (param1=0) and do not request measurements (param2=0).
2107 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2108 : * no opaque data and a signature on the sent nonce.
2109 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2110 : **/
2111 1 : void libspdm_test_requester_challenge_case2(void **state)
2112 : {
2113 : libspdm_return_t status;
2114 : libspdm_test_context_t *spdm_test_context;
2115 : libspdm_context_t *spdm_context;
2116 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2117 : void *data;
2118 : size_t data_size;
2119 : void *hash;
2120 : size_t hash_size;
2121 :
2122 1 : spdm_test_context = *state;
2123 1 : spdm_context = spdm_test_context->spdm_context;
2124 1 : spdm_test_context->case_id = 0x2;
2125 1 : spdm_context->connection_info.connection_state =
2126 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2127 1 : spdm_context->connection_info.capability.flags = 0;
2128 1 : spdm_context->connection_info.capability.flags |=
2129 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2130 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2131 : m_libspdm_use_asym_algo, &data,
2132 : &data_size, &hash, &hash_size);
2133 1 : libspdm_reset_message_a(spdm_context);
2134 1 : libspdm_reset_message_b(spdm_context);
2135 1 : libspdm_reset_message_c(spdm_context);
2136 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2137 : m_libspdm_use_hash_algo;
2138 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2139 : m_libspdm_use_asym_algo;
2140 :
2141 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2142 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2143 :
2144 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2145 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2146 : data_size;
2147 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2148 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2149 : data, data_size);
2150 : #else
2151 1 : libspdm_hash_all(
2152 : spdm_context->connection_info.algorithm.base_hash_algo,
2153 : data, data_size,
2154 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2155 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2156 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2157 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2158 : spdm_context->connection_info.algorithm.base_hash_algo,
2159 : spdm_context->connection_info.algorithm.base_asym_algo,
2160 : data, data_size,
2161 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2162 : #endif
2163 :
2164 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2165 1 : status = libspdm_challenge(
2166 : spdm_context, NULL, 0,
2167 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2168 : measurement_hash, NULL);
2169 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2170 :
2171 : /* Completion of CHALLENGE sets M1/M2 to null. */
2172 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2173 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2174 : #else
2175 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
2176 : #endif
2177 1 : free(data);
2178 1 : }
2179 :
2180 : /**
2181 : * Test 3: the requester is not setup correctly to send a CHALLENGE message:
2182 : * - it has *no* flags indicating that the previous messages were sent
2183 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS); but
2184 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2185 : * signature algorithms, and the use of challenges.
2186 : * - it has the responder's certificate chain.
2187 : * The CHALLENGE message requests usage of the first certificate in the chain
2188 : * (param1=0) and do not request measurements (param2=0).
2189 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2190 : * no opaque data and a signature on the sent nonce.
2191 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2192 : * transcript buffer is not set.
2193 : **/
2194 1 : void libspdm_test_requester_challenge_case3(void **state)
2195 : {
2196 : libspdm_return_t status;
2197 : libspdm_test_context_t *spdm_test_context;
2198 : libspdm_context_t *spdm_context;
2199 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2200 : void *data;
2201 : size_t data_size;
2202 : void *hash;
2203 : size_t hash_size;
2204 :
2205 1 : spdm_test_context = *state;
2206 1 : spdm_context = spdm_test_context->spdm_context;
2207 1 : spdm_test_context->case_id = 0x3;
2208 1 : spdm_context->connection_info.connection_state =
2209 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
2210 1 : spdm_context->connection_info.capability.flags = 0;
2211 1 : spdm_context->connection_info.capability.flags |=
2212 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2213 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2214 : m_libspdm_use_asym_algo, &data,
2215 : &data_size, &hash, &hash_size);
2216 1 : libspdm_reset_message_a(spdm_context);
2217 1 : libspdm_reset_message_b(spdm_context);
2218 1 : libspdm_reset_message_c(spdm_context);
2219 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2220 : m_libspdm_use_hash_algo;
2221 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2222 : m_libspdm_use_asym_algo;
2223 :
2224 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2225 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2226 :
2227 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2228 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2229 : data_size;
2230 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2231 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2232 : data, data_size);
2233 : #else
2234 1 : libspdm_hash_all(
2235 : spdm_context->connection_info.algorithm.base_hash_algo,
2236 : data, data_size,
2237 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2238 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2239 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2240 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2241 : spdm_context->connection_info.algorithm.base_hash_algo,
2242 : spdm_context->connection_info.algorithm.base_asym_algo,
2243 : data, data_size,
2244 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2245 : #endif
2246 :
2247 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2248 1 : status = libspdm_challenge(
2249 : spdm_context, NULL, 0,
2250 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2251 : measurement_hash, NULL);
2252 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2253 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2254 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2255 : #endif
2256 1 : free(data);
2257 1 : }
2258 :
2259 : /**
2260 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
2261 : * message indicating InvalidParameters.
2262 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2263 : * transcript buffer is reset.
2264 : **/
2265 1 : void libspdm_test_requester_challenge_case4(void **state)
2266 : {
2267 : libspdm_return_t status;
2268 : libspdm_test_context_t *spdm_test_context;
2269 : libspdm_context_t *spdm_context;
2270 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2271 : void *data;
2272 : size_t data_size;
2273 : void *hash;
2274 : size_t hash_size;
2275 :
2276 1 : spdm_test_context = *state;
2277 1 : spdm_context = spdm_test_context->spdm_context;
2278 1 : spdm_test_context->case_id = 0x4;
2279 1 : spdm_context->connection_info.connection_state =
2280 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2281 1 : spdm_context->connection_info.capability.flags = 0;
2282 1 : spdm_context->connection_info.capability.flags |=
2283 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2284 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2285 : m_libspdm_use_asym_algo, &data,
2286 : &data_size, &hash, &hash_size);
2287 1 : libspdm_reset_message_a(spdm_context);
2288 1 : libspdm_reset_message_b(spdm_context);
2289 1 : libspdm_reset_message_c(spdm_context);
2290 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2291 : m_libspdm_use_hash_algo;
2292 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2293 : m_libspdm_use_asym_algo;
2294 :
2295 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2296 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2297 :
2298 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2299 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2300 : data_size;
2301 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2302 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2303 : data, data_size);
2304 : #else
2305 1 : libspdm_hash_all(
2306 : spdm_context->connection_info.algorithm.base_hash_algo,
2307 : data, data_size,
2308 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2309 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2310 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2311 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2312 : spdm_context->connection_info.algorithm.base_hash_algo,
2313 : spdm_context->connection_info.algorithm.base_asym_algo,
2314 : data, data_size,
2315 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2316 : #endif
2317 :
2318 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2319 1 : status = libspdm_challenge(
2320 : spdm_context, NULL, 0,
2321 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2322 : measurement_hash, NULL);
2323 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
2324 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2325 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2326 : #endif
2327 1 : free(data);
2328 1 : }
2329 :
2330 : /**
2331 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
2332 : * message indicating the Busy status of the responder.
2333 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2334 : * transcript buffer is reset.
2335 : **/
2336 1 : void libspdm_test_requester_challenge_case5(void **state)
2337 : {
2338 : libspdm_return_t status;
2339 : libspdm_test_context_t *spdm_test_context;
2340 : libspdm_context_t *spdm_context;
2341 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2342 : void *data;
2343 : size_t data_size;
2344 : void *hash;
2345 : size_t hash_size;
2346 :
2347 1 : spdm_test_context = *state;
2348 1 : spdm_context = spdm_test_context->spdm_context;
2349 1 : spdm_test_context->case_id = 0x5;
2350 1 : spdm_context->connection_info.connection_state =
2351 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2352 1 : spdm_context->connection_info.capability.flags = 0;
2353 1 : spdm_context->connection_info.capability.flags |=
2354 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2355 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2356 : m_libspdm_use_asym_algo, &data,
2357 : &data_size, &hash, &hash_size);
2358 1 : libspdm_reset_message_a(spdm_context);
2359 1 : libspdm_reset_message_b(spdm_context);
2360 1 : libspdm_reset_message_c(spdm_context);
2361 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2362 : m_libspdm_use_hash_algo;
2363 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2364 : m_libspdm_use_asym_algo;
2365 :
2366 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2367 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2368 :
2369 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2370 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2371 : data_size;
2372 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2373 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2374 : data, data_size);
2375 : #else
2376 1 : libspdm_hash_all(
2377 : spdm_context->connection_info.algorithm.base_hash_algo,
2378 : data, data_size,
2379 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2380 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2381 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2382 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2383 : spdm_context->connection_info.algorithm.base_hash_algo,
2384 : spdm_context->connection_info.algorithm.base_asym_algo,
2385 : data, data_size,
2386 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2387 : #endif
2388 :
2389 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2390 1 : status = libspdm_challenge(
2391 : spdm_context, NULL, 0,
2392 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2393 : measurement_hash, NULL);
2394 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2395 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2396 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2397 : #endif
2398 1 : free(data);
2399 1 : }
2400 :
2401 : /**
2402 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2403 : * receiving a Busy ERROR message, and on retry, receiving a correct CHALLENGE_AUTH
2404 : * message to the challenge, with no opaque data and a signature on the sent nonce.
2405 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2406 : **/
2407 1 : void libspdm_test_requester_challenge_case6(void **state)
2408 : {
2409 : libspdm_return_t status;
2410 : libspdm_test_context_t *spdm_test_context;
2411 : libspdm_context_t *spdm_context;
2412 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2413 : void *data;
2414 : size_t data_size;
2415 : void *hash;
2416 : size_t hash_size;
2417 :
2418 1 : spdm_test_context = *state;
2419 1 : spdm_context = spdm_test_context->spdm_context;
2420 1 : spdm_test_context->case_id = 0x6;
2421 1 : spdm_context->retry_times = 3;
2422 1 : spdm_context->connection_info.connection_state =
2423 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2424 1 : spdm_context->connection_info.capability.flags = 0;
2425 1 : spdm_context->connection_info.capability.flags |=
2426 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2427 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2428 : m_libspdm_use_asym_algo, &data,
2429 : &data_size, &hash, &hash_size);
2430 1 : libspdm_reset_message_a(spdm_context);
2431 1 : libspdm_reset_message_b(spdm_context);
2432 1 : libspdm_reset_message_c(spdm_context);
2433 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2434 : m_libspdm_use_hash_algo;
2435 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2436 : m_libspdm_use_asym_algo;
2437 :
2438 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2439 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2440 :
2441 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2442 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2443 : data_size;
2444 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2445 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2446 : data, data_size);
2447 : #else
2448 1 : libspdm_hash_all(
2449 : spdm_context->connection_info.algorithm.base_hash_algo,
2450 : data, data_size,
2451 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2452 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2453 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2454 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2455 : spdm_context->connection_info.algorithm.base_hash_algo,
2456 : spdm_context->connection_info.algorithm.base_asym_algo,
2457 : data, data_size,
2458 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2459 : #endif
2460 :
2461 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2462 1 : status = libspdm_challenge(
2463 : spdm_context, NULL, 0,
2464 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2465 : measurement_hash, NULL);
2466 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2467 1 : free(data);
2468 1 : }
2469 :
2470 : /**
2471 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2472 : * message indicating the RequestResynch status of the responder.
2473 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, the "C"
2474 : * transcript buffer is reset, and the communication is reset to expect a new
2475 : * GET_VERSION message.
2476 : **/
2477 1 : void libspdm_test_requester_challenge_case7(void **state)
2478 : {
2479 : libspdm_return_t status;
2480 : libspdm_test_context_t *spdm_test_context;
2481 : libspdm_context_t *spdm_context;
2482 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2483 : void *data;
2484 : size_t data_size;
2485 : void *hash;
2486 : size_t hash_size;
2487 :
2488 1 : spdm_test_context = *state;
2489 1 : spdm_context = spdm_test_context->spdm_context;
2490 1 : spdm_test_context->case_id = 0x7;
2491 1 : spdm_context->connection_info.connection_state =
2492 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2493 1 : spdm_context->connection_info.capability.flags = 0;
2494 1 : spdm_context->connection_info.capability.flags |=
2495 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2496 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2497 : m_libspdm_use_asym_algo, &data,
2498 : &data_size, &hash, &hash_size);
2499 1 : libspdm_reset_message_a(spdm_context);
2500 1 : libspdm_reset_message_b(spdm_context);
2501 1 : libspdm_reset_message_c(spdm_context);
2502 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2503 : m_libspdm_use_hash_algo;
2504 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2505 : m_libspdm_use_asym_algo;
2506 :
2507 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2508 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2509 :
2510 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2511 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2512 : data_size;
2513 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2514 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2515 : data, data_size);
2516 : #else
2517 1 : libspdm_hash_all(
2518 : spdm_context->connection_info.algorithm.base_hash_algo,
2519 : data, data_size,
2520 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2521 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2522 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2523 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2524 : spdm_context->connection_info.algorithm.base_hash_algo,
2525 : spdm_context->connection_info.algorithm.base_asym_algo,
2526 : data, data_size,
2527 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2528 : #endif
2529 :
2530 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2531 1 : status = libspdm_challenge(
2532 : spdm_context, NULL, 0,
2533 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2534 : measurement_hash, NULL);
2535 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2536 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2537 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2538 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2539 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2540 : #endif
2541 1 : free(data);
2542 1 : }
2543 :
2544 : /**
2545 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2546 : * message indicating the ResponseNotReady status of the responder.
2547 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2548 : * buffer stores nothing.
2549 : **/
2550 1 : void libspdm_test_requester_challenge_case8(void **state)
2551 : {
2552 : libspdm_return_t status;
2553 : libspdm_test_context_t *spdm_test_context;
2554 : libspdm_context_t *spdm_context;
2555 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2556 : void *data;
2557 : size_t data_size;
2558 : void *hash;
2559 : size_t hash_size;
2560 :
2561 1 : spdm_test_context = *state;
2562 1 : spdm_context = spdm_test_context->spdm_context;
2563 1 : spdm_test_context->case_id = 0x8;
2564 1 : spdm_context->connection_info.connection_state =
2565 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2566 1 : spdm_context->connection_info.capability.flags = 0;
2567 1 : spdm_context->connection_info.capability.flags |=
2568 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2569 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2570 : m_libspdm_use_asym_algo, &data,
2571 : &data_size, &hash, &hash_size);
2572 1 : libspdm_reset_message_a(spdm_context);
2573 1 : libspdm_reset_message_b(spdm_context);
2574 1 : libspdm_reset_message_c(spdm_context);
2575 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2576 : m_libspdm_use_hash_algo;
2577 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2578 : m_libspdm_use_asym_algo;
2579 :
2580 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2581 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2582 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2583 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2584 : data_size;
2585 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2586 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2587 : data, data_size);
2588 : #else
2589 1 : libspdm_hash_all(
2590 : spdm_context->connection_info.algorithm.base_hash_algo,
2591 : data, data_size,
2592 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2593 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2594 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2595 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2596 : spdm_context->connection_info.algorithm.base_hash_algo,
2597 : spdm_context->connection_info.algorithm.base_asym_algo,
2598 : data, data_size,
2599 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2600 : #endif
2601 :
2602 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2603 :
2604 1 : status = libspdm_challenge(
2605 : spdm_context, NULL, 0,
2606 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2607 : measurement_hash, NULL);
2608 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2609 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2610 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2611 : #endif
2612 1 : free(data);
2613 1 : }
2614 :
2615 : /**
2616 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2617 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2618 : * CHALLENGE_AUTH message to the challenge, with no opaque data and a signature
2619 : * on the sent nonce.
2620 : * Expected behavior: client returns a status of RETURN_SUCCESS.
2621 : **/
2622 1 : void libspdm_test_requester_challenge_case9(void **state)
2623 : {
2624 : libspdm_return_t status;
2625 : libspdm_test_context_t *spdm_test_context;
2626 : libspdm_context_t *spdm_context;
2627 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2628 : void *data;
2629 : size_t data_size;
2630 : void *hash;
2631 : size_t hash_size;
2632 :
2633 1 : spdm_test_context = *state;
2634 1 : spdm_context = spdm_test_context->spdm_context;
2635 1 : spdm_test_context->case_id = 0x9;
2636 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2637 1 : spdm_context->connection_info.capability.flags = 0;
2638 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2639 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2640 : m_libspdm_use_asym_algo, &data,
2641 : &data_size, &hash, &hash_size);
2642 1 : libspdm_reset_message_a(spdm_context);
2643 1 : libspdm_reset_message_b(spdm_context);
2644 1 : libspdm_reset_message_c(spdm_context);
2645 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2646 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2647 :
2648 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2649 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2650 :
2651 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2652 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2653 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2654 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2655 : data, data_size);
2656 : #else
2657 1 : libspdm_hash_all(
2658 : spdm_context->connection_info.algorithm.base_hash_algo,
2659 : data, data_size,
2660 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2661 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2662 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2663 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2664 : spdm_context->connection_info.algorithm.base_hash_algo,
2665 : spdm_context->connection_info.algorithm.base_asym_algo,
2666 : data, data_size,
2667 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2668 : #endif
2669 :
2670 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2671 1 : status = libspdm_challenge(
2672 : spdm_context, NULL, 0,
2673 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2674 : measurement_hash, NULL);
2675 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2676 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2677 : } else {
2678 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2679 : }
2680 1 : free(data);
2681 1 : }
2682 :
2683 : /**
2684 : * Test 10: the requester is not setup correctly to send a CHALLENGE message.
2685 : * Specifically, it has *not* received the capability for challenge, although it
2686 : * has received capability for executing both hash and signature algorithms.
2687 : * The remaining setup and message exchange were executed correctly (see Test 2).
2688 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2689 : * transcript buffer is not set.
2690 : **/
2691 1 : void libspdm_test_requester_challenge_case10(void **state) {
2692 : libspdm_return_t status;
2693 : libspdm_test_context_t *spdm_test_context;
2694 : libspdm_context_t *spdm_context;
2695 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2696 : void *data;
2697 : size_t data_size;
2698 : void *hash;
2699 : size_t hash_size;
2700 :
2701 1 : spdm_test_context = *state;
2702 1 : spdm_context = spdm_test_context->spdm_context;
2703 1 : spdm_test_context->case_id = 0xA;
2704 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2705 1 : spdm_context->connection_info.capability.flags = 0;
2706 : /* spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;*/
2707 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2708 : m_libspdm_use_asym_algo,
2709 : &data, &data_size,
2710 : &hash, &hash_size);
2711 1 : libspdm_reset_message_a(spdm_context);
2712 1 : libspdm_reset_message_b(spdm_context);
2713 1 : libspdm_reset_message_c(spdm_context);
2714 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2715 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2716 :
2717 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2718 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2719 :
2720 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2721 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2722 : data_size;
2723 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2724 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2725 : data, data_size);
2726 : #else
2727 1 : libspdm_hash_all(
2728 : spdm_context->connection_info.algorithm.base_hash_algo,
2729 : data, data_size,
2730 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2731 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2732 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2733 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2734 : spdm_context->connection_info.algorithm.base_hash_algo,
2735 : spdm_context->connection_info.algorithm.base_asym_algo,
2736 : data, data_size,
2737 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2738 : #endif
2739 :
2740 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2741 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2742 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2743 : measurement_hash, NULL);
2744 1 : assert_int_equal (status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2745 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2746 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2747 : #endif
2748 1 : free(data);
2749 1 : }
2750 :
2751 : /**
2752 : * Test 11: the requester is setup correctly (see Test 2), but receives a malformed
2753 : * response message, smaller then a standard SPDM message header.
2754 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR,.
2755 : **/
2756 1 : void libspdm_test_requester_challenge_case11(void **state) {
2757 : libspdm_return_t status;
2758 : libspdm_test_context_t *spdm_test_context;
2759 : libspdm_context_t *spdm_context;
2760 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2761 : void *data;
2762 : size_t data_size;
2763 : void *hash;
2764 : size_t hash_size;
2765 :
2766 1 : spdm_test_context = *state;
2767 1 : spdm_context = spdm_test_context->spdm_context;
2768 1 : spdm_test_context->case_id = 0xB;
2769 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2770 1 : spdm_context->connection_info.capability.flags = 0;
2771 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2772 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2773 : m_libspdm_use_asym_algo,
2774 : &data, &data_size,
2775 : &hash, &hash_size);
2776 1 : libspdm_reset_message_a(spdm_context);
2777 1 : libspdm_reset_message_b(spdm_context);
2778 1 : libspdm_reset_message_c(spdm_context);
2779 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2780 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2781 :
2782 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2783 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2784 :
2785 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2786 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2787 : data_size;
2788 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2789 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2790 : data, data_size);
2791 : #else
2792 1 : libspdm_hash_all(
2793 : spdm_context->connection_info.algorithm.base_hash_algo,
2794 : data, data_size,
2795 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2796 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2797 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2798 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2799 : spdm_context->connection_info.algorithm.base_hash_algo,
2800 : spdm_context->connection_info.algorithm.base_asym_algo,
2801 : data, data_size,
2802 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2803 : #endif
2804 :
2805 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2806 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2807 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2808 : measurement_hash, NULL);
2809 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2810 1 : free(data);
2811 1 : }
2812 :
2813 : /**
2814 : * Test 12: the requester is setup correctly (see Test 2), but receives a malformed
2815 : * response message, with version (1.0) different from the request (1.1).
2816 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2817 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2818 : **/
2819 1 : void libspdm_test_requester_challenge_case12(void **state) {
2820 : libspdm_return_t status;
2821 : libspdm_test_context_t *spdm_test_context;
2822 : libspdm_context_t *spdm_context;
2823 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2824 : void *data;
2825 : size_t data_size;
2826 : void *hash;
2827 : size_t hash_size;
2828 :
2829 1 : spdm_test_context = *state;
2830 1 : spdm_context = spdm_test_context->spdm_context;
2831 1 : spdm_test_context->case_id = 0xC;
2832 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2833 1 : spdm_context->connection_info.capability.flags = 0;
2834 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2835 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2836 : m_libspdm_use_asym_algo,
2837 : &data, &data_size,
2838 : &hash, &hash_size);
2839 1 : libspdm_reset_message_a(spdm_context);
2840 1 : libspdm_reset_message_b(spdm_context);
2841 1 : libspdm_reset_message_c(spdm_context);
2842 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2843 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2844 :
2845 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2846 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2847 :
2848 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2849 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2850 : data_size;
2851 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2852 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2853 : data, data_size);
2854 : #else
2855 1 : libspdm_hash_all(
2856 : spdm_context->connection_info.algorithm.base_hash_algo,
2857 : data, data_size,
2858 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2859 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2860 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2861 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2862 : spdm_context->connection_info.algorithm.base_hash_algo,
2863 : spdm_context->connection_info.algorithm.base_asym_algo,
2864 : data, data_size,
2865 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2866 : #endif
2867 :
2868 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2869 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2870 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2871 : measurement_hash, NULL);
2872 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2873 1 : free(data);
2874 1 : }
2875 :
2876 : /**
2877 : * Test 13: the requester is setup correctly (see Test 2), but receives a malformed
2878 : * response message, with wrong request_response_code (CHALLENGE 0x83 instead of
2879 : * CHALLENGE_AUTH 0x03).
2880 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2881 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2882 : **/
2883 1 : void libspdm_test_requester_challenge_case13(void **state) {
2884 : libspdm_return_t status;
2885 : libspdm_test_context_t *spdm_test_context;
2886 : libspdm_context_t *spdm_context;
2887 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2888 : void *data;
2889 : size_t data_size;
2890 : void *hash;
2891 : size_t hash_size;
2892 :
2893 1 : spdm_test_context = *state;
2894 1 : spdm_context = spdm_test_context->spdm_context;
2895 1 : spdm_test_context->case_id = 0xD;
2896 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2897 1 : spdm_context->connection_info.capability.flags = 0;
2898 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2899 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2900 : m_libspdm_use_asym_algo,
2901 : &data, &data_size,
2902 : &hash, &hash_size);
2903 1 : libspdm_reset_message_a(spdm_context);
2904 1 : libspdm_reset_message_b(spdm_context);
2905 1 : libspdm_reset_message_c(spdm_context);
2906 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2907 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2908 :
2909 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2910 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2911 :
2912 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2913 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2914 : data_size;
2915 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2916 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2917 : data, data_size);
2918 : #else
2919 1 : libspdm_hash_all(
2920 : spdm_context->connection_info.algorithm.base_hash_algo,
2921 : data, data_size,
2922 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2923 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2924 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2925 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2926 : spdm_context->connection_info.algorithm.base_hash_algo,
2927 : spdm_context->connection_info.algorithm.base_asym_algo,
2928 : data, data_size,
2929 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2930 : #endif
2931 :
2932 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2933 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2934 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2935 : measurement_hash, NULL);
2936 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2937 1 : free(data);
2938 1 : }
2939 :
2940 : /**
2941 : * Test 14: the requester is setup correctly (see Test 2), but receives a malformed
2942 : * response message, with a slot number different from the requested.
2943 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2944 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2945 : **/
2946 1 : void libspdm_test_requester_challenge_case14(void **state) {
2947 : libspdm_return_t status;
2948 : libspdm_test_context_t *spdm_test_context;
2949 : libspdm_context_t *spdm_context;
2950 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2951 : void *data;
2952 : size_t data_size;
2953 : void *hash;
2954 : size_t hash_size;
2955 :
2956 1 : spdm_test_context = *state;
2957 1 : spdm_context = spdm_test_context->spdm_context;
2958 1 : spdm_test_context->case_id = 0xE;
2959 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2960 1 : spdm_context->connection_info.capability.flags = 0;
2961 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2962 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2963 : m_libspdm_use_asym_algo,
2964 : &data, &data_size,
2965 : &hash, &hash_size);
2966 1 : libspdm_reset_message_a(spdm_context);
2967 1 : libspdm_reset_message_b(spdm_context);
2968 1 : libspdm_reset_message_c(spdm_context);
2969 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2970 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2971 :
2972 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2973 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2974 :
2975 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2976 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2977 : data_size;
2978 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2979 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2980 : data, data_size);
2981 : #else
2982 1 : libspdm_hash_all(
2983 : spdm_context->connection_info.algorithm.base_hash_algo,
2984 : data, data_size,
2985 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2986 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2987 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2988 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2989 : spdm_context->connection_info.algorithm.base_hash_algo,
2990 : spdm_context->connection_info.algorithm.base_asym_algo,
2991 : data, data_size,
2992 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2993 : #endif
2994 :
2995 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2996 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2997 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2998 : measurement_hash, NULL);
2999 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3000 1 : free(data);
3001 1 : }
3002 :
3003 : /**
3004 : * Test 15: free to be populated by test.
3005 : **/
3006 1 : void libspdm_test_requester_challenge_case15(void **state) {
3007 1 : }
3008 :
3009 : /**
3010 : * Test 16: the requester is setup correctly to send a CHALLENGE message:
3011 : * - it has flags indicating that the previous messages were sent
3012 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3013 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3014 : * signature algorithms, and the use of challenges.
3015 : * - it has the responder's certificate chain.
3016 : * The CHALLENGE message requests usage of the first certificate in the chain
3017 : * (param1=0) and do not request measurements (param2=0).
3018 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3019 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3020 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3021 : **/
3022 1 : void libspdm_test_requester_challenge_case16(void **state) {
3023 : libspdm_return_t status;
3024 : libspdm_test_context_t *spdm_test_context;
3025 : libspdm_context_t *spdm_context;
3026 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3027 : void *data;
3028 : size_t data_size;
3029 : void *hash;
3030 : size_t hash_size;
3031 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3032 : size_t opaque_data_size;
3033 :
3034 1 : spdm_test_context = *state;
3035 1 : spdm_context = spdm_test_context->spdm_context;
3036 1 : spdm_test_context->case_id = 0x10;
3037 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3038 1 : spdm_context->connection_info.capability.flags = 0;
3039 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3040 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3041 : m_libspdm_use_asym_algo,
3042 : &data, &data_size,
3043 : &hash, &hash_size);
3044 1 : libspdm_reset_message_a(spdm_context);
3045 1 : libspdm_reset_message_b(spdm_context);
3046 1 : libspdm_reset_message_c(spdm_context);
3047 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3048 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3049 :
3050 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3051 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3052 :
3053 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3054 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3055 : data_size;
3056 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3057 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3058 : data, data_size);
3059 : #else
3060 1 : libspdm_hash_all(
3061 : spdm_context->connection_info.algorithm.base_hash_algo,
3062 : data, data_size,
3063 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3064 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3065 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3066 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3067 : spdm_context->connection_info.algorithm.base_hash_algo,
3068 : spdm_context->connection_info.algorithm.base_asym_algo,
3069 : data, data_size,
3070 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3071 : #endif
3072 :
3073 1 : opaque_data_size = sizeof(opaque_data);
3074 :
3075 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3076 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3077 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3078 : measurement_hash, NULL, NULL, NULL, NULL,
3079 : opaque_data, &opaque_data_size);
3080 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3081 1 : assert_int_equal(opaque_data_size, strlen("libspdm"));
3082 1 : assert_memory_equal(opaque_data, "libspdm", opaque_data_size);
3083 1 : free(data);
3084 1 : }
3085 :
3086 : /**
3087 : * Test 17: the requester is setup correctly to send a CHALLENGE message:
3088 : * - it has flags indicating that the previous messages were sent
3089 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3090 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3091 : * signature algorithms, and the use of challenges.
3092 : * - it has the responder's certificate chain.
3093 : * The CHALLENGE message requests usage of the first certificate in the chain
3094 : * (param1=0) and do not request measurements (param2=0).
3095 : * The received CHALLENGE_AUTH message correctly responds to the challenge,
3096 : * but with an invalid signature.
3097 : * Expected behavior: client returns a status of RETURN_SECURITY_VIOLATION.
3098 : **/
3099 1 : void libspdm_test_requester_challenge_case17(void **state) {
3100 : libspdm_return_t status;
3101 : libspdm_test_context_t *spdm_test_context;
3102 : libspdm_context_t *spdm_context;
3103 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3104 : void *data;
3105 : size_t data_size;
3106 : void *hash;
3107 : size_t hash_size;
3108 :
3109 1 : spdm_test_context = *state;
3110 1 : spdm_context = spdm_test_context->spdm_context;
3111 1 : spdm_test_context->case_id = 0x11;
3112 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3113 1 : spdm_context->connection_info.capability.flags = 0;
3114 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3115 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3116 : m_libspdm_use_asym_algo,
3117 : &data, &data_size,
3118 : &hash, &hash_size);
3119 1 : libspdm_reset_message_a(spdm_context);
3120 1 : libspdm_reset_message_b(spdm_context);
3121 1 : libspdm_reset_message_c(spdm_context);
3122 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3123 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3124 :
3125 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3126 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3127 :
3128 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3129 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3130 : data_size;
3131 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3132 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3133 : data, data_size);
3134 : #else
3135 1 : libspdm_hash_all(
3136 : spdm_context->connection_info.algorithm.base_hash_algo,
3137 : data, data_size,
3138 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3139 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3140 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3141 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3142 : spdm_context->connection_info.algorithm.base_hash_algo,
3143 : spdm_context->connection_info.algorithm.base_asym_algo,
3144 : data, data_size,
3145 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3146 : #endif
3147 :
3148 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3149 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3150 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3151 : measurement_hash, NULL);
3152 1 : assert_int_equal (status, LIBSPDM_STATUS_VERIF_FAIL);
3153 1 : free(data);
3154 1 : }
3155 :
3156 : /**
3157 : * Test 18: the requester is setup correctly to send a CHALLENGE message:
3158 : * - it has flags indicating that the previous messages were sent
3159 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3160 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3161 : * signature algorithms, the use of challenges, and of measurements.
3162 : * - it has the responder's certificate chain.
3163 : * The CHALLENGE message requests usage of the first certificate in the chain
3164 : * (param1=0) and request TCB measurements (param2=1).
3165 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3166 : * no opaque data and a signature on the sent nonce.
3167 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3168 : **/
3169 1 : void libspdm_test_requester_challenge_case18(void **state) {
3170 : libspdm_return_t status;
3171 : libspdm_test_context_t *spdm_test_context;
3172 : libspdm_context_t *spdm_context;
3173 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3174 : void *data;
3175 : size_t data_size;
3176 : void *hash;
3177 : size_t hash_size;
3178 :
3179 1 : spdm_test_context = *state;
3180 1 : spdm_context = spdm_test_context->spdm_context;
3181 1 : spdm_test_context->case_id = 0x12;
3182 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3183 1 : spdm_context->connection_info.capability.flags = 0;
3184 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3185 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3186 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3187 : m_libspdm_use_asym_algo,
3188 : &data, &data_size,
3189 : &hash, &hash_size);
3190 1 : libspdm_reset_message_a(spdm_context);
3191 1 : libspdm_reset_message_b(spdm_context);
3192 1 : libspdm_reset_message_c(spdm_context);
3193 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3194 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3195 :
3196 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3197 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3198 :
3199 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3200 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3201 : data_size;
3202 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3203 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3204 : data, data_size);
3205 : #else
3206 1 : libspdm_hash_all(
3207 : spdm_context->connection_info.algorithm.base_hash_algo,
3208 : data, data_size,
3209 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3210 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3211 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3212 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3213 : spdm_context->connection_info.algorithm.base_hash_algo,
3214 : spdm_context->connection_info.algorithm.base_asym_algo,
3215 : data, data_size,
3216 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3217 : #endif
3218 :
3219 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3220 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3221 : SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH,
3222 : measurement_hash, NULL);
3223 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3224 1 : }
3225 :
3226 : /**
3227 : * Test 19: the requester is setup correctly to send a CHALLENGE message:
3228 : * - it has flags indicating that the previous messages were sent
3229 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3230 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3231 : * signature algorithms, the use of challenges, and of measurements.
3232 : * - it has the responder's certificate chain.
3233 : * The CHALLENGE message requests usage of the first certificate in the chain
3234 : * (param1=0) and request TCB measurements (param2=1).
3235 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3236 : * no opaque data and a signature on the sent nonce.
3237 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3238 : **/
3239 1 : void libspdm_test_requester_challenge_case19(void **state) {
3240 : libspdm_return_t status;
3241 : libspdm_test_context_t *spdm_test_context;
3242 : libspdm_context_t *spdm_context;
3243 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3244 : void *data;
3245 : size_t data_size;
3246 : void *hash;
3247 : size_t hash_size;
3248 :
3249 1 : spdm_test_context = *state;
3250 1 : spdm_context = spdm_test_context->spdm_context;
3251 1 : spdm_test_context->case_id = 0x13;
3252 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3253 1 : spdm_context->connection_info.capability.flags = 0;
3254 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3255 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3256 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3257 : m_libspdm_use_asym_algo,
3258 : &data, &data_size,
3259 : &hash, &hash_size);
3260 1 : libspdm_reset_message_a(spdm_context);
3261 1 : libspdm_reset_message_b(spdm_context);
3262 1 : libspdm_reset_message_c(spdm_context);
3263 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3264 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3265 :
3266 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3267 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3268 :
3269 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3270 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3271 : data_size;
3272 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3273 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3274 : data, data_size);
3275 : #else
3276 1 : libspdm_hash_all(
3277 : spdm_context->connection_info.algorithm.base_hash_algo,
3278 : data, data_size,
3279 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3280 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3281 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3282 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3283 : spdm_context->connection_info.algorithm.base_hash_algo,
3284 : spdm_context->connection_info.algorithm.base_asym_algo,
3285 : data, data_size,
3286 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3287 : #endif
3288 :
3289 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3290 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3291 : SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH,
3292 : measurement_hash, NULL);
3293 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3294 1 : }
3295 :
3296 : /**
3297 : * Test 20: receiving an unexpected ERROR message from the responder.
3298 : * There are tests for all named codes, including some reserved ones
3299 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
3300 : * However, for having specific test cases, it is excluded from this case:
3301 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
3302 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
3303 : **/
3304 1 : void libspdm_test_requester_challenge_case20(void **state) {
3305 : libspdm_return_t status;
3306 : libspdm_test_context_t *spdm_test_context;
3307 : libspdm_context_t *spdm_context;
3308 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3309 : void *data;
3310 : size_t data_size;
3311 : void *hash;
3312 : size_t hash_size;
3313 : uint16_t error_code;
3314 :
3315 1 : spdm_test_context = *state;
3316 1 : spdm_context = spdm_test_context->spdm_context;
3317 1 : spdm_test_context->case_id = 0x14;
3318 1 : spdm_context->connection_info.capability.flags = 0;
3319 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3320 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3321 : m_libspdm_use_asym_algo,
3322 : &data, &data_size,
3323 : &hash, &hash_size);
3324 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3325 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3326 :
3327 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3328 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3329 :
3330 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3331 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3332 : data_size;
3333 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3334 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3335 : data, data_size);
3336 : #else
3337 1 : libspdm_hash_all(
3338 : spdm_context->connection_info.algorithm.base_hash_algo,
3339 : data, data_size,
3340 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3341 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3342 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3343 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3344 : spdm_context->connection_info.algorithm.base_hash_algo,
3345 : spdm_context->connection_info.algorithm.base_asym_algo,
3346 : data, data_size,
3347 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3348 : #endif
3349 :
3350 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
3351 19 : while(error_code <= 0xff) {
3352 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3353 18 : libspdm_reset_message_a(spdm_context);
3354 18 : libspdm_reset_message_b(spdm_context);
3355 18 : libspdm_reset_message_c(spdm_context);
3356 :
3357 18 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3358 18 : status = libspdm_challenge (spdm_context, NULL, 0,
3359 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3360 : measurement_hash, NULL);
3361 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
3362 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3363 : /* assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);*/
3364 : LIBSPDM_ASSERT_INT_EQUAL_CASE (spdm_context->transcript.message_c.buffer_size, 0,
3365 : error_code);
3366 : #endif
3367 :
3368 18 : error_code++;
3369 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
3370 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
3371 : }
3372 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
3373 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
3374 : }
3375 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
3376 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
3377 : }
3378 : }
3379 :
3380 1 : free(data);
3381 1 : }
3382 :
3383 : /**
3384 : * Test 21: test correct CHALLENGE_AUTH message with multiple slot numbers
3385 : * Expected behavior: success and slot_id is included in slot_mask.
3386 : **/
3387 0 : void libspdm_test_requester_challenge_case21(void **state) {
3388 : libspdm_return_t status;
3389 : libspdm_test_context_t *spdm_test_context;
3390 : libspdm_context_t *spdm_context;
3391 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3392 : void *data;
3393 : size_t data_size;
3394 : void *hash;
3395 : size_t hash_size;
3396 : uint8_t slot_id;
3397 : uint8_t slot_mask;
3398 :
3399 0 : spdm_test_context = *state;
3400 0 : spdm_context = spdm_test_context->spdm_context;
3401 0 : spdm_test_context->case_id = 0x15;
3402 0 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3403 0 : spdm_context->connection_info.capability.flags = 0;
3404 0 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3405 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3406 : m_libspdm_use_asym_algo,
3407 : &data, &data_size,
3408 : &hash, &hash_size);
3409 0 : libspdm_reset_message_a(spdm_context);
3410 0 : libspdm_reset_message_b(spdm_context);
3411 0 : libspdm_reset_message_c(spdm_context);
3412 0 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3413 0 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3414 0 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3415 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3416 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3417 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3418 : data_size;
3419 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3420 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3421 : data, data_size);
3422 : #else
3423 0 : libspdm_hash_all(
3424 : spdm_context->connection_info.algorithm.base_hash_algo,
3425 : data, data_size,
3426 0 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3427 0 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3428 0 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3429 0 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3430 : spdm_context->connection_info.algorithm.base_hash_algo,
3431 : spdm_context->connection_info.algorithm.base_asym_algo,
3432 : data, data_size,
3433 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3434 : #endif
3435 :
3436 0 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3437 :
3438 0 : slot_id = 0;
3439 0 : status = libspdm_challenge (spdm_context, NULL, slot_id,
3440 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3441 : measurement_hash, &slot_mask);
3442 0 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3443 0 : assert_int_equal(1<<slot_id, slot_mask & (1<<slot_id));
3444 0 : free(data);
3445 0 : }
3446 :
3447 : /**
3448 : * Test 22: a request message is successfully sent and a response message is successfully received.
3449 : * Buffer C already has arbitrary data.
3450 : * Expected Behavior: requester returns the status RETURN_SUCCESS and a CHALLENGE_AUTH message is
3451 : * received, buffer C appends the exchanged CHALLENGE and CHALLENGE_AUTH messages.
3452 : **/
3453 1 : void libspdm_test_requester_challenge_case22(void **state)
3454 : {
3455 : libspdm_return_t status;
3456 : libspdm_test_context_t *spdm_test_context;
3457 : libspdm_context_t *spdm_context;
3458 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3459 : void *data;
3460 : size_t data_size;
3461 : void *hash;
3462 : size_t hash_size;
3463 :
3464 1 : spdm_test_context = *state;
3465 1 : spdm_context = spdm_test_context->spdm_context;
3466 1 : spdm_test_context->case_id = 0x16;
3467 1 : spdm_context->connection_info.connection_state =
3468 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3469 1 : spdm_context->connection_info.capability.flags = 0;
3470 1 : spdm_context->connection_info.capability.flags |=
3471 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3472 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3473 : m_libspdm_use_asym_algo, &data,
3474 : &data_size, &hash, &hash_size);
3475 1 : libspdm_reset_message_a(spdm_context);
3476 1 : libspdm_reset_message_b(spdm_context);
3477 1 : libspdm_reset_message_c(spdm_context);
3478 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3479 : m_libspdm_use_hash_algo;
3480 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3481 : m_libspdm_use_asym_algo;
3482 :
3483 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3484 : /*filling all buffers with arbitrary data*/
3485 : libspdm_set_mem(spdm_context->transcript.message_a.buffer, 10, (uint8_t) 0xFF);
3486 : spdm_context->transcript.message_a.buffer_size = 10;
3487 : libspdm_set_mem(spdm_context->transcript.message_b.buffer, 8, (uint8_t) 0xEE);
3488 : spdm_context->transcript.message_b.buffer_size = 8;
3489 : libspdm_set_mem(spdm_context->transcript.message_c.buffer, 12, (uint8_t) 0xDD);
3490 : spdm_context->transcript.message_c.buffer_size = 12;
3491 : #endif
3492 :
3493 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3494 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3495 :
3496 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3497 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3498 : data_size;
3499 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3500 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3501 : data, data_size);
3502 : #else
3503 1 : libspdm_hash_all(
3504 : spdm_context->connection_info.algorithm.base_hash_algo,
3505 : data, data_size,
3506 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3507 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3508 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3509 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3510 : spdm_context->connection_info.algorithm.base_hash_algo,
3511 : spdm_context->connection_info.algorithm.base_asym_algo,
3512 : data, data_size,
3513 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3514 : #endif
3515 :
3516 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3517 1 : status = libspdm_challenge(
3518 : spdm_context, NULL, 0,
3519 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3520 : measurement_hash, NULL);
3521 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3522 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3523 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3524 : m_libspdm_local_buffer_size));
3525 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3526 : #endif
3527 1 : free(data);
3528 1 : }
3529 :
3530 : /**
3531 : * Test 23: GetCert (Slot 0), GetCert (Slot 1), then Challenge (Slot 0), (Slot1):
3532 : * - it has flags indicating that the previous messages were sent
3533 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3534 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3535 : * signature algorithms, and the use of challenges.
3536 : * - it has the responder's certificate chain.
3537 : * The CHALLENGE message requests usage of the first certificate in the chain
3538 : * (param1=0) and do not request measurements (param2=0).
3539 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3540 : * no opaque data and a signature on the sent nonce.
3541 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3542 : **/
3543 1 : void libspdm_test_requester_challenge_case23(void **state)
3544 : {
3545 : libspdm_return_t status;
3546 : libspdm_test_context_t *spdm_test_context;
3547 : libspdm_context_t *spdm_context;
3548 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3549 : void *data;
3550 : void *data1;
3551 : size_t data_size;
3552 : size_t data1_size;
3553 : void *hash;
3554 : void *hash1;
3555 : size_t hash_size;
3556 : size_t hash1_size;
3557 : uint8_t slot_id;
3558 :
3559 1 : spdm_test_context = *state;
3560 1 : spdm_context = spdm_test_context->spdm_context;
3561 1 : spdm_test_context->case_id = 0x17;
3562 1 : spdm_context->connection_info.connection_state =
3563 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3564 1 : spdm_context->connection_info.capability.flags = 0;
3565 1 : spdm_context->connection_info.capability.flags |=
3566 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3567 :
3568 1 : libspdm_reset_message_a(spdm_context);
3569 1 : libspdm_reset_message_b(spdm_context);
3570 1 : libspdm_reset_message_c(spdm_context);
3571 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3572 : m_libspdm_use_hash_algo;
3573 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3574 : m_libspdm_use_asym_algo;
3575 :
3576 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3577 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3578 :
3579 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3580 : m_libspdm_use_asym_algo, &data,
3581 : &data_size, &hash, &hash_size);
3582 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3583 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3584 : data_size;
3585 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3586 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3587 : data, data_size);
3588 : #else
3589 1 : libspdm_hash_all(
3590 : spdm_context->connection_info.algorithm.base_hash_algo,
3591 : data, data_size,
3592 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3593 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3594 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3595 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3596 : spdm_context->connection_info.algorithm.base_hash_algo,
3597 : spdm_context->connection_info.algorithm.base_asym_algo,
3598 : data, data_size,
3599 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3600 : #endif
3601 :
3602 1 : libspdm_read_responder_public_certificate_chain_per_slot(
3603 : 1,
3604 : m_libspdm_use_hash_algo,
3605 : m_libspdm_use_asym_algo, &data1,
3606 : &data1_size, &hash1, &hash1_size);
3607 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3608 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size =
3609 : data1_size;
3610 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
3611 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
3612 : data1, data1_size);
3613 : #else
3614 1 : libspdm_hash_all(
3615 : spdm_context->connection_info.algorithm.base_hash_algo,
3616 : data1, data1_size,
3617 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
3618 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
3619 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3620 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3621 : spdm_context->connection_info.algorithm.base_hash_algo,
3622 : spdm_context->connection_info.algorithm.base_asym_algo,
3623 : data1, data1_size,
3624 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
3625 : #endif
3626 :
3627 3 : for (slot_id = 0; slot_id < 2; slot_id++) {
3628 2 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3629 2 : status = libspdm_challenge(
3630 : spdm_context, NULL, slot_id,
3631 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3632 : measurement_hash, NULL);
3633 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3634 : }
3635 1 : free(data);
3636 1 : free(data1);
3637 1 : }
3638 :
3639 : /**
3640 : * Test 24: Challenge using provisioned public key (slot_id 0xFF)
3641 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3642 : **/
3643 1 : void libspdm_test_requester_challenge_case24(void **state)
3644 : {
3645 : libspdm_return_t status;
3646 : libspdm_test_context_t *spdm_test_context;
3647 : libspdm_context_t *spdm_context;
3648 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3649 : void *data;
3650 : size_t data_size;
3651 :
3652 1 : spdm_test_context = *state;
3653 1 : spdm_context = spdm_test_context->spdm_context;
3654 1 : spdm_test_context->case_id = 0x18;
3655 1 : spdm_context->connection_info.connection_state =
3656 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3657 1 : spdm_context->connection_info.capability.flags = 0;
3658 1 : spdm_context->connection_info.capability.flags |=
3659 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3660 1 : spdm_context->connection_info.capability.flags |=
3661 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3662 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3663 1 : spdm_context->local_context.peer_public_key_provision = data;
3664 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3665 :
3666 1 : libspdm_reset_message_a(spdm_context);
3667 1 : libspdm_reset_message_b(spdm_context);
3668 1 : libspdm_reset_message_c(spdm_context);
3669 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3670 : m_libspdm_use_hash_algo;
3671 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3672 : m_libspdm_use_asym_algo;
3673 :
3674 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3675 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3676 :
3677 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3678 1 : status = libspdm_challenge(
3679 : spdm_context, NULL, 0xFF,
3680 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3681 : measurement_hash, NULL);
3682 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3683 1 : free(data);
3684 1 : }
3685 :
3686 : /**
3687 : * Test 25: Error case, CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed.
3688 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code.
3689 : **/
3690 1 : void libspdm_test_requester_challenge_case25(void **state) {
3691 : libspdm_return_t status;
3692 : libspdm_test_context_t *spdm_test_context;
3693 : libspdm_context_t *spdm_context;
3694 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3695 : void *data;
3696 : size_t data_size;
3697 : void *hash;
3698 : size_t hash_size;
3699 :
3700 1 : spdm_test_context = *state;
3701 1 : spdm_context = spdm_test_context->spdm_context;
3702 1 : spdm_test_context->case_id = 0x19;
3703 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3704 1 : spdm_context->connection_info.capability.flags = 0;
3705 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3706 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3707 : m_libspdm_use_asym_algo,
3708 : &data, &data_size,
3709 : &hash, &hash_size);
3710 1 : libspdm_reset_message_a(spdm_context);
3711 1 : libspdm_reset_message_b(spdm_context);
3712 1 : libspdm_reset_message_c(spdm_context);
3713 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3714 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3715 :
3716 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3717 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3718 :
3719 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3720 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3721 : data_size;
3722 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3723 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3724 : data, data_size);
3725 : #else
3726 1 : libspdm_hash_all(
3727 : spdm_context->connection_info.algorithm.base_hash_algo,
3728 : data, data_size,
3729 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3730 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3731 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3732 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3733 : spdm_context->connection_info.algorithm.base_hash_algo,
3734 : spdm_context->connection_info.algorithm.base_asym_algo,
3735 : data, data_size,
3736 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3737 : #endif
3738 :
3739 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3740 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3741 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3742 : measurement_hash, NULL);
3743 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3744 1 : free(data);
3745 1 : }
3746 :
3747 : /**
3748 : * Test 26: the requester is setup correctly to send a CHALLENGE message:
3749 : * - it has flags indicating that the previous messages were sent
3750 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3751 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3752 : * Expected behavior: client returns a status of RETURN_SUCCESS.
3753 : **/
3754 1 : void libspdm_test_requester_challenge_case26(void **state) {
3755 : libspdm_return_t status;
3756 : libspdm_test_context_t *spdm_test_context;
3757 : libspdm_context_t *spdm_context;
3758 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3759 : void *data;
3760 : size_t data_size;
3761 : void *hash;
3762 : size_t hash_size;
3763 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3764 : size_t opaque_data_size;
3765 :
3766 1 : spdm_test_context = *state;
3767 1 : spdm_context = spdm_test_context->spdm_context;
3768 1 : spdm_test_context->case_id = 0x1A;
3769 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3770 1 : spdm_context->connection_info.capability.flags = 0;
3771 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3772 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3773 : m_libspdm_use_asym_algo,
3774 : &data, &data_size,
3775 : &hash, &hash_size);
3776 1 : libspdm_reset_message_a(spdm_context);
3777 1 : libspdm_reset_message_b(spdm_context);
3778 1 : libspdm_reset_message_c(spdm_context);
3779 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3780 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3781 :
3782 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
3783 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3784 :
3785 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3786 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3787 : data_size;
3788 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3789 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3790 : data, data_size);
3791 : #else
3792 1 : libspdm_hash_all(
3793 : spdm_context->connection_info.algorithm.base_hash_algo,
3794 : data, data_size,
3795 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3796 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3797 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3798 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3799 : spdm_context->connection_info.algorithm.base_hash_algo,
3800 : spdm_context->connection_info.algorithm.base_asym_algo,
3801 : data, data_size,
3802 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3803 : #endif
3804 1 : spdm_context->connection_info.algorithm.other_params_support =
3805 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
3806 1 : opaque_data_size = sizeof(opaque_data);
3807 :
3808 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3809 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3810 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3811 : measurement_hash, NULL, NULL, NULL, NULL,
3812 : opaque_data, &opaque_data_size);
3813 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3814 1 : assert_int_equal(opaque_data_size, m_libspdm_opaque_data_size);
3815 1 : assert_memory_equal(opaque_data, m_libspdm_opaque_data, opaque_data_size);
3816 1 : free(data);
3817 1 : }
3818 :
3819 : /**
3820 : * Test 27: Successful case , With the correct challenge context field
3821 : * Expected Behavior: client returns a status of RETURN_SUCCESS.
3822 : **/
3823 1 : void libspdm_test_requester_challenge_case27(void **state)
3824 : {
3825 : libspdm_return_t status;
3826 : libspdm_test_context_t *spdm_test_context;
3827 : libspdm_context_t *spdm_context;
3828 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3829 : void *data;
3830 : size_t data_size;
3831 : void *hash;
3832 : size_t hash_size;
3833 :
3834 1 : spdm_test_context = *state;
3835 1 : spdm_context = spdm_test_context->spdm_context;
3836 1 : spdm_test_context->case_id = 0x1B;
3837 1 : spdm_context->connection_info.connection_state =
3838 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3839 1 : spdm_context->connection_info.capability.flags = 0;
3840 1 : spdm_context->connection_info.capability.flags |=
3841 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3842 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3843 : m_libspdm_use_asym_algo, &data,
3844 : &data_size, &hash, &hash_size);
3845 1 : libspdm_reset_message_a(spdm_context);
3846 1 : libspdm_reset_message_b(spdm_context);
3847 1 : libspdm_reset_message_c(spdm_context);
3848 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3849 : m_libspdm_use_hash_algo;
3850 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3851 : m_libspdm_use_asym_algo;
3852 :
3853 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3854 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3855 :
3856 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3857 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3858 : data_size;
3859 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3860 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3861 : data, data_size);
3862 : #else
3863 1 : libspdm_hash_all(
3864 : spdm_context->connection_info.algorithm.base_hash_algo,
3865 : data, data_size,
3866 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3867 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3868 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3869 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3870 : spdm_context->connection_info.algorithm.base_hash_algo,
3871 : spdm_context->connection_info.algorithm.base_asym_algo,
3872 : data, data_size,
3873 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3874 : #endif
3875 :
3876 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3877 :
3878 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3879 :
3880 1 : status = libspdm_challenge_ex2(
3881 : spdm_context, NULL, 0, m_requester_context,
3882 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3883 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3884 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3885 :
3886 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3887 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
3888 : #else
3889 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
3890 : #endif
3891 1 : free(data);
3892 1 : }
3893 :
3894 : /**
3895 : * Test 28: Error case , challenge context fields are inconsistent
3896 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
3897 : **/
3898 1 : void libspdm_test_requester_challenge_case28(void **state)
3899 : {
3900 : libspdm_return_t status;
3901 : libspdm_test_context_t *spdm_test_context;
3902 : libspdm_context_t *spdm_context;
3903 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3904 : void *data;
3905 : size_t data_size;
3906 : void *hash;
3907 : size_t hash_size;
3908 :
3909 1 : spdm_test_context = *state;
3910 1 : spdm_context = spdm_test_context->spdm_context;
3911 1 : spdm_test_context->case_id = 0x1C;
3912 1 : spdm_context->connection_info.connection_state =
3913 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3914 1 : spdm_context->connection_info.capability.flags = 0;
3915 1 : spdm_context->connection_info.capability.flags |=
3916 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3917 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3918 : m_libspdm_use_asym_algo, &data,
3919 : &data_size, &hash, &hash_size);
3920 1 : libspdm_reset_message_a(spdm_context);
3921 1 : libspdm_reset_message_b(spdm_context);
3922 1 : libspdm_reset_message_c(spdm_context);
3923 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3924 : m_libspdm_use_hash_algo;
3925 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3926 : m_libspdm_use_asym_algo;
3927 :
3928 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3929 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3930 :
3931 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3932 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3933 : data_size;
3934 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3935 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3936 : data, data_size);
3937 : #else
3938 1 : libspdm_hash_all(
3939 : spdm_context->connection_info.algorithm.base_hash_algo,
3940 : data, data_size,
3941 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3942 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3943 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3944 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3945 : spdm_context->connection_info.algorithm.base_hash_algo,
3946 : spdm_context->connection_info.algorithm.base_asym_algo,
3947 : data, data_size,
3948 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3949 : #endif
3950 :
3951 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3952 :
3953 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3954 :
3955 1 : status = libspdm_challenge_ex2(
3956 : spdm_context, NULL, 0, m_requester_context,
3957 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3958 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3959 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3960 :
3961 1 : free(data);
3962 1 : }
3963 :
3964 1 : int libspdm_requester_challenge_test_main(void)
3965 : {
3966 1 : const struct CMUnitTest spdm_requester_challenge_tests[] = {
3967 : /* SendRequest failed*/
3968 : cmocka_unit_test(libspdm_test_requester_challenge_case1),
3969 : /* Successful response*/
3970 : cmocka_unit_test(libspdm_test_requester_challenge_case2),
3971 : /* connection_state check failed*/
3972 : cmocka_unit_test(libspdm_test_requester_challenge_case3),
3973 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3974 : cmocka_unit_test(libspdm_test_requester_challenge_case4),
3975 : /* Always SPDM_ERROR_CODE_BUSY*/
3976 : cmocka_unit_test(libspdm_test_requester_challenge_case5),
3977 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3978 : cmocka_unit_test(libspdm_test_requester_challenge_case6),
3979 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3980 : cmocka_unit_test(libspdm_test_requester_challenge_case7),
3981 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3982 : cmocka_unit_test(libspdm_test_requester_challenge_case8),
3983 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3984 : cmocka_unit_test(libspdm_test_requester_challenge_case9),
3985 : /* SpdmCmdReceiveState check failed*/
3986 : cmocka_unit_test(libspdm_test_requester_challenge_case10),
3987 : /* Successful response + device error*/
3988 : cmocka_unit_test(libspdm_test_requester_challenge_case11),
3989 : cmocka_unit_test(libspdm_test_requester_challenge_case12),
3990 : cmocka_unit_test(libspdm_test_requester_challenge_case13),
3991 : cmocka_unit_test(libspdm_test_requester_challenge_case14),
3992 : /* Invalid parameter*/
3993 : cmocka_unit_test(libspdm_test_requester_challenge_case15),
3994 : /* Successful response*/
3995 : cmocka_unit_test(libspdm_test_requester_challenge_case16),
3996 : /* Signature check failed*/
3997 : cmocka_unit_test(libspdm_test_requester_challenge_case17),
3998 : /* Successful response*/
3999 : cmocka_unit_test(libspdm_test_requester_challenge_case18),
4000 : cmocka_unit_test(libspdm_test_requester_challenge_case19),
4001 : /* Unexpected errors*/
4002 : cmocka_unit_test(libspdm_test_requester_challenge_case20),
4003 : /* Buffer verification*/
4004 : cmocka_unit_test(libspdm_test_requester_challenge_case22),
4005 : /* Challeng differenr slot with GetCert*/
4006 : cmocka_unit_test(libspdm_test_requester_challenge_case23),
4007 : /* Challeng using provisioned public key (slot_id 0xFF) */
4008 : cmocka_unit_test(libspdm_test_requester_challenge_case24),
4009 : /* opaque_length greater than the maximum allowed */
4010 : cmocka_unit_test(libspdm_test_requester_challenge_case25),
4011 : /* the OpaqueDataFmt1 bit is selected in OtherParamsSelection of ALGORITHMS*/
4012 : cmocka_unit_test(libspdm_test_requester_challenge_case26),
4013 : /* Successful response, With the correct challenge context field*/
4014 : cmocka_unit_test(libspdm_test_requester_challenge_case27),
4015 : /* Error response: challenge context fields are inconsistent*/
4016 : cmocka_unit_test(libspdm_test_requester_challenge_case28),
4017 : };
4018 :
4019 1 : libspdm_test_context_t test_context = {
4020 : LIBSPDM_TEST_CONTEXT_VERSION,
4021 : true,
4022 : libspdm_requester_challenge_test_send_message,
4023 : libspdm_requester_challenge_test_receive_message,
4024 : };
4025 :
4026 1 : libspdm_setup_test_context(&test_context);
4027 :
4028 1 : return cmocka_run_group_tests(spdm_requester_challenge_tests,
4029 : libspdm_unit_test_group_setup,
4030 : libspdm_unit_test_group_teardown);
4031 : }
4032 :
4033 : #endif /* SPDM_ENABLE_CHALLEGE*/
|
