Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if LIBSPDM_SEND_CHALLENGE_SUPPORT
11 :
12 : static size_t m_libspdm_local_buffer_size;
13 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_M1M2_BUFFER_SIZE];
14 :
15 : static size_t m_libspdm_opaque_data_size;
16 : static uint8_t m_libspdm_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
17 :
18 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
19 :
20 46 : static libspdm_return_t send_message(
21 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
22 : {
23 : libspdm_test_context_t *spdm_test_context;
24 : const uint8_t *ptr;
25 :
26 46 : spdm_test_context = libspdm_get_test_context();
27 46 : ptr = (const uint8_t *)request;
28 46 : switch (spdm_test_context->case_id) {
29 1 : case 0x1:
30 1 : return LIBSPDM_STATUS_SEND_FAIL;
31 1 : case 0x2:
32 1 : m_libspdm_local_buffer_size = 0;
33 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
34 : request_size - 1);
35 1 : m_libspdm_local_buffer_size += (request_size - 1);
36 1 : return LIBSPDM_STATUS_SUCCESS;
37 0 : case 0x3:
38 0 : m_libspdm_local_buffer_size = 0;
39 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
40 : request_size - 1);
41 0 : m_libspdm_local_buffer_size += (request_size - 1);
42 0 : return LIBSPDM_STATUS_SUCCESS;
43 1 : case 0x4:
44 1 : m_libspdm_local_buffer_size = 0;
45 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
46 : request_size - 1);
47 1 : m_libspdm_local_buffer_size += (request_size - 1);
48 1 : return LIBSPDM_STATUS_SUCCESS;
49 1 : case 0x5:
50 1 : m_libspdm_local_buffer_size = 0;
51 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
52 : request_size - 1);
53 1 : m_libspdm_local_buffer_size += (request_size - 1);
54 1 : return LIBSPDM_STATUS_SUCCESS;
55 2 : case 0x6:
56 2 : m_libspdm_local_buffer_size = 0;
57 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
58 : request_size - 1);
59 2 : m_libspdm_local_buffer_size += (request_size - 1);
60 2 : return LIBSPDM_STATUS_SUCCESS;
61 1 : case 0x7:
62 1 : m_libspdm_local_buffer_size = 0;
63 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
64 : request_size - 1);
65 1 : m_libspdm_local_buffer_size += (request_size - 1);
66 1 : return LIBSPDM_STATUS_SUCCESS;
67 2 : case 0x8:
68 2 : m_libspdm_local_buffer_size = 0;
69 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
70 : request_size - 1);
71 2 : m_libspdm_local_buffer_size += (request_size - 1);
72 2 : return LIBSPDM_STATUS_SUCCESS;
73 2 : case 0x9: {
74 : static size_t sub_index = 0;
75 2 : if (sub_index == 0) {
76 1 : m_libspdm_local_buffer_size = 0;
77 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
78 : request_size - 1);
79 1 : m_libspdm_local_buffer_size += (request_size - 1);
80 1 : sub_index++;
81 : }
82 : }
83 2 : return LIBSPDM_STATUS_SUCCESS;
84 27 : case 0xA:
85 : case 0xB:
86 : case 0xC:
87 : case 0xD:
88 : case 0xE:
89 : case 0xF:
90 : case 0x10:
91 : case 0x11:
92 : case 0x12:
93 : case 0x13:
94 : case 0x14:
95 : case 0x15:
96 27 : m_libspdm_local_buffer_size = 0;
97 27 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
98 : request_size - 1);
99 27 : m_libspdm_local_buffer_size += (request_size - 1);
100 27 : return LIBSPDM_STATUS_SUCCESS;
101 1 : case 0x16: {
102 : /* arbitrary data must be inserted in the message buffer for computing
103 : * the response hash */
104 1 : m_libspdm_local_buffer_size = 0;
105 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
106 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 10, (uint8_t) 0xFF);
107 : m_libspdm_local_buffer_size += 10;
108 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 8, (uint8_t) 0xEE);
109 : m_libspdm_local_buffer_size += 8;
110 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 12, (uint8_t) 0xDD);
111 : m_libspdm_local_buffer_size += 12;
112 : #endif
113 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
114 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
115 1 : &ptr[1], request_size - 1);
116 1 : m_libspdm_local_buffer_size += (request_size - 1);
117 : }
118 1 : return LIBSPDM_STATUS_SUCCESS;
119 2 : case 0x17:
120 2 : m_libspdm_local_buffer_size = 0;
121 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
122 : request_size - 1);
123 2 : m_libspdm_local_buffer_size += (request_size - 1);
124 2 : return LIBSPDM_STATUS_SUCCESS;
125 3 : case 0x18:
126 : case 0x19:
127 : case 0x1A:
128 3 : m_libspdm_local_buffer_size = 0;
129 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 3 : m_libspdm_local_buffer_size += (request_size - 1);
132 3 : return LIBSPDM_STATUS_SUCCESS;
133 2 : case 0x1B:
134 : case 0x1C:
135 2 : m_libspdm_local_buffer_size = 0;
136 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
137 : request_size - 1);
138 2 : m_libspdm_local_buffer_size += (request_size - 1);
139 2 : return LIBSPDM_STATUS_SUCCESS;
140 0 : default:
141 0 : return LIBSPDM_STATUS_SEND_FAIL;
142 : }
143 : }
144 :
145 45 : static libspdm_return_t receive_message(
146 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
147 : {
148 : libspdm_test_context_t *spdm_test_context;
149 :
150 45 : spdm_test_context = libspdm_get_test_context();
151 45 : switch (spdm_test_context->case_id) {
152 0 : case 0x1:
153 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
154 :
155 1 : case 0x2: { /*correct CHALLENGE_AUTH message*/
156 : spdm_challenge_auth_response_t *spdm_response;
157 : void *data;
158 : size_t data_size;
159 : uint8_t *ptr;
160 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
161 : size_t sig_size;
162 : size_t spdm_response_size;
163 : size_t transport_header_size;
164 :
165 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
166 : m_libspdm_use_asym_algo, &data,
167 : &data_size, NULL, NULL);
168 : ((libspdm_context_t *)spdm_context)
169 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
170 : ((libspdm_context_t *)spdm_context)
171 1 : ->local_context.local_cert_chain_provision[0] = data;
172 : ((libspdm_context_t *)spdm_context)
173 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
174 : ((libspdm_context_t *)spdm_context)
175 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
176 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
177 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
178 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
179 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
180 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
181 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
182 :
183 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
184 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
185 1 : spdm_response->header.param1 = 0;
186 1 : spdm_response->header.param2 = (1 << 0);
187 1 : ptr = (void *)(spdm_response + 1);
188 1 : libspdm_hash_all(
189 : m_libspdm_use_hash_algo,
190 : ((libspdm_context_t *)spdm_context)
191 : ->local_context.local_cert_chain_provision[0],
192 : ((libspdm_context_t *)spdm_context)
193 : ->local_context
194 : .local_cert_chain_provision_size[0],
195 : ptr);
196 1 : free(data);
197 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
198 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
199 1 : ptr += SPDM_NONCE_SIZE;
200 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
201 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
202 1 : *(uint16_t *)ptr = 0;
203 1 : ptr += sizeof(uint16_t);
204 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
205 : sizeof(m_libspdm_local_buffer) -
206 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
207 : m_libspdm_local_buffer),
208 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
209 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
210 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
211 : m_libspdm_local_buffer_size));
212 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
213 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
214 : m_libspdm_local_buffer_size, hash_data);
215 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
216 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
217 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
218 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
219 1 : libspdm_responder_data_sign(
220 : spdm_context,
221 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
222 : 0, SPDM_CHALLENGE_AUTH,
223 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
224 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
225 : ptr, &sig_size);
226 1 : ptr += sig_size;
227 :
228 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
229 : false, spdm_response_size,
230 : spdm_response, response_size,
231 : response);
232 : }
233 1 : return LIBSPDM_STATUS_SUCCESS;
234 :
235 0 : case 0x3: { /*correct CHALLENGE_AUTH message*/
236 : spdm_challenge_auth_response_t *spdm_response;
237 : void *data;
238 : size_t data_size;
239 : uint8_t *ptr;
240 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
241 : size_t sig_size;
242 : size_t spdm_response_size;
243 : size_t transport_header_size;
244 :
245 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
246 : m_libspdm_use_asym_algo, &data,
247 : &data_size, NULL, NULL);
248 : ((libspdm_context_t *)spdm_context)
249 0 : ->local_context.local_cert_chain_provision_size[0] = data_size;
250 : ((libspdm_context_t *)spdm_context)
251 0 : ->local_context.local_cert_chain_provision[0] = data;
252 : ((libspdm_context_t *)spdm_context)
253 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
254 : ((libspdm_context_t *)spdm_context)
255 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
256 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
257 0 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
258 0 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
259 0 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
260 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
261 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
262 :
263 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
264 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
265 0 : spdm_response->header.param1 = 0;
266 0 : spdm_response->header.param2 = (1 << 0);
267 0 : ptr = (void *)(spdm_response + 1);
268 0 : libspdm_hash_all(
269 : m_libspdm_use_hash_algo,
270 : ((libspdm_context_t *)spdm_context)
271 : ->local_context.local_cert_chain_provision[0],
272 : ((libspdm_context_t *)spdm_context)
273 : ->local_context
274 : .local_cert_chain_provision_size[0],
275 : ptr);
276 0 : free(data);
277 0 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
278 0 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
279 0 : ptr += SPDM_NONCE_SIZE;
280 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
281 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
282 0 : *(uint16_t *)ptr = 0;
283 0 : ptr += sizeof(uint16_t);
284 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
285 : sizeof(m_libspdm_local_buffer) -
286 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
287 : m_libspdm_local_buffer),
288 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
289 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
290 0 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
291 : m_libspdm_local_buffer_size, hash_data);
292 0 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
293 0 : libspdm_responder_data_sign(
294 : spdm_context,
295 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
296 : 0, SPDM_CHALLENGE_AUTH,
297 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
298 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
299 : ptr, &sig_size);
300 0 : ptr += sig_size;
301 :
302 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
303 : false, spdm_response_size,
304 : spdm_response, response_size,
305 : response);
306 : }
307 0 : return LIBSPDM_STATUS_SUCCESS;
308 :
309 1 : case 0x4: { /*correct ERROR message (invalid request)*/
310 : spdm_error_response_t *spdm_response;
311 : size_t spdm_response_size;
312 : size_t transport_header_size;
313 :
314 1 : spdm_response_size = sizeof(spdm_error_response_t);
315 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
316 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
317 :
318 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
319 1 : spdm_response->header.request_response_code = SPDM_ERROR;
320 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
321 1 : spdm_response->header.param2 = 0;
322 :
323 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
324 : false, spdm_response_size,
325 : spdm_response,
326 : response_size, response);
327 : }
328 1 : return LIBSPDM_STATUS_SUCCESS;
329 :
330 1 : case 0x5: { /*correct ERROR message (busy)*/
331 : spdm_error_response_t *spdm_response;
332 : size_t spdm_response_size;
333 : size_t transport_header_size;
334 :
335 1 : spdm_response_size = sizeof(spdm_error_response_t);
336 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
337 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
338 :
339 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
340 1 : spdm_response->header.request_response_code = SPDM_ERROR;
341 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
342 1 : spdm_response->header.param2 = 0;
343 :
344 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
345 : false, spdm_response_size,
346 : spdm_response,
347 : response_size, response);
348 : }
349 1 : return LIBSPDM_STATUS_SUCCESS;
350 :
351 2 : case 0x6: { /*correct ERROR message (busy) + correct CHALLENGE_AUTH message*/
352 : static size_t sub_index1 = 0;
353 2 : if (sub_index1 == 0) {
354 : spdm_error_response_t *spdm_response;
355 : size_t spdm_response_size;
356 : size_t transport_header_size;
357 :
358 1 : spdm_response_size = sizeof(spdm_error_response_t);
359 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
360 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
361 :
362 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
363 1 : spdm_response->header.request_response_code = SPDM_ERROR;
364 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
365 1 : spdm_response->header.param2 = 0;
366 :
367 1 : libspdm_transport_test_encode_message(
368 : spdm_context, NULL, false, false,
369 : spdm_response_size, spdm_response,
370 : response_size, response);
371 1 : sub_index1++;
372 1 : } else if (sub_index1 == 1) {
373 : spdm_challenge_auth_response_t *spdm_response;
374 : void *data;
375 : size_t data_size;
376 : uint8_t *ptr;
377 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
378 : size_t sig_size;
379 : size_t spdm_response_size;
380 : size_t transport_header_size;
381 :
382 1 : libspdm_read_responder_public_certificate_chain(
383 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
384 : &data_size, NULL, NULL);
385 : ((libspdm_context_t *)spdm_context)
386 : ->local_context
387 1 : .local_cert_chain_provision_size[0] = data_size;
388 : ((libspdm_context_t *)spdm_context)
389 1 : ->local_context.local_cert_chain_provision[0] = data;
390 : ((libspdm_context_t *)spdm_context)
391 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
392 : ((libspdm_context_t *)spdm_context)
393 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
394 1 : spdm_response_size =
395 : sizeof(spdm_challenge_auth_response_t) +
396 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
397 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
398 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
399 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
400 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
401 :
402 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
403 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
404 1 : spdm_response->header.param1 = 0;
405 1 : spdm_response->header.param2 = (1 << 0);
406 1 : ptr = (void *)(spdm_response + 1);
407 1 : libspdm_hash_all(
408 : m_libspdm_use_hash_algo,
409 : ((libspdm_context_t *)spdm_context)
410 : ->local_context
411 : .local_cert_chain_provision[0],
412 : ((libspdm_context_t *)spdm_context)
413 : ->local_context
414 : .local_cert_chain_provision_size[0],
415 : ptr);
416 1 : free(data);
417 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
418 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
419 1 : ptr += SPDM_NONCE_SIZE;
420 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
421 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
422 1 : *(uint16_t *)ptr = 0;
423 1 : ptr += sizeof(uint16_t);
424 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
425 : sizeof(m_libspdm_local_buffer)
426 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
427 : m_libspdm_local_buffer),
428 : spdm_response,
429 1 : (size_t)ptr - (size_t)spdm_response);
430 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
431 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
432 : m_libspdm_local_buffer_size, hash_data);
433 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
434 1 : libspdm_responder_data_sign(
435 : spdm_context,
436 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
437 : 0, SPDM_CHALLENGE_AUTH,
438 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
439 : m_libspdm_use_hash_algo,
440 : false, m_libspdm_local_buffer,
441 : m_libspdm_local_buffer_size, ptr,
442 : &sig_size);
443 1 : ptr += sig_size;
444 :
445 1 : libspdm_transport_test_encode_message(
446 : spdm_context, NULL, false, false, spdm_response_size,
447 : spdm_response, response_size, response);
448 : }
449 : }
450 2 : return LIBSPDM_STATUS_SUCCESS;
451 :
452 1 : case 0x7: { /*correct ERROR message (request resync)*/
453 : spdm_error_response_t *spdm_response;
454 : size_t spdm_response_size;
455 : size_t transport_header_size;
456 :
457 1 : spdm_response_size = sizeof(spdm_error_response_t);
458 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
459 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
460 :
461 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
462 1 : spdm_response->header.request_response_code = SPDM_ERROR;
463 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
464 1 : spdm_response->header.param2 = 0;
465 :
466 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
467 : false, spdm_response_size,
468 : spdm_response,
469 : response_size, response);
470 : }
471 1 : return LIBSPDM_STATUS_SUCCESS;
472 :
473 2 : case 0x8: { /*correct ERROR message (response net ready)*/
474 : spdm_error_response_data_response_not_ready_t *spdm_response;
475 : size_t spdm_response_size;
476 : size_t transport_header_size;
477 :
478 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
479 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
480 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
481 :
482 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
483 2 : spdm_response->header.request_response_code = SPDM_ERROR;
484 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
485 2 : spdm_response->header.param2 = 0;
486 2 : spdm_response->extend_error_data.rd_exponent = 1;
487 2 : spdm_response->extend_error_data.rd_tm = 2;
488 2 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
489 2 : spdm_response->extend_error_data.token = 0;
490 :
491 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
492 : false, spdm_response_size,
493 : spdm_response,
494 : response_size, response);
495 : }
496 2 : return LIBSPDM_STATUS_SUCCESS;
497 :
498 2 : case 0x9: { /*correct ERROR message (response not ready) + correct CHALLENGE_AUTH message*/
499 : static size_t sub_index2 = 0;
500 2 : if (sub_index2 == 0) {
501 : spdm_error_response_data_response_not_ready_t
502 : *spdm_response;
503 : size_t spdm_response_size;
504 : size_t transport_header_size;
505 :
506 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
507 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
508 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
509 :
510 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
511 1 : spdm_response->header.request_response_code = SPDM_ERROR;
512 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
513 1 : spdm_response->header.param2 = 0;
514 1 : spdm_response->extend_error_data.rd_exponent = 1;
515 1 : spdm_response->extend_error_data.rd_tm = 2;
516 1 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
517 1 : spdm_response->extend_error_data.token = 1;
518 :
519 1 : libspdm_transport_test_encode_message(
520 : spdm_context, NULL, false, false,
521 : spdm_response_size, spdm_response,
522 : response_size, response);
523 1 : sub_index2++;
524 1 : } else if (sub_index2 == 1) {
525 : spdm_challenge_auth_response_t *spdm_response;
526 : void *data;
527 : size_t data_size;
528 : uint8_t *ptr;
529 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
530 : size_t sig_size;
531 : size_t spdm_response_size;
532 : size_t transport_header_size;
533 :
534 1 : libspdm_read_responder_public_certificate_chain(
535 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
536 : &data_size, NULL, NULL);
537 : ((libspdm_context_t *)spdm_context)
538 : ->local_context
539 1 : .local_cert_chain_provision_size[0] = data_size;
540 : ((libspdm_context_t *)spdm_context)
541 1 : ->local_context.local_cert_chain_provision[0] = data;
542 : ((libspdm_context_t *)spdm_context)
543 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
544 : ((libspdm_context_t *)spdm_context)
545 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
546 1 : spdm_response_size =
547 : sizeof(spdm_challenge_auth_response_t) +
548 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
549 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
550 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
551 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
552 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
553 :
554 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
555 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
556 1 : spdm_response->header.param1 = 0;
557 1 : spdm_response->header.param2 = (1 << 0);
558 1 : ptr = (void *)(spdm_response + 1);
559 1 : libspdm_hash_all(
560 : m_libspdm_use_hash_algo,
561 : ((libspdm_context_t *)spdm_context)
562 : ->local_context
563 : .local_cert_chain_provision[0],
564 : ((libspdm_context_t *)spdm_context)
565 : ->local_context
566 : .local_cert_chain_provision_size[0],
567 : ptr);
568 1 : free(data);
569 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
570 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
571 1 : ptr += SPDM_NONCE_SIZE;
572 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
573 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
574 1 : *(uint16_t *)ptr = 0;
575 1 : ptr += sizeof(uint16_t);
576 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
577 : sizeof(m_libspdm_local_buffer)
578 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
579 : m_libspdm_local_buffer),
580 : spdm_response,
581 1 : (size_t)ptr - (size_t)spdm_response);
582 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
583 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
584 : m_libspdm_local_buffer_size, hash_data);
585 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
586 1 : libspdm_responder_data_sign(
587 : spdm_context,
588 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
589 : 0, SPDM_CHALLENGE_AUTH,
590 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
591 : m_libspdm_use_hash_algo,
592 : false, m_libspdm_local_buffer,
593 : m_libspdm_local_buffer_size, ptr,
594 : &sig_size);
595 1 : ptr += sig_size;
596 :
597 1 : libspdm_transport_test_encode_message(
598 : spdm_context, NULL, false, false, spdm_response_size,
599 : spdm_response, response_size, response);
600 : }
601 : }
602 2 : return LIBSPDM_STATUS_SUCCESS;
603 :
604 0 : case 0xA: /*correct CHALLENGE_AUTH message*/
605 : {
606 : spdm_challenge_auth_response_t *spdm_response;
607 : void *data;
608 : size_t data_size;
609 : uint8_t *Ptr;
610 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
611 : size_t sig_size;
612 : size_t spdm_response_size;
613 : size_t transport_header_size;
614 :
615 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
616 : m_libspdm_use_asym_algo,
617 : &data,
618 : &data_size, NULL, NULL);
619 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
620 : data_size;
621 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
622 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
623 : m_libspdm_use_asym_algo;
624 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
625 : m_libspdm_use_hash_algo;
626 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
627 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
628 : SPDM_NONCE_SIZE +
629 : 0 +
630 0 : sizeof(uint16_t) + 0 +
631 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
632 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
633 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
634 :
635 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
636 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
637 0 : spdm_response->header.param1 = 0;
638 0 : spdm_response->header.param2 = (1 << 0);
639 0 : Ptr = (void *)(spdm_response + 1);
640 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
641 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
642 : 0],
643 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
644 : 0],
645 : Ptr);
646 0 : free(data);
647 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
648 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
649 0 : Ptr += SPDM_NONCE_SIZE;
650 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
651 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
652 0 : *(uint16_t *)Ptr = 0;
653 0 : Ptr += sizeof(uint16_t);
654 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
655 : sizeof(m_libspdm_local_buffer) -
656 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
657 : m_libspdm_local_buffer),
658 : spdm_response,
659 0 : (size_t)Ptr - (size_t)spdm_response);
660 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
661 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
662 : m_libspdm_local_buffer_size, hash_data);
663 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
664 0 : libspdm_responder_data_sign(
665 : spdm_context,
666 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
667 : 0, SPDM_CHALLENGE_AUTH,
668 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
669 : false, m_libspdm_local_buffer,
670 : m_libspdm_local_buffer_size, Ptr, &sig_size);
671 0 : Ptr += sig_size;
672 :
673 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
674 : spdm_response, response_size, response);
675 : }
676 0 : return LIBSPDM_STATUS_SUCCESS;
677 :
678 1 : case 0xB: /*CHALLENGE_AUTH message smaller than a SPDM header*/
679 : {
680 : spdm_challenge_auth_response_t *spdm_response;
681 : size_t spdm_response_size;
682 : size_t transport_header_size;
683 :
684 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
685 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
686 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) - 1; /*smaller than standard message size*/
687 :
688 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
689 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
690 1 : spdm_response->header.param1 = 0;
691 1 : spdm_response->header.param2 = (1 << 0);
692 :
693 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
694 : spdm_response, response_size, response);
695 : }
696 1 : return LIBSPDM_STATUS_SUCCESS;
697 :
698 1 : case 0xC: /*CHALLENGE_AUTH message with wrong version (1.0)*/
699 : {
700 : spdm_challenge_auth_response_t *spdm_response;
701 : void *data;
702 : size_t data_size;
703 : uint8_t *Ptr;
704 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
705 : size_t sig_size;
706 : size_t spdm_response_size;
707 : size_t transport_header_size;
708 :
709 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
710 : m_libspdm_use_asym_algo,
711 : &data,
712 : &data_size, NULL, NULL);
713 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
714 : data_size;
715 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
716 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
717 : m_libspdm_use_asym_algo;
718 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
719 : m_libspdm_use_hash_algo;
720 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
721 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
722 1 : SPDM_NONCE_SIZE +
723 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
724 1 : sizeof(uint16_t) + 0 +
725 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
726 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
727 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
728 :
729 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10; /*wrong version*/
730 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
731 1 : spdm_response->header.param1 = 0;
732 1 : spdm_response->header.param2 = (1 << 0);
733 1 : Ptr = (void *)(spdm_response + 1);
734 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
735 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
736 : 0],
737 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
738 : 0],
739 : Ptr);
740 1 : free(data);
741 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
742 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
743 1 : Ptr += SPDM_NONCE_SIZE;
744 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
745 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
746 1 : *(uint16_t *)Ptr = 0;
747 1 : Ptr += sizeof(uint16_t);
748 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
749 : sizeof(m_libspdm_local_buffer) -
750 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
751 : m_libspdm_local_buffer),
752 : spdm_response,
753 1 : (size_t)Ptr - (size_t)spdm_response);
754 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
755 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
756 : m_libspdm_local_buffer_size, hash_data);
757 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
758 1 : libspdm_responder_data_sign(
759 : spdm_context,
760 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
761 : 0, SPDM_CHALLENGE_AUTH,
762 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
763 : false, m_libspdm_local_buffer,
764 : m_libspdm_local_buffer_size, Ptr, &sig_size);
765 1 : Ptr += sig_size;
766 :
767 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
768 : spdm_response, response_size, response);
769 : }
770 1 : return LIBSPDM_STATUS_SUCCESS;
771 :
772 1 : case 0xD: /*SPDM (mostly CHALLENGE_AUTH) message with wrong response code (0x83)*/
773 : {
774 : spdm_challenge_auth_response_t *spdm_response;
775 : void *data;
776 : size_t data_size;
777 : uint8_t *Ptr;
778 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
779 : size_t sig_size;
780 : size_t spdm_response_size;
781 : size_t transport_header_size;
782 :
783 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
784 : m_libspdm_use_asym_algo,
785 : &data,
786 : &data_size, NULL, NULL);
787 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
788 : data_size;
789 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
790 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
791 : m_libspdm_use_asym_algo;
792 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
793 : m_libspdm_use_hash_algo;
794 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
795 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
796 : SPDM_NONCE_SIZE +
797 : 0 +
798 1 : sizeof(uint16_t) + 0 +
799 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
800 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
801 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
802 :
803 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
804 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE; /*wrong response code*/
805 1 : spdm_response->header.param1 = 0;
806 1 : spdm_response->header.param2 = (1 << 0);
807 1 : Ptr = (void *)(spdm_response + 1);
808 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
809 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
810 : 0],
811 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
812 : 0],
813 : Ptr);
814 1 : free(data);
815 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
816 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
817 1 : Ptr += SPDM_NONCE_SIZE;
818 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
819 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
820 1 : *(uint16_t *)Ptr = 0;
821 1 : Ptr += sizeof(uint16_t);
822 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
823 : sizeof(m_libspdm_local_buffer) -
824 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
825 : m_libspdm_local_buffer),
826 : spdm_response,
827 1 : (size_t)Ptr - (size_t)spdm_response);
828 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
829 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
830 : m_libspdm_local_buffer_size, hash_data);
831 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
832 1 : libspdm_responder_data_sign(
833 : spdm_context,
834 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
835 : 0, SPDM_CHALLENGE_AUTH,
836 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
837 : false, m_libspdm_local_buffer,
838 : m_libspdm_local_buffer_size, Ptr, &sig_size);
839 1 : Ptr += sig_size;
840 :
841 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
842 : spdm_response, response_size, response);
843 : }
844 1 : return LIBSPDM_STATUS_SUCCESS;
845 :
846 1 : case 0xE: /*correct CHALLENGE_AUTH message with wrong slot number*/
847 : {
848 : spdm_challenge_auth_response_t *spdm_response;
849 : void *data;
850 : size_t data_size;
851 : uint8_t *Ptr;
852 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
853 : size_t sig_size;
854 : size_t spdm_response_size;
855 : size_t transport_header_size;
856 :
857 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
858 : m_libspdm_use_asym_algo,
859 : &data,
860 : &data_size, NULL, NULL);
861 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
862 : data_size;
863 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
864 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
865 : m_libspdm_use_asym_algo;
866 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
867 : m_libspdm_use_hash_algo;
868 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
869 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
870 : SPDM_NONCE_SIZE +
871 : 0 +
872 1 : sizeof(uint16_t) + 0 +
873 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
874 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
875 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
876 :
877 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
878 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
879 1 : spdm_response->header.param1 = 1;
880 1 : spdm_response->header.param2 = (1 << 1); /*wrong slot number*/
881 1 : Ptr = (void *)(spdm_response + 1);
882 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
883 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
884 : 0],
885 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
886 : 0],
887 : Ptr);
888 1 : free(data);
889 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
890 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
891 1 : Ptr += SPDM_NONCE_SIZE;
892 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
893 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
894 1 : *(uint16_t *)Ptr = 0;
895 1 : Ptr += sizeof(uint16_t);
896 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
897 : sizeof(m_libspdm_local_buffer) -
898 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
899 : m_libspdm_local_buffer),
900 : spdm_response,
901 1 : (size_t)Ptr - (size_t)spdm_response);
902 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
903 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
904 : m_libspdm_local_buffer_size, hash_data);
905 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
906 1 : libspdm_responder_data_sign(
907 : spdm_context,
908 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
909 : 0, SPDM_CHALLENGE_AUTH,
910 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
911 : false, m_libspdm_local_buffer,
912 : m_libspdm_local_buffer_size, Ptr, &sig_size);
913 1 : Ptr += sig_size;
914 :
915 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
916 : spdm_response, response_size, response);
917 : }
918 1 : return LIBSPDM_STATUS_SUCCESS;
919 :
920 0 : case 0xF: /*CHALLENGE_AUTH message with slot number overflow*/
921 : {
922 : spdm_challenge_auth_response_t *spdm_response;
923 : void *data;
924 : size_t data_size;
925 : uint8_t *Ptr;
926 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
927 : size_t sig_size;
928 : size_t spdm_response_size;
929 : size_t transport_header_size;
930 :
931 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
932 : m_libspdm_use_asym_algo,
933 : &data,
934 : &data_size, NULL, NULL);
935 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
936 : data_size;
937 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
938 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
939 : m_libspdm_use_asym_algo;
940 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
941 : m_libspdm_use_hash_algo;
942 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
943 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
944 : SPDM_NONCE_SIZE +
945 : 0 +
946 0 : sizeof(uint16_t) + 0 +
947 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
948 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
949 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
950 :
951 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
952 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
953 0 : spdm_response->header.param1 = 8; /*slot number overflow*/
954 0 : spdm_response->header.param2 = (1 << 0);
955 0 : Ptr = (void *)(spdm_response + 1);
956 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
957 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
958 : 0],
959 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
960 : 0],
961 : Ptr);
962 0 : free(data);
963 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
964 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
965 0 : Ptr += SPDM_NONCE_SIZE;
966 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
967 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
968 0 : *(uint16_t *)Ptr = 0;
969 0 : Ptr += sizeof(uint16_t);
970 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
971 : sizeof(m_libspdm_local_buffer) -
972 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
973 : m_libspdm_local_buffer),
974 : spdm_response,
975 0 : (size_t)Ptr - (size_t)spdm_response);
976 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
977 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
978 : m_libspdm_local_buffer_size, hash_data);
979 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
980 0 : libspdm_responder_data_sign(
981 : spdm_context,
982 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
983 : 0, SPDM_CHALLENGE_AUTH,
984 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
985 : false, m_libspdm_local_buffer,
986 : m_libspdm_local_buffer_size, Ptr, &sig_size);
987 0 : Ptr += sig_size;
988 :
989 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
990 : spdm_response, response_size, response);
991 : }
992 0 : return LIBSPDM_STATUS_SUCCESS;
993 :
994 1 : case 0x10: /*correct CHALLENGE_AUTH message with "libspdm" opaque data*/
995 : {
996 : spdm_challenge_auth_response_t *spdm_response;
997 : void *data;
998 : size_t data_size;
999 : uint8_t *Ptr;
1000 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1001 : size_t sig_size;
1002 : size_t spdm_response_size;
1003 : size_t transport_header_size;
1004 :
1005 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1006 : m_libspdm_use_asym_algo,
1007 : &data,
1008 : &data_size, NULL, NULL);
1009 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1010 : data_size;
1011 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1012 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1013 : m_libspdm_use_asym_algo;
1014 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1015 : m_libspdm_use_hash_algo;
1016 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1017 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1018 : SPDM_NONCE_SIZE +
1019 : 0 +
1020 1 : sizeof(uint16_t) + 8 +
1021 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1022 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1023 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1024 :
1025 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1026 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1027 1 : spdm_response->header.param1 = 0;
1028 1 : spdm_response->header.param2 = (1 << 0);
1029 1 : Ptr = (void *)(spdm_response + 1);
1030 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1031 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1032 : 0],
1033 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1034 : 0],
1035 : Ptr);
1036 1 : free(data);
1037 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1038 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1039 1 : Ptr += SPDM_NONCE_SIZE;
1040 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1041 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1042 1 : *(uint16_t *)Ptr = (uint16_t)strlen("libspdm");
1043 1 : Ptr += sizeof(uint16_t);
1044 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr, "libspdm",
1045 : strlen("libspdm"));
1046 1 : Ptr += strlen("libspdm");
1047 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1048 : sizeof(m_libspdm_local_buffer) -
1049 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1050 : m_libspdm_local_buffer),
1051 : spdm_response,
1052 1 : (size_t)Ptr - (size_t)spdm_response);
1053 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1054 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1055 : m_libspdm_local_buffer_size, hash_data);
1056 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1057 1 : libspdm_responder_data_sign(
1058 : spdm_context,
1059 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1060 : 0, SPDM_CHALLENGE_AUTH,
1061 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1062 : false, m_libspdm_local_buffer,
1063 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1064 1 : Ptr += sig_size;
1065 :
1066 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1067 : spdm_response, response_size, response);
1068 : }
1069 1 : return LIBSPDM_STATUS_SUCCESS;
1070 :
1071 1 : case 0x11: /*correct CHALLENGE_AUTH message with invalid signature*/
1072 : {
1073 : spdm_challenge_auth_response_t *spdm_response;
1074 : void *data;
1075 : size_t data_size;
1076 : uint8_t *Ptr;
1077 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1078 : size_t sig_size;
1079 : size_t spdm_response_size;
1080 : size_t transport_header_size;
1081 :
1082 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1083 : m_libspdm_use_asym_algo,
1084 : &data,
1085 : &data_size, NULL, NULL);
1086 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1087 : data_size;
1088 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1089 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1090 : m_libspdm_use_asym_algo;
1091 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1092 : m_libspdm_use_hash_algo;
1093 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1094 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1095 : SPDM_NONCE_SIZE +
1096 : 0 +
1097 1 : sizeof(uint16_t) + 0 +
1098 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1099 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1100 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1101 :
1102 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1103 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1104 1 : spdm_response->header.param1 = 0;
1105 1 : spdm_response->header.param2 = (1 << 0);
1106 1 : Ptr = (void *)(spdm_response + 1);
1107 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1108 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1109 : 0],
1110 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1111 : 0],
1112 : Ptr);
1113 1 : free(data);
1114 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1115 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1116 1 : Ptr += SPDM_NONCE_SIZE;
1117 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1118 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1119 1 : *(uint16_t *)Ptr = 0;
1120 1 : Ptr += sizeof(uint16_t);
1121 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1122 : sizeof(m_libspdm_local_buffer) -
1123 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1124 : m_libspdm_local_buffer),
1125 : spdm_response,
1126 1 : (size_t)Ptr - (size_t)spdm_response);
1127 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1128 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1129 : m_libspdm_local_buffer_size, hash_data);
1130 1 : libspdm_hash_all (m_libspdm_use_hash_algo, hash_data, libspdm_get_hash_size (
1131 : m_libspdm_use_hash_algo), hash_data);
1132 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1133 1 : libspdm_responder_data_sign(
1134 : spdm_context,
1135 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1136 : 0, SPDM_CHALLENGE_AUTH,
1137 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1138 1 : false, hash_data, libspdm_get_hash_size ( m_libspdm_use_hash_algo), Ptr, &sig_size);
1139 1 : Ptr += sig_size;
1140 :
1141 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1142 : spdm_response, response_size, response);
1143 : }
1144 1 : return LIBSPDM_STATUS_SUCCESS;
1145 :
1146 2 : case 0x12: /*correct CHALLENGE_AUTH message*/
1147 : case 0x13: /*correct CHALLENGE_AUTH message*/
1148 : {
1149 : spdm_challenge_auth_response_t *spdm_response;
1150 : void *data;
1151 : size_t data_size;
1152 : uint8_t *Ptr;
1153 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1154 : size_t sig_size;
1155 : size_t spdm_response_size;
1156 : size_t transport_header_size;
1157 :
1158 2 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1159 : m_libspdm_use_asym_algo,
1160 : &data,
1161 : &data_size, NULL, NULL);
1162 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1163 : data_size;
1164 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1165 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1166 : m_libspdm_use_asym_algo;
1167 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1168 : m_libspdm_use_hash_algo;
1169 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1170 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1171 2 : SPDM_NONCE_SIZE +
1172 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1173 2 : sizeof(uint16_t) + 0 +
1174 2 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1175 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1176 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1177 :
1178 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1179 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1180 2 : spdm_response->header.param1 = 0;
1181 2 : spdm_response->header.param2 = (1 << 0);
1182 2 : Ptr = (void *)(spdm_response + 1);
1183 2 : libspdm_hash_all (m_libspdm_use_hash_algo,
1184 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1185 : 0],
1186 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1187 : 0],
1188 : Ptr);
1189 2 : free(data);
1190 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1191 2 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1192 2 : Ptr += SPDM_NONCE_SIZE;
1193 2 : libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1194 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1195 2 : *(uint16_t *)Ptr = 0;
1196 2 : Ptr += sizeof(uint16_t);
1197 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1198 : sizeof(m_libspdm_local_buffer) -
1199 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1200 : m_libspdm_local_buffer),
1201 : spdm_response,
1202 2 : (size_t)Ptr - (size_t)spdm_response);
1203 2 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1204 2 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1205 : m_libspdm_local_buffer_size, hash_data);
1206 2 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1207 2 : libspdm_responder_data_sign(
1208 : spdm_context,
1209 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1210 : 0, SPDM_CHALLENGE_AUTH,
1211 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1212 : false, m_libspdm_local_buffer,
1213 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1214 2 : Ptr += sig_size;
1215 :
1216 2 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1217 : spdm_response, response_size, response);
1218 : }
1219 2 : return LIBSPDM_STATUS_SUCCESS;
1220 :
1221 18 : case 0x14:
1222 : {
1223 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1224 :
1225 : spdm_error_response_t *spdm_response;
1226 : size_t spdm_response_size;
1227 : size_t transport_header_size;
1228 :
1229 18 : if(error_code <= 0xff) {
1230 18 : spdm_response_size = sizeof(spdm_error_response_t);
1231 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1232 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1233 :
1234 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1235 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1236 18 : spdm_response->header.param1 = (uint8_t) error_code;
1237 18 : spdm_response->header.param2 = 0;
1238 :
1239 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1240 : spdm_response_size, spdm_response,
1241 : response_size, response);
1242 : }
1243 :
1244 18 : error_code++;
1245 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1246 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1247 : }
1248 : /* skip some reserved error codes (0d to 3e) */
1249 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
1250 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1251 : }
1252 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
1253 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
1254 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1255 : }
1256 : }
1257 18 : return LIBSPDM_STATUS_SUCCESS;
1258 :
1259 1 : case 0x15: /*correct CHALLENGE_AUTH message with multiple slot numbers */
1260 : {
1261 : spdm_challenge_auth_response_t *spdm_response;
1262 : void *data;
1263 : size_t data_size;
1264 : uint8_t *ptr;
1265 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1266 : size_t sig_size;
1267 : size_t spdm_response_size;
1268 : size_t transport_header_size;
1269 :
1270 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1271 : m_libspdm_use_asym_algo,
1272 : &data,
1273 : &data_size, NULL, NULL);
1274 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1275 : data_size;
1276 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1277 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1278 : m_libspdm_use_asym_algo;
1279 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1280 : m_libspdm_use_hash_algo;
1281 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1282 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1283 : SPDM_NONCE_SIZE +
1284 : 0 +
1285 1 : sizeof(uint16_t) + 0 +
1286 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1287 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1288 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1289 :
1290 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1291 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1292 1 : spdm_response->header.param1 = 0;
1293 1 : spdm_response->header.param2 = 0x71; /*multiple slot numbers */
1294 1 : ptr = (void *)(spdm_response + 1);
1295 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1296 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1297 : 0],
1298 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1299 : 0],
1300 : ptr);
1301 1 : free(data);
1302 1 : ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1303 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, ptr);
1304 1 : ptr += SPDM_NONCE_SIZE;
1305 1 : *(uint16_t *)ptr = 0;
1306 1 : ptr += sizeof(uint16_t);
1307 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1308 : sizeof(m_libspdm_local_buffer) -
1309 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1310 : m_libspdm_local_buffer),
1311 : spdm_response,
1312 1 : (size_t)ptr - (size_t)spdm_response);
1313 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1314 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1315 : m_libspdm_local_buffer_size, hash_data);
1316 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1317 1 : libspdm_responder_data_sign(
1318 : spdm_context,
1319 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1320 : 0, SPDM_CHALLENGE_AUTH,
1321 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1322 : false, m_libspdm_local_buffer,
1323 : m_libspdm_local_buffer_size, ptr, &sig_size);
1324 1 : ptr += sig_size;
1325 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1326 : spdm_response, response_size, response);
1327 : }
1328 1 : return LIBSPDM_STATUS_SUCCESS;
1329 :
1330 1 : case 0x16: { /*correct CHALLENGE_AUTH message*/
1331 : spdm_challenge_auth_response_t *spdm_response;
1332 : void *data;
1333 : size_t data_size;
1334 : uint8_t *ptr;
1335 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1336 : size_t sig_size;
1337 : size_t spdm_response_size;
1338 : size_t transport_header_size;
1339 :
1340 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1341 : m_libspdm_use_asym_algo,
1342 : &data,
1343 : &data_size, NULL, NULL);
1344 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1345 : data_size;
1346 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1347 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1348 : m_libspdm_use_asym_algo;
1349 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1350 : m_libspdm_use_hash_algo;
1351 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1352 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1353 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1354 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1355 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1356 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1357 :
1358 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1359 1 : spdm_response->header.request_response_code =SPDM_CHALLENGE_AUTH;
1360 1 : spdm_response->header.param1 = 0;
1361 1 : spdm_response->header.param2 = (1 << 0);
1362 1 : ptr = (void *)(spdm_response + 1);
1363 1 : libspdm_hash_all(m_libspdm_use_hash_algo,
1364 : ((libspdm_context_t *)spdm_context)
1365 : ->local_context.local_cert_chain_provision[0],
1366 : ((libspdm_context_t *)spdm_context)
1367 : ->local_context.local_cert_chain_provision_size[0],
1368 : ptr);
1369 1 : free(data);
1370 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1371 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1372 1 : ptr += SPDM_NONCE_SIZE;
1373 : /* libspdm_zero_mem (ptr, spdm_get_hash_size (m_libspdm_use_hash_algo));
1374 : * ptr += spdm_get_hash_size (m_libspdm_use_hash_algo);*/
1375 1 : *(uint16_t *)ptr = 0;
1376 1 : ptr += sizeof(uint16_t);
1377 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1378 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1379 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1380 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1381 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
1382 : m_libspdm_local_buffer_size));
1383 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1384 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1385 : m_libspdm_local_buffer_size, hash_data);
1386 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1387 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1388 1 : libspdm_dump_hex(hash_data, libspdm_get_hash_size(m_libspdm_use_hash_algo));
1389 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1390 1 : libspdm_responder_data_sign(
1391 : spdm_context,
1392 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1393 : 0, SPDM_CHALLENGE_AUTH,
1394 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1395 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1396 : ptr, &sig_size);
1397 1 : ptr += sig_size;
1398 :
1399 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1400 : false, spdm_response_size,
1401 : spdm_response, response_size,
1402 : response);
1403 : }
1404 1 : return LIBSPDM_STATUS_SUCCESS;
1405 :
1406 2 : case 0x17: { /*correct CHALLENGE_AUTH message*/
1407 : spdm_challenge_auth_response_t *spdm_response;
1408 : void *data;
1409 : size_t data_size;
1410 : uint8_t *ptr;
1411 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1412 : size_t sig_size;
1413 : size_t spdm_response_size;
1414 : size_t transport_header_size;
1415 : static uint8_t slot_id = 0;
1416 :
1417 2 : if (slot_id == 0) {
1418 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1419 : m_libspdm_use_asym_algo, &data,
1420 : &data_size, NULL, NULL);
1421 : } else {
1422 1 : libspdm_read_responder_public_certificate_chain_per_slot(1,
1423 : m_libspdm_use_hash_algo,
1424 : m_libspdm_use_asym_algo, &data,
1425 : &data_size, NULL, NULL);
1426 : }
1427 : ((libspdm_context_t *)spdm_context)
1428 2 : ->local_context.local_cert_chain_provision_size[slot_id] = data_size;
1429 : ((libspdm_context_t *)spdm_context)
1430 2 : ->local_context.local_cert_chain_provision[slot_id] = data;
1431 : ((libspdm_context_t *)spdm_context)
1432 2 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1433 : ((libspdm_context_t *)spdm_context)
1434 2 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1435 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1436 2 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1437 2 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1438 2 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1439 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1440 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1441 :
1442 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1443 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1444 2 : spdm_response->header.param1 = slot_id & 0xF;
1445 2 : spdm_response->header.param2 = (1 << slot_id);
1446 2 : ptr = (void *)(spdm_response + 1);
1447 2 : libspdm_hash_all(
1448 : m_libspdm_use_hash_algo,
1449 : ((libspdm_context_t *)spdm_context)
1450 : ->local_context.local_cert_chain_provision[slot_id],
1451 : ((libspdm_context_t *)spdm_context)
1452 : ->local_context
1453 : .local_cert_chain_provision_size[slot_id],
1454 : ptr);
1455 2 : free(data);
1456 2 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1457 2 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1458 2 : ptr += SPDM_NONCE_SIZE;
1459 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1460 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1461 2 : *(uint16_t *)ptr = 0;
1462 2 : ptr += sizeof(uint16_t);
1463 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1464 : sizeof(m_libspdm_local_buffer) -
1465 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1466 : m_libspdm_local_buffer),
1467 2 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1468 2 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1469 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1470 : m_libspdm_local_buffer_size));
1471 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1472 2 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1473 : m_libspdm_local_buffer_size, hash_data);
1474 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1475 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1476 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1477 2 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1478 2 : libspdm_responder_data_sign(
1479 : spdm_context,
1480 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1481 : 0, SPDM_CHALLENGE_AUTH,
1482 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1483 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1484 : ptr, &sig_size);
1485 2 : ptr += sig_size;
1486 :
1487 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1488 : false, spdm_response_size,
1489 : spdm_response, response_size,
1490 : response);
1491 2 : slot_id++;
1492 : }
1493 2 : return LIBSPDM_STATUS_SUCCESS;
1494 :
1495 1 : case 0x18: { /* correct CHALLENGE_AUTH message using slot 0xFF */
1496 : spdm_challenge_auth_response_t *spdm_response;
1497 : void *data;
1498 : size_t data_size;
1499 : uint8_t *ptr;
1500 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1501 : size_t sig_size;
1502 : size_t spdm_response_size;
1503 : size_t transport_header_size;
1504 :
1505 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1506 : ((libspdm_context_t *)spdm_context)
1507 1 : ->local_context.local_public_key_provision_size = data_size;
1508 : ((libspdm_context_t *)spdm_context)
1509 1 : ->local_context.local_public_key_provision = data;
1510 : ((libspdm_context_t *)spdm_context)
1511 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1512 : ((libspdm_context_t *)spdm_context)
1513 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1514 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1515 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1516 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1517 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1518 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1519 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1520 :
1521 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1522 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1523 1 : spdm_response->header.param1 = 0x0F;
1524 1 : spdm_response->header.param2 = 0;
1525 1 : ptr = (void *)(spdm_response + 1);
1526 1 : libspdm_hash_all(
1527 : m_libspdm_use_hash_algo,
1528 : ((libspdm_context_t *)spdm_context)
1529 : ->local_context.local_public_key_provision,
1530 : ((libspdm_context_t *)spdm_context)
1531 : ->local_context
1532 : .local_public_key_provision_size,
1533 : ptr);
1534 1 : free(data);
1535 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1536 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1537 1 : ptr += SPDM_NONCE_SIZE;
1538 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1539 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1540 1 : *(uint16_t *)ptr = 0;
1541 1 : ptr += sizeof(uint16_t);
1542 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1543 : sizeof(m_libspdm_local_buffer) -
1544 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1545 : m_libspdm_local_buffer),
1546 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1547 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1548 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1549 : m_libspdm_local_buffer_size));
1550 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1551 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1552 : m_libspdm_local_buffer_size, hash_data);
1553 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1554 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1555 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1556 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1557 1 : libspdm_responder_data_sign(
1558 : spdm_context,
1559 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1560 : 0, SPDM_CHALLENGE_AUTH,
1561 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1562 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1563 : ptr, &sig_size);
1564 1 : ptr += sig_size;
1565 :
1566 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1567 : false, spdm_response_size,
1568 : spdm_response, response_size,
1569 : response);
1570 : }
1571 1 : return LIBSPDM_STATUS_SUCCESS;
1572 :
1573 1 : case 0x19: /*CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed*/
1574 : {
1575 : spdm_challenge_auth_response_t *spdm_response;
1576 : void *data;
1577 : size_t data_size;
1578 : uint8_t *Ptr;
1579 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1580 : size_t sig_size;
1581 : size_t spdm_response_size;
1582 : size_t transport_header_size;
1583 : uint16_t opaque_length;
1584 1 : opaque_length = SPDM_MAX_OPAQUE_DATA_SIZE + 1; /*opaque_length greater than the maximum allowed*/
1585 :
1586 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1587 : m_libspdm_use_asym_algo,
1588 : &data,
1589 : &data_size, NULL, NULL);
1590 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1591 : data_size;
1592 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1593 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1594 : m_libspdm_use_asym_algo;
1595 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1596 : m_libspdm_use_hash_algo;
1597 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1598 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1599 : SPDM_NONCE_SIZE +
1600 : 0 +
1601 1 : sizeof(uint16_t) +
1602 1 : opaque_length +
1603 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1604 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1605 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1606 :
1607 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1608 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1609 1 : spdm_response->header.param1 = 0;
1610 1 : spdm_response->header.param2 = (1 << 0);
1611 1 : Ptr = (void *)(spdm_response + 1);
1612 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1613 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1614 : 0],
1615 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1616 : 0],
1617 : Ptr);
1618 1 : free(data);
1619 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1620 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1621 1 : Ptr += SPDM_NONCE_SIZE;
1622 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1623 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1624 1 : *(uint16_t *)Ptr = opaque_length;
1625 1 : Ptr += sizeof(uint16_t);
1626 1 : libspdm_set_mem(Ptr, opaque_length, 255);
1627 1 : Ptr += opaque_length;
1628 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1629 : sizeof(m_libspdm_local_buffer) -
1630 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1631 : m_libspdm_local_buffer),
1632 : spdm_response,
1633 1 : (size_t)Ptr - (size_t)spdm_response);
1634 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1635 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1636 : m_libspdm_local_buffer_size, hash_data);
1637 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1638 1 : libspdm_responder_data_sign(
1639 : spdm_context,
1640 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1641 : 0, SPDM_CHALLENGE_AUTH,
1642 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1643 : false, m_libspdm_local_buffer,
1644 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1645 1 : Ptr += sig_size;
1646 :
1647 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1648 : spdm_response, response_size, response);
1649 : }
1650 1 : return LIBSPDM_STATUS_SUCCESS;
1651 :
1652 1 : case 0x1A:
1653 : {
1654 : spdm_challenge_auth_response_t *spdm_response;
1655 : spdm_general_opaque_data_table_header_t
1656 : *spdm_general_opaque_data_table_header;
1657 : opaque_element_table_header_t
1658 : *opaque_element_table_header;
1659 : void *data;
1660 : size_t data_size;
1661 : uint8_t *Ptr;
1662 : size_t sig_size;
1663 : size_t spdm_response_size;
1664 : size_t transport_header_size;
1665 : uint8_t element_num;
1666 : uint8_t element_index;
1667 : size_t current_element_len;
1668 : uint16_t opaque_element_data_len;
1669 :
1670 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1671 : m_libspdm_use_asym_algo,
1672 : &data,
1673 : &data_size, NULL, NULL);
1674 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1675 : data_size;
1676 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1677 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1678 : m_libspdm_use_asym_algo;
1679 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1680 : m_libspdm_use_hash_algo;
1681 :
1682 :
1683 1 : spdm_general_opaque_data_table_header = (void *)m_libspdm_opaque_data;
1684 1 : spdm_general_opaque_data_table_header->total_elements = 4;
1685 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1686 :
1687 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1688 1 : m_libspdm_opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1689 :
1690 5 : for (element_index = 0; element_index < element_num; element_index++) {
1691 4 : opaque_element_table_header->id = SPDM_REGISTRY_ID_MAX;
1692 4 : opaque_element_table_header->vendor_len = 0;
1693 4 : opaque_element_data_len = (uint16_t)strlen("libspdm");
1694 :
1695 4 : Ptr = (void *)(opaque_element_table_header + 1);
1696 4 : Ptr += opaque_element_table_header->vendor_len;
1697 :
1698 4 : libspdm_copy_mem((uint16_t *)Ptr,
1699 : sizeof(opaque_element_data_len),
1700 : &opaque_element_data_len,
1701 : sizeof(opaque_element_data_len));
1702 :
1703 4 : libspdm_copy_mem(Ptr + sizeof(opaque_element_data_len),
1704 : SPDM_MAX_OPAQUE_DATA_SIZE -
1705 : sizeof(opaque_element_table_header_t), "libspdm",
1706 : strlen("libspdm"));
1707 :
1708 4 : current_element_len = sizeof(opaque_element_table_header_t) +
1709 4 : opaque_element_table_header->vendor_len +
1710 4 : sizeof(opaque_element_data_len) +
1711 : opaque_element_data_len;
1712 4 : current_element_len = (current_element_len + 3) & ~3;
1713 :
1714 : /*move to next element*/
1715 4 : opaque_element_table_header =
1716 : (opaque_element_table_header_t *)
1717 : ((uint8_t *)opaque_element_table_header + current_element_len);
1718 :
1719 4 : m_libspdm_opaque_data_size += current_element_len;
1720 : }
1721 :
1722 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1723 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1724 : SPDM_NONCE_SIZE +
1725 : 0 +
1726 2 : sizeof(uint16_t) + m_libspdm_opaque_data_size +
1727 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1728 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1729 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1730 :
1731 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
1732 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1733 1 : spdm_response->header.param1 = 0;
1734 1 : spdm_response->header.param2 = (1 << 0);
1735 1 : Ptr = (void *)(spdm_response + 1);
1736 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1737 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1738 : 0],
1739 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1740 : 0],
1741 : Ptr);
1742 1 : free(data);
1743 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1744 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1745 1 : Ptr += SPDM_NONCE_SIZE;
1746 1 : *(uint16_t *)Ptr = (uint16_t)m_libspdm_opaque_data_size;
1747 1 : Ptr += sizeof(uint16_t);
1748 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr,
1749 : m_libspdm_opaque_data,
1750 : m_libspdm_opaque_data_size);
1751 1 : Ptr += m_libspdm_opaque_data_size;
1752 :
1753 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1754 : sizeof(m_libspdm_local_buffer) -
1755 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1756 : m_libspdm_local_buffer),
1757 : spdm_response,
1758 1 : (size_t)Ptr - (size_t)spdm_response);
1759 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1760 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1761 1 : libspdm_responder_data_sign(
1762 : spdm_context,
1763 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1764 : 0, SPDM_CHALLENGE_AUTH,
1765 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1766 : false, m_libspdm_local_buffer,
1767 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1768 1 : Ptr += sig_size;
1769 :
1770 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1771 : spdm_response, response_size, response);
1772 : }
1773 1 : return LIBSPDM_STATUS_SUCCESS;
1774 1 : case 0x1B: {
1775 : spdm_challenge_auth_response_t *spdm_response;
1776 : void *data;
1777 : size_t data_size;
1778 : uint8_t *ptr;
1779 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1780 : size_t sig_size;
1781 : size_t spdm_response_size;
1782 : size_t transport_header_size;
1783 1 : uint8_t slot_id = 0;
1784 :
1785 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1786 : m_libspdm_use_asym_algo, &data,
1787 : &data_size, NULL, NULL);
1788 : ((libspdm_context_t *)spdm_context)
1789 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
1790 : ((libspdm_context_t *)spdm_context)
1791 1 : ->local_context.local_cert_chain_provision[0] = data;
1792 : ((libspdm_context_t *)spdm_context)
1793 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1794 : ((libspdm_context_t *)spdm_context)
1795 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1796 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1797 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1798 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1799 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1800 : SPDM_REQ_CONTEXT_SIZE;
1801 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1802 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1803 :
1804 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1805 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1806 1 : spdm_response->header.param1 = slot_id;
1807 1 : spdm_response->header.param2 = (1 << slot_id);
1808 1 : ptr = (void *)(spdm_response + 1);
1809 1 : libspdm_hash_all(
1810 : m_libspdm_use_hash_algo,
1811 : ((libspdm_context_t *)spdm_context)
1812 : ->local_context.local_cert_chain_provision[slot_id],
1813 : ((libspdm_context_t *)spdm_context)
1814 : ->local_context
1815 : .local_cert_chain_provision_size[slot_id],
1816 : ptr);
1817 1 : free(data);
1818 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1819 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1820 1 : ptr += SPDM_NONCE_SIZE;
1821 1 : *(uint16_t *)ptr = 0;
1822 1 : ptr += sizeof(uint16_t);
1823 1 : libspdm_copy_mem(ptr, SPDM_REQ_CONTEXT_SIZE, m_requester_context, SPDM_REQ_CONTEXT_SIZE);
1824 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1825 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1826 : sizeof(m_libspdm_local_buffer) -
1827 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1828 : m_libspdm_local_buffer),
1829 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1830 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1831 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1832 : m_libspdm_local_buffer_size));
1833 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1834 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1835 : m_libspdm_local_buffer_size, hash_data);
1836 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1837 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1838 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1839 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1840 1 : libspdm_responder_data_sign(
1841 : spdm_context,
1842 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1843 : 0, SPDM_CHALLENGE_AUTH,
1844 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1845 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1846 : ptr, &sig_size);
1847 1 : ptr += sig_size;
1848 :
1849 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1850 : false, spdm_response_size,
1851 : spdm_response, response_size,
1852 : response);
1853 : }
1854 1 : return LIBSPDM_STATUS_SUCCESS;
1855 1 : case 0x1C: {
1856 : spdm_challenge_auth_response_t *spdm_response;
1857 : void *data;
1858 : size_t data_size;
1859 : uint8_t *ptr;
1860 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1861 : size_t sig_size;
1862 : size_t spdm_response_size;
1863 : size_t transport_header_size;
1864 1 : uint8_t slot_id = 0;
1865 :
1866 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1867 : m_libspdm_use_asym_algo, &data,
1868 : &data_size, NULL, NULL);
1869 : ((libspdm_context_t *)spdm_context)
1870 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
1871 : ((libspdm_context_t *)spdm_context)
1872 1 : ->local_context.local_cert_chain_provision[0] = data;
1873 : ((libspdm_context_t *)spdm_context)
1874 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1875 : ((libspdm_context_t *)spdm_context)
1876 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1877 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1878 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1879 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1880 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1881 : SPDM_REQ_CONTEXT_SIZE;
1882 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1883 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1884 :
1885 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1886 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1887 1 : spdm_response->header.param1 = slot_id;
1888 1 : spdm_response->header.param2 = (1 << slot_id);
1889 1 : ptr = (void *)(spdm_response + 1);
1890 1 : libspdm_hash_all(
1891 : m_libspdm_use_hash_algo,
1892 : ((libspdm_context_t *)spdm_context)
1893 : ->local_context.local_cert_chain_provision[slot_id],
1894 : ((libspdm_context_t *)spdm_context)
1895 : ->local_context
1896 : .local_cert_chain_provision_size[slot_id],
1897 : ptr);
1898 1 : free(data);
1899 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1900 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1901 1 : ptr += SPDM_NONCE_SIZE;
1902 1 : *(uint16_t *)ptr = 0;
1903 1 : ptr += sizeof(uint16_t);
1904 1 : libspdm_get_random_number(SPDM_REQ_CONTEXT_SIZE,ptr);
1905 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1906 :
1907 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1908 : sizeof(m_libspdm_local_buffer) -
1909 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1910 : m_libspdm_local_buffer),
1911 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1912 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1913 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1914 : m_libspdm_local_buffer_size));
1915 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1916 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1917 : m_libspdm_local_buffer_size, hash_data);
1918 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1919 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1920 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1921 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1922 1 : libspdm_responder_data_sign(
1923 : spdm_context,
1924 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1925 : 0, SPDM_CHALLENGE_AUTH,
1926 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1927 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1928 : ptr, &sig_size);
1929 1 : ptr += sig_size;
1930 :
1931 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1932 : false, spdm_response_size,
1933 : spdm_response, response_size,
1934 : response);
1935 : }
1936 1 : return LIBSPDM_STATUS_SUCCESS;
1937 0 : default:
1938 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1939 : }
1940 : }
1941 :
1942 : /**
1943 : * Test 1: when no CHALLENGE_AUTH message is received, and the client returns a
1944 : * device error.
1945 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1946 : **/
1947 1 : static void req_challenge_case1(void **state)
1948 : {
1949 : libspdm_return_t status;
1950 : libspdm_test_context_t *spdm_test_context;
1951 : libspdm_context_t *spdm_context;
1952 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
1953 : void *data;
1954 : size_t data_size;
1955 : void *hash;
1956 : size_t hash_size;
1957 :
1958 1 : spdm_test_context = *state;
1959 1 : spdm_context = spdm_test_context->spdm_context;
1960 1 : spdm_test_context->case_id = 0x1;
1961 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1962 1 : spdm_context->connection_info.capability.flags = 0;
1963 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
1964 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1965 : m_libspdm_use_asym_algo, &data,
1966 : &data_size, &hash, &hash_size)) {
1967 0 : assert(false);
1968 : }
1969 1 : libspdm_reset_message_a(spdm_context);
1970 1 : libspdm_reset_message_b(spdm_context);
1971 1 : libspdm_reset_message_c(spdm_context);
1972 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1973 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1974 :
1975 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1976 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1977 :
1978 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1979 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1980 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1981 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1982 : data, data_size);
1983 : #else
1984 1 : libspdm_hash_all(
1985 : spdm_context->connection_info.algorithm.base_hash_algo,
1986 : data, data_size,
1987 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1988 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1989 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1990 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1991 : spdm_context->connection_info.algorithm.base_hash_algo,
1992 : spdm_context->connection_info.algorithm.base_asym_algo,
1993 : data, data_size,
1994 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1995 : #endif
1996 :
1997 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
1998 1 : status = libspdm_challenge(
1999 : spdm_context, NULL, 0,
2000 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2001 : measurement_hash, NULL);
2002 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
2003 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2004 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2005 : #endif
2006 1 : free(data);
2007 1 : }
2008 :
2009 : /**
2010 : * Test 2: the requester is setup correctly to send a CHALLENGE message:
2011 : * - it has flags indicating that the previous messages were sent
2012 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2013 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2014 : * signature algorithms, and the use of challenges.
2015 : * - it has the responder's certificate chain.
2016 : * The CHALLENGE message requests usage of the first certificate in the chain
2017 : * (param1=0) and do not request measurements (param2=0).
2018 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2019 : * no opaque data and a signature on the sent nonce.
2020 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2021 : **/
2022 1 : static void req_challenge_case2(void **state)
2023 : {
2024 : libspdm_return_t status;
2025 : libspdm_test_context_t *spdm_test_context;
2026 : libspdm_context_t *spdm_context;
2027 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2028 : void *data;
2029 : size_t data_size;
2030 : void *hash;
2031 : size_t hash_size;
2032 :
2033 1 : spdm_test_context = *state;
2034 1 : spdm_context = spdm_test_context->spdm_context;
2035 1 : spdm_test_context->case_id = 0x2;
2036 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2037 1 : spdm_context->connection_info.capability.flags = 0;
2038 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2039 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2040 : m_libspdm_use_asym_algo, &data,
2041 : &data_size, &hash, &hash_size)) {
2042 0 : assert(false);
2043 : }
2044 1 : libspdm_reset_message_a(spdm_context);
2045 1 : libspdm_reset_message_b(spdm_context);
2046 1 : libspdm_reset_message_c(spdm_context);
2047 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2048 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2049 :
2050 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2051 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2052 :
2053 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2054 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2055 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2056 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2057 : data, data_size);
2058 : #else
2059 1 : libspdm_hash_all(
2060 : spdm_context->connection_info.algorithm.base_hash_algo,
2061 : data, data_size,
2062 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2063 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2064 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2065 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2066 : spdm_context->connection_info.algorithm.base_hash_algo,
2067 : spdm_context->connection_info.algorithm.base_asym_algo,
2068 : data, data_size,
2069 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2070 : #endif
2071 :
2072 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2073 1 : status = libspdm_challenge(
2074 : spdm_context, NULL, 0,
2075 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2076 : measurement_hash, NULL);
2077 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2078 :
2079 : /* Completion of CHALLENGE sets M1/M2 to null. */
2080 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2081 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2082 : #else
2083 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
2084 : #endif
2085 1 : free(data);
2086 1 : }
2087 :
2088 : /**
2089 : * Test 3: the requester is not setup correctly to send a CHALLENGE message:
2090 : * - it has *no* flags indicating that the previous messages were sent
2091 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS); but
2092 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2093 : * signature algorithms, and the use of challenges.
2094 : * - it has the responder's certificate chain.
2095 : * The CHALLENGE message requests usage of the first certificate in the chain
2096 : * (param1=0) and do not request measurements (param2=0).
2097 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2098 : * no opaque data and a signature on the sent nonce.
2099 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2100 : * transcript buffer is not set.
2101 : **/
2102 1 : static void req_challenge_case3(void **state)
2103 : {
2104 : libspdm_return_t status;
2105 : libspdm_test_context_t *spdm_test_context;
2106 : libspdm_context_t *spdm_context;
2107 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2108 : void *data;
2109 : size_t data_size;
2110 : void *hash;
2111 : size_t hash_size;
2112 :
2113 1 : spdm_test_context = *state;
2114 1 : spdm_context = spdm_test_context->spdm_context;
2115 1 : spdm_test_context->case_id = 0x3;
2116 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
2117 1 : spdm_context->connection_info.capability.flags = 0;
2118 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2119 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2120 : m_libspdm_use_asym_algo, &data,
2121 : &data_size, &hash, &hash_size)) {
2122 0 : assert(false);
2123 : }
2124 1 : libspdm_reset_message_a(spdm_context);
2125 1 : libspdm_reset_message_b(spdm_context);
2126 1 : libspdm_reset_message_c(spdm_context);
2127 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2128 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2129 :
2130 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2131 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2132 :
2133 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2134 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2135 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2136 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2137 : data, data_size);
2138 : #else
2139 1 : libspdm_hash_all(
2140 : spdm_context->connection_info.algorithm.base_hash_algo,
2141 : data, data_size,
2142 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2143 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2144 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2145 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2146 : spdm_context->connection_info.algorithm.base_hash_algo,
2147 : spdm_context->connection_info.algorithm.base_asym_algo,
2148 : data, data_size,
2149 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2150 : #endif
2151 :
2152 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2153 1 : status = libspdm_challenge(
2154 : spdm_context, NULL, 0,
2155 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2156 : measurement_hash, NULL);
2157 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2158 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2159 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2160 : #endif
2161 1 : free(data);
2162 1 : }
2163 :
2164 : /**
2165 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
2166 : * message indicating InvalidParameters.
2167 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2168 : * transcript buffer is reset.
2169 : **/
2170 1 : static void req_challenge_case4(void **state)
2171 : {
2172 : libspdm_return_t status;
2173 : libspdm_test_context_t *spdm_test_context;
2174 : libspdm_context_t *spdm_context;
2175 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2176 : void *data;
2177 : size_t data_size;
2178 : void *hash;
2179 : size_t hash_size;
2180 :
2181 1 : spdm_test_context = *state;
2182 1 : spdm_context = spdm_test_context->spdm_context;
2183 1 : spdm_test_context->case_id = 0x4;
2184 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2185 1 : spdm_context->connection_info.capability.flags = 0;
2186 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2187 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2188 : m_libspdm_use_asym_algo, &data,
2189 : &data_size, &hash, &hash_size)) {
2190 0 : assert(false);
2191 : }
2192 1 : libspdm_reset_message_a(spdm_context);
2193 1 : libspdm_reset_message_b(spdm_context);
2194 1 : libspdm_reset_message_c(spdm_context);
2195 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2196 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2197 :
2198 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2199 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2200 :
2201 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2202 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2203 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2204 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2205 : data, data_size);
2206 : #else
2207 1 : libspdm_hash_all(
2208 : spdm_context->connection_info.algorithm.base_hash_algo,
2209 : data, data_size,
2210 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2211 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2212 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2213 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2214 : spdm_context->connection_info.algorithm.base_hash_algo,
2215 : spdm_context->connection_info.algorithm.base_asym_algo,
2216 : data, data_size,
2217 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2218 : #endif
2219 :
2220 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2221 1 : status = libspdm_challenge(
2222 : spdm_context, NULL, 0,
2223 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2224 : measurement_hash, NULL);
2225 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
2226 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2227 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2228 : #endif
2229 1 : free(data);
2230 1 : }
2231 :
2232 : /**
2233 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
2234 : * message indicating the Busy status of the responder.
2235 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2236 : * transcript buffer is reset.
2237 : **/
2238 1 : static void req_challenge_case5(void **state)
2239 : {
2240 : libspdm_return_t status;
2241 : libspdm_test_context_t *spdm_test_context;
2242 : libspdm_context_t *spdm_context;
2243 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2244 : void *data;
2245 : size_t data_size;
2246 : void *hash;
2247 : size_t hash_size;
2248 :
2249 1 : spdm_test_context = *state;
2250 1 : spdm_context = spdm_test_context->spdm_context;
2251 1 : spdm_test_context->case_id = 0x5;
2252 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2253 1 : spdm_context->connection_info.capability.flags = 0;
2254 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2255 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2256 : m_libspdm_use_asym_algo, &data,
2257 : &data_size, &hash, &hash_size)) {
2258 0 : assert(false);
2259 : }
2260 1 : libspdm_reset_message_a(spdm_context);
2261 1 : libspdm_reset_message_b(spdm_context);
2262 1 : libspdm_reset_message_c(spdm_context);
2263 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2264 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2265 :
2266 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2267 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2268 :
2269 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2270 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2271 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2272 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2273 : data, data_size);
2274 : #else
2275 1 : libspdm_hash_all(
2276 : spdm_context->connection_info.algorithm.base_hash_algo,
2277 : data, data_size,
2278 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2279 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2280 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2281 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2282 : spdm_context->connection_info.algorithm.base_hash_algo,
2283 : spdm_context->connection_info.algorithm.base_asym_algo,
2284 : data, data_size,
2285 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2286 : #endif
2287 :
2288 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2289 1 : status = libspdm_challenge(
2290 : spdm_context, NULL, 0,
2291 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2292 : measurement_hash, NULL);
2293 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2294 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2295 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2296 : #endif
2297 1 : free(data);
2298 1 : }
2299 :
2300 : /**
2301 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2302 : * receiving a Busy ERROR message, and on retry, receiving a correct CHALLENGE_AUTH
2303 : * message to the challenge, with no opaque data and a signature on the sent nonce.
2304 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2305 : **/
2306 1 : static void req_challenge_case6(void **state)
2307 : {
2308 : libspdm_return_t status;
2309 : libspdm_test_context_t *spdm_test_context;
2310 : libspdm_context_t *spdm_context;
2311 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2312 : void *data;
2313 : size_t data_size;
2314 : void *hash;
2315 : size_t hash_size;
2316 :
2317 1 : spdm_test_context = *state;
2318 1 : spdm_context = spdm_test_context->spdm_context;
2319 1 : spdm_test_context->case_id = 0x6;
2320 1 : spdm_context->retry_times = 3;
2321 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2322 1 : spdm_context->connection_info.capability.flags = 0;
2323 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2324 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2325 : m_libspdm_use_asym_algo, &data,
2326 : &data_size, &hash, &hash_size)) {
2327 0 : assert(false);
2328 : }
2329 1 : libspdm_reset_message_a(spdm_context);
2330 1 : libspdm_reset_message_b(spdm_context);
2331 1 : libspdm_reset_message_c(spdm_context);
2332 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2333 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2334 :
2335 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2336 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2337 :
2338 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2339 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2340 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2341 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2342 : data, data_size);
2343 : #else
2344 1 : libspdm_hash_all(
2345 : spdm_context->connection_info.algorithm.base_hash_algo,
2346 : data, data_size,
2347 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2348 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2349 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2350 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2351 : spdm_context->connection_info.algorithm.base_hash_algo,
2352 : spdm_context->connection_info.algorithm.base_asym_algo,
2353 : data, data_size,
2354 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2355 : #endif
2356 :
2357 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2358 1 : status = libspdm_challenge(
2359 : spdm_context, NULL, 0,
2360 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2361 : measurement_hash, NULL);
2362 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2363 1 : free(data);
2364 1 : }
2365 :
2366 : /**
2367 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2368 : * message indicating the RequestResynch status of the responder.
2369 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, the "C"
2370 : * transcript buffer is reset, and the communication is reset to expect a new
2371 : * GET_VERSION message.
2372 : **/
2373 1 : static void req_challenge_case7(void **state)
2374 : {
2375 : libspdm_return_t status;
2376 : libspdm_test_context_t *spdm_test_context;
2377 : libspdm_context_t *spdm_context;
2378 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2379 : void *data;
2380 : size_t data_size;
2381 : void *hash;
2382 : size_t hash_size;
2383 :
2384 1 : spdm_test_context = *state;
2385 1 : spdm_context = spdm_test_context->spdm_context;
2386 1 : spdm_test_context->case_id = 0x7;
2387 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2388 1 : spdm_context->connection_info.capability.flags = 0;
2389 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2390 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2391 : m_libspdm_use_asym_algo, &data,
2392 : &data_size, &hash, &hash_size)) {
2393 0 : assert(false);
2394 : }
2395 1 : libspdm_reset_message_a(spdm_context);
2396 1 : libspdm_reset_message_b(spdm_context);
2397 1 : libspdm_reset_message_c(spdm_context);
2398 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2399 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2400 :
2401 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2402 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2403 :
2404 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2405 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2406 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2407 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2408 : data, data_size);
2409 : #else
2410 1 : libspdm_hash_all(
2411 : spdm_context->connection_info.algorithm.base_hash_algo,
2412 : data, data_size,
2413 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2414 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2415 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2416 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2417 : spdm_context->connection_info.algorithm.base_hash_algo,
2418 : spdm_context->connection_info.algorithm.base_asym_algo,
2419 : data, data_size,
2420 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2421 : #endif
2422 :
2423 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2424 1 : status = libspdm_challenge(
2425 : spdm_context, NULL, 0,
2426 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2427 : measurement_hash, NULL);
2428 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2429 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2430 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2431 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2432 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2433 : #endif
2434 1 : free(data);
2435 1 : }
2436 :
2437 : /**
2438 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2439 : * message indicating the ResponseNotReady status of the responder.
2440 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2441 : * buffer stores nothing.
2442 : **/
2443 1 : static void req_challenge_case8(void **state)
2444 : {
2445 : libspdm_return_t status;
2446 : libspdm_test_context_t *spdm_test_context;
2447 : libspdm_context_t *spdm_context;
2448 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2449 : void *data;
2450 : size_t data_size;
2451 : void *hash;
2452 : size_t hash_size;
2453 :
2454 1 : spdm_test_context = *state;
2455 1 : spdm_context = spdm_test_context->spdm_context;
2456 1 : spdm_test_context->case_id = 0x8;
2457 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2458 1 : spdm_context->connection_info.capability.flags = 0;
2459 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2460 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2461 : m_libspdm_use_asym_algo, &data,
2462 : &data_size, &hash, &hash_size)) {
2463 0 : assert(false);
2464 : }
2465 1 : libspdm_reset_message_a(spdm_context);
2466 1 : libspdm_reset_message_b(spdm_context);
2467 1 : libspdm_reset_message_c(spdm_context);
2468 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2469 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2470 :
2471 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2472 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2473 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2474 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2475 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2476 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2477 : data, data_size);
2478 : #else
2479 1 : libspdm_hash_all(
2480 : spdm_context->connection_info.algorithm.base_hash_algo,
2481 : data, data_size,
2482 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2483 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2484 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2485 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2486 : spdm_context->connection_info.algorithm.base_hash_algo,
2487 : spdm_context->connection_info.algorithm.base_asym_algo,
2488 : data, data_size,
2489 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2490 : #endif
2491 :
2492 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2493 :
2494 1 : status = libspdm_challenge(
2495 : spdm_context, NULL, 0,
2496 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2497 : measurement_hash, NULL);
2498 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2499 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2500 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2501 : #endif
2502 1 : free(data);
2503 1 : }
2504 :
2505 : /**
2506 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2507 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2508 : * CHALLENGE_AUTH message to the challenge, with no opaque data and a signature
2509 : * on the sent nonce.
2510 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2511 : **/
2512 1 : static void req_challenge_case9(void **state)
2513 : {
2514 : libspdm_return_t status;
2515 : libspdm_test_context_t *spdm_test_context;
2516 : libspdm_context_t *spdm_context;
2517 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2518 : void *data;
2519 : size_t data_size;
2520 : void *hash;
2521 : size_t hash_size;
2522 :
2523 1 : spdm_test_context = *state;
2524 1 : spdm_context = spdm_test_context->spdm_context;
2525 1 : spdm_test_context->case_id = 0x9;
2526 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2527 1 : spdm_context->connection_info.capability.flags = 0;
2528 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2529 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2530 : m_libspdm_use_asym_algo, &data,
2531 : &data_size, &hash, &hash_size)) {
2532 0 : assert(false);
2533 : }
2534 1 : libspdm_reset_message_a(spdm_context);
2535 1 : libspdm_reset_message_b(spdm_context);
2536 1 : libspdm_reset_message_c(spdm_context);
2537 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2538 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2539 :
2540 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2541 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2542 :
2543 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2544 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2545 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2546 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2547 : data, data_size);
2548 : #else
2549 1 : libspdm_hash_all(
2550 : spdm_context->connection_info.algorithm.base_hash_algo,
2551 : data, data_size,
2552 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2553 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2554 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2555 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2556 : spdm_context->connection_info.algorithm.base_hash_algo,
2557 : spdm_context->connection_info.algorithm.base_asym_algo,
2558 : data, data_size,
2559 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2560 : #endif
2561 :
2562 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2563 1 : status = libspdm_challenge(
2564 : spdm_context, NULL, 0,
2565 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2566 : measurement_hash, NULL);
2567 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2568 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2569 : } else {
2570 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2571 : }
2572 1 : free(data);
2573 1 : }
2574 :
2575 : /**
2576 : * Test 10: the requester is not setup correctly to send a CHALLENGE message.
2577 : * Specifically, it has *not* received the capability for challenge, although it
2578 : * has received capability for executing both hash and signature algorithms.
2579 : * The remaining setup and message exchange were executed correctly (see Test 2).
2580 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2581 : * transcript buffer is not set.
2582 : **/
2583 1 : static void req_challenge_case10(void **state) {
2584 : libspdm_return_t status;
2585 : libspdm_test_context_t *spdm_test_context;
2586 : libspdm_context_t *spdm_context;
2587 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2588 : void *data;
2589 : size_t data_size;
2590 : void *hash;
2591 : size_t hash_size;
2592 :
2593 1 : spdm_test_context = *state;
2594 1 : spdm_context = spdm_test_context->spdm_context;
2595 1 : spdm_test_context->case_id = 0xA;
2596 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2597 1 : spdm_context->connection_info.capability.flags = 0;
2598 : /* spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;*/
2599 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2600 : m_libspdm_use_asym_algo,
2601 : &data, &data_size,
2602 : &hash, &hash_size);
2603 1 : libspdm_reset_message_a(spdm_context);
2604 1 : libspdm_reset_message_b(spdm_context);
2605 1 : libspdm_reset_message_c(spdm_context);
2606 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2607 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2608 :
2609 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2610 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2611 :
2612 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2613 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2614 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2615 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2616 : data, data_size);
2617 : #else
2618 1 : libspdm_hash_all(
2619 : spdm_context->connection_info.algorithm.base_hash_algo,
2620 : data, data_size,
2621 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2622 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2623 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2624 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2625 : spdm_context->connection_info.algorithm.base_hash_algo,
2626 : spdm_context->connection_info.algorithm.base_asym_algo,
2627 : data, data_size,
2628 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2629 : #endif
2630 :
2631 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2632 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2633 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2634 : measurement_hash, NULL);
2635 1 : assert_int_equal (status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2636 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2637 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2638 : #endif
2639 1 : free(data);
2640 1 : }
2641 :
2642 : /**
2643 : * Test 11: the requester is setup correctly (see Test 2), but receives a malformed
2644 : * response message, smaller then a standard SPDM message header.
2645 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR,.
2646 : **/
2647 1 : static void req_challenge_case11(void **state) {
2648 : libspdm_return_t status;
2649 : libspdm_test_context_t *spdm_test_context;
2650 : libspdm_context_t *spdm_context;
2651 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2652 : void *data;
2653 : size_t data_size;
2654 : void *hash;
2655 : size_t hash_size;
2656 :
2657 1 : spdm_test_context = *state;
2658 1 : spdm_context = spdm_test_context->spdm_context;
2659 1 : spdm_test_context->case_id = 0xB;
2660 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2661 1 : spdm_context->connection_info.capability.flags = 0;
2662 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2663 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2664 : m_libspdm_use_asym_algo,
2665 : &data, &data_size,
2666 : &hash, &hash_size);
2667 1 : libspdm_reset_message_a(spdm_context);
2668 1 : libspdm_reset_message_b(spdm_context);
2669 1 : libspdm_reset_message_c(spdm_context);
2670 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2671 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2672 :
2673 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2674 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2675 :
2676 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2677 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2678 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2679 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2680 : data, data_size);
2681 : #else
2682 1 : libspdm_hash_all(
2683 : spdm_context->connection_info.algorithm.base_hash_algo,
2684 : data, data_size,
2685 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2686 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2687 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2688 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2689 : spdm_context->connection_info.algorithm.base_hash_algo,
2690 : spdm_context->connection_info.algorithm.base_asym_algo,
2691 : data, data_size,
2692 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2693 : #endif
2694 :
2695 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2696 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2697 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2698 : measurement_hash, NULL);
2699 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2700 1 : free(data);
2701 1 : }
2702 :
2703 : /**
2704 : * Test 12: the requester is setup correctly (see Test 2), but receives a malformed
2705 : * response message, with version (1.0) different from the request (1.1).
2706 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2707 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2708 : **/
2709 1 : static void req_challenge_case12(void **state) {
2710 : libspdm_return_t status;
2711 : libspdm_test_context_t *spdm_test_context;
2712 : libspdm_context_t *spdm_context;
2713 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2714 : void *data;
2715 : size_t data_size;
2716 : void *hash;
2717 : size_t hash_size;
2718 :
2719 1 : spdm_test_context = *state;
2720 1 : spdm_context = spdm_test_context->spdm_context;
2721 1 : spdm_test_context->case_id = 0xC;
2722 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2723 1 : spdm_context->connection_info.capability.flags = 0;
2724 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2725 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2726 : m_libspdm_use_asym_algo,
2727 : &data, &data_size,
2728 : &hash, &hash_size);
2729 1 : libspdm_reset_message_a(spdm_context);
2730 1 : libspdm_reset_message_b(spdm_context);
2731 1 : libspdm_reset_message_c(spdm_context);
2732 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2733 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2734 :
2735 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2736 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2737 :
2738 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2739 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2740 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2741 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2742 : data, data_size);
2743 : #else
2744 1 : libspdm_hash_all(
2745 : spdm_context->connection_info.algorithm.base_hash_algo,
2746 : data, data_size,
2747 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2748 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2749 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2750 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2751 : spdm_context->connection_info.algorithm.base_hash_algo,
2752 : spdm_context->connection_info.algorithm.base_asym_algo,
2753 : data, data_size,
2754 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2755 : #endif
2756 :
2757 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2758 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2759 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2760 : measurement_hash, NULL);
2761 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2762 1 : free(data);
2763 1 : }
2764 :
2765 : /**
2766 : * Test 13: the requester is setup correctly (see Test 2), but receives a malformed
2767 : * response message, with wrong request_response_code (CHALLENGE 0x83 instead of
2768 : * CHALLENGE_AUTH 0x03).
2769 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2770 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2771 : **/
2772 1 : static void req_challenge_case13(void **state) {
2773 : libspdm_return_t status;
2774 : libspdm_test_context_t *spdm_test_context;
2775 : libspdm_context_t *spdm_context;
2776 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2777 : void *data;
2778 : size_t data_size;
2779 : void *hash;
2780 : size_t hash_size;
2781 :
2782 1 : spdm_test_context = *state;
2783 1 : spdm_context = spdm_test_context->spdm_context;
2784 1 : spdm_test_context->case_id = 0xD;
2785 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2786 1 : spdm_context->connection_info.capability.flags = 0;
2787 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2788 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2789 : m_libspdm_use_asym_algo,
2790 : &data, &data_size,
2791 : &hash, &hash_size);
2792 1 : libspdm_reset_message_a(spdm_context);
2793 1 : libspdm_reset_message_b(spdm_context);
2794 1 : libspdm_reset_message_c(spdm_context);
2795 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2796 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2797 :
2798 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2799 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2800 :
2801 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2802 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2803 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2804 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2805 : data, data_size);
2806 : #else
2807 1 : libspdm_hash_all(
2808 : spdm_context->connection_info.algorithm.base_hash_algo,
2809 : data, data_size,
2810 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2811 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2812 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2813 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2814 : spdm_context->connection_info.algorithm.base_hash_algo,
2815 : spdm_context->connection_info.algorithm.base_asym_algo,
2816 : data, data_size,
2817 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2818 : #endif
2819 :
2820 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2821 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2822 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2823 : measurement_hash, NULL);
2824 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2825 1 : free(data);
2826 1 : }
2827 :
2828 : /**
2829 : * Test 14: the requester is setup correctly (see Test 2), but receives a malformed
2830 : * response message, with a slot number different from the requested.
2831 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2832 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2833 : **/
2834 1 : static void req_challenge_case14(void **state) {
2835 : libspdm_return_t status;
2836 : libspdm_test_context_t *spdm_test_context;
2837 : libspdm_context_t *spdm_context;
2838 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2839 : void *data;
2840 : size_t data_size;
2841 : void *hash;
2842 : size_t hash_size;
2843 :
2844 1 : spdm_test_context = *state;
2845 1 : spdm_context = spdm_test_context->spdm_context;
2846 1 : spdm_test_context->case_id = 0xE;
2847 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2848 1 : spdm_context->connection_info.capability.flags = 0;
2849 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2850 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2851 : m_libspdm_use_asym_algo,
2852 : &data, &data_size,
2853 : &hash, &hash_size);
2854 1 : libspdm_reset_message_a(spdm_context);
2855 1 : libspdm_reset_message_b(spdm_context);
2856 1 : libspdm_reset_message_c(spdm_context);
2857 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2858 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2859 :
2860 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2861 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2862 :
2863 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2864 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2865 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2866 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2867 : data, data_size);
2868 : #else
2869 1 : libspdm_hash_all(
2870 : spdm_context->connection_info.algorithm.base_hash_algo,
2871 : data, data_size,
2872 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2873 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2874 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2875 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2876 : spdm_context->connection_info.algorithm.base_hash_algo,
2877 : spdm_context->connection_info.algorithm.base_asym_algo,
2878 : data, data_size,
2879 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2880 : #endif
2881 :
2882 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2883 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2884 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2885 : measurement_hash, NULL);
2886 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2887 1 : free(data);
2888 1 : }
2889 :
2890 : /**
2891 : * Test 15: free to be populated by test.
2892 : **/
2893 1 : static void req_challenge_case15(void **state) {
2894 1 : }
2895 :
2896 : /**
2897 : * Test 16: the requester is setup correctly to send a CHALLENGE message:
2898 : * - it has flags indicating that the previous messages were sent
2899 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2900 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2901 : * signature algorithms, and the use of challenges.
2902 : * - it has the responder's certificate chain.
2903 : * The CHALLENGE message requests usage of the first certificate in the chain
2904 : * (param1=0) and do not request measurements (param2=0).
2905 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
2906 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
2907 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2908 : **/
2909 1 : static void req_challenge_case16(void **state) {
2910 : libspdm_return_t status;
2911 : libspdm_test_context_t *spdm_test_context;
2912 : libspdm_context_t *spdm_context;
2913 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2914 : void *data;
2915 : size_t data_size;
2916 : void *hash;
2917 : size_t hash_size;
2918 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
2919 : size_t opaque_data_size;
2920 :
2921 1 : spdm_test_context = *state;
2922 1 : spdm_context = spdm_test_context->spdm_context;
2923 1 : spdm_test_context->case_id = 0x10;
2924 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2925 1 : spdm_context->connection_info.capability.flags = 0;
2926 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2927 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2928 : m_libspdm_use_asym_algo,
2929 : &data, &data_size,
2930 : &hash, &hash_size);
2931 1 : libspdm_reset_message_a(spdm_context);
2932 1 : libspdm_reset_message_b(spdm_context);
2933 1 : libspdm_reset_message_c(spdm_context);
2934 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2935 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2936 :
2937 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2938 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2939 :
2940 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2941 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2942 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2943 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2944 : data, data_size);
2945 : #else
2946 1 : libspdm_hash_all(
2947 : spdm_context->connection_info.algorithm.base_hash_algo,
2948 : data, data_size,
2949 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2950 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2951 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2952 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2953 : spdm_context->connection_info.algorithm.base_hash_algo,
2954 : spdm_context->connection_info.algorithm.base_asym_algo,
2955 : data, data_size,
2956 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2957 : #endif
2958 :
2959 1 : opaque_data_size = sizeof(opaque_data);
2960 :
2961 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2962 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
2963 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2964 : measurement_hash, NULL, NULL, NULL, NULL,
2965 : opaque_data, &opaque_data_size);
2966 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2967 1 : assert_int_equal(opaque_data_size, strlen("libspdm"));
2968 1 : assert_memory_equal(opaque_data, "libspdm", opaque_data_size);
2969 1 : free(data);
2970 1 : }
2971 :
2972 : /**
2973 : * Test 17: the requester is setup correctly to send a CHALLENGE message:
2974 : * - it has flags indicating that the previous messages were sent
2975 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2976 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2977 : * signature algorithms, and the use of challenges.
2978 : * - it has the responder's certificate chain.
2979 : * The CHALLENGE message requests usage of the first certificate in the chain
2980 : * (param1=0) and do not request measurements (param2=0).
2981 : * The received CHALLENGE_AUTH message correctly responds to the challenge,
2982 : * but with an invalid signature.
2983 : * Expected behavior: client returns a status of RETURN_SECURITY_VIOLATION.
2984 : **/
2985 1 : static void req_challenge_case17(void **state) {
2986 : libspdm_return_t status;
2987 : libspdm_test_context_t *spdm_test_context;
2988 : libspdm_context_t *spdm_context;
2989 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2990 : void *data;
2991 : size_t data_size;
2992 : void *hash;
2993 : size_t hash_size;
2994 :
2995 1 : spdm_test_context = *state;
2996 1 : spdm_context = spdm_test_context->spdm_context;
2997 1 : spdm_test_context->case_id = 0x11;
2998 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2999 1 : spdm_context->connection_info.capability.flags = 0;
3000 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3001 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3002 : m_libspdm_use_asym_algo,
3003 : &data, &data_size,
3004 : &hash, &hash_size);
3005 1 : libspdm_reset_message_a(spdm_context);
3006 1 : libspdm_reset_message_b(spdm_context);
3007 1 : libspdm_reset_message_c(spdm_context);
3008 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3009 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3010 :
3011 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3012 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3013 :
3014 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3015 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3016 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3017 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3018 : data, data_size);
3019 : #else
3020 1 : libspdm_hash_all(
3021 : spdm_context->connection_info.algorithm.base_hash_algo,
3022 : data, data_size,
3023 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3024 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3025 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3026 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3027 : spdm_context->connection_info.algorithm.base_hash_algo,
3028 : spdm_context->connection_info.algorithm.base_asym_algo,
3029 : data, data_size,
3030 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3031 : #endif
3032 :
3033 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3034 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3035 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3036 : measurement_hash, NULL);
3037 1 : assert_int_equal (status, LIBSPDM_STATUS_VERIF_FAIL);
3038 1 : free(data);
3039 1 : }
3040 :
3041 : /**
3042 : * Test 18: the requester is setup correctly to send a CHALLENGE message:
3043 : * - it has flags indicating that the previous messages were sent
3044 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3045 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3046 : * signature algorithms, the use of challenges, and of measurements.
3047 : * - it has the responder's certificate chain.
3048 : * The CHALLENGE message requests usage of the first certificate in the chain
3049 : * (param1=0) and request TCB measurements (param2=1).
3050 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3051 : * no opaque data and a signature on the sent nonce.
3052 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3053 : **/
3054 1 : static void req_challenge_case18(void **state) {
3055 : libspdm_return_t status;
3056 : libspdm_test_context_t *spdm_test_context;
3057 : libspdm_context_t *spdm_context;
3058 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3059 : void *data;
3060 : size_t data_size;
3061 : void *hash;
3062 : size_t hash_size;
3063 :
3064 1 : spdm_test_context = *state;
3065 1 : spdm_context = spdm_test_context->spdm_context;
3066 1 : spdm_test_context->case_id = 0x12;
3067 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3068 1 : spdm_context->connection_info.capability.flags = 0;
3069 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3070 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3071 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3072 : m_libspdm_use_asym_algo,
3073 : &data, &data_size,
3074 : &hash, &hash_size);
3075 1 : libspdm_reset_message_a(spdm_context);
3076 1 : libspdm_reset_message_b(spdm_context);
3077 1 : libspdm_reset_message_c(spdm_context);
3078 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3079 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3080 :
3081 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3082 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3083 :
3084 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3085 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3086 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3087 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3088 : data, data_size);
3089 : #else
3090 1 : libspdm_hash_all(
3091 : spdm_context->connection_info.algorithm.base_hash_algo,
3092 : data, data_size,
3093 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3094 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3095 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3096 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3097 : spdm_context->connection_info.algorithm.base_hash_algo,
3098 : spdm_context->connection_info.algorithm.base_asym_algo,
3099 : data, data_size,
3100 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3101 : #endif
3102 :
3103 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3104 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3105 : SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH,
3106 : measurement_hash, NULL);
3107 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3108 1 : }
3109 :
3110 : /**
3111 : * Test 19: the requester is setup correctly to send a CHALLENGE message:
3112 : * - it has flags indicating that the previous messages were sent
3113 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3114 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3115 : * signature algorithms, the use of challenges, and of measurements.
3116 : * - it has the responder's certificate chain.
3117 : * The CHALLENGE message requests usage of the first certificate in the chain
3118 : * (param1=0) and request TCB measurements (param2=1).
3119 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3120 : * no opaque data and a signature on the sent nonce.
3121 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3122 : **/
3123 1 : static void req_challenge_case19(void **state) {
3124 : libspdm_return_t status;
3125 : libspdm_test_context_t *spdm_test_context;
3126 : libspdm_context_t *spdm_context;
3127 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3128 : void *data;
3129 : size_t data_size;
3130 : void *hash;
3131 : size_t hash_size;
3132 :
3133 1 : spdm_test_context = *state;
3134 1 : spdm_context = spdm_test_context->spdm_context;
3135 1 : spdm_test_context->case_id = 0x13;
3136 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3137 1 : spdm_context->connection_info.capability.flags = 0;
3138 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3139 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3140 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3141 : m_libspdm_use_asym_algo,
3142 : &data, &data_size,
3143 : &hash, &hash_size);
3144 1 : libspdm_reset_message_a(spdm_context);
3145 1 : libspdm_reset_message_b(spdm_context);
3146 1 : libspdm_reset_message_c(spdm_context);
3147 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3148 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3149 :
3150 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3151 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3152 :
3153 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3154 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3155 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3156 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3157 : data, data_size);
3158 : #else
3159 1 : libspdm_hash_all(
3160 : spdm_context->connection_info.algorithm.base_hash_algo,
3161 : data, data_size,
3162 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3163 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3164 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3165 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3166 : spdm_context->connection_info.algorithm.base_hash_algo,
3167 : spdm_context->connection_info.algorithm.base_asym_algo,
3168 : data, data_size,
3169 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3170 : #endif
3171 :
3172 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3173 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3174 : SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH,
3175 : measurement_hash, NULL);
3176 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3177 1 : }
3178 :
3179 : /**
3180 : * Test 20: receiving an unexpected ERROR message from the responder.
3181 : * There are tests for all named codes, including some reserved ones
3182 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
3183 : * However, for having specific test cases, it is excluded from this case:
3184 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
3185 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
3186 : **/
3187 1 : static void req_challenge_case20(void **state) {
3188 : libspdm_return_t status;
3189 : libspdm_test_context_t *spdm_test_context;
3190 : libspdm_context_t *spdm_context;
3191 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3192 : void *data;
3193 : size_t data_size;
3194 : void *hash;
3195 : size_t hash_size;
3196 : uint16_t error_code;
3197 :
3198 1 : spdm_test_context = *state;
3199 1 : spdm_context = spdm_test_context->spdm_context;
3200 1 : spdm_test_context->case_id = 0x14;
3201 1 : spdm_context->connection_info.capability.flags = 0;
3202 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3203 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3204 : m_libspdm_use_asym_algo,
3205 : &data, &data_size,
3206 : &hash, &hash_size);
3207 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3208 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3209 :
3210 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3211 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3212 :
3213 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3214 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3215 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3216 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3217 : data, data_size);
3218 : #else
3219 1 : libspdm_hash_all(
3220 : spdm_context->connection_info.algorithm.base_hash_algo,
3221 : data, data_size,
3222 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3223 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3224 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3225 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3226 : spdm_context->connection_info.algorithm.base_hash_algo,
3227 : spdm_context->connection_info.algorithm.base_asym_algo,
3228 : data, data_size,
3229 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3230 : #endif
3231 :
3232 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
3233 19 : while(error_code <= 0xff) {
3234 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3235 18 : libspdm_reset_message_a(spdm_context);
3236 18 : libspdm_reset_message_b(spdm_context);
3237 18 : libspdm_reset_message_c(spdm_context);
3238 :
3239 18 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3240 18 : status = libspdm_challenge (spdm_context, NULL, 0,
3241 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3242 : measurement_hash, NULL);
3243 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
3244 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3245 : /* assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);*/
3246 : LIBSPDM_ASSERT_INT_EQUAL_CASE (spdm_context->transcript.message_c.buffer_size, 0,
3247 : error_code);
3248 : #endif
3249 :
3250 18 : error_code++;
3251 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
3252 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
3253 : }
3254 : /* skip some reserved error codes (0d to 3e) */
3255 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
3256 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
3257 : }
3258 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
3259 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
3260 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
3261 : }
3262 : }
3263 :
3264 1 : free(data);
3265 1 : }
3266 :
3267 : /**
3268 : * Test 21: test correct CHALLENGE_AUTH message with multiple slot numbers
3269 : * Expected behavior: success and slot_id is included in slot_mask.
3270 : **/
3271 1 : static void req_challenge_case21(void **state) {
3272 : libspdm_return_t status;
3273 : libspdm_test_context_t *spdm_test_context;
3274 : libspdm_context_t *spdm_context;
3275 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3276 : void *data;
3277 : size_t data_size;
3278 : void *hash;
3279 : size_t hash_size;
3280 : uint8_t slot_id;
3281 : uint8_t slot_mask;
3282 :
3283 1 : spdm_test_context = *state;
3284 1 : spdm_context = spdm_test_context->spdm_context;
3285 1 : spdm_test_context->case_id = 0x15;
3286 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3287 1 : spdm_context->connection_info.capability.flags = 0;
3288 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3289 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3290 : m_libspdm_use_asym_algo,
3291 : &data, &data_size,
3292 : &hash, &hash_size);
3293 1 : libspdm_reset_message_a(spdm_context);
3294 1 : libspdm_reset_message_b(spdm_context);
3295 1 : libspdm_reset_message_c(spdm_context);
3296 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3297 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3298 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3299 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3300 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3301 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3302 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3303 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3304 : data, data_size);
3305 : #else
3306 1 : libspdm_hash_all(
3307 : spdm_context->connection_info.algorithm.base_hash_algo,
3308 : data, data_size,
3309 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3310 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3311 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3312 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3313 : spdm_context->connection_info.algorithm.base_hash_algo,
3314 : spdm_context->connection_info.algorithm.base_asym_algo,
3315 : data, data_size,
3316 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3317 : #endif
3318 :
3319 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3320 :
3321 1 : slot_id = 0;
3322 1 : status = libspdm_challenge (spdm_context, NULL, slot_id,
3323 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3324 : measurement_hash, &slot_mask);
3325 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3326 1 : assert_int_equal(1<<slot_id, slot_mask & (1<<slot_id));
3327 1 : free(data);
3328 1 : }
3329 :
3330 : /**
3331 : * Test 22: a request message is successfully sent and a response message is successfully received.
3332 : * Buffer C already has arbitrary data.
3333 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a CHALLENGE_AUTH message is
3334 : * received, buffer C appends the exchanged CHALLENGE and CHALLENGE_AUTH messages.
3335 : **/
3336 1 : static void req_challenge_case22(void **state)
3337 : {
3338 : libspdm_return_t status;
3339 : libspdm_test_context_t *spdm_test_context;
3340 : libspdm_context_t *spdm_context;
3341 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3342 : void *data;
3343 : size_t data_size;
3344 : void *hash;
3345 : size_t hash_size;
3346 :
3347 1 : spdm_test_context = *state;
3348 1 : spdm_context = spdm_test_context->spdm_context;
3349 1 : spdm_test_context->case_id = 0x16;
3350 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3351 1 : spdm_context->connection_info.capability.flags = 0;
3352 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3353 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3354 : m_libspdm_use_asym_algo, &data,
3355 : &data_size, &hash, &hash_size)) {
3356 0 : assert(false);
3357 : }
3358 1 : libspdm_reset_message_a(spdm_context);
3359 1 : libspdm_reset_message_b(spdm_context);
3360 1 : libspdm_reset_message_c(spdm_context);
3361 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3362 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3363 :
3364 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3365 : /*filling all buffers with arbitrary data*/
3366 : libspdm_set_mem(spdm_context->transcript.message_a.buffer, 10, (uint8_t) 0xFF);
3367 : spdm_context->transcript.message_a.buffer_size = 10;
3368 : libspdm_set_mem(spdm_context->transcript.message_b.buffer, 8, (uint8_t) 0xEE);
3369 : spdm_context->transcript.message_b.buffer_size = 8;
3370 : libspdm_set_mem(spdm_context->transcript.message_c.buffer, 12, (uint8_t) 0xDD);
3371 : spdm_context->transcript.message_c.buffer_size = 12;
3372 : #endif
3373 :
3374 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3375 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3376 :
3377 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3378 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3379 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3380 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3381 : data, data_size);
3382 : #else
3383 1 : libspdm_hash_all(
3384 : spdm_context->connection_info.algorithm.base_hash_algo,
3385 : data, data_size,
3386 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3387 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3388 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3389 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3390 : spdm_context->connection_info.algorithm.base_hash_algo,
3391 : spdm_context->connection_info.algorithm.base_asym_algo,
3392 : data, data_size,
3393 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3394 : #endif
3395 :
3396 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3397 1 : status = libspdm_challenge(
3398 : spdm_context, NULL, 0,
3399 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3400 : measurement_hash, NULL);
3401 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3402 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3403 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3404 : m_libspdm_local_buffer_size));
3405 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3406 : #endif
3407 1 : free(data);
3408 1 : }
3409 :
3410 : /**
3411 : * Test 23: GetCert (Slot 0), GetCert (Slot 1), then Challenge (Slot 0), (Slot1):
3412 : * - it has flags indicating that the previous messages were sent
3413 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3414 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3415 : * signature algorithms, and the use of challenges.
3416 : * - it has the responder's certificate chain.
3417 : * The CHALLENGE message requests usage of the first certificate in the chain
3418 : * (param1=0) and do not request measurements (param2=0).
3419 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3420 : * no opaque data and a signature on the sent nonce.
3421 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3422 : **/
3423 1 : static void req_challenge_case23(void **state)
3424 : {
3425 : libspdm_return_t status;
3426 : libspdm_test_context_t *spdm_test_context;
3427 : libspdm_context_t *spdm_context;
3428 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3429 : void *data;
3430 : void *data1;
3431 : size_t data_size;
3432 : size_t data1_size;
3433 : void *hash;
3434 : void *hash1;
3435 : size_t hash_size;
3436 : size_t hash1_size;
3437 : uint8_t slot_id;
3438 :
3439 1 : spdm_test_context = *state;
3440 1 : spdm_context = spdm_test_context->spdm_context;
3441 1 : spdm_test_context->case_id = 0x17;
3442 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3443 1 : spdm_context->connection_info.capability.flags = 0;
3444 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3445 :
3446 1 : libspdm_reset_message_a(spdm_context);
3447 1 : libspdm_reset_message_b(spdm_context);
3448 1 : libspdm_reset_message_c(spdm_context);
3449 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3450 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3451 :
3452 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3453 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3454 :
3455 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3456 : m_libspdm_use_asym_algo, &data,
3457 : &data_size, &hash, &hash_size)) {
3458 0 : assert(false);
3459 : }
3460 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3461 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3462 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3463 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3464 : data, data_size);
3465 : #else
3466 1 : libspdm_hash_all(
3467 : spdm_context->connection_info.algorithm.base_hash_algo,
3468 : data, data_size,
3469 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3470 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3471 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3472 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3473 : spdm_context->connection_info.algorithm.base_hash_algo,
3474 : spdm_context->connection_info.algorithm.base_asym_algo,
3475 : data, data_size,
3476 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3477 : #endif
3478 :
3479 1 : libspdm_read_responder_public_certificate_chain_per_slot(
3480 : 1,
3481 : m_libspdm_use_hash_algo,
3482 : m_libspdm_use_asym_algo, &data1,
3483 : &data1_size, &hash1, &hash1_size);
3484 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3485 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size = data1_size;
3486 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
3487 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
3488 : data1, data1_size);
3489 : #else
3490 1 : libspdm_hash_all(
3491 : spdm_context->connection_info.algorithm.base_hash_algo,
3492 : data1, data1_size,
3493 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
3494 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
3495 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3496 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3497 : spdm_context->connection_info.algorithm.base_hash_algo,
3498 : spdm_context->connection_info.algorithm.base_asym_algo,
3499 : data1, data1_size,
3500 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
3501 : #endif
3502 :
3503 3 : for (slot_id = 0; slot_id < 2; slot_id++) {
3504 2 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3505 2 : status = libspdm_challenge(
3506 : spdm_context, NULL, slot_id,
3507 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3508 : measurement_hash, NULL);
3509 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3510 : }
3511 1 : free(data);
3512 1 : free(data1);
3513 1 : }
3514 :
3515 : /**
3516 : * Test 24: Challenge using provisioned public key (slot_id 0xFF)
3517 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3518 : **/
3519 1 : static void req_challenge_case24(void **state)
3520 : {
3521 : libspdm_return_t status;
3522 : libspdm_test_context_t *spdm_test_context;
3523 : libspdm_context_t *spdm_context;
3524 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3525 : void *data;
3526 : size_t data_size;
3527 :
3528 1 : spdm_test_context = *state;
3529 1 : spdm_context = spdm_test_context->spdm_context;
3530 1 : spdm_test_context->case_id = 0x18;
3531 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3532 1 : spdm_context->connection_info.capability.flags = 0;
3533 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3534 1 : spdm_context->connection_info.capability.flags |=
3535 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3536 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3537 1 : spdm_context->local_context.peer_public_key_provision = data;
3538 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3539 :
3540 1 : libspdm_reset_message_a(spdm_context);
3541 1 : libspdm_reset_message_b(spdm_context);
3542 1 : libspdm_reset_message_c(spdm_context);
3543 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3544 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3545 :
3546 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3547 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3548 :
3549 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3550 1 : status = libspdm_challenge(
3551 : spdm_context, NULL, 0xFF,
3552 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3553 : measurement_hash, NULL);
3554 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3555 1 : free(data);
3556 1 : }
3557 :
3558 : /**
3559 : * Test 25: Error case, CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed.
3560 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code.
3561 : **/
3562 1 : static void req_challenge_case25(void **state) {
3563 : libspdm_return_t status;
3564 : libspdm_test_context_t *spdm_test_context;
3565 : libspdm_context_t *spdm_context;
3566 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3567 : void *data;
3568 : size_t data_size;
3569 : void *hash;
3570 : size_t hash_size;
3571 :
3572 1 : spdm_test_context = *state;
3573 1 : spdm_context = spdm_test_context->spdm_context;
3574 1 : spdm_test_context->case_id = 0x19;
3575 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3576 1 : spdm_context->connection_info.capability.flags = 0;
3577 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3578 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3579 : m_libspdm_use_asym_algo,
3580 : &data, &data_size,
3581 : &hash, &hash_size);
3582 1 : libspdm_reset_message_a(spdm_context);
3583 1 : libspdm_reset_message_b(spdm_context);
3584 1 : libspdm_reset_message_c(spdm_context);
3585 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3586 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3587 :
3588 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3589 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3590 :
3591 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3592 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3593 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3594 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3595 : data, data_size);
3596 : #else
3597 1 : libspdm_hash_all(
3598 : spdm_context->connection_info.algorithm.base_hash_algo,
3599 : data, data_size,
3600 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3601 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3602 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3603 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3604 : spdm_context->connection_info.algorithm.base_hash_algo,
3605 : spdm_context->connection_info.algorithm.base_asym_algo,
3606 : data, data_size,
3607 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3608 : #endif
3609 :
3610 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3611 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3612 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3613 : measurement_hash, NULL);
3614 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3615 1 : free(data);
3616 1 : }
3617 :
3618 : /**
3619 : * Test 26: the requester is setup correctly to send a CHALLENGE message:
3620 : * - it has flags indicating that the previous messages were sent
3621 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3622 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3623 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3624 : **/
3625 1 : static void req_challenge_case26(void **state) {
3626 : libspdm_return_t status;
3627 : libspdm_test_context_t *spdm_test_context;
3628 : libspdm_context_t *spdm_context;
3629 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3630 : void *data;
3631 : size_t data_size;
3632 : void *hash;
3633 : size_t hash_size;
3634 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3635 : size_t opaque_data_size;
3636 :
3637 1 : spdm_test_context = *state;
3638 1 : spdm_context = spdm_test_context->spdm_context;
3639 1 : spdm_test_context->case_id = 0x1A;
3640 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3641 1 : spdm_context->connection_info.capability.flags = 0;
3642 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3643 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3644 : m_libspdm_use_asym_algo,
3645 : &data, &data_size,
3646 : &hash, &hash_size);
3647 1 : libspdm_reset_message_a(spdm_context);
3648 1 : libspdm_reset_message_b(spdm_context);
3649 1 : libspdm_reset_message_c(spdm_context);
3650 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3651 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3652 :
3653 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
3654 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3655 :
3656 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3657 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3658 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3659 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3660 : data, data_size);
3661 : #else
3662 1 : libspdm_hash_all(
3663 : spdm_context->connection_info.algorithm.base_hash_algo,
3664 : data, data_size,
3665 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3666 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3667 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3668 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3669 : spdm_context->connection_info.algorithm.base_hash_algo,
3670 : spdm_context->connection_info.algorithm.base_asym_algo,
3671 : data, data_size,
3672 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3673 : #endif
3674 1 : spdm_context->connection_info.algorithm.other_params_support =
3675 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
3676 1 : opaque_data_size = sizeof(opaque_data);
3677 :
3678 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3679 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3680 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3681 : measurement_hash, NULL, NULL, NULL, NULL,
3682 : opaque_data, &opaque_data_size);
3683 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3684 1 : assert_int_equal(opaque_data_size, m_libspdm_opaque_data_size);
3685 1 : assert_memory_equal(opaque_data, m_libspdm_opaque_data, opaque_data_size);
3686 1 : free(data);
3687 1 : }
3688 :
3689 : /**
3690 : * Test 27: Successful case , With the correct challenge context field
3691 : * Expected Behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3692 : **/
3693 1 : static void req_challenge_case27(void **state)
3694 : {
3695 : libspdm_return_t status;
3696 : libspdm_test_context_t *spdm_test_context;
3697 : libspdm_context_t *spdm_context;
3698 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3699 : void *data;
3700 : size_t data_size;
3701 : void *hash;
3702 : size_t hash_size;
3703 :
3704 1 : spdm_test_context = *state;
3705 1 : spdm_context = spdm_test_context->spdm_context;
3706 1 : spdm_test_context->case_id = 0x1B;
3707 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3708 1 : spdm_context->connection_info.capability.flags = 0;
3709 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3710 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3711 : m_libspdm_use_asym_algo, &data,
3712 : &data_size, &hash, &hash_size)) {
3713 0 : assert(false);
3714 : }
3715 1 : libspdm_reset_message_a(spdm_context);
3716 1 : libspdm_reset_message_b(spdm_context);
3717 1 : libspdm_reset_message_c(spdm_context);
3718 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3719 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3720 :
3721 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3722 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3723 :
3724 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3725 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3726 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3727 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3728 : data, data_size);
3729 : #else
3730 1 : libspdm_hash_all(
3731 : spdm_context->connection_info.algorithm.base_hash_algo,
3732 : data, data_size,
3733 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3734 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3735 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3736 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3737 : spdm_context->connection_info.algorithm.base_hash_algo,
3738 : spdm_context->connection_info.algorithm.base_asym_algo,
3739 : data, data_size,
3740 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3741 : #endif
3742 :
3743 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3744 :
3745 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3746 :
3747 1 : status = libspdm_challenge_ex2(
3748 : spdm_context, NULL, 0, m_requester_context,
3749 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3750 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3751 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3752 :
3753 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3754 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
3755 : #else
3756 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
3757 : #endif
3758 1 : free(data);
3759 1 : }
3760 :
3761 : /**
3762 : * Test 28: Error case , challenge context fields are inconsistent
3763 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
3764 : **/
3765 1 : static void req_challenge_case28(void **state)
3766 : {
3767 : libspdm_return_t status;
3768 : libspdm_test_context_t *spdm_test_context;
3769 : libspdm_context_t *spdm_context;
3770 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3771 : void *data;
3772 : size_t data_size;
3773 : void *hash;
3774 : size_t hash_size;
3775 :
3776 1 : spdm_test_context = *state;
3777 1 : spdm_context = spdm_test_context->spdm_context;
3778 1 : spdm_test_context->case_id = 0x1C;
3779 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3780 1 : spdm_context->connection_info.capability.flags = 0;
3781 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3782 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3783 : m_libspdm_use_asym_algo, &data,
3784 : &data_size, &hash, &hash_size)) {
3785 0 : assert(false);
3786 : }
3787 1 : libspdm_reset_message_a(spdm_context);
3788 1 : libspdm_reset_message_b(spdm_context);
3789 1 : libspdm_reset_message_c(spdm_context);
3790 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3791 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3792 :
3793 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3794 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3795 :
3796 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3797 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3798 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3799 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3800 : data, data_size);
3801 : #else
3802 1 : libspdm_hash_all(
3803 : spdm_context->connection_info.algorithm.base_hash_algo,
3804 : data, data_size,
3805 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3806 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3807 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3808 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3809 : spdm_context->connection_info.algorithm.base_hash_algo,
3810 : spdm_context->connection_info.algorithm.base_asym_algo,
3811 : data, data_size,
3812 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3813 : #endif
3814 :
3815 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3816 :
3817 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3818 :
3819 1 : status = libspdm_challenge_ex2(
3820 : spdm_context, NULL, 0, m_requester_context,
3821 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3822 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3823 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3824 :
3825 1 : free(data);
3826 1 : }
3827 :
3828 1 : int libspdm_req_challenge_test(void)
3829 : {
3830 1 : const struct CMUnitTest test_cases[] = {
3831 : /* SendRequest failed*/
3832 : cmocka_unit_test(req_challenge_case1),
3833 : /* Successful response*/
3834 : cmocka_unit_test(req_challenge_case2),
3835 : /* connection_state check failed*/
3836 : cmocka_unit_test(req_challenge_case3),
3837 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3838 : cmocka_unit_test(req_challenge_case4),
3839 : /* Always SPDM_ERROR_CODE_BUSY*/
3840 : cmocka_unit_test(req_challenge_case5),
3841 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3842 : cmocka_unit_test(req_challenge_case6),
3843 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3844 : cmocka_unit_test(req_challenge_case7),
3845 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3846 : cmocka_unit_test(req_challenge_case8),
3847 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3848 : cmocka_unit_test(req_challenge_case9),
3849 : /* SpdmCmdReceiveState check failed*/
3850 : cmocka_unit_test(req_challenge_case10),
3851 : /* Successful response + device error*/
3852 : cmocka_unit_test(req_challenge_case11),
3853 : cmocka_unit_test(req_challenge_case12),
3854 : cmocka_unit_test(req_challenge_case13),
3855 : cmocka_unit_test(req_challenge_case14),
3856 : /* Invalid parameter*/
3857 : cmocka_unit_test(req_challenge_case15),
3858 : /* Successful response*/
3859 : cmocka_unit_test(req_challenge_case16),
3860 : /* Signature check failed*/
3861 : cmocka_unit_test(req_challenge_case17),
3862 : /* Successful response*/
3863 : cmocka_unit_test(req_challenge_case18),
3864 : cmocka_unit_test(req_challenge_case19),
3865 : /* Unexpected errors*/
3866 : cmocka_unit_test(req_challenge_case20),
3867 : cmocka_unit_test(req_challenge_case21),
3868 : /* Buffer verification*/
3869 : cmocka_unit_test(req_challenge_case22),
3870 : /* Challeng differenr slot with GetCert*/
3871 : cmocka_unit_test(req_challenge_case23),
3872 : /* Challeng using provisioned public key (slot_id 0xFF) */
3873 : cmocka_unit_test(req_challenge_case24),
3874 : /* opaque_length greater than the maximum allowed */
3875 : cmocka_unit_test(req_challenge_case25),
3876 : /* the OpaqueDataFmt1 bit is selected in OtherParamsSelection of ALGORITHMS*/
3877 : cmocka_unit_test(req_challenge_case26),
3878 : /* Successful response, With the correct challenge context field*/
3879 : cmocka_unit_test(req_challenge_case27),
3880 : /* Error response: challenge context fields are inconsistent*/
3881 : cmocka_unit_test(req_challenge_case28),
3882 : };
3883 :
3884 1 : libspdm_test_context_t test_context = {
3885 : LIBSPDM_TEST_CONTEXT_VERSION,
3886 : true,
3887 : send_message,
3888 : receive_message,
3889 : };
3890 :
3891 1 : libspdm_setup_test_context(&test_context);
3892 :
3893 1 : return cmocka_run_group_tests(test_cases,
3894 : libspdm_unit_test_group_setup,
3895 : libspdm_unit_test_group_teardown);
3896 : }
3897 :
3898 : #endif /* LIBSPDM_SEND_CHALLENGE_SUPPORT */
|
