Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if LIBSPDM_SEND_CHALLENGE_SUPPORT
11 :
12 : static size_t m_libspdm_local_buffer_size;
13 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_M1M2_BUFFER_SIZE];
14 :
15 : static size_t m_libspdm_opaque_data_size;
16 : static uint8_t m_libspdm_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
17 :
18 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
19 :
20 46 : static libspdm_return_t send_message(
21 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
22 : {
23 : libspdm_test_context_t *spdm_test_context;
24 : const uint8_t *ptr;
25 :
26 46 : spdm_test_context = libspdm_get_test_context();
27 46 : ptr = (const uint8_t *)request;
28 46 : switch (spdm_test_context->case_id) {
29 1 : case 0x1:
30 1 : return LIBSPDM_STATUS_SEND_FAIL;
31 1 : case 0x2:
32 1 : m_libspdm_local_buffer_size = 0;
33 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
34 : request_size - 1);
35 1 : m_libspdm_local_buffer_size += (request_size - 1);
36 1 : return LIBSPDM_STATUS_SUCCESS;
37 0 : case 0x3:
38 0 : m_libspdm_local_buffer_size = 0;
39 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
40 : request_size - 1);
41 0 : m_libspdm_local_buffer_size += (request_size - 1);
42 0 : return LIBSPDM_STATUS_SUCCESS;
43 1 : case 0x4:
44 1 : m_libspdm_local_buffer_size = 0;
45 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
46 : request_size - 1);
47 1 : m_libspdm_local_buffer_size += (request_size - 1);
48 1 : return LIBSPDM_STATUS_SUCCESS;
49 1 : case 0x5:
50 1 : m_libspdm_local_buffer_size = 0;
51 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
52 : request_size - 1);
53 1 : m_libspdm_local_buffer_size += (request_size - 1);
54 1 : return LIBSPDM_STATUS_SUCCESS;
55 2 : case 0x6:
56 2 : m_libspdm_local_buffer_size = 0;
57 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
58 : request_size - 1);
59 2 : m_libspdm_local_buffer_size += (request_size - 1);
60 2 : return LIBSPDM_STATUS_SUCCESS;
61 1 : case 0x7:
62 1 : m_libspdm_local_buffer_size = 0;
63 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
64 : request_size - 1);
65 1 : m_libspdm_local_buffer_size += (request_size - 1);
66 1 : return LIBSPDM_STATUS_SUCCESS;
67 2 : case 0x8:
68 2 : m_libspdm_local_buffer_size = 0;
69 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
70 : request_size - 1);
71 2 : m_libspdm_local_buffer_size += (request_size - 1);
72 2 : return LIBSPDM_STATUS_SUCCESS;
73 2 : case 0x9: {
74 : static size_t sub_index = 0;
75 2 : if (sub_index == 0) {
76 1 : m_libspdm_local_buffer_size = 0;
77 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
78 : request_size - 1);
79 1 : m_libspdm_local_buffer_size += (request_size - 1);
80 1 : sub_index++;
81 : }
82 : }
83 2 : return LIBSPDM_STATUS_SUCCESS;
84 27 : case 0xA:
85 : case 0xB:
86 : case 0xC:
87 : case 0xD:
88 : case 0xE:
89 : case 0xF:
90 : case 0x10:
91 : case 0x11:
92 : case 0x12:
93 : case 0x13:
94 : case 0x14:
95 : case 0x15:
96 27 : m_libspdm_local_buffer_size = 0;
97 27 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
98 : request_size - 1);
99 27 : m_libspdm_local_buffer_size += (request_size - 1);
100 27 : return LIBSPDM_STATUS_SUCCESS;
101 1 : case 0x16: {
102 : /* arbitrary data must be inserted in the message buffer for computing
103 : * the response hash */
104 1 : m_libspdm_local_buffer_size = 0;
105 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
106 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 10, (uint8_t) 0xFF);
107 : m_libspdm_local_buffer_size += 10;
108 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 8, (uint8_t) 0xEE);
109 : m_libspdm_local_buffer_size += 8;
110 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 12, (uint8_t) 0xDD);
111 : m_libspdm_local_buffer_size += 12;
112 : #endif
113 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
114 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
115 1 : &ptr[1], request_size - 1);
116 1 : m_libspdm_local_buffer_size += (request_size - 1);
117 : }
118 1 : return LIBSPDM_STATUS_SUCCESS;
119 2 : case 0x17:
120 2 : m_libspdm_local_buffer_size = 0;
121 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
122 : request_size - 1);
123 2 : m_libspdm_local_buffer_size += (request_size - 1);
124 2 : return LIBSPDM_STATUS_SUCCESS;
125 3 : case 0x18:
126 : case 0x19:
127 : case 0x1A:
128 3 : m_libspdm_local_buffer_size = 0;
129 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 3 : m_libspdm_local_buffer_size += (request_size - 1);
132 3 : return LIBSPDM_STATUS_SUCCESS;
133 2 : case 0x1B:
134 : case 0x1C:
135 2 : m_libspdm_local_buffer_size = 0;
136 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
137 : request_size - 1);
138 2 : m_libspdm_local_buffer_size += (request_size - 1);
139 2 : return LIBSPDM_STATUS_SUCCESS;
140 0 : default:
141 0 : return LIBSPDM_STATUS_SEND_FAIL;
142 : }
143 : }
144 :
145 45 : static libspdm_return_t receive_message(
146 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
147 : {
148 : libspdm_test_context_t *spdm_test_context;
149 :
150 45 : spdm_test_context = libspdm_get_test_context();
151 45 : switch (spdm_test_context->case_id) {
152 0 : case 0x1:
153 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
154 :
155 1 : case 0x2: { /*correct CHALLENGE_AUTH message*/
156 : spdm_challenge_auth_response_t *spdm_response;
157 : void *data;
158 : size_t data_size;
159 : uint8_t *ptr;
160 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
161 : size_t sig_size;
162 : size_t spdm_response_size;
163 : size_t transport_header_size;
164 :
165 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
166 : m_libspdm_use_asym_algo, &data,
167 : &data_size, NULL, NULL);
168 : ((libspdm_context_t *)spdm_context)
169 1 : ->local_context.local_cert_chain_provision_size[0] =
170 : data_size;
171 : ((libspdm_context_t *)spdm_context)
172 1 : ->local_context.local_cert_chain_provision[0] = data;
173 : ((libspdm_context_t *)spdm_context)
174 1 : ->connection_info.algorithm.base_asym_algo =
175 : m_libspdm_use_asym_algo;
176 : ((libspdm_context_t *)spdm_context)
177 1 : ->connection_info.algorithm.base_hash_algo =
178 : m_libspdm_use_hash_algo;
179 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
180 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
181 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
182 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
183 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
184 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
185 :
186 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
187 1 : spdm_response->header.request_response_code =
188 : SPDM_CHALLENGE_AUTH;
189 1 : spdm_response->header.param1 = 0;
190 1 : spdm_response->header.param2 = (1 << 0);
191 1 : ptr = (void *)(spdm_response + 1);
192 1 : libspdm_hash_all(
193 : m_libspdm_use_hash_algo,
194 : ((libspdm_context_t *)spdm_context)
195 : ->local_context.local_cert_chain_provision[0],
196 : ((libspdm_context_t *)spdm_context)
197 : ->local_context
198 : .local_cert_chain_provision_size[0],
199 : ptr);
200 1 : free(data);
201 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
202 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
203 1 : ptr += SPDM_NONCE_SIZE;
204 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
205 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
206 1 : *(uint16_t *)ptr = 0;
207 1 : ptr += sizeof(uint16_t);
208 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
209 : sizeof(m_libspdm_local_buffer) -
210 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
211 : m_libspdm_local_buffer),
212 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
213 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
214 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
215 : m_libspdm_local_buffer_size));
216 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
217 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
218 : m_libspdm_local_buffer_size, hash_data);
219 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
220 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
221 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
222 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
223 1 : libspdm_responder_data_sign(
224 : spdm_context,
225 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
226 : 0, SPDM_CHALLENGE_AUTH,
227 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
228 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
229 : ptr, &sig_size);
230 1 : ptr += sig_size;
231 :
232 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
233 : false, spdm_response_size,
234 : spdm_response, response_size,
235 : response);
236 : }
237 1 : return LIBSPDM_STATUS_SUCCESS;
238 :
239 0 : case 0x3: { /*correct CHALLENGE_AUTH message*/
240 : spdm_challenge_auth_response_t *spdm_response;
241 : void *data;
242 : size_t data_size;
243 : uint8_t *ptr;
244 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
245 : size_t sig_size;
246 : size_t spdm_response_size;
247 : size_t transport_header_size;
248 :
249 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
250 : m_libspdm_use_asym_algo, &data,
251 : &data_size, NULL, NULL);
252 : ((libspdm_context_t *)spdm_context)
253 0 : ->local_context.local_cert_chain_provision_size[0] =
254 : data_size;
255 : ((libspdm_context_t *)spdm_context)
256 0 : ->local_context.local_cert_chain_provision[0] = data;
257 : ((libspdm_context_t *)spdm_context)
258 0 : ->connection_info.algorithm.base_asym_algo =
259 : m_libspdm_use_asym_algo;
260 : ((libspdm_context_t *)spdm_context)
261 0 : ->connection_info.algorithm.base_hash_algo =
262 : m_libspdm_use_hash_algo;
263 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
264 0 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
265 0 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
266 0 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
267 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
268 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
269 :
270 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
271 0 : spdm_response->header.request_response_code =
272 : SPDM_CHALLENGE_AUTH;
273 0 : spdm_response->header.param1 = 0;
274 0 : spdm_response->header.param2 = (1 << 0);
275 0 : ptr = (void *)(spdm_response + 1);
276 0 : libspdm_hash_all(
277 : m_libspdm_use_hash_algo,
278 : ((libspdm_context_t *)spdm_context)
279 : ->local_context.local_cert_chain_provision[0],
280 : ((libspdm_context_t *)spdm_context)
281 : ->local_context
282 : .local_cert_chain_provision_size[0],
283 : ptr);
284 0 : free(data);
285 0 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
286 0 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
287 0 : ptr += SPDM_NONCE_SIZE;
288 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
289 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
290 0 : *(uint16_t *)ptr = 0;
291 0 : ptr += sizeof(uint16_t);
292 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
293 : sizeof(m_libspdm_local_buffer) -
294 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
295 : m_libspdm_local_buffer),
296 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
297 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
298 0 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
299 : m_libspdm_local_buffer_size, hash_data);
300 0 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
301 0 : libspdm_responder_data_sign(
302 : spdm_context,
303 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
304 : 0, SPDM_CHALLENGE_AUTH,
305 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
306 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
307 : ptr, &sig_size);
308 0 : ptr += sig_size;
309 :
310 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
311 : false, spdm_response_size,
312 : spdm_response, response_size,
313 : response);
314 : }
315 0 : return LIBSPDM_STATUS_SUCCESS;
316 :
317 1 : case 0x4: { /*correct ERROR message (invalid request)*/
318 : spdm_error_response_t *spdm_response;
319 : size_t spdm_response_size;
320 : size_t transport_header_size;
321 :
322 1 : spdm_response_size = sizeof(spdm_error_response_t);
323 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
324 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
325 :
326 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
327 1 : spdm_response->header.request_response_code = SPDM_ERROR;
328 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
329 1 : spdm_response->header.param2 = 0;
330 :
331 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
332 : false, spdm_response_size,
333 : spdm_response,
334 : response_size, response);
335 : }
336 1 : return LIBSPDM_STATUS_SUCCESS;
337 :
338 1 : case 0x5: { /*correct ERROR message (busy)*/
339 : spdm_error_response_t *spdm_response;
340 : size_t spdm_response_size;
341 : size_t transport_header_size;
342 :
343 1 : spdm_response_size = sizeof(spdm_error_response_t);
344 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
345 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
346 :
347 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
348 1 : spdm_response->header.request_response_code = SPDM_ERROR;
349 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
350 1 : spdm_response->header.param2 = 0;
351 :
352 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
353 : false, spdm_response_size,
354 : spdm_response,
355 : response_size, response);
356 : }
357 1 : return LIBSPDM_STATUS_SUCCESS;
358 :
359 2 : case 0x6: { /*correct ERROR message (busy) + correct CHALLENGE_AUTH message*/
360 : static size_t sub_index1 = 0;
361 2 : if (sub_index1 == 0) {
362 : spdm_error_response_t *spdm_response;
363 : size_t spdm_response_size;
364 : size_t transport_header_size;
365 :
366 1 : spdm_response_size = sizeof(spdm_error_response_t);
367 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
368 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
369 :
370 1 : spdm_response->header.spdm_version =
371 : SPDM_MESSAGE_VERSION_11;
372 1 : spdm_response->header.request_response_code = SPDM_ERROR;
373 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
374 1 : spdm_response->header.param2 = 0;
375 :
376 1 : libspdm_transport_test_encode_message(
377 : spdm_context, NULL, false, false,
378 : spdm_response_size, spdm_response,
379 : response_size, response);
380 1 : sub_index1++;
381 1 : } else if (sub_index1 == 1) {
382 : spdm_challenge_auth_response_t *spdm_response;
383 : void *data;
384 : size_t data_size;
385 : uint8_t *ptr;
386 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
387 : size_t sig_size;
388 : size_t spdm_response_size;
389 : size_t transport_header_size;
390 :
391 1 : libspdm_read_responder_public_certificate_chain(
392 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
393 : &data_size, NULL, NULL);
394 : ((libspdm_context_t *)spdm_context)
395 : ->local_context
396 1 : .local_cert_chain_provision_size[0] = data_size;
397 : ((libspdm_context_t *)spdm_context)
398 1 : ->local_context.local_cert_chain_provision[0] =
399 : data;
400 : ((libspdm_context_t *)spdm_context)
401 1 : ->connection_info.algorithm.base_asym_algo =
402 : m_libspdm_use_asym_algo;
403 : ((libspdm_context_t *)spdm_context)
404 1 : ->connection_info.algorithm.base_hash_algo =
405 : m_libspdm_use_hash_algo;
406 1 : spdm_response_size =
407 : sizeof(spdm_challenge_auth_response_t) +
408 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
409 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
410 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
411 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
412 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
413 :
414 1 : spdm_response->header.spdm_version =
415 : SPDM_MESSAGE_VERSION_11;
416 1 : spdm_response->header.request_response_code =
417 : SPDM_CHALLENGE_AUTH;
418 1 : spdm_response->header.param1 = 0;
419 1 : spdm_response->header.param2 = (1 << 0);
420 1 : ptr = (void *)(spdm_response + 1);
421 1 : libspdm_hash_all(
422 : m_libspdm_use_hash_algo,
423 : ((libspdm_context_t *)spdm_context)
424 : ->local_context
425 : .local_cert_chain_provision[0],
426 : ((libspdm_context_t *)spdm_context)
427 : ->local_context
428 : .local_cert_chain_provision_size[0],
429 : ptr);
430 1 : free(data);
431 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
432 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
433 1 : ptr += SPDM_NONCE_SIZE;
434 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
435 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
436 1 : *(uint16_t *)ptr = 0;
437 1 : ptr += sizeof(uint16_t);
438 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
439 : sizeof(m_libspdm_local_buffer)
440 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
441 : m_libspdm_local_buffer),
442 : spdm_response,
443 1 : (size_t)ptr - (size_t)spdm_response);
444 1 : m_libspdm_local_buffer_size +=
445 1 : ((size_t)ptr - (size_t)spdm_response);
446 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
447 : m_libspdm_local_buffer_size, hash_data);
448 1 : sig_size =
449 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
450 1 : libspdm_responder_data_sign(
451 : spdm_context,
452 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
453 : 0, SPDM_CHALLENGE_AUTH,
454 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
455 : m_libspdm_use_hash_algo,
456 : false, m_libspdm_local_buffer,
457 : m_libspdm_local_buffer_size, ptr,
458 : &sig_size);
459 1 : ptr += sig_size;
460 :
461 1 : libspdm_transport_test_encode_message(
462 : spdm_context, NULL, false, false, spdm_response_size,
463 : spdm_response, response_size, response);
464 : }
465 : }
466 2 : return LIBSPDM_STATUS_SUCCESS;
467 :
468 1 : case 0x7: { /*correct ERROR message (request resync)*/
469 : spdm_error_response_t *spdm_response;
470 : size_t spdm_response_size;
471 : size_t transport_header_size;
472 :
473 1 : spdm_response_size = sizeof(spdm_error_response_t);
474 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
475 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
476 :
477 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
478 1 : spdm_response->header.request_response_code = SPDM_ERROR;
479 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
480 1 : spdm_response->header.param2 = 0;
481 :
482 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
483 : false, spdm_response_size,
484 : spdm_response,
485 : response_size, response);
486 : }
487 1 : return LIBSPDM_STATUS_SUCCESS;
488 :
489 2 : case 0x8: { /*correct ERROR message (response net ready)*/
490 : spdm_error_response_data_response_not_ready_t *spdm_response;
491 : size_t spdm_response_size;
492 : size_t transport_header_size;
493 :
494 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
495 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
496 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
497 :
498 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
499 2 : spdm_response->header.request_response_code = SPDM_ERROR;
500 2 : spdm_response->header.param1 =
501 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
502 2 : spdm_response->header.param2 = 0;
503 2 : spdm_response->extend_error_data.rd_exponent = 1;
504 2 : spdm_response->extend_error_data.rd_tm = 2;
505 2 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
506 2 : spdm_response->extend_error_data.token = 0;
507 :
508 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
509 : false, spdm_response_size,
510 : spdm_response,
511 : response_size, response);
512 : }
513 2 : return LIBSPDM_STATUS_SUCCESS;
514 :
515 2 : case 0x9: { /*correct ERROR message (response not ready) + correct CHALLENGE_AUTH message*/
516 : static size_t sub_index2 = 0;
517 2 : if (sub_index2 == 0) {
518 : spdm_error_response_data_response_not_ready_t
519 : *spdm_response;
520 : size_t spdm_response_size;
521 : size_t transport_header_size;
522 :
523 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
524 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
525 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
526 :
527 1 : spdm_response->header.spdm_version =
528 : SPDM_MESSAGE_VERSION_11;
529 1 : spdm_response->header.request_response_code = SPDM_ERROR;
530 1 : spdm_response->header.param1 =
531 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
532 1 : spdm_response->header.param2 = 0;
533 1 : spdm_response->extend_error_data.rd_exponent = 1;
534 1 : spdm_response->extend_error_data.rd_tm = 2;
535 1 : spdm_response->extend_error_data.request_code =
536 : SPDM_CHALLENGE;
537 1 : spdm_response->extend_error_data.token = 1;
538 :
539 1 : libspdm_transport_test_encode_message(
540 : spdm_context, NULL, false, false,
541 : spdm_response_size, spdm_response,
542 : response_size, response);
543 1 : sub_index2++;
544 1 : } else if (sub_index2 == 1) {
545 : spdm_challenge_auth_response_t *spdm_response;
546 : void *data;
547 : size_t data_size;
548 : uint8_t *ptr;
549 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
550 : size_t sig_size;
551 : size_t spdm_response_size;
552 : size_t transport_header_size;
553 :
554 1 : libspdm_read_responder_public_certificate_chain(
555 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
556 : &data_size, NULL, NULL);
557 : ((libspdm_context_t *)spdm_context)
558 : ->local_context
559 1 : .local_cert_chain_provision_size[0] = data_size;
560 : ((libspdm_context_t *)spdm_context)
561 1 : ->local_context.local_cert_chain_provision[0] =
562 : data;
563 : ((libspdm_context_t *)spdm_context)
564 1 : ->connection_info.algorithm.base_asym_algo =
565 : m_libspdm_use_asym_algo;
566 : ((libspdm_context_t *)spdm_context)
567 1 : ->connection_info.algorithm.base_hash_algo =
568 : m_libspdm_use_hash_algo;
569 1 : spdm_response_size =
570 : sizeof(spdm_challenge_auth_response_t) +
571 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
572 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
573 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
574 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
575 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
576 :
577 1 : spdm_response->header.spdm_version =
578 : SPDM_MESSAGE_VERSION_11;
579 1 : spdm_response->header.request_response_code =
580 : SPDM_CHALLENGE_AUTH;
581 1 : spdm_response->header.param1 = 0;
582 1 : spdm_response->header.param2 = (1 << 0);
583 1 : ptr = (void *)(spdm_response + 1);
584 1 : libspdm_hash_all(
585 : m_libspdm_use_hash_algo,
586 : ((libspdm_context_t *)spdm_context)
587 : ->local_context
588 : .local_cert_chain_provision[0],
589 : ((libspdm_context_t *)spdm_context)
590 : ->local_context
591 : .local_cert_chain_provision_size[0],
592 : ptr);
593 1 : free(data);
594 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
595 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
596 1 : ptr += SPDM_NONCE_SIZE;
597 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
598 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
599 1 : *(uint16_t *)ptr = 0;
600 1 : ptr += sizeof(uint16_t);
601 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
602 : sizeof(m_libspdm_local_buffer)
603 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
604 : m_libspdm_local_buffer),
605 : spdm_response,
606 1 : (size_t)ptr - (size_t)spdm_response);
607 1 : m_libspdm_local_buffer_size +=
608 1 : ((size_t)ptr - (size_t)spdm_response);
609 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
610 : m_libspdm_local_buffer_size, hash_data);
611 1 : sig_size =
612 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
613 1 : libspdm_responder_data_sign(
614 : spdm_context,
615 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
616 : 0, SPDM_CHALLENGE_AUTH,
617 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
618 : m_libspdm_use_hash_algo,
619 : false, m_libspdm_local_buffer,
620 : m_libspdm_local_buffer_size, ptr,
621 : &sig_size);
622 1 : ptr += sig_size;
623 :
624 1 : libspdm_transport_test_encode_message(
625 : spdm_context, NULL, false, false, spdm_response_size,
626 : spdm_response, response_size, response);
627 : }
628 : }
629 2 : return LIBSPDM_STATUS_SUCCESS;
630 :
631 0 : case 0xA: /*correct CHALLENGE_AUTH message*/
632 : {
633 : spdm_challenge_auth_response_t *spdm_response;
634 : void *data;
635 : size_t data_size;
636 : uint8_t *Ptr;
637 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
638 : size_t sig_size;
639 : size_t spdm_response_size;
640 : size_t transport_header_size;
641 :
642 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
643 : m_libspdm_use_asym_algo,
644 : &data,
645 : &data_size, NULL, NULL);
646 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
647 : data_size;
648 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
649 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
650 : m_libspdm_use_asym_algo;
651 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
652 : m_libspdm_use_hash_algo;
653 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
654 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
655 : SPDM_NONCE_SIZE +
656 : 0 +
657 0 : sizeof(uint16_t) + 0 +
658 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
659 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
660 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
661 :
662 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
663 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
664 0 : spdm_response->header.param1 = 0;
665 0 : spdm_response->header.param2 = (1 << 0);
666 0 : Ptr = (void *)(spdm_response + 1);
667 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
668 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
669 : 0],
670 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
671 : 0],
672 : Ptr);
673 0 : free(data);
674 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
675 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
676 0 : Ptr += SPDM_NONCE_SIZE;
677 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
678 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
679 0 : *(uint16_t *)Ptr = 0;
680 0 : Ptr += sizeof(uint16_t);
681 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
682 : sizeof(m_libspdm_local_buffer) -
683 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
684 : m_libspdm_local_buffer),
685 : spdm_response,
686 0 : (size_t)Ptr - (size_t)spdm_response);
687 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
688 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
689 : m_libspdm_local_buffer_size, hash_data);
690 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
691 0 : libspdm_responder_data_sign(
692 : spdm_context,
693 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
694 : 0, SPDM_CHALLENGE_AUTH,
695 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
696 : false, m_libspdm_local_buffer,
697 : m_libspdm_local_buffer_size, Ptr, &sig_size);
698 0 : Ptr += sig_size;
699 :
700 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
701 : spdm_response, response_size, response);
702 : }
703 0 : return LIBSPDM_STATUS_SUCCESS;
704 :
705 1 : case 0xB: /*CHALLENGE_AUTH message smaller than a SPDM header*/
706 : {
707 : spdm_challenge_auth_response_t *spdm_response;
708 : size_t spdm_response_size;
709 : size_t transport_header_size;
710 :
711 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
712 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
713 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) - 1; /*smaller than standard message size*/
714 :
715 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
716 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
717 1 : spdm_response->header.param1 = 0;
718 1 : spdm_response->header.param2 = (1 << 0);
719 :
720 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
721 : spdm_response, response_size, response);
722 : }
723 1 : return LIBSPDM_STATUS_SUCCESS;
724 :
725 1 : case 0xC: /*CHALLENGE_AUTH message with wrong version (1.0)*/
726 : {
727 : spdm_challenge_auth_response_t *spdm_response;
728 : void *data;
729 : size_t data_size;
730 : uint8_t *Ptr;
731 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
732 : size_t sig_size;
733 : size_t spdm_response_size;
734 : size_t transport_header_size;
735 :
736 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
737 : m_libspdm_use_asym_algo,
738 : &data,
739 : &data_size, NULL, NULL);
740 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
741 : data_size;
742 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
743 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
744 : m_libspdm_use_asym_algo;
745 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
746 : m_libspdm_use_hash_algo;
747 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
748 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
749 1 : SPDM_NONCE_SIZE +
750 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
751 1 : sizeof(uint16_t) + 0 +
752 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
753 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
754 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
755 :
756 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10; /*wrong version*/
757 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
758 1 : spdm_response->header.param1 = 0;
759 1 : spdm_response->header.param2 = (1 << 0);
760 1 : Ptr = (void *)(spdm_response + 1);
761 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
762 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
763 : 0],
764 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
765 : 0],
766 : Ptr);
767 1 : free(data);
768 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
769 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
770 1 : Ptr += SPDM_NONCE_SIZE;
771 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
772 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
773 1 : *(uint16_t *)Ptr = 0;
774 1 : Ptr += sizeof(uint16_t);
775 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
776 : sizeof(m_libspdm_local_buffer) -
777 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
778 : m_libspdm_local_buffer),
779 : spdm_response,
780 1 : (size_t)Ptr - (size_t)spdm_response);
781 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
782 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
783 : m_libspdm_local_buffer_size, hash_data);
784 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
785 1 : libspdm_responder_data_sign(
786 : spdm_context,
787 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
788 : 0, SPDM_CHALLENGE_AUTH,
789 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
790 : false, m_libspdm_local_buffer,
791 : m_libspdm_local_buffer_size, Ptr, &sig_size);
792 1 : Ptr += sig_size;
793 :
794 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
795 : spdm_response, response_size, response);
796 : }
797 1 : return LIBSPDM_STATUS_SUCCESS;
798 :
799 1 : case 0xD: /*SPDM (mostly CHALLENGE_AUTH) message with wrong response code (0x83)*/
800 : {
801 : spdm_challenge_auth_response_t *spdm_response;
802 : void *data;
803 : size_t data_size;
804 : uint8_t *Ptr;
805 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
806 : size_t sig_size;
807 : size_t spdm_response_size;
808 : size_t transport_header_size;
809 :
810 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
811 : m_libspdm_use_asym_algo,
812 : &data,
813 : &data_size, NULL, NULL);
814 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
815 : data_size;
816 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
817 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
818 : m_libspdm_use_asym_algo;
819 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
820 : m_libspdm_use_hash_algo;
821 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
822 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
823 : SPDM_NONCE_SIZE +
824 : 0 +
825 1 : sizeof(uint16_t) + 0 +
826 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
827 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
828 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
829 :
830 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
831 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE; /*wrong response code*/
832 1 : spdm_response->header.param1 = 0;
833 1 : spdm_response->header.param2 = (1 << 0);
834 1 : Ptr = (void *)(spdm_response + 1);
835 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
836 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
837 : 0],
838 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
839 : 0],
840 : Ptr);
841 1 : free(data);
842 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
843 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
844 1 : Ptr += SPDM_NONCE_SIZE;
845 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
846 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
847 1 : *(uint16_t *)Ptr = 0;
848 1 : Ptr += sizeof(uint16_t);
849 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
850 : sizeof(m_libspdm_local_buffer) -
851 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
852 : m_libspdm_local_buffer),
853 : spdm_response,
854 1 : (size_t)Ptr - (size_t)spdm_response);
855 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
856 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
857 : m_libspdm_local_buffer_size, hash_data);
858 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
859 1 : libspdm_responder_data_sign(
860 : spdm_context,
861 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
862 : 0, SPDM_CHALLENGE_AUTH,
863 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
864 : false, m_libspdm_local_buffer,
865 : m_libspdm_local_buffer_size, Ptr, &sig_size);
866 1 : Ptr += sig_size;
867 :
868 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
869 : spdm_response, response_size, response);
870 : }
871 1 : return LIBSPDM_STATUS_SUCCESS;
872 :
873 1 : case 0xE: /*correct CHALLENGE_AUTH message with wrong slot number*/
874 : {
875 : spdm_challenge_auth_response_t *spdm_response;
876 : void *data;
877 : size_t data_size;
878 : uint8_t *Ptr;
879 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
880 : size_t sig_size;
881 : size_t spdm_response_size;
882 : size_t transport_header_size;
883 :
884 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
885 : m_libspdm_use_asym_algo,
886 : &data,
887 : &data_size, NULL, NULL);
888 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
889 : data_size;
890 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
891 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
892 : m_libspdm_use_asym_algo;
893 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
894 : m_libspdm_use_hash_algo;
895 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
896 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
897 : SPDM_NONCE_SIZE +
898 : 0 +
899 1 : sizeof(uint16_t) + 0 +
900 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
901 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
902 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
903 :
904 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
905 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
906 1 : spdm_response->header.param1 = 1;
907 1 : spdm_response->header.param2 = (1 << 1); /*wrong slot number*/
908 1 : Ptr = (void *)(spdm_response + 1);
909 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
910 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
911 : 0],
912 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
913 : 0],
914 : Ptr);
915 1 : free(data);
916 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
917 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
918 1 : Ptr += SPDM_NONCE_SIZE;
919 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
920 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
921 1 : *(uint16_t *)Ptr = 0;
922 1 : Ptr += sizeof(uint16_t);
923 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
924 : sizeof(m_libspdm_local_buffer) -
925 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
926 : m_libspdm_local_buffer),
927 : spdm_response,
928 1 : (size_t)Ptr - (size_t)spdm_response);
929 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
930 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
931 : m_libspdm_local_buffer_size, hash_data);
932 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
933 1 : libspdm_responder_data_sign(
934 : spdm_context,
935 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
936 : 0, SPDM_CHALLENGE_AUTH,
937 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
938 : false, m_libspdm_local_buffer,
939 : m_libspdm_local_buffer_size, Ptr, &sig_size);
940 1 : Ptr += sig_size;
941 :
942 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
943 : spdm_response, response_size, response);
944 : }
945 1 : return LIBSPDM_STATUS_SUCCESS;
946 :
947 0 : case 0xF: /*CHALLENGE_AUTH message with slot number overflow*/
948 : {
949 : spdm_challenge_auth_response_t *spdm_response;
950 : void *data;
951 : size_t data_size;
952 : uint8_t *Ptr;
953 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
954 : size_t sig_size;
955 : size_t spdm_response_size;
956 : size_t transport_header_size;
957 :
958 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
959 : m_libspdm_use_asym_algo,
960 : &data,
961 : &data_size, NULL, NULL);
962 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
963 : data_size;
964 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
965 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
966 : m_libspdm_use_asym_algo;
967 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
968 : m_libspdm_use_hash_algo;
969 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
970 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
971 : SPDM_NONCE_SIZE +
972 : 0 +
973 0 : sizeof(uint16_t) + 0 +
974 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
975 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
976 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
977 :
978 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
979 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
980 0 : spdm_response->header.param1 = 8; /*slot number overflow*/
981 0 : spdm_response->header.param2 = (1 << 0);
982 0 : Ptr = (void *)(spdm_response + 1);
983 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
984 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
985 : 0],
986 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
987 : 0],
988 : Ptr);
989 0 : free(data);
990 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
991 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
992 0 : Ptr += SPDM_NONCE_SIZE;
993 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
994 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
995 0 : *(uint16_t *)Ptr = 0;
996 0 : Ptr += sizeof(uint16_t);
997 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
998 : sizeof(m_libspdm_local_buffer) -
999 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1000 : m_libspdm_local_buffer),
1001 : spdm_response,
1002 0 : (size_t)Ptr - (size_t)spdm_response);
1003 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1004 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1005 : m_libspdm_local_buffer_size, hash_data);
1006 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1007 0 : libspdm_responder_data_sign(
1008 : spdm_context,
1009 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1010 : 0, SPDM_CHALLENGE_AUTH,
1011 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1012 : false, m_libspdm_local_buffer,
1013 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1014 0 : Ptr += sig_size;
1015 :
1016 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1017 : spdm_response, response_size, response);
1018 : }
1019 0 : return LIBSPDM_STATUS_SUCCESS;
1020 :
1021 1 : case 0x10: /*correct CHALLENGE_AUTH message with "libspdm" opaque data*/
1022 : {
1023 : spdm_challenge_auth_response_t *spdm_response;
1024 : void *data;
1025 : size_t data_size;
1026 : uint8_t *Ptr;
1027 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1028 : size_t sig_size;
1029 : size_t spdm_response_size;
1030 : size_t transport_header_size;
1031 :
1032 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1033 : m_libspdm_use_asym_algo,
1034 : &data,
1035 : &data_size, NULL, NULL);
1036 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1037 : data_size;
1038 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1039 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1040 : m_libspdm_use_asym_algo;
1041 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1042 : m_libspdm_use_hash_algo;
1043 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1044 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1045 : SPDM_NONCE_SIZE +
1046 : 0 +
1047 1 : sizeof(uint16_t) + 8 +
1048 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1049 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1050 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1051 :
1052 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1053 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1054 1 : spdm_response->header.param1 = 0;
1055 1 : spdm_response->header.param2 = (1 << 0);
1056 1 : Ptr = (void *)(spdm_response + 1);
1057 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1058 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1059 : 0],
1060 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1061 : 0],
1062 : Ptr);
1063 1 : free(data);
1064 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1065 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1066 1 : Ptr += SPDM_NONCE_SIZE;
1067 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1068 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1069 1 : *(uint16_t *)Ptr = (uint16_t)strlen("libspdm");
1070 1 : Ptr += sizeof(uint16_t);
1071 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr, "libspdm",
1072 : strlen("libspdm"));
1073 1 : Ptr += strlen("libspdm");
1074 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1075 : sizeof(m_libspdm_local_buffer) -
1076 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1077 : m_libspdm_local_buffer),
1078 : spdm_response,
1079 1 : (size_t)Ptr - (size_t)spdm_response);
1080 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1081 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1082 : m_libspdm_local_buffer_size, hash_data);
1083 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1084 1 : libspdm_responder_data_sign(
1085 : spdm_context,
1086 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1087 : 0, SPDM_CHALLENGE_AUTH,
1088 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1089 : false, m_libspdm_local_buffer,
1090 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1091 1 : Ptr += sig_size;
1092 :
1093 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1094 : spdm_response, response_size, response);
1095 : }
1096 1 : return LIBSPDM_STATUS_SUCCESS;
1097 :
1098 1 : case 0x11: /*correct CHALLENGE_AUTH message with invalid signature*/
1099 : {
1100 : spdm_challenge_auth_response_t *spdm_response;
1101 : void *data;
1102 : size_t data_size;
1103 : uint8_t *Ptr;
1104 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1105 : size_t sig_size;
1106 : size_t spdm_response_size;
1107 : size_t transport_header_size;
1108 :
1109 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1110 : m_libspdm_use_asym_algo,
1111 : &data,
1112 : &data_size, NULL, NULL);
1113 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1114 : data_size;
1115 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1116 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1117 : m_libspdm_use_asym_algo;
1118 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1119 : m_libspdm_use_hash_algo;
1120 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1121 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1122 : SPDM_NONCE_SIZE +
1123 : 0 +
1124 1 : sizeof(uint16_t) + 0 +
1125 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1126 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1127 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1128 :
1129 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1130 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1131 1 : spdm_response->header.param1 = 0;
1132 1 : spdm_response->header.param2 = (1 << 0);
1133 1 : Ptr = (void *)(spdm_response + 1);
1134 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1135 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1136 : 0],
1137 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1138 : 0],
1139 : Ptr);
1140 1 : free(data);
1141 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1142 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1143 1 : Ptr += SPDM_NONCE_SIZE;
1144 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1145 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1146 1 : *(uint16_t *)Ptr = 0;
1147 1 : Ptr += sizeof(uint16_t);
1148 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1149 : sizeof(m_libspdm_local_buffer) -
1150 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1151 : m_libspdm_local_buffer),
1152 : spdm_response,
1153 1 : (size_t)Ptr - (size_t)spdm_response);
1154 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1155 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1156 : m_libspdm_local_buffer_size, hash_data);
1157 1 : libspdm_hash_all (m_libspdm_use_hash_algo, hash_data, libspdm_get_hash_size (
1158 : m_libspdm_use_hash_algo), hash_data);
1159 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1160 1 : libspdm_responder_data_sign(
1161 : spdm_context,
1162 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1163 : 0, SPDM_CHALLENGE_AUTH,
1164 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1165 1 : false, hash_data, libspdm_get_hash_size (
1166 : m_libspdm_use_hash_algo), Ptr, &sig_size);
1167 1 : Ptr += sig_size;
1168 :
1169 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1170 : spdm_response, response_size, response);
1171 : }
1172 1 : return LIBSPDM_STATUS_SUCCESS;
1173 :
1174 2 : case 0x12: /*correct CHALLENGE_AUTH message*/
1175 : case 0x13: /*correct CHALLENGE_AUTH message*/
1176 : {
1177 : spdm_challenge_auth_response_t *spdm_response;
1178 : void *data;
1179 : size_t data_size;
1180 : uint8_t *Ptr;
1181 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1182 : size_t sig_size;
1183 : size_t spdm_response_size;
1184 : size_t transport_header_size;
1185 :
1186 2 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1187 : m_libspdm_use_asym_algo,
1188 : &data,
1189 : &data_size, NULL, NULL);
1190 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1191 : data_size;
1192 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1193 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1194 : m_libspdm_use_asym_algo;
1195 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1196 : m_libspdm_use_hash_algo;
1197 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1198 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1199 2 : SPDM_NONCE_SIZE +
1200 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1201 2 : sizeof(uint16_t) + 0 +
1202 2 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1203 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1204 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1205 :
1206 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1207 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1208 2 : spdm_response->header.param1 = 0;
1209 2 : spdm_response->header.param2 = (1 << 0);
1210 2 : Ptr = (void *)(spdm_response + 1);
1211 2 : libspdm_hash_all (m_libspdm_use_hash_algo,
1212 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1213 : 0],
1214 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1215 : 0],
1216 : Ptr);
1217 2 : free(data);
1218 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1219 2 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1220 2 : Ptr += SPDM_NONCE_SIZE;
1221 2 : libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1222 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1223 2 : *(uint16_t *)Ptr = 0;
1224 2 : Ptr += sizeof(uint16_t);
1225 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1226 : sizeof(m_libspdm_local_buffer) -
1227 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1228 : m_libspdm_local_buffer),
1229 : spdm_response,
1230 2 : (size_t)Ptr - (size_t)spdm_response);
1231 2 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1232 2 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1233 : m_libspdm_local_buffer_size, hash_data);
1234 2 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1235 2 : libspdm_responder_data_sign(
1236 : spdm_context,
1237 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1238 : 0, SPDM_CHALLENGE_AUTH,
1239 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1240 : false, m_libspdm_local_buffer,
1241 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1242 2 : Ptr += sig_size;
1243 :
1244 2 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1245 : spdm_response, response_size, response);
1246 : }
1247 2 : return LIBSPDM_STATUS_SUCCESS;
1248 :
1249 18 : case 0x14:
1250 : {
1251 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1252 :
1253 : spdm_error_response_t *spdm_response;
1254 : size_t spdm_response_size;
1255 : size_t transport_header_size;
1256 :
1257 18 : if(error_code <= 0xff) {
1258 18 : spdm_response_size = sizeof(spdm_error_response_t);
1259 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1260 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1261 :
1262 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1263 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1264 18 : spdm_response->header.param1 = (uint8_t) error_code;
1265 18 : spdm_response->header.param2 = 0;
1266 :
1267 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1268 : spdm_response_size, spdm_response,
1269 : response_size, response);
1270 : }
1271 :
1272 18 : error_code++;
1273 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1274 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1275 : }
1276 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
1277 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1278 : }
1279 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
1280 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1281 : }
1282 : }
1283 18 : return LIBSPDM_STATUS_SUCCESS;
1284 :
1285 1 : case 0x15: /*correct CHALLENGE_AUTH message with multiple slot numbers */
1286 : {
1287 : spdm_challenge_auth_response_t *spdm_response;
1288 : void *data;
1289 : size_t data_size;
1290 : uint8_t *ptr;
1291 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1292 : size_t sig_size;
1293 : size_t spdm_response_size;
1294 : size_t transport_header_size;
1295 :
1296 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1297 : m_libspdm_use_asym_algo,
1298 : &data,
1299 : &data_size, NULL, NULL);
1300 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1301 : data_size;
1302 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1303 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1304 : m_libspdm_use_asym_algo;
1305 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1306 : m_libspdm_use_hash_algo;
1307 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1308 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1309 : SPDM_NONCE_SIZE +
1310 : 0 +
1311 1 : sizeof(uint16_t) + 0 +
1312 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1313 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1314 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1315 :
1316 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1317 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1318 1 : spdm_response->header.param1 = 0;
1319 1 : spdm_response->header.param2 = 0x71; /*multiple slot numbers */
1320 1 : ptr = (void *)(spdm_response + 1);
1321 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1322 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1323 : 0],
1324 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1325 : 0],
1326 : ptr);
1327 1 : free(data);
1328 1 : ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1329 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, ptr);
1330 1 : ptr += SPDM_NONCE_SIZE;
1331 1 : *(uint16_t *)ptr = 0;
1332 1 : ptr += sizeof(uint16_t);
1333 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1334 : sizeof(m_libspdm_local_buffer) -
1335 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1336 : m_libspdm_local_buffer),
1337 : spdm_response,
1338 1 : (size_t)ptr - (size_t)spdm_response);
1339 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1340 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1341 : m_libspdm_local_buffer_size, hash_data);
1342 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1343 1 : libspdm_responder_data_sign(
1344 : spdm_context,
1345 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1346 : 0, SPDM_CHALLENGE_AUTH,
1347 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1348 : false, m_libspdm_local_buffer,
1349 : m_libspdm_local_buffer_size, ptr, &sig_size);
1350 1 : ptr += sig_size;
1351 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1352 : spdm_response, response_size, response);
1353 : }
1354 1 : return LIBSPDM_STATUS_SUCCESS;
1355 :
1356 1 : case 0x16: { /*correct CHALLENGE_AUTH message*/
1357 : spdm_challenge_auth_response_t *spdm_response;
1358 : void *data;
1359 : size_t data_size;
1360 : uint8_t *ptr;
1361 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1362 : size_t sig_size;
1363 : size_t spdm_response_size;
1364 : size_t transport_header_size;
1365 :
1366 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1367 : m_libspdm_use_asym_algo,
1368 : &data,
1369 : &data_size, NULL, NULL);
1370 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1371 : data_size;
1372 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1373 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1374 : m_libspdm_use_asym_algo;
1375 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1376 : m_libspdm_use_hash_algo;
1377 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1378 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1379 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1380 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1381 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1382 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1383 :
1384 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1385 1 : spdm_response->header.request_response_code =SPDM_CHALLENGE_AUTH;
1386 1 : spdm_response->header.param1 = 0;
1387 1 : spdm_response->header.param2 = (1 << 0);
1388 1 : ptr = (void *)(spdm_response + 1);
1389 1 : libspdm_hash_all(m_libspdm_use_hash_algo,
1390 : ((libspdm_context_t *)spdm_context)
1391 : ->local_context.local_cert_chain_provision[0],
1392 : ((libspdm_context_t *)spdm_context)
1393 : ->local_context.local_cert_chain_provision_size[0],
1394 : ptr);
1395 1 : free(data);
1396 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1397 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1398 1 : ptr += SPDM_NONCE_SIZE;
1399 : /* libspdm_zero_mem (ptr, spdm_get_hash_size (m_libspdm_use_hash_algo));
1400 : * ptr += spdm_get_hash_size (m_libspdm_use_hash_algo);*/
1401 1 : *(uint16_t *)ptr = 0;
1402 1 : ptr += sizeof(uint16_t);
1403 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1404 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1405 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1406 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1407 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
1408 : m_libspdm_local_buffer_size));
1409 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1410 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1411 : m_libspdm_local_buffer_size, hash_data);
1412 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1413 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1414 1 : libspdm_dump_hex(hash_data, libspdm_get_hash_size(m_libspdm_use_hash_algo));
1415 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1416 1 : libspdm_responder_data_sign(
1417 : spdm_context,
1418 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1419 : 0, SPDM_CHALLENGE_AUTH,
1420 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1421 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1422 : ptr, &sig_size);
1423 1 : ptr += sig_size;
1424 :
1425 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1426 : false, spdm_response_size,
1427 : spdm_response, response_size,
1428 : response);
1429 : }
1430 1 : return LIBSPDM_STATUS_SUCCESS;
1431 :
1432 2 : case 0x17: { /*correct CHALLENGE_AUTH message*/
1433 : spdm_challenge_auth_response_t *spdm_response;
1434 : void *data;
1435 : size_t data_size;
1436 : uint8_t *ptr;
1437 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1438 : size_t sig_size;
1439 : size_t spdm_response_size;
1440 : size_t transport_header_size;
1441 : static uint8_t slot_id = 0;
1442 :
1443 2 : if (slot_id == 0) {
1444 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1445 : m_libspdm_use_asym_algo, &data,
1446 : &data_size, NULL, NULL);
1447 : } else {
1448 1 : libspdm_read_responder_public_certificate_chain_per_slot(1,
1449 : m_libspdm_use_hash_algo,
1450 : m_libspdm_use_asym_algo, &data,
1451 : &data_size, NULL, NULL);
1452 : }
1453 : ((libspdm_context_t *)spdm_context)
1454 2 : ->local_context.local_cert_chain_provision_size[slot_id] =
1455 : data_size;
1456 : ((libspdm_context_t *)spdm_context)
1457 2 : ->local_context.local_cert_chain_provision[slot_id] = data;
1458 : ((libspdm_context_t *)spdm_context)
1459 2 : ->connection_info.algorithm.base_asym_algo =
1460 : m_libspdm_use_asym_algo;
1461 : ((libspdm_context_t *)spdm_context)
1462 2 : ->connection_info.algorithm.base_hash_algo =
1463 : m_libspdm_use_hash_algo;
1464 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1465 2 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1466 2 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1467 2 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1468 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1469 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1470 :
1471 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1472 2 : spdm_response->header.request_response_code =
1473 : SPDM_CHALLENGE_AUTH;
1474 2 : spdm_response->header.param1 = slot_id & 0xF;
1475 2 : spdm_response->header.param2 = (1 << slot_id);
1476 2 : ptr = (void *)(spdm_response + 1);
1477 2 : libspdm_hash_all(
1478 : m_libspdm_use_hash_algo,
1479 : ((libspdm_context_t *)spdm_context)
1480 : ->local_context.local_cert_chain_provision[slot_id],
1481 : ((libspdm_context_t *)spdm_context)
1482 : ->local_context
1483 : .local_cert_chain_provision_size[slot_id],
1484 : ptr);
1485 2 : free(data);
1486 2 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1487 2 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1488 2 : ptr += SPDM_NONCE_SIZE;
1489 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1490 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1491 2 : *(uint16_t *)ptr = 0;
1492 2 : ptr += sizeof(uint16_t);
1493 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1494 : sizeof(m_libspdm_local_buffer) -
1495 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1496 : m_libspdm_local_buffer),
1497 2 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1498 2 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1499 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1500 : m_libspdm_local_buffer_size));
1501 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1502 2 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1503 : m_libspdm_local_buffer_size, hash_data);
1504 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1505 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1506 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1507 2 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1508 2 : libspdm_responder_data_sign(
1509 : spdm_context,
1510 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1511 : 0, SPDM_CHALLENGE_AUTH,
1512 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1513 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1514 : ptr, &sig_size);
1515 2 : ptr += sig_size;
1516 :
1517 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1518 : false, spdm_response_size,
1519 : spdm_response, response_size,
1520 : response);
1521 2 : slot_id++;
1522 : }
1523 2 : return LIBSPDM_STATUS_SUCCESS;
1524 :
1525 1 : case 0x18: { /* correct CHALLENGE_AUTH message using slot 0xFF */
1526 : spdm_challenge_auth_response_t *spdm_response;
1527 : void *data;
1528 : size_t data_size;
1529 : uint8_t *ptr;
1530 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1531 : size_t sig_size;
1532 : size_t spdm_response_size;
1533 : size_t transport_header_size;
1534 :
1535 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1536 : ((libspdm_context_t *)spdm_context)
1537 1 : ->local_context.local_public_key_provision_size = data_size;
1538 : ((libspdm_context_t *)spdm_context)
1539 1 : ->local_context.local_public_key_provision = data;
1540 : ((libspdm_context_t *)spdm_context)
1541 1 : ->connection_info.algorithm.base_asym_algo =
1542 : m_libspdm_use_asym_algo;
1543 : ((libspdm_context_t *)spdm_context)
1544 1 : ->connection_info.algorithm.base_hash_algo =
1545 : m_libspdm_use_hash_algo;
1546 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1547 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1548 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1549 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1550 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1551 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1552 :
1553 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1554 1 : spdm_response->header.request_response_code =
1555 : SPDM_CHALLENGE_AUTH;
1556 1 : spdm_response->header.param1 = 0x0F;
1557 1 : spdm_response->header.param2 = 0;
1558 1 : ptr = (void *)(spdm_response + 1);
1559 1 : libspdm_hash_all(
1560 : m_libspdm_use_hash_algo,
1561 : ((libspdm_context_t *)spdm_context)
1562 : ->local_context.local_public_key_provision,
1563 : ((libspdm_context_t *)spdm_context)
1564 : ->local_context
1565 : .local_public_key_provision_size,
1566 : ptr);
1567 1 : free(data);
1568 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1569 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1570 1 : ptr += SPDM_NONCE_SIZE;
1571 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1572 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1573 1 : *(uint16_t *)ptr = 0;
1574 1 : ptr += sizeof(uint16_t);
1575 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1576 : sizeof(m_libspdm_local_buffer) -
1577 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1578 : m_libspdm_local_buffer),
1579 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1580 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1581 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1582 : m_libspdm_local_buffer_size));
1583 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1584 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1585 : m_libspdm_local_buffer_size, hash_data);
1586 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1587 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1588 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1589 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1590 1 : libspdm_responder_data_sign(
1591 : spdm_context,
1592 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1593 : 0, SPDM_CHALLENGE_AUTH,
1594 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1595 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1596 : ptr, &sig_size);
1597 1 : ptr += sig_size;
1598 :
1599 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1600 : false, spdm_response_size,
1601 : spdm_response, response_size,
1602 : response);
1603 : }
1604 1 : return LIBSPDM_STATUS_SUCCESS;
1605 :
1606 1 : case 0x19: /*CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed*/
1607 : {
1608 : spdm_challenge_auth_response_t *spdm_response;
1609 : void *data;
1610 : size_t data_size;
1611 : uint8_t *Ptr;
1612 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1613 : size_t sig_size;
1614 : size_t spdm_response_size;
1615 : size_t transport_header_size;
1616 : uint16_t opaque_length;
1617 1 : opaque_length = SPDM_MAX_OPAQUE_DATA_SIZE + 1; /*opaque_length greater than the maximum allowed*/
1618 :
1619 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1620 : m_libspdm_use_asym_algo,
1621 : &data,
1622 : &data_size, NULL, NULL);
1623 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1624 : data_size;
1625 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1626 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1627 : m_libspdm_use_asym_algo;
1628 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1629 : m_libspdm_use_hash_algo;
1630 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1631 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1632 : SPDM_NONCE_SIZE +
1633 : 0 +
1634 1 : sizeof(uint16_t) +
1635 1 : opaque_length +
1636 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1637 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1638 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1639 :
1640 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1641 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1642 1 : spdm_response->header.param1 = 0;
1643 1 : spdm_response->header.param2 = (1 << 0);
1644 1 : Ptr = (void *)(spdm_response + 1);
1645 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1646 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1647 : 0],
1648 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1649 : 0],
1650 : Ptr);
1651 1 : free(data);
1652 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1653 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1654 1 : Ptr += SPDM_NONCE_SIZE;
1655 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1656 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1657 1 : *(uint16_t *)Ptr = opaque_length;
1658 1 : Ptr += sizeof(uint16_t);
1659 1 : libspdm_set_mem(Ptr, opaque_length, 255);
1660 1 : Ptr += opaque_length;
1661 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1662 : sizeof(m_libspdm_local_buffer) -
1663 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1664 : m_libspdm_local_buffer),
1665 : spdm_response,
1666 1 : (size_t)Ptr - (size_t)spdm_response);
1667 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1668 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1669 : m_libspdm_local_buffer_size, hash_data);
1670 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1671 1 : libspdm_responder_data_sign(
1672 : spdm_context,
1673 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1674 : 0, SPDM_CHALLENGE_AUTH,
1675 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1676 : false, m_libspdm_local_buffer,
1677 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1678 1 : Ptr += sig_size;
1679 :
1680 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1681 : spdm_response, response_size, response);
1682 : }
1683 1 : return LIBSPDM_STATUS_SUCCESS;
1684 :
1685 1 : case 0x1A:
1686 : {
1687 : spdm_challenge_auth_response_t *spdm_response;
1688 : spdm_general_opaque_data_table_header_t
1689 : *spdm_general_opaque_data_table_header;
1690 : opaque_element_table_header_t
1691 : *opaque_element_table_header;
1692 : void *data;
1693 : size_t data_size;
1694 : uint8_t *Ptr;
1695 : size_t sig_size;
1696 : size_t spdm_response_size;
1697 : size_t transport_header_size;
1698 : uint8_t element_num;
1699 : uint8_t element_index;
1700 : size_t current_element_len;
1701 : uint16_t opaque_element_data_len;
1702 :
1703 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1704 : m_libspdm_use_asym_algo,
1705 : &data,
1706 : &data_size, NULL, NULL);
1707 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1708 : data_size;
1709 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1710 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1711 : m_libspdm_use_asym_algo;
1712 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1713 : m_libspdm_use_hash_algo;
1714 :
1715 :
1716 1 : spdm_general_opaque_data_table_header = (void *)m_libspdm_opaque_data;
1717 1 : spdm_general_opaque_data_table_header->total_elements = 4;
1718 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1719 :
1720 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1721 1 : m_libspdm_opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1722 :
1723 5 : for (element_index = 0; element_index < element_num; element_index++) {
1724 4 : opaque_element_table_header->id = SPDM_REGISTRY_ID_MAX;
1725 4 : opaque_element_table_header->vendor_len = 0;
1726 4 : opaque_element_data_len = (uint16_t)strlen("libspdm");
1727 :
1728 4 : Ptr = (void *)(opaque_element_table_header + 1);
1729 4 : Ptr += opaque_element_table_header->vendor_len;
1730 :
1731 4 : libspdm_copy_mem((uint16_t *)Ptr,
1732 : sizeof(opaque_element_data_len),
1733 : &opaque_element_data_len,
1734 : sizeof(opaque_element_data_len));
1735 :
1736 4 : libspdm_copy_mem(Ptr + sizeof(opaque_element_data_len),
1737 : SPDM_MAX_OPAQUE_DATA_SIZE -
1738 : sizeof(opaque_element_table_header_t), "libspdm",
1739 : strlen("libspdm"));
1740 :
1741 4 : current_element_len = sizeof(opaque_element_table_header_t) +
1742 4 : opaque_element_table_header->vendor_len +
1743 4 : sizeof(opaque_element_data_len) +
1744 : opaque_element_data_len;
1745 4 : current_element_len = (current_element_len + 3) & ~3;
1746 :
1747 : /*move to next element*/
1748 4 : opaque_element_table_header =
1749 : (opaque_element_table_header_t *)
1750 : ((uint8_t *)opaque_element_table_header +
1751 : current_element_len);
1752 :
1753 4 : m_libspdm_opaque_data_size += current_element_len;
1754 : }
1755 :
1756 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1757 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1758 : SPDM_NONCE_SIZE +
1759 : 0 +
1760 2 : sizeof(uint16_t) + m_libspdm_opaque_data_size +
1761 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1762 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1763 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1764 :
1765 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
1766 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1767 1 : spdm_response->header.param1 = 0;
1768 1 : spdm_response->header.param2 = (1 << 0);
1769 1 : Ptr = (void *)(spdm_response + 1);
1770 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1771 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1772 : 0],
1773 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1774 : 0],
1775 : Ptr);
1776 1 : free(data);
1777 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1778 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1779 1 : Ptr += SPDM_NONCE_SIZE;
1780 1 : *(uint16_t *)Ptr = (uint16_t)m_libspdm_opaque_data_size;
1781 1 : Ptr += sizeof(uint16_t);
1782 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr,
1783 : m_libspdm_opaque_data,
1784 : m_libspdm_opaque_data_size);
1785 1 : Ptr += m_libspdm_opaque_data_size;
1786 :
1787 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1788 : sizeof(m_libspdm_local_buffer) -
1789 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1790 : m_libspdm_local_buffer),
1791 : spdm_response,
1792 1 : (size_t)Ptr - (size_t)spdm_response);
1793 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1794 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1795 1 : libspdm_responder_data_sign(
1796 : spdm_context,
1797 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1798 : 0, SPDM_CHALLENGE_AUTH,
1799 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1800 : false, m_libspdm_local_buffer,
1801 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1802 1 : Ptr += sig_size;
1803 :
1804 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1805 : spdm_response, response_size, response);
1806 : }
1807 1 : return LIBSPDM_STATUS_SUCCESS;
1808 1 : case 0x1B: {
1809 : spdm_challenge_auth_response_t *spdm_response;
1810 : void *data;
1811 : size_t data_size;
1812 : uint8_t *ptr;
1813 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1814 : size_t sig_size;
1815 : size_t spdm_response_size;
1816 : size_t transport_header_size;
1817 1 : uint8_t slot_id = 0;
1818 :
1819 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1820 : m_libspdm_use_asym_algo, &data,
1821 : &data_size, NULL, NULL);
1822 : ((libspdm_context_t *)spdm_context)
1823 1 : ->local_context.local_cert_chain_provision_size[0] =
1824 : data_size;
1825 : ((libspdm_context_t *)spdm_context)
1826 1 : ->local_context.local_cert_chain_provision[0] = data;
1827 : ((libspdm_context_t *)spdm_context)
1828 1 : ->connection_info.algorithm.base_asym_algo =
1829 : m_libspdm_use_asym_algo;
1830 : ((libspdm_context_t *)spdm_context)
1831 1 : ->connection_info.algorithm.base_hash_algo =
1832 : m_libspdm_use_hash_algo;
1833 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1834 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1835 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1836 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1837 : SPDM_REQ_CONTEXT_SIZE;
1838 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1839 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1840 :
1841 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1842 1 : spdm_response->header.request_response_code =
1843 : SPDM_CHALLENGE_AUTH;
1844 1 : spdm_response->header.param1 = slot_id;
1845 1 : spdm_response->header.param2 = (1 << slot_id);
1846 1 : ptr = (void *)(spdm_response + 1);
1847 1 : libspdm_hash_all(
1848 : m_libspdm_use_hash_algo,
1849 : ((libspdm_context_t *)spdm_context)
1850 : ->local_context.local_cert_chain_provision[slot_id],
1851 : ((libspdm_context_t *)spdm_context)
1852 : ->local_context
1853 : .local_cert_chain_provision_size[slot_id],
1854 : ptr);
1855 1 : free(data);
1856 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1857 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1858 1 : ptr += SPDM_NONCE_SIZE;
1859 1 : *(uint16_t *)ptr = 0;
1860 1 : ptr += sizeof(uint16_t);
1861 1 : libspdm_copy_mem(ptr, SPDM_REQ_CONTEXT_SIZE, m_requester_context, SPDM_REQ_CONTEXT_SIZE);
1862 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1863 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1864 : sizeof(m_libspdm_local_buffer) -
1865 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1866 : m_libspdm_local_buffer),
1867 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1868 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1869 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1870 : m_libspdm_local_buffer_size));
1871 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1872 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1873 : m_libspdm_local_buffer_size, hash_data);
1874 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1875 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1876 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1877 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1878 1 : libspdm_responder_data_sign(
1879 : spdm_context,
1880 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1881 : 0, SPDM_CHALLENGE_AUTH,
1882 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1883 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1884 : ptr, &sig_size);
1885 1 : ptr += sig_size;
1886 :
1887 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1888 : false, spdm_response_size,
1889 : spdm_response, response_size,
1890 : response);
1891 : }
1892 1 : return LIBSPDM_STATUS_SUCCESS;
1893 1 : case 0x1C: {
1894 : spdm_challenge_auth_response_t *spdm_response;
1895 : void *data;
1896 : size_t data_size;
1897 : uint8_t *ptr;
1898 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1899 : size_t sig_size;
1900 : size_t spdm_response_size;
1901 : size_t transport_header_size;
1902 1 : uint8_t slot_id = 0;
1903 :
1904 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1905 : m_libspdm_use_asym_algo, &data,
1906 : &data_size, NULL, NULL);
1907 : ((libspdm_context_t *)spdm_context)
1908 1 : ->local_context.local_cert_chain_provision_size[0] =
1909 : data_size;
1910 : ((libspdm_context_t *)spdm_context)
1911 1 : ->local_context.local_cert_chain_provision[0] = data;
1912 : ((libspdm_context_t *)spdm_context)
1913 1 : ->connection_info.algorithm.base_asym_algo =
1914 : m_libspdm_use_asym_algo;
1915 : ((libspdm_context_t *)spdm_context)
1916 1 : ->connection_info.algorithm.base_hash_algo =
1917 : m_libspdm_use_hash_algo;
1918 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1919 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1920 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1921 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1922 : SPDM_REQ_CONTEXT_SIZE;
1923 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1924 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1925 :
1926 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1927 1 : spdm_response->header.request_response_code =
1928 : SPDM_CHALLENGE_AUTH;
1929 1 : spdm_response->header.param1 = slot_id;
1930 1 : spdm_response->header.param2 = (1 << slot_id);
1931 1 : ptr = (void *)(spdm_response + 1);
1932 1 : libspdm_hash_all(
1933 : m_libspdm_use_hash_algo,
1934 : ((libspdm_context_t *)spdm_context)
1935 : ->local_context.local_cert_chain_provision[slot_id],
1936 : ((libspdm_context_t *)spdm_context)
1937 : ->local_context
1938 : .local_cert_chain_provision_size[slot_id],
1939 : ptr);
1940 1 : free(data);
1941 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1942 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1943 1 : ptr += SPDM_NONCE_SIZE;
1944 1 : *(uint16_t *)ptr = 0;
1945 1 : ptr += sizeof(uint16_t);
1946 1 : libspdm_get_random_number(SPDM_REQ_CONTEXT_SIZE,ptr);
1947 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1948 :
1949 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1950 : sizeof(m_libspdm_local_buffer) -
1951 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1952 : m_libspdm_local_buffer),
1953 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1954 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1955 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1956 : m_libspdm_local_buffer_size));
1957 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1958 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1959 : m_libspdm_local_buffer_size, hash_data);
1960 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1961 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1962 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1963 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1964 1 : libspdm_responder_data_sign(
1965 : spdm_context,
1966 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1967 : 0, SPDM_CHALLENGE_AUTH,
1968 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1969 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1970 : ptr, &sig_size);
1971 1 : ptr += sig_size;
1972 :
1973 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1974 : false, spdm_response_size,
1975 : spdm_response, response_size,
1976 : response);
1977 : }
1978 1 : return LIBSPDM_STATUS_SUCCESS;
1979 0 : default:
1980 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1981 : }
1982 : }
1983 :
1984 : /**
1985 : * Test 1: when no CHALLENGE_AUTH message is received, and the client returns a
1986 : * device error.
1987 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1988 : **/
1989 1 : static void req_challenge_case1(void **state)
1990 : {
1991 : libspdm_return_t status;
1992 : libspdm_test_context_t *spdm_test_context;
1993 : libspdm_context_t *spdm_context;
1994 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
1995 : void *data;
1996 : size_t data_size;
1997 : void *hash;
1998 : size_t hash_size;
1999 :
2000 1 : spdm_test_context = *state;
2001 1 : spdm_context = spdm_test_context->spdm_context;
2002 1 : spdm_test_context->case_id = 0x1;
2003 1 : spdm_context->connection_info.connection_state =
2004 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2005 1 : spdm_context->connection_info.capability.flags = 0;
2006 1 : spdm_context->connection_info.capability.flags |=
2007 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2008 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2009 : m_libspdm_use_asym_algo, &data,
2010 : &data_size, &hash, &hash_size)) {
2011 0 : assert(false);
2012 : }
2013 1 : libspdm_reset_message_a(spdm_context);
2014 1 : libspdm_reset_message_b(spdm_context);
2015 1 : libspdm_reset_message_c(spdm_context);
2016 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2017 : m_libspdm_use_hash_algo;
2018 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2019 : m_libspdm_use_asym_algo;
2020 :
2021 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2022 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2023 :
2024 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2025 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2026 : data_size;
2027 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2028 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2029 : data, data_size);
2030 : #else
2031 1 : libspdm_hash_all(
2032 : spdm_context->connection_info.algorithm.base_hash_algo,
2033 : data, data_size,
2034 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2035 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2036 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2037 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2038 : spdm_context->connection_info.algorithm.base_hash_algo,
2039 : spdm_context->connection_info.algorithm.base_asym_algo,
2040 : data, data_size,
2041 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2042 : #endif
2043 :
2044 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2045 1 : status = libspdm_challenge(
2046 : spdm_context, NULL, 0,
2047 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2048 : measurement_hash, NULL);
2049 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
2050 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2051 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2052 : #endif
2053 1 : free(data);
2054 1 : }
2055 :
2056 : /**
2057 : * Test 2: the requester is setup correctly to send a CHALLENGE message:
2058 : * - it has flags indicating that the previous messages were sent
2059 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2060 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2061 : * signature algorithms, and the use of challenges.
2062 : * - it has the responder's certificate chain.
2063 : * The CHALLENGE message requests usage of the first certificate in the chain
2064 : * (param1=0) and do not request measurements (param2=0).
2065 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2066 : * no opaque data and a signature on the sent nonce.
2067 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2068 : **/
2069 1 : static void req_challenge_case2(void **state)
2070 : {
2071 : libspdm_return_t status;
2072 : libspdm_test_context_t *spdm_test_context;
2073 : libspdm_context_t *spdm_context;
2074 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2075 : void *data;
2076 : size_t data_size;
2077 : void *hash;
2078 : size_t hash_size;
2079 :
2080 1 : spdm_test_context = *state;
2081 1 : spdm_context = spdm_test_context->spdm_context;
2082 1 : spdm_test_context->case_id = 0x2;
2083 1 : spdm_context->connection_info.connection_state =
2084 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2085 1 : spdm_context->connection_info.capability.flags = 0;
2086 1 : spdm_context->connection_info.capability.flags |=
2087 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2088 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2089 : m_libspdm_use_asym_algo, &data,
2090 : &data_size, &hash, &hash_size)) {
2091 0 : assert(false);
2092 : }
2093 1 : libspdm_reset_message_a(spdm_context);
2094 1 : libspdm_reset_message_b(spdm_context);
2095 1 : libspdm_reset_message_c(spdm_context);
2096 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2097 : m_libspdm_use_hash_algo;
2098 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2099 : m_libspdm_use_asym_algo;
2100 :
2101 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2102 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2103 :
2104 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2105 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2106 : data_size;
2107 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2108 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2109 : data, data_size);
2110 : #else
2111 1 : libspdm_hash_all(
2112 : spdm_context->connection_info.algorithm.base_hash_algo,
2113 : data, data_size,
2114 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2115 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2116 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2117 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2118 : spdm_context->connection_info.algorithm.base_hash_algo,
2119 : spdm_context->connection_info.algorithm.base_asym_algo,
2120 : data, data_size,
2121 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2122 : #endif
2123 :
2124 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2125 1 : status = libspdm_challenge(
2126 : spdm_context, NULL, 0,
2127 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2128 : measurement_hash, NULL);
2129 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2130 :
2131 : /* Completion of CHALLENGE sets M1/M2 to null. */
2132 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2133 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2134 : #else
2135 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
2136 : #endif
2137 1 : free(data);
2138 1 : }
2139 :
2140 : /**
2141 : * Test 3: the requester is not setup correctly to send a CHALLENGE message:
2142 : * - it has *no* flags indicating that the previous messages were sent
2143 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS); but
2144 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2145 : * signature algorithms, and the use of challenges.
2146 : * - it has the responder's certificate chain.
2147 : * The CHALLENGE message requests usage of the first certificate in the chain
2148 : * (param1=0) and do not request measurements (param2=0).
2149 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2150 : * no opaque data and a signature on the sent nonce.
2151 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2152 : * transcript buffer is not set.
2153 : **/
2154 1 : static void req_challenge_case3(void **state)
2155 : {
2156 : libspdm_return_t status;
2157 : libspdm_test_context_t *spdm_test_context;
2158 : libspdm_context_t *spdm_context;
2159 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2160 : void *data;
2161 : size_t data_size;
2162 : void *hash;
2163 : size_t hash_size;
2164 :
2165 1 : spdm_test_context = *state;
2166 1 : spdm_context = spdm_test_context->spdm_context;
2167 1 : spdm_test_context->case_id = 0x3;
2168 1 : spdm_context->connection_info.connection_state =
2169 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
2170 1 : spdm_context->connection_info.capability.flags = 0;
2171 1 : spdm_context->connection_info.capability.flags |=
2172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2173 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2174 : m_libspdm_use_asym_algo, &data,
2175 : &data_size, &hash, &hash_size)) {
2176 0 : assert(false);
2177 : }
2178 1 : libspdm_reset_message_a(spdm_context);
2179 1 : libspdm_reset_message_b(spdm_context);
2180 1 : libspdm_reset_message_c(spdm_context);
2181 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2182 : m_libspdm_use_hash_algo;
2183 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2184 : m_libspdm_use_asym_algo;
2185 :
2186 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2187 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2188 :
2189 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2190 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2191 : data_size;
2192 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2193 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2194 : data, data_size);
2195 : #else
2196 1 : libspdm_hash_all(
2197 : spdm_context->connection_info.algorithm.base_hash_algo,
2198 : data, data_size,
2199 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2200 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2201 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2202 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2203 : spdm_context->connection_info.algorithm.base_hash_algo,
2204 : spdm_context->connection_info.algorithm.base_asym_algo,
2205 : data, data_size,
2206 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2207 : #endif
2208 :
2209 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2210 1 : status = libspdm_challenge(
2211 : spdm_context, NULL, 0,
2212 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2213 : measurement_hash, NULL);
2214 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2215 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2216 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2217 : #endif
2218 1 : free(data);
2219 1 : }
2220 :
2221 : /**
2222 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
2223 : * message indicating InvalidParameters.
2224 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2225 : * transcript buffer is reset.
2226 : **/
2227 1 : static void req_challenge_case4(void **state)
2228 : {
2229 : libspdm_return_t status;
2230 : libspdm_test_context_t *spdm_test_context;
2231 : libspdm_context_t *spdm_context;
2232 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2233 : void *data;
2234 : size_t data_size;
2235 : void *hash;
2236 : size_t hash_size;
2237 :
2238 1 : spdm_test_context = *state;
2239 1 : spdm_context = spdm_test_context->spdm_context;
2240 1 : spdm_test_context->case_id = 0x4;
2241 1 : spdm_context->connection_info.connection_state =
2242 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2243 1 : spdm_context->connection_info.capability.flags = 0;
2244 1 : spdm_context->connection_info.capability.flags |=
2245 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2246 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2247 : m_libspdm_use_asym_algo, &data,
2248 : &data_size, &hash, &hash_size)) {
2249 0 : assert(false);
2250 : }
2251 1 : libspdm_reset_message_a(spdm_context);
2252 1 : libspdm_reset_message_b(spdm_context);
2253 1 : libspdm_reset_message_c(spdm_context);
2254 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2255 : m_libspdm_use_hash_algo;
2256 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2257 : m_libspdm_use_asym_algo;
2258 :
2259 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2260 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2261 :
2262 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2263 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2264 : data_size;
2265 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2266 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2267 : data, data_size);
2268 : #else
2269 1 : libspdm_hash_all(
2270 : spdm_context->connection_info.algorithm.base_hash_algo,
2271 : data, data_size,
2272 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2273 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2274 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2275 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2276 : spdm_context->connection_info.algorithm.base_hash_algo,
2277 : spdm_context->connection_info.algorithm.base_asym_algo,
2278 : data, data_size,
2279 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2280 : #endif
2281 :
2282 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2283 1 : status = libspdm_challenge(
2284 : spdm_context, NULL, 0,
2285 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2286 : measurement_hash, NULL);
2287 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
2288 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2289 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2290 : #endif
2291 1 : free(data);
2292 1 : }
2293 :
2294 : /**
2295 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
2296 : * message indicating the Busy status of the responder.
2297 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2298 : * transcript buffer is reset.
2299 : **/
2300 1 : static void req_challenge_case5(void **state)
2301 : {
2302 : libspdm_return_t status;
2303 : libspdm_test_context_t *spdm_test_context;
2304 : libspdm_context_t *spdm_context;
2305 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2306 : void *data;
2307 : size_t data_size;
2308 : void *hash;
2309 : size_t hash_size;
2310 :
2311 1 : spdm_test_context = *state;
2312 1 : spdm_context = spdm_test_context->spdm_context;
2313 1 : spdm_test_context->case_id = 0x5;
2314 1 : spdm_context->connection_info.connection_state =
2315 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2316 1 : spdm_context->connection_info.capability.flags = 0;
2317 1 : spdm_context->connection_info.capability.flags |=
2318 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2319 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2320 : m_libspdm_use_asym_algo, &data,
2321 : &data_size, &hash, &hash_size)) {
2322 0 : assert(false);
2323 : }
2324 1 : libspdm_reset_message_a(spdm_context);
2325 1 : libspdm_reset_message_b(spdm_context);
2326 1 : libspdm_reset_message_c(spdm_context);
2327 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2328 : m_libspdm_use_hash_algo;
2329 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2330 : m_libspdm_use_asym_algo;
2331 :
2332 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2333 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2334 :
2335 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2336 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2337 : data_size;
2338 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2339 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2340 : data, data_size);
2341 : #else
2342 1 : libspdm_hash_all(
2343 : spdm_context->connection_info.algorithm.base_hash_algo,
2344 : data, data_size,
2345 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2346 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2347 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2348 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2349 : spdm_context->connection_info.algorithm.base_hash_algo,
2350 : spdm_context->connection_info.algorithm.base_asym_algo,
2351 : data, data_size,
2352 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2353 : #endif
2354 :
2355 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2356 1 : status = libspdm_challenge(
2357 : spdm_context, NULL, 0,
2358 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2359 : measurement_hash, NULL);
2360 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2361 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2362 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2363 : #endif
2364 1 : free(data);
2365 1 : }
2366 :
2367 : /**
2368 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2369 : * receiving a Busy ERROR message, and on retry, receiving a correct CHALLENGE_AUTH
2370 : * message to the challenge, with no opaque data and a signature on the sent nonce.
2371 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2372 : **/
2373 1 : static void req_challenge_case6(void **state)
2374 : {
2375 : libspdm_return_t status;
2376 : libspdm_test_context_t *spdm_test_context;
2377 : libspdm_context_t *spdm_context;
2378 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2379 : void *data;
2380 : size_t data_size;
2381 : void *hash;
2382 : size_t hash_size;
2383 :
2384 1 : spdm_test_context = *state;
2385 1 : spdm_context = spdm_test_context->spdm_context;
2386 1 : spdm_test_context->case_id = 0x6;
2387 1 : spdm_context->retry_times = 3;
2388 1 : spdm_context->connection_info.connection_state =
2389 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2390 1 : spdm_context->connection_info.capability.flags = 0;
2391 1 : spdm_context->connection_info.capability.flags |=
2392 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2393 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2394 : m_libspdm_use_asym_algo, &data,
2395 : &data_size, &hash, &hash_size)) {
2396 0 : assert(false);
2397 : }
2398 1 : libspdm_reset_message_a(spdm_context);
2399 1 : libspdm_reset_message_b(spdm_context);
2400 1 : libspdm_reset_message_c(spdm_context);
2401 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2402 : m_libspdm_use_hash_algo;
2403 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2404 : m_libspdm_use_asym_algo;
2405 :
2406 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2407 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2408 :
2409 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2410 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2411 : data_size;
2412 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2413 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2414 : data, data_size);
2415 : #else
2416 1 : libspdm_hash_all(
2417 : spdm_context->connection_info.algorithm.base_hash_algo,
2418 : data, data_size,
2419 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2420 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2421 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2422 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2423 : spdm_context->connection_info.algorithm.base_hash_algo,
2424 : spdm_context->connection_info.algorithm.base_asym_algo,
2425 : data, data_size,
2426 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2427 : #endif
2428 :
2429 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2430 1 : status = libspdm_challenge(
2431 : spdm_context, NULL, 0,
2432 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2433 : measurement_hash, NULL);
2434 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2435 1 : free(data);
2436 1 : }
2437 :
2438 : /**
2439 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2440 : * message indicating the RequestResynch status of the responder.
2441 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, the "C"
2442 : * transcript buffer is reset, and the communication is reset to expect a new
2443 : * GET_VERSION message.
2444 : **/
2445 1 : static void req_challenge_case7(void **state)
2446 : {
2447 : libspdm_return_t status;
2448 : libspdm_test_context_t *spdm_test_context;
2449 : libspdm_context_t *spdm_context;
2450 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2451 : void *data;
2452 : size_t data_size;
2453 : void *hash;
2454 : size_t hash_size;
2455 :
2456 1 : spdm_test_context = *state;
2457 1 : spdm_context = spdm_test_context->spdm_context;
2458 1 : spdm_test_context->case_id = 0x7;
2459 1 : spdm_context->connection_info.connection_state =
2460 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2461 1 : spdm_context->connection_info.capability.flags = 0;
2462 1 : spdm_context->connection_info.capability.flags |=
2463 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2464 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2465 : m_libspdm_use_asym_algo, &data,
2466 : &data_size, &hash, &hash_size)) {
2467 0 : assert(false);
2468 : }
2469 1 : libspdm_reset_message_a(spdm_context);
2470 1 : libspdm_reset_message_b(spdm_context);
2471 1 : libspdm_reset_message_c(spdm_context);
2472 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2473 : m_libspdm_use_hash_algo;
2474 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2475 : m_libspdm_use_asym_algo;
2476 :
2477 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2478 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2479 :
2480 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2481 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2482 : data_size;
2483 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2484 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2485 : data, data_size);
2486 : #else
2487 1 : libspdm_hash_all(
2488 : spdm_context->connection_info.algorithm.base_hash_algo,
2489 : data, data_size,
2490 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2491 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2492 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2493 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2494 : spdm_context->connection_info.algorithm.base_hash_algo,
2495 : spdm_context->connection_info.algorithm.base_asym_algo,
2496 : data, data_size,
2497 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2498 : #endif
2499 :
2500 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2501 1 : status = libspdm_challenge(
2502 : spdm_context, NULL, 0,
2503 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2504 : measurement_hash, NULL);
2505 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2506 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2507 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2508 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2509 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2510 : #endif
2511 1 : free(data);
2512 1 : }
2513 :
2514 : /**
2515 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2516 : * message indicating the ResponseNotReady status of the responder.
2517 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2518 : * buffer stores nothing.
2519 : **/
2520 1 : static void req_challenge_case8(void **state)
2521 : {
2522 : libspdm_return_t status;
2523 : libspdm_test_context_t *spdm_test_context;
2524 : libspdm_context_t *spdm_context;
2525 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2526 : void *data;
2527 : size_t data_size;
2528 : void *hash;
2529 : size_t hash_size;
2530 :
2531 1 : spdm_test_context = *state;
2532 1 : spdm_context = spdm_test_context->spdm_context;
2533 1 : spdm_test_context->case_id = 0x8;
2534 1 : spdm_context->connection_info.connection_state =
2535 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2536 1 : spdm_context->connection_info.capability.flags = 0;
2537 1 : spdm_context->connection_info.capability.flags |=
2538 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2539 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2540 : m_libspdm_use_asym_algo, &data,
2541 : &data_size, &hash, &hash_size)) {
2542 0 : assert(false);
2543 : }
2544 1 : libspdm_reset_message_a(spdm_context);
2545 1 : libspdm_reset_message_b(spdm_context);
2546 1 : libspdm_reset_message_c(spdm_context);
2547 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2548 : m_libspdm_use_hash_algo;
2549 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2550 : m_libspdm_use_asym_algo;
2551 :
2552 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2553 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2554 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2555 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2556 : data_size;
2557 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2558 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2559 : data, data_size);
2560 : #else
2561 1 : libspdm_hash_all(
2562 : spdm_context->connection_info.algorithm.base_hash_algo,
2563 : data, data_size,
2564 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2565 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2566 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2567 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2568 : spdm_context->connection_info.algorithm.base_hash_algo,
2569 : spdm_context->connection_info.algorithm.base_asym_algo,
2570 : data, data_size,
2571 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2572 : #endif
2573 :
2574 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2575 :
2576 1 : status = libspdm_challenge(
2577 : spdm_context, NULL, 0,
2578 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2579 : measurement_hash, NULL);
2580 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2581 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2582 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2583 : #endif
2584 1 : free(data);
2585 1 : }
2586 :
2587 : /**
2588 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2589 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2590 : * CHALLENGE_AUTH message to the challenge, with no opaque data and a signature
2591 : * on the sent nonce.
2592 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2593 : **/
2594 1 : static void req_challenge_case9(void **state)
2595 : {
2596 : libspdm_return_t status;
2597 : libspdm_test_context_t *spdm_test_context;
2598 : libspdm_context_t *spdm_context;
2599 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2600 : void *data;
2601 : size_t data_size;
2602 : void *hash;
2603 : size_t hash_size;
2604 :
2605 1 : spdm_test_context = *state;
2606 1 : spdm_context = spdm_test_context->spdm_context;
2607 1 : spdm_test_context->case_id = 0x9;
2608 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2609 1 : spdm_context->connection_info.capability.flags = 0;
2610 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2611 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2612 : m_libspdm_use_asym_algo, &data,
2613 : &data_size, &hash, &hash_size)) {
2614 0 : assert(false);
2615 : }
2616 1 : libspdm_reset_message_a(spdm_context);
2617 1 : libspdm_reset_message_b(spdm_context);
2618 1 : libspdm_reset_message_c(spdm_context);
2619 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2620 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2621 :
2622 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2623 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2624 :
2625 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2626 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2627 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2628 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2629 : data, data_size);
2630 : #else
2631 1 : libspdm_hash_all(
2632 : spdm_context->connection_info.algorithm.base_hash_algo,
2633 : data, data_size,
2634 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2635 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2636 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2637 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2638 : spdm_context->connection_info.algorithm.base_hash_algo,
2639 : spdm_context->connection_info.algorithm.base_asym_algo,
2640 : data, data_size,
2641 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2642 : #endif
2643 :
2644 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2645 1 : status = libspdm_challenge(
2646 : spdm_context, NULL, 0,
2647 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2648 : measurement_hash, NULL);
2649 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2650 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2651 : } else {
2652 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2653 : }
2654 1 : free(data);
2655 1 : }
2656 :
2657 : /**
2658 : * Test 10: the requester is not setup correctly to send a CHALLENGE message.
2659 : * Specifically, it has *not* received the capability for challenge, although it
2660 : * has received capability for executing both hash and signature algorithms.
2661 : * The remaining setup and message exchange were executed correctly (see Test 2).
2662 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2663 : * transcript buffer is not set.
2664 : **/
2665 1 : static void req_challenge_case10(void **state) {
2666 : libspdm_return_t status;
2667 : libspdm_test_context_t *spdm_test_context;
2668 : libspdm_context_t *spdm_context;
2669 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2670 : void *data;
2671 : size_t data_size;
2672 : void *hash;
2673 : size_t hash_size;
2674 :
2675 1 : spdm_test_context = *state;
2676 1 : spdm_context = spdm_test_context->spdm_context;
2677 1 : spdm_test_context->case_id = 0xA;
2678 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2679 1 : spdm_context->connection_info.capability.flags = 0;
2680 : /* spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;*/
2681 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2682 : m_libspdm_use_asym_algo,
2683 : &data, &data_size,
2684 : &hash, &hash_size);
2685 1 : libspdm_reset_message_a(spdm_context);
2686 1 : libspdm_reset_message_b(spdm_context);
2687 1 : libspdm_reset_message_c(spdm_context);
2688 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2689 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2690 :
2691 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2692 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2693 :
2694 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2695 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2696 : data_size;
2697 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2698 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2699 : data, data_size);
2700 : #else
2701 1 : libspdm_hash_all(
2702 : spdm_context->connection_info.algorithm.base_hash_algo,
2703 : data, data_size,
2704 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2705 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2706 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2707 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2708 : spdm_context->connection_info.algorithm.base_hash_algo,
2709 : spdm_context->connection_info.algorithm.base_asym_algo,
2710 : data, data_size,
2711 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2712 : #endif
2713 :
2714 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2715 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2716 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2717 : measurement_hash, NULL);
2718 1 : assert_int_equal (status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2719 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2720 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2721 : #endif
2722 1 : free(data);
2723 1 : }
2724 :
2725 : /**
2726 : * Test 11: the requester is setup correctly (see Test 2), but receives a malformed
2727 : * response message, smaller then a standard SPDM message header.
2728 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR,.
2729 : **/
2730 1 : static void req_challenge_case11(void **state) {
2731 : libspdm_return_t status;
2732 : libspdm_test_context_t *spdm_test_context;
2733 : libspdm_context_t *spdm_context;
2734 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2735 : void *data;
2736 : size_t data_size;
2737 : void *hash;
2738 : size_t hash_size;
2739 :
2740 1 : spdm_test_context = *state;
2741 1 : spdm_context = spdm_test_context->spdm_context;
2742 1 : spdm_test_context->case_id = 0xB;
2743 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2744 1 : spdm_context->connection_info.capability.flags = 0;
2745 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2746 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2747 : m_libspdm_use_asym_algo,
2748 : &data, &data_size,
2749 : &hash, &hash_size);
2750 1 : libspdm_reset_message_a(spdm_context);
2751 1 : libspdm_reset_message_b(spdm_context);
2752 1 : libspdm_reset_message_c(spdm_context);
2753 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2754 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2755 :
2756 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2757 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2758 :
2759 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2760 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2761 : data_size;
2762 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2763 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2764 : data, data_size);
2765 : #else
2766 1 : libspdm_hash_all(
2767 : spdm_context->connection_info.algorithm.base_hash_algo,
2768 : data, data_size,
2769 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2770 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2771 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2772 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2773 : spdm_context->connection_info.algorithm.base_hash_algo,
2774 : spdm_context->connection_info.algorithm.base_asym_algo,
2775 : data, data_size,
2776 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2777 : #endif
2778 :
2779 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2780 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2781 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2782 : measurement_hash, NULL);
2783 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2784 1 : free(data);
2785 1 : }
2786 :
2787 : /**
2788 : * Test 12: the requester is setup correctly (see Test 2), but receives a malformed
2789 : * response message, with version (1.0) different from the request (1.1).
2790 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2791 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2792 : **/
2793 1 : static void req_challenge_case12(void **state) {
2794 : libspdm_return_t status;
2795 : libspdm_test_context_t *spdm_test_context;
2796 : libspdm_context_t *spdm_context;
2797 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2798 : void *data;
2799 : size_t data_size;
2800 : void *hash;
2801 : size_t hash_size;
2802 :
2803 1 : spdm_test_context = *state;
2804 1 : spdm_context = spdm_test_context->spdm_context;
2805 1 : spdm_test_context->case_id = 0xC;
2806 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2807 1 : spdm_context->connection_info.capability.flags = 0;
2808 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2809 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2810 : m_libspdm_use_asym_algo,
2811 : &data, &data_size,
2812 : &hash, &hash_size);
2813 1 : libspdm_reset_message_a(spdm_context);
2814 1 : libspdm_reset_message_b(spdm_context);
2815 1 : libspdm_reset_message_c(spdm_context);
2816 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2817 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2818 :
2819 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2820 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2821 :
2822 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2823 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2824 : data_size;
2825 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2826 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2827 : data, data_size);
2828 : #else
2829 1 : libspdm_hash_all(
2830 : spdm_context->connection_info.algorithm.base_hash_algo,
2831 : data, data_size,
2832 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2833 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2834 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2835 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2836 : spdm_context->connection_info.algorithm.base_hash_algo,
2837 : spdm_context->connection_info.algorithm.base_asym_algo,
2838 : data, data_size,
2839 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2840 : #endif
2841 :
2842 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2843 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2844 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2845 : measurement_hash, NULL);
2846 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2847 1 : free(data);
2848 1 : }
2849 :
2850 : /**
2851 : * Test 13: the requester is setup correctly (see Test 2), but receives a malformed
2852 : * response message, with wrong request_response_code (CHALLENGE 0x83 instead of
2853 : * CHALLENGE_AUTH 0x03).
2854 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2855 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2856 : **/
2857 1 : static void req_challenge_case13(void **state) {
2858 : libspdm_return_t status;
2859 : libspdm_test_context_t *spdm_test_context;
2860 : libspdm_context_t *spdm_context;
2861 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2862 : void *data;
2863 : size_t data_size;
2864 : void *hash;
2865 : size_t hash_size;
2866 :
2867 1 : spdm_test_context = *state;
2868 1 : spdm_context = spdm_test_context->spdm_context;
2869 1 : spdm_test_context->case_id = 0xD;
2870 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2871 1 : spdm_context->connection_info.capability.flags = 0;
2872 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2873 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2874 : m_libspdm_use_asym_algo,
2875 : &data, &data_size,
2876 : &hash, &hash_size);
2877 1 : libspdm_reset_message_a(spdm_context);
2878 1 : libspdm_reset_message_b(spdm_context);
2879 1 : libspdm_reset_message_c(spdm_context);
2880 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2881 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2882 :
2883 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2884 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2885 :
2886 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2887 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2888 : data_size;
2889 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2890 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2891 : data, data_size);
2892 : #else
2893 1 : libspdm_hash_all(
2894 : spdm_context->connection_info.algorithm.base_hash_algo,
2895 : data, data_size,
2896 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2897 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2898 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2899 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2900 : spdm_context->connection_info.algorithm.base_hash_algo,
2901 : spdm_context->connection_info.algorithm.base_asym_algo,
2902 : data, data_size,
2903 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2904 : #endif
2905 :
2906 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2907 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2908 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2909 : measurement_hash, NULL);
2910 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2911 1 : free(data);
2912 1 : }
2913 :
2914 : /**
2915 : * Test 14: the requester is setup correctly (see Test 2), but receives a malformed
2916 : * response message, with a slot number different from the requested.
2917 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2918 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2919 : **/
2920 1 : static void req_challenge_case14(void **state) {
2921 : libspdm_return_t status;
2922 : libspdm_test_context_t *spdm_test_context;
2923 : libspdm_context_t *spdm_context;
2924 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2925 : void *data;
2926 : size_t data_size;
2927 : void *hash;
2928 : size_t hash_size;
2929 :
2930 1 : spdm_test_context = *state;
2931 1 : spdm_context = spdm_test_context->spdm_context;
2932 1 : spdm_test_context->case_id = 0xE;
2933 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2934 1 : spdm_context->connection_info.capability.flags = 0;
2935 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2936 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2937 : m_libspdm_use_asym_algo,
2938 : &data, &data_size,
2939 : &hash, &hash_size);
2940 1 : libspdm_reset_message_a(spdm_context);
2941 1 : libspdm_reset_message_b(spdm_context);
2942 1 : libspdm_reset_message_c(spdm_context);
2943 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2944 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2945 :
2946 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2947 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2948 :
2949 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2950 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2951 : data_size;
2952 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2953 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2954 : data, data_size);
2955 : #else
2956 1 : libspdm_hash_all(
2957 : spdm_context->connection_info.algorithm.base_hash_algo,
2958 : data, data_size,
2959 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2960 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2961 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2962 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2963 : spdm_context->connection_info.algorithm.base_hash_algo,
2964 : spdm_context->connection_info.algorithm.base_asym_algo,
2965 : data, data_size,
2966 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2967 : #endif
2968 :
2969 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2970 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2971 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2972 : measurement_hash, NULL);
2973 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2974 1 : free(data);
2975 1 : }
2976 :
2977 : /**
2978 : * Test 15: free to be populated by test.
2979 : **/
2980 1 : static void req_challenge_case15(void **state) {
2981 1 : }
2982 :
2983 : /**
2984 : * Test 16: the requester is setup correctly to send a CHALLENGE message:
2985 : * - it has flags indicating that the previous messages were sent
2986 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2987 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2988 : * signature algorithms, and the use of challenges.
2989 : * - it has the responder's certificate chain.
2990 : * The CHALLENGE message requests usage of the first certificate in the chain
2991 : * (param1=0) and do not request measurements (param2=0).
2992 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
2993 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
2994 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2995 : **/
2996 1 : static void req_challenge_case16(void **state) {
2997 : libspdm_return_t status;
2998 : libspdm_test_context_t *spdm_test_context;
2999 : libspdm_context_t *spdm_context;
3000 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3001 : void *data;
3002 : size_t data_size;
3003 : void *hash;
3004 : size_t hash_size;
3005 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3006 : size_t opaque_data_size;
3007 :
3008 1 : spdm_test_context = *state;
3009 1 : spdm_context = spdm_test_context->spdm_context;
3010 1 : spdm_test_context->case_id = 0x10;
3011 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3012 1 : spdm_context->connection_info.capability.flags = 0;
3013 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3014 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3015 : m_libspdm_use_asym_algo,
3016 : &data, &data_size,
3017 : &hash, &hash_size);
3018 1 : libspdm_reset_message_a(spdm_context);
3019 1 : libspdm_reset_message_b(spdm_context);
3020 1 : libspdm_reset_message_c(spdm_context);
3021 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3022 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3023 :
3024 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3025 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3026 :
3027 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3028 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3029 : data_size;
3030 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3031 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3032 : data, data_size);
3033 : #else
3034 1 : libspdm_hash_all(
3035 : spdm_context->connection_info.algorithm.base_hash_algo,
3036 : data, data_size,
3037 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3038 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3039 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3040 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3041 : spdm_context->connection_info.algorithm.base_hash_algo,
3042 : spdm_context->connection_info.algorithm.base_asym_algo,
3043 : data, data_size,
3044 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3045 : #endif
3046 :
3047 1 : opaque_data_size = sizeof(opaque_data);
3048 :
3049 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3050 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3051 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3052 : measurement_hash, NULL, NULL, NULL, NULL,
3053 : opaque_data, &opaque_data_size);
3054 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3055 1 : assert_int_equal(opaque_data_size, strlen("libspdm"));
3056 1 : assert_memory_equal(opaque_data, "libspdm", opaque_data_size);
3057 1 : free(data);
3058 1 : }
3059 :
3060 : /**
3061 : * Test 17: the requester is setup correctly to send a CHALLENGE message:
3062 : * - it has flags indicating that the previous messages were sent
3063 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3064 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3065 : * signature algorithms, and the use of challenges.
3066 : * - it has the responder's certificate chain.
3067 : * The CHALLENGE message requests usage of the first certificate in the chain
3068 : * (param1=0) and do not request measurements (param2=0).
3069 : * The received CHALLENGE_AUTH message correctly responds to the challenge,
3070 : * but with an invalid signature.
3071 : * Expected behavior: client returns a status of RETURN_SECURITY_VIOLATION.
3072 : **/
3073 1 : static void req_challenge_case17(void **state) {
3074 : libspdm_return_t status;
3075 : libspdm_test_context_t *spdm_test_context;
3076 : libspdm_context_t *spdm_context;
3077 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3078 : void *data;
3079 : size_t data_size;
3080 : void *hash;
3081 : size_t hash_size;
3082 :
3083 1 : spdm_test_context = *state;
3084 1 : spdm_context = spdm_test_context->spdm_context;
3085 1 : spdm_test_context->case_id = 0x11;
3086 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3087 1 : spdm_context->connection_info.capability.flags = 0;
3088 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3089 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3090 : m_libspdm_use_asym_algo,
3091 : &data, &data_size,
3092 : &hash, &hash_size);
3093 1 : libspdm_reset_message_a(spdm_context);
3094 1 : libspdm_reset_message_b(spdm_context);
3095 1 : libspdm_reset_message_c(spdm_context);
3096 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3097 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3098 :
3099 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3100 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3101 :
3102 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3103 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3104 : data_size;
3105 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3106 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3107 : data, data_size);
3108 : #else
3109 1 : libspdm_hash_all(
3110 : spdm_context->connection_info.algorithm.base_hash_algo,
3111 : data, data_size,
3112 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3113 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3114 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3115 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3116 : spdm_context->connection_info.algorithm.base_hash_algo,
3117 : spdm_context->connection_info.algorithm.base_asym_algo,
3118 : data, data_size,
3119 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3120 : #endif
3121 :
3122 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3123 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3124 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3125 : measurement_hash, NULL);
3126 1 : assert_int_equal (status, LIBSPDM_STATUS_VERIF_FAIL);
3127 1 : free(data);
3128 1 : }
3129 :
3130 : /**
3131 : * Test 18: the requester is setup correctly to send a CHALLENGE message:
3132 : * - it has flags indicating that the previous messages were sent
3133 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3134 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3135 : * signature algorithms, the use of challenges, and of measurements.
3136 : * - it has the responder's certificate chain.
3137 : * The CHALLENGE message requests usage of the first certificate in the chain
3138 : * (param1=0) and request TCB measurements (param2=1).
3139 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3140 : * no opaque data and a signature on the sent nonce.
3141 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3142 : **/
3143 1 : static void req_challenge_case18(void **state) {
3144 : libspdm_return_t status;
3145 : libspdm_test_context_t *spdm_test_context;
3146 : libspdm_context_t *spdm_context;
3147 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3148 : void *data;
3149 : size_t data_size;
3150 : void *hash;
3151 : size_t hash_size;
3152 :
3153 1 : spdm_test_context = *state;
3154 1 : spdm_context = spdm_test_context->spdm_context;
3155 1 : spdm_test_context->case_id = 0x12;
3156 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3157 1 : spdm_context->connection_info.capability.flags = 0;
3158 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3159 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3160 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3161 : m_libspdm_use_asym_algo,
3162 : &data, &data_size,
3163 : &hash, &hash_size);
3164 1 : libspdm_reset_message_a(spdm_context);
3165 1 : libspdm_reset_message_b(spdm_context);
3166 1 : libspdm_reset_message_c(spdm_context);
3167 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3168 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3169 :
3170 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3171 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3172 :
3173 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3174 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3175 : data_size;
3176 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3177 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3178 : data, data_size);
3179 : #else
3180 1 : libspdm_hash_all(
3181 : spdm_context->connection_info.algorithm.base_hash_algo,
3182 : data, data_size,
3183 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3184 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3185 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3186 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3187 : spdm_context->connection_info.algorithm.base_hash_algo,
3188 : spdm_context->connection_info.algorithm.base_asym_algo,
3189 : data, data_size,
3190 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3191 : #endif
3192 :
3193 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3194 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3195 : SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH,
3196 : measurement_hash, NULL);
3197 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3198 1 : }
3199 :
3200 : /**
3201 : * Test 19: the requester is setup correctly to send a CHALLENGE message:
3202 : * - it has flags indicating that the previous messages were sent
3203 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3204 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3205 : * signature algorithms, the use of challenges, and of measurements.
3206 : * - it has the responder's certificate chain.
3207 : * The CHALLENGE message requests usage of the first certificate in the chain
3208 : * (param1=0) and request TCB measurements (param2=1).
3209 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3210 : * no opaque data and a signature on the sent nonce.
3211 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3212 : **/
3213 1 : static void req_challenge_case19(void **state) {
3214 : libspdm_return_t status;
3215 : libspdm_test_context_t *spdm_test_context;
3216 : libspdm_context_t *spdm_context;
3217 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3218 : void *data;
3219 : size_t data_size;
3220 : void *hash;
3221 : size_t hash_size;
3222 :
3223 1 : spdm_test_context = *state;
3224 1 : spdm_context = spdm_test_context->spdm_context;
3225 1 : spdm_test_context->case_id = 0x13;
3226 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3227 1 : spdm_context->connection_info.capability.flags = 0;
3228 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3229 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3230 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3231 : m_libspdm_use_asym_algo,
3232 : &data, &data_size,
3233 : &hash, &hash_size);
3234 1 : libspdm_reset_message_a(spdm_context);
3235 1 : libspdm_reset_message_b(spdm_context);
3236 1 : libspdm_reset_message_c(spdm_context);
3237 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3238 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3239 :
3240 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3241 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3242 :
3243 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3244 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3245 : data_size;
3246 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3247 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3248 : data, data_size);
3249 : #else
3250 1 : libspdm_hash_all(
3251 : spdm_context->connection_info.algorithm.base_hash_algo,
3252 : data, data_size,
3253 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3254 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3255 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3256 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3257 : spdm_context->connection_info.algorithm.base_hash_algo,
3258 : spdm_context->connection_info.algorithm.base_asym_algo,
3259 : data, data_size,
3260 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3261 : #endif
3262 :
3263 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3264 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3265 : SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH,
3266 : measurement_hash, NULL);
3267 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3268 1 : }
3269 :
3270 : /**
3271 : * Test 20: receiving an unexpected ERROR message from the responder.
3272 : * There are tests for all named codes, including some reserved ones
3273 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
3274 : * However, for having specific test cases, it is excluded from this case:
3275 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
3276 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
3277 : **/
3278 1 : static void req_challenge_case20(void **state) {
3279 : libspdm_return_t status;
3280 : libspdm_test_context_t *spdm_test_context;
3281 : libspdm_context_t *spdm_context;
3282 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3283 : void *data;
3284 : size_t data_size;
3285 : void *hash;
3286 : size_t hash_size;
3287 : uint16_t error_code;
3288 :
3289 1 : spdm_test_context = *state;
3290 1 : spdm_context = spdm_test_context->spdm_context;
3291 1 : spdm_test_context->case_id = 0x14;
3292 1 : spdm_context->connection_info.capability.flags = 0;
3293 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3294 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3295 : m_libspdm_use_asym_algo,
3296 : &data, &data_size,
3297 : &hash, &hash_size);
3298 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3299 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3300 :
3301 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3302 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3303 :
3304 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3305 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3306 : data_size;
3307 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3308 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3309 : data, data_size);
3310 : #else
3311 1 : libspdm_hash_all(
3312 : spdm_context->connection_info.algorithm.base_hash_algo,
3313 : data, data_size,
3314 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3315 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3316 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3317 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3318 : spdm_context->connection_info.algorithm.base_hash_algo,
3319 : spdm_context->connection_info.algorithm.base_asym_algo,
3320 : data, data_size,
3321 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3322 : #endif
3323 :
3324 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
3325 19 : while(error_code <= 0xff) {
3326 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3327 18 : libspdm_reset_message_a(spdm_context);
3328 18 : libspdm_reset_message_b(spdm_context);
3329 18 : libspdm_reset_message_c(spdm_context);
3330 :
3331 18 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3332 18 : status = libspdm_challenge (spdm_context, NULL, 0,
3333 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3334 : measurement_hash, NULL);
3335 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
3336 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3337 : /* assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);*/
3338 : LIBSPDM_ASSERT_INT_EQUAL_CASE (spdm_context->transcript.message_c.buffer_size, 0,
3339 : error_code);
3340 : #endif
3341 :
3342 18 : error_code++;
3343 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
3344 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
3345 : }
3346 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
3347 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
3348 : }
3349 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
3350 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
3351 : }
3352 : }
3353 :
3354 1 : free(data);
3355 1 : }
3356 :
3357 : /**
3358 : * Test 21: test correct CHALLENGE_AUTH message with multiple slot numbers
3359 : * Expected behavior: success and slot_id is included in slot_mask.
3360 : **/
3361 1 : static void req_challenge_case21(void **state) {
3362 : libspdm_return_t status;
3363 : libspdm_test_context_t *spdm_test_context;
3364 : libspdm_context_t *spdm_context;
3365 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3366 : void *data;
3367 : size_t data_size;
3368 : void *hash;
3369 : size_t hash_size;
3370 : uint8_t slot_id;
3371 : uint8_t slot_mask;
3372 :
3373 1 : spdm_test_context = *state;
3374 1 : spdm_context = spdm_test_context->spdm_context;
3375 1 : spdm_test_context->case_id = 0x15;
3376 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3377 1 : spdm_context->connection_info.capability.flags = 0;
3378 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3379 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3380 : m_libspdm_use_asym_algo,
3381 : &data, &data_size,
3382 : &hash, &hash_size);
3383 1 : libspdm_reset_message_a(spdm_context);
3384 1 : libspdm_reset_message_b(spdm_context);
3385 1 : libspdm_reset_message_c(spdm_context);
3386 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3387 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3388 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3389 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3390 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3391 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3392 : data_size;
3393 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3394 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3395 : data, data_size);
3396 : #else
3397 1 : libspdm_hash_all(
3398 : spdm_context->connection_info.algorithm.base_hash_algo,
3399 : data, data_size,
3400 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3401 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3402 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3403 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3404 : spdm_context->connection_info.algorithm.base_hash_algo,
3405 : spdm_context->connection_info.algorithm.base_asym_algo,
3406 : data, data_size,
3407 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3408 : #endif
3409 :
3410 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3411 :
3412 1 : slot_id = 0;
3413 1 : status = libspdm_challenge (spdm_context, NULL, slot_id,
3414 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3415 : measurement_hash, &slot_mask);
3416 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3417 1 : assert_int_equal(1<<slot_id, slot_mask & (1<<slot_id));
3418 1 : free(data);
3419 1 : }
3420 :
3421 : /**
3422 : * Test 22: a request message is successfully sent and a response message is successfully received.
3423 : * Buffer C already has arbitrary data.
3424 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a CHALLENGE_AUTH message is
3425 : * received, buffer C appends the exchanged CHALLENGE and CHALLENGE_AUTH messages.
3426 : **/
3427 1 : static void req_challenge_case22(void **state)
3428 : {
3429 : libspdm_return_t status;
3430 : libspdm_test_context_t *spdm_test_context;
3431 : libspdm_context_t *spdm_context;
3432 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3433 : void *data;
3434 : size_t data_size;
3435 : void *hash;
3436 : size_t hash_size;
3437 :
3438 1 : spdm_test_context = *state;
3439 1 : spdm_context = spdm_test_context->spdm_context;
3440 1 : spdm_test_context->case_id = 0x16;
3441 1 : spdm_context->connection_info.connection_state =
3442 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3443 1 : spdm_context->connection_info.capability.flags = 0;
3444 1 : spdm_context->connection_info.capability.flags |=
3445 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3446 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3447 : m_libspdm_use_asym_algo, &data,
3448 : &data_size, &hash, &hash_size)) {
3449 0 : assert(false);
3450 : }
3451 1 : libspdm_reset_message_a(spdm_context);
3452 1 : libspdm_reset_message_b(spdm_context);
3453 1 : libspdm_reset_message_c(spdm_context);
3454 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3455 : m_libspdm_use_hash_algo;
3456 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3457 : m_libspdm_use_asym_algo;
3458 :
3459 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3460 : /*filling all buffers with arbitrary data*/
3461 : libspdm_set_mem(spdm_context->transcript.message_a.buffer, 10, (uint8_t) 0xFF);
3462 : spdm_context->transcript.message_a.buffer_size = 10;
3463 : libspdm_set_mem(spdm_context->transcript.message_b.buffer, 8, (uint8_t) 0xEE);
3464 : spdm_context->transcript.message_b.buffer_size = 8;
3465 : libspdm_set_mem(spdm_context->transcript.message_c.buffer, 12, (uint8_t) 0xDD);
3466 : spdm_context->transcript.message_c.buffer_size = 12;
3467 : #endif
3468 :
3469 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3470 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3471 :
3472 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3473 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3474 : data_size;
3475 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3476 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3477 : data, data_size);
3478 : #else
3479 1 : libspdm_hash_all(
3480 : spdm_context->connection_info.algorithm.base_hash_algo,
3481 : data, data_size,
3482 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3483 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3484 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3485 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3486 : spdm_context->connection_info.algorithm.base_hash_algo,
3487 : spdm_context->connection_info.algorithm.base_asym_algo,
3488 : data, data_size,
3489 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3490 : #endif
3491 :
3492 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3493 1 : status = libspdm_challenge(
3494 : spdm_context, NULL, 0,
3495 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3496 : measurement_hash, NULL);
3497 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3498 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3499 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3500 : m_libspdm_local_buffer_size));
3501 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3502 : #endif
3503 1 : free(data);
3504 1 : }
3505 :
3506 : /**
3507 : * Test 23: GetCert (Slot 0), GetCert (Slot 1), then Challenge (Slot 0), (Slot1):
3508 : * - it has flags indicating that the previous messages were sent
3509 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3510 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3511 : * signature algorithms, and the use of challenges.
3512 : * - it has the responder's certificate chain.
3513 : * The CHALLENGE message requests usage of the first certificate in the chain
3514 : * (param1=0) and do not request measurements (param2=0).
3515 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3516 : * no opaque data and a signature on the sent nonce.
3517 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3518 : **/
3519 1 : static void req_challenge_case23(void **state)
3520 : {
3521 : libspdm_return_t status;
3522 : libspdm_test_context_t *spdm_test_context;
3523 : libspdm_context_t *spdm_context;
3524 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3525 : void *data;
3526 : void *data1;
3527 : size_t data_size;
3528 : size_t data1_size;
3529 : void *hash;
3530 : void *hash1;
3531 : size_t hash_size;
3532 : size_t hash1_size;
3533 : uint8_t slot_id;
3534 :
3535 1 : spdm_test_context = *state;
3536 1 : spdm_context = spdm_test_context->spdm_context;
3537 1 : spdm_test_context->case_id = 0x17;
3538 1 : spdm_context->connection_info.connection_state =
3539 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3540 1 : spdm_context->connection_info.capability.flags = 0;
3541 1 : spdm_context->connection_info.capability.flags |=
3542 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3543 :
3544 1 : libspdm_reset_message_a(spdm_context);
3545 1 : libspdm_reset_message_b(spdm_context);
3546 1 : libspdm_reset_message_c(spdm_context);
3547 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3548 : m_libspdm_use_hash_algo;
3549 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3550 : m_libspdm_use_asym_algo;
3551 :
3552 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3553 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3554 :
3555 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3556 : m_libspdm_use_asym_algo, &data,
3557 : &data_size, &hash, &hash_size)) {
3558 0 : assert(false);
3559 : }
3560 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3561 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3562 : data_size;
3563 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3564 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3565 : data, data_size);
3566 : #else
3567 1 : libspdm_hash_all(
3568 : spdm_context->connection_info.algorithm.base_hash_algo,
3569 : data, data_size,
3570 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3571 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3572 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3573 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3574 : spdm_context->connection_info.algorithm.base_hash_algo,
3575 : spdm_context->connection_info.algorithm.base_asym_algo,
3576 : data, data_size,
3577 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3578 : #endif
3579 :
3580 1 : libspdm_read_responder_public_certificate_chain_per_slot(
3581 : 1,
3582 : m_libspdm_use_hash_algo,
3583 : m_libspdm_use_asym_algo, &data1,
3584 : &data1_size, &hash1, &hash1_size);
3585 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3586 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size =
3587 : data1_size;
3588 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
3589 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
3590 : data1, data1_size);
3591 : #else
3592 1 : libspdm_hash_all(
3593 : spdm_context->connection_info.algorithm.base_hash_algo,
3594 : data1, data1_size,
3595 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
3596 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
3597 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3598 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3599 : spdm_context->connection_info.algorithm.base_hash_algo,
3600 : spdm_context->connection_info.algorithm.base_asym_algo,
3601 : data1, data1_size,
3602 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
3603 : #endif
3604 :
3605 3 : for (slot_id = 0; slot_id < 2; slot_id++) {
3606 2 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3607 2 : status = libspdm_challenge(
3608 : spdm_context, NULL, slot_id,
3609 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3610 : measurement_hash, NULL);
3611 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3612 : }
3613 1 : free(data);
3614 1 : free(data1);
3615 1 : }
3616 :
3617 : /**
3618 : * Test 24: Challenge using provisioned public key (slot_id 0xFF)
3619 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3620 : **/
3621 1 : static void req_challenge_case24(void **state)
3622 : {
3623 : libspdm_return_t status;
3624 : libspdm_test_context_t *spdm_test_context;
3625 : libspdm_context_t *spdm_context;
3626 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3627 : void *data;
3628 : size_t data_size;
3629 :
3630 1 : spdm_test_context = *state;
3631 1 : spdm_context = spdm_test_context->spdm_context;
3632 1 : spdm_test_context->case_id = 0x18;
3633 1 : spdm_context->connection_info.connection_state =
3634 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3635 1 : spdm_context->connection_info.capability.flags = 0;
3636 1 : spdm_context->connection_info.capability.flags |=
3637 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3638 1 : spdm_context->connection_info.capability.flags |=
3639 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3640 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3641 1 : spdm_context->local_context.peer_public_key_provision = data;
3642 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3643 :
3644 1 : libspdm_reset_message_a(spdm_context);
3645 1 : libspdm_reset_message_b(spdm_context);
3646 1 : libspdm_reset_message_c(spdm_context);
3647 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3648 : m_libspdm_use_hash_algo;
3649 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3650 : m_libspdm_use_asym_algo;
3651 :
3652 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3653 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3654 :
3655 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3656 1 : status = libspdm_challenge(
3657 : spdm_context, NULL, 0xFF,
3658 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3659 : measurement_hash, NULL);
3660 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3661 1 : free(data);
3662 1 : }
3663 :
3664 : /**
3665 : * Test 25: Error case, CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed.
3666 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code.
3667 : **/
3668 1 : static void req_challenge_case25(void **state) {
3669 : libspdm_return_t status;
3670 : libspdm_test_context_t *spdm_test_context;
3671 : libspdm_context_t *spdm_context;
3672 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3673 : void *data;
3674 : size_t data_size;
3675 : void *hash;
3676 : size_t hash_size;
3677 :
3678 1 : spdm_test_context = *state;
3679 1 : spdm_context = spdm_test_context->spdm_context;
3680 1 : spdm_test_context->case_id = 0x19;
3681 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3682 1 : spdm_context->connection_info.capability.flags = 0;
3683 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3684 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3685 : m_libspdm_use_asym_algo,
3686 : &data, &data_size,
3687 : &hash, &hash_size);
3688 1 : libspdm_reset_message_a(spdm_context);
3689 1 : libspdm_reset_message_b(spdm_context);
3690 1 : libspdm_reset_message_c(spdm_context);
3691 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3692 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3693 :
3694 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3695 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3696 :
3697 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3698 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3699 : data_size;
3700 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3701 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3702 : data, data_size);
3703 : #else
3704 1 : libspdm_hash_all(
3705 : spdm_context->connection_info.algorithm.base_hash_algo,
3706 : data, data_size,
3707 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3708 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3709 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3710 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3711 : spdm_context->connection_info.algorithm.base_hash_algo,
3712 : spdm_context->connection_info.algorithm.base_asym_algo,
3713 : data, data_size,
3714 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3715 : #endif
3716 :
3717 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3718 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3719 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3720 : measurement_hash, NULL);
3721 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3722 1 : free(data);
3723 1 : }
3724 :
3725 : /**
3726 : * Test 26: the requester is setup correctly to send a CHALLENGE message:
3727 : * - it has flags indicating that the previous messages were sent
3728 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3729 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3730 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3731 : **/
3732 1 : static void req_challenge_case26(void **state) {
3733 : libspdm_return_t status;
3734 : libspdm_test_context_t *spdm_test_context;
3735 : libspdm_context_t *spdm_context;
3736 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3737 : void *data;
3738 : size_t data_size;
3739 : void *hash;
3740 : size_t hash_size;
3741 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3742 : size_t opaque_data_size;
3743 :
3744 1 : spdm_test_context = *state;
3745 1 : spdm_context = spdm_test_context->spdm_context;
3746 1 : spdm_test_context->case_id = 0x1A;
3747 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3748 1 : spdm_context->connection_info.capability.flags = 0;
3749 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3750 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3751 : m_libspdm_use_asym_algo,
3752 : &data, &data_size,
3753 : &hash, &hash_size);
3754 1 : libspdm_reset_message_a(spdm_context);
3755 1 : libspdm_reset_message_b(spdm_context);
3756 1 : libspdm_reset_message_c(spdm_context);
3757 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3758 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3759 :
3760 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
3761 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3762 :
3763 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3764 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3765 : data_size;
3766 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3767 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3768 : data, data_size);
3769 : #else
3770 1 : libspdm_hash_all(
3771 : spdm_context->connection_info.algorithm.base_hash_algo,
3772 : data, data_size,
3773 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3774 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3775 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3776 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3777 : spdm_context->connection_info.algorithm.base_hash_algo,
3778 : spdm_context->connection_info.algorithm.base_asym_algo,
3779 : data, data_size,
3780 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3781 : #endif
3782 1 : spdm_context->connection_info.algorithm.other_params_support =
3783 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
3784 1 : opaque_data_size = sizeof(opaque_data);
3785 :
3786 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3787 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3788 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3789 : measurement_hash, NULL, NULL, NULL, NULL,
3790 : opaque_data, &opaque_data_size);
3791 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3792 1 : assert_int_equal(opaque_data_size, m_libspdm_opaque_data_size);
3793 1 : assert_memory_equal(opaque_data, m_libspdm_opaque_data, opaque_data_size);
3794 1 : free(data);
3795 1 : }
3796 :
3797 : /**
3798 : * Test 27: Successful case , With the correct challenge context field
3799 : * Expected Behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3800 : **/
3801 1 : static void req_challenge_case27(void **state)
3802 : {
3803 : libspdm_return_t status;
3804 : libspdm_test_context_t *spdm_test_context;
3805 : libspdm_context_t *spdm_context;
3806 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3807 : void *data;
3808 : size_t data_size;
3809 : void *hash;
3810 : size_t hash_size;
3811 :
3812 1 : spdm_test_context = *state;
3813 1 : spdm_context = spdm_test_context->spdm_context;
3814 1 : spdm_test_context->case_id = 0x1B;
3815 1 : spdm_context->connection_info.connection_state =
3816 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3817 1 : spdm_context->connection_info.capability.flags = 0;
3818 1 : spdm_context->connection_info.capability.flags |=
3819 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3820 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3821 : m_libspdm_use_asym_algo, &data,
3822 : &data_size, &hash, &hash_size)) {
3823 0 : assert(false);
3824 : }
3825 1 : libspdm_reset_message_a(spdm_context);
3826 1 : libspdm_reset_message_b(spdm_context);
3827 1 : libspdm_reset_message_c(spdm_context);
3828 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3829 : m_libspdm_use_hash_algo;
3830 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3831 : m_libspdm_use_asym_algo;
3832 :
3833 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3834 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3835 :
3836 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3837 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3838 : data_size;
3839 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3840 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3841 : data, data_size);
3842 : #else
3843 1 : libspdm_hash_all(
3844 : spdm_context->connection_info.algorithm.base_hash_algo,
3845 : data, data_size,
3846 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3847 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3848 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3849 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3850 : spdm_context->connection_info.algorithm.base_hash_algo,
3851 : spdm_context->connection_info.algorithm.base_asym_algo,
3852 : data, data_size,
3853 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3854 : #endif
3855 :
3856 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3857 :
3858 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3859 :
3860 1 : status = libspdm_challenge_ex2(
3861 : spdm_context, NULL, 0, m_requester_context,
3862 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3863 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3864 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3865 :
3866 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3867 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
3868 : #else
3869 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
3870 : #endif
3871 1 : free(data);
3872 1 : }
3873 :
3874 : /**
3875 : * Test 28: Error case , challenge context fields are inconsistent
3876 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
3877 : **/
3878 1 : static void req_challenge_case28(void **state)
3879 : {
3880 : libspdm_return_t status;
3881 : libspdm_test_context_t *spdm_test_context;
3882 : libspdm_context_t *spdm_context;
3883 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3884 : void *data;
3885 : size_t data_size;
3886 : void *hash;
3887 : size_t hash_size;
3888 :
3889 1 : spdm_test_context = *state;
3890 1 : spdm_context = spdm_test_context->spdm_context;
3891 1 : spdm_test_context->case_id = 0x1C;
3892 1 : spdm_context->connection_info.connection_state =
3893 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3894 1 : spdm_context->connection_info.capability.flags = 0;
3895 1 : spdm_context->connection_info.capability.flags |=
3896 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3897 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3898 : m_libspdm_use_asym_algo, &data,
3899 : &data_size, &hash, &hash_size)) {
3900 0 : assert(false);
3901 : }
3902 1 : libspdm_reset_message_a(spdm_context);
3903 1 : libspdm_reset_message_b(spdm_context);
3904 1 : libspdm_reset_message_c(spdm_context);
3905 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3906 : m_libspdm_use_hash_algo;
3907 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3908 : m_libspdm_use_asym_algo;
3909 :
3910 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3911 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3912 :
3913 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3914 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3915 : data_size;
3916 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3917 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3918 : data, data_size);
3919 : #else
3920 1 : libspdm_hash_all(
3921 : spdm_context->connection_info.algorithm.base_hash_algo,
3922 : data, data_size,
3923 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3924 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3925 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3926 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3927 : spdm_context->connection_info.algorithm.base_hash_algo,
3928 : spdm_context->connection_info.algorithm.base_asym_algo,
3929 : data, data_size,
3930 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3931 : #endif
3932 :
3933 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3934 :
3935 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3936 :
3937 1 : status = libspdm_challenge_ex2(
3938 : spdm_context, NULL, 0, m_requester_context,
3939 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3940 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3941 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3942 :
3943 1 : free(data);
3944 1 : }
3945 :
3946 1 : int libspdm_req_challenge_test(void)
3947 : {
3948 1 : const struct CMUnitTest test_cases[] = {
3949 : /* SendRequest failed*/
3950 : cmocka_unit_test(req_challenge_case1),
3951 : /* Successful response*/
3952 : cmocka_unit_test(req_challenge_case2),
3953 : /* connection_state check failed*/
3954 : cmocka_unit_test(req_challenge_case3),
3955 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3956 : cmocka_unit_test(req_challenge_case4),
3957 : /* Always SPDM_ERROR_CODE_BUSY*/
3958 : cmocka_unit_test(req_challenge_case5),
3959 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3960 : cmocka_unit_test(req_challenge_case6),
3961 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3962 : cmocka_unit_test(req_challenge_case7),
3963 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3964 : cmocka_unit_test(req_challenge_case8),
3965 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3966 : cmocka_unit_test(req_challenge_case9),
3967 : /* SpdmCmdReceiveState check failed*/
3968 : cmocka_unit_test(req_challenge_case10),
3969 : /* Successful response + device error*/
3970 : cmocka_unit_test(req_challenge_case11),
3971 : cmocka_unit_test(req_challenge_case12),
3972 : cmocka_unit_test(req_challenge_case13),
3973 : cmocka_unit_test(req_challenge_case14),
3974 : /* Invalid parameter*/
3975 : cmocka_unit_test(req_challenge_case15),
3976 : /* Successful response*/
3977 : cmocka_unit_test(req_challenge_case16),
3978 : /* Signature check failed*/
3979 : cmocka_unit_test(req_challenge_case17),
3980 : /* Successful response*/
3981 : cmocka_unit_test(req_challenge_case18),
3982 : cmocka_unit_test(req_challenge_case19),
3983 : /* Unexpected errors*/
3984 : cmocka_unit_test(req_challenge_case20),
3985 : cmocka_unit_test(req_challenge_case21),
3986 : /* Buffer verification*/
3987 : cmocka_unit_test(req_challenge_case22),
3988 : /* Challeng differenr slot with GetCert*/
3989 : cmocka_unit_test(req_challenge_case23),
3990 : /* Challeng using provisioned public key (slot_id 0xFF) */
3991 : cmocka_unit_test(req_challenge_case24),
3992 : /* opaque_length greater than the maximum allowed */
3993 : cmocka_unit_test(req_challenge_case25),
3994 : /* the OpaqueDataFmt1 bit is selected in OtherParamsSelection of ALGORITHMS*/
3995 : cmocka_unit_test(req_challenge_case26),
3996 : /* Successful response, With the correct challenge context field*/
3997 : cmocka_unit_test(req_challenge_case27),
3998 : /* Error response: challenge context fields are inconsistent*/
3999 : cmocka_unit_test(req_challenge_case28),
4000 : };
4001 :
4002 1 : libspdm_test_context_t test_context = {
4003 : LIBSPDM_TEST_CONTEXT_VERSION,
4004 : true,
4005 : send_message,
4006 : receive_message,
4007 : };
4008 :
4009 1 : libspdm_setup_test_context(&test_context);
4010 :
4011 1 : return cmocka_run_group_tests(test_cases,
4012 : libspdm_unit_test_group_setup,
4013 : libspdm_unit_test_group_teardown);
4014 : }
4015 :
4016 : #endif /* LIBSPDM_SEND_CHALLENGE_SUPPORT */
|
