Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if LIBSPDM_SEND_CHALLENGE_SUPPORT
11 :
12 : static size_t m_libspdm_local_buffer_size;
13 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_M1M2_BUFFER_SIZE];
14 :
15 : static size_t m_libspdm_opaque_data_size;
16 : static uint8_t m_libspdm_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
17 :
18 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
19 :
20 46 : static libspdm_return_t send_message(
21 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
22 : {
23 : libspdm_test_context_t *spdm_test_context;
24 : const uint8_t *ptr;
25 :
26 46 : spdm_test_context = libspdm_get_test_context();
27 46 : ptr = (const uint8_t *)request;
28 46 : switch (spdm_test_context->case_id) {
29 1 : case 0x1:
30 1 : return LIBSPDM_STATUS_SEND_FAIL;
31 1 : case 0x2:
32 1 : m_libspdm_local_buffer_size = 0;
33 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
34 : request_size - 1);
35 1 : m_libspdm_local_buffer_size += (request_size - 1);
36 1 : return LIBSPDM_STATUS_SUCCESS;
37 0 : case 0x3:
38 0 : m_libspdm_local_buffer_size = 0;
39 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
40 : request_size - 1);
41 0 : m_libspdm_local_buffer_size += (request_size - 1);
42 0 : return LIBSPDM_STATUS_SUCCESS;
43 1 : case 0x4:
44 1 : m_libspdm_local_buffer_size = 0;
45 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
46 : request_size - 1);
47 1 : m_libspdm_local_buffer_size += (request_size - 1);
48 1 : return LIBSPDM_STATUS_SUCCESS;
49 1 : case 0x5:
50 1 : m_libspdm_local_buffer_size = 0;
51 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
52 : request_size - 1);
53 1 : m_libspdm_local_buffer_size += (request_size - 1);
54 1 : return LIBSPDM_STATUS_SUCCESS;
55 2 : case 0x6:
56 2 : m_libspdm_local_buffer_size = 0;
57 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
58 : request_size - 1);
59 2 : m_libspdm_local_buffer_size += (request_size - 1);
60 2 : return LIBSPDM_STATUS_SUCCESS;
61 1 : case 0x7:
62 1 : m_libspdm_local_buffer_size = 0;
63 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
64 : request_size - 1);
65 1 : m_libspdm_local_buffer_size += (request_size - 1);
66 1 : return LIBSPDM_STATUS_SUCCESS;
67 2 : case 0x8:
68 2 : m_libspdm_local_buffer_size = 0;
69 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
70 : request_size - 1);
71 2 : m_libspdm_local_buffer_size += (request_size - 1);
72 2 : return LIBSPDM_STATUS_SUCCESS;
73 2 : case 0x9: {
74 : static size_t sub_index = 0;
75 2 : if (sub_index == 0) {
76 1 : m_libspdm_local_buffer_size = 0;
77 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
78 : request_size - 1);
79 1 : m_libspdm_local_buffer_size += (request_size - 1);
80 1 : sub_index++;
81 : }
82 : }
83 2 : return LIBSPDM_STATUS_SUCCESS;
84 27 : case 0xA:
85 : case 0xB:
86 : case 0xC:
87 : case 0xD:
88 : case 0xE:
89 : case 0xF:
90 : case 0x10:
91 : case 0x11:
92 : case 0x12:
93 : case 0x13:
94 : case 0x14:
95 : case 0x15:
96 27 : m_libspdm_local_buffer_size = 0;
97 27 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
98 : request_size - 1);
99 27 : m_libspdm_local_buffer_size += (request_size - 1);
100 27 : return LIBSPDM_STATUS_SUCCESS;
101 1 : case 0x16: {
102 : /* arbitrary data must be inserted in the message buffer for computing
103 : * the response hash */
104 1 : m_libspdm_local_buffer_size = 0;
105 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
106 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 10, (uint8_t) 0xFF);
107 : m_libspdm_local_buffer_size += 10;
108 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 8, (uint8_t) 0xEE);
109 : m_libspdm_local_buffer_size += 8;
110 : libspdm_set_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], 12, (uint8_t) 0xDD);
111 : m_libspdm_local_buffer_size += 12;
112 : #endif
113 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
114 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
115 1 : &ptr[1], request_size - 1);
116 1 : m_libspdm_local_buffer_size += (request_size - 1);
117 : }
118 1 : return LIBSPDM_STATUS_SUCCESS;
119 2 : case 0x17:
120 2 : m_libspdm_local_buffer_size = 0;
121 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
122 : request_size - 1);
123 2 : m_libspdm_local_buffer_size += (request_size - 1);
124 2 : return LIBSPDM_STATUS_SUCCESS;
125 3 : case 0x18:
126 : case 0x19:
127 : case 0x1A:
128 3 : m_libspdm_local_buffer_size = 0;
129 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 3 : m_libspdm_local_buffer_size += (request_size - 1);
132 3 : return LIBSPDM_STATUS_SUCCESS;
133 2 : case 0x1B:
134 : case 0x1C:
135 2 : m_libspdm_local_buffer_size = 0;
136 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
137 : request_size - 1);
138 2 : m_libspdm_local_buffer_size += (request_size - 1);
139 2 : return LIBSPDM_STATUS_SUCCESS;
140 0 : default:
141 0 : return LIBSPDM_STATUS_SEND_FAIL;
142 : }
143 : }
144 :
145 45 : static libspdm_return_t receive_message(
146 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
147 : {
148 : libspdm_test_context_t *spdm_test_context;
149 :
150 45 : spdm_test_context = libspdm_get_test_context();
151 45 : switch (spdm_test_context->case_id) {
152 0 : case 0x1:
153 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
154 :
155 1 : case 0x2: { /*correct CHALLENGE_AUTH message*/
156 : spdm_challenge_auth_response_t *spdm_response;
157 : void *data;
158 : size_t data_size;
159 : uint8_t *ptr;
160 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
161 : size_t sig_size;
162 : size_t spdm_response_size;
163 : size_t transport_header_size;
164 :
165 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
166 : m_libspdm_use_asym_algo, &data,
167 : &data_size, NULL, NULL)) {
168 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
169 : }
170 : ((libspdm_context_t *)spdm_context)
171 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
172 : ((libspdm_context_t *)spdm_context)
173 1 : ->local_context.local_cert_chain_provision[0] = data;
174 : ((libspdm_context_t *)spdm_context)
175 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
176 : ((libspdm_context_t *)spdm_context)
177 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
178 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
179 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
180 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
181 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
182 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
183 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
184 :
185 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
186 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
187 1 : spdm_response->header.param1 = 0;
188 1 : spdm_response->header.param2 = (1 << 0);
189 1 : ptr = (void *)(spdm_response + 1);
190 1 : libspdm_hash_all(
191 : m_libspdm_use_hash_algo,
192 : ((libspdm_context_t *)spdm_context)
193 : ->local_context.local_cert_chain_provision[0],
194 : ((libspdm_context_t *)spdm_context)
195 : ->local_context
196 : .local_cert_chain_provision_size[0],
197 : ptr);
198 1 : free(data);
199 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
200 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
201 1 : ptr += SPDM_NONCE_SIZE;
202 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
203 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
204 1 : libspdm_write_uint16(ptr, 0);
205 1 : ptr += sizeof(uint16_t);
206 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
207 : sizeof(m_libspdm_local_buffer) -
208 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
209 : m_libspdm_local_buffer),
210 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
211 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
212 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
213 : m_libspdm_local_buffer_size));
214 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
215 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
216 : m_libspdm_local_buffer_size, hash_data);
217 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
218 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
219 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
220 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
221 1 : libspdm_responder_data_sign(
222 : spdm_context,
223 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
224 : 0, SPDM_CHALLENGE_AUTH,
225 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
226 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
227 : ptr, &sig_size);
228 1 : ptr += sig_size;
229 :
230 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
231 : false, spdm_response_size,
232 : spdm_response, response_size,
233 : response);
234 : }
235 1 : return LIBSPDM_STATUS_SUCCESS;
236 :
237 0 : case 0x3: { /*correct CHALLENGE_AUTH message*/
238 : spdm_challenge_auth_response_t *spdm_response;
239 : void *data;
240 : size_t data_size;
241 : uint8_t *ptr;
242 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
243 : size_t sig_size;
244 : size_t spdm_response_size;
245 : size_t transport_header_size;
246 :
247 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
248 : m_libspdm_use_asym_algo, &data,
249 : &data_size, NULL, NULL)) {
250 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
251 : }
252 : ((libspdm_context_t *)spdm_context)
253 0 : ->local_context.local_cert_chain_provision_size[0] = data_size;
254 : ((libspdm_context_t *)spdm_context)
255 0 : ->local_context.local_cert_chain_provision[0] = data;
256 : ((libspdm_context_t *)spdm_context)
257 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
258 : ((libspdm_context_t *)spdm_context)
259 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
260 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
261 0 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
262 0 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
263 0 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
264 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
265 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
266 :
267 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
268 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
269 0 : spdm_response->header.param1 = 0;
270 0 : spdm_response->header.param2 = (1 << 0);
271 0 : ptr = (void *)(spdm_response + 1);
272 0 : libspdm_hash_all(
273 : m_libspdm_use_hash_algo,
274 : ((libspdm_context_t *)spdm_context)
275 : ->local_context.local_cert_chain_provision[0],
276 : ((libspdm_context_t *)spdm_context)
277 : ->local_context
278 : .local_cert_chain_provision_size[0],
279 : ptr);
280 0 : free(data);
281 0 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
282 0 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
283 0 : ptr += SPDM_NONCE_SIZE;
284 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
285 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
286 0 : libspdm_write_uint16(ptr, 0);
287 0 : ptr += sizeof(uint16_t);
288 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
289 : sizeof(m_libspdm_local_buffer) -
290 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
291 : m_libspdm_local_buffer),
292 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
293 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
294 0 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
295 : m_libspdm_local_buffer_size, hash_data);
296 0 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
297 0 : libspdm_responder_data_sign(
298 : spdm_context,
299 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
300 : 0, SPDM_CHALLENGE_AUTH,
301 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
302 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
303 : ptr, &sig_size);
304 0 : ptr += sig_size;
305 :
306 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
307 : false, spdm_response_size,
308 : spdm_response, response_size,
309 : response);
310 : }
311 0 : return LIBSPDM_STATUS_SUCCESS;
312 :
313 1 : case 0x4: { /*correct ERROR message (invalid request)*/
314 : spdm_error_response_t *spdm_response;
315 : size_t spdm_response_size;
316 : size_t transport_header_size;
317 :
318 1 : spdm_response_size = sizeof(spdm_error_response_t);
319 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
320 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
321 :
322 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
323 1 : spdm_response->header.request_response_code = SPDM_ERROR;
324 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
325 1 : spdm_response->header.param2 = 0;
326 :
327 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
328 : false, spdm_response_size,
329 : spdm_response,
330 : response_size, response);
331 : }
332 1 : return LIBSPDM_STATUS_SUCCESS;
333 :
334 1 : case 0x5: { /*correct ERROR message (busy)*/
335 : spdm_error_response_t *spdm_response;
336 : size_t spdm_response_size;
337 : size_t transport_header_size;
338 :
339 1 : spdm_response_size = sizeof(spdm_error_response_t);
340 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
341 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
342 :
343 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
344 1 : spdm_response->header.request_response_code = SPDM_ERROR;
345 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
346 1 : spdm_response->header.param2 = 0;
347 :
348 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
349 : false, spdm_response_size,
350 : spdm_response,
351 : response_size, response);
352 : }
353 1 : return LIBSPDM_STATUS_SUCCESS;
354 :
355 2 : case 0x6: { /*correct ERROR message (busy) + correct CHALLENGE_AUTH message*/
356 : static size_t sub_index1 = 0;
357 2 : if (sub_index1 == 0) {
358 : spdm_error_response_t *spdm_response;
359 : size_t spdm_response_size;
360 : size_t transport_header_size;
361 :
362 1 : spdm_response_size = sizeof(spdm_error_response_t);
363 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
364 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
365 :
366 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
367 1 : spdm_response->header.request_response_code = SPDM_ERROR;
368 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
369 1 : spdm_response->header.param2 = 0;
370 :
371 1 : libspdm_transport_test_encode_message(
372 : spdm_context, NULL, false, false,
373 : spdm_response_size, spdm_response,
374 : response_size, response);
375 1 : sub_index1++;
376 1 : } else if (sub_index1 == 1) {
377 : spdm_challenge_auth_response_t *spdm_response;
378 : void *data;
379 : size_t data_size;
380 : uint8_t *ptr;
381 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
382 : size_t sig_size;
383 : size_t spdm_response_size;
384 : size_t transport_header_size;
385 :
386 1 : if (!libspdm_read_responder_public_certificate_chain(
387 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
388 : &data_size, NULL, NULL)) {
389 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
390 : }
391 : ((libspdm_context_t *)spdm_context)
392 : ->local_context
393 1 : .local_cert_chain_provision_size[0] = data_size;
394 : ((libspdm_context_t *)spdm_context)
395 1 : ->local_context.local_cert_chain_provision[0] = data;
396 : ((libspdm_context_t *)spdm_context)
397 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
398 : ((libspdm_context_t *)spdm_context)
399 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
400 1 : spdm_response_size =
401 : sizeof(spdm_challenge_auth_response_t) +
402 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
403 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
404 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
405 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
406 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
407 :
408 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
409 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
410 1 : spdm_response->header.param1 = 0;
411 1 : spdm_response->header.param2 = (1 << 0);
412 1 : ptr = (void *)(spdm_response + 1);
413 1 : libspdm_hash_all(
414 : m_libspdm_use_hash_algo,
415 : ((libspdm_context_t *)spdm_context)
416 : ->local_context
417 : .local_cert_chain_provision[0],
418 : ((libspdm_context_t *)spdm_context)
419 : ->local_context
420 : .local_cert_chain_provision_size[0],
421 : ptr);
422 1 : free(data);
423 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
424 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
425 1 : ptr += SPDM_NONCE_SIZE;
426 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
427 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
428 1 : libspdm_write_uint16(ptr, 0);
429 1 : ptr += sizeof(uint16_t);
430 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
431 : sizeof(m_libspdm_local_buffer)
432 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
433 : m_libspdm_local_buffer),
434 : spdm_response,
435 1 : (size_t)ptr - (size_t)spdm_response);
436 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
437 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
438 : m_libspdm_local_buffer_size, hash_data);
439 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
440 1 : libspdm_responder_data_sign(
441 : spdm_context,
442 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
443 : 0, SPDM_CHALLENGE_AUTH,
444 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
445 : m_libspdm_use_hash_algo,
446 : false, m_libspdm_local_buffer,
447 : m_libspdm_local_buffer_size, ptr,
448 : &sig_size);
449 1 : ptr += sig_size;
450 :
451 1 : libspdm_transport_test_encode_message(
452 : spdm_context, NULL, false, false, spdm_response_size,
453 : spdm_response, response_size, response);
454 : }
455 : }
456 2 : return LIBSPDM_STATUS_SUCCESS;
457 :
458 1 : case 0x7: { /*correct ERROR message (request resync)*/
459 : spdm_error_response_t *spdm_response;
460 : size_t spdm_response_size;
461 : size_t transport_header_size;
462 :
463 1 : spdm_response_size = sizeof(spdm_error_response_t);
464 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
465 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
466 :
467 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
468 1 : spdm_response->header.request_response_code = SPDM_ERROR;
469 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
470 1 : spdm_response->header.param2 = 0;
471 :
472 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
473 : false, spdm_response_size,
474 : spdm_response,
475 : response_size, response);
476 : }
477 1 : return LIBSPDM_STATUS_SUCCESS;
478 :
479 2 : case 0x8: { /*correct ERROR message (response not ready)*/
480 : spdm_error_response_data_response_not_ready_t *spdm_response;
481 : size_t spdm_response_size;
482 : size_t transport_header_size;
483 :
484 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
485 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
486 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
487 :
488 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
489 2 : spdm_response->header.request_response_code = SPDM_ERROR;
490 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
491 2 : spdm_response->header.param2 = 0;
492 2 : spdm_response->extend_error_data.rd_exponent = 1;
493 2 : spdm_response->extend_error_data.rd_tm = 2;
494 2 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
495 2 : spdm_response->extend_error_data.token = 0;
496 :
497 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
498 : false, spdm_response_size,
499 : spdm_response,
500 : response_size, response);
501 : }
502 2 : return LIBSPDM_STATUS_SUCCESS;
503 :
504 2 : case 0x9: { /*correct ERROR message (response not ready) + correct CHALLENGE_AUTH message*/
505 : static size_t sub_index2 = 0;
506 2 : if (sub_index2 == 0) {
507 : spdm_error_response_data_response_not_ready_t
508 : *spdm_response;
509 : size_t spdm_response_size;
510 : size_t transport_header_size;
511 :
512 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
513 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
514 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
515 :
516 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
517 1 : spdm_response->header.request_response_code = SPDM_ERROR;
518 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
519 1 : spdm_response->header.param2 = 0;
520 1 : spdm_response->extend_error_data.rd_exponent = 1;
521 1 : spdm_response->extend_error_data.rd_tm = 2;
522 1 : spdm_response->extend_error_data.request_code = SPDM_CHALLENGE;
523 1 : spdm_response->extend_error_data.token = 1;
524 :
525 1 : libspdm_transport_test_encode_message(
526 : spdm_context, NULL, false, false,
527 : spdm_response_size, spdm_response,
528 : response_size, response);
529 1 : sub_index2++;
530 1 : } else if (sub_index2 == 1) {
531 : spdm_challenge_auth_response_t *spdm_response;
532 : void *data;
533 : size_t data_size;
534 : uint8_t *ptr;
535 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
536 : size_t sig_size;
537 : size_t spdm_response_size;
538 : size_t transport_header_size;
539 :
540 1 : if (!libspdm_read_responder_public_certificate_chain(
541 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
542 : &data_size, NULL, NULL)) {
543 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
544 : }
545 : ((libspdm_context_t *)spdm_context)
546 : ->local_context
547 1 : .local_cert_chain_provision_size[0] = data_size;
548 : ((libspdm_context_t *)spdm_context)
549 1 : ->local_context.local_cert_chain_provision[0] = data;
550 : ((libspdm_context_t *)spdm_context)
551 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
552 : ((libspdm_context_t *)spdm_context)
553 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
554 1 : spdm_response_size =
555 : sizeof(spdm_challenge_auth_response_t) +
556 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
557 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
558 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
559 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
560 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
561 :
562 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
563 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
564 1 : spdm_response->header.param1 = 0;
565 1 : spdm_response->header.param2 = (1 << 0);
566 1 : ptr = (void *)(spdm_response + 1);
567 1 : libspdm_hash_all(
568 : m_libspdm_use_hash_algo,
569 : ((libspdm_context_t *)spdm_context)
570 : ->local_context
571 : .local_cert_chain_provision[0],
572 : ((libspdm_context_t *)spdm_context)
573 : ->local_context
574 : .local_cert_chain_provision_size[0],
575 : ptr);
576 1 : free(data);
577 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
578 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
579 1 : ptr += SPDM_NONCE_SIZE;
580 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
581 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
582 1 : libspdm_write_uint16(ptr, 0);
583 1 : ptr += sizeof(uint16_t);
584 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
585 : sizeof(m_libspdm_local_buffer)
586 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
587 : m_libspdm_local_buffer),
588 : spdm_response,
589 1 : (size_t)ptr - (size_t)spdm_response);
590 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
591 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
592 : m_libspdm_local_buffer_size, hash_data);
593 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
594 1 : libspdm_responder_data_sign(
595 : spdm_context,
596 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
597 : 0, SPDM_CHALLENGE_AUTH,
598 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo,
599 : m_libspdm_use_hash_algo,
600 : false, m_libspdm_local_buffer,
601 : m_libspdm_local_buffer_size, ptr,
602 : &sig_size);
603 1 : ptr += sig_size;
604 :
605 1 : libspdm_transport_test_encode_message(
606 : spdm_context, NULL, false, false, spdm_response_size,
607 : spdm_response, response_size, response);
608 : }
609 : }
610 2 : return LIBSPDM_STATUS_SUCCESS;
611 :
612 0 : case 0xA: /*correct CHALLENGE_AUTH message*/
613 : {
614 : spdm_challenge_auth_response_t *spdm_response;
615 : void *data;
616 : size_t data_size;
617 : uint8_t *Ptr;
618 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
619 : size_t sig_size;
620 : size_t spdm_response_size;
621 : size_t transport_header_size;
622 :
623 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
624 : m_libspdm_use_asym_algo,
625 : &data,
626 : &data_size, NULL, NULL);
627 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
628 : data_size;
629 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
630 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
631 : m_libspdm_use_asym_algo;
632 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
633 : m_libspdm_use_hash_algo;
634 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
635 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
636 : SPDM_NONCE_SIZE +
637 : 0 +
638 0 : sizeof(uint16_t) + 0 +
639 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
640 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
641 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
642 :
643 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
644 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
645 0 : spdm_response->header.param1 = 0;
646 0 : spdm_response->header.param2 = (1 << 0);
647 0 : Ptr = (void *)(spdm_response + 1);
648 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
649 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
650 : 0],
651 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
652 : 0],
653 : Ptr);
654 0 : free(data);
655 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
656 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
657 0 : Ptr += SPDM_NONCE_SIZE;
658 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
659 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
660 0 : libspdm_write_uint16(Ptr, 0);
661 0 : Ptr += sizeof(uint16_t);
662 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
663 : sizeof(m_libspdm_local_buffer) -
664 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
665 : m_libspdm_local_buffer),
666 : spdm_response,
667 0 : (size_t)Ptr - (size_t)spdm_response);
668 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
669 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
670 : m_libspdm_local_buffer_size, hash_data);
671 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
672 0 : libspdm_responder_data_sign(
673 : spdm_context,
674 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
675 : 0, SPDM_CHALLENGE_AUTH,
676 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
677 : false, m_libspdm_local_buffer,
678 : m_libspdm_local_buffer_size, Ptr, &sig_size);
679 0 : Ptr += sig_size;
680 :
681 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
682 : spdm_response, response_size, response);
683 : }
684 0 : return LIBSPDM_STATUS_SUCCESS;
685 :
686 1 : case 0xB: /*CHALLENGE_AUTH message smaller than a SPDM header*/
687 : {
688 : spdm_challenge_auth_response_t *spdm_response;
689 : size_t spdm_response_size;
690 : size_t transport_header_size;
691 :
692 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
693 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
694 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) - 1; /*smaller than standard message size*/
695 :
696 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
697 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
698 1 : spdm_response->header.param1 = 0;
699 1 : spdm_response->header.param2 = (1 << 0);
700 :
701 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
702 : spdm_response, response_size, response);
703 : }
704 1 : return LIBSPDM_STATUS_SUCCESS;
705 :
706 1 : case 0xC: /*CHALLENGE_AUTH message with wrong version (1.0)*/
707 : {
708 : spdm_challenge_auth_response_t *spdm_response;
709 : void *data;
710 : size_t data_size;
711 : uint8_t *Ptr;
712 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
713 : size_t sig_size;
714 : size_t spdm_response_size;
715 : size_t transport_header_size;
716 :
717 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
718 : m_libspdm_use_asym_algo,
719 : &data,
720 : &data_size, NULL, NULL);
721 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
722 : data_size;
723 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
724 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
725 : m_libspdm_use_asym_algo;
726 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
727 : m_libspdm_use_hash_algo;
728 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
729 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
730 1 : SPDM_NONCE_SIZE +
731 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
732 1 : sizeof(uint16_t) + 0 +
733 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
734 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
735 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
736 :
737 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10; /*wrong version*/
738 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
739 1 : spdm_response->header.param1 = 0;
740 1 : spdm_response->header.param2 = (1 << 0);
741 1 : Ptr = (void *)(spdm_response + 1);
742 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
743 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
744 : 0],
745 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
746 : 0],
747 : Ptr);
748 1 : free(data);
749 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
750 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
751 1 : Ptr += SPDM_NONCE_SIZE;
752 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
753 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
754 1 : libspdm_write_uint16(Ptr, 0);
755 1 : Ptr += sizeof(uint16_t);
756 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
757 : sizeof(m_libspdm_local_buffer) -
758 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
759 : m_libspdm_local_buffer),
760 : spdm_response,
761 1 : (size_t)Ptr - (size_t)spdm_response);
762 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
763 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
764 : m_libspdm_local_buffer_size, hash_data);
765 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
766 1 : libspdm_responder_data_sign(
767 : spdm_context,
768 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
769 : 0, SPDM_CHALLENGE_AUTH,
770 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
771 : false, m_libspdm_local_buffer,
772 : m_libspdm_local_buffer_size, Ptr, &sig_size);
773 1 : Ptr += sig_size;
774 :
775 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
776 : spdm_response, response_size, response);
777 : }
778 1 : return LIBSPDM_STATUS_SUCCESS;
779 :
780 1 : case 0xD: /*SPDM (mostly CHALLENGE_AUTH) message with wrong response code (0x83)*/
781 : {
782 : spdm_challenge_auth_response_t *spdm_response;
783 : void *data;
784 : size_t data_size;
785 : uint8_t *Ptr;
786 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
787 : size_t sig_size;
788 : size_t spdm_response_size;
789 : size_t transport_header_size;
790 :
791 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
792 : m_libspdm_use_asym_algo,
793 : &data,
794 : &data_size, NULL, NULL);
795 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
796 : data_size;
797 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
798 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
799 : m_libspdm_use_asym_algo;
800 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
801 : m_libspdm_use_hash_algo;
802 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
803 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
804 : SPDM_NONCE_SIZE +
805 : 0 +
806 1 : sizeof(uint16_t) + 0 +
807 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
808 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
809 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
810 :
811 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
812 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE; /*wrong response code*/
813 1 : spdm_response->header.param1 = 0;
814 1 : spdm_response->header.param2 = (1 << 0);
815 1 : Ptr = (void *)(spdm_response + 1);
816 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
817 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
818 : 0],
819 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
820 : 0],
821 : Ptr);
822 1 : free(data);
823 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
824 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
825 1 : Ptr += SPDM_NONCE_SIZE;
826 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
827 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
828 1 : libspdm_write_uint16(Ptr, 0);
829 1 : Ptr += sizeof(uint16_t);
830 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
831 : sizeof(m_libspdm_local_buffer) -
832 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
833 : m_libspdm_local_buffer),
834 : spdm_response,
835 1 : (size_t)Ptr - (size_t)spdm_response);
836 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
837 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
838 : m_libspdm_local_buffer_size, hash_data);
839 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
840 1 : libspdm_responder_data_sign(
841 : spdm_context,
842 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
843 : 0, SPDM_CHALLENGE_AUTH,
844 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
845 : false, m_libspdm_local_buffer,
846 : m_libspdm_local_buffer_size, Ptr, &sig_size);
847 1 : Ptr += sig_size;
848 :
849 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
850 : spdm_response, response_size, response);
851 : }
852 1 : return LIBSPDM_STATUS_SUCCESS;
853 :
854 1 : case 0xE: /*correct CHALLENGE_AUTH message with wrong slot number*/
855 : {
856 : spdm_challenge_auth_response_t *spdm_response;
857 : void *data;
858 : size_t data_size;
859 : uint8_t *Ptr;
860 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
861 : size_t sig_size;
862 : size_t spdm_response_size;
863 : size_t transport_header_size;
864 :
865 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
866 : m_libspdm_use_asym_algo,
867 : &data,
868 : &data_size, NULL, NULL);
869 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
870 : data_size;
871 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
872 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
873 : m_libspdm_use_asym_algo;
874 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
875 : m_libspdm_use_hash_algo;
876 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
877 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
878 : SPDM_NONCE_SIZE +
879 : 0 +
880 1 : sizeof(uint16_t) + 0 +
881 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
882 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
883 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
884 :
885 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
886 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
887 1 : spdm_response->header.param1 = 1;
888 1 : spdm_response->header.param2 = (1 << 1); /*wrong slot number*/
889 1 : Ptr = (void *)(spdm_response + 1);
890 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
891 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
892 : 0],
893 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
894 : 0],
895 : Ptr);
896 1 : free(data);
897 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
898 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
899 1 : Ptr += SPDM_NONCE_SIZE;
900 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
901 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
902 1 : libspdm_write_uint16(Ptr, 0);
903 1 : Ptr += sizeof(uint16_t);
904 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
905 : sizeof(m_libspdm_local_buffer) -
906 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
907 : m_libspdm_local_buffer),
908 : spdm_response,
909 1 : (size_t)Ptr - (size_t)spdm_response);
910 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
911 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
912 : m_libspdm_local_buffer_size, hash_data);
913 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
914 1 : libspdm_responder_data_sign(
915 : spdm_context,
916 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
917 : 0, SPDM_CHALLENGE_AUTH,
918 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
919 : false, m_libspdm_local_buffer,
920 : m_libspdm_local_buffer_size, Ptr, &sig_size);
921 1 : Ptr += sig_size;
922 :
923 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
924 : spdm_response, response_size, response);
925 : }
926 1 : return LIBSPDM_STATUS_SUCCESS;
927 :
928 0 : case 0xF: /*CHALLENGE_AUTH message with slot number overflow*/
929 : {
930 : spdm_challenge_auth_response_t *spdm_response;
931 : void *data;
932 : size_t data_size;
933 : uint8_t *Ptr;
934 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
935 : size_t sig_size;
936 : size_t spdm_response_size;
937 : size_t transport_header_size;
938 :
939 0 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
940 : m_libspdm_use_asym_algo,
941 : &data,
942 : &data_size, NULL, NULL);
943 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
944 : data_size;
945 0 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
946 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
947 : m_libspdm_use_asym_algo;
948 0 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
949 : m_libspdm_use_hash_algo;
950 0 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
951 0 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
952 : SPDM_NONCE_SIZE +
953 : 0 +
954 0 : sizeof(uint16_t) + 0 +
955 0 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
956 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
957 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
958 :
959 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
960 0 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
961 0 : spdm_response->header.param1 = 8; /*slot number overflow*/
962 0 : spdm_response->header.param2 = (1 << 0);
963 0 : Ptr = (void *)(spdm_response + 1);
964 0 : libspdm_hash_all (m_libspdm_use_hash_algo,
965 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
966 : 0],
967 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
968 : 0],
969 : Ptr);
970 0 : free(data);
971 0 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
972 0 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
973 0 : Ptr += SPDM_NONCE_SIZE;
974 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
975 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
976 0 : libspdm_write_uint16(Ptr, 0);
977 0 : Ptr += sizeof(uint16_t);
978 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
979 : sizeof(m_libspdm_local_buffer) -
980 0 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
981 : m_libspdm_local_buffer),
982 : spdm_response,
983 0 : (size_t)Ptr - (size_t)spdm_response);
984 0 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
985 0 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
986 : m_libspdm_local_buffer_size, hash_data);
987 0 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
988 0 : libspdm_responder_data_sign(
989 : spdm_context,
990 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
991 : 0, SPDM_CHALLENGE_AUTH,
992 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
993 : false, m_libspdm_local_buffer,
994 : m_libspdm_local_buffer_size, Ptr, &sig_size);
995 0 : Ptr += sig_size;
996 :
997 0 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
998 : spdm_response, response_size, response);
999 : }
1000 0 : return LIBSPDM_STATUS_SUCCESS;
1001 :
1002 1 : case 0x10: /*correct CHALLENGE_AUTH message with "libspdm" opaque data*/
1003 : {
1004 : spdm_challenge_auth_response_t *spdm_response;
1005 : void *data;
1006 : size_t data_size;
1007 : uint8_t *Ptr;
1008 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1009 : size_t sig_size;
1010 : size_t spdm_response_size;
1011 : size_t transport_header_size;
1012 :
1013 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1014 : m_libspdm_use_asym_algo,
1015 : &data,
1016 : &data_size, NULL, NULL);
1017 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1018 : data_size;
1019 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1020 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1021 : m_libspdm_use_asym_algo;
1022 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1023 : m_libspdm_use_hash_algo;
1024 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1025 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1026 : SPDM_NONCE_SIZE +
1027 : 0 +
1028 1 : sizeof(uint16_t) + 8 +
1029 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1030 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1031 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1032 :
1033 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1034 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1035 1 : spdm_response->header.param1 = 0;
1036 1 : spdm_response->header.param2 = (1 << 0);
1037 1 : Ptr = (void *)(spdm_response + 1);
1038 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1039 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1040 : 0],
1041 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1042 : 0],
1043 : Ptr);
1044 1 : free(data);
1045 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1046 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1047 1 : Ptr += SPDM_NONCE_SIZE;
1048 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1049 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1050 1 : libspdm_write_uint16(Ptr, (uint16_t)strlen("libspdm"));
1051 1 : Ptr += sizeof(uint16_t);
1052 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr, "libspdm",
1053 : strlen("libspdm"));
1054 1 : Ptr += strlen("libspdm");
1055 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1056 : sizeof(m_libspdm_local_buffer) -
1057 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1058 : m_libspdm_local_buffer),
1059 : spdm_response,
1060 1 : (size_t)Ptr - (size_t)spdm_response);
1061 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1062 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1063 : m_libspdm_local_buffer_size, hash_data);
1064 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1065 1 : libspdm_responder_data_sign(
1066 : spdm_context,
1067 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1068 : 0, SPDM_CHALLENGE_AUTH,
1069 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1070 : false, m_libspdm_local_buffer,
1071 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1072 1 : Ptr += sig_size;
1073 :
1074 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1075 : spdm_response, response_size, response);
1076 : }
1077 1 : return LIBSPDM_STATUS_SUCCESS;
1078 :
1079 1 : case 0x11: /*correct CHALLENGE_AUTH message with invalid signature*/
1080 : {
1081 : spdm_challenge_auth_response_t *spdm_response;
1082 : void *data;
1083 : size_t data_size;
1084 : uint8_t *Ptr;
1085 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1086 : size_t sig_size;
1087 : size_t spdm_response_size;
1088 : size_t transport_header_size;
1089 :
1090 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1091 : m_libspdm_use_asym_algo,
1092 : &data,
1093 : &data_size, NULL, NULL);
1094 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1095 : data_size;
1096 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1097 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1098 : m_libspdm_use_asym_algo;
1099 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1100 : m_libspdm_use_hash_algo;
1101 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1102 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1103 : SPDM_NONCE_SIZE +
1104 : 0 +
1105 1 : sizeof(uint16_t) + 0 +
1106 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1107 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1108 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1109 :
1110 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1111 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1112 1 : spdm_response->header.param1 = 0;
1113 1 : spdm_response->header.param2 = (1 << 0);
1114 1 : Ptr = (void *)(spdm_response + 1);
1115 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1116 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1117 : 0],
1118 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1119 : 0],
1120 : Ptr);
1121 1 : free(data);
1122 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1123 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1124 1 : Ptr += SPDM_NONCE_SIZE;
1125 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1126 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1127 1 : libspdm_write_uint16(Ptr, 0);
1128 1 : Ptr += sizeof(uint16_t);
1129 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1130 : sizeof(m_libspdm_local_buffer) -
1131 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1132 : m_libspdm_local_buffer),
1133 : spdm_response,
1134 1 : (size_t)Ptr - (size_t)spdm_response);
1135 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1136 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1137 : m_libspdm_local_buffer_size, hash_data);
1138 1 : libspdm_hash_all (m_libspdm_use_hash_algo, hash_data, libspdm_get_hash_size (
1139 : m_libspdm_use_hash_algo), hash_data);
1140 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1141 1 : libspdm_responder_data_sign(
1142 : spdm_context,
1143 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1144 : 0, SPDM_CHALLENGE_AUTH,
1145 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1146 1 : false, hash_data, libspdm_get_hash_size ( m_libspdm_use_hash_algo), Ptr, &sig_size);
1147 1 : Ptr += sig_size;
1148 :
1149 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1150 : spdm_response, response_size, response);
1151 : }
1152 1 : return LIBSPDM_STATUS_SUCCESS;
1153 :
1154 2 : case 0x12: /*correct CHALLENGE_AUTH message*/
1155 : case 0x13: /*correct CHALLENGE_AUTH message*/
1156 : {
1157 : spdm_challenge_auth_response_t *spdm_response;
1158 : void *data;
1159 : size_t data_size;
1160 : uint8_t *Ptr;
1161 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1162 : size_t sig_size;
1163 : size_t spdm_response_size;
1164 : size_t transport_header_size;
1165 :
1166 2 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1167 : m_libspdm_use_asym_algo,
1168 : &data,
1169 : &data_size, NULL, NULL);
1170 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1171 : data_size;
1172 2 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1173 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1174 : m_libspdm_use_asym_algo;
1175 2 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1176 : m_libspdm_use_hash_algo;
1177 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1178 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1179 2 : SPDM_NONCE_SIZE +
1180 2 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1181 2 : sizeof(uint16_t) + 0 +
1182 2 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1183 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1184 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1185 :
1186 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1187 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1188 2 : spdm_response->header.param1 = 0;
1189 2 : spdm_response->header.param2 = (1 << 0);
1190 2 : Ptr = (void *)(spdm_response + 1);
1191 2 : libspdm_hash_all (m_libspdm_use_hash_algo,
1192 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1193 : 0],
1194 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1195 : 0],
1196 : Ptr);
1197 2 : free(data);
1198 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1199 2 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1200 2 : Ptr += SPDM_NONCE_SIZE;
1201 2 : libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1202 2 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1203 2 : libspdm_write_uint16(Ptr, 0);
1204 2 : Ptr += sizeof(uint16_t);
1205 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1206 : sizeof(m_libspdm_local_buffer) -
1207 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1208 : m_libspdm_local_buffer),
1209 : spdm_response,
1210 2 : (size_t)Ptr - (size_t)spdm_response);
1211 2 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1212 2 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1213 : m_libspdm_local_buffer_size, hash_data);
1214 2 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1215 2 : libspdm_responder_data_sign(
1216 : spdm_context,
1217 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1218 : 0, SPDM_CHALLENGE_AUTH,
1219 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1220 : false, m_libspdm_local_buffer,
1221 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1222 2 : Ptr += sig_size;
1223 :
1224 2 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1225 : spdm_response, response_size, response);
1226 : }
1227 2 : return LIBSPDM_STATUS_SUCCESS;
1228 :
1229 18 : case 0x14:
1230 : {
1231 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1232 :
1233 : spdm_error_response_t *spdm_response;
1234 : size_t spdm_response_size;
1235 : size_t transport_header_size;
1236 :
1237 18 : if(error_code <= 0xff) {
1238 18 : spdm_response_size = sizeof(spdm_error_response_t);
1239 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1240 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1241 :
1242 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1243 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1244 18 : spdm_response->header.param1 = (uint8_t) error_code;
1245 18 : spdm_response->header.param2 = 0;
1246 :
1247 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1248 : spdm_response_size, spdm_response,
1249 : response_size, response);
1250 : }
1251 :
1252 18 : error_code++;
1253 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1254 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1255 : }
1256 : /* skip some reserved error codes (0d to 3e) */
1257 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
1258 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1259 : }
1260 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
1261 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
1262 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1263 : }
1264 : }
1265 18 : return LIBSPDM_STATUS_SUCCESS;
1266 :
1267 1 : case 0x15: /*correct CHALLENGE_AUTH message with multiple slot numbers */
1268 : {
1269 : spdm_challenge_auth_response_t *spdm_response;
1270 : void *data;
1271 : size_t data_size;
1272 : uint8_t *ptr;
1273 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1274 : size_t sig_size;
1275 : size_t spdm_response_size;
1276 : size_t transport_header_size;
1277 :
1278 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1279 : m_libspdm_use_asym_algo,
1280 : &data,
1281 : &data_size, NULL, NULL);
1282 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1283 : data_size;
1284 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1285 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1286 : m_libspdm_use_asym_algo;
1287 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1288 : m_libspdm_use_hash_algo;
1289 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1290 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1291 : SPDM_NONCE_SIZE +
1292 : 0 +
1293 1 : sizeof(uint16_t) + 0 +
1294 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1295 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1296 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1297 :
1298 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1299 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1300 1 : spdm_response->header.param1 = 0;
1301 1 : spdm_response->header.param2 = 0x71; /*multiple slot numbers */
1302 1 : ptr = (void *)(spdm_response + 1);
1303 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1304 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1305 : 0],
1306 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1307 : 0],
1308 : ptr);
1309 1 : free(data);
1310 1 : ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1311 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, ptr);
1312 1 : ptr += SPDM_NONCE_SIZE;
1313 1 : libspdm_write_uint16(ptr, 0);
1314 1 : ptr += sizeof(uint16_t);
1315 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1316 : sizeof(m_libspdm_local_buffer) -
1317 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1318 : m_libspdm_local_buffer),
1319 : spdm_response,
1320 1 : (size_t)ptr - (size_t)spdm_response);
1321 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1322 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1323 : m_libspdm_local_buffer_size, hash_data);
1324 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1325 1 : libspdm_responder_data_sign(
1326 : spdm_context,
1327 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1328 : 0, SPDM_CHALLENGE_AUTH,
1329 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1330 : false, m_libspdm_local_buffer,
1331 : m_libspdm_local_buffer_size, ptr, &sig_size);
1332 1 : ptr += sig_size;
1333 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1334 : spdm_response, response_size, response);
1335 : }
1336 1 : return LIBSPDM_STATUS_SUCCESS;
1337 :
1338 1 : case 0x16: { /*correct CHALLENGE_AUTH message*/
1339 : spdm_challenge_auth_response_t *spdm_response;
1340 : void *data;
1341 : size_t data_size;
1342 : uint8_t *ptr;
1343 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1344 : size_t sig_size;
1345 : size_t spdm_response_size;
1346 : size_t transport_header_size;
1347 :
1348 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1349 : m_libspdm_use_asym_algo,
1350 : &data,
1351 : &data_size, NULL, NULL);
1352 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1353 : data_size;
1354 1 : ((libspdm_context_t *)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1355 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1356 : m_libspdm_use_asym_algo;
1357 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1358 : m_libspdm_use_hash_algo;
1359 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1360 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1361 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1362 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1363 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1364 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1365 :
1366 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1367 1 : spdm_response->header.request_response_code =SPDM_CHALLENGE_AUTH;
1368 1 : spdm_response->header.param1 = 0;
1369 1 : spdm_response->header.param2 = (1 << 0);
1370 1 : ptr = (void *)(spdm_response + 1);
1371 1 : libspdm_hash_all(m_libspdm_use_hash_algo,
1372 : ((libspdm_context_t *)spdm_context)
1373 : ->local_context.local_cert_chain_provision[0],
1374 : ((libspdm_context_t *)spdm_context)
1375 : ->local_context.local_cert_chain_provision_size[0],
1376 : ptr);
1377 1 : free(data);
1378 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1379 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1380 1 : ptr += SPDM_NONCE_SIZE;
1381 : /* libspdm_zero_mem (ptr, spdm_get_hash_size (m_libspdm_use_hash_algo));
1382 : * ptr += spdm_get_hash_size (m_libspdm_use_hash_algo);*/
1383 1 : libspdm_write_uint16(ptr, 0);
1384 1 : ptr += sizeof(uint16_t);
1385 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1386 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1387 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1388 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1389 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
1390 : m_libspdm_local_buffer_size));
1391 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1392 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1393 : m_libspdm_local_buffer_size, hash_data);
1394 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1395 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1396 1 : libspdm_dump_hex(hash_data, libspdm_get_hash_size(m_libspdm_use_hash_algo));
1397 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1398 1 : libspdm_responder_data_sign(
1399 : spdm_context,
1400 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1401 : 0, SPDM_CHALLENGE_AUTH,
1402 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1403 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1404 : ptr, &sig_size);
1405 1 : ptr += sig_size;
1406 :
1407 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1408 : false, spdm_response_size,
1409 : spdm_response, response_size,
1410 : response);
1411 : }
1412 1 : return LIBSPDM_STATUS_SUCCESS;
1413 :
1414 2 : case 0x17: { /*correct CHALLENGE_AUTH message*/
1415 : spdm_challenge_auth_response_t *spdm_response;
1416 : void *data;
1417 : size_t data_size;
1418 : uint8_t *ptr;
1419 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1420 : size_t sig_size;
1421 : size_t spdm_response_size;
1422 : size_t transport_header_size;
1423 : static uint8_t slot_id = 0;
1424 :
1425 2 : if (slot_id == 0) {
1426 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1427 : m_libspdm_use_asym_algo, &data,
1428 : &data_size, NULL, NULL)) {
1429 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1430 : }
1431 : } else {
1432 1 : if (!libspdm_read_responder_public_certificate_chain_per_slot(1,
1433 : m_libspdm_use_hash_algo,
1434 : m_libspdm_use_asym_algo, &data,
1435 : &data_size, NULL, NULL)) {
1436 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1437 : }
1438 : }
1439 : ((libspdm_context_t *)spdm_context)
1440 2 : ->local_context.local_cert_chain_provision_size[slot_id] = data_size;
1441 : ((libspdm_context_t *)spdm_context)
1442 2 : ->local_context.local_cert_chain_provision[slot_id] = data;
1443 : ((libspdm_context_t *)spdm_context)
1444 2 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1445 : ((libspdm_context_t *)spdm_context)
1446 2 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1447 2 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1448 2 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1449 2 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1450 2 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1451 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1452 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1453 :
1454 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1455 2 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1456 2 : spdm_response->header.param1 = slot_id & 0xF;
1457 2 : spdm_response->header.param2 = (1 << slot_id);
1458 2 : ptr = (void *)(spdm_response + 1);
1459 2 : libspdm_hash_all(
1460 : m_libspdm_use_hash_algo,
1461 : ((libspdm_context_t *)spdm_context)
1462 : ->local_context.local_cert_chain_provision[slot_id],
1463 : ((libspdm_context_t *)spdm_context)
1464 : ->local_context
1465 : .local_cert_chain_provision_size[slot_id],
1466 : ptr);
1467 2 : free(data);
1468 2 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1469 2 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1470 2 : ptr += SPDM_NONCE_SIZE;
1471 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1472 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1473 2 : libspdm_write_uint16(ptr, 0);
1474 2 : ptr += sizeof(uint16_t);
1475 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1476 : sizeof(m_libspdm_local_buffer) -
1477 2 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1478 : m_libspdm_local_buffer),
1479 2 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1480 2 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1481 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1482 : m_libspdm_local_buffer_size));
1483 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1484 2 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1485 : m_libspdm_local_buffer_size, hash_data);
1486 2 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1487 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1488 2 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1489 2 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1490 2 : libspdm_responder_data_sign(
1491 : spdm_context,
1492 2 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1493 : 0, SPDM_CHALLENGE_AUTH,
1494 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1495 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1496 : ptr, &sig_size);
1497 2 : ptr += sig_size;
1498 :
1499 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1500 : false, spdm_response_size,
1501 : spdm_response, response_size,
1502 : response);
1503 2 : slot_id++;
1504 : }
1505 2 : return LIBSPDM_STATUS_SUCCESS;
1506 :
1507 1 : case 0x18: { /* correct CHALLENGE_AUTH message using slot 0xFF */
1508 : spdm_challenge_auth_response_t *spdm_response;
1509 : void *data;
1510 : size_t data_size;
1511 : uint8_t *ptr;
1512 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1513 : size_t sig_size;
1514 : size_t spdm_response_size;
1515 : size_t transport_header_size;
1516 :
1517 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
1518 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1519 : }
1520 : ((libspdm_context_t *)spdm_context)
1521 1 : ->local_context.local_public_key_provision_size = data_size;
1522 : ((libspdm_context_t *)spdm_context)
1523 1 : ->local_context.local_public_key_provision = data;
1524 : ((libspdm_context_t *)spdm_context)
1525 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1526 : ((libspdm_context_t *)spdm_context)
1527 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1528 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1529 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1530 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1531 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1532 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1533 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1534 :
1535 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1536 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1537 1 : spdm_response->header.param1 = 0x0F;
1538 1 : spdm_response->header.param2 = 0;
1539 1 : ptr = (void *)(spdm_response + 1);
1540 1 : libspdm_hash_all(
1541 : m_libspdm_use_hash_algo,
1542 : ((libspdm_context_t *)spdm_context)
1543 : ->local_context.local_public_key_provision,
1544 : ((libspdm_context_t *)spdm_context)
1545 : ->local_context
1546 : .local_public_key_provision_size,
1547 : ptr);
1548 1 : free(data);
1549 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1550 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1551 1 : ptr += SPDM_NONCE_SIZE;
1552 : /* libspdm_zero_mem (ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1553 : * ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1554 1 : libspdm_write_uint16(ptr, 0);
1555 1 : ptr += sizeof(uint16_t);
1556 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1557 : sizeof(m_libspdm_local_buffer) -
1558 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1559 : m_libspdm_local_buffer),
1560 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1561 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1562 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1563 : m_libspdm_local_buffer_size));
1564 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1565 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1566 : m_libspdm_local_buffer_size, hash_data);
1567 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1568 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1569 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1570 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1571 1 : libspdm_responder_data_sign(
1572 : spdm_context,
1573 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1574 : 0, SPDM_CHALLENGE_AUTH,
1575 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1576 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1577 : ptr, &sig_size);
1578 1 : ptr += sig_size;
1579 :
1580 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1581 : false, spdm_response_size,
1582 : spdm_response, response_size,
1583 : response);
1584 : }
1585 1 : return LIBSPDM_STATUS_SUCCESS;
1586 :
1587 1 : case 0x19: /*CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed*/
1588 : {
1589 : spdm_challenge_auth_response_t *spdm_response;
1590 : void *data;
1591 : size_t data_size;
1592 : uint8_t *Ptr;
1593 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1594 : size_t sig_size;
1595 : size_t spdm_response_size;
1596 : size_t transport_header_size;
1597 : uint16_t opaque_length;
1598 1 : opaque_length = SPDM_MAX_OPAQUE_DATA_SIZE + 1; /*opaque_length greater than the maximum allowed*/
1599 :
1600 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1601 : m_libspdm_use_asym_algo,
1602 : &data,
1603 : &data_size, NULL, NULL);
1604 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1605 : data_size;
1606 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1607 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1608 : m_libspdm_use_asym_algo;
1609 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1610 : m_libspdm_use_hash_algo;
1611 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1612 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1613 : SPDM_NONCE_SIZE +
1614 : 0 +
1615 1 : sizeof(uint16_t) +
1616 1 : opaque_length +
1617 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1618 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1619 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1620 :
1621 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1622 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1623 1 : spdm_response->header.param1 = 0;
1624 1 : spdm_response->header.param2 = (1 << 0);
1625 1 : Ptr = (void *)(spdm_response + 1);
1626 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1627 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1628 : 0],
1629 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1630 : 0],
1631 : Ptr);
1632 1 : free(data);
1633 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1634 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1635 1 : Ptr += SPDM_NONCE_SIZE;
1636 : /* libspdm_zero_mem (Ptr, libspdm_get_hash_size (m_libspdm_use_hash_algo));
1637 : * Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);*/
1638 1 : libspdm_write_uint16(Ptr, opaque_length);
1639 1 : Ptr += sizeof(uint16_t);
1640 1 : libspdm_set_mem(Ptr, opaque_length, 255);
1641 1 : Ptr += opaque_length;
1642 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1643 : sizeof(m_libspdm_local_buffer) -
1644 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1645 : m_libspdm_local_buffer),
1646 : spdm_response,
1647 1 : (size_t)Ptr - (size_t)spdm_response);
1648 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1649 1 : libspdm_hash_all (m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1650 : m_libspdm_local_buffer_size, hash_data);
1651 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1652 1 : libspdm_responder_data_sign(
1653 : spdm_context,
1654 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1655 : 0, SPDM_CHALLENGE_AUTH,
1656 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1657 : false, m_libspdm_local_buffer,
1658 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1659 1 : Ptr += sig_size;
1660 :
1661 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1662 : spdm_response, response_size, response);
1663 : }
1664 1 : return LIBSPDM_STATUS_SUCCESS;
1665 :
1666 1 : case 0x1A:
1667 : {
1668 : spdm_challenge_auth_response_t *spdm_response;
1669 : spdm_general_opaque_data_table_header_t
1670 : *spdm_general_opaque_data_table_header;
1671 : opaque_element_table_header_t
1672 : *opaque_element_table_header;
1673 : void *data;
1674 : size_t data_size;
1675 : uint8_t *Ptr;
1676 : size_t sig_size;
1677 : size_t spdm_response_size;
1678 : size_t transport_header_size;
1679 : uint8_t element_num;
1680 : uint8_t element_index;
1681 : size_t current_element_len;
1682 : uint16_t opaque_element_data_len;
1683 :
1684 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1685 : m_libspdm_use_asym_algo,
1686 : &data,
1687 : &data_size, NULL, NULL);
1688 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[0] =
1689 : data_size;
1690 1 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[0] = data;
1691 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_asym_algo =
1692 : m_libspdm_use_asym_algo;
1693 1 : ((libspdm_context_t*)spdm_context)->connection_info.algorithm.base_hash_algo =
1694 : m_libspdm_use_hash_algo;
1695 :
1696 :
1697 1 : spdm_general_opaque_data_table_header = (void *)m_libspdm_opaque_data;
1698 1 : spdm_general_opaque_data_table_header->total_elements = 4;
1699 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1700 :
1701 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1702 1 : m_libspdm_opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1703 :
1704 5 : for (element_index = 0; element_index < element_num; element_index++) {
1705 4 : opaque_element_table_header->id = SPDM_REGISTRY_ID_MAX;
1706 4 : opaque_element_table_header->vendor_len = 0;
1707 4 : opaque_element_data_len = (uint16_t)strlen("libspdm");
1708 :
1709 4 : Ptr = (void *)(opaque_element_table_header + 1);
1710 4 : Ptr += opaque_element_table_header->vendor_len;
1711 :
1712 4 : libspdm_copy_mem((uint16_t *)Ptr,
1713 : sizeof(opaque_element_data_len),
1714 : &opaque_element_data_len,
1715 : sizeof(opaque_element_data_len));
1716 :
1717 4 : libspdm_copy_mem(Ptr + sizeof(opaque_element_data_len),
1718 : SPDM_MAX_OPAQUE_DATA_SIZE -
1719 : sizeof(opaque_element_table_header_t), "libspdm",
1720 : strlen("libspdm"));
1721 :
1722 4 : current_element_len = sizeof(opaque_element_table_header_t) +
1723 4 : opaque_element_table_header->vendor_len +
1724 4 : sizeof(opaque_element_data_len) +
1725 : opaque_element_data_len;
1726 4 : current_element_len = (current_element_len + 3) & ~3;
1727 :
1728 : /*move to next element*/
1729 4 : opaque_element_table_header =
1730 : (opaque_element_table_header_t *)
1731 : ((uint8_t *)opaque_element_table_header + current_element_len);
1732 :
1733 4 : m_libspdm_opaque_data_size += current_element_len;
1734 : }
1735 :
1736 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1737 1 : libspdm_get_hash_size (m_libspdm_use_hash_algo) +
1738 : SPDM_NONCE_SIZE +
1739 : 0 +
1740 2 : sizeof(uint16_t) + m_libspdm_opaque_data_size +
1741 1 : libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1742 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1743 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1744 :
1745 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
1746 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1747 1 : spdm_response->header.param1 = 0;
1748 1 : spdm_response->header.param2 = (1 << 0);
1749 1 : Ptr = (void *)(spdm_response + 1);
1750 1 : libspdm_hash_all (m_libspdm_use_hash_algo,
1751 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision[
1752 : 0],
1753 : ((libspdm_context_t*)spdm_context)->local_context.local_cert_chain_provision_size[
1754 : 0],
1755 : Ptr);
1756 1 : free(data);
1757 1 : Ptr += libspdm_get_hash_size (m_libspdm_use_hash_algo);
1758 1 : libspdm_get_random_number (SPDM_NONCE_SIZE, Ptr);
1759 1 : Ptr += SPDM_NONCE_SIZE;
1760 1 : libspdm_write_uint16(Ptr, (uint16_t)m_libspdm_opaque_data_size);
1761 1 : Ptr += sizeof(uint16_t);
1762 1 : libspdm_copy_mem(Ptr, (size_t)(*response) + *response_size - (size_t)Ptr,
1763 : m_libspdm_opaque_data,
1764 : m_libspdm_opaque_data_size);
1765 1 : Ptr += m_libspdm_opaque_data_size;
1766 :
1767 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1768 : sizeof(m_libspdm_local_buffer) -
1769 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1770 : m_libspdm_local_buffer),
1771 : spdm_response,
1772 1 : (size_t)Ptr - (size_t)spdm_response);
1773 1 : m_libspdm_local_buffer_size += ((size_t)Ptr - (size_t)spdm_response);
1774 1 : sig_size = libspdm_get_asym_signature_size (m_libspdm_use_asym_algo);
1775 1 : libspdm_responder_data_sign(
1776 : spdm_context,
1777 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1778 : 0, SPDM_CHALLENGE_AUTH,
1779 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1780 : false, m_libspdm_local_buffer,
1781 : m_libspdm_local_buffer_size, Ptr, &sig_size);
1782 1 : Ptr += sig_size;
1783 :
1784 1 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size,
1785 : spdm_response, response_size, response);
1786 : }
1787 1 : return LIBSPDM_STATUS_SUCCESS;
1788 1 : case 0x1B: {
1789 : spdm_challenge_auth_response_t *spdm_response;
1790 : void *data;
1791 : size_t data_size;
1792 : uint8_t *ptr;
1793 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1794 : size_t sig_size;
1795 : size_t spdm_response_size;
1796 : size_t transport_header_size;
1797 1 : uint8_t slot_id = 0;
1798 :
1799 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1800 : m_libspdm_use_asym_algo, &data,
1801 : &data_size, NULL, NULL)) {
1802 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1803 : }
1804 : ((libspdm_context_t *)spdm_context)
1805 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
1806 : ((libspdm_context_t *)spdm_context)
1807 1 : ->local_context.local_cert_chain_provision[0] = data;
1808 : ((libspdm_context_t *)spdm_context)
1809 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1810 : ((libspdm_context_t *)spdm_context)
1811 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1812 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1813 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1814 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1815 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1816 : SPDM_REQ_CONTEXT_SIZE;
1817 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1818 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1819 :
1820 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1821 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1822 1 : spdm_response->header.param1 = slot_id;
1823 1 : spdm_response->header.param2 = (1 << slot_id);
1824 1 : ptr = (void *)(spdm_response + 1);
1825 1 : libspdm_hash_all(
1826 : m_libspdm_use_hash_algo,
1827 : ((libspdm_context_t *)spdm_context)
1828 : ->local_context.local_cert_chain_provision[slot_id],
1829 : ((libspdm_context_t *)spdm_context)
1830 : ->local_context
1831 : .local_cert_chain_provision_size[slot_id],
1832 : ptr);
1833 1 : free(data);
1834 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1835 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1836 1 : ptr += SPDM_NONCE_SIZE;
1837 1 : libspdm_write_uint16(ptr, 0);
1838 1 : ptr += sizeof(uint16_t);
1839 1 : libspdm_copy_mem(ptr, SPDM_REQ_CONTEXT_SIZE, m_requester_context, SPDM_REQ_CONTEXT_SIZE);
1840 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1841 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1842 : sizeof(m_libspdm_local_buffer) -
1843 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1844 : m_libspdm_local_buffer),
1845 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1846 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1847 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1848 : m_libspdm_local_buffer_size));
1849 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1850 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1851 : m_libspdm_local_buffer_size, hash_data);
1852 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1853 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1854 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1855 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1856 1 : libspdm_responder_data_sign(
1857 : spdm_context,
1858 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1859 : 0, SPDM_CHALLENGE_AUTH,
1860 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1861 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1862 : ptr, &sig_size);
1863 1 : ptr += sig_size;
1864 :
1865 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1866 : false, spdm_response_size,
1867 : spdm_response, response_size,
1868 : response);
1869 : }
1870 1 : return LIBSPDM_STATUS_SUCCESS;
1871 1 : case 0x1C: {
1872 : spdm_challenge_auth_response_t *spdm_response;
1873 : void *data;
1874 : size_t data_size;
1875 : uint8_t *ptr;
1876 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1877 : size_t sig_size;
1878 : size_t spdm_response_size;
1879 : size_t transport_header_size;
1880 1 : uint8_t slot_id = 0;
1881 :
1882 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1883 : m_libspdm_use_asym_algo, &data,
1884 : &data_size, NULL, NULL)) {
1885 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1886 : }
1887 : ((libspdm_context_t *)spdm_context)
1888 1 : ->local_context.local_cert_chain_provision_size[0] = data_size;
1889 : ((libspdm_context_t *)spdm_context)
1890 1 : ->local_context.local_cert_chain_provision[0] = data;
1891 : ((libspdm_context_t *)spdm_context)
1892 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1893 : ((libspdm_context_t *)spdm_context)
1894 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1895 1 : spdm_response_size = sizeof(spdm_challenge_auth_response_t) +
1896 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
1897 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 +
1898 1 : libspdm_get_asym_signature_size(m_libspdm_use_asym_algo) +
1899 : SPDM_REQ_CONTEXT_SIZE;
1900 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1901 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1902 :
1903 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
1904 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
1905 1 : spdm_response->header.param1 = slot_id;
1906 1 : spdm_response->header.param2 = (1 << slot_id);
1907 1 : ptr = (void *)(spdm_response + 1);
1908 1 : libspdm_hash_all(
1909 : m_libspdm_use_hash_algo,
1910 : ((libspdm_context_t *)spdm_context)
1911 : ->local_context.local_cert_chain_provision[slot_id],
1912 : ((libspdm_context_t *)spdm_context)
1913 : ->local_context
1914 : .local_cert_chain_provision_size[slot_id],
1915 : ptr);
1916 1 : free(data);
1917 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
1918 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
1919 1 : ptr += SPDM_NONCE_SIZE;
1920 1 : libspdm_write_uint16(ptr, 0);
1921 1 : ptr += sizeof(uint16_t);
1922 1 : libspdm_get_random_number(SPDM_REQ_CONTEXT_SIZE,ptr);
1923 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
1924 :
1925 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1926 : sizeof(m_libspdm_local_buffer) -
1927 1 : (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1928 : m_libspdm_local_buffer),
1929 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1930 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1931 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1932 : m_libspdm_local_buffer_size));
1933 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1934 1 : libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_buffer,
1935 : m_libspdm_local_buffer_size, hash_data);
1936 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HashDataSize (0x%x):\n",
1937 : libspdm_get_hash_size(m_libspdm_use_hash_algo)));
1938 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1939 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1940 1 : libspdm_responder_data_sign(
1941 : spdm_context,
1942 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1943 : 0, SPDM_CHALLENGE_AUTH,
1944 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1945 : false, m_libspdm_local_buffer, m_libspdm_local_buffer_size,
1946 : ptr, &sig_size);
1947 1 : ptr += sig_size;
1948 :
1949 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1950 : false, spdm_response_size,
1951 : spdm_response, response_size,
1952 : response);
1953 : }
1954 1 : return LIBSPDM_STATUS_SUCCESS;
1955 0 : default:
1956 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1957 : }
1958 : }
1959 :
1960 : /**
1961 : * Test 1: when no CHALLENGE_AUTH message is received, and the client returns a
1962 : * device error.
1963 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1964 : **/
1965 1 : static void req_challenge_case1(void **state)
1966 : {
1967 : libspdm_return_t status;
1968 : libspdm_test_context_t *spdm_test_context;
1969 : libspdm_context_t *spdm_context;
1970 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
1971 : void *data;
1972 : size_t data_size;
1973 : void *hash;
1974 : size_t hash_size;
1975 :
1976 1 : spdm_test_context = *state;
1977 1 : spdm_context = spdm_test_context->spdm_context;
1978 1 : spdm_test_context->case_id = 0x1;
1979 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1980 1 : spdm_context->connection_info.capability.flags = 0;
1981 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
1982 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1983 : m_libspdm_use_asym_algo, &data,
1984 : &data_size, &hash, &hash_size)) {
1985 0 : assert(false);
1986 : }
1987 1 : libspdm_reset_message_a(spdm_context);
1988 1 : libspdm_reset_message_b(spdm_context);
1989 1 : libspdm_reset_message_c(spdm_context);
1990 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1991 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1992 :
1993 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1994 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1995 :
1996 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1997 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1998 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1999 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2000 : data, data_size);
2001 : #else
2002 1 : libspdm_hash_all(
2003 : spdm_context->connection_info.algorithm.base_hash_algo,
2004 : data, data_size,
2005 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2006 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2007 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2008 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2009 : spdm_context->connection_info.algorithm.base_hash_algo,
2010 : spdm_context->connection_info.algorithm.base_asym_algo,
2011 : data, data_size,
2012 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2013 : #endif
2014 :
2015 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2016 1 : status = libspdm_challenge(
2017 : spdm_context, NULL, 0,
2018 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2019 : measurement_hash, NULL);
2020 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
2021 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2022 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2023 : #endif
2024 1 : free(data);
2025 1 : }
2026 :
2027 : /**
2028 : * Test 2: the requester is setup correctly to send a CHALLENGE message:
2029 : * - it has flags indicating that the previous messages were sent
2030 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2031 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2032 : * signature algorithms, and the use of challenges.
2033 : * - it has the responder's certificate chain.
2034 : * The CHALLENGE message requests usage of the first certificate in the chain
2035 : * (param1=0) and do not request measurements (param2=0).
2036 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2037 : * no opaque data and a signature on the sent nonce.
2038 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2039 : **/
2040 1 : static void req_challenge_case2(void **state)
2041 : {
2042 : libspdm_return_t status;
2043 : libspdm_test_context_t *spdm_test_context;
2044 : libspdm_context_t *spdm_context;
2045 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2046 : void *data;
2047 : size_t data_size;
2048 : void *hash;
2049 : size_t hash_size;
2050 :
2051 1 : spdm_test_context = *state;
2052 1 : spdm_context = spdm_test_context->spdm_context;
2053 1 : spdm_test_context->case_id = 0x2;
2054 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2055 1 : spdm_context->connection_info.capability.flags = 0;
2056 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2057 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2058 : m_libspdm_use_asym_algo, &data,
2059 : &data_size, &hash, &hash_size)) {
2060 0 : assert(false);
2061 : }
2062 1 : libspdm_reset_message_a(spdm_context);
2063 1 : libspdm_reset_message_b(spdm_context);
2064 1 : libspdm_reset_message_c(spdm_context);
2065 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2066 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2067 :
2068 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2069 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2070 :
2071 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2072 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2073 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2074 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2075 : data, data_size);
2076 : #else
2077 1 : libspdm_hash_all(
2078 : spdm_context->connection_info.algorithm.base_hash_algo,
2079 : data, data_size,
2080 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2081 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2082 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2083 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2084 : spdm_context->connection_info.algorithm.base_hash_algo,
2085 : spdm_context->connection_info.algorithm.base_asym_algo,
2086 : data, data_size,
2087 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2088 : #endif
2089 :
2090 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2091 1 : status = libspdm_challenge(
2092 : spdm_context, NULL, 0,
2093 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2094 : measurement_hash, NULL);
2095 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2096 :
2097 : /* Completion of CHALLENGE sets M1/M2 to null. */
2098 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2099 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2100 : #else
2101 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
2102 : #endif
2103 1 : free(data);
2104 1 : }
2105 :
2106 : /**
2107 : * Test 3: the requester is not setup correctly to send a CHALLENGE message:
2108 : * - it has *no* flags indicating that the previous messages were sent
2109 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS); but
2110 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2111 : * signature algorithms, and the use of challenges.
2112 : * - it has the responder's certificate chain.
2113 : * The CHALLENGE message requests usage of the first certificate in the chain
2114 : * (param1=0) and do not request measurements (param2=0).
2115 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
2116 : * no opaque data and a signature on the sent nonce.
2117 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2118 : * transcript buffer is not set.
2119 : **/
2120 1 : static void req_challenge_case3(void **state)
2121 : {
2122 : libspdm_return_t status;
2123 : libspdm_test_context_t *spdm_test_context;
2124 : libspdm_context_t *spdm_context;
2125 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2126 : void *data;
2127 : size_t data_size;
2128 : void *hash;
2129 : size_t hash_size;
2130 :
2131 1 : spdm_test_context = *state;
2132 1 : spdm_context = spdm_test_context->spdm_context;
2133 1 : spdm_test_context->case_id = 0x3;
2134 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
2135 1 : spdm_context->connection_info.capability.flags = 0;
2136 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2137 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2138 : m_libspdm_use_asym_algo, &data,
2139 : &data_size, &hash, &hash_size)) {
2140 0 : assert(false);
2141 : }
2142 1 : libspdm_reset_message_a(spdm_context);
2143 1 : libspdm_reset_message_b(spdm_context);
2144 1 : libspdm_reset_message_c(spdm_context);
2145 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2146 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2147 :
2148 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2149 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2150 :
2151 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2152 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2153 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2154 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2155 : data, data_size);
2156 : #else
2157 1 : libspdm_hash_all(
2158 : spdm_context->connection_info.algorithm.base_hash_algo,
2159 : data, data_size,
2160 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2161 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2162 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2163 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2164 : spdm_context->connection_info.algorithm.base_hash_algo,
2165 : spdm_context->connection_info.algorithm.base_asym_algo,
2166 : data, data_size,
2167 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2168 : #endif
2169 :
2170 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2171 1 : status = libspdm_challenge(
2172 : spdm_context, NULL, 0,
2173 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2174 : measurement_hash, NULL);
2175 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2176 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2177 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2178 : #endif
2179 1 : free(data);
2180 1 : }
2181 :
2182 : /**
2183 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
2184 : * message indicating InvalidParameters.
2185 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2186 : * transcript buffer is reset.
2187 : **/
2188 1 : static void req_challenge_case4(void **state)
2189 : {
2190 : libspdm_return_t status;
2191 : libspdm_test_context_t *spdm_test_context;
2192 : libspdm_context_t *spdm_context;
2193 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2194 : void *data;
2195 : size_t data_size;
2196 : void *hash;
2197 : size_t hash_size;
2198 :
2199 1 : spdm_test_context = *state;
2200 1 : spdm_context = spdm_test_context->spdm_context;
2201 1 : spdm_test_context->case_id = 0x4;
2202 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2203 1 : spdm_context->connection_info.capability.flags = 0;
2204 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2205 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2206 : m_libspdm_use_asym_algo, &data,
2207 : &data_size, &hash, &hash_size)) {
2208 0 : assert(false);
2209 : }
2210 1 : libspdm_reset_message_a(spdm_context);
2211 1 : libspdm_reset_message_b(spdm_context);
2212 1 : libspdm_reset_message_c(spdm_context);
2213 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2214 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2215 :
2216 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2217 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2218 :
2219 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2220 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2221 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2222 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2223 : data, data_size);
2224 : #else
2225 1 : libspdm_hash_all(
2226 : spdm_context->connection_info.algorithm.base_hash_algo,
2227 : data, data_size,
2228 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2229 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2230 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2231 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2232 : spdm_context->connection_info.algorithm.base_hash_algo,
2233 : spdm_context->connection_info.algorithm.base_asym_algo,
2234 : data, data_size,
2235 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2236 : #endif
2237 :
2238 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2239 1 : status = libspdm_challenge(
2240 : spdm_context, NULL, 0,
2241 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2242 : measurement_hash, NULL);
2243 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
2244 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2245 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2246 : #endif
2247 1 : free(data);
2248 1 : }
2249 :
2250 : /**
2251 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
2252 : * message indicating the Busy status of the responder.
2253 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2254 : * transcript buffer is reset.
2255 : **/
2256 1 : static void req_challenge_case5(void **state)
2257 : {
2258 : libspdm_return_t status;
2259 : libspdm_test_context_t *spdm_test_context;
2260 : libspdm_context_t *spdm_context;
2261 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2262 : void *data;
2263 : size_t data_size;
2264 : void *hash;
2265 : size_t hash_size;
2266 :
2267 1 : spdm_test_context = *state;
2268 1 : spdm_context = spdm_test_context->spdm_context;
2269 1 : spdm_test_context->case_id = 0x5;
2270 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2271 1 : spdm_context->connection_info.capability.flags = 0;
2272 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2273 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2274 : m_libspdm_use_asym_algo, &data,
2275 : &data_size, &hash, &hash_size)) {
2276 0 : assert(false);
2277 : }
2278 1 : libspdm_reset_message_a(spdm_context);
2279 1 : libspdm_reset_message_b(spdm_context);
2280 1 : libspdm_reset_message_c(spdm_context);
2281 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2282 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2283 :
2284 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2285 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2286 :
2287 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2288 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2289 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2290 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2291 : data, data_size);
2292 : #else
2293 1 : libspdm_hash_all(
2294 : spdm_context->connection_info.algorithm.base_hash_algo,
2295 : data, data_size,
2296 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2297 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2298 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2299 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2300 : spdm_context->connection_info.algorithm.base_hash_algo,
2301 : spdm_context->connection_info.algorithm.base_asym_algo,
2302 : data, data_size,
2303 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2304 : #endif
2305 :
2306 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2307 1 : status = libspdm_challenge(
2308 : spdm_context, NULL, 0,
2309 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2310 : measurement_hash, NULL);
2311 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2312 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2313 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2314 : #endif
2315 1 : free(data);
2316 1 : }
2317 :
2318 : /**
2319 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2320 : * receiving a Busy ERROR message, and on retry, receiving a correct CHALLENGE_AUTH
2321 : * message to the challenge, with no opaque data and a signature on the sent nonce.
2322 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2323 : **/
2324 1 : static void req_challenge_case6(void **state)
2325 : {
2326 : libspdm_return_t status;
2327 : libspdm_test_context_t *spdm_test_context;
2328 : libspdm_context_t *spdm_context;
2329 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2330 : void *data;
2331 : size_t data_size;
2332 : void *hash;
2333 : size_t hash_size;
2334 :
2335 1 : spdm_test_context = *state;
2336 1 : spdm_context = spdm_test_context->spdm_context;
2337 1 : spdm_test_context->case_id = 0x6;
2338 1 : spdm_context->retry_times = 3;
2339 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2340 1 : spdm_context->connection_info.capability.flags = 0;
2341 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2342 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2343 : m_libspdm_use_asym_algo, &data,
2344 : &data_size, &hash, &hash_size)) {
2345 0 : assert(false);
2346 : }
2347 1 : libspdm_reset_message_a(spdm_context);
2348 1 : libspdm_reset_message_b(spdm_context);
2349 1 : libspdm_reset_message_c(spdm_context);
2350 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2351 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2352 :
2353 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2354 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2355 :
2356 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2357 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2358 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2359 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2360 : data, data_size);
2361 : #else
2362 1 : libspdm_hash_all(
2363 : spdm_context->connection_info.algorithm.base_hash_algo,
2364 : data, data_size,
2365 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2366 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2367 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2368 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2369 : spdm_context->connection_info.algorithm.base_hash_algo,
2370 : spdm_context->connection_info.algorithm.base_asym_algo,
2371 : data, data_size,
2372 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2373 : #endif
2374 :
2375 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2376 1 : status = libspdm_challenge(
2377 : spdm_context, NULL, 0,
2378 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2379 : measurement_hash, NULL);
2380 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2381 1 : free(data);
2382 1 : }
2383 :
2384 : /**
2385 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2386 : * message indicating the RequestResynch status of the responder.
2387 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, the "C"
2388 : * transcript buffer is reset, and the communication is reset to expect a new
2389 : * GET_VERSION message.
2390 : **/
2391 1 : static void req_challenge_case7(void **state)
2392 : {
2393 : libspdm_return_t status;
2394 : libspdm_test_context_t *spdm_test_context;
2395 : libspdm_context_t *spdm_context;
2396 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2397 : void *data;
2398 : size_t data_size;
2399 : void *hash;
2400 : size_t hash_size;
2401 :
2402 1 : spdm_test_context = *state;
2403 1 : spdm_context = spdm_test_context->spdm_context;
2404 1 : spdm_test_context->case_id = 0x7;
2405 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2406 1 : spdm_context->connection_info.capability.flags = 0;
2407 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2408 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2409 : m_libspdm_use_asym_algo, &data,
2410 : &data_size, &hash, &hash_size)) {
2411 0 : assert(false);
2412 : }
2413 1 : libspdm_reset_message_a(spdm_context);
2414 1 : libspdm_reset_message_b(spdm_context);
2415 1 : libspdm_reset_message_c(spdm_context);
2416 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2417 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2418 :
2419 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2420 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2421 :
2422 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2423 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2424 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2425 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2426 : data, data_size);
2427 : #else
2428 1 : libspdm_hash_all(
2429 : spdm_context->connection_info.algorithm.base_hash_algo,
2430 : data, data_size,
2431 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2432 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2433 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2434 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2435 : spdm_context->connection_info.algorithm.base_hash_algo,
2436 : spdm_context->connection_info.algorithm.base_asym_algo,
2437 : data, data_size,
2438 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2439 : #endif
2440 :
2441 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2442 1 : status = libspdm_challenge(
2443 : spdm_context, NULL, 0,
2444 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2445 : measurement_hash, NULL);
2446 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2447 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2448 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2449 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2450 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2451 : #endif
2452 1 : free(data);
2453 1 : }
2454 :
2455 : /**
2456 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2457 : * message indicating the ResponseNotReady status of the responder.
2458 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2459 : * buffer stores nothing.
2460 : **/
2461 1 : static void req_challenge_case8(void **state)
2462 : {
2463 : libspdm_return_t status;
2464 : libspdm_test_context_t *spdm_test_context;
2465 : libspdm_context_t *spdm_context;
2466 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2467 : void *data;
2468 : size_t data_size;
2469 : void *hash;
2470 : size_t hash_size;
2471 :
2472 1 : spdm_test_context = *state;
2473 1 : spdm_context = spdm_test_context->spdm_context;
2474 1 : spdm_test_context->case_id = 0x8;
2475 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2476 1 : spdm_context->connection_info.capability.flags = 0;
2477 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2478 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2479 : m_libspdm_use_asym_algo, &data,
2480 : &data_size, &hash, &hash_size)) {
2481 0 : assert(false);
2482 : }
2483 1 : libspdm_reset_message_a(spdm_context);
2484 1 : libspdm_reset_message_b(spdm_context);
2485 1 : libspdm_reset_message_c(spdm_context);
2486 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2487 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2488 :
2489 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2490 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2491 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2492 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2493 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2494 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2495 : data, data_size);
2496 : #else
2497 1 : libspdm_hash_all(
2498 : spdm_context->connection_info.algorithm.base_hash_algo,
2499 : data, data_size,
2500 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2501 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2502 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2503 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2504 : spdm_context->connection_info.algorithm.base_hash_algo,
2505 : spdm_context->connection_info.algorithm.base_asym_algo,
2506 : data, data_size,
2507 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2508 : #endif
2509 :
2510 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2511 :
2512 1 : status = libspdm_challenge(
2513 : spdm_context, NULL, 0,
2514 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2515 : measurement_hash, NULL);
2516 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2517 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2518 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2519 : #endif
2520 1 : free(data);
2521 1 : }
2522 :
2523 : /**
2524 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2525 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2526 : * CHALLENGE_AUTH message to the challenge, with no opaque data and a signature
2527 : * on the sent nonce.
2528 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2529 : **/
2530 1 : static void req_challenge_case9(void **state)
2531 : {
2532 : libspdm_return_t status;
2533 : libspdm_test_context_t *spdm_test_context;
2534 : libspdm_context_t *spdm_context;
2535 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2536 : void *data;
2537 : size_t data_size;
2538 : void *hash;
2539 : size_t hash_size;
2540 :
2541 1 : spdm_test_context = *state;
2542 1 : spdm_context = spdm_test_context->spdm_context;
2543 1 : spdm_test_context->case_id = 0x9;
2544 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2545 1 : spdm_context->connection_info.capability.flags = 0;
2546 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2547 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2548 : m_libspdm_use_asym_algo, &data,
2549 : &data_size, &hash, &hash_size)) {
2550 0 : assert(false);
2551 : }
2552 1 : libspdm_reset_message_a(spdm_context);
2553 1 : libspdm_reset_message_b(spdm_context);
2554 1 : libspdm_reset_message_c(spdm_context);
2555 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2556 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2557 :
2558 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2559 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2560 :
2561 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2562 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2563 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2564 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2565 : data, data_size);
2566 : #else
2567 1 : libspdm_hash_all(
2568 : spdm_context->connection_info.algorithm.base_hash_algo,
2569 : data, data_size,
2570 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2571 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2572 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2573 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2574 : spdm_context->connection_info.algorithm.base_hash_algo,
2575 : spdm_context->connection_info.algorithm.base_asym_algo,
2576 : data, data_size,
2577 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2578 : #endif
2579 :
2580 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
2581 1 : status = libspdm_challenge(
2582 : spdm_context, NULL, 0,
2583 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2584 : measurement_hash, NULL);
2585 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2586 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2587 : } else {
2588 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2589 : }
2590 1 : free(data);
2591 1 : }
2592 :
2593 : /**
2594 : * Test 10: the requester is not setup correctly to send a CHALLENGE message.
2595 : * Specifically, it has *not* received the capability for challenge, although it
2596 : * has received capability for executing both hash and signature algorithms.
2597 : * The remaining setup and message exchange were executed correctly (see Test 2).
2598 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR, and the "C"
2599 : * transcript buffer is not set.
2600 : **/
2601 1 : static void req_challenge_case10(void **state) {
2602 : libspdm_return_t status;
2603 : libspdm_test_context_t *spdm_test_context;
2604 : libspdm_context_t *spdm_context;
2605 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2606 : void *data;
2607 : size_t data_size;
2608 : void *hash;
2609 : size_t hash_size;
2610 :
2611 1 : spdm_test_context = *state;
2612 1 : spdm_context = spdm_test_context->spdm_context;
2613 1 : spdm_test_context->case_id = 0xA;
2614 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2615 1 : spdm_context->connection_info.capability.flags = 0;
2616 : /* spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;*/
2617 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2618 : m_libspdm_use_asym_algo,
2619 : &data, &data_size,
2620 : &hash, &hash_size);
2621 1 : libspdm_reset_message_a(spdm_context);
2622 1 : libspdm_reset_message_b(spdm_context);
2623 1 : libspdm_reset_message_c(spdm_context);
2624 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2625 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2626 :
2627 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2628 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2629 :
2630 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2631 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2632 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2633 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2634 : data, data_size);
2635 : #else
2636 1 : libspdm_hash_all(
2637 : spdm_context->connection_info.algorithm.base_hash_algo,
2638 : data, data_size,
2639 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2640 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2641 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2642 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2643 : spdm_context->connection_info.algorithm.base_hash_algo,
2644 : spdm_context->connection_info.algorithm.base_asym_algo,
2645 : data, data_size,
2646 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2647 : #endif
2648 :
2649 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2650 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2651 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2652 : measurement_hash, NULL);
2653 1 : assert_int_equal (status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2654 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2655 : assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);
2656 : #endif
2657 1 : free(data);
2658 1 : }
2659 :
2660 : /**
2661 : * Test 11: the requester is setup correctly (see Test 2), but receives a malformed
2662 : * response message, smaller then a standard SPDM message header.
2663 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR,.
2664 : **/
2665 1 : static void req_challenge_case11(void **state) {
2666 : libspdm_return_t status;
2667 : libspdm_test_context_t *spdm_test_context;
2668 : libspdm_context_t *spdm_context;
2669 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2670 : void *data;
2671 : size_t data_size;
2672 : void *hash;
2673 : size_t hash_size;
2674 :
2675 1 : spdm_test_context = *state;
2676 1 : spdm_context = spdm_test_context->spdm_context;
2677 1 : spdm_test_context->case_id = 0xB;
2678 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2679 1 : spdm_context->connection_info.capability.flags = 0;
2680 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2681 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2682 : m_libspdm_use_asym_algo,
2683 : &data, &data_size,
2684 : &hash, &hash_size);
2685 1 : libspdm_reset_message_a(spdm_context);
2686 1 : libspdm_reset_message_b(spdm_context);
2687 1 : libspdm_reset_message_c(spdm_context);
2688 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2689 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2690 :
2691 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2692 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2693 :
2694 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2695 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2696 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2697 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2698 : data, data_size);
2699 : #else
2700 1 : libspdm_hash_all(
2701 : spdm_context->connection_info.algorithm.base_hash_algo,
2702 : data, data_size,
2703 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2704 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2705 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2706 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2707 : spdm_context->connection_info.algorithm.base_hash_algo,
2708 : spdm_context->connection_info.algorithm.base_asym_algo,
2709 : data, data_size,
2710 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2711 : #endif
2712 :
2713 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2714 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2715 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2716 : measurement_hash, NULL);
2717 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2718 1 : free(data);
2719 1 : }
2720 :
2721 : /**
2722 : * Test 12: the requester is setup correctly (see Test 2), but receives a malformed
2723 : * response message, with version (1.0) different from the request (1.1).
2724 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2725 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2726 : **/
2727 1 : static void req_challenge_case12(void **state) {
2728 : libspdm_return_t status;
2729 : libspdm_test_context_t *spdm_test_context;
2730 : libspdm_context_t *spdm_context;
2731 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2732 : void *data;
2733 : size_t data_size;
2734 : void *hash;
2735 : size_t hash_size;
2736 :
2737 1 : spdm_test_context = *state;
2738 1 : spdm_context = spdm_test_context->spdm_context;
2739 1 : spdm_test_context->case_id = 0xC;
2740 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2741 1 : spdm_context->connection_info.capability.flags = 0;
2742 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2743 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2744 : m_libspdm_use_asym_algo,
2745 : &data, &data_size,
2746 : &hash, &hash_size);
2747 1 : libspdm_reset_message_a(spdm_context);
2748 1 : libspdm_reset_message_b(spdm_context);
2749 1 : libspdm_reset_message_c(spdm_context);
2750 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2751 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2752 :
2753 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2754 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2755 :
2756 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2757 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2758 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2759 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2760 : data, data_size);
2761 : #else
2762 1 : libspdm_hash_all(
2763 : spdm_context->connection_info.algorithm.base_hash_algo,
2764 : data, data_size,
2765 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2766 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2767 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2768 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2769 : spdm_context->connection_info.algorithm.base_hash_algo,
2770 : spdm_context->connection_info.algorithm.base_asym_algo,
2771 : data, data_size,
2772 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2773 : #endif
2774 :
2775 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2776 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2777 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2778 : measurement_hash, NULL);
2779 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2780 1 : free(data);
2781 1 : }
2782 :
2783 : /**
2784 : * Test 13: the requester is setup correctly (see Test 2), but receives a malformed
2785 : * response message, with wrong request_response_code (CHALLENGE 0x83 instead of
2786 : * CHALLENGE_AUTH 0x03).
2787 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2788 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2789 : **/
2790 1 : static void req_challenge_case13(void **state) {
2791 : libspdm_return_t status;
2792 : libspdm_test_context_t *spdm_test_context;
2793 : libspdm_context_t *spdm_context;
2794 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2795 : void *data;
2796 : size_t data_size;
2797 : void *hash;
2798 : size_t hash_size;
2799 :
2800 1 : spdm_test_context = *state;
2801 1 : spdm_context = spdm_test_context->spdm_context;
2802 1 : spdm_test_context->case_id = 0xD;
2803 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2804 1 : spdm_context->connection_info.capability.flags = 0;
2805 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2806 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2807 : m_libspdm_use_asym_algo,
2808 : &data, &data_size,
2809 : &hash, &hash_size);
2810 1 : libspdm_reset_message_a(spdm_context);
2811 1 : libspdm_reset_message_b(spdm_context);
2812 1 : libspdm_reset_message_c(spdm_context);
2813 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2814 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2815 :
2816 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2817 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2818 :
2819 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2820 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2821 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2822 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2823 : data, data_size);
2824 : #else
2825 1 : libspdm_hash_all(
2826 : spdm_context->connection_info.algorithm.base_hash_algo,
2827 : data, data_size,
2828 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2829 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2830 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2831 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2832 : spdm_context->connection_info.algorithm.base_hash_algo,
2833 : spdm_context->connection_info.algorithm.base_asym_algo,
2834 : data, data_size,
2835 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2836 : #endif
2837 :
2838 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2839 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2840 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2841 : measurement_hash, NULL);
2842 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2843 1 : free(data);
2844 1 : }
2845 :
2846 : /**
2847 : * Test 14: the requester is setup correctly (see Test 2), but receives a malformed
2848 : * response message, with a slot number different from the requested.
2849 : * The remaining message data is as a correct CHALLENGE_AUTH message.
2850 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2851 : **/
2852 1 : static void req_challenge_case14(void **state) {
2853 : libspdm_return_t status;
2854 : libspdm_test_context_t *spdm_test_context;
2855 : libspdm_context_t *spdm_context;
2856 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2857 : void *data;
2858 : size_t data_size;
2859 : void *hash;
2860 : size_t hash_size;
2861 :
2862 1 : spdm_test_context = *state;
2863 1 : spdm_context = spdm_test_context->spdm_context;
2864 1 : spdm_test_context->case_id = 0xE;
2865 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2866 1 : spdm_context->connection_info.capability.flags = 0;
2867 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2868 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2869 : m_libspdm_use_asym_algo,
2870 : &data, &data_size,
2871 : &hash, &hash_size);
2872 1 : libspdm_reset_message_a(spdm_context);
2873 1 : libspdm_reset_message_b(spdm_context);
2874 1 : libspdm_reset_message_c(spdm_context);
2875 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2876 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2877 :
2878 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2879 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2880 :
2881 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2882 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2883 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2884 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2885 : data, data_size);
2886 : #else
2887 1 : libspdm_hash_all(
2888 : spdm_context->connection_info.algorithm.base_hash_algo,
2889 : data, data_size,
2890 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2891 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2892 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2893 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2894 : spdm_context->connection_info.algorithm.base_hash_algo,
2895 : spdm_context->connection_info.algorithm.base_asym_algo,
2896 : data, data_size,
2897 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2898 : #endif
2899 :
2900 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2901 1 : status = libspdm_challenge (spdm_context, NULL, 0,
2902 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2903 : measurement_hash, NULL);
2904 1 : assert_int_equal (status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2905 1 : free(data);
2906 1 : }
2907 :
2908 : /**
2909 : * Test 15: free to be populated by test.
2910 : **/
2911 1 : static void req_challenge_case15(void **state) {
2912 1 : }
2913 :
2914 : /**
2915 : * Test 16: the requester is setup correctly to send a CHALLENGE message:
2916 : * - it has flags indicating that the previous messages were sent
2917 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2918 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2919 : * signature algorithms, and the use of challenges.
2920 : * - it has the responder's certificate chain.
2921 : * The CHALLENGE message requests usage of the first certificate in the chain
2922 : * (param1=0) and do not request measurements (param2=0).
2923 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
2924 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
2925 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
2926 : **/
2927 1 : static void req_challenge_case16(void **state) {
2928 : libspdm_return_t status;
2929 : libspdm_test_context_t *spdm_test_context;
2930 : libspdm_context_t *spdm_context;
2931 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
2932 : void *data;
2933 : size_t data_size;
2934 : void *hash;
2935 : size_t hash_size;
2936 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
2937 : size_t opaque_data_size;
2938 :
2939 1 : spdm_test_context = *state;
2940 1 : spdm_context = spdm_test_context->spdm_context;
2941 1 : spdm_test_context->case_id = 0x10;
2942 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2943 1 : spdm_context->connection_info.capability.flags = 0;
2944 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
2945 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2946 : m_libspdm_use_asym_algo,
2947 : &data, &data_size,
2948 : &hash, &hash_size);
2949 1 : libspdm_reset_message_a(spdm_context);
2950 1 : libspdm_reset_message_b(spdm_context);
2951 1 : libspdm_reset_message_c(spdm_context);
2952 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2953 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2954 :
2955 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2956 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2957 :
2958 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2959 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2960 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2961 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2962 : data, data_size);
2963 : #else
2964 1 : libspdm_hash_all(
2965 : spdm_context->connection_info.algorithm.base_hash_algo,
2966 : data, data_size,
2967 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2968 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2969 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2970 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2971 : spdm_context->connection_info.algorithm.base_hash_algo,
2972 : spdm_context->connection_info.algorithm.base_asym_algo,
2973 : data, data_size,
2974 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2975 : #endif
2976 :
2977 1 : opaque_data_size = sizeof(opaque_data);
2978 :
2979 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
2980 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
2981 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
2982 : measurement_hash, NULL, NULL, NULL, NULL,
2983 : opaque_data, &opaque_data_size);
2984 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2985 1 : assert_int_equal(opaque_data_size, strlen("libspdm"));
2986 1 : assert_memory_equal(opaque_data, "libspdm", opaque_data_size);
2987 1 : free(data);
2988 1 : }
2989 :
2990 : /**
2991 : * Test 17: the requester is setup correctly to send a CHALLENGE message:
2992 : * - it has flags indicating that the previous messages were sent
2993 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
2994 : * - it received the CAPABILITIES message, allowing the use of hash and digital
2995 : * signature algorithms, and the use of challenges.
2996 : * - it has the responder's certificate chain.
2997 : * The CHALLENGE message requests usage of the first certificate in the chain
2998 : * (param1=0) and do not request measurements (param2=0).
2999 : * The received CHALLENGE_AUTH message correctly responds to the challenge,
3000 : * but with an invalid signature.
3001 : * Expected behavior: client returns a status of RETURN_SECURITY_VIOLATION.
3002 : **/
3003 1 : static void req_challenge_case17(void **state) {
3004 : libspdm_return_t status;
3005 : libspdm_test_context_t *spdm_test_context;
3006 : libspdm_context_t *spdm_context;
3007 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3008 : void *data;
3009 : size_t data_size;
3010 : void *hash;
3011 : size_t hash_size;
3012 :
3013 1 : spdm_test_context = *state;
3014 1 : spdm_context = spdm_test_context->spdm_context;
3015 1 : spdm_test_context->case_id = 0x11;
3016 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3017 1 : spdm_context->connection_info.capability.flags = 0;
3018 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3019 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3020 : m_libspdm_use_asym_algo,
3021 : &data, &data_size,
3022 : &hash, &hash_size);
3023 1 : libspdm_reset_message_a(spdm_context);
3024 1 : libspdm_reset_message_b(spdm_context);
3025 1 : libspdm_reset_message_c(spdm_context);
3026 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3027 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3028 :
3029 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3030 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3031 :
3032 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3033 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3034 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3035 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3036 : data, data_size);
3037 : #else
3038 1 : libspdm_hash_all(
3039 : spdm_context->connection_info.algorithm.base_hash_algo,
3040 : data, data_size,
3041 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3042 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3043 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3044 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3045 : spdm_context->connection_info.algorithm.base_hash_algo,
3046 : spdm_context->connection_info.algorithm.base_asym_algo,
3047 : data, data_size,
3048 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3049 : #endif
3050 :
3051 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3052 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3053 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3054 : measurement_hash, NULL);
3055 1 : assert_int_equal (status, LIBSPDM_STATUS_VERIF_FAIL);
3056 1 : free(data);
3057 1 : }
3058 :
3059 : /**
3060 : * Test 18: the requester is setup correctly to send a CHALLENGE message:
3061 : * - it has flags indicating that the previous messages were sent
3062 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3063 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3064 : * signature algorithms, the use of challenges, and of measurements.
3065 : * - it has the responder's certificate chain.
3066 : * The CHALLENGE message requests usage of the first certificate in the chain
3067 : * (param1=0) and request TCB measurements (param2=1).
3068 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3069 : * no opaque data and a signature on the sent nonce.
3070 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3071 : **/
3072 1 : static void req_challenge_case18(void **state) {
3073 : libspdm_return_t status;
3074 : libspdm_test_context_t *spdm_test_context;
3075 : libspdm_context_t *spdm_context;
3076 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3077 : void *data;
3078 : size_t data_size;
3079 : void *hash;
3080 : size_t hash_size;
3081 :
3082 1 : spdm_test_context = *state;
3083 1 : spdm_context = spdm_test_context->spdm_context;
3084 1 : spdm_test_context->case_id = 0x12;
3085 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3086 1 : spdm_context->connection_info.capability.flags = 0;
3087 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3088 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3089 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3090 : m_libspdm_use_asym_algo,
3091 : &data, &data_size,
3092 : &hash, &hash_size);
3093 1 : libspdm_reset_message_a(spdm_context);
3094 1 : libspdm_reset_message_b(spdm_context);
3095 1 : libspdm_reset_message_c(spdm_context);
3096 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3097 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3098 :
3099 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3100 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3101 :
3102 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3103 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3104 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3105 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3106 : data, data_size);
3107 : #else
3108 1 : libspdm_hash_all(
3109 : spdm_context->connection_info.algorithm.base_hash_algo,
3110 : data, data_size,
3111 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3112 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3113 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3114 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3115 : spdm_context->connection_info.algorithm.base_hash_algo,
3116 : spdm_context->connection_info.algorithm.base_asym_algo,
3117 : data, data_size,
3118 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3119 : #endif
3120 :
3121 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3122 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3123 : SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH,
3124 : measurement_hash, NULL);
3125 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3126 1 : }
3127 :
3128 : /**
3129 : * Test 19: the requester is setup correctly to send a CHALLENGE message:
3130 : * - it has flags indicating that the previous messages were sent
3131 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3132 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3133 : * signature algorithms, the use of challenges, and of measurements.
3134 : * - it has the responder's certificate chain.
3135 : * The CHALLENGE message requests usage of the first certificate in the chain
3136 : * (param1=0) and request TCB measurements (param2=1).
3137 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3138 : * no opaque data and a signature on the sent nonce.
3139 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3140 : **/
3141 1 : static void req_challenge_case19(void **state) {
3142 : libspdm_return_t status;
3143 : libspdm_test_context_t *spdm_test_context;
3144 : libspdm_context_t *spdm_context;
3145 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3146 : void *data;
3147 : size_t data_size;
3148 : void *hash;
3149 : size_t hash_size;
3150 :
3151 1 : spdm_test_context = *state;
3152 1 : spdm_context = spdm_test_context->spdm_context;
3153 1 : spdm_test_context->case_id = 0x13;
3154 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3155 1 : spdm_context->connection_info.capability.flags = 0;
3156 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3157 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; /*additional measurement capability*/
3158 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3159 : m_libspdm_use_asym_algo,
3160 : &data, &data_size,
3161 : &hash, &hash_size);
3162 1 : libspdm_reset_message_a(spdm_context);
3163 1 : libspdm_reset_message_b(spdm_context);
3164 1 : libspdm_reset_message_c(spdm_context);
3165 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3166 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3167 :
3168 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3169 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3170 :
3171 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3172 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3173 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3174 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3175 : data, data_size);
3176 : #else
3177 1 : libspdm_hash_all(
3178 : spdm_context->connection_info.algorithm.base_hash_algo,
3179 : data, data_size,
3180 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3181 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3182 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3183 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3184 : spdm_context->connection_info.algorithm.base_hash_algo,
3185 : spdm_context->connection_info.algorithm.base_asym_algo,
3186 : data, data_size,
3187 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3188 : #endif
3189 :
3190 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3191 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3192 : SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH,
3193 : measurement_hash, NULL);
3194 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3195 1 : }
3196 :
3197 : /**
3198 : * Test 20: receiving an unexpected ERROR message from the responder.
3199 : * There are tests for all named codes, including some reserved ones
3200 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
3201 : * However, for having specific test cases, it is excluded from this case:
3202 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
3203 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
3204 : **/
3205 1 : static void req_challenge_case20(void **state) {
3206 : libspdm_return_t status;
3207 : libspdm_test_context_t *spdm_test_context;
3208 : libspdm_context_t *spdm_context;
3209 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3210 : void *data;
3211 : size_t data_size;
3212 : void *hash;
3213 : size_t hash_size;
3214 : uint16_t error_code;
3215 :
3216 1 : spdm_test_context = *state;
3217 1 : spdm_context = spdm_test_context->spdm_context;
3218 1 : spdm_test_context->case_id = 0x14;
3219 1 : spdm_context->connection_info.capability.flags = 0;
3220 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3221 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3222 : m_libspdm_use_asym_algo,
3223 : &data, &data_size,
3224 : &hash, &hash_size);
3225 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3226 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3227 :
3228 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3229 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3230 :
3231 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3232 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3233 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3234 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3235 : data, data_size);
3236 : #else
3237 1 : libspdm_hash_all(
3238 : spdm_context->connection_info.algorithm.base_hash_algo,
3239 : data, data_size,
3240 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3241 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3242 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3243 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3244 : spdm_context->connection_info.algorithm.base_hash_algo,
3245 : spdm_context->connection_info.algorithm.base_asym_algo,
3246 : data, data_size,
3247 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3248 : #endif
3249 :
3250 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
3251 19 : while(error_code <= 0xff) {
3252 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3253 18 : libspdm_reset_message_a(spdm_context);
3254 18 : libspdm_reset_message_b(spdm_context);
3255 18 : libspdm_reset_message_c(spdm_context);
3256 :
3257 18 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3258 18 : status = libspdm_challenge (spdm_context, NULL, 0,
3259 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3260 : measurement_hash, NULL);
3261 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
3262 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3263 : /* assert_int_equal (spdm_context->transcript.message_c.buffer_size, 0);*/
3264 : LIBSPDM_ASSERT_INT_EQUAL_CASE (spdm_context->transcript.message_c.buffer_size, 0,
3265 : error_code);
3266 : #endif
3267 :
3268 18 : error_code++;
3269 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
3270 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
3271 : }
3272 : /* skip some reserved error codes (0d to 3e) */
3273 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
3274 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
3275 : }
3276 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
3277 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
3278 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
3279 : }
3280 : }
3281 :
3282 1 : free(data);
3283 1 : }
3284 :
3285 : /**
3286 : * Test 21: test correct CHALLENGE_AUTH message with multiple slot numbers
3287 : * Expected behavior: success and slot_id is included in slot_mask.
3288 : **/
3289 1 : static void req_challenge_case21(void **state) {
3290 : libspdm_return_t status;
3291 : libspdm_test_context_t *spdm_test_context;
3292 : libspdm_context_t *spdm_context;
3293 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3294 : void *data;
3295 : size_t data_size;
3296 : void *hash;
3297 : size_t hash_size;
3298 : uint8_t slot_id;
3299 : uint8_t slot_mask;
3300 :
3301 1 : spdm_test_context = *state;
3302 1 : spdm_context = spdm_test_context->spdm_context;
3303 1 : spdm_test_context->case_id = 0x15;
3304 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3305 1 : spdm_context->connection_info.capability.flags = 0;
3306 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3307 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3308 : m_libspdm_use_asym_algo,
3309 : &data, &data_size,
3310 : &hash, &hash_size);
3311 1 : libspdm_reset_message_a(spdm_context);
3312 1 : libspdm_reset_message_b(spdm_context);
3313 1 : libspdm_reset_message_c(spdm_context);
3314 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3315 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3316 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3317 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3318 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3319 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3320 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3321 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3322 : data, data_size);
3323 : #else
3324 1 : libspdm_hash_all(
3325 : spdm_context->connection_info.algorithm.base_hash_algo,
3326 : data, data_size,
3327 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3328 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3329 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3330 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3331 : spdm_context->connection_info.algorithm.base_hash_algo,
3332 : spdm_context->connection_info.algorithm.base_asym_algo,
3333 : data, data_size,
3334 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3335 : #endif
3336 :
3337 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3338 :
3339 1 : slot_id = 0;
3340 1 : status = libspdm_challenge (spdm_context, NULL, slot_id,
3341 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3342 : measurement_hash, &slot_mask);
3343 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3344 1 : assert_int_equal(1<<slot_id, slot_mask & (1<<slot_id));
3345 1 : free(data);
3346 1 : }
3347 :
3348 : /**
3349 : * Test 22: a request message is successfully sent and a response message is successfully received.
3350 : * Buffer C already has arbitrary data.
3351 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a CHALLENGE_AUTH message is
3352 : * received, buffer C appends the exchanged CHALLENGE and CHALLENGE_AUTH messages.
3353 : **/
3354 1 : static void req_challenge_case22(void **state)
3355 : {
3356 : libspdm_return_t status;
3357 : libspdm_test_context_t *spdm_test_context;
3358 : libspdm_context_t *spdm_context;
3359 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3360 : void *data;
3361 : size_t data_size;
3362 : void *hash;
3363 : size_t hash_size;
3364 :
3365 1 : spdm_test_context = *state;
3366 1 : spdm_context = spdm_test_context->spdm_context;
3367 1 : spdm_test_context->case_id = 0x16;
3368 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3369 1 : spdm_context->connection_info.capability.flags = 0;
3370 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3371 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3372 : m_libspdm_use_asym_algo, &data,
3373 : &data_size, &hash, &hash_size)) {
3374 0 : assert(false);
3375 : }
3376 1 : libspdm_reset_message_a(spdm_context);
3377 1 : libspdm_reset_message_b(spdm_context);
3378 1 : libspdm_reset_message_c(spdm_context);
3379 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3380 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3381 :
3382 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3383 : /*filling all buffers with arbitrary data*/
3384 : libspdm_set_mem(spdm_context->transcript.message_a.buffer, 10, (uint8_t) 0xFF);
3385 : spdm_context->transcript.message_a.buffer_size = 10;
3386 : libspdm_set_mem(spdm_context->transcript.message_b.buffer, 8, (uint8_t) 0xEE);
3387 : spdm_context->transcript.message_b.buffer_size = 8;
3388 : libspdm_set_mem(spdm_context->transcript.message_c.buffer, 12, (uint8_t) 0xDD);
3389 : spdm_context->transcript.message_c.buffer_size = 12;
3390 : #endif
3391 :
3392 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3393 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3394 :
3395 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3396 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3397 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3398 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3399 : data, data_size);
3400 : #else
3401 1 : libspdm_hash_all(
3402 : spdm_context->connection_info.algorithm.base_hash_algo,
3403 : data, data_size,
3404 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3405 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3406 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3407 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3408 : spdm_context->connection_info.algorithm.base_hash_algo,
3409 : spdm_context->connection_info.algorithm.base_asym_algo,
3410 : data, data_size,
3411 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3412 : #endif
3413 :
3414 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3415 1 : status = libspdm_challenge(
3416 : spdm_context, NULL, 0,
3417 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3418 : measurement_hash, NULL);
3419 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3420 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3421 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3422 : m_libspdm_local_buffer_size));
3423 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3424 : #endif
3425 1 : free(data);
3426 1 : }
3427 :
3428 : /**
3429 : * Test 23: GetCert (Slot 0), GetCert (Slot 1), then Challenge (Slot 0), (Slot1):
3430 : * - it has flags indicating that the previous messages were sent
3431 : * (GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, and GET_DIGESTS).
3432 : * - it received the CAPABILITIES message, allowing the use of hash and digital
3433 : * signature algorithms, and the use of challenges.
3434 : * - it has the responder's certificate chain.
3435 : * The CHALLENGE message requests usage of the first certificate in the chain
3436 : * (param1=0) and do not request measurements (param2=0).
3437 : * The received CHALLENGE_AUTH message correctly responds to the challenge, with
3438 : * no opaque data and a signature on the sent nonce.
3439 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3440 : **/
3441 1 : static void req_challenge_case23(void **state)
3442 : {
3443 : libspdm_return_t status;
3444 : libspdm_test_context_t *spdm_test_context;
3445 : libspdm_context_t *spdm_context;
3446 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3447 : void *data;
3448 : void *data1;
3449 : size_t data_size;
3450 : size_t data1_size;
3451 : void *hash;
3452 : void *hash1;
3453 : size_t hash_size;
3454 : size_t hash1_size;
3455 : uint8_t slot_id;
3456 :
3457 1 : spdm_test_context = *state;
3458 1 : spdm_context = spdm_test_context->spdm_context;
3459 1 : spdm_test_context->case_id = 0x17;
3460 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3461 1 : spdm_context->connection_info.capability.flags = 0;
3462 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3463 :
3464 1 : libspdm_reset_message_a(spdm_context);
3465 1 : libspdm_reset_message_b(spdm_context);
3466 1 : libspdm_reset_message_c(spdm_context);
3467 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3468 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3469 :
3470 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3471 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3472 :
3473 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3474 : m_libspdm_use_asym_algo, &data,
3475 : &data_size, &hash, &hash_size)) {
3476 0 : assert(false);
3477 : }
3478 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3479 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3480 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3481 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3482 : data, data_size);
3483 : #else
3484 1 : libspdm_hash_all(
3485 : spdm_context->connection_info.algorithm.base_hash_algo,
3486 : data, data_size,
3487 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3488 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3489 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3490 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3491 : spdm_context->connection_info.algorithm.base_hash_algo,
3492 : spdm_context->connection_info.algorithm.base_asym_algo,
3493 : data, data_size,
3494 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3495 : #endif
3496 :
3497 1 : if (!libspdm_read_responder_public_certificate_chain_per_slot(
3498 : 1,
3499 : m_libspdm_use_hash_algo,
3500 : m_libspdm_use_asym_algo, &data1,
3501 : &data1_size, &hash1, &hash1_size)) {
3502 0 : return;
3503 : }
3504 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3505 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size = data1_size;
3506 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
3507 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
3508 : data1, data1_size);
3509 : #else
3510 1 : libspdm_hash_all(
3511 : spdm_context->connection_info.algorithm.base_hash_algo,
3512 : data1, data1_size,
3513 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
3514 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
3515 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3516 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3517 : spdm_context->connection_info.algorithm.base_hash_algo,
3518 : spdm_context->connection_info.algorithm.base_asym_algo,
3519 : data1, data1_size,
3520 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
3521 : #endif
3522 :
3523 3 : for (slot_id = 0; slot_id < 2; slot_id++) {
3524 2 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3525 2 : status = libspdm_challenge(
3526 : spdm_context, NULL, slot_id,
3527 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3528 : measurement_hash, NULL);
3529 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3530 : }
3531 1 : free(data);
3532 1 : free(data1);
3533 : }
3534 :
3535 : /**
3536 : * Test 24: Challenge using provisioned public key (slot_id 0xFF)
3537 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3538 : **/
3539 1 : static void req_challenge_case24(void **state)
3540 : {
3541 : libspdm_return_t status;
3542 : libspdm_test_context_t *spdm_test_context;
3543 : libspdm_context_t *spdm_context;
3544 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3545 : void *data;
3546 : size_t data_size;
3547 :
3548 1 : spdm_test_context = *state;
3549 1 : spdm_context = spdm_test_context->spdm_context;
3550 1 : spdm_test_context->case_id = 0x18;
3551 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3552 1 : spdm_context->connection_info.capability.flags = 0;
3553 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3554 1 : spdm_context->connection_info.capability.flags |=
3555 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3556 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
3557 0 : return;
3558 : }
3559 1 : spdm_context->local_context.peer_public_key_provision = data;
3560 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3561 :
3562 1 : libspdm_reset_message_a(spdm_context);
3563 1 : libspdm_reset_message_b(spdm_context);
3564 1 : libspdm_reset_message_c(spdm_context);
3565 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3566 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3567 :
3568 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3569 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3570 :
3571 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3572 1 : status = libspdm_challenge(
3573 : spdm_context, NULL, 0xFF,
3574 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3575 : measurement_hash, NULL);
3576 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3577 1 : free(data);
3578 : }
3579 :
3580 : /**
3581 : * Test 25: Error case, CHALLENGE_AUTH message contains opaque_length greater than the maximum allowed.
3582 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code.
3583 : **/
3584 1 : static void req_challenge_case25(void **state) {
3585 : libspdm_return_t status;
3586 : libspdm_test_context_t *spdm_test_context;
3587 : libspdm_context_t *spdm_context;
3588 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3589 : void *data;
3590 : size_t data_size;
3591 : void *hash;
3592 : size_t hash_size;
3593 :
3594 1 : spdm_test_context = *state;
3595 1 : spdm_context = spdm_test_context->spdm_context;
3596 1 : spdm_test_context->case_id = 0x19;
3597 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3598 1 : spdm_context->connection_info.capability.flags = 0;
3599 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3600 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3601 : m_libspdm_use_asym_algo,
3602 : &data, &data_size,
3603 : &hash, &hash_size);
3604 1 : libspdm_reset_message_a(spdm_context);
3605 1 : libspdm_reset_message_b(spdm_context);
3606 1 : libspdm_reset_message_c(spdm_context);
3607 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3608 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3609 :
3610 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3611 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3612 :
3613 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3614 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3615 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3616 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3617 : data, data_size);
3618 : #else
3619 1 : libspdm_hash_all(
3620 : spdm_context->connection_info.algorithm.base_hash_algo,
3621 : data, data_size,
3622 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3623 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3624 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3625 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3626 : spdm_context->connection_info.algorithm.base_hash_algo,
3627 : spdm_context->connection_info.algorithm.base_asym_algo,
3628 : data, data_size,
3629 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3630 : #endif
3631 :
3632 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3633 1 : status = libspdm_challenge (spdm_context, NULL, 0,
3634 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3635 : measurement_hash, NULL);
3636 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3637 1 : free(data);
3638 1 : }
3639 :
3640 : /**
3641 : * Test 26: the requester is setup correctly to send a CHALLENGE message:
3642 : * - it has flags indicating that the previous messages were sent
3643 : * The received CHALLENGE_AUTH message correctly responds to the challenge, opaque
3644 : * data with bytes from the string "libspdm", and a signature on the sent nonce.
3645 : * Expected behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3646 : **/
3647 1 : static void req_challenge_case26(void **state) {
3648 : libspdm_return_t status;
3649 : libspdm_test_context_t *spdm_test_context;
3650 : libspdm_context_t *spdm_context;
3651 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3652 : void *data;
3653 : size_t data_size;
3654 : void *hash;
3655 : size_t hash_size;
3656 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
3657 : size_t opaque_data_size;
3658 :
3659 1 : spdm_test_context = *state;
3660 1 : spdm_context = spdm_test_context->spdm_context;
3661 1 : spdm_test_context->case_id = 0x1A;
3662 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3663 1 : spdm_context->connection_info.capability.flags = 0;
3664 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3665 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
3666 : m_libspdm_use_asym_algo,
3667 : &data, &data_size,
3668 : &hash, &hash_size);
3669 1 : libspdm_reset_message_a(spdm_context);
3670 1 : libspdm_reset_message_b(spdm_context);
3671 1 : libspdm_reset_message_c(spdm_context);
3672 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3673 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3674 :
3675 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
3676 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3677 :
3678 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3679 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3680 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3681 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3682 : data, data_size);
3683 : #else
3684 1 : libspdm_hash_all(
3685 : spdm_context->connection_info.algorithm.base_hash_algo,
3686 : data, data_size,
3687 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3688 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3689 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3690 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3691 : spdm_context->connection_info.algorithm.base_hash_algo,
3692 : spdm_context->connection_info.algorithm.base_asym_algo,
3693 : data, data_size,
3694 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3695 : #endif
3696 1 : spdm_context->connection_info.algorithm.other_params_support =
3697 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
3698 1 : opaque_data_size = sizeof(opaque_data);
3699 :
3700 1 : libspdm_zero_mem (measurement_hash, sizeof(measurement_hash));
3701 1 : status = libspdm_challenge_ex (spdm_context, NULL, 0,
3702 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3703 : measurement_hash, NULL, NULL, NULL, NULL,
3704 : opaque_data, &opaque_data_size);
3705 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3706 1 : assert_int_equal(opaque_data_size, m_libspdm_opaque_data_size);
3707 1 : assert_memory_equal(opaque_data, m_libspdm_opaque_data, opaque_data_size);
3708 1 : free(data);
3709 1 : }
3710 :
3711 : /**
3712 : * Test 27: Successful case , With the correct challenge context field
3713 : * Expected Behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
3714 : **/
3715 1 : static void req_challenge_case27(void **state)
3716 : {
3717 : libspdm_return_t status;
3718 : libspdm_test_context_t *spdm_test_context;
3719 : libspdm_context_t *spdm_context;
3720 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3721 : void *data;
3722 : size_t data_size;
3723 : void *hash;
3724 : size_t hash_size;
3725 :
3726 1 : spdm_test_context = *state;
3727 1 : spdm_context = spdm_test_context->spdm_context;
3728 1 : spdm_test_context->case_id = 0x1B;
3729 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3730 1 : spdm_context->connection_info.capability.flags = 0;
3731 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3732 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3733 : m_libspdm_use_asym_algo, &data,
3734 : &data_size, &hash, &hash_size)) {
3735 0 : assert(false);
3736 : }
3737 1 : libspdm_reset_message_a(spdm_context);
3738 1 : libspdm_reset_message_b(spdm_context);
3739 1 : libspdm_reset_message_c(spdm_context);
3740 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3741 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3742 :
3743 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3744 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3745 :
3746 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3747 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3748 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3749 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3750 : data, data_size);
3751 : #else
3752 1 : libspdm_hash_all(
3753 : spdm_context->connection_info.algorithm.base_hash_algo,
3754 : data, data_size,
3755 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3756 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3757 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3758 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3759 : spdm_context->connection_info.algorithm.base_hash_algo,
3760 : spdm_context->connection_info.algorithm.base_asym_algo,
3761 : data, data_size,
3762 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3763 : #endif
3764 :
3765 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3766 :
3767 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3768 :
3769 1 : status = libspdm_challenge_ex2(
3770 : spdm_context, NULL, 0, m_requester_context,
3771 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3772 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3773 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3774 :
3775 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3776 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
3777 : #else
3778 1 : assert_null(spdm_context->transcript.digest_context_m1m2);
3779 : #endif
3780 1 : free(data);
3781 1 : }
3782 :
3783 : /**
3784 : * Test 28: Error case , challenge context fields are inconsistent
3785 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
3786 : **/
3787 1 : static void req_challenge_case28(void **state)
3788 : {
3789 : libspdm_return_t status;
3790 : libspdm_test_context_t *spdm_test_context;
3791 : libspdm_context_t *spdm_context;
3792 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
3793 : void *data;
3794 : size_t data_size;
3795 : void *hash;
3796 : size_t hash_size;
3797 :
3798 1 : spdm_test_context = *state;
3799 1 : spdm_context = spdm_test_context->spdm_context;
3800 1 : spdm_test_context->case_id = 0x1C;
3801 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3802 1 : spdm_context->connection_info.capability.flags = 0;
3803 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP;
3804 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3805 : m_libspdm_use_asym_algo, &data,
3806 : &data_size, &hash, &hash_size)) {
3807 0 : assert(false);
3808 : }
3809 1 : libspdm_reset_message_a(spdm_context);
3810 1 : libspdm_reset_message_b(spdm_context);
3811 1 : libspdm_reset_message_c(spdm_context);
3812 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3813 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3814 :
3815 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
3816 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3817 :
3818 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3819 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3820 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3821 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3822 : data, data_size);
3823 : #else
3824 1 : libspdm_hash_all(
3825 : spdm_context->connection_info.algorithm.base_hash_algo,
3826 : data, data_size,
3827 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3828 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3829 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3830 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3831 : spdm_context->connection_info.algorithm.base_hash_algo,
3832 : spdm_context->connection_info.algorithm.base_asym_algo,
3833 : data, data_size,
3834 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3835 : #endif
3836 :
3837 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
3838 :
3839 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
3840 :
3841 1 : status = libspdm_challenge_ex2(
3842 : spdm_context, NULL, 0, m_requester_context,
3843 : SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
3844 : measurement_hash, NULL, NULL, NULL, NULL, NULL, NULL);
3845 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
3846 :
3847 1 : free(data);
3848 1 : }
3849 :
3850 1 : int libspdm_req_challenge_test(void)
3851 : {
3852 1 : const struct CMUnitTest test_cases[] = {
3853 : /* SendRequest failed*/
3854 : cmocka_unit_test(req_challenge_case1),
3855 : /* Successful response*/
3856 : cmocka_unit_test(req_challenge_case2),
3857 : /* connection_state check failed*/
3858 : cmocka_unit_test(req_challenge_case3),
3859 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3860 : cmocka_unit_test(req_challenge_case4),
3861 : /* Always SPDM_ERROR_CODE_BUSY*/
3862 : cmocka_unit_test(req_challenge_case5),
3863 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3864 : cmocka_unit_test(req_challenge_case6),
3865 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3866 : cmocka_unit_test(req_challenge_case7),
3867 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3868 : cmocka_unit_test(req_challenge_case8),
3869 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3870 : cmocka_unit_test(req_challenge_case9),
3871 : /* SpdmCmdReceiveState check failed*/
3872 : cmocka_unit_test(req_challenge_case10),
3873 : /* Successful response + device error*/
3874 : cmocka_unit_test(req_challenge_case11),
3875 : cmocka_unit_test(req_challenge_case12),
3876 : cmocka_unit_test(req_challenge_case13),
3877 : cmocka_unit_test(req_challenge_case14),
3878 : /* Invalid parameter*/
3879 : cmocka_unit_test(req_challenge_case15),
3880 : /* Successful response*/
3881 : cmocka_unit_test(req_challenge_case16),
3882 : /* Signature check failed*/
3883 : cmocka_unit_test(req_challenge_case17),
3884 : /* Successful response*/
3885 : cmocka_unit_test(req_challenge_case18),
3886 : cmocka_unit_test(req_challenge_case19),
3887 : /* Unexpected errors*/
3888 : cmocka_unit_test(req_challenge_case20),
3889 : cmocka_unit_test(req_challenge_case21),
3890 : /* Buffer verification*/
3891 : cmocka_unit_test(req_challenge_case22),
3892 : /* Challeng differenr slot with GetCert*/
3893 : cmocka_unit_test(req_challenge_case23),
3894 : /* Challeng using provisioned public key (slot_id 0xFF) */
3895 : cmocka_unit_test(req_challenge_case24),
3896 : /* opaque_length greater than the maximum allowed */
3897 : cmocka_unit_test(req_challenge_case25),
3898 : /* the OpaqueDataFmt1 bit is selected in OtherParamsSelection of ALGORITHMS*/
3899 : cmocka_unit_test(req_challenge_case26),
3900 : /* Successful response, With the correct challenge context field*/
3901 : cmocka_unit_test(req_challenge_case27),
3902 : /* Error response: challenge context fields are inconsistent*/
3903 : cmocka_unit_test(req_challenge_case28),
3904 : };
3905 :
3906 1 : libspdm_test_context_t test_context = {
3907 : LIBSPDM_TEST_CONTEXT_VERSION,
3908 : true,
3909 : send_message,
3910 : receive_message,
3911 : };
3912 :
3913 1 : libspdm_setup_test_context(&test_context);
3914 :
3915 1 : return cmocka_run_group_tests(test_cases,
3916 : libspdm_unit_test_group_setup,
3917 : libspdm_unit_test_group_teardown);
3918 : }
3919 :
3920 : #endif /* LIBSPDM_SEND_CHALLENGE_SUPPORT */
|
