Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2022 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link:
5 : * https://github.com/DMTF/libspdm/blob/main/LICENSE.md
6 : **/
7 :
8 : #include "spdm_unit_test.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP) && \
12 : (LIBSPDM_ENABLE_CAPABILITY_CERT_CAP)
13 :
14 : /* #define TEST_DEBUG*/
15 : #ifdef TEST_DEBUG
16 : #define TEST_DEBUG_PRINT(format, ...) printf(format, ## __VA_ARGS__)
17 : #else
18 : #define TEST_DEBUG_PRINT(...)
19 : #endif
20 :
21 : spdm_get_certificate_request_t m_spdm_get_certificate_request1 = {
22 : {SPDM_MESSAGE_VERSION_11, SPDM_GET_CERTIFICATE, 0, 0},
23 : 0,
24 : LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN
25 : };
26 : size_t m_spdm_get_certificate_request1_size =
27 : sizeof(m_spdm_get_certificate_request1);
28 :
29 : spdm_get_certificate_request_t m_spdm_get_certificate_request3 = {
30 : {SPDM_MESSAGE_VERSION_11, SPDM_GET_CERTIFICATE, 0, 0}, 0, 0
31 : };
32 : size_t m_spdm_get_certificate_request3_size =
33 : sizeof(m_spdm_get_certificate_request3);
34 :
35 : spdm_get_certificate_request_t m_spdm_get_certificate_request4 = {
36 : {SPDM_MESSAGE_VERSION_13, SPDM_GET_CERTIFICATE, 0, 0},
37 : 0,
38 : LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN
39 : };
40 : size_t m_spdm_get_certificate_request4_size =
41 : sizeof(m_spdm_get_certificate_request4);
42 :
43 : /**
44 : * Test 1: request the first LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN bytes of the
45 : * certificate chain Expected Behavior: generate a correctly formed Certificate
46 : * message, including its portion_length and remainder_length fields
47 : **/
48 1 : void libspdm_test_requester_encap_certificate_case1(void **state)
49 : {
50 : libspdm_return_t status;
51 : libspdm_test_context_t *spdm_test_context;
52 : libspdm_context_t *spdm_context;
53 : size_t response_size;
54 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
55 : spdm_certificate_response_t *spdm_response;
56 : void *data;
57 : size_t data_size;
58 :
59 1 : spdm_test_context = *state;
60 1 : spdm_context = spdm_test_context->spdm_context;
61 1 : spdm_test_context->case_id = 0x1;
62 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
63 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
64 1 : spdm_context->connection_info.connection_state =
65 : LIBSPDM_CONNECTION_STATE_AFTER_DIGESTS;
66 1 : spdm_context->local_context.capability.flags |=
67 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
68 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
69 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
70 : m_libspdm_use_asym_algo,
71 : &data, &data_size, NULL, NULL);
72 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
73 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
74 :
75 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
76 : spdm_context->transcript.message_m.buffer_size =
77 : spdm_context->transcript.message_m.max_buffer_size;
78 : #endif
79 :
80 1 : response_size = sizeof(response);
81 1 : status = libspdm_get_encap_response_certificate(
82 : spdm_context, m_spdm_get_certificate_request1_size,
83 : &m_spdm_get_certificate_request1, &response_size, response);
84 :
85 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
86 1 : assert_int_equal(response_size, sizeof(spdm_certificate_response_t) +
87 : LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN);
88 1 : spdm_response = (void *)response;
89 1 : assert_int_equal(spdm_response->header.request_response_code,
90 : SPDM_CERTIFICATE);
91 1 : assert_int_equal(spdm_response->header.param1, 0);
92 1 : assert_int_equal(spdm_response->portion_length,
93 : LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN);
94 1 : assert_int_equal(spdm_response->remainder_length,
95 : data_size - LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN);
96 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
97 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
98 : #endif
99 1 : free(data);
100 1 : }
101 :
102 : /**
103 : * Test 2:
104 : * Expected Behavior:
105 : **/
106 1 : void libspdm_test_requester_encap_certificate_case2(void **state)
107 : {
108 1 : }
109 :
110 : /**
111 : * Test 3: request length at the boundary of maximum integer values, while
112 : * keeping offset 0 Expected Behavior: generate correctly formed Certificate
113 : * messages, including its portion_length and remainder_length fields
114 : **/
115 0 : void libspdm_test_requester_encap_certificate_case3(void **state)
116 : {
117 : libspdm_return_t status;
118 : libspdm_test_context_t *spdm_test_context;
119 : libspdm_context_t *spdm_context;
120 : size_t response_size;
121 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
122 : spdm_certificate_response_t *spdm_response;
123 : void *data;
124 : size_t data_size;
125 :
126 : /* Testing Lengths at the boundary of maximum integer values*/
127 0 : uint16_t test_lengths[] = {
128 : 0,
129 : 0x7F,
130 : (uint16_t)(0x7F + 1),
131 : 0xFF,
132 : 0x7FFF,
133 : (uint16_t)(0x7FFF + 1),
134 : 0xFFFF,
135 : };
136 : uint16_t expected_chunk_size;
137 :
138 : /* Setting up the spdm_context and loading a sample certificate chain*/
139 0 : spdm_test_context = *state;
140 0 : spdm_context = spdm_test_context->spdm_context;
141 0 : spdm_test_context->case_id = 0x3;
142 0 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
143 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
144 0 : spdm_context->local_context.capability.flags |=
145 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
146 0 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
147 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
148 : m_libspdm_use_asym_algo,
149 : &data, &data_size, NULL, NULL);
150 0 : spdm_context->local_context.local_cert_chain_provision[0] = data;
151 0 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
152 :
153 : /* This tests considers only offset = 0, other tests vary offset value*/
154 0 : m_spdm_get_certificate_request3.offset = 0;
155 :
156 0 : for (int i = 0; i < sizeof(test_lengths) / sizeof(test_lengths[0]); i++)
157 : {
158 : TEST_DEBUG_PRINT("i:%d test_lengths[i]:%u\n", i, test_lengths[i]);
159 0 : m_spdm_get_certificate_request3.length = test_lengths[i];
160 : /* Expected received length is limited by LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN
161 : * (implementation specific?)*/
162 0 : expected_chunk_size = LIBSPDM_MIN(m_spdm_get_certificate_request3.length,
163 : LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN);
164 :
165 : /* resetting an internal buffer to avoid overflow and prevent tests to
166 : * succeed*/
167 0 : libspdm_reset_message_b(spdm_context);
168 0 : response_size = sizeof(response);
169 0 : m_spdm_get_certificate_request3_size =
170 : sizeof(m_spdm_get_certificate_request3);
171 0 : status = libspdm_get_encap_response_certificate(
172 : spdm_context, m_spdm_get_certificate_request3_size,
173 : &m_spdm_get_certificate_request3, &response_size, response);
174 0 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
175 0 : assert_int_equal(response_size,
176 : sizeof(spdm_certificate_response_t) + expected_chunk_size);
177 0 : spdm_response = (void *)response;
178 0 : assert_int_equal(spdm_response->header.request_response_code,
179 : SPDM_CERTIFICATE);
180 0 : assert_int_equal(spdm_response->header.param1, 0);
181 0 : assert_int_equal(spdm_response->portion_length, expected_chunk_size);
182 0 : assert_int_equal(spdm_response->remainder_length,
183 : data_size - expected_chunk_size);
184 : }
185 0 : free(data);
186 0 : }
187 :
188 : /**
189 : * Test 4: request offset at the boundary of maximum integer values, while
190 : * keeping length 0 Expected Behavior: generate correctly formed Certificate
191 : * messages, including its portion_length and remainder_length fields
192 : **/
193 1 : void libspdm_test_requester_encap_certificate_case4(void **state)
194 : {
195 : libspdm_return_t status;
196 : libspdm_test_context_t *spdm_test_context;
197 : libspdm_context_t *spdm_context;
198 : size_t response_size;
199 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
200 : spdm_certificate_response_t *spdm_response;
201 : spdm_error_response_t *spdm_responseError;
202 : void *data;
203 : size_t data_size;
204 :
205 : /* Testing offsets at the boundary of maximum integer values and at the
206 : * boundary of certificate length (first three positions)*/
207 1 : uint16_t test_offsets[] = {(uint16_t)(-1),
208 : 0,
209 : +1,
210 : 0,
211 : 0x7F,
212 : (uint16_t)(0x7F + 1),
213 : 0xFF,
214 : 0x7FFF,
215 : (uint16_t)(0x7FFF + 1),
216 : 0xFFFF,
217 : (uint16_t)(-1)};
218 :
219 : /* Setting up the spdm_context and loading a sample certificate chain*/
220 1 : spdm_test_context = *state;
221 1 : spdm_context = spdm_test_context->spdm_context;
222 1 : spdm_test_context->case_id = 0x4;
223 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
224 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
225 1 : spdm_context->local_context.capability.flags |=
226 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
227 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
228 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
229 : m_libspdm_use_asym_algo,
230 : &data, &data_size, NULL, NULL);
231 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
232 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
233 :
234 : /* This tests considers only length = 0, other tests vary length value*/
235 1 : m_spdm_get_certificate_request3.length = 0;
236 : /* Setting up offset values at the boundary of certificate length*/
237 1 : test_offsets[0] = (uint16_t)(test_offsets[0] + data_size);
238 1 : test_offsets[1] = (uint16_t)(test_offsets[1] + data_size);
239 1 : test_offsets[2] = (uint16_t)(test_offsets[2] + data_size);
240 :
241 12 : for (int i = 0; i < sizeof(test_offsets) / sizeof(test_offsets[0]); i++)
242 : {
243 : TEST_DEBUG_PRINT("i:%d test_offsets[i]:%u\n", i, test_offsets[i]);
244 11 : m_spdm_get_certificate_request3.offset = test_offsets[i];
245 :
246 : /* resetting an internal buffer to avoid overflow and prevent tests to
247 : * succeed*/
248 11 : libspdm_reset_message_b(spdm_context);
249 11 : response_size = sizeof(response);
250 11 : status = libspdm_get_encap_response_certificate(
251 : spdm_context, m_spdm_get_certificate_request3_size,
252 : &m_spdm_get_certificate_request3, &response_size, response);
253 11 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
254 :
255 11 : if (m_spdm_get_certificate_request3.offset >= data_size) {
256 : /* A too long of an offset should return an error*/
257 6 : spdm_responseError = (void *)response;
258 6 : assert_int_equal(spdm_responseError->header.request_response_code,
259 : SPDM_ERROR);
260 6 : assert_int_equal(spdm_responseError->header.param1,
261 : SPDM_ERROR_CODE_INVALID_REQUEST);
262 : } else {
263 : /* Otherwise it should work properly, considering length = 0*/
264 5 : assert_int_equal(response_size, sizeof(spdm_certificate_response_t));
265 5 : spdm_response = (void *)response;
266 5 : assert_int_equal(spdm_response->header.request_response_code,
267 : SPDM_CERTIFICATE);
268 5 : assert_int_equal(spdm_response->header.param1, 0);
269 5 : assert_int_equal(spdm_response->portion_length, 0);
270 5 : assert_int_equal(
271 : spdm_response->remainder_length,
272 : (uint16_t)(data_size - m_spdm_get_certificate_request3.offset));
273 : }
274 : }
275 1 : free(data);
276 1 : }
277 :
278 : /**
279 : * Test 5: request LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN bytes of long certificate
280 : * chains, with the largest valid offset Expected Behavior: generate correctly
281 : * formed Certificate messages, including its portion_length and remainder_length
282 : * fields
283 : **/
284 1 : void libspdm_test_requester_encap_certificate_case5(void **state)
285 : {
286 : libspdm_return_t status;
287 : libspdm_test_context_t *spdm_test_context;
288 : libspdm_context_t *spdm_context;
289 : size_t response_size;
290 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
291 : spdm_certificate_response_t *spdm_response;
292 : spdm_error_response_t *spdm_responseError;
293 : void *data;
294 : size_t data_size;
295 :
296 1 : uint16_t test_cases[] = {LIBSPDM_TEST_CERT_MAXINT16, LIBSPDM_TEST_CERT_MAXUINT16};
297 :
298 : size_t expected_chunk_size;
299 : size_t expected_remainder;
300 :
301 : /* Setting up the spdm_context and loading a sample certificate chain*/
302 1 : spdm_test_context = *state;
303 1 : spdm_context = spdm_test_context->spdm_context;
304 1 : spdm_test_context->case_id = 0x5;
305 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
306 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
307 1 : spdm_context->local_context.capability.flags |=
308 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
309 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
310 :
311 1 : m_spdm_get_certificate_request3.length = LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN;
312 :
313 3 : for (int i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++)
314 : {
315 2 : libspdm_read_responder_public_certificate_chain_by_size(
316 : /*MAXUINT16_CERT signature_algo is SHA256RSA */
317 : m_libspdm_use_hash_algo, SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048,
318 2 : test_cases[i], &data, &data_size, NULL, NULL);
319 :
320 2 : spdm_context->local_context.local_cert_chain_provision[0] = data;
321 2 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
322 :
323 2 : m_spdm_get_certificate_request3.offset =
324 2 : (uint16_t)(LIBSPDM_MIN(data_size - 1, 0xFFFF));
325 : TEST_DEBUG_PRINT("data_size: %u\n", data_size);
326 : TEST_DEBUG_PRINT("m_spdm_get_certificate_request3.offset: %u\n",
327 : m_spdm_get_certificate_request3.offset);
328 : TEST_DEBUG_PRINT("m_spdm_get_certificate_request3.length: %u\n",
329 : m_spdm_get_certificate_request3.length);
330 : TEST_DEBUG_PRINT("offset + length: %u\n",
331 : m_spdm_get_certificate_request3.offset +
332 : m_spdm_get_certificate_request3.length);
333 :
334 : /* resetting an internal buffer to avoid overflow and prevent tests to
335 : * succeed*/
336 2 : libspdm_reset_message_b(spdm_context);
337 2 : response_size = sizeof(response);
338 2 : status = libspdm_get_encap_response_certificate(
339 : spdm_context, m_spdm_get_certificate_request3_size,
340 : &m_spdm_get_certificate_request3, &response_size, response);
341 2 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
342 :
343 : /* Expected received length is limited by LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN
344 : * and by the remaining length*/
345 2 : expected_chunk_size =
346 2 : (uint16_t)(LIBSPDM_MIN(m_spdm_get_certificate_request3.length,
347 : data_size - m_spdm_get_certificate_request3.offset));
348 2 : expected_chunk_size =
349 : LIBSPDM_MIN(expected_chunk_size, LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN);
350 : /* Expected certificate length left*/
351 2 : expected_remainder =
352 2 : (uint16_t)(data_size - m_spdm_get_certificate_request3.offset -
353 : expected_chunk_size);
354 :
355 : TEST_DEBUG_PRINT("expected_chunk_size %u\n", expected_chunk_size);
356 : TEST_DEBUG_PRINT("expected_remainder %u\n", expected_remainder);
357 :
358 2 : if (expected_remainder > 0xFFFF || expected_chunk_size > 0xFFFF) {
359 0 : spdm_responseError = (void *)response;
360 0 : assert_int_equal(spdm_responseError->header.request_response_code,
361 : SPDM_ERROR);
362 0 : assert_int_equal(spdm_responseError->header.param1,
363 : SPDM_ERROR_CODE_INVALID_REQUEST);
364 : } else {
365 2 : assert_int_equal(response_size, sizeof(spdm_certificate_response_t) +
366 : expected_chunk_size);
367 2 : spdm_response = (void *)response;
368 2 : assert_int_equal(spdm_response->header.request_response_code,
369 : SPDM_CERTIFICATE);
370 2 : assert_int_equal(spdm_response->header.param1, 0);
371 2 : assert_int_equal(spdm_response->portion_length, expected_chunk_size);
372 2 : assert_int_equal(spdm_response->remainder_length, expected_remainder);
373 : }
374 :
375 : TEST_DEBUG_PRINT("\n");
376 :
377 2 : spdm_context->local_context.local_cert_chain_provision[0] = NULL;
378 2 : spdm_context->local_context.local_cert_chain_provision_size[0] = 0;
379 2 : free(data);
380 : }
381 1 : }
382 :
383 : /**
384 : * Test 6: request a whole certificate chain byte by byte
385 : * Expected Behavior: generate correctly formed Certificate messages, including
386 : * its portion_length and remainder_length fields
387 : **/
388 1 : void libspdm_test_requester_encap_certificate_case6(void **state)
389 : {
390 : libspdm_return_t status;
391 : libspdm_test_context_t *spdm_test_context;
392 : libspdm_context_t *spdm_context;
393 : size_t response_size;
394 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
395 : spdm_certificate_response_t *spdm_response;
396 : void *data;
397 : size_t data_size;
398 : uint16_t expected_chunk_size;
399 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
400 : size_t count;
401 : #endif
402 : /* Setting up the spdm_context and loading a sample certificate chain*/
403 1 : spdm_test_context = *state;
404 1 : spdm_context = spdm_test_context->spdm_context;
405 1 : spdm_test_context->case_id = 0x6;
406 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
407 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
408 1 : spdm_context->local_context.capability.flags |=
409 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
410 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
411 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
412 : m_libspdm_use_asym_algo,
413 : &data, &data_size, NULL, NULL);
414 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
415 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
416 :
417 : /* This tests considers only length = 1*/
418 1 : m_spdm_get_certificate_request3.length = 1;
419 1 : expected_chunk_size = 1;
420 :
421 : /* resetting an internal buffer to avoid overflow and prevent tests to
422 : * succeed*/
423 1 : libspdm_reset_message_b(spdm_context);
424 :
425 1 : spdm_response = NULL;
426 1391 : for (size_t offset = 0; offset < data_size; offset++)
427 : {
428 : TEST_DEBUG_PRINT("offset:%u \n", offset);
429 1390 : m_spdm_get_certificate_request3.offset = (uint16_t)offset;
430 :
431 1390 : response_size = sizeof(response);
432 1390 : status = libspdm_get_encap_response_certificate(
433 : spdm_context, m_spdm_get_certificate_request3_size,
434 : &m_spdm_get_certificate_request3, &response_size, response);
435 1390 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
436 1390 : spdm_response = (void *)response;
437 : /* It may fail because the spdm does not support too many messages.
438 : * assert_int_equal (spdm_response->header.request_response_code,
439 : * SPDM_CERTIFICATE);*/
440 1390 : if (spdm_response->header.request_response_code == SPDM_CERTIFICATE) {
441 1390 : assert_int_equal(spdm_response->header.request_response_code,
442 : SPDM_CERTIFICATE);
443 1390 : assert_int_equal(response_size, sizeof(spdm_certificate_response_t) +
444 : expected_chunk_size);
445 1390 : assert_int_equal(spdm_response->header.param1, 0);
446 1390 : assert_int_equal(spdm_response->portion_length, expected_chunk_size);
447 1390 : assert_int_equal(spdm_response->remainder_length,
448 : data_size - offset - expected_chunk_size);
449 1390 : assert_int_equal(((uint8_t *)data)[offset],
450 : (response + sizeof(spdm_certificate_response_t))[0]);
451 : } else {
452 0 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
453 0 : break;
454 : }
455 : }
456 1 : if (spdm_response != NULL) {
457 1 : if (spdm_response->header.request_response_code == SPDM_CERTIFICATE) {
458 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
459 : count = (data_size + m_spdm_get_certificate_request3.length - 1) /
460 : m_spdm_get_certificate_request3.length;
461 : assert_int_equal(spdm_context->transcript.message_b.buffer_size,
462 : sizeof(spdm_get_certificate_request_t) * count +
463 : sizeof(spdm_certificate_response_t) * count +
464 : data_size);
465 : #endif
466 : }
467 : }
468 1 : free(data);
469 1 : }
470 :
471 : /**
472 : * Test 7: check request attributes and response attributes , SlotSizeRequested=1b the Offset and Length fields in the
473 : * GET_CERTIFICATE request shall be ignored by the Responder
474 : * Expected Behavior: generate a correctly formed Certificate message, including its portion_length and remainder_length fields
475 : **/
476 1 : void libspdm_test_requester_encap_certificate_case7(void **state)
477 : {
478 : libspdm_return_t status;
479 : libspdm_test_context_t *spdm_test_context;
480 : libspdm_context_t *spdm_context;
481 : size_t response_size;
482 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
483 : spdm_certificate_response_t *spdm_response;
484 : void *data;
485 : size_t data_size;
486 :
487 1 : spdm_test_context = *state;
488 1 : spdm_context = spdm_test_context->spdm_context;
489 1 : spdm_test_context->case_id = 0x7;
490 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13
491 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
492 1 : spdm_context->connection_info.connection_state =
493 : LIBSPDM_CONNECTION_STATE_AFTER_DIGESTS;
494 1 : spdm_context->local_context.capability.flags = 0;
495 1 : spdm_context->local_context.capability.flags |=
496 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
497 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
498 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
499 : m_libspdm_use_asym_algo,
500 : &data, &data_size, NULL, NULL);
501 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
502 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
503 :
504 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
505 : spdm_context->transcript.message_mut_b.buffer_size = 0;
506 : #endif
507 :
508 : /* When SlotSizeRequested=1b , the Offset and Length fields in the GET_CERTIFICATE request shall be ignored by the Responder */
509 1 : m_spdm_get_certificate_request4.header.param2 =
510 : SPDM_GET_CERTIFICATE_REQUEST_ATTRIBUTES_SLOT_SIZE_REQUESTED;
511 1 : m_spdm_get_certificate_request4.length = LIBSPDM_MAX_CERT_CHAIN_BLOCK_LEN;
512 1 : m_spdm_get_certificate_request4.offset = 0xFF;
513 :
514 1 : response_size = sizeof(response);
515 1 : status = libspdm_get_encap_response_certificate(
516 : spdm_context, m_spdm_get_certificate_request4_size,
517 : &m_spdm_get_certificate_request4, &response_size, response);
518 :
519 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
520 1 : assert_int_equal(response_size, sizeof(spdm_certificate_response_t));
521 1 : spdm_response = (void *)response;
522 1 : assert_int_equal(spdm_response->header.request_response_code,
523 : SPDM_CERTIFICATE);
524 1 : assert_int_equal(spdm_response->header.param1, 0);
525 1 : assert_int_equal(spdm_response->portion_length,0);
526 1 : assert_int_equal(spdm_response->remainder_length, data_size);
527 :
528 1 : free(data);
529 1 : }
530 :
531 1 : int libspdm_requester_encap_certificate_test_main(void)
532 : {
533 1 : const struct CMUnitTest spdm_requester_encap_certificate_tests[] = {
534 : /* Success Case*/
535 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case1),
536 : /* Can be populated with new test.*/
537 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case2),
538 : /* Tests varying offset*/
539 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case4),
540 : /* Tests large certificate chains*/
541 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case5),
542 : /* Requests byte by byte*/
543 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case6),
544 : /* check request attributes and response attributes*/
545 : cmocka_unit_test(libspdm_test_requester_encap_certificate_case7),
546 : };
547 :
548 1 : libspdm_test_context_t test_context = {
549 : LIBSPDM_TEST_CONTEXT_VERSION,
550 : false,
551 : };
552 :
553 1 : libspdm_setup_test_context(&test_context);
554 :
555 1 : return cmocka_run_group_tests(spdm_requester_encap_certificate_tests,
556 : libspdm_unit_test_group_setup,
557 : libspdm_unit_test_group_teardown);
558 : }
559 :
560 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (..) */
|
