Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2022 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 : #include "spdm_unit_test.h"
7 : #include "internal/libspdm_requester_lib.h"
8 :
9 : #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP) && \
10 : (LIBSPDM_ENABLE_CAPABILITY_CERT_CAP)
11 :
12 : spdm_get_digest_request_t m_spdm_get_digests_request1 = {
13 : {
14 : SPDM_MESSAGE_VERSION_11,
15 : SPDM_GET_DIGESTS,
16 : },
17 : };
18 : size_t m_spdm_get_digests_request1_size = sizeof(m_spdm_get_digests_request1);
19 :
20 :
21 : spdm_get_digest_request_t m_spdm_get_digests_request2 = {
22 : {
23 : SPDM_MESSAGE_VERSION_13,
24 : SPDM_GET_DIGESTS,
25 : },
26 : };
27 : size_t m_spdm_get_digests_request2_size = sizeof(m_spdm_get_digests_request2);
28 :
29 : static uint8_t m_local_certificate_chain[LIBSPDM_MAX_CERT_CHAIN_SIZE];
30 :
31 : /**
32 : * Test 1: receives a valid GET_DIGESTS request message from Requester
33 : * Expected Behavior: produces a valid DIGESTS response message
34 : **/
35 1 : void test_spdm_requester_encap_get_digests_case1(void **state)
36 : {
37 : libspdm_return_t status;
38 : libspdm_test_context_t *spdm_test_context;
39 : libspdm_context_t *spdm_context;
40 : size_t response_size;
41 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
42 : spdm_digest_response_t *spdm_response;
43 :
44 1 : spdm_test_context = *state;
45 1 : spdm_context = spdm_test_context->spdm_context;
46 1 : spdm_test_context->case_id = 0x1;
47 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
48 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
49 1 : spdm_context->connection_info.connection_state =
50 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
51 1 : spdm_context->local_context.capability.flags |=
52 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
53 1 : spdm_context->connection_info.algorithm.base_hash_algo =
54 : m_libspdm_use_hash_algo;
55 1 : spdm_context->local_context.local_cert_chain_provision[0] =
56 : m_local_certificate_chain;
57 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
58 : sizeof(m_local_certificate_chain);
59 1 : libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain),
60 : (uint8_t)(0xFF));
61 :
62 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
63 : spdm_context->transcript.message_m.buffer_size =
64 : spdm_context->transcript.message_m.max_buffer_size;
65 : #endif
66 :
67 1 : response_size = sizeof(response);
68 1 : status = libspdm_get_encap_response_digest(spdm_context,
69 : m_spdm_get_digests_request1_size,
70 : &m_spdm_get_digests_request1,
71 : &response_size, response);
72 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
73 1 : assert_int_equal(
74 : response_size,
75 : sizeof(spdm_digest_response_t) +
76 : libspdm_get_hash_size(spdm_context->connection_info
77 : .algorithm.base_hash_algo));
78 1 : spdm_response = (void *)response;
79 1 : assert_int_equal(spdm_response->header.request_response_code,
80 : SPDM_DIGESTS);
81 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
82 : assert_int_equal(spdm_context->transcript.message_m.buffer_size,
83 : 0);
84 : #endif
85 1 : }
86 :
87 : /**
88 : * Test 2:
89 : * Expected Behavior:
90 : **/
91 1 : void test_spdm_requester_encap_get_digests_case2(void **state)
92 : {
93 1 : }
94 :
95 : /**
96 : * Test 3: receives a valid GET_DIGESTS request message from Requester, but the request message cannot be appended to the internal cache since the internal cache is full
97 : * Expected Behavior: produces an ERROR response message with error code = Unspecified
98 : **/
99 1 : void test_spdm_requester_encap_get_digests_case3(void **state)
100 : {
101 : libspdm_return_t status;
102 : libspdm_test_context_t *spdm_test_context;
103 : libspdm_context_t *spdm_context;
104 : size_t response_size;
105 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
106 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
107 : spdm_digest_response_t *spdm_response;
108 : #endif
109 1 : spdm_test_context = *state;
110 1 : spdm_context = spdm_test_context->spdm_context;
111 1 : spdm_test_context->case_id = 0x3;
112 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
113 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
114 1 : spdm_context->connection_info.connection_state =
115 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
116 1 : spdm_context->local_context.capability.flags |=
117 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
118 1 : spdm_context->connection_info.algorithm.base_hash_algo =
119 : m_libspdm_use_hash_algo;
120 1 : spdm_context->local_context.local_cert_chain_provision[0] =
121 : m_local_certificate_chain;
122 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
123 : sizeof(m_local_certificate_chain);
124 1 : libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain),
125 : (uint8_t)(0xFF));
126 :
127 1 : response_size = sizeof(response);
128 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
129 : spdm_context->transcript.message_b.buffer_size =
130 : spdm_context->transcript.message_b.max_buffer_size;
131 : #endif
132 1 : status = libspdm_get_encap_response_digest(spdm_context,
133 : m_spdm_get_digests_request1_size,
134 : &m_spdm_get_digests_request1,
135 : &response_size, response);
136 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
137 :
138 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
139 : assert_int_equal(
140 : response_size,
141 : sizeof(spdm_digest_response_t) +
142 : libspdm_get_hash_size(spdm_context->connection_info
143 : .algorithm.base_hash_algo));
144 : spdm_response = (void *)response;
145 : assert_int_equal(spdm_response->header.request_response_code,
146 : SPDM_DIGESTS);
147 : assert_int_equal(spdm_response->header.param1,
148 : 0);
149 : assert_int_equal(spdm_response->header.param2, SPDM_ERROR_CODE_INVALID_REQUEST);
150 : #endif
151 1 : }
152 :
153 : /**
154 : * Test 4: receives a valid GET_DIGESTS request message from Requester, but the response message cannot be appended to the internal cache since the internal cache is full
155 : * Expected Behavior: produces an ERROR response message with error code = Unspecified
156 : **/
157 1 : void test_spdm_requester_encap_get_digests_case4(void **state)
158 : {
159 : libspdm_test_context_t *spdm_test_context;
160 : libspdm_context_t *spdm_context;
161 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
162 : size_t response_size;
163 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
164 : libspdm_return_t status;
165 : spdm_digest_response_t *spdm_response;
166 : #endif
167 :
168 1 : spdm_test_context = *state;
169 1 : spdm_context = spdm_test_context->spdm_context;
170 1 : spdm_test_context->case_id = 0x4;
171 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11
172 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
173 1 : spdm_context->connection_info.connection_state =
174 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
175 1 : spdm_context->local_context.capability.flags |=
176 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
177 1 : spdm_context->connection_info.algorithm.base_hash_algo =
178 : m_libspdm_use_hash_algo;
179 1 : spdm_context->local_context.local_cert_chain_provision[0] =
180 : m_local_certificate_chain;
181 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
182 : sizeof(m_local_certificate_chain);
183 1 : libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain),
184 : (uint8_t)(0xFF));
185 :
186 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
187 : spdm_context->transcript.message_b.buffer_size =
188 : spdm_context->transcript.message_b.max_buffer_size -
189 : sizeof(spdm_get_digest_request_t);
190 : response_size = sizeof(response);
191 : status = libspdm_get_encap_response_digest(spdm_context,
192 : m_spdm_get_digests_request1_size,
193 : &m_spdm_get_digests_request1,
194 : &response_size, response);
195 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
196 : assert_int_equal(
197 : response_size,
198 : sizeof(spdm_digest_response_t) +
199 : libspdm_get_hash_size(spdm_context->connection_info
200 : .algorithm.base_hash_algo));
201 : spdm_response = (void *)response;
202 : assert_int_equal(spdm_response->header.request_response_code,
203 : SPDM_DIGESTS);
204 : assert_int_equal(spdm_response->header.param1,
205 : 0);
206 : assert_int_equal(spdm_response->header.param2, SPDM_ERROR_CODE_INVALID_REQUEST);
207 : #endif
208 1 : }
209 :
210 : /**
211 : * Test 5: receives a valid GET_DIGESTS request message from Requester ,
212 : * Set multi_key_conn_req to check if it responds correctly
213 : * Expected Behavior: produces a valid DIGESTS response message
214 : **/
215 1 : void test_spdm_requester_encap_get_digests_case5(void **state)
216 : {
217 : libspdm_return_t status;
218 : libspdm_test_context_t *spdm_test_context;
219 : libspdm_context_t *spdm_context;
220 : size_t response_size;
221 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
222 : spdm_digest_response_t *spdm_response;
223 : libspdm_session_info_t *session_info;
224 : uint32_t session_id;
225 :
226 1 : spdm_test_context = *state;
227 1 : spdm_context = spdm_test_context->spdm_context;
228 1 : spdm_test_context->case_id = 0x5;
229 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13
230 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
231 1 : spdm_context->connection_info.connection_state =
232 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
233 1 : spdm_context->local_context.capability.flags |=
234 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
235 1 : spdm_context->connection_info.algorithm.base_hash_algo =
236 : m_libspdm_use_hash_algo;
237 1 : spdm_context->local_context.local_cert_chain_provision[0] =
238 : m_local_certificate_chain;
239 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
240 : sizeof(m_local_certificate_chain);
241 1 : libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain),
242 : (uint8_t)(0xFF));
243 :
244 1 : session_id = 0xFFFFFFFF;
245 1 : spdm_context->latest_session_id = session_id;
246 1 : spdm_context->last_spdm_request_session_id_valid = true;
247 1 : spdm_context->last_spdm_request_session_id = session_id;
248 1 : session_info = &spdm_context->session_info[0];
249 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
250 1 : libspdm_secured_message_set_session_state(
251 : session_info->secured_message_context,
252 : LIBSPDM_SESSION_STATE_ESTABLISHED);
253 :
254 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
255 : spdm_context->transcript.message_m.buffer_size =
256 : spdm_context->transcript.message_m.max_buffer_size;
257 : #endif
258 : /* Sub Case 1: Set multi_key_conn_req to true*/
259 1 : spdm_context->connection_info.multi_key_conn_req = true;
260 1 : libspdm_reset_message_encap_d(spdm_context, session_info);
261 :
262 1 : response_size = sizeof(response);
263 1 : status = libspdm_get_encap_response_digest(spdm_context,
264 : m_spdm_get_digests_request2_size,
265 : &m_spdm_get_digests_request2,
266 : &response_size, response);
267 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
268 1 : assert_int_equal(
269 : response_size,
270 : sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) +
271 : sizeof(spdm_certificate_info_t) +
272 : sizeof(spdm_key_usage_bit_mask_t) +
273 : libspdm_get_hash_size(spdm_context->connection_info
274 : .algorithm.base_hash_algo));
275 1 : spdm_response = (void *)response;
276 1 : assert_int_equal(spdm_response->header.request_response_code,
277 : SPDM_DIGESTS);
278 1 : assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size,
279 : sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) +
280 : sizeof(spdm_certificate_info_t) +
281 : sizeof(spdm_key_usage_bit_mask_t) +
282 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo));
283 :
284 : /* Sub Case 2: Set multi_key_conn_req to false*/
285 1 : spdm_context->connection_info.multi_key_conn_req = false;
286 1 : libspdm_reset_message_encap_d(spdm_context, session_info);
287 :
288 1 : response_size = sizeof(response);
289 1 : status = libspdm_get_encap_response_digest(spdm_context,
290 : m_spdm_get_digests_request2_size,
291 : &m_spdm_get_digests_request2,
292 : &response_size, response);
293 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
294 1 : assert_int_equal(
295 : response_size,
296 : sizeof(spdm_digest_response_t) +
297 : libspdm_get_hash_size(spdm_context->connection_info
298 : .algorithm.base_hash_algo));
299 1 : spdm_response = (void *)response;
300 1 : assert_int_equal(spdm_response->header.request_response_code,
301 : SPDM_DIGESTS);
302 1 : assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size, 0);
303 1 : }
304 :
305 : /**
306 : * Test 6: receives a valid GET_DIGESTS request message from Requester ,
307 : * Check KeyPairID CertificateInfo and KeyUsageMask
308 : * Expected Behavior: produces a valid DIGESTS response message
309 : **/
310 1 : void test_spdm_requester_encap_get_digests_case6(void **state)
311 : {
312 : libspdm_return_t status;
313 : libspdm_test_context_t *spdm_test_context;
314 : libspdm_context_t *spdm_context;
315 : size_t response_size;
316 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
317 : spdm_digest_response_t *spdm_response;
318 : libspdm_session_info_t *session_info;
319 : uint32_t session_id;
320 : uint8_t *digest;
321 : spdm_key_pair_id_t *key_pair_id;
322 : spdm_certificate_info_t *cert_info;
323 : spdm_key_usage_bit_mask_t *key_usage_bit_mask;
324 : uint32_t hash_size;
325 : uint8_t slot_count;
326 : size_t additional_size;
327 :
328 1 : spdm_test_context = *state;
329 1 : spdm_context = spdm_test_context->spdm_context;
330 1 : spdm_test_context->case_id = 0x6;
331 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13
332 : << SPDM_VERSION_NUMBER_SHIFT_BIT;
333 1 : spdm_context->connection_info.connection_state =
334 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
335 1 : spdm_context->local_context.capability.flags |=
336 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
337 1 : spdm_context->connection_info.algorithm.base_hash_algo =
338 : m_libspdm_use_hash_algo;
339 :
340 1 : slot_count = SPDM_MAX_SLOT_COUNT;
341 1 : additional_size = sizeof(spdm_key_pair_id_t) + sizeof(spdm_certificate_info_t) +
342 : sizeof(spdm_key_usage_bit_mask_t);
343 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
344 :
345 9 : for (uint8_t index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
346 8 : spdm_context->local_context.local_cert_chain_provision[index] =
347 8 : &m_local_certificate_chain[hash_size * index];
348 : spdm_context->local_context
349 8 : .local_cert_chain_provision_size[index] = hash_size;
350 : }
351 :
352 1 : libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain),
353 : (uint8_t)(0xFF));
354 :
355 1 : session_id = 0xFFFFFFFF;
356 1 : spdm_context->latest_session_id = session_id;
357 1 : spdm_context->last_spdm_request_session_id_valid = true;
358 1 : spdm_context->last_spdm_request_session_id = session_id;
359 1 : session_info = &spdm_context->session_info[0];
360 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
361 1 : libspdm_secured_message_set_session_state(
362 : session_info->secured_message_context,
363 : LIBSPDM_SESSION_STATE_ESTABLISHED);
364 :
365 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
366 : spdm_context->transcript.message_m.buffer_size =
367 : spdm_context->transcript.message_m.max_buffer_size;
368 : #endif
369 1 : spdm_context->connection_info.multi_key_conn_req = true;
370 1 : libspdm_reset_message_encap_d(spdm_context, session_info);
371 :
372 1 : response_size = sizeof(response);
373 1 : status = libspdm_get_encap_response_digest(spdm_context,
374 : m_spdm_get_digests_request2_size,
375 : &m_spdm_get_digests_request2,
376 : &response_size, response);
377 :
378 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
379 1 : assert_int_equal(response_size,
380 : sizeof(spdm_digest_response_t) + (hash_size + additional_size) * slot_count);
381 :
382 1 : spdm_response = (void *)response;
383 1 : assert_int_equal(spdm_response->header.request_response_code,
384 : SPDM_DIGESTS);
385 1 : assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size,
386 : sizeof(spdm_digest_response_t) + (hash_size + additional_size) * slot_count);
387 :
388 1 : digest = (void *)(spdm_response + 1);
389 1 : libspdm_zero_mem (digest, hash_size * slot_count);
390 1 : key_pair_id = (spdm_key_pair_id_t *)((uint8_t *)digest + (hash_size * slot_count));
391 1 : cert_info = (spdm_certificate_info_t *)((uint8_t *)key_pair_id +
392 1 : sizeof(spdm_key_pair_id_t) * slot_count);
393 1 : key_usage_bit_mask = (spdm_key_usage_bit_mask_t *)((uint8_t *)cert_info +
394 1 : sizeof(spdm_certificate_info_t) *
395 : slot_count);
396 9 : for (uint8_t index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
397 8 : assert_memory_equal((void *)&key_pair_id[index],
398 : (void *)&spdm_context->local_context.local_key_pair_id[index],
399 : sizeof(spdm_key_pair_id_t));
400 8 : assert_memory_equal((void *)&cert_info[index],
401 : (void *)&spdm_context->local_context.local_cert_info[index],
402 : sizeof(spdm_certificate_info_t));
403 8 : assert_memory_equal((void *)&key_usage_bit_mask[index],
404 : (void *)&spdm_context->local_context.local_key_usage_bit_mask[index],
405 : sizeof(spdm_key_usage_bit_mask_t));
406 : }
407 1 : }
408 :
409 1 : int libspdm_requester_encap_digests_test_main(void)
410 : {
411 1 : const struct CMUnitTest spdm_requester_digests_tests[] = {
412 : /* Success Case*/
413 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case1),
414 : /* Can be populated with new test.*/
415 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case2),
416 : /* Internal cache full (request message)*/
417 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case3),
418 : /* Internal cache full (response message)*/
419 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case4),
420 : /* Set multi_key_conn_req to check if it responds correctly */
421 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case5),
422 : /* Check KeyPairID CertificateInfo and KeyUsageMask*/
423 : cmocka_unit_test(test_spdm_requester_encap_get_digests_case6),
424 : };
425 :
426 1 : libspdm_test_context_t test_context = {
427 : LIBSPDM_TEST_CONTEXT_VERSION,
428 : false,
429 : };
430 :
431 1 : libspdm_setup_test_context(&test_context);
432 :
433 1 : return cmocka_run_group_tests(spdm_requester_digests_tests,
434 : libspdm_unit_test_group_setup,
435 : libspdm_unit_test_group_teardown);
436 : }
437 :
438 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (..) */
|
