Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2025-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 :
10 : #if (LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP) && (LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP)
11 :
12 : #pragma pack(1)
13 : typedef struct {
14 : spdm_message_header_t header;
15 : /* param1 - subcode of the request
16 : * param2 - Bit[7:4]: reserved
17 : * Bit[3:0]: slot_id */
18 : uint8_t request_attributes;
19 : uint8_t reserved[3];
20 : uint8_t nonce[32];
21 : } spdm_get_endpoint_info_request_max_t;
22 : #pragma pack()
23 :
24 : /* request signature, correct */
25 : spdm_get_endpoint_info_request_max_t m_libspdm_get_endpoint_info_request1 = {
26 : { SPDM_MESSAGE_VERSION_13, SPDM_GET_ENDPOINT_INFO,
27 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER, 0},
28 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
29 : {0, 0, 0},
30 : /* nonce */
31 : };
32 : size_t m_libspdm_get_endpoint_info_request1_size =
33 : sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
34 :
35 : /* request signature, correct, with slot_id == 0x1 */
36 : spdm_get_endpoint_info_request_max_t m_libspdm_get_endpoint_info_request2 = {
37 : { SPDM_MESSAGE_VERSION_13, SPDM_GET_ENDPOINT_INFO,
38 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER, 0x1},
39 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
40 : {0, 0, 0},
41 : /* nonce */
42 : };
43 : size_t m_libspdm_get_endpoint_info_request2_size =
44 : sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
45 :
46 : /* request signature, correct, with slot_id == 0xF */
47 : spdm_get_endpoint_info_request_max_t m_libspdm_get_endpoint_info_request3 = {
48 : { SPDM_MESSAGE_VERSION_13, SPDM_GET_ENDPOINT_INFO,
49 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER, 0xF},
50 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
51 : {0, 0, 0},
52 : /* nonce */
53 : };
54 : size_t m_libspdm_get_endpoint_info_request3_size =
55 : sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
56 :
57 : /* not request signature, correct */
58 : spdm_get_endpoint_info_request_max_t m_libspdm_get_endpoint_info_request4 = {
59 : { SPDM_MESSAGE_VERSION_13, SPDM_GET_ENDPOINT_INFO,
60 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER, 0},
61 : 0,
62 : {0, 0, 0},
63 : };
64 : size_t m_libspdm_get_endpoint_info_request4_size =
65 : sizeof(spdm_get_endpoint_info_request_t);
66 :
67 : /**
68 : * Test 1: Successful response to get endpoint_info with signature
69 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code,
70 : * correct transcript.message_encap_e size,
71 : * correct response message size and fields
72 : * correct signature verification
73 : **/
74 1 : static void req_encap_endpoint_info_case1(void **state)
75 : {
76 : libspdm_return_t status;
77 : libspdm_test_context_t *spdm_test_context;
78 : libspdm_context_t *spdm_context;
79 : libspdm_session_info_t* session_info;
80 : size_t response_size;
81 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
82 : spdm_endpoint_info_response_t *spdm_response;
83 : uint32_t endpoint_info_size;
84 : uint8_t endpoint_info_buffer[LIBSPDM_MAX_ENDPOINT_INFO_LENGTH];
85 : void* signature;
86 : size_t signature_size;
87 : bool result;
88 : void *data;
89 : size_t data_size;
90 :
91 1 : spdm_test_context = *state;
92 1 : spdm_context = spdm_test_context->spdm_context;
93 1 : spdm_test_context->case_id = 0x1;
94 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
95 : SPDM_VERSION_NUMBER_SHIFT_BIT;
96 1 : spdm_context->local_context.capability.flags = 0;
97 1 : spdm_context->local_context.capability.flags |=
98 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG;
99 1 : spdm_context->connection_info.capability.flags = 0;
100 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
101 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
102 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
103 :
104 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
105 : m_libspdm_use_req_asym_algo, &data,
106 : &data_size, NULL, NULL);
107 :
108 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
109 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
110 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
111 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
112 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
113 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
114 : data, data_size);
115 : #else
116 1 : libspdm_hash_all(
117 : spdm_context->connection_info.algorithm.base_hash_algo,
118 : data, data_size,
119 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
120 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
121 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
122 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
123 : spdm_context->connection_info.algorithm.base_hash_algo,
124 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
125 : data, data_size,
126 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
127 : #endif
128 :
129 1 : session_info = NULL;
130 :
131 1 : libspdm_reset_message_encap_e(spdm_context, session_info);
132 1 : response_size = sizeof(response);
133 1 : libspdm_get_random_number(SPDM_NONCE_SIZE,
134 : m_libspdm_get_endpoint_info_request1.nonce);
135 1 : status = libspdm_get_encap_response_endpoint_info(
136 : spdm_context, m_libspdm_get_endpoint_info_request1_size,
137 : &m_libspdm_get_endpoint_info_request1, &response_size, response);
138 :
139 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
140 :
141 : /* response size check */
142 1 : endpoint_info_size = 0;
143 1 : libspdm_generate_device_endpoint_info(
144 : spdm_context, SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER,
145 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
146 : &endpoint_info_size, endpoint_info_buffer);
147 2 : signature_size = libspdm_get_asym_signature_size(
148 1 : spdm_context->connection_info.algorithm.req_base_asym_alg);
149 1 : assert_int_equal(response_size,
150 : sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
151 : sizeof(uint32_t) + endpoint_info_size + signature_size);
152 1 : spdm_response = (void *)response;
153 :
154 : /* response message check */
155 1 : assert_int_equal(spdm_response->header.request_response_code,
156 : SPDM_ENDPOINT_INFO);
157 :
158 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
159 : /* transcript.message_encap_e size check */
160 : assert_int_equal(spdm_context->transcript.message_encap_e.buffer_size, 0);
161 : #endif
162 :
163 : /* signature verification */
164 1 : status = libspdm_append_message_encap_e(spdm_context, session_info,
165 : &m_libspdm_get_endpoint_info_request1,
166 : m_libspdm_get_endpoint_info_request1_size);
167 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
168 :
169 1 : status = libspdm_append_message_encap_e(spdm_context, session_info, spdm_response,
170 : response_size - signature_size);
171 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
172 :
173 1 : signature = (void *)((uint8_t *)spdm_response + response_size - signature_size);
174 1 : result = libspdm_verify_endpoint_info_signature(
175 1 : spdm_context, session_info, false, m_libspdm_get_endpoint_info_request1.header.param2,
176 : signature, signature_size);
177 1 : assert_true(result);
178 1 : }
179 :
180 : /**
181 : * Test 2: Successful response to get endpoint_info with signature, slot_id == 0x1
182 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code,
183 : * correct transcript.message_encap_e size,
184 : * correct response message size and fields
185 : * correct signature verification
186 : **/
187 1 : static void req_encap_endpoint_info_case2(void **state)
188 : {
189 : libspdm_return_t status;
190 : libspdm_test_context_t *spdm_test_context;
191 : libspdm_context_t *spdm_context;
192 : libspdm_session_info_t* session_info;
193 : size_t response_size;
194 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
195 : spdm_endpoint_info_response_t *spdm_response;
196 : uint32_t endpoint_info_size;
197 : uint8_t endpoint_info_buffer[LIBSPDM_MAX_ENDPOINT_INFO_LENGTH];
198 : void* signature;
199 : size_t signature_size;
200 : bool result;
201 : void *data;
202 : size_t data_size;
203 :
204 1 : spdm_test_context = *state;
205 1 : spdm_context = spdm_test_context->spdm_context;
206 1 : spdm_test_context->case_id = 0x2;
207 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
208 : SPDM_VERSION_NUMBER_SHIFT_BIT;
209 1 : spdm_context->local_context.capability.flags = 0;
210 1 : spdm_context->local_context.capability.flags |=
211 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG;
212 1 : spdm_context->connection_info.capability.flags = 0;
213 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
214 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
215 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
216 :
217 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
218 : m_libspdm_use_req_asym_algo, &data,
219 : &data_size, NULL, NULL);
220 1 : spdm_context->local_context.local_cert_chain_provision_size[1] = data_size;
221 1 : spdm_context->local_context.local_cert_chain_provision[1] = data;
222 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
223 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_size = data_size;
224 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[1].buffer,
225 : sizeof(spdm_context->connection_info.peer_used_cert_chain[1].buffer),
226 : data, data_size);
227 : #else
228 1 : libspdm_hash_all(
229 : spdm_context->connection_info.algorithm.base_hash_algo,
230 : data, data_size,
231 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash);
232 1 : spdm_context->connection_info.peer_used_cert_chain[1].buffer_hash_size =
233 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
234 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
235 : spdm_context->connection_info.algorithm.base_hash_algo,
236 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
237 : data, data_size,
238 : &spdm_context->connection_info.peer_used_cert_chain[1].leaf_cert_public_key);
239 : #endif
240 :
241 1 : session_info = NULL;
242 :
243 1 : libspdm_reset_message_encap_e(spdm_context, session_info);
244 1 : response_size = sizeof(response);
245 1 : libspdm_get_random_number(SPDM_NONCE_SIZE,
246 : m_libspdm_get_endpoint_info_request1.nonce);
247 1 : status = libspdm_get_encap_response_endpoint_info(
248 : spdm_context, m_libspdm_get_endpoint_info_request2_size,
249 : &m_libspdm_get_endpoint_info_request2, &response_size, response);
250 :
251 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
252 :
253 : /* response size check */
254 1 : endpoint_info_size = 0;
255 1 : libspdm_generate_device_endpoint_info(
256 : spdm_context, SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER,
257 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
258 : &endpoint_info_size, endpoint_info_buffer);
259 2 : signature_size = libspdm_get_asym_signature_size(
260 1 : spdm_context->connection_info.algorithm.req_base_asym_alg);
261 1 : assert_int_equal(response_size,
262 : sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
263 : sizeof(uint32_t) + endpoint_info_size + signature_size);
264 1 : spdm_response = (void *)response;
265 :
266 : /* response message check */
267 1 : assert_int_equal(spdm_response->header.request_response_code,
268 : SPDM_ENDPOINT_INFO);
269 :
270 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
271 : /* transcript.message_encap_e size check */
272 : assert_int_equal(spdm_context->transcript.message_encap_e.buffer_size, 0);
273 : #endif
274 :
275 : /* signature verification */
276 1 : status = libspdm_append_message_encap_e(spdm_context, session_info,
277 : &m_libspdm_get_endpoint_info_request2,
278 : m_libspdm_get_endpoint_info_request2_size);
279 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
280 :
281 1 : status = libspdm_append_message_encap_e(spdm_context, session_info, spdm_response,
282 : response_size - signature_size);
283 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
284 :
285 1 : signature = (void *)((uint8_t *)spdm_response + response_size - signature_size);
286 1 : result = libspdm_verify_endpoint_info_signature(
287 1 : spdm_context, session_info, false, m_libspdm_get_endpoint_info_request2.header.param2,
288 : signature, signature_size);
289 1 : assert_true(result);
290 1 : }
291 :
292 : /**
293 : * Test 3: Successful response to get endpoint_info with signature, slot_id == 0xF
294 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code,
295 : * correct transcript.message_encap_e size,
296 : * correct response message size and fields
297 : * correct signature verification
298 : **/
299 1 : static void req_encap_endpoint_info_case3(void **state)
300 : {
301 : libspdm_return_t status;
302 : libspdm_test_context_t *spdm_test_context;
303 : libspdm_context_t *spdm_context;
304 : libspdm_session_info_t* session_info;
305 : size_t response_size;
306 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
307 : spdm_endpoint_info_response_t *spdm_response;
308 : uint32_t endpoint_info_size;
309 : uint8_t endpoint_info_buffer[LIBSPDM_MAX_ENDPOINT_INFO_LENGTH];
310 : void* signature;
311 : size_t signature_size;
312 : bool result;
313 : void *data;
314 : size_t data_size;
315 :
316 1 : spdm_test_context = *state;
317 1 : spdm_context = spdm_test_context->spdm_context;
318 1 : spdm_test_context->case_id = 0x3;
319 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
320 : SPDM_VERSION_NUMBER_SHIFT_BIT;
321 1 : spdm_context->local_context.capability.flags = 0;
322 1 : spdm_context->local_context.capability.flags |=
323 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG;
324 1 : spdm_context->connection_info.capability.flags = 0;
325 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
326 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
327 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
328 :
329 1 : libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data, &data_size);
330 1 : spdm_context->local_context.local_public_key_provision = data;
331 1 : spdm_context->local_context.local_public_key_provision_size = data_size;
332 1 : spdm_context->encap_context.req_slot_id = 0xF;
333 1 : spdm_context->local_context.peer_public_key_provision = data;
334 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
335 :
336 1 : session_info = NULL;
337 :
338 1 : libspdm_reset_message_encap_e(spdm_context, session_info);
339 1 : response_size = sizeof(response);
340 1 : libspdm_get_random_number(SPDM_NONCE_SIZE,
341 : m_libspdm_get_endpoint_info_request1.nonce);
342 1 : status = libspdm_get_encap_response_endpoint_info(
343 : spdm_context, m_libspdm_get_endpoint_info_request3_size,
344 : &m_libspdm_get_endpoint_info_request3, &response_size, response);
345 :
346 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
347 :
348 : /* response size check */
349 1 : endpoint_info_size = 0;
350 1 : libspdm_generate_device_endpoint_info(
351 : spdm_context, SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER,
352 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
353 : &endpoint_info_size, endpoint_info_buffer);
354 2 : signature_size = libspdm_get_asym_signature_size(
355 1 : spdm_context->connection_info.algorithm.req_base_asym_alg);
356 1 : assert_int_equal(response_size,
357 : sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
358 : sizeof(uint32_t) + endpoint_info_size + signature_size);
359 1 : spdm_response = (void *)response;
360 :
361 : /* response message check */
362 1 : assert_int_equal(spdm_response->header.request_response_code,
363 : SPDM_ENDPOINT_INFO);
364 :
365 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
366 : /* transcript.message_encap_e size check */
367 : assert_int_equal(spdm_context->transcript.message_encap_e.buffer_size, 0);
368 : #endif
369 :
370 : /* signature verification */
371 1 : status = libspdm_append_message_encap_e(spdm_context, session_info,
372 : &m_libspdm_get_endpoint_info_request3,
373 : m_libspdm_get_endpoint_info_request3_size);
374 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
375 :
376 1 : status = libspdm_append_message_encap_e(spdm_context, session_info, spdm_response,
377 : response_size - signature_size);
378 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
379 :
380 1 : signature = (void *)((uint8_t *)spdm_response + response_size - signature_size);
381 1 : result = libspdm_verify_endpoint_info_signature(
382 1 : spdm_context, session_info, false, m_libspdm_get_endpoint_info_request3.header.param2,
383 : signature, signature_size);
384 1 : assert_true(result);
385 1 : }
386 :
387 : /**
388 : * Test 4: Successful response to get endpoint_info without signature
389 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code,
390 : * correct response message size and fields
391 : **/
392 1 : static void req_encap_endpoint_info_case4(void **state)
393 : {
394 : libspdm_return_t status;
395 : libspdm_test_context_t *spdm_test_context;
396 : libspdm_context_t *spdm_context;
397 : size_t response_size;
398 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
399 : spdm_endpoint_info_response_t *spdm_response;
400 : uint32_t endpoint_info_size;
401 : uint8_t endpoint_info_buffer[LIBSPDM_MAX_ENDPOINT_INFO_LENGTH];
402 :
403 1 : spdm_test_context = *state;
404 1 : spdm_context = spdm_test_context->spdm_context;
405 1 : spdm_test_context->case_id = 0x4;
406 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
407 : SPDM_VERSION_NUMBER_SHIFT_BIT;
408 1 : spdm_context->local_context.capability.flags = 0;
409 1 : spdm_context->local_context.capability.flags |=
410 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_NO_SIG;
411 1 : spdm_context->connection_info.capability.flags = 0;
412 :
413 1 : response_size = sizeof(response);
414 1 : status = libspdm_get_encap_response_endpoint_info(
415 : spdm_context, m_libspdm_get_endpoint_info_request4_size,
416 : &m_libspdm_get_endpoint_info_request4, &response_size, response);
417 :
418 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
419 :
420 : /* response size check */
421 1 : endpoint_info_size = 0;
422 1 : libspdm_generate_device_endpoint_info(
423 : spdm_context, SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER,
424 : 0, &endpoint_info_size, endpoint_info_buffer);
425 1 : assert_int_equal(response_size,
426 : sizeof(spdm_endpoint_info_response_t) +
427 : sizeof(uint32_t) + endpoint_info_size);
428 1 : spdm_response = (void *)response;
429 :
430 : /* response message check */
431 1 : assert_int_equal(spdm_response->header.request_response_code,
432 : SPDM_ENDPOINT_INFO);
433 1 : assert_int_equal(spdm_response->header.param2, 0);
434 1 : }
435 :
436 : /**
437 : * Test 5: Successful response to get session-based endpoint_info with signature
438 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code,
439 : * correct transcript.message_encap_e size,
440 : * correct response message size and fields
441 : * correct signature verification
442 : **/
443 1 : static void req_encap_endpoint_info_case5(void **state)
444 : {
445 : libspdm_return_t status;
446 : libspdm_test_context_t *spdm_test_context;
447 : libspdm_context_t *spdm_context;
448 : libspdm_session_info_t* session_info;
449 : size_t response_size;
450 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
451 : spdm_endpoint_info_response_t *spdm_response;
452 : uint32_t endpoint_info_size;
453 : uint8_t endpoint_info_buffer[LIBSPDM_MAX_ENDPOINT_INFO_LENGTH];
454 : void* signature;
455 : size_t signature_size;
456 : bool result;
457 : void *data;
458 : size_t data_size;
459 : uint32_t session_id;
460 :
461 1 : spdm_test_context = *state;
462 1 : spdm_context = spdm_test_context->spdm_context;
463 1 : spdm_test_context->case_id = 0x1;
464 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
465 : SPDM_VERSION_NUMBER_SHIFT_BIT;
466 1 : spdm_context->local_context.capability.flags = 0;
467 1 : spdm_context->local_context.capability.flags |=
468 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG;
469 1 : spdm_context->connection_info.capability.flags = 0;
470 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
471 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
472 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
473 :
474 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
475 : m_libspdm_use_req_asym_algo, &data,
476 : &data_size, NULL, NULL);
477 :
478 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
479 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
480 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
481 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
482 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
483 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
484 : data, data_size);
485 : #else
486 1 : libspdm_hash_all(
487 : spdm_context->connection_info.algorithm.base_hash_algo,
488 : data, data_size,
489 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
490 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
491 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
492 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
493 : spdm_context->connection_info.algorithm.base_hash_algo,
494 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
495 : data, data_size,
496 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
497 : #endif
498 :
499 1 : session_id = 0xFFFFFFFF;
500 1 : spdm_context->latest_session_id = session_id;
501 1 : spdm_context->last_spdm_request_session_id_valid = true;
502 1 : spdm_context->last_spdm_request_session_id = session_id;
503 1 : session_info = &spdm_context->session_info[0];
504 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
505 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
506 1 : libspdm_secured_message_set_session_state(
507 : session_info->secured_message_context,
508 : LIBSPDM_SESSION_STATE_ESTABLISHED);
509 :
510 1 : libspdm_reset_message_encap_e(spdm_context, session_info);
511 1 : response_size = sizeof(response);
512 1 : libspdm_get_random_number(SPDM_NONCE_SIZE,
513 : m_libspdm_get_endpoint_info_request1.nonce);
514 1 : status = libspdm_get_encap_response_endpoint_info(
515 : spdm_context, m_libspdm_get_endpoint_info_request1_size,
516 : &m_libspdm_get_endpoint_info_request1, &response_size, response);
517 :
518 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
519 :
520 : /* response size check */
521 1 : endpoint_info_size = 0;
522 1 : libspdm_generate_device_endpoint_info(
523 : spdm_context, SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER,
524 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED,
525 : &endpoint_info_size, endpoint_info_buffer);
526 2 : signature_size = libspdm_get_asym_signature_size(
527 1 : spdm_context->connection_info.algorithm.req_base_asym_alg);
528 1 : assert_int_equal(response_size,
529 : sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
530 : sizeof(uint32_t) + endpoint_info_size + signature_size);
531 1 : spdm_response = (void *)response;
532 :
533 : /* response message check */
534 1 : assert_int_equal(spdm_response->header.request_response_code,
535 : SPDM_ENDPOINT_INFO);
536 :
537 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
538 : /* transcript.message_encap_e size check */
539 : assert_int_equal(session_info->session_transcript.message_encap_e.buffer_size, 0);
540 : #endif
541 :
542 : /* signature verification */
543 1 : status = libspdm_append_message_encap_e(spdm_context, session_info,
544 : &m_libspdm_get_endpoint_info_request1,
545 : m_libspdm_get_endpoint_info_request1_size);
546 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
547 :
548 1 : status = libspdm_append_message_encap_e(spdm_context, session_info, spdm_response,
549 : response_size - signature_size);
550 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
551 :
552 1 : signature = (void *)((uint8_t *)spdm_response + response_size - signature_size);
553 1 : result = libspdm_verify_endpoint_info_signature(
554 1 : spdm_context, session_info, false, m_libspdm_get_endpoint_info_request1.header.param2,
555 : signature, signature_size);
556 1 : assert_true(result);
557 1 : }
558 :
559 1 : int libspdm_req_encap_endpoint_info_test(void)
560 : {
561 1 : const struct CMUnitTest test_cases[] = {
562 : /* Successful response to get endpoint_info with signature */
563 : cmocka_unit_test(req_encap_endpoint_info_case1),
564 : /* Successful response to get endpoint_info with signature, slot_id == 0x1 */
565 : cmocka_unit_test(req_encap_endpoint_info_case2),
566 : /* Successful response to get endpoint_info with signature, slot_id == 0xF */
567 : cmocka_unit_test(req_encap_endpoint_info_case3),
568 : /* Successful response to get endpoint_info without signature */
569 : cmocka_unit_test(req_encap_endpoint_info_case4),
570 : /* Successful response to get session-based endpoint_info with signature */
571 : cmocka_unit_test(req_encap_endpoint_info_case5),
572 : };
573 :
574 1 : libspdm_test_context_t test_context = {
575 : LIBSPDM_TEST_CONTEXT_VERSION,
576 : false,
577 : };
578 :
579 1 : libspdm_setup_test_context(&test_context);
580 :
581 1 : return cmocka_run_group_tests(test_cases,
582 : libspdm_unit_test_group_setup,
583 : libspdm_unit_test_group_teardown);
584 : }
585 :
586 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP) && (...) */
|
