Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP)
12 :
13 : static uint8_t m_dummy_key_buffer[LIBSPDM_MAX_AEAD_KEY_SIZE];
14 : static uint8_t m_dummy_salt_buffer[LIBSPDM_MAX_AEAD_IV_SIZE];
15 :
16 28 : static void libspdm_secured_message_set_response_data_encryption_key(
17 : void *spdm_secured_message_context, const void *key, size_t key_size)
18 : {
19 : libspdm_secured_message_context_t *secured_message_context;
20 :
21 28 : secured_message_context = spdm_secured_message_context;
22 28 : LIBSPDM_ASSERT(key_size == secured_message_context->aead_key_size);
23 28 : libspdm_copy_mem(secured_message_context->application_secret.response_data_encryption_key,
24 : sizeof(secured_message_context->application_secret.response_data_encryption_key),
25 : key, secured_message_context->aead_key_size);
26 28 : }
27 :
28 28 : static void libspdm_secured_message_set_response_data_salt(
29 : void *spdm_secured_message_context, const void *salt,
30 : size_t salt_size)
31 : {
32 : libspdm_secured_message_context_t *secured_message_context;
33 :
34 28 : secured_message_context = spdm_secured_message_context;
35 28 : LIBSPDM_ASSERT(salt_size == secured_message_context->aead_iv_size);
36 28 : libspdm_copy_mem(secured_message_context->application_secret.response_data_salt,
37 : sizeof(secured_message_context->application_secret.response_data_salt),
38 : salt, secured_message_context->aead_iv_size);
39 28 : }
40 :
41 31 : static libspdm_return_t send_message(
42 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
43 : {
44 : libspdm_test_context_t *spdm_test_context;
45 :
46 31 : spdm_test_context = libspdm_get_test_context();
47 31 : switch (spdm_test_context->case_id) {
48 1 : case 0x1:
49 1 : return LIBSPDM_STATUS_SEND_FAIL;
50 1 : case 0x2:
51 1 : return LIBSPDM_STATUS_SUCCESS;
52 0 : case 0x3:
53 0 : return LIBSPDM_STATUS_SUCCESS;
54 1 : case 0x4:
55 1 : return LIBSPDM_STATUS_SUCCESS;
56 1 : case 0x5:
57 1 : return LIBSPDM_STATUS_SUCCESS;
58 2 : case 0x6:
59 2 : return LIBSPDM_STATUS_SUCCESS;
60 1 : case 0x7:
61 1 : return LIBSPDM_STATUS_SUCCESS;
62 2 : case 0x8:
63 2 : return LIBSPDM_STATUS_SUCCESS;
64 2 : case 0x9:
65 2 : return LIBSPDM_STATUS_SUCCESS;
66 18 : case 0xA:
67 18 : return LIBSPDM_STATUS_SUCCESS;
68 1 : case 0xB:
69 1 : return LIBSPDM_STATUS_SUCCESS;
70 1 : case 0xC:
71 1 : return LIBSPDM_STATUS_SUCCESS;
72 0 : default:
73 0 : return LIBSPDM_STATUS_SEND_FAIL;
74 : }
75 : }
76 :
77 30 : static libspdm_return_t receive_message(
78 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
79 : {
80 : libspdm_test_context_t *spdm_test_context;
81 :
82 30 : spdm_test_context = libspdm_get_test_context();
83 30 : switch (spdm_test_context->case_id) {
84 0 : case 0x1:
85 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
86 :
87 1 : case 0x2: {
88 : spdm_end_session_response_t *spdm_response;
89 : size_t spdm_response_size;
90 : size_t transport_header_size;
91 : uint32_t session_id;
92 : libspdm_session_info_t *session_info;
93 : uint8_t *scratch_buffer;
94 : size_t scratch_buffer_size;
95 :
96 1 : session_id = 0xFFFFFFFF;
97 1 : spdm_response_size = sizeof(spdm_end_session_response_t);
98 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
99 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
100 :
101 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
102 1 : spdm_response->header.request_response_code =
103 : SPDM_END_SESSION_ACK;
104 1 : spdm_response->header.param1 = 0;
105 1 : spdm_response->header.param2 = 0;
106 :
107 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
108 : * transport_message is always in sender buffer. */
109 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
110 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
111 : scratch_buffer_size - transport_header_size,
112 : spdm_response, spdm_response_size);
113 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
114 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
115 : false, false, spdm_response_size,
116 : spdm_response, response_size,
117 : response);
118 1 : session_info = libspdm_get_session_info_via_session_id(
119 : spdm_context, session_id);
120 1 : if (session_info == NULL) {
121 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
122 : }
123 : /* WALKAROUND: If just use single context to encode message and then decode message */
124 : ((libspdm_secured_message_context_t
125 1 : *)(session_info->secured_message_context))
126 1 : ->application_secret.response_data_sequence_number--;
127 : }
128 1 : return LIBSPDM_STATUS_SUCCESS;
129 :
130 0 : case 0x3: {
131 : spdm_end_session_response_t *spdm_response;
132 : size_t spdm_response_size;
133 : size_t transport_header_size;
134 : uint32_t session_id;
135 : libspdm_session_info_t *session_info;
136 : uint8_t *scratch_buffer;
137 : size_t scratch_buffer_size;
138 :
139 0 : session_id = 0xFFFFFFFF;
140 0 : spdm_response_size = sizeof(spdm_end_session_response_t);
141 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
142 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
143 :
144 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
145 0 : spdm_response->header.request_response_code =
146 : SPDM_END_SESSION_ACK;
147 0 : spdm_response->header.param1 = 0;
148 0 : spdm_response->header.param2 = 0;
149 :
150 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
151 : * transport_message is always in sender buffer. */
152 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
153 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
154 : scratch_buffer_size - transport_header_size,
155 : spdm_response, spdm_response_size);
156 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
157 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
158 : false, false, spdm_response_size,
159 : spdm_response, response_size,
160 : response);
161 0 : session_info = libspdm_get_session_info_via_session_id(
162 : spdm_context, session_id);
163 0 : if (session_info == NULL) {
164 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
165 : }
166 : ((libspdm_secured_message_context_t
167 0 : *)(session_info->secured_message_context))
168 0 : ->application_secret.response_data_sequence_number--;
169 : }
170 0 : return LIBSPDM_STATUS_SUCCESS;
171 :
172 1 : case 0x4: {
173 : spdm_error_response_t *spdm_response;
174 : size_t spdm_response_size;
175 : size_t transport_header_size;
176 : uint32_t session_id;
177 : libspdm_session_info_t *session_info;
178 : uint8_t *scratch_buffer;
179 : size_t scratch_buffer_size;
180 :
181 1 : spdm_response_size = sizeof(spdm_error_response_t);
182 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
183 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
184 :
185 1 : session_id = 0xFFFFFFFF;
186 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
187 1 : spdm_response->header.request_response_code = SPDM_ERROR;
188 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
189 1 : spdm_response->header.param2 = 0;
190 :
191 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
192 : * transport_message is always in sender buffer. */
193 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
194 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
195 : scratch_buffer_size - transport_header_size,
196 : spdm_response, spdm_response_size);
197 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
198 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
199 : false, false,
200 : spdm_response_size,
201 : spdm_response,
202 : response_size, response);
203 1 : session_info = libspdm_get_session_info_via_session_id(
204 : spdm_context, session_id);
205 1 : if (session_info == NULL) {
206 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
207 : }
208 : ((libspdm_secured_message_context_t
209 1 : *)(session_info->secured_message_context))
210 1 : ->application_secret.response_data_sequence_number--;
211 : }
212 1 : return LIBSPDM_STATUS_SUCCESS;
213 :
214 1 : case 0x5: {
215 : spdm_error_response_t *spdm_response;
216 : size_t spdm_response_size;
217 : size_t transport_header_size;
218 : uint32_t session_id;
219 : libspdm_session_info_t *session_info;
220 : uint8_t *scratch_buffer;
221 : size_t scratch_buffer_size;
222 :
223 1 : spdm_response_size = sizeof(spdm_error_response_t);
224 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
225 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
226 :
227 1 : session_id = 0xFFFFFFFF;
228 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
229 1 : spdm_response->header.request_response_code = SPDM_ERROR;
230 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
231 1 : spdm_response->header.param2 = 0;
232 :
233 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
234 : * transport_message is always in sender buffer. */
235 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
236 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
237 : scratch_buffer_size - transport_header_size,
238 : spdm_response, spdm_response_size);
239 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
240 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
241 : false, false,
242 : spdm_response_size,
243 : spdm_response,
244 : response_size, response);
245 1 : session_info = libspdm_get_session_info_via_session_id(
246 : spdm_context, session_id);
247 1 : if (session_info == NULL) {
248 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
249 : }
250 : ((libspdm_secured_message_context_t
251 1 : *)(session_info->secured_message_context))
252 1 : ->application_secret.response_data_sequence_number--;
253 : }
254 1 : return LIBSPDM_STATUS_SUCCESS;
255 :
256 2 : case 0x6: {
257 : static size_t sub_index1 = 0;
258 2 : if (sub_index1 == 0) {
259 : spdm_error_response_t *spdm_response;
260 : size_t spdm_response_size;
261 : size_t transport_header_size;
262 : uint32_t session_id;
263 : libspdm_session_info_t *session_info;
264 : uint8_t *scratch_buffer;
265 : size_t scratch_buffer_size;
266 :
267 1 : spdm_response_size = sizeof(spdm_error_response_t);
268 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
269 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
270 :
271 1 : session_id = 0xFFFFFFFF;
272 1 : spdm_response->header.spdm_version =
273 : SPDM_MESSAGE_VERSION_11;
274 1 : spdm_response->header.request_response_code = SPDM_ERROR;
275 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
276 1 : spdm_response->header.param2 = 0;
277 :
278 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
279 : * transport_message is always in sender buffer. */
280 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
281 : &scratch_buffer_size);
282 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
283 : scratch_buffer_size - transport_header_size,
284 : spdm_response, spdm_response_size);
285 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
286 1 : libspdm_transport_test_encode_message(
287 : spdm_context, &session_id, false, false,
288 : spdm_response_size, spdm_response,
289 : response_size, response);
290 1 : sub_index1++;
291 1 : session_info = libspdm_get_session_info_via_session_id(
292 : spdm_context, session_id);
293 1 : if (session_info == NULL) {
294 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
295 : }
296 : ((libspdm_secured_message_context_t
297 1 : *)(session_info->secured_message_context))
298 : ->application_secret
299 1 : .response_data_sequence_number--;
300 1 : } else if (sub_index1 == 1) {
301 : spdm_end_session_response_t *spdm_response;
302 : size_t spdm_response_size;
303 : size_t transport_header_size;
304 : uint32_t session_id;
305 : libspdm_session_info_t *session_info;
306 : uint8_t *scratch_buffer;
307 : size_t scratch_buffer_size;
308 :
309 1 : session_id = 0xFFFFFFFF;
310 1 : spdm_response_size = sizeof(spdm_end_session_response_t);
311 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
312 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
313 :
314 1 : spdm_response->header.spdm_version =
315 : SPDM_MESSAGE_VERSION_11;
316 1 : spdm_response->header.request_response_code =
317 : SPDM_END_SESSION_ACK;
318 1 : spdm_response->header.param1 = 0;
319 1 : spdm_response->header.param2 = 0;
320 :
321 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
322 : * transport_message is always in sender buffer. */
323 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
324 : &scratch_buffer_size);
325 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
326 : scratch_buffer_size - transport_header_size,
327 : spdm_response, spdm_response_size);
328 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
329 1 : libspdm_transport_test_encode_message(
330 : spdm_context, &session_id, false, false,
331 : spdm_response_size, spdm_response, response_size,
332 : response);
333 1 : session_info = libspdm_get_session_info_via_session_id(
334 : spdm_context, session_id);
335 1 : if (session_info == NULL) {
336 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
337 : }
338 : ((libspdm_secured_message_context_t
339 1 : *)(session_info->secured_message_context))
340 : ->application_secret
341 1 : .response_data_sequence_number--;
342 : }
343 : }
344 2 : return LIBSPDM_STATUS_SUCCESS;
345 :
346 1 : case 0x7: {
347 : spdm_error_response_t *spdm_response;
348 : size_t spdm_response_size;
349 : size_t transport_header_size;
350 : uint32_t session_id;
351 : libspdm_session_info_t *session_info;
352 : uint8_t *scratch_buffer;
353 : size_t scratch_buffer_size;
354 :
355 1 : spdm_response_size = sizeof(spdm_error_response_t);
356 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
357 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
358 :
359 1 : session_id = 0xFFFFFFFF;
360 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
361 1 : spdm_response->header.request_response_code = SPDM_ERROR;
362 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
363 1 : spdm_response->header.param2 = 0;
364 :
365 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
366 : * transport_message is always in sender buffer. */
367 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
368 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
369 : scratch_buffer_size - transport_header_size,
370 : spdm_response, spdm_response_size);
371 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
372 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
373 : false, false,
374 : spdm_response_size,
375 : spdm_response,
376 : response_size, response);
377 1 : session_info = libspdm_get_session_info_via_session_id(
378 : spdm_context, session_id);
379 1 : if (session_info == NULL) {
380 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
381 : }
382 : ((libspdm_secured_message_context_t
383 1 : *)(session_info->secured_message_context))
384 1 : ->application_secret.response_data_sequence_number--;
385 : }
386 1 : return LIBSPDM_STATUS_SUCCESS;
387 :
388 2 : case 0x8: {
389 : spdm_error_response_data_response_not_ready_t *spdm_response;
390 : size_t spdm_response_size;
391 : size_t transport_header_size;
392 : uint32_t session_id;
393 : libspdm_session_info_t *session_info;
394 : uint8_t *scratch_buffer;
395 : size_t scratch_buffer_size;
396 :
397 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
398 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
399 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
400 :
401 2 : session_id = 0xFFFFFFFF;
402 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
403 2 : spdm_response->header.request_response_code = SPDM_ERROR;
404 2 : spdm_response->header.param1 =
405 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
406 2 : spdm_response->header.param2 = 0;
407 2 : spdm_response->extend_error_data.rd_exponent = 1;
408 2 : spdm_response->extend_error_data.rd_tm = 2;
409 2 : spdm_response->extend_error_data.request_code = SPDM_END_SESSION;
410 2 : spdm_response->extend_error_data.token = 0;
411 :
412 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
413 : * transport_message is always in sender buffer. */
414 2 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
415 2 : libspdm_copy_mem (scratch_buffer + transport_header_size,
416 : scratch_buffer_size - transport_header_size,
417 : spdm_response, spdm_response_size);
418 2 : spdm_response = (void *)(scratch_buffer + transport_header_size);
419 2 : libspdm_transport_test_encode_message(spdm_context, &session_id,
420 : false, false,
421 : spdm_response_size,
422 : spdm_response,
423 : response_size, response);
424 2 : session_info = libspdm_get_session_info_via_session_id(
425 : spdm_context, session_id);
426 2 : if (session_info == NULL) {
427 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
428 : }
429 : ((libspdm_secured_message_context_t
430 2 : *)(session_info->secured_message_context))
431 2 : ->application_secret.response_data_sequence_number--;
432 : }
433 2 : return LIBSPDM_STATUS_SUCCESS;
434 :
435 2 : case 0x9: {
436 : static size_t sub_index2 = 0;
437 2 : if (sub_index2 == 0) {
438 : spdm_error_response_data_response_not_ready_t
439 : *spdm_response;
440 : size_t spdm_response_size;
441 : size_t transport_header_size;
442 : uint32_t session_id;
443 : libspdm_session_info_t *session_info;
444 : uint8_t *scratch_buffer;
445 : size_t scratch_buffer_size;
446 :
447 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
448 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
449 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
450 :
451 1 : session_id = 0xFFFFFFFF;
452 1 : spdm_response->header.spdm_version =
453 : SPDM_MESSAGE_VERSION_11;
454 1 : spdm_response->header.request_response_code = SPDM_ERROR;
455 1 : spdm_response->header.param1 =
456 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
457 1 : spdm_response->header.param2 = 0;
458 1 : spdm_response->extend_error_data.rd_exponent = 1;
459 1 : spdm_response->extend_error_data.rd_tm = 2;
460 1 : spdm_response->extend_error_data.request_code =
461 : SPDM_END_SESSION;
462 1 : spdm_response->extend_error_data.token = 1;
463 :
464 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
465 : * transport_message is always in sender buffer. */
466 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
467 : &scratch_buffer_size);
468 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
469 : scratch_buffer_size - transport_header_size,
470 : spdm_response, spdm_response_size);
471 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
472 1 : libspdm_transport_test_encode_message(
473 : spdm_context, &session_id, false, false,
474 : spdm_response_size, spdm_response,
475 : response_size, response);
476 1 : sub_index2++;
477 1 : session_info = libspdm_get_session_info_via_session_id(
478 : spdm_context, session_id);
479 1 : if (session_info == NULL) {
480 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
481 : }
482 : ((libspdm_secured_message_context_t
483 1 : *)(session_info->secured_message_context))
484 : ->application_secret
485 1 : .response_data_sequence_number--;
486 1 : } else if (sub_index2 == 1) {
487 : spdm_end_session_response_t *spdm_response;
488 : size_t spdm_response_size;
489 : size_t transport_header_size;
490 : uint32_t session_id;
491 : libspdm_session_info_t *session_info;
492 : uint8_t *scratch_buffer;
493 : size_t scratch_buffer_size;
494 :
495 1 : session_id = 0xFFFFFFFF;
496 1 : spdm_response_size = sizeof(spdm_end_session_response_t);
497 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
498 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
499 :
500 1 : spdm_response->header.spdm_version =
501 : SPDM_MESSAGE_VERSION_11;
502 1 : spdm_response->header.request_response_code =
503 : SPDM_END_SESSION_ACK;
504 1 : spdm_response->header.param1 = 0;
505 1 : spdm_response->header.param2 = 0;
506 :
507 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
508 : * transport_message is always in sender buffer. */
509 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
510 : &scratch_buffer_size);
511 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
512 : scratch_buffer_size - transport_header_size,
513 : spdm_response, spdm_response_size);
514 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
515 1 : libspdm_transport_test_encode_message(
516 : spdm_context, &session_id, false, false,
517 : spdm_response_size, spdm_response, response_size,
518 : response);
519 1 : session_info = libspdm_get_session_info_via_session_id(
520 : spdm_context, session_id);
521 1 : if (session_info == NULL) {
522 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
523 : }
524 : ((libspdm_secured_message_context_t
525 1 : *)(session_info->secured_message_context))
526 : ->application_secret
527 1 : .response_data_sequence_number--;
528 : }
529 : }
530 2 : return LIBSPDM_STATUS_SUCCESS;
531 :
532 18 : case 0xA:
533 : {
534 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
535 :
536 : spdm_error_response_t *spdm_response;
537 : size_t spdm_response_size;
538 : size_t transport_header_size;
539 : uint32_t session_id;
540 : libspdm_session_info_t *session_info;
541 : uint8_t *scratch_buffer;
542 : size_t scratch_buffer_size;
543 :
544 18 : spdm_response_size = sizeof(spdm_error_response_t);
545 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
546 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
547 :
548 18 : session_id = 0xFFFFFFFF;
549 :
550 18 : if(error_code <= 0xff) {
551 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
552 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
553 18 : spdm_response->header.request_response_code = SPDM_ERROR;
554 18 : spdm_response->header.param1 = (uint8_t) error_code;
555 18 : spdm_response->header.param2 = 0;
556 :
557 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
558 : * transport_message is always in sender buffer. */
559 18 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
560 : &scratch_buffer_size);
561 18 : libspdm_copy_mem (scratch_buffer + transport_header_size,
562 : scratch_buffer_size - transport_header_size,
563 : spdm_response, spdm_response_size);
564 18 : spdm_response = (void *)(scratch_buffer + transport_header_size);
565 18 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
566 : spdm_response_size, spdm_response,
567 : response_size, response);
568 18 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
569 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
570 18 : application_secret.response_data_sequence_number--;
571 : }
572 :
573 18 : error_code++;
574 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
575 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
576 : }
577 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
578 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
579 : }
580 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
581 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
582 : }
583 : }
584 18 : return LIBSPDM_STATUS_SUCCESS;
585 1 : case 0xB: {
586 : spdm_end_session_response_t *spdm_response;
587 : size_t spdm_response_size;
588 : size_t transport_header_size;
589 : uint32_t session_id;
590 : libspdm_session_info_t *session_info;
591 : uint8_t *scratch_buffer;
592 : size_t scratch_buffer_size;
593 :
594 1 : session_id = 0xFFFFFFFF;
595 1 : spdm_response_size = sizeof(spdm_end_session_response_t);
596 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
597 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
598 :
599 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
600 1 : spdm_response->header.request_response_code =
601 : SPDM_END_SESSION_ACK;
602 1 : spdm_response->header.param1 = 0;
603 1 : spdm_response->header.param2 = 0;
604 :
605 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
606 : * transport_message is always in sender buffer. */
607 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
608 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
609 : scratch_buffer_size - transport_header_size,
610 : spdm_response, spdm_response_size);
611 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
612 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
613 : false, false, spdm_response_size,
614 : spdm_response, response_size,
615 : response);
616 1 : session_info = libspdm_get_session_info_via_session_id(
617 : spdm_context, session_id);
618 1 : if (session_info == NULL) {
619 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
620 : }
621 : /* WALKAROUND: If just use single context to encode message and then decode message */
622 : ((libspdm_secured_message_context_t
623 1 : *)(session_info->secured_message_context))
624 1 : ->application_secret.response_data_sequence_number--;
625 : }
626 1 : return LIBSPDM_STATUS_SUCCESS;
627 1 : case 0xC: {
628 : spdm_error_response_t *spdm_response;
629 : size_t spdm_response_size;
630 : size_t transport_header_size;
631 : uint32_t session_id;
632 : libspdm_session_info_t *session_info;
633 : uint8_t *scratch_buffer;
634 : size_t scratch_buffer_size;
635 :
636 1 : spdm_response_size = sizeof(spdm_error_response_t);
637 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
638 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
639 :
640 1 : session_id = 0xFFFFFFFF;
641 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
642 1 : spdm_response->header.request_response_code = SPDM_ERROR;
643 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
644 1 : spdm_response->header.param2 = 0;
645 :
646 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
647 : * transport_message is always in sender buffer. */
648 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
649 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
650 : scratch_buffer_size - transport_header_size,
651 : spdm_response, spdm_response_size);
652 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
653 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
654 : false, false,
655 : spdm_response_size,
656 : spdm_response,
657 : response_size, response);
658 1 : session_info = libspdm_get_session_info_via_session_id(
659 : spdm_context, session_id);
660 1 : if (session_info == NULL) {
661 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
662 : }
663 : ((libspdm_secured_message_context_t
664 1 : *)(session_info->secured_message_context))
665 1 : ->application_secret.response_data_sequence_number--;
666 : }
667 1 : return LIBSPDM_STATUS_SUCCESS;
668 :
669 0 : default:
670 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
671 : }
672 : }
673 :
674 1 : static void req_end_session_case1(void **state)
675 : {
676 : libspdm_return_t status;
677 : libspdm_test_context_t *spdm_test_context;
678 : libspdm_context_t *spdm_context;
679 : uint32_t session_id;
680 : void *data;
681 : size_t data_size;
682 : void *hash;
683 : size_t hash_size;
684 : libspdm_session_info_t *session_info;
685 :
686 1 : spdm_test_context = *state;
687 1 : spdm_context = spdm_test_context->spdm_context;
688 1 : spdm_test_context->case_id = 0x1;
689 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
690 : SPDM_VERSION_NUMBER_SHIFT_BIT;
691 1 : spdm_context->connection_info.connection_state =
692 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
693 1 : spdm_context->connection_info.capability.flags |=
694 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
695 1 : spdm_context->connection_info.capability.flags |=
696 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
697 1 : spdm_context->connection_info.capability.flags |=
698 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
699 1 : spdm_context->local_context.capability.flags |=
700 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
701 1 : spdm_context->local_context.capability.flags |=
702 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
703 1 : spdm_context->local_context.capability.flags |=
704 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
705 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
706 : m_libspdm_use_asym_algo, &data,
707 : &data_size, &hash, &hash_size)) {
708 0 : assert(false);
709 : }
710 1 : libspdm_reset_message_a(spdm_context);
711 1 : spdm_context->connection_info.algorithm.base_hash_algo =
712 : m_libspdm_use_hash_algo;
713 1 : spdm_context->connection_info.algorithm.base_asym_algo =
714 : m_libspdm_use_asym_algo;
715 1 : spdm_context->connection_info.algorithm.dhe_named_group =
716 : m_libspdm_use_dhe_algo;
717 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
718 : m_libspdm_use_aead_algo;
719 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
720 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
721 : data_size;
722 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
723 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
724 : data, data_size);
725 : #endif
726 :
727 1 : session_id = 0xFFFFFFFF;
728 1 : session_info = &spdm_context->session_info[0];
729 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
730 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
731 1 : libspdm_secured_message_set_session_state(
732 : session_info->secured_message_context,
733 : LIBSPDM_SESSION_STATE_ESTABLISHED);
734 :
735 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
736 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
737 1 : free(data);
738 1 : }
739 :
740 1 : static void req_end_session_case2(void **state)
741 : {
742 : libspdm_return_t status;
743 : libspdm_test_context_t *spdm_test_context;
744 : libspdm_context_t *spdm_context;
745 : uint32_t session_id;
746 : void *data;
747 : size_t data_size;
748 : void *hash;
749 : size_t hash_size;
750 : libspdm_session_info_t *session_info;
751 :
752 1 : spdm_test_context = *state;
753 1 : spdm_context = spdm_test_context->spdm_context;
754 1 : spdm_test_context->case_id = 0x2;
755 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
756 : SPDM_VERSION_NUMBER_SHIFT_BIT;
757 1 : spdm_context->connection_info.connection_state =
758 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
759 1 : spdm_context->connection_info.capability.flags |=
760 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
761 1 : spdm_context->connection_info.capability.flags |=
762 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
763 1 : spdm_context->connection_info.capability.flags |=
764 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
765 1 : spdm_context->local_context.capability.flags |=
766 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
767 1 : spdm_context->local_context.capability.flags |=
768 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
769 1 : spdm_context->local_context.capability.flags |=
770 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
771 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
772 : m_libspdm_use_asym_algo, &data,
773 : &data_size, &hash, &hash_size)) {
774 0 : assert(false);
775 : }
776 1 : libspdm_reset_message_a(spdm_context);
777 1 : spdm_context->connection_info.algorithm.base_hash_algo =
778 : m_libspdm_use_hash_algo;
779 1 : spdm_context->connection_info.algorithm.base_asym_algo =
780 : m_libspdm_use_asym_algo;
781 1 : spdm_context->connection_info.algorithm.dhe_named_group =
782 : m_libspdm_use_dhe_algo;
783 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
784 : m_libspdm_use_aead_algo;
785 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
786 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
787 : data_size;
788 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
789 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
790 : data, data_size);
791 : #endif
792 :
793 1 : session_id = 0xFFFFFFFF;
794 1 : session_info = &spdm_context->session_info[0];
795 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
796 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
797 1 : libspdm_secured_message_set_session_state(
798 : session_info->secured_message_context,
799 : LIBSPDM_SESSION_STATE_ESTABLISHED);
800 1 : libspdm_set_mem(m_dummy_key_buffer,
801 : ((libspdm_secured_message_context_t
802 1 : *)(session_info->secured_message_context))
803 : ->aead_key_size,
804 : (uint8_t)(0xFF));
805 1 : libspdm_secured_message_set_response_data_encryption_key(
806 : session_info->secured_message_context, m_dummy_key_buffer,
807 : ((libspdm_secured_message_context_t
808 1 : *)(session_info->secured_message_context))
809 : ->aead_key_size);
810 1 : libspdm_set_mem(m_dummy_salt_buffer,
811 : ((libspdm_secured_message_context_t
812 1 : *)(session_info->secured_message_context))
813 : ->aead_iv_size,
814 : (uint8_t)(0xFF));
815 1 : libspdm_secured_message_set_response_data_salt(
816 : session_info->secured_message_context, m_dummy_salt_buffer,
817 : ((libspdm_secured_message_context_t
818 1 : *)(session_info->secured_message_context))
819 : ->aead_iv_size);
820 : ((libspdm_secured_message_context_t *)(session_info
821 1 : ->secured_message_context))
822 1 : ->application_secret.response_data_sequence_number = 0;
823 :
824 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
825 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
826 1 : assert_int_equal(
827 : libspdm_secured_message_get_session_state(
828 : spdm_context->session_info[0].secured_message_context),
829 : LIBSPDM_SESSION_STATE_NOT_STARTED);
830 1 : free(data);
831 1 : }
832 :
833 1 : static void req_end_session_case3(void **state)
834 : {
835 : libspdm_return_t status;
836 : libspdm_test_context_t *spdm_test_context;
837 : libspdm_context_t *spdm_context;
838 : uint32_t session_id;
839 : void *data;
840 : size_t data_size;
841 : void *hash;
842 : size_t hash_size;
843 : libspdm_session_info_t *session_info;
844 :
845 1 : spdm_test_context = *state;
846 1 : spdm_context = spdm_test_context->spdm_context;
847 1 : spdm_test_context->case_id = 0x3;
848 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
849 : SPDM_VERSION_NUMBER_SHIFT_BIT;
850 1 : spdm_context->connection_info.connection_state =
851 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
852 1 : spdm_context->connection_info.capability.flags |=
853 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
854 1 : spdm_context->connection_info.capability.flags |=
855 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
856 1 : spdm_context->connection_info.capability.flags |=
857 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
858 1 : spdm_context->local_context.capability.flags |=
859 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
860 1 : spdm_context->local_context.capability.flags |=
861 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
862 1 : spdm_context->local_context.capability.flags |=
863 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
864 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
865 : m_libspdm_use_asym_algo, &data,
866 : &data_size, &hash, &hash_size)) {
867 0 : assert(false);
868 : }
869 1 : libspdm_reset_message_a(spdm_context);
870 1 : spdm_context->connection_info.algorithm.base_hash_algo =
871 : m_libspdm_use_hash_algo;
872 1 : spdm_context->connection_info.algorithm.base_asym_algo =
873 : m_libspdm_use_asym_algo;
874 1 : spdm_context->connection_info.algorithm.dhe_named_group =
875 : m_libspdm_use_dhe_algo;
876 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
877 : m_libspdm_use_aead_algo;
878 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
879 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
880 : data_size;
881 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
882 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
883 : data, data_size);
884 : #endif
885 :
886 1 : session_id = 0xFFFFFFFF;
887 1 : session_info = &spdm_context->session_info[0];
888 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
889 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
890 1 : libspdm_secured_message_set_session_state(
891 : session_info->secured_message_context,
892 : LIBSPDM_SESSION_STATE_ESTABLISHED);
893 1 : libspdm_set_mem(m_dummy_key_buffer,
894 : ((libspdm_secured_message_context_t
895 1 : *)(session_info->secured_message_context))
896 : ->aead_key_size,
897 : (uint8_t)(0xFF));
898 1 : libspdm_secured_message_set_response_data_encryption_key(
899 : session_info->secured_message_context, m_dummy_key_buffer,
900 : ((libspdm_secured_message_context_t
901 1 : *)(session_info->secured_message_context))
902 : ->aead_key_size);
903 1 : libspdm_set_mem(m_dummy_salt_buffer,
904 : ((libspdm_secured_message_context_t
905 1 : *)(session_info->secured_message_context))
906 : ->aead_iv_size,
907 : (uint8_t)(0xFF));
908 1 : libspdm_secured_message_set_response_data_salt(
909 : session_info->secured_message_context, m_dummy_salt_buffer,
910 : ((libspdm_secured_message_context_t
911 1 : *)(session_info->secured_message_context))
912 : ->aead_iv_size);
913 : ((libspdm_secured_message_context_t *)(session_info
914 1 : ->secured_message_context))
915 1 : ->application_secret.response_data_sequence_number = 0;
916 :
917 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
918 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
919 1 : free(data);
920 1 : }
921 :
922 1 : static void req_end_session_case4(void **state)
923 : {
924 : libspdm_return_t status;
925 : libspdm_test_context_t *spdm_test_context;
926 : libspdm_context_t *spdm_context;
927 : uint32_t session_id;
928 : void *data;
929 : size_t data_size;
930 : void *hash;
931 : size_t hash_size;
932 : libspdm_session_info_t *session_info;
933 :
934 1 : spdm_test_context = *state;
935 1 : spdm_context = spdm_test_context->spdm_context;
936 1 : spdm_test_context->case_id = 0x4;
937 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
938 : SPDM_VERSION_NUMBER_SHIFT_BIT;
939 1 : spdm_context->connection_info.connection_state =
940 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
941 1 : spdm_context->connection_info.capability.flags |=
942 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
943 1 : spdm_context->connection_info.capability.flags |=
944 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
945 1 : spdm_context->connection_info.capability.flags |=
946 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
947 1 : spdm_context->local_context.capability.flags |=
948 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
949 1 : spdm_context->local_context.capability.flags |=
950 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
951 1 : spdm_context->local_context.capability.flags |=
952 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
953 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
954 : m_libspdm_use_asym_algo, &data,
955 : &data_size, &hash, &hash_size)) {
956 0 : assert(false);
957 : }
958 1 : libspdm_reset_message_a(spdm_context);
959 1 : spdm_context->connection_info.algorithm.base_hash_algo =
960 : m_libspdm_use_hash_algo;
961 1 : spdm_context->connection_info.algorithm.base_asym_algo =
962 : m_libspdm_use_asym_algo;
963 1 : spdm_context->connection_info.algorithm.dhe_named_group =
964 : m_libspdm_use_dhe_algo;
965 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
966 : m_libspdm_use_aead_algo;
967 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
968 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
969 : data_size;
970 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
971 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
972 : data, data_size);
973 : #endif
974 :
975 1 : session_id = 0xFFFFFFFF;
976 1 : session_info = &spdm_context->session_info[0];
977 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
978 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
979 1 : libspdm_secured_message_set_session_state(
980 : session_info->secured_message_context,
981 : LIBSPDM_SESSION_STATE_ESTABLISHED);
982 1 : libspdm_set_mem(m_dummy_key_buffer,
983 : ((libspdm_secured_message_context_t
984 1 : *)(session_info->secured_message_context))
985 : ->aead_key_size,
986 : (uint8_t)(0xFF));
987 1 : libspdm_secured_message_set_response_data_encryption_key(
988 : session_info->secured_message_context, m_dummy_key_buffer,
989 : ((libspdm_secured_message_context_t
990 1 : *)(session_info->secured_message_context))
991 : ->aead_key_size);
992 1 : libspdm_set_mem(m_dummy_salt_buffer,
993 : ((libspdm_secured_message_context_t
994 1 : *)(session_info->secured_message_context))
995 : ->aead_iv_size,
996 : (uint8_t)(0xFF));
997 1 : libspdm_secured_message_set_response_data_salt(
998 : session_info->secured_message_context, m_dummy_salt_buffer,
999 : ((libspdm_secured_message_context_t
1000 1 : *)(session_info->secured_message_context))
1001 : ->aead_iv_size);
1002 : ((libspdm_secured_message_context_t *)(session_info
1003 1 : ->secured_message_context))
1004 1 : ->application_secret.response_data_sequence_number = 0;
1005 :
1006 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1007 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1008 1 : free(data);
1009 1 : }
1010 :
1011 1 : static void req_end_session_case5(void **state)
1012 : {
1013 : libspdm_return_t status;
1014 : libspdm_test_context_t *spdm_test_context;
1015 : libspdm_context_t *spdm_context;
1016 : uint32_t session_id;
1017 : void *data;
1018 : size_t data_size;
1019 : void *hash;
1020 : size_t hash_size;
1021 : libspdm_session_info_t *session_info;
1022 :
1023 1 : spdm_test_context = *state;
1024 1 : spdm_context = spdm_test_context->spdm_context;
1025 1 : spdm_test_context->case_id = 0x5;
1026 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1027 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1028 1 : spdm_context->connection_info.connection_state =
1029 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1030 1 : spdm_context->connection_info.capability.flags |=
1031 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1032 1 : spdm_context->connection_info.capability.flags |=
1033 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1034 1 : spdm_context->connection_info.capability.flags |=
1035 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1036 1 : spdm_context->local_context.capability.flags |=
1037 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1038 1 : spdm_context->local_context.capability.flags |=
1039 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1040 1 : spdm_context->local_context.capability.flags |=
1041 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1042 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1043 : m_libspdm_use_asym_algo, &data,
1044 : &data_size, &hash, &hash_size)) {
1045 0 : assert(false);
1046 : }
1047 1 : libspdm_reset_message_a(spdm_context);
1048 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1049 : m_libspdm_use_hash_algo;
1050 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1051 : m_libspdm_use_asym_algo;
1052 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1053 : m_libspdm_use_dhe_algo;
1054 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1055 : m_libspdm_use_aead_algo;
1056 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1057 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1058 : data_size;
1059 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1060 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1061 : data, data_size);
1062 : #endif
1063 :
1064 1 : session_id = 0xFFFFFFFF;
1065 1 : session_info = &spdm_context->session_info[0];
1066 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1067 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1068 1 : libspdm_secured_message_set_session_state(
1069 : session_info->secured_message_context,
1070 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1071 1 : libspdm_set_mem(m_dummy_key_buffer,
1072 : ((libspdm_secured_message_context_t
1073 1 : *)(session_info->secured_message_context))
1074 : ->aead_key_size,
1075 : (uint8_t)(0xFF));
1076 1 : libspdm_secured_message_set_response_data_encryption_key(
1077 : session_info->secured_message_context, m_dummy_key_buffer,
1078 : ((libspdm_secured_message_context_t
1079 1 : *)(session_info->secured_message_context))
1080 : ->aead_key_size);
1081 1 : libspdm_set_mem(m_dummy_salt_buffer,
1082 : ((libspdm_secured_message_context_t
1083 1 : *)(session_info->secured_message_context))
1084 : ->aead_iv_size,
1085 : (uint8_t)(0xFF));
1086 1 : libspdm_secured_message_set_response_data_salt(
1087 : session_info->secured_message_context, m_dummy_salt_buffer,
1088 : ((libspdm_secured_message_context_t
1089 1 : *)(session_info->secured_message_context))
1090 : ->aead_iv_size);
1091 : ((libspdm_secured_message_context_t *)(session_info
1092 1 : ->secured_message_context))
1093 1 : ->application_secret.response_data_sequence_number = 0;
1094 :
1095 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1096 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
1097 1 : free(data);
1098 1 : }
1099 :
1100 1 : static void req_end_session_case6(void **state)
1101 : {
1102 : libspdm_return_t status;
1103 : libspdm_test_context_t *spdm_test_context;
1104 : libspdm_context_t *spdm_context;
1105 : uint32_t session_id;
1106 : void *data;
1107 : size_t data_size;
1108 : void *hash;
1109 : size_t hash_size;
1110 : libspdm_session_info_t *session_info;
1111 :
1112 1 : spdm_test_context = *state;
1113 1 : spdm_context = spdm_test_context->spdm_context;
1114 1 : spdm_test_context->case_id = 0x6;
1115 1 : spdm_context->retry_times = 3;
1116 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1117 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1118 1 : spdm_context->connection_info.connection_state =
1119 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1120 1 : spdm_context->connection_info.capability.flags |=
1121 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1122 1 : spdm_context->connection_info.capability.flags |=
1123 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1124 1 : spdm_context->connection_info.capability.flags |=
1125 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1126 1 : spdm_context->local_context.capability.flags |=
1127 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1128 1 : spdm_context->local_context.capability.flags |=
1129 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1130 1 : spdm_context->local_context.capability.flags |=
1131 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1132 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1133 : m_libspdm_use_asym_algo, &data,
1134 : &data_size, &hash, &hash_size)) {
1135 0 : assert(false);
1136 : }
1137 1 : libspdm_reset_message_a(spdm_context);
1138 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1139 : m_libspdm_use_hash_algo;
1140 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1141 : m_libspdm_use_asym_algo;
1142 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1143 : m_libspdm_use_dhe_algo;
1144 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1145 : m_libspdm_use_aead_algo;
1146 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1147 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1148 : data_size;
1149 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1150 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1151 : data, data_size);
1152 : #endif
1153 :
1154 1 : session_id = 0xFFFFFFFF;
1155 1 : session_info = &spdm_context->session_info[0];
1156 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1157 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1158 1 : libspdm_secured_message_set_session_state(
1159 : session_info->secured_message_context,
1160 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1161 1 : libspdm_set_mem(m_dummy_key_buffer,
1162 : ((libspdm_secured_message_context_t
1163 1 : *)(session_info->secured_message_context))
1164 : ->aead_key_size,
1165 : (uint8_t)(0xFF));
1166 1 : libspdm_secured_message_set_response_data_encryption_key(
1167 : session_info->secured_message_context, m_dummy_key_buffer,
1168 : ((libspdm_secured_message_context_t
1169 1 : *)(session_info->secured_message_context))
1170 : ->aead_key_size);
1171 1 : libspdm_set_mem(m_dummy_salt_buffer,
1172 : ((libspdm_secured_message_context_t
1173 1 : *)(session_info->secured_message_context))
1174 : ->aead_iv_size,
1175 : (uint8_t)(0xFF));
1176 1 : libspdm_secured_message_set_response_data_salt(
1177 : session_info->secured_message_context, m_dummy_salt_buffer,
1178 : ((libspdm_secured_message_context_t
1179 1 : *)(session_info->secured_message_context))
1180 : ->aead_iv_size);
1181 : ((libspdm_secured_message_context_t *)(session_info
1182 1 : ->secured_message_context))
1183 1 : ->application_secret.response_data_sequence_number = 0;
1184 :
1185 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1186 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1187 1 : assert_int_equal(
1188 : libspdm_secured_message_get_session_state(
1189 : spdm_context->session_info[0].secured_message_context),
1190 : LIBSPDM_SESSION_STATE_NOT_STARTED);
1191 1 : free(data);
1192 1 : }
1193 :
1194 1 : static void req_end_session_case7(void **state)
1195 : {
1196 : libspdm_return_t status;
1197 : libspdm_test_context_t *spdm_test_context;
1198 : libspdm_context_t *spdm_context;
1199 : uint32_t session_id;
1200 : void *data;
1201 : size_t data_size;
1202 : void *hash;
1203 : size_t hash_size;
1204 : libspdm_session_info_t *session_info;
1205 :
1206 1 : spdm_test_context = *state;
1207 1 : spdm_context = spdm_test_context->spdm_context;
1208 1 : spdm_test_context->case_id = 0x7;
1209 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1210 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1211 1 : spdm_context->connection_info.connection_state =
1212 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1213 1 : spdm_context->connection_info.capability.flags |=
1214 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1215 1 : spdm_context->connection_info.capability.flags |=
1216 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1217 1 : spdm_context->connection_info.capability.flags |=
1218 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1219 1 : spdm_context->local_context.capability.flags |=
1220 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1221 1 : spdm_context->local_context.capability.flags |=
1222 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1223 1 : spdm_context->local_context.capability.flags |=
1224 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1225 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1226 : m_libspdm_use_asym_algo, &data,
1227 : &data_size, &hash, &hash_size)) {
1228 0 : assert(false);
1229 : }
1230 1 : libspdm_reset_message_a(spdm_context);
1231 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1232 : m_libspdm_use_hash_algo;
1233 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1234 : m_libspdm_use_asym_algo;
1235 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1236 : m_libspdm_use_dhe_algo;
1237 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1238 : m_libspdm_use_aead_algo;
1239 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1240 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1241 : data_size;
1242 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1243 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1244 : data, data_size);
1245 : #endif
1246 :
1247 1 : session_id = 0xFFFFFFFF;
1248 1 : session_info = &spdm_context->session_info[0];
1249 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1250 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1251 1 : libspdm_secured_message_set_session_state(
1252 : session_info->secured_message_context,
1253 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1254 1 : libspdm_set_mem(m_dummy_key_buffer,
1255 : ((libspdm_secured_message_context_t
1256 1 : *)(session_info->secured_message_context))
1257 : ->aead_key_size,
1258 : (uint8_t)(0xFF));
1259 1 : libspdm_secured_message_set_response_data_encryption_key(
1260 : session_info->secured_message_context, m_dummy_key_buffer,
1261 : ((libspdm_secured_message_context_t
1262 1 : *)(session_info->secured_message_context))
1263 : ->aead_key_size);
1264 1 : libspdm_set_mem(m_dummy_salt_buffer,
1265 : ((libspdm_secured_message_context_t
1266 1 : *)(session_info->secured_message_context))
1267 : ->aead_iv_size,
1268 : (uint8_t)(0xFF));
1269 1 : libspdm_secured_message_set_response_data_salt(
1270 : session_info->secured_message_context, m_dummy_salt_buffer,
1271 : ((libspdm_secured_message_context_t
1272 1 : *)(session_info->secured_message_context))
1273 : ->aead_iv_size);
1274 : ((libspdm_secured_message_context_t *)(session_info
1275 1 : ->secured_message_context))
1276 1 : ->application_secret.response_data_sequence_number = 0;
1277 :
1278 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1279 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
1280 1 : assert_int_equal(spdm_context->connection_info.connection_state,
1281 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
1282 1 : free(data);
1283 1 : }
1284 :
1285 1 : static void req_end_session_case8(void **state)
1286 : {
1287 : libspdm_return_t status;
1288 : libspdm_test_context_t *spdm_test_context;
1289 : libspdm_context_t *spdm_context;
1290 : uint32_t session_id;
1291 : void *data;
1292 : size_t data_size;
1293 : void *hash;
1294 : size_t hash_size;
1295 : libspdm_session_info_t *session_info;
1296 :
1297 1 : spdm_test_context = *state;
1298 1 : spdm_context = spdm_test_context->spdm_context;
1299 1 : spdm_test_context->case_id = 0x8;
1300 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1301 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1302 1 : spdm_context->connection_info.connection_state =
1303 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1304 1 : spdm_context->connection_info.capability.flags |=
1305 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1306 1 : spdm_context->connection_info.capability.flags |=
1307 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1308 1 : spdm_context->connection_info.capability.flags |=
1309 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1310 1 : spdm_context->local_context.capability.flags |=
1311 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1312 1 : spdm_context->local_context.capability.flags |=
1313 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1314 1 : spdm_context->local_context.capability.flags |=
1315 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1316 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1317 : m_libspdm_use_asym_algo, &data,
1318 : &data_size, &hash, &hash_size)) {
1319 0 : assert(false);
1320 : }
1321 1 : libspdm_reset_message_a(spdm_context);
1322 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1323 : m_libspdm_use_hash_algo;
1324 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1325 : m_libspdm_use_asym_algo;
1326 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1327 : m_libspdm_use_dhe_algo;
1328 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1329 : m_libspdm_use_aead_algo;
1330 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1331 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1332 : data_size;
1333 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1334 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1335 : data, data_size);
1336 : #endif
1337 :
1338 1 : session_id = 0xFFFFFFFF;
1339 1 : session_info = &spdm_context->session_info[0];
1340 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1341 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1342 1 : libspdm_secured_message_set_session_state(
1343 : session_info->secured_message_context,
1344 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1345 1 : libspdm_set_mem(m_dummy_key_buffer,
1346 : ((libspdm_secured_message_context_t
1347 1 : *)(session_info->secured_message_context))
1348 : ->aead_key_size,
1349 : (uint8_t)(0xFF));
1350 1 : libspdm_secured_message_set_response_data_encryption_key(
1351 : session_info->secured_message_context, m_dummy_key_buffer,
1352 : ((libspdm_secured_message_context_t
1353 1 : *)(session_info->secured_message_context))
1354 : ->aead_key_size);
1355 1 : libspdm_set_mem(m_dummy_salt_buffer,
1356 : ((libspdm_secured_message_context_t
1357 1 : *)(session_info->secured_message_context))
1358 : ->aead_iv_size,
1359 : (uint8_t)(0xFF));
1360 1 : libspdm_secured_message_set_response_data_salt(
1361 : session_info->secured_message_context, m_dummy_salt_buffer,
1362 : ((libspdm_secured_message_context_t
1363 1 : *)(session_info->secured_message_context))
1364 : ->aead_iv_size);
1365 : ((libspdm_secured_message_context_t *)(session_info
1366 1 : ->secured_message_context))
1367 1 : ->application_secret.response_data_sequence_number = 0;
1368 :
1369 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1370 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1371 1 : free(data);
1372 1 : }
1373 :
1374 1 : static void req_end_session_case9(void **state)
1375 : {
1376 : libspdm_return_t status;
1377 : libspdm_test_context_t *spdm_test_context;
1378 : libspdm_context_t *spdm_context;
1379 : uint32_t session_id;
1380 : void *data;
1381 : size_t data_size;
1382 : void *hash;
1383 : size_t hash_size;
1384 : libspdm_session_info_t *session_info;
1385 :
1386 1 : spdm_test_context = *state;
1387 1 : spdm_context = spdm_test_context->spdm_context;
1388 1 : spdm_test_context->case_id = 0x9;
1389 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1390 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1391 1 : spdm_context->connection_info.connection_state =
1392 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1393 1 : spdm_context->connection_info.capability.flags |=
1394 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1395 1 : spdm_context->connection_info.capability.flags |=
1396 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1397 1 : spdm_context->connection_info.capability.flags |=
1398 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1399 1 : spdm_context->local_context.capability.flags |=
1400 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1401 1 : spdm_context->local_context.capability.flags |=
1402 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1403 1 : spdm_context->local_context.capability.flags |=
1404 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1405 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1406 : m_libspdm_use_asym_algo, &data,
1407 : &data_size, &hash, &hash_size)) {
1408 0 : assert(false);
1409 : }
1410 1 : libspdm_reset_message_a(spdm_context);
1411 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1412 : m_libspdm_use_hash_algo;
1413 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1414 : m_libspdm_use_asym_algo;
1415 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1416 : m_libspdm_use_dhe_algo;
1417 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1418 : m_libspdm_use_aead_algo;
1419 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1420 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1421 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1422 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1423 : data, data_size);
1424 : #endif
1425 :
1426 1 : session_id = 0xFFFFFFFF;
1427 1 : session_info = &spdm_context->session_info[0];
1428 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1429 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1430 1 : libspdm_secured_message_set_session_state(
1431 : session_info->secured_message_context,
1432 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1433 1 : libspdm_set_mem(m_dummy_key_buffer,
1434 : ((libspdm_secured_message_context_t
1435 1 : *)(session_info->secured_message_context))
1436 : ->aead_key_size,
1437 : (uint8_t)(0xFF));
1438 1 : libspdm_secured_message_set_response_data_encryption_key(
1439 : session_info->secured_message_context, m_dummy_key_buffer,
1440 : ((libspdm_secured_message_context_t
1441 1 : *)(session_info->secured_message_context))
1442 : ->aead_key_size);
1443 1 : libspdm_set_mem(m_dummy_salt_buffer,
1444 : ((libspdm_secured_message_context_t
1445 1 : *)(session_info->secured_message_context))
1446 : ->aead_iv_size,
1447 : (uint8_t)(0xFF));
1448 1 : libspdm_secured_message_set_response_data_salt(
1449 : session_info->secured_message_context, m_dummy_salt_buffer,
1450 : ((libspdm_secured_message_context_t
1451 1 : *)(session_info->secured_message_context))->aead_iv_size);
1452 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
1453 1 : ->application_secret.response_data_sequence_number = 0;
1454 :
1455 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1456 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
1457 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1458 1 : assert_int_equal(
1459 : libspdm_secured_message_get_session_state(
1460 : spdm_context->session_info[0].secured_message_context),
1461 : LIBSPDM_SESSION_STATE_NOT_STARTED);
1462 : } else {
1463 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1464 : }
1465 1 : free(data);
1466 1 : }
1467 :
1468 1 : static void req_end_session_case10(void **state) {
1469 : libspdm_return_t status;
1470 : libspdm_test_context_t *spdm_test_context;
1471 : libspdm_context_t *spdm_context;
1472 : uint32_t session_id;
1473 : void *data;
1474 : size_t data_size;
1475 : void *hash;
1476 : size_t hash_size;
1477 : libspdm_session_info_t *session_info;
1478 : uint16_t error_code;
1479 :
1480 1 : spdm_test_context = *state;
1481 1 : spdm_context = spdm_test_context->spdm_context;
1482 1 : spdm_test_context->case_id = 0xA;
1483 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1484 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1485 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1486 1 : spdm_context->connection_info.capability.flags |=
1487 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1488 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1489 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1490 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1491 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1492 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1493 : m_libspdm_use_asym_algo,
1494 : &data, &data_size,
1495 : &hash, &hash_size);
1496 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1497 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1498 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1499 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1500 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1501 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1502 : data_size;
1503 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1504 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1505 : data, data_size);
1506 : #endif
1507 :
1508 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1509 19 : while(error_code <= 0xff) {
1510 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1511 18 : libspdm_reset_message_a(spdm_context);
1512 :
1513 18 : session_id = 0xFFFFFFFF;
1514 18 : session_info = &spdm_context->session_info[0];
1515 18 : libspdm_session_info_init (spdm_context, session_info, session_id,
1516 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1517 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
1518 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1519 18 : libspdm_set_mem (m_dummy_key_buffer,
1520 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size,
1521 : (uint8_t)(0xFF));
1522 18 : libspdm_secured_message_set_response_data_encryption_key (
1523 : session_info->secured_message_context, m_dummy_key_buffer,
1524 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size);
1525 18 : libspdm_set_mem (m_dummy_salt_buffer,
1526 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_iv_size,
1527 : (uint8_t)(0xFF));
1528 18 : libspdm_secured_message_set_response_data_salt (session_info->secured_message_context,
1529 : m_dummy_salt_buffer,
1530 : ((libspdm_secured_message_context_t*)(
1531 : session_info
1532 18 : ->
1533 : secured_message_context))->aead_iv_size);
1534 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1535 18 : application_secret.response_data_sequence_number = 0;
1536 :
1537 18 : status = libspdm_send_receive_end_session (spdm_context, session_id, 0);
1538 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
1539 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
1540 : } else {
1541 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
1542 : }
1543 :
1544 18 : error_code++;
1545 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1546 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1547 : }
1548 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
1549 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1550 : }
1551 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
1552 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1553 : }
1554 : }
1555 :
1556 1 : free(data);
1557 1 : }
1558 :
1559 1 : static void req_end_session_case11(void **state)
1560 : {
1561 : libspdm_return_t status;
1562 : libspdm_test_context_t *spdm_test_context;
1563 : libspdm_context_t *spdm_context;
1564 : uint32_t session_id;
1565 : void *data;
1566 : size_t data_size;
1567 : void *hash;
1568 : size_t hash_size;
1569 : libspdm_session_info_t *session_info;
1570 :
1571 1 : spdm_test_context = *state;
1572 1 : spdm_context = spdm_test_context->spdm_context;
1573 1 : spdm_test_context->case_id = 0xB;
1574 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1575 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1576 1 : spdm_context->connection_info.connection_state =
1577 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1578 1 : spdm_context->connection_info.capability.flags |=
1579 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1580 1 : spdm_context->connection_info.capability.flags |=
1581 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1582 1 : spdm_context->connection_info.capability.flags |=
1583 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1584 1 : spdm_context->local_context.capability.flags |=
1585 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1586 1 : spdm_context->local_context.capability.flags |=
1587 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1588 1 : spdm_context->local_context.capability.flags |=
1589 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1590 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1591 : m_libspdm_use_asym_algo, &data,
1592 : &data_size, &hash, &hash_size)) {
1593 0 : assert(false);
1594 : }
1595 1 : libspdm_reset_message_a(spdm_context);
1596 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1597 : m_libspdm_use_hash_algo;
1598 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1599 : m_libspdm_use_asym_algo;
1600 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1601 : m_libspdm_use_dhe_algo;
1602 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1603 : m_libspdm_use_aead_algo;
1604 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1605 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1606 : data_size;
1607 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1608 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1609 : data, data_size);
1610 : #endif
1611 :
1612 1 : session_id = 0xFFFFFFFF;
1613 1 : session_info = &spdm_context->session_info[0];
1614 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1615 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1616 1 : libspdm_secured_message_set_session_state(
1617 : session_info->secured_message_context,
1618 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1619 1 : libspdm_set_mem(m_dummy_key_buffer,
1620 : ((libspdm_secured_message_context_t
1621 1 : *)(session_info->secured_message_context))
1622 : ->aead_key_size,
1623 : (uint8_t)(0xFF));
1624 1 : libspdm_secured_message_set_response_data_encryption_key(
1625 : session_info->secured_message_context, m_dummy_key_buffer,
1626 : ((libspdm_secured_message_context_t
1627 1 : *)(session_info->secured_message_context))
1628 : ->aead_key_size);
1629 1 : libspdm_set_mem(m_dummy_salt_buffer,
1630 : ((libspdm_secured_message_context_t
1631 1 : *)(session_info->secured_message_context))
1632 : ->aead_iv_size,
1633 : (uint8_t)(0xFF));
1634 1 : libspdm_secured_message_set_response_data_salt(
1635 : session_info->secured_message_context, m_dummy_salt_buffer,
1636 : ((libspdm_secured_message_context_t
1637 1 : *)(session_info->secured_message_context))
1638 : ->aead_iv_size);
1639 : ((libspdm_secured_message_context_t *)(session_info
1640 1 : ->secured_message_context))
1641 1 : ->application_secret.response_data_sequence_number = 0;
1642 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1643 : session_info->session_transcript.message_m.buffer_size =
1644 : spdm_context->transcript.message_m.max_buffer_size;
1645 : spdm_context->transcript.message_b.buffer_size =
1646 : spdm_context->transcript.message_b.max_buffer_size;
1647 : spdm_context->transcript.message_c.buffer_size =
1648 : spdm_context->transcript.message_c.max_buffer_size;
1649 : spdm_context->transcript.message_mut_b.buffer_size =
1650 : spdm_context->transcript.message_mut_b.max_buffer_size;
1651 : spdm_context->transcript.message_mut_c.buffer_size =
1652 : spdm_context->transcript.message_mut_c.max_buffer_size;
1653 : #endif
1654 :
1655 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1656 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1657 1 : assert_int_equal(
1658 : libspdm_secured_message_get_session_state(
1659 : spdm_context->session_info[0].secured_message_context),
1660 : LIBSPDM_SESSION_STATE_NOT_STARTED);
1661 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1662 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
1663 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
1664 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
1665 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
1666 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
1667 : #endif
1668 1 : free(data);
1669 1 : }
1670 :
1671 : /**
1672 : * Test 12: the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
1673 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
1674 : **/
1675 1 : static void req_end_session_case12(void **state)
1676 : {
1677 : libspdm_return_t status;
1678 : libspdm_test_context_t *spdm_test_context;
1679 : libspdm_context_t *spdm_context;
1680 : uint32_t session_id;
1681 : void *data;
1682 : size_t data_size;
1683 : void *hash;
1684 : size_t hash_size;
1685 : libspdm_session_info_t *session_info;
1686 :
1687 1 : spdm_test_context = *state;
1688 1 : spdm_context = spdm_test_context->spdm_context;
1689 1 : spdm_test_context->case_id = 0xC;
1690 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1691 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1692 1 : spdm_context->connection_info.connection_state =
1693 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1694 1 : spdm_context->connection_info.capability.flags |=
1695 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1696 1 : spdm_context->connection_info.capability.flags |=
1697 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1698 1 : spdm_context->connection_info.capability.flags |=
1699 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1700 1 : spdm_context->local_context.capability.flags |=
1701 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1702 1 : spdm_context->local_context.capability.flags |=
1703 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1704 1 : spdm_context->local_context.capability.flags |=
1705 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1706 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1707 : m_libspdm_use_asym_algo, &data,
1708 : &data_size, &hash, &hash_size)) {
1709 0 : assert(false);
1710 : }
1711 1 : libspdm_reset_message_a(spdm_context);
1712 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1713 : m_libspdm_use_hash_algo;
1714 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1715 : m_libspdm_use_asym_algo;
1716 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1717 : m_libspdm_use_dhe_algo;
1718 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1719 : m_libspdm_use_aead_algo;
1720 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1721 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1722 : data_size;
1723 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1724 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1725 : data, data_size);
1726 : #endif
1727 :
1728 1 : session_id = 0xFFFFFFFF;
1729 1 : session_info = &spdm_context->session_info[0];
1730 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1731 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1732 1 : libspdm_secured_message_set_session_state(
1733 : session_info->secured_message_context,
1734 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1735 1 : libspdm_set_mem(m_dummy_key_buffer,
1736 : ((libspdm_secured_message_context_t
1737 1 : *)(session_info->secured_message_context))
1738 : ->aead_key_size,
1739 : (uint8_t)(0xFF));
1740 1 : libspdm_secured_message_set_response_data_encryption_key(
1741 : session_info->secured_message_context, m_dummy_key_buffer,
1742 : ((libspdm_secured_message_context_t
1743 1 : *)(session_info->secured_message_context))
1744 : ->aead_key_size);
1745 1 : libspdm_set_mem(m_dummy_salt_buffer,
1746 : ((libspdm_secured_message_context_t
1747 1 : *)(session_info->secured_message_context))
1748 : ->aead_iv_size,
1749 : (uint8_t)(0xFF));
1750 1 : libspdm_secured_message_set_response_data_salt(
1751 : session_info->secured_message_context, m_dummy_salt_buffer,
1752 : ((libspdm_secured_message_context_t
1753 1 : *)(session_info->secured_message_context))
1754 : ->aead_iv_size);
1755 : ((libspdm_secured_message_context_t *)(session_info
1756 1 : ->secured_message_context))
1757 1 : ->application_secret.response_data_sequence_number = 0;
1758 :
1759 1 : status = libspdm_send_receive_end_session(spdm_context, session_id, 0);
1760 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
1761 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1762 :
1763 1 : free(data);
1764 1 : }
1765 :
1766 1 : int libspdm_req_end_session_test(void)
1767 : {
1768 1 : const struct CMUnitTest test_cases[] = {
1769 : /* SendRequest failed*/
1770 : cmocka_unit_test(req_end_session_case1),
1771 : /* Successful response*/
1772 : cmocka_unit_test(req_end_session_case2),
1773 : /* connection_state check failed*/
1774 : cmocka_unit_test(req_end_session_case3),
1775 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
1776 : cmocka_unit_test(req_end_session_case4),
1777 : /* Always SPDM_ERROR_CODE_BUSY*/
1778 : cmocka_unit_test(req_end_session_case5),
1779 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
1780 : cmocka_unit_test(req_end_session_case6),
1781 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
1782 : cmocka_unit_test(req_end_session_case7),
1783 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
1784 : cmocka_unit_test(req_end_session_case8),
1785 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
1786 : cmocka_unit_test(req_end_session_case9),
1787 : /* Unexpected errors*/
1788 : cmocka_unit_test(req_end_session_case10),
1789 : /* Buffer reset*/
1790 : cmocka_unit_test(req_end_session_case11),
1791 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
1792 : cmocka_unit_test(req_end_session_case12),
1793 : };
1794 :
1795 1 : libspdm_test_context_t test_context = {
1796 : LIBSPDM_TEST_CONTEXT_VERSION,
1797 : true,
1798 : send_message,
1799 : receive_message,
1800 : };
1801 :
1802 1 : libspdm_setup_test_context(&test_context);
1803 :
1804 1 : return cmocka_run_group_tests(test_cases,
1805 : libspdm_unit_test_group_setup,
1806 : libspdm_unit_test_group_teardown);
1807 : }
1808 :
1809 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_PSK_CAP) */
|
