Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : static size_t m_libspdm_local_buffer_size;
14 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
15 :
16 : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
17 : static const uint8_t m_libspdm_zero_buffer[LIBSPDM_MAX_HASH_SIZE] = {0};
18 :
19 : static libspdm_th_managed_buffer_t th_curr;
20 :
21 41 : void libspdm_secured_message_set_response_finished_key(
22 : void *spdm_secured_message_context, const void *key, size_t key_size)
23 : {
24 : libspdm_secured_message_context_t *secured_message_context;
25 :
26 41 : secured_message_context = spdm_secured_message_context;
27 41 : LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
28 41 : libspdm_copy_mem(secured_message_context->handshake_secret.response_finished_key,
29 : sizeof(secured_message_context->handshake_secret.response_finished_key),
30 : key, secured_message_context->hash_size);
31 41 : }
32 :
33 40 : static libspdm_return_t send_message(
34 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
35 : {
36 : libspdm_test_context_t *spdm_test_context;
37 : const uint8_t *ptr;
38 :
39 40 : spdm_test_context = libspdm_get_test_context();
40 40 : ptr = (const uint8_t *)request;
41 40 : switch (spdm_test_context->case_id) {
42 1 : case 0x1:
43 1 : return LIBSPDM_STATUS_SEND_FAIL;
44 1 : case 0x2:
45 1 : m_libspdm_local_buffer_size = 0;
46 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
47 : request_size - 1);
48 1 : m_libspdm_local_buffer_size += (request_size - 1);
49 1 : return LIBSPDM_STATUS_SUCCESS;
50 0 : case 0x3:
51 0 : m_libspdm_local_buffer_size = 0;
52 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
53 : request_size - 1);
54 0 : m_libspdm_local_buffer_size += (request_size - 1);
55 0 : return LIBSPDM_STATUS_SUCCESS;
56 1 : case 0x4:
57 1 : m_libspdm_local_buffer_size = 0;
58 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
59 : request_size - 1);
60 1 : m_libspdm_local_buffer_size += (request_size - 1);
61 1 : return LIBSPDM_STATUS_SUCCESS;
62 1 : case 0x5:
63 1 : m_libspdm_local_buffer_size = 0;
64 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
65 : request_size - 1);
66 1 : m_libspdm_local_buffer_size += (request_size - 1);
67 1 : return LIBSPDM_STATUS_SUCCESS;
68 2 : case 0x6:
69 2 : m_libspdm_local_buffer_size = 0;
70 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
71 : request_size - 1);
72 2 : m_libspdm_local_buffer_size += (request_size - 1);
73 2 : return LIBSPDM_STATUS_SUCCESS;
74 1 : case 0x7:
75 1 : m_libspdm_local_buffer_size = 0;
76 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
77 : request_size - 1);
78 1 : m_libspdm_local_buffer_size += (request_size - 1);
79 1 : return LIBSPDM_STATUS_SUCCESS;
80 2 : case 0x8:
81 2 : m_libspdm_local_buffer_size = 0;
82 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
83 : request_size - 1);
84 2 : m_libspdm_local_buffer_size += (request_size - 1);
85 2 : return LIBSPDM_STATUS_SUCCESS;
86 2 : case 0x9: {
87 : static size_t sub_index = 0;
88 2 : if (sub_index == 0) {
89 1 : m_libspdm_local_buffer_size = 0;
90 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
91 : request_size - 1);
92 1 : m_libspdm_local_buffer_size += (request_size - 1);
93 1 : sub_index++;
94 : }
95 : }
96 2 : return LIBSPDM_STATUS_SUCCESS;
97 18 : case 0xA:
98 18 : m_libspdm_local_buffer_size = 0;
99 18 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
100 : request_size - 1);
101 18 : m_libspdm_local_buffer_size += (request_size - 1);
102 18 : return LIBSPDM_STATUS_SUCCESS;
103 1 : case 0xB:
104 1 : m_libspdm_local_buffer_size = 0;
105 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
106 : request_size - 1);
107 1 : m_libspdm_local_buffer_size += (request_size - 1);
108 1 : return LIBSPDM_STATUS_SUCCESS;
109 0 : case 0xC:
110 0 : m_libspdm_local_buffer_size = 0;
111 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
112 : request_size - 1);
113 0 : m_libspdm_local_buffer_size += (request_size - 1);
114 0 : return LIBSPDM_STATUS_SUCCESS;
115 0 : case 0xD:
116 0 : m_libspdm_local_buffer_size = 0;
117 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
118 : request_size - 1);
119 0 : m_libspdm_local_buffer_size += (request_size - 1);
120 0 : return LIBSPDM_STATUS_SUCCESS;
121 1 : case 0xE:
122 1 : m_libspdm_local_buffer_size = 0;
123 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
124 : request_size - 1);
125 1 : m_libspdm_local_buffer_size += (request_size - 1);
126 1 : return LIBSPDM_STATUS_SUCCESS;
127 0 : case 0xF:
128 0 : m_libspdm_local_buffer_size = 0;
129 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 0 : m_libspdm_local_buffer_size += (request_size - 1);
132 0 : return LIBSPDM_STATUS_SUCCESS;
133 1 : case 0x10:
134 1 : m_libspdm_local_buffer_size = 0;
135 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
136 : request_size - 1);
137 1 : m_libspdm_local_buffer_size += (request_size - 1);
138 1 : return LIBSPDM_STATUS_SUCCESS;
139 1 : case 0x11:
140 1 : m_libspdm_local_buffer_size = 0;
141 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
142 : request_size - 1);
143 1 : m_libspdm_local_buffer_size += (request_size - 1);
144 1 : return LIBSPDM_STATUS_SUCCESS;
145 1 : case 0x12:
146 1 : m_libspdm_local_buffer_size = 0;
147 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
148 : request_size - 1);
149 1 : m_libspdm_local_buffer_size += (request_size - 1);
150 1 : return LIBSPDM_STATUS_SUCCESS;
151 0 : case 0x13:
152 0 : m_libspdm_local_buffer_size = 0;
153 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
154 : request_size - 1);
155 0 : m_libspdm_local_buffer_size += (request_size - 1);
156 0 : return LIBSPDM_STATUS_SUCCESS;
157 1 : case 0x14:
158 1 : m_libspdm_local_buffer_size = 0;
159 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
160 : request_size - 1);
161 1 : m_libspdm_local_buffer_size += (request_size - 1);
162 1 : return LIBSPDM_STATUS_SUCCESS;
163 1 : case 0x15:
164 1 : m_libspdm_local_buffer_size = 0;
165 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
166 : request_size - 1);
167 1 : m_libspdm_local_buffer_size += (request_size - 1);
168 1 : return LIBSPDM_STATUS_SUCCESS;
169 1 : case 0x16:
170 1 : m_libspdm_local_buffer_size = 0;
171 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
172 : request_size - 1);
173 1 : m_libspdm_local_buffer_size += (request_size - 1);
174 1 : return LIBSPDM_STATUS_SUCCESS;
175 3 : case 0x17:
176 : case 0x18:
177 : case 0x19:
178 3 : m_libspdm_local_buffer_size = 0;
179 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
180 : request_size - 1);
181 3 : m_libspdm_local_buffer_size += (request_size - 1);
182 3 : return LIBSPDM_STATUS_SUCCESS;
183 0 : default:
184 0 : return LIBSPDM_STATUS_SEND_FAIL;
185 : }
186 : }
187 :
188 39 : static libspdm_return_t receive_message(
189 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
190 : {
191 : libspdm_test_context_t *spdm_test_context;
192 :
193 39 : spdm_test_context = libspdm_get_test_context();
194 39 : switch (spdm_test_context->case_id) {
195 0 : case 0x1:
196 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
197 :
198 1 : case 0x2: {
199 : spdm_finish_response_t *spdm_response;
200 : uint32_t hash_size;
201 : uint32_t hmac_size;
202 : uint8_t *ptr;
203 : void *data;
204 : size_t data_size;
205 : uint8_t *cert_buffer;
206 : size_t cert_buffer_size;
207 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
208 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
209 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
210 : size_t spdm_response_size;
211 : size_t transport_header_size;
212 :
213 : ((libspdm_context_t *)spdm_context)
214 1 : ->connection_info.algorithm.base_asym_algo =
215 : m_libspdm_use_asym_algo;
216 : ((libspdm_context_t *)spdm_context)
217 1 : ->connection_info.algorithm.base_hash_algo =
218 : m_libspdm_use_hash_algo;
219 : ((libspdm_context_t *)spdm_context)
220 1 : ->connection_info.algorithm.dhe_named_group =
221 : m_libspdm_use_dhe_algo;
222 : ((libspdm_context_t *)spdm_context)
223 1 : ->connection_info.algorithm.measurement_hash_algo =
224 : m_libspdm_use_measurement_hash_algo;
225 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
226 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
227 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
228 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
229 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
230 :
231 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
232 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
233 1 : spdm_response->header.param1 = 0;
234 1 : spdm_response->header.param2 = 0;
235 1 : ptr = (void *)(spdm_response + 1);
236 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
237 : sizeof(m_libspdm_local_buffer)
238 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
239 : m_libspdm_local_buffer),
240 : spdm_response, sizeof(spdm_finish_response_t));
241 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
242 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
243 : m_libspdm_use_asym_algo, &data,
244 : &data_size, NULL, NULL);
245 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
246 1 : cert_buffer = (uint8_t *)data;
247 1 : cert_buffer_size = data_size;
248 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
249 : cert_buffer_hash);
250 : /* transcript.message_a size is 0*/
251 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
252 : /* session_transcript.message_k is 0*/
253 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
254 : m_libspdm_local_buffer_size);
255 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
256 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
257 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
258 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
259 : response_finished_key, hash_size, ptr);
260 1 : ptr += hmac_size;
261 1 : free(data);
262 :
263 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
264 : false, spdm_response_size,
265 : spdm_response, response_size,
266 : response);
267 : }
268 1 : return LIBSPDM_STATUS_SUCCESS;
269 :
270 0 : case 0x3: {
271 : spdm_finish_response_t *spdm_response;
272 : uint32_t hash_size;
273 : uint32_t hmac_size;
274 : uint8_t *ptr;
275 : void *data;
276 : size_t data_size;
277 : uint8_t *cert_buffer;
278 : size_t cert_buffer_size;
279 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
280 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
281 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
282 : size_t spdm_response_size;
283 : size_t transport_header_size;
284 :
285 : ((libspdm_context_t *)spdm_context)
286 0 : ->connection_info.algorithm.base_asym_algo =
287 : m_libspdm_use_asym_algo;
288 : ((libspdm_context_t *)spdm_context)
289 0 : ->connection_info.algorithm.base_hash_algo =
290 : m_libspdm_use_hash_algo;
291 : ((libspdm_context_t *)spdm_context)
292 0 : ->connection_info.algorithm.dhe_named_group =
293 : m_libspdm_use_dhe_algo;
294 : ((libspdm_context_t *)spdm_context)
295 0 : ->connection_info.algorithm.measurement_hash_algo =
296 : m_libspdm_use_measurement_hash_algo;
297 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
298 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
299 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
300 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
301 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
302 :
303 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
304 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
305 0 : spdm_response->header.param1 = 0;
306 0 : spdm_response->header.param2 = 0;
307 0 : ptr = (void *)(spdm_response + 1);
308 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
309 : sizeof(m_libspdm_local_buffer)
310 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
311 : m_libspdm_local_buffer),
312 : spdm_response, sizeof(spdm_finish_response_t));
313 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
314 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
315 : m_libspdm_use_asym_algo, &data,
316 : &data_size, NULL, NULL);
317 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
318 0 : cert_buffer = (uint8_t *)data;
319 0 : cert_buffer_size = data_size;
320 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
321 : cert_buffer_hash);
322 : /* transcript.message_a size is 0*/
323 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
324 : /* session_transcript.message_k is 0*/
325 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
326 : m_libspdm_local_buffer_size);
327 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
328 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
329 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
330 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
331 : response_finished_key, hash_size, ptr);
332 0 : ptr += hmac_size;
333 0 : free(data);
334 :
335 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
336 : false, spdm_response_size,
337 : spdm_response, response_size,
338 : response);
339 : }
340 0 : return LIBSPDM_STATUS_SUCCESS;
341 :
342 1 : case 0x4: {
343 : spdm_error_response_t *spdm_response;
344 : size_t spdm_response_size;
345 : size_t transport_header_size;
346 :
347 1 : spdm_response_size = sizeof(spdm_error_response_t);
348 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
349 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
350 :
351 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
352 1 : spdm_response->header.request_response_code = SPDM_ERROR;
353 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
354 1 : spdm_response->header.param2 = 0;
355 :
356 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
357 : false, spdm_response_size,
358 : spdm_response,
359 : response_size, response);
360 : }
361 1 : return LIBSPDM_STATUS_SUCCESS;
362 :
363 1 : case 0x5: {
364 : spdm_error_response_t *spdm_response;
365 : size_t spdm_response_size;
366 : size_t transport_header_size;
367 :
368 1 : spdm_response_size = sizeof(spdm_error_response_t);
369 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
370 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
371 :
372 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
373 1 : spdm_response->header.request_response_code = SPDM_ERROR;
374 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
375 1 : spdm_response->header.param2 = 0;
376 :
377 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
378 : false, spdm_response_size,
379 : spdm_response,
380 : response_size, response);
381 : }
382 1 : return LIBSPDM_STATUS_SUCCESS;
383 :
384 2 : case 0x6: {
385 : static size_t sub_index1 = 0;
386 2 : if (sub_index1 == 0) {
387 : spdm_error_response_t *spdm_response;
388 : size_t spdm_response_size;
389 : size_t transport_header_size;
390 :
391 1 : spdm_response_size = sizeof(spdm_error_response_t);
392 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
393 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
394 :
395 1 : spdm_response->header.spdm_version =
396 : SPDM_MESSAGE_VERSION_11;
397 1 : spdm_response->header.request_response_code = SPDM_ERROR;
398 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
399 1 : spdm_response->header.param2 = 0;
400 :
401 1 : libspdm_transport_test_encode_message(
402 : spdm_context, NULL, false, false,
403 : spdm_response_size, spdm_response,
404 : response_size, response);
405 1 : sub_index1++;
406 1 : } else if (sub_index1 == 1) {
407 : spdm_finish_response_t *spdm_response;
408 : uint32_t hash_size;
409 : uint32_t hmac_size;
410 : uint8_t *ptr;
411 : void *data;
412 : size_t data_size;
413 : uint8_t *cert_buffer;
414 : size_t cert_buffer_size;
415 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
416 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
417 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
418 : size_t spdm_response_size;
419 : size_t transport_header_size;
420 :
421 : ((libspdm_context_t *)spdm_context)
422 1 : ->connection_info.algorithm.base_asym_algo =
423 : m_libspdm_use_asym_algo;
424 : ((libspdm_context_t *)spdm_context)
425 1 : ->connection_info.algorithm.base_hash_algo =
426 : m_libspdm_use_hash_algo;
427 : ((libspdm_context_t *)spdm_context)
428 1 : ->connection_info.algorithm.dhe_named_group =
429 : m_libspdm_use_dhe_algo;
430 : ((libspdm_context_t *)spdm_context)
431 : ->connection_info.algorithm
432 1 : .measurement_hash_algo =
433 : m_libspdm_use_measurement_hash_algo;
434 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
435 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
436 1 : spdm_response_size =
437 1 : sizeof(spdm_finish_response_t) + hmac_size;
438 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
439 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
440 :
441 1 : spdm_response->header.spdm_version =
442 : SPDM_MESSAGE_VERSION_11;
443 1 : spdm_response->header.request_response_code =
444 : SPDM_FINISH_RSP;
445 1 : spdm_response->header.param1 = 0;
446 1 : spdm_response->header.param2 = 0;
447 1 : ptr = (void *)(spdm_response + 1);
448 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
449 : sizeof(m_libspdm_local_buffer)
450 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
451 : m_libspdm_local_buffer),
452 : spdm_response, sizeof(spdm_finish_response_t));
453 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
454 1 : libspdm_read_responder_public_certificate_chain(
455 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
456 : &data_size, NULL, NULL);
457 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
458 1 : cert_buffer = (uint8_t *)data;
459 1 : cert_buffer_size = data_size;
460 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
461 : cert_buffer_size, cert_buffer_hash);
462 : /* transcript.message_a size is 0*/
463 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash,
464 : hash_size);
465 : /* session_transcript.message_k is 0*/
466 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
467 : m_libspdm_local_buffer_size);
468 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE,
469 : (uint8_t)(0xFF));
470 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
471 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
472 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
473 : response_finished_key, hash_size, ptr);
474 1 : ptr += hmac_size;
475 1 : free(data);
476 :
477 1 : libspdm_transport_test_encode_message(
478 : spdm_context, NULL, false, false, spdm_response_size,
479 : spdm_response, response_size, response);
480 : }
481 : }
482 2 : return LIBSPDM_STATUS_SUCCESS;
483 :
484 1 : case 0x7: {
485 : spdm_error_response_t *spdm_response;
486 : size_t spdm_response_size;
487 : size_t transport_header_size;
488 :
489 1 : spdm_response_size = sizeof(spdm_error_response_t);
490 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
491 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
492 :
493 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
494 1 : spdm_response->header.request_response_code = SPDM_ERROR;
495 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
496 1 : spdm_response->header.param2 = 0;
497 :
498 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
499 : false, spdm_response_size,
500 : spdm_response,
501 : response_size, response);
502 : }
503 1 : return LIBSPDM_STATUS_SUCCESS;
504 :
505 2 : case 0x8: {
506 : spdm_error_response_data_response_not_ready_t *spdm_response;
507 : size_t spdm_response_size;
508 : size_t transport_header_size;
509 :
510 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
511 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
512 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
513 :
514 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
515 2 : spdm_response->header.request_response_code = SPDM_ERROR;
516 2 : spdm_response->header.param1 =
517 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
518 2 : spdm_response->header.param2 = 0;
519 2 : spdm_response->extend_error_data.rd_exponent = 1;
520 2 : spdm_response->extend_error_data.rd_tm = 2;
521 2 : spdm_response->extend_error_data.request_code = SPDM_FINISH;
522 2 : spdm_response->extend_error_data.token = 0;
523 :
524 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
525 : false, spdm_response_size,
526 : spdm_response,
527 : response_size, response);
528 : }
529 2 : return LIBSPDM_STATUS_SUCCESS;
530 :
531 2 : case 0x9: {
532 : static size_t sub_index2 = 0;
533 2 : if (sub_index2 == 0) {
534 : spdm_error_response_data_response_not_ready_t
535 : *spdm_response;
536 : size_t spdm_response_size;
537 : size_t transport_header_size;
538 :
539 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
540 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
541 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
542 :
543 1 : spdm_response->header.spdm_version =
544 : SPDM_MESSAGE_VERSION_11;
545 1 : spdm_response->header.request_response_code = SPDM_ERROR;
546 1 : spdm_response->header.param1 =
547 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
548 1 : spdm_response->header.param2 = 0;
549 1 : spdm_response->extend_error_data.rd_exponent = 1;
550 1 : spdm_response->extend_error_data.rd_tm = 2;
551 1 : spdm_response->extend_error_data.request_code =
552 : SPDM_FINISH;
553 1 : spdm_response->extend_error_data.token = 1;
554 :
555 1 : libspdm_transport_test_encode_message(
556 : spdm_context, NULL, false, false,
557 : spdm_response_size, spdm_response,
558 : response_size, response);
559 1 : sub_index2++;
560 1 : } else if (sub_index2 == 1) {
561 : spdm_finish_response_t *spdm_response;
562 : uint32_t hash_size;
563 : uint32_t hmac_size;
564 : uint8_t *ptr;
565 : void *data;
566 : size_t data_size;
567 : uint8_t *cert_buffer;
568 : size_t cert_buffer_size;
569 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
570 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
571 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
572 : size_t spdm_response_size;
573 : size_t transport_header_size;
574 :
575 : ((libspdm_context_t *)spdm_context)
576 1 : ->connection_info.algorithm.base_asym_algo =
577 : m_libspdm_use_asym_algo;
578 : ((libspdm_context_t *)spdm_context)
579 1 : ->connection_info.algorithm.base_hash_algo =
580 : m_libspdm_use_hash_algo;
581 : ((libspdm_context_t *)spdm_context)
582 1 : ->connection_info.algorithm.dhe_named_group =
583 : m_libspdm_use_dhe_algo;
584 : ((libspdm_context_t *)spdm_context)
585 : ->connection_info.algorithm
586 1 : .measurement_hash_algo =
587 : m_libspdm_use_measurement_hash_algo;
588 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
589 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
590 1 : spdm_response_size =
591 1 : sizeof(spdm_finish_response_t) + hmac_size;
592 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
593 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
594 :
595 1 : spdm_response->header.spdm_version =
596 : SPDM_MESSAGE_VERSION_11;
597 1 : spdm_response->header.request_response_code =
598 : SPDM_FINISH_RSP;
599 1 : spdm_response->header.param1 = 0;
600 1 : spdm_response->header.param2 = 0;
601 1 : ptr = (void *)(spdm_response + 1);
602 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
603 : sizeof(m_libspdm_local_buffer)
604 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
605 : m_libspdm_local_buffer),
606 : spdm_response, sizeof(spdm_finish_response_t));
607 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
608 1 : libspdm_read_responder_public_certificate_chain(
609 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
610 : &data_size, NULL, NULL);
611 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
612 1 : cert_buffer = (uint8_t *)data;
613 1 : cert_buffer_size = data_size;
614 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
615 : cert_buffer_size, cert_buffer_hash);
616 : /* transcript.message_a size is 0*/
617 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash,
618 : hash_size);
619 : /* session_transcript.message_k is 0*/
620 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
621 : m_libspdm_local_buffer_size);
622 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE,
623 : (uint8_t)(0xFF));
624 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
625 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
626 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
627 : response_finished_key, hash_size, ptr);
628 1 : ptr += hmac_size;
629 1 : free(data);
630 :
631 1 : libspdm_transport_test_encode_message(
632 : spdm_context, NULL, false, false, spdm_response_size,
633 : spdm_response, response_size, response);
634 : }
635 : }
636 2 : return LIBSPDM_STATUS_SUCCESS;
637 :
638 18 : case 0xA:
639 : {
640 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
641 :
642 : spdm_error_response_t *spdm_response;
643 : size_t spdm_response_size;
644 : size_t transport_header_size;
645 :
646 18 : spdm_response_size = sizeof(spdm_error_response_t);
647 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
648 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
649 :
650 18 : if(error_code <= 0xff) {
651 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
652 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
653 18 : spdm_response->header.request_response_code = SPDM_ERROR;
654 18 : spdm_response->header.param1 = (uint8_t) error_code;
655 18 : spdm_response->header.param2 = 0;
656 :
657 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
658 : spdm_response_size, spdm_response,
659 : response_size, response);
660 : }
661 :
662 18 : error_code++;
663 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
664 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
665 : }
666 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
667 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
668 : }
669 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
670 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
671 : }
672 : }
673 18 : return LIBSPDM_STATUS_SUCCESS;
674 1 : case 0xB:
675 : {
676 : spdm_finish_response_t *spdm_response;
677 : uint32_t hash_size;
678 : uint32_t hmac_size;
679 : uint8_t *ptr;
680 : void *data;
681 : size_t data_size;
682 : uint8_t *cert_buffer;
683 : size_t cert_buffer_size;
684 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
685 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
686 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
687 : size_t spdm_response_size;
688 : size_t transport_header_size;
689 :
690 : ((libspdm_context_t *)spdm_context)
691 1 : ->connection_info.algorithm.base_asym_algo =
692 : m_libspdm_use_asym_algo;
693 : ((libspdm_context_t *)spdm_context)
694 1 : ->connection_info.algorithm.base_hash_algo =
695 : m_libspdm_use_hash_algo;
696 : ((libspdm_context_t *)spdm_context)
697 1 : ->connection_info.algorithm.dhe_named_group =
698 : m_libspdm_use_dhe_algo;
699 : ((libspdm_context_t *)spdm_context)
700 1 : ->connection_info.algorithm.measurement_hash_algo =
701 : m_libspdm_use_measurement_hash_algo;
702 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
703 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
704 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
705 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
706 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
707 :
708 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
709 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
710 1 : spdm_response->header.param1 = 0;
711 1 : spdm_response->header.param2 = 0;
712 1 : ptr = (void *)(spdm_response + 1);
713 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
714 : sizeof(m_libspdm_local_buffer)
715 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
716 : m_libspdm_local_buffer),
717 : spdm_response, sizeof(spdm_finish_response_t));
718 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
719 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
720 : m_libspdm_use_asym_algo, &data,
721 : &data_size, NULL, NULL);
722 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
723 1 : cert_buffer = (uint8_t *)data;
724 1 : cert_buffer_size = data_size;
725 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
726 : cert_buffer_hash);
727 : /* transcript.message_a size is 0*/
728 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
729 : /* session_transcript.message_k is 0*/
730 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
731 : m_libspdm_local_buffer_size);
732 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
733 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
734 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
735 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
736 : response_finished_key, hash_size, ptr);
737 1 : ptr += hmac_size;
738 1 : free(data);
739 :
740 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
741 : false, spdm_response_size,
742 : spdm_response, response_size,
743 : response);
744 : }
745 1 : return LIBSPDM_STATUS_SUCCESS;
746 :
747 0 : case 0xC: {
748 : spdm_finish_response_t *spdm_response;
749 : uint32_t hash_size;
750 : uint32_t hmac_size;
751 : uint8_t *ptr;
752 : void *data;
753 : size_t data_size;
754 : uint8_t *cert_buffer;
755 : size_t cert_buffer_size;
756 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
757 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
758 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
759 : size_t spdm_response_size;
760 : size_t transport_header_size;
761 :
762 : ((libspdm_context_t *)spdm_context)
763 0 : ->connection_info.algorithm.base_asym_algo =
764 : m_libspdm_use_asym_algo;
765 : ((libspdm_context_t *)spdm_context)
766 0 : ->connection_info.algorithm.base_hash_algo =
767 : m_libspdm_use_hash_algo;
768 : ((libspdm_context_t *)spdm_context)
769 0 : ->connection_info.algorithm.dhe_named_group =
770 : m_libspdm_use_dhe_algo;
771 : ((libspdm_context_t *)spdm_context)
772 0 : ->connection_info.algorithm.measurement_hash_algo =
773 : m_libspdm_use_measurement_hash_algo;
774 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
775 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
776 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
777 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
778 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
779 :
780 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
781 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
782 0 : spdm_response->header.param1 = 0;
783 0 : spdm_response->header.param2 = 0;
784 0 : ptr = (void *)(spdm_response + 1);
785 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
786 : sizeof(m_libspdm_local_buffer)
787 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
788 : m_libspdm_local_buffer),
789 : spdm_response, sizeof(spdm_finish_response_t));
790 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
791 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
792 : m_libspdm_use_asym_algo, &data,
793 : &data_size, NULL, NULL);
794 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
795 0 : cert_buffer = (uint8_t *)data;
796 0 : cert_buffer_size = data_size;
797 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
798 : cert_buffer_hash);
799 : /* transcript.message_a size is 0*/
800 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
801 : /* session_transcript.message_k is 0*/
802 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
803 : m_libspdm_local_buffer_size);
804 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
805 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
806 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
807 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
808 : response_finished_key, hash_size, ptr);
809 0 : ptr += hmac_size;
810 0 : free(data);
811 :
812 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
813 : false, spdm_response_size,
814 : spdm_response, response_size,
815 : response);
816 : }
817 0 : return LIBSPDM_STATUS_SUCCESS;
818 :
819 0 : case 0xD: {
820 : spdm_finish_response_t *spdm_response;
821 : uint32_t hash_size;
822 : uint32_t hmac_size;
823 : uint8_t *ptr;
824 : void *data;
825 : size_t data_size;
826 : uint8_t *cert_buffer;
827 : size_t cert_buffer_size;
828 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
829 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
830 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
831 : size_t spdm_response_size;
832 : size_t transport_header_size;
833 :
834 : ((libspdm_context_t *)spdm_context)
835 0 : ->connection_info.algorithm.base_asym_algo =
836 : m_libspdm_use_asym_algo;
837 : ((libspdm_context_t *)spdm_context)
838 0 : ->connection_info.algorithm.base_hash_algo =
839 : m_libspdm_use_hash_algo;
840 : ((libspdm_context_t *)spdm_context)
841 0 : ->connection_info.algorithm.dhe_named_group =
842 : m_libspdm_use_dhe_algo;
843 : ((libspdm_context_t *)spdm_context)
844 0 : ->connection_info.algorithm.measurement_hash_algo =
845 : m_libspdm_use_measurement_hash_algo;
846 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
847 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
848 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
849 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
850 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
851 :
852 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
853 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
854 0 : spdm_response->header.param1 = 0;
855 0 : spdm_response->header.param2 = 0;
856 0 : ptr = (void *)(spdm_response + 1);
857 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
858 : sizeof(m_libspdm_local_buffer)
859 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
860 : m_libspdm_local_buffer),
861 : spdm_response, sizeof(spdm_finish_response_t));
862 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
863 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
864 : m_libspdm_use_asym_algo, &data,
865 : &data_size, NULL, NULL);
866 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
867 0 : cert_buffer = (uint8_t *)data;
868 0 : cert_buffer_size = data_size;
869 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
870 : cert_buffer_hash);
871 : /* transcript.message_a size is 0*/
872 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
873 : /* session_transcript.message_k is 0*/
874 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
875 : m_libspdm_local_buffer_size);
876 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
877 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
878 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
879 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
880 : response_finished_key, hash_size, ptr);
881 0 : ptr += hmac_size;
882 0 : free(data);
883 :
884 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
885 : false, spdm_response_size,
886 : spdm_response, response_size,
887 : response);
888 : }
889 0 : return LIBSPDM_STATUS_SUCCESS;
890 :
891 1 : case 0xE: {
892 : spdm_finish_response_t *spdm_response;
893 : uint32_t hash_size;
894 : uint32_t hmac_size;
895 : uint8_t *ptr;
896 : void *data;
897 : size_t data_size;
898 : uint8_t *cert_buffer;
899 : size_t cert_buffer_size;
900 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
901 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
902 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
903 : size_t spdm_response_size;
904 : size_t transport_header_size;
905 :
906 : ((libspdm_context_t *)spdm_context)
907 1 : ->connection_info.algorithm.base_asym_algo =
908 : m_libspdm_use_asym_algo;
909 : ((libspdm_context_t *)spdm_context)
910 1 : ->connection_info.algorithm.base_hash_algo =
911 : m_libspdm_use_hash_algo;
912 : ((libspdm_context_t *)spdm_context)
913 1 : ->connection_info.algorithm.dhe_named_group =
914 : m_libspdm_use_dhe_algo;
915 : ((libspdm_context_t *)spdm_context)
916 1 : ->connection_info.algorithm.measurement_hash_algo =
917 : m_libspdm_use_measurement_hash_algo;
918 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
919 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
920 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
921 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
922 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
923 :
924 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
925 : /*wrong response code*/
926 1 : spdm_response->header.request_response_code = SPDM_FINISH;
927 1 : spdm_response->header.param1 = 0;
928 1 : spdm_response->header.param2 = 0;
929 1 : ptr = (void *)(spdm_response + 1);
930 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
931 : sizeof(m_libspdm_local_buffer)
932 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
933 : m_libspdm_local_buffer),
934 : spdm_response, sizeof(spdm_finish_response_t));
935 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
936 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
937 : m_libspdm_use_asym_algo, &data,
938 : &data_size, NULL, NULL);
939 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
940 1 : cert_buffer = (uint8_t *)data;
941 1 : cert_buffer_size = data_size;
942 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
943 : cert_buffer_hash);
944 : /* transcript.message_a size is 0*/
945 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
946 : /* session_transcript.message_k is 0*/
947 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
948 : m_libspdm_local_buffer_size);
949 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
950 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
951 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
952 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
953 : response_finished_key, hash_size, ptr);
954 1 : ptr += hmac_size;
955 1 : free(data);
956 :
957 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
958 : false, spdm_response_size,
959 : spdm_response, response_size,
960 : response);
961 : }
962 1 : return LIBSPDM_STATUS_SUCCESS;
963 :
964 0 : case 0xF: {
965 : spdm_finish_response_t *spdm_response;
966 : uint32_t hash_size;
967 : uint32_t hmac_size;
968 : uint8_t *ptr;
969 : void *data;
970 : size_t data_size;
971 : uint8_t *cert_buffer;
972 : size_t cert_buffer_size;
973 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
974 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
975 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
976 : size_t spdm_response_size;
977 : size_t transport_header_size;
978 :
979 : ((libspdm_context_t *)spdm_context)
980 0 : ->connection_info.algorithm.base_asym_algo =
981 : m_libspdm_use_asym_algo;
982 : ((libspdm_context_t *)spdm_context)
983 0 : ->connection_info.algorithm.base_hash_algo =
984 : m_libspdm_use_hash_algo;
985 : ((libspdm_context_t *)spdm_context)
986 0 : ->connection_info.algorithm.dhe_named_group =
987 : m_libspdm_use_dhe_algo;
988 : ((libspdm_context_t *)spdm_context)
989 0 : ->connection_info.algorithm.measurement_hash_algo =
990 : m_libspdm_use_measurement_hash_algo;
991 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
992 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
993 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
994 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
995 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
996 :
997 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
998 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
999 0 : spdm_response->header.param1 = 0;
1000 0 : spdm_response->header.param2 = 0;
1001 0 : ptr = (void *)(spdm_response + 1);
1002 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1003 : sizeof(m_libspdm_local_buffer)
1004 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1005 : m_libspdm_local_buffer),
1006 : spdm_response, sizeof(spdm_finish_response_t));
1007 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1008 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1009 : m_libspdm_use_asym_algo, &data,
1010 : &data_size, NULL, NULL);
1011 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1012 0 : cert_buffer = (uint8_t *)data;
1013 0 : cert_buffer_size = data_size;
1014 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1015 : cert_buffer_hash);
1016 : /* transcript.message_a size is 0*/
1017 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1018 : /* session_transcript.message_k is 0*/
1019 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1020 : m_libspdm_local_buffer_size);
1021 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1022 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1023 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1024 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1025 : response_finished_key, hash_size, ptr);
1026 0 : ptr += hmac_size;
1027 0 : free(data);
1028 :
1029 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1030 : false, spdm_response_size,
1031 : spdm_response, response_size,
1032 : response);
1033 : }
1034 0 : return LIBSPDM_STATUS_SUCCESS;
1035 :
1036 1 : case 0x10: {
1037 : spdm_finish_response_t *spdm_response;
1038 : uint32_t hash_size;
1039 : uint32_t hmac_size;
1040 : uint8_t *ptr;
1041 : void *data;
1042 : size_t data_size;
1043 : uint8_t *cert_buffer;
1044 : size_t cert_buffer_size;
1045 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1046 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1047 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1048 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1049 : size_t spdm_response_size;
1050 : size_t transport_header_size;
1051 :
1052 : ((libspdm_context_t *)spdm_context)
1053 1 : ->connection_info.algorithm.base_asym_algo =
1054 : m_libspdm_use_asym_algo;
1055 : ((libspdm_context_t *)spdm_context)
1056 1 : ->connection_info.algorithm.req_base_asym_alg =
1057 : m_libspdm_use_req_asym_algo;
1058 : ((libspdm_context_t *)spdm_context)
1059 1 : ->connection_info.algorithm.base_hash_algo =
1060 : m_libspdm_use_hash_algo;
1061 : ((libspdm_context_t *)spdm_context)
1062 1 : ->connection_info.algorithm.dhe_named_group =
1063 : m_libspdm_use_dhe_algo;
1064 : ((libspdm_context_t *)spdm_context)
1065 1 : ->connection_info.algorithm.measurement_hash_algo =
1066 : m_libspdm_use_measurement_hash_algo;
1067 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1068 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1069 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1070 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1071 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1072 :
1073 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1074 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1075 1 : spdm_response->header.param1 = 0;
1076 1 : spdm_response->header.param2 = 0;
1077 1 : ptr = (void *)(spdm_response + 1);
1078 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1079 : sizeof(m_libspdm_local_buffer)
1080 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1081 : m_libspdm_local_buffer),
1082 : spdm_response, sizeof(spdm_finish_response_t));
1083 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1084 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1085 : m_libspdm_use_asym_algo, &data,
1086 : &data_size, NULL, NULL);
1087 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1088 1 : cert_buffer = (uint8_t *)data;
1089 1 : cert_buffer_size = data_size;
1090 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1091 : cert_buffer_hash);
1092 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1093 : m_libspdm_use_req_asym_algo, &data,
1094 : &data_size, NULL, NULL);
1095 1 : cert_buffer = (uint8_t *)data;
1096 1 : cert_buffer_size = data_size;
1097 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1098 : req_cert_buffer_hash);
1099 : /* transcript.message_a size is 0*/
1100 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1101 : /* session_transcript.message_k is 0*/
1102 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash,
1103 : hash_size);
1104 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1105 : m_libspdm_local_buffer_size);
1106 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1107 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1108 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1109 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1110 : response_finished_key, hash_size, ptr);
1111 1 : ptr += hmac_size;
1112 1 : free(data);
1113 :
1114 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1115 : false, spdm_response_size,
1116 : spdm_response, response_size,
1117 : response);
1118 : }
1119 1 : return LIBSPDM_STATUS_SUCCESS;
1120 :
1121 1 : case 0x11: {
1122 : spdm_finish_response_t *spdm_response;
1123 : uint32_t hmac_size;
1124 : uint8_t *ptr;
1125 : size_t spdm_response_size;
1126 : size_t transport_header_size;
1127 :
1128 : ((libspdm_context_t *)spdm_context)
1129 1 : ->connection_info.algorithm.base_asym_algo =
1130 : m_libspdm_use_asym_algo;
1131 : ((libspdm_context_t *)spdm_context)
1132 1 : ->connection_info.algorithm.req_base_asym_alg =
1133 : m_libspdm_use_req_asym_algo;
1134 : ((libspdm_context_t *)spdm_context)
1135 1 : ->connection_info.algorithm.base_hash_algo =
1136 : m_libspdm_use_hash_algo;
1137 : ((libspdm_context_t *)spdm_context)
1138 1 : ->connection_info.algorithm.dhe_named_group =
1139 : m_libspdm_use_dhe_algo;
1140 : ((libspdm_context_t *)spdm_context)
1141 1 : ->connection_info.algorithm.measurement_hash_algo =
1142 : m_libspdm_use_measurement_hash_algo;
1143 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1144 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1145 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1146 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1147 :
1148 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1149 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1150 1 : spdm_response->header.param1 = 0;
1151 1 : spdm_response->header.param2 = 0;
1152 1 : ptr = (void *)(spdm_response + 1);
1153 1 : libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
1154 1 : ptr += hmac_size;
1155 :
1156 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1157 : false, spdm_response_size,
1158 : spdm_response, response_size,
1159 : response);
1160 : }
1161 1 : return LIBSPDM_STATUS_SUCCESS;
1162 :
1163 1 : case 0x12: {
1164 : spdm_finish_response_t *spdm_response;
1165 : uint32_t hash_size;
1166 : uint32_t hmac_size;
1167 : uint8_t *ptr;
1168 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1169 : uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
1170 : size_t spdm_response_size;
1171 : size_t transport_header_size;
1172 :
1173 : ((libspdm_context_t *)spdm_context)
1174 1 : ->connection_info.algorithm.base_asym_algo =
1175 : m_libspdm_use_asym_algo;
1176 : ((libspdm_context_t *)spdm_context)
1177 1 : ->connection_info.algorithm.req_base_asym_alg =
1178 : m_libspdm_use_req_asym_algo;
1179 : ((libspdm_context_t *)spdm_context)
1180 1 : ->connection_info.algorithm.base_hash_algo =
1181 : m_libspdm_use_hash_algo;
1182 : ((libspdm_context_t *)spdm_context)
1183 1 : ->connection_info.algorithm.dhe_named_group =
1184 : m_libspdm_use_dhe_algo;
1185 : ((libspdm_context_t *)spdm_context)
1186 1 : ->connection_info.algorithm.measurement_hash_algo =
1187 : m_libspdm_use_measurement_hash_algo;
1188 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1189 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1190 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1191 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1192 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1193 :
1194 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1195 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1196 1 : spdm_response->header.param1 = 0;
1197 1 : spdm_response->header.param2 = 0;
1198 1 : ptr = (void *)(spdm_response + 1);
1199 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1200 1 : libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
1201 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
1202 : response_finished_key, hash_size, ptr);
1203 1 : ptr += hmac_size;
1204 :
1205 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1206 : false, spdm_response_size,
1207 : spdm_response, response_size,
1208 : response);
1209 : }
1210 1 : return LIBSPDM_STATUS_SUCCESS;
1211 :
1212 0 : case 0x13: {
1213 : }
1214 0 : return LIBSPDM_STATUS_SUCCESS;
1215 :
1216 1 : case 0x14: {
1217 : spdm_finish_response_t *spdm_response;
1218 : uint32_t hash_size;
1219 : uint32_t hmac_size;
1220 : uint8_t *ptr;
1221 : void *data;
1222 : size_t data_size;
1223 : uint8_t *cert_buffer;
1224 : size_t cert_buffer_size;
1225 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1226 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1227 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1228 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1229 : size_t spdm_response_size;
1230 : size_t transport_header_size;
1231 :
1232 : ((libspdm_context_t *)spdm_context)
1233 1 : ->connection_info.algorithm.base_asym_algo =
1234 : m_libspdm_use_asym_algo;
1235 : ((libspdm_context_t *)spdm_context)
1236 1 : ->connection_info.algorithm.req_base_asym_alg =
1237 : m_libspdm_use_req_asym_algo;
1238 : ((libspdm_context_t *)spdm_context)
1239 1 : ->connection_info.algorithm.base_hash_algo =
1240 : m_libspdm_use_hash_algo;
1241 : ((libspdm_context_t *)spdm_context)
1242 1 : ->connection_info.algorithm.dhe_named_group =
1243 : m_libspdm_use_dhe_algo;
1244 : ((libspdm_context_t *)spdm_context)
1245 1 : ->connection_info.algorithm.measurement_hash_algo =
1246 : m_libspdm_use_measurement_hash_algo;
1247 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1248 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1249 1 : spdm_response_size = sizeof(spdm_finish_response_t) +
1250 1 : hmac_size/2;/* half HMAC size*/
1251 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1252 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1253 :
1254 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1255 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1256 1 : spdm_response->header.param1 = 0;
1257 1 : spdm_response->header.param2 = 0;
1258 1 : ptr = (void *)(spdm_response + 1);
1259 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1260 : sizeof(m_libspdm_local_buffer)
1261 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1262 : m_libspdm_local_buffer),
1263 : spdm_response, sizeof(spdm_finish_response_t));
1264 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1265 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1266 : m_libspdm_use_asym_algo, &data,
1267 : &data_size, NULL, NULL);
1268 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1269 1 : cert_buffer = (uint8_t *)data;
1270 1 : cert_buffer_size = data_size;
1271 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1272 : cert_buffer_hash);
1273 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1274 : m_libspdm_use_req_asym_algo, &data,
1275 : &data_size, NULL, NULL);
1276 1 : cert_buffer = (uint8_t *)data;
1277 1 : cert_buffer_size = data_size;
1278 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1279 : req_cert_buffer_hash);
1280 : /* transcript.message_a size is 0*/
1281 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1282 : /* session_transcript.message_k is 0*/
1283 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash,
1284 : hash_size);
1285 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1286 : m_libspdm_local_buffer_size);
1287 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1288 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1289 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1290 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1291 : response_finished_key, hash_size, ptr);
1292 1 : ptr += hmac_size/2; /* half HMAC size*/
1293 1 : libspdm_set_mem(ptr, hmac_size/2, (uint8_t) 0x00);
1294 1 : free(data);
1295 :
1296 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1297 : false, spdm_response_size,
1298 : spdm_response, response_size,
1299 : response);
1300 : }
1301 1 : return LIBSPDM_STATUS_SUCCESS;
1302 :
1303 1 : case 0x15: {
1304 : spdm_error_response_t *spdm_response;
1305 : size_t spdm_response_size;
1306 : size_t transport_header_size;
1307 :
1308 1 : spdm_response_size = sizeof(spdm_error_response_t);
1309 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1310 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1311 :
1312 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1313 1 : spdm_response->header.request_response_code = SPDM_ERROR;
1314 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
1315 1 : spdm_response->header.param2 = 0;
1316 :
1317 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1318 : false, spdm_response_size,
1319 : spdm_response,
1320 : response_size, response);
1321 : }
1322 1 : return LIBSPDM_STATUS_SUCCESS;
1323 :
1324 1 : case 0x16: {
1325 : spdm_finish_response_t *spdm_response;
1326 : uint32_t hash_size;
1327 : uint32_t hmac_size;
1328 : uint8_t *ptr;
1329 : void *data;
1330 : size_t data_size;
1331 : uint8_t *cert_buffer;
1332 : size_t cert_buffer_size;
1333 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1334 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1335 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1336 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1337 : size_t spdm_response_size;
1338 : size_t transport_header_size;
1339 :
1340 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1341 : m_libspdm_use_asym_algo;
1342 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.req_base_asym_alg =
1343 : m_libspdm_use_req_asym_algo;
1344 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1345 : m_libspdm_use_hash_algo;
1346 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.dhe_named_group =
1347 : m_libspdm_use_dhe_algo;
1348 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.measurement_hash_algo =
1349 : m_libspdm_use_measurement_hash_algo;
1350 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1351 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1352 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1353 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1354 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1355 :
1356 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1357 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1358 1 : spdm_response->header.param1 = 0;
1359 1 : spdm_response->header.param2 = 0;
1360 1 : ptr = (void *)(spdm_response + 1);
1361 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1362 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1363 : spdm_response, sizeof(spdm_finish_response_t));
1364 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1365 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1366 : m_libspdm_use_asym_algo, &data,
1367 : &data_size, NULL, NULL);
1368 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1369 1 : cert_buffer = (uint8_t *)data;
1370 1 : cert_buffer_size = data_size;
1371 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1372 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1373 : m_libspdm_use_req_asym_algo, &data,
1374 : &data_size, NULL, NULL);
1375 1 : cert_buffer = (uint8_t *)data;
1376 1 : cert_buffer_size = data_size;
1377 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1378 : req_cert_buffer_hash);
1379 : /* transcript.message_a size is 0*/
1380 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1381 : /* session_transcript.message_k is 0*/
1382 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1383 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1384 : m_libspdm_local_buffer_size);
1385 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1386 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1387 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1388 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1389 : response_finished_key, hash_size, ptr);
1390 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1391 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1392 : ptr, hmac_size);
1393 1 : m_libspdm_local_buffer_size += hmac_size;
1394 1 : ptr += hmac_size;
1395 1 : free(data);
1396 :
1397 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1398 : false, spdm_response_size,
1399 : spdm_response, response_size,
1400 : response);
1401 : }
1402 1 : return LIBSPDM_STATUS_SUCCESS;
1403 1 : case 0x17: {
1404 : spdm_finish_response_t *spdm_response;
1405 : uint32_t hash_size;
1406 : uint32_t hmac_size;
1407 : uint8_t *ptr;
1408 : void *data;
1409 : size_t data_size;
1410 : uint8_t *cert_buffer;
1411 : size_t cert_buffer_size;
1412 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1413 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1414 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1415 : size_t spdm_response_size;
1416 : size_t transport_header_size;
1417 :
1418 : ((libspdm_context_t *)spdm_context)
1419 1 : ->connection_info.algorithm.base_asym_algo =
1420 : m_libspdm_use_asym_algo;
1421 : ((libspdm_context_t *)spdm_context)
1422 1 : ->connection_info.algorithm.base_hash_algo =
1423 : m_libspdm_use_hash_algo;
1424 : ((libspdm_context_t *)spdm_context)
1425 1 : ->connection_info.algorithm.dhe_named_group =
1426 : m_libspdm_use_dhe_algo;
1427 : ((libspdm_context_t *)spdm_context)
1428 1 : ->connection_info.algorithm.measurement_hash_algo =
1429 : m_libspdm_use_measurement_hash_algo;
1430 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1431 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1432 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1433 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1434 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1435 :
1436 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1437 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1438 1 : spdm_response->header.param1 = 0;
1439 1 : spdm_response->header.param2 = 0;
1440 1 : ptr = (void *)(spdm_response + 1);
1441 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1442 : sizeof(m_libspdm_local_buffer)
1443 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1444 : m_libspdm_local_buffer),
1445 : spdm_response, sizeof(spdm_finish_response_t));
1446 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1447 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1448 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1449 1 : cert_buffer = (uint8_t *)data;
1450 1 : cert_buffer_size = data_size;
1451 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1452 : cert_buffer_hash);
1453 : /* transcript.message_a size is 0*/
1454 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1455 : /* session_transcript.message_k is 0*/
1456 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1457 : m_libspdm_local_buffer_size);
1458 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1459 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1460 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1461 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1462 : response_finished_key, hash_size, ptr);
1463 1 : ptr += hmac_size;
1464 1 : free(data);
1465 :
1466 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1467 : false, spdm_response_size,
1468 : spdm_response, response_size,
1469 : response);
1470 : }
1471 1 : return LIBSPDM_STATUS_SUCCESS;
1472 1 : case 0x18: {
1473 : spdm_finish_response_t *spdm_response;
1474 : libspdm_session_info_t *session_info;
1475 : size_t spdm_response_size;
1476 : size_t transport_header_size;
1477 : uint32_t session_id;
1478 : uint8_t *scratch_buffer;
1479 : size_t scratch_buffer_size;
1480 :
1481 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1482 :
1483 : /* The ResponderVerifyData field does absent.*/
1484 1 : spdm_response_size = sizeof(spdm_finish_response_t);
1485 :
1486 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1487 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1488 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1489 1 : spdm_response->header.param1 = 0;
1490 1 : spdm_response->header.param2 = 0;
1491 :
1492 1 : session_id = 0xFFFFFFFF;
1493 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1494 : * transport_message is always in sender buffer. */
1495 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1496 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1497 : scratch_buffer_size - transport_header_size,
1498 : spdm_response, spdm_response_size);
1499 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1500 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1501 : spdm_response_size, spdm_response,
1502 : response_size, response);
1503 :
1504 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1505 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1506 1 : handshake_secret.response_handshake_sequence_number--;
1507 : }
1508 1 : return LIBSPDM_STATUS_SUCCESS;
1509 1 : case 0x19: {
1510 : spdm_finish_response_t *spdm_response;
1511 : libspdm_session_info_t *session_info;
1512 : size_t spdm_response_size;
1513 : size_t transport_header_size;
1514 : uint32_t session_id;
1515 : uint8_t *scratch_buffer;
1516 : size_t scratch_buffer_size;
1517 : uint16_t opaque_data_size;
1518 : uint8_t *ptr;
1519 :
1520 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1521 :
1522 1 : opaque_data_size = 8;
1523 : /* The ResponderVerifyData field does absent.*/
1524 1 : spdm_response_size = sizeof(spdm_finish_response_t) + sizeof(uint16_t) + opaque_data_size;
1525 :
1526 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1527 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_14;
1528 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1529 1 : spdm_response->header.param1 = 0;
1530 1 : spdm_response->header.param2 = 0;
1531 1 : ptr = (uint8_t *)spdm_response + sizeof(spdm_finish_response_t);
1532 1 : libspdm_write_uint16(ptr, opaque_data_size);
1533 :
1534 1 : session_id = 0xFFFFFFFF;
1535 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1536 : * transport_message is always in sender buffer. */
1537 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1538 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1539 : scratch_buffer_size - transport_header_size,
1540 : spdm_response, spdm_response_size);
1541 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1542 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1543 : spdm_response_size, spdm_response,
1544 : response_size, response);
1545 :
1546 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1547 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1548 1 : handshake_secret.response_handshake_sequence_number--;
1549 : }
1550 1 : return LIBSPDM_STATUS_SUCCESS;
1551 :
1552 0 : default:
1553 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1554 : }
1555 : }
1556 :
1557 : /**
1558 : * Test 1: when no FINISH_RSP message is received, and the client returns a
1559 : * device error.
1560 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1561 : **/
1562 1 : static void req_finish_case1(void **state)
1563 : {
1564 : libspdm_return_t status;
1565 : libspdm_test_context_t *spdm_test_context;
1566 : libspdm_context_t *spdm_context;
1567 : uint32_t session_id;
1568 : uint8_t req_slot_id_param;
1569 : void *data;
1570 : size_t data_size;
1571 : void *hash;
1572 : size_t hash_size;
1573 : libspdm_session_info_t *session_info;
1574 :
1575 1 : spdm_test_context = *state;
1576 1 : spdm_context = spdm_test_context->spdm_context;
1577 1 : spdm_test_context->case_id = 0x1;
1578 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1579 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1580 1 : spdm_context->connection_info.connection_state =
1581 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1582 1 : spdm_context->connection_info.capability.flags |=
1583 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1584 1 : spdm_context->connection_info.capability.flags |=
1585 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1586 1 : spdm_context->connection_info.capability.flags |=
1587 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1588 1 : spdm_context->local_context.capability.flags |=
1589 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1590 1 : spdm_context->local_context.capability.flags |=
1591 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1592 1 : spdm_context->local_context.capability.flags |=
1593 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1594 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1595 : m_libspdm_use_asym_algo, &data,
1596 : &data_size, &hash, &hash_size)) {
1597 0 : assert(false);
1598 : }
1599 1 : libspdm_reset_message_a(spdm_context);
1600 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1601 : m_libspdm_use_hash_algo;
1602 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1603 : m_libspdm_use_asym_algo;
1604 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1605 : m_libspdm_use_dhe_algo;
1606 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1607 : m_libspdm_use_aead_algo;
1608 :
1609 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1610 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1611 : data_size;
1612 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1613 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1614 : data, data_size);
1615 : #else
1616 1 : libspdm_hash_all(
1617 : spdm_context->connection_info.algorithm.base_hash_algo,
1618 : data, data_size,
1619 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1620 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1621 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1622 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1623 : spdm_context->connection_info.algorithm.base_hash_algo,
1624 : spdm_context->connection_info.algorithm.base_asym_algo,
1625 : data, data_size,
1626 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1627 : #endif
1628 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
1629 :
1630 1 : session_id = 0xFFFFFFFF;
1631 1 : session_info = &spdm_context->session_info[0];
1632 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1633 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1634 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1635 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1636 1 : libspdm_secured_message_set_response_finished_key(
1637 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1638 : hash_size);
1639 1 : libspdm_secured_message_set_session_state(
1640 : session_info->secured_message_context,
1641 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1642 :
1643 1 : spdm_context->connection_info.capability.flags |=
1644 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1645 1 : spdm_context->local_context.capability.flags |=
1646 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1647 1 : req_slot_id_param = 0;
1648 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
1649 : req_slot_id_param);
1650 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
1651 1 : free(data);
1652 1 : }
1653 :
1654 : /**
1655 : * Test 2: receiving a correct FINISH_RSP message with only MAC (no
1656 : * mutual authentication) and 'handshake in the clear'.
1657 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
1658 : * session is established.
1659 : **/
1660 1 : static void req_finish_case2(void **state)
1661 : {
1662 : libspdm_return_t status;
1663 : libspdm_test_context_t *spdm_test_context;
1664 : libspdm_context_t *spdm_context;
1665 : uint32_t session_id;
1666 : uint8_t req_slot_id_param;
1667 : void *data;
1668 : size_t data_size;
1669 : void *hash;
1670 : size_t hash_size;
1671 : libspdm_session_info_t *session_info;
1672 : libspdm_secured_message_context_t *secured_message_context;
1673 :
1674 1 : spdm_test_context = *state;
1675 1 : spdm_context = spdm_test_context->spdm_context;
1676 1 : spdm_test_context->case_id = 0x2;
1677 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1678 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1679 1 : spdm_context->connection_info.connection_state =
1680 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1681 1 : spdm_context->connection_info.capability.flags |=
1682 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1683 1 : spdm_context->connection_info.capability.flags |=
1684 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1685 1 : spdm_context->connection_info.capability.flags |=
1686 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1687 1 : spdm_context->local_context.capability.flags |=
1688 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1689 1 : spdm_context->local_context.capability.flags |=
1690 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1691 1 : spdm_context->local_context.capability.flags |=
1692 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1693 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1694 : m_libspdm_use_asym_algo, &data,
1695 : &data_size, &hash, &hash_size)) {
1696 0 : assert(false);
1697 : }
1698 1 : libspdm_reset_message_a(spdm_context);
1699 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1700 : m_libspdm_use_hash_algo;
1701 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1702 : m_libspdm_use_asym_algo;
1703 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1704 : m_libspdm_use_dhe_algo;
1705 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1706 : m_libspdm_use_aead_algo;
1707 :
1708 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1709 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1710 : data_size;
1711 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1712 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1713 : data, data_size);
1714 : #else
1715 1 : libspdm_hash_all(
1716 : spdm_context->connection_info.algorithm.base_hash_algo,
1717 : data, data_size,
1718 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1719 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1720 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1721 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1722 : spdm_context->connection_info.algorithm.base_hash_algo,
1723 : spdm_context->connection_info.algorithm.base_asym_algo,
1724 : data, data_size,
1725 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1726 : #endif
1727 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
1728 :
1729 1 : session_id = 0xFFFFFFFF;
1730 1 : session_info = &spdm_context->session_info[0];
1731 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1732 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1733 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1734 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1735 1 : libspdm_secured_message_set_response_finished_key(
1736 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1737 : hash_size);
1738 1 : libspdm_secured_message_set_session_state(
1739 : session_info->secured_message_context,
1740 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1741 :
1742 1 : spdm_context->connection_info.capability.flags |=
1743 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1744 1 : spdm_context->local_context.capability.flags |=
1745 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1746 1 : req_slot_id_param = 0;
1747 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1748 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1749 1 : assert_int_equal(
1750 : libspdm_secured_message_get_session_state(
1751 : spdm_context->session_info[0].secured_message_context),
1752 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1753 :
1754 1 : secured_message_context = session_info->secured_message_context;
1755 :
1756 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
1757 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
1758 1 : free(data);
1759 1 : }
1760 :
1761 : /**
1762 : * Test 3: requester state has not been negotiated, as if GET_VERSION, GET_CAPABILITIES and
1763 : * NEGOTIATE_ALGORITHMS had not been exchanged.
1764 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1765 : **/
1766 1 : static void req_finish_case3(void **state)
1767 : {
1768 : libspdm_return_t status;
1769 : libspdm_test_context_t *spdm_test_context;
1770 : libspdm_context_t *spdm_context;
1771 : uint32_t session_id;
1772 : uint8_t req_slot_id_param;
1773 : void *data;
1774 : size_t data_size;
1775 : void *hash;
1776 : size_t hash_size;
1777 : libspdm_session_info_t *session_info;
1778 :
1779 1 : spdm_test_context = *state;
1780 1 : spdm_context = spdm_test_context->spdm_context;
1781 1 : spdm_test_context->case_id = 0x3;
1782 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1783 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1784 1 : spdm_context->connection_info.connection_state =
1785 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
1786 1 : spdm_context->connection_info.capability.flags |=
1787 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1788 1 : spdm_context->connection_info.capability.flags |=
1789 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1790 1 : spdm_context->connection_info.capability.flags |=
1791 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1792 1 : spdm_context->local_context.capability.flags |=
1793 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1794 1 : spdm_context->local_context.capability.flags |=
1795 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1796 1 : spdm_context->local_context.capability.flags |=
1797 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1798 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1799 : m_libspdm_use_asym_algo, &data,
1800 : &data_size, &hash, &hash_size)) {
1801 0 : assert(false);
1802 : }
1803 1 : libspdm_reset_message_a(spdm_context);
1804 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1805 : m_libspdm_use_hash_algo;
1806 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1807 : m_libspdm_use_asym_algo;
1808 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1809 : m_libspdm_use_dhe_algo;
1810 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1811 : m_libspdm_use_aead_algo;
1812 :
1813 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1814 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1815 : data_size;
1816 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1817 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1818 : data, data_size);
1819 : #else
1820 1 : libspdm_hash_all(
1821 : spdm_context->connection_info.algorithm.base_hash_algo,
1822 : data, data_size,
1823 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1824 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1825 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1826 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1827 : spdm_context->connection_info.algorithm.base_hash_algo,
1828 : spdm_context->connection_info.algorithm.base_asym_algo,
1829 : data, data_size,
1830 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1831 : #endif
1832 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
1833 :
1834 1 : session_id = 0xFFFFFFFF;
1835 1 : session_info = &spdm_context->session_info[0];
1836 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1837 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1838 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1839 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1840 1 : libspdm_secured_message_set_response_finished_key(
1841 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1842 : hash_size);
1843 1 : libspdm_secured_message_set_session_state(
1844 : session_info->secured_message_context,
1845 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1846 :
1847 1 : spdm_context->connection_info.capability.flags |=
1848 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1849 1 : spdm_context->local_context.capability.flags |=
1850 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1851 1 : req_slot_id_param = 0;
1852 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
1853 : req_slot_id_param);
1854 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
1855 1 : free(data);
1856 1 : }
1857 :
1858 : /**
1859 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
1860 : * message indicating InvalidParameters.
1861 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1862 : **/
1863 1 : static void req_finish_case4(void **state)
1864 : {
1865 : libspdm_return_t status;
1866 : libspdm_test_context_t *spdm_test_context;
1867 : libspdm_context_t *spdm_context;
1868 : uint32_t session_id;
1869 : uint8_t req_slot_id_param;
1870 : void *data;
1871 : size_t data_size;
1872 : void *hash;
1873 : size_t hash_size;
1874 : libspdm_session_info_t *session_info;
1875 :
1876 1 : spdm_test_context = *state;
1877 1 : spdm_context = spdm_test_context->spdm_context;
1878 1 : spdm_test_context->case_id = 0x4;
1879 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1880 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1881 1 : spdm_context->connection_info.connection_state =
1882 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1883 1 : spdm_context->connection_info.capability.flags |=
1884 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1885 1 : spdm_context->connection_info.capability.flags |=
1886 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1887 1 : spdm_context->connection_info.capability.flags |=
1888 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1889 1 : spdm_context->local_context.capability.flags |=
1890 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1891 1 : spdm_context->local_context.capability.flags |=
1892 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1893 1 : spdm_context->local_context.capability.flags |=
1894 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1895 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1896 : m_libspdm_use_asym_algo, &data,
1897 : &data_size, &hash, &hash_size)) {
1898 0 : assert(false);
1899 : }
1900 1 : libspdm_reset_message_a(spdm_context);
1901 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1902 : m_libspdm_use_hash_algo;
1903 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1904 : m_libspdm_use_asym_algo;
1905 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1906 : m_libspdm_use_dhe_algo;
1907 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1908 : m_libspdm_use_aead_algo;
1909 :
1910 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1911 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1912 : data_size;
1913 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1914 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1915 : data, data_size);
1916 : #else
1917 1 : libspdm_hash_all(
1918 : spdm_context->connection_info.algorithm.base_hash_algo,
1919 : data, data_size,
1920 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1921 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1922 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1923 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1924 : spdm_context->connection_info.algorithm.base_hash_algo,
1925 : spdm_context->connection_info.algorithm.base_asym_algo,
1926 : data, data_size,
1927 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1928 : #endif
1929 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
1930 :
1931 1 : session_id = 0xFFFFFFFF;
1932 1 : session_info = &spdm_context->session_info[0];
1933 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1934 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1935 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1936 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1937 1 : libspdm_secured_message_set_response_finished_key(
1938 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1939 : hash_size);
1940 1 : libspdm_secured_message_set_session_state(
1941 : session_info->secured_message_context,
1942 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1943 :
1944 1 : spdm_context->connection_info.capability.flags |=
1945 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1946 1 : spdm_context->local_context.capability.flags |=
1947 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1948 1 : req_slot_id_param = 0;
1949 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
1950 : req_slot_id_param);
1951 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1952 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1953 1 : free(data);
1954 1 : }
1955 :
1956 : /**
1957 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
1958 : * message indicating the Busy status of the responder.
1959 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1960 : **/
1961 1 : static void req_finish_case5(void **state)
1962 : {
1963 : libspdm_return_t status;
1964 : libspdm_test_context_t *spdm_test_context;
1965 : libspdm_context_t *spdm_context;
1966 : uint32_t session_id;
1967 : uint8_t req_slot_id_param;
1968 : void *data;
1969 : size_t data_size;
1970 : void *hash;
1971 : size_t hash_size;
1972 : libspdm_session_info_t *session_info;
1973 :
1974 1 : spdm_test_context = *state;
1975 1 : spdm_context = spdm_test_context->spdm_context;
1976 1 : spdm_test_context->case_id = 0x5;
1977 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1978 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1979 1 : spdm_context->connection_info.connection_state =
1980 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1981 1 : spdm_context->connection_info.capability.flags |=
1982 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1983 1 : spdm_context->connection_info.capability.flags |=
1984 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1985 1 : spdm_context->connection_info.capability.flags |=
1986 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1987 1 : spdm_context->local_context.capability.flags |=
1988 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1989 1 : spdm_context->local_context.capability.flags |=
1990 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1991 1 : spdm_context->local_context.capability.flags |=
1992 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1993 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1994 : m_libspdm_use_asym_algo, &data,
1995 : &data_size, &hash, &hash_size)) {
1996 0 : assert(false);
1997 : }
1998 1 : libspdm_reset_message_a(spdm_context);
1999 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2000 : m_libspdm_use_hash_algo;
2001 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2002 : m_libspdm_use_asym_algo;
2003 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2004 : m_libspdm_use_dhe_algo;
2005 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2006 : m_libspdm_use_aead_algo;
2007 :
2008 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2009 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2010 : data_size;
2011 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2012 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2013 : data, data_size);
2014 : #else
2015 1 : libspdm_hash_all(
2016 : spdm_context->connection_info.algorithm.base_hash_algo,
2017 : data, data_size,
2018 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2019 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2020 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2021 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2022 : spdm_context->connection_info.algorithm.base_hash_algo,
2023 : spdm_context->connection_info.algorithm.base_asym_algo,
2024 : data, data_size,
2025 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2026 : #endif
2027 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2028 :
2029 1 : session_id = 0xFFFFFFFF;
2030 1 : session_info = &spdm_context->session_info[0];
2031 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2032 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2033 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2034 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2035 1 : libspdm_secured_message_set_response_finished_key(
2036 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2037 : hash_size);
2038 1 : libspdm_secured_message_set_session_state(
2039 : session_info->secured_message_context,
2040 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2041 :
2042 1 : spdm_context->connection_info.capability.flags |=
2043 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2044 1 : spdm_context->local_context.capability.flags |=
2045 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2046 1 : req_slot_id_param = 0;
2047 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2048 : req_slot_id_param);
2049 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
2050 1 : free(data);
2051 1 : }
2052 :
2053 : /**
2054 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
2055 : * receiving a Busy ERROR message, and on retry, receiving a correct FINISH_RSP
2056 : * message with only MAC (no mutual authentication).
2057 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
2058 : **/
2059 1 : static void req_finish_case6(void **state)
2060 : {
2061 : libspdm_return_t status;
2062 : libspdm_test_context_t *spdm_test_context;
2063 : libspdm_context_t *spdm_context;
2064 : uint32_t session_id;
2065 : uint8_t req_slot_id_param;
2066 : void *data;
2067 : size_t data_size;
2068 : void *hash;
2069 : size_t hash_size;
2070 : libspdm_session_info_t *session_info;
2071 :
2072 1 : spdm_test_context = *state;
2073 1 : spdm_context = spdm_test_context->spdm_context;
2074 1 : spdm_test_context->case_id = 0x6;
2075 1 : spdm_context->retry_times = 3;
2076 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2077 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2078 1 : spdm_context->connection_info.connection_state =
2079 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2080 1 : spdm_context->connection_info.capability.flags |=
2081 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2082 1 : spdm_context->connection_info.capability.flags |=
2083 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2084 1 : spdm_context->connection_info.capability.flags |=
2085 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2086 1 : spdm_context->local_context.capability.flags |=
2087 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2088 1 : spdm_context->local_context.capability.flags |=
2089 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2090 1 : spdm_context->local_context.capability.flags |=
2091 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2092 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2093 : m_libspdm_use_asym_algo, &data,
2094 : &data_size, &hash, &hash_size)) {
2095 0 : assert(false);
2096 : }
2097 1 : libspdm_reset_message_a(spdm_context);
2098 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2099 : m_libspdm_use_hash_algo;
2100 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2101 : m_libspdm_use_asym_algo;
2102 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2103 : m_libspdm_use_dhe_algo;
2104 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2105 : m_libspdm_use_aead_algo;
2106 :
2107 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2108 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2109 : data_size;
2110 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2111 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2112 : data, data_size);
2113 : #else
2114 1 : libspdm_hash_all(
2115 : spdm_context->connection_info.algorithm.base_hash_algo,
2116 : data, data_size,
2117 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2118 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2119 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2120 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2121 : spdm_context->connection_info.algorithm.base_hash_algo,
2122 : spdm_context->connection_info.algorithm.base_asym_algo,
2123 : data, data_size,
2124 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2125 : #endif
2126 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2127 :
2128 1 : session_id = 0xFFFFFFFF;
2129 1 : session_info = &spdm_context->session_info[0];
2130 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2131 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2132 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2133 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2134 1 : libspdm_secured_message_set_response_finished_key(
2135 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2136 : hash_size);
2137 1 : libspdm_secured_message_set_session_state(
2138 : session_info->secured_message_context,
2139 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2140 :
2141 1 : spdm_context->connection_info.capability.flags |=
2142 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2143 1 : spdm_context->local_context.capability.flags |=
2144 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2145 1 : req_slot_id_param = 0;
2146 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2147 : req_slot_id_param);
2148 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2149 1 : assert_int_equal(
2150 : libspdm_secured_message_get_session_state(
2151 : spdm_context->session_info[0].secured_message_context),
2152 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2153 1 : free(data);
2154 1 : }
2155 :
2156 : /**
2157 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2158 : * message indicating the RequestResynch status of the responder.
2159 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the
2160 : * communication is reset to expect a new GET_VERSION message.
2161 : **/
2162 1 : static void req_finish_case7(void **state)
2163 : {
2164 : libspdm_return_t status;
2165 : libspdm_test_context_t *spdm_test_context;
2166 : libspdm_context_t *spdm_context;
2167 : uint32_t session_id;
2168 : uint8_t req_slot_id_param;
2169 : void *data;
2170 : size_t data_size;
2171 : void *hash;
2172 : size_t hash_size;
2173 : libspdm_session_info_t *session_info;
2174 :
2175 1 : spdm_test_context = *state;
2176 1 : spdm_context = spdm_test_context->spdm_context;
2177 1 : spdm_test_context->case_id = 0x7;
2178 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2179 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2180 1 : spdm_context->connection_info.connection_state =
2181 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2182 1 : spdm_context->connection_info.capability.flags |=
2183 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2184 1 : spdm_context->connection_info.capability.flags |=
2185 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2186 1 : spdm_context->connection_info.capability.flags |=
2187 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2188 1 : spdm_context->local_context.capability.flags |=
2189 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2190 1 : spdm_context->local_context.capability.flags |=
2191 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2192 1 : spdm_context->local_context.capability.flags |=
2193 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2194 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2195 : m_libspdm_use_asym_algo, &data,
2196 : &data_size, &hash, &hash_size)) {
2197 0 : assert(false);
2198 : }
2199 1 : libspdm_reset_message_a(spdm_context);
2200 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2201 : m_libspdm_use_hash_algo;
2202 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2203 : m_libspdm_use_asym_algo;
2204 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2205 : m_libspdm_use_dhe_algo;
2206 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2207 : m_libspdm_use_aead_algo;
2208 :
2209 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2210 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2211 : data_size;
2212 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2213 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2214 : data, data_size);
2215 : #else
2216 1 : libspdm_hash_all(
2217 : spdm_context->connection_info.algorithm.base_hash_algo,
2218 : data, data_size,
2219 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2220 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2221 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2222 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2223 : spdm_context->connection_info.algorithm.base_hash_algo,
2224 : spdm_context->connection_info.algorithm.base_asym_algo,
2225 : data, data_size,
2226 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2227 : #endif
2228 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2229 :
2230 1 : session_id = 0xFFFFFFFF;
2231 1 : session_info = &spdm_context->session_info[0];
2232 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2233 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2234 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2235 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2236 1 : libspdm_secured_message_set_response_finished_key(
2237 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2238 : hash_size);
2239 1 : libspdm_secured_message_set_session_state(
2240 : session_info->secured_message_context,
2241 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2242 :
2243 1 : spdm_context->connection_info.capability.flags |=
2244 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2245 1 : spdm_context->local_context.capability.flags |=
2246 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2247 1 : req_slot_id_param = 0;
2248 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2249 : req_slot_id_param);
2250 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2251 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2252 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2253 1 : free(data);
2254 1 : }
2255 :
2256 : /**
2257 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2258 : * message indicating the ResponseNotReady status of the responder.
2259 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR,.
2260 : **/
2261 1 : static void req_finish_case8(void **state)
2262 : {
2263 : libspdm_return_t status;
2264 : libspdm_test_context_t *spdm_test_context;
2265 : libspdm_context_t *spdm_context;
2266 : uint32_t session_id;
2267 : uint8_t req_slot_id_param;
2268 : void *data;
2269 : size_t data_size;
2270 : void *hash;
2271 : size_t hash_size;
2272 : libspdm_session_info_t *session_info;
2273 :
2274 1 : spdm_test_context = *state;
2275 1 : spdm_context = spdm_test_context->spdm_context;
2276 1 : spdm_test_context->case_id = 0x8;
2277 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2278 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2279 1 : spdm_context->connection_info.connection_state =
2280 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2281 1 : spdm_context->connection_info.capability.flags |=
2282 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2283 1 : spdm_context->connection_info.capability.flags |=
2284 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2285 1 : spdm_context->connection_info.capability.flags |=
2286 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2287 1 : spdm_context->local_context.capability.flags |=
2288 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2289 1 : spdm_context->local_context.capability.flags |=
2290 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2291 1 : spdm_context->local_context.capability.flags |=
2292 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2293 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2294 : m_libspdm_use_asym_algo, &data,
2295 : &data_size, &hash, &hash_size)) {
2296 0 : assert(false);
2297 : }
2298 1 : libspdm_reset_message_a(spdm_context);
2299 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2300 : m_libspdm_use_hash_algo;
2301 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2302 : m_libspdm_use_asym_algo;
2303 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2304 : m_libspdm_use_dhe_algo;
2305 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2306 : m_libspdm_use_aead_algo;
2307 :
2308 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2309 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2310 : data_size;
2311 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2312 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2313 : data, data_size);
2314 : #else
2315 1 : libspdm_hash_all(
2316 : spdm_context->connection_info.algorithm.base_hash_algo,
2317 : data, data_size,
2318 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2319 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2320 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2321 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2322 : spdm_context->connection_info.algorithm.base_hash_algo,
2323 : spdm_context->connection_info.algorithm.base_asym_algo,
2324 : data, data_size,
2325 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2326 : #endif
2327 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2328 :
2329 1 : session_id = 0xFFFFFFFF;
2330 1 : session_info = &spdm_context->session_info[0];
2331 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2332 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2333 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2334 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2335 1 : libspdm_secured_message_set_response_finished_key(
2336 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2337 : hash_size);
2338 1 : libspdm_secured_message_set_session_state(
2339 : session_info->secured_message_context,
2340 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2341 :
2342 1 : spdm_context->connection_info.capability.flags |=
2343 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2344 1 : spdm_context->local_context.capability.flags |=
2345 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2346 1 : req_slot_id_param = 0;
2347 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2348 : req_slot_id_param);
2349 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2350 1 : free(data);
2351 1 : }
2352 :
2353 : /**
2354 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2355 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2356 : * FINISH_RSP message with only MAC (no mutual authentication).
2357 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
2358 : **/
2359 1 : static void req_finish_case9(void **state)
2360 : {
2361 : libspdm_return_t status;
2362 : libspdm_test_context_t *spdm_test_context;
2363 : libspdm_context_t *spdm_context;
2364 : uint32_t session_id;
2365 : uint8_t req_slot_id_param;
2366 : void *data;
2367 : size_t data_size;
2368 : void *hash;
2369 : size_t hash_size;
2370 : libspdm_session_info_t *session_info;
2371 :
2372 1 : spdm_test_context = *state;
2373 1 : spdm_context = spdm_test_context->spdm_context;
2374 1 : spdm_test_context->case_id = 0x9;
2375 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2376 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2377 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2378 1 : spdm_context->connection_info.capability.flags |=
2379 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2380 1 : spdm_context->connection_info.capability.flags |=
2381 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2382 1 : spdm_context->connection_info.capability.flags |=
2383 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2384 1 : spdm_context->local_context.capability.flags |=
2385 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2386 1 : spdm_context->local_context.capability.flags |=
2387 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2388 1 : spdm_context->local_context.capability.flags |=
2389 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2390 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2391 : m_libspdm_use_asym_algo, &data,
2392 : &data_size, &hash, &hash_size)) {
2393 0 : assert(false);
2394 : }
2395 1 : libspdm_reset_message_a(spdm_context);
2396 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2397 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2398 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2399 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2400 :
2401 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2402 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2403 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2404 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2405 : data, data_size);
2406 : #else
2407 1 : libspdm_hash_all(
2408 : spdm_context->connection_info.algorithm.base_hash_algo,
2409 : data, data_size,
2410 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2411 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2412 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2413 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2414 : spdm_context->connection_info.algorithm.base_hash_algo,
2415 : spdm_context->connection_info.algorithm.base_asym_algo,
2416 : data, data_size,
2417 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2418 : #endif
2419 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2420 :
2421 1 : session_id = 0xFFFFFFFF;
2422 1 : session_info = &spdm_context->session_info[0];
2423 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2424 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2425 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2426 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2427 1 : libspdm_secured_message_set_response_finished_key(
2428 : session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
2429 1 : libspdm_secured_message_set_session_state(
2430 : session_info->secured_message_context,
2431 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2432 :
2433 1 : spdm_context->connection_info.capability.flags |=
2434 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2435 1 : spdm_context->local_context.capability.flags |=
2436 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2437 1 : req_slot_id_param = 0;
2438 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2439 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2440 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2441 1 : assert_int_equal(
2442 : libspdm_secured_message_get_session_state(
2443 : spdm_context->session_info[0].secured_message_context),
2444 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2445 : } else {
2446 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2447 : }
2448 :
2449 1 : free(data);
2450 1 : }
2451 :
2452 : /**
2453 : * Test 10: receiving an unexpected ERROR message from the responder.
2454 : * There are tests for all named codes, including some reserved ones
2455 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
2456 : * However, for having specific test cases, it is excluded from this case:
2457 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
2458 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2459 : **/
2460 1 : static void req_finish_case10(void **state) {
2461 : libspdm_return_t status;
2462 : libspdm_test_context_t *spdm_test_context;
2463 : libspdm_context_t *spdm_context;
2464 : uint32_t session_id;
2465 : uint8_t req_slot_id_param;
2466 : void *data;
2467 : size_t data_size;
2468 : void *hash;
2469 : size_t hash_size;
2470 : libspdm_session_info_t *session_info;
2471 : uint16_t error_code;
2472 :
2473 1 : spdm_test_context = *state;
2474 1 : spdm_context = spdm_test_context->spdm_context;
2475 1 : spdm_test_context->case_id = 0xA;
2476 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2477 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2478 1 : spdm_context->connection_info.capability.flags |=
2479 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2480 1 : spdm_context->connection_info.capability.flags |=
2481 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2482 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2483 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2484 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2485 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2486 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2487 : m_libspdm_use_asym_algo,
2488 : &data, &data_size,
2489 : &hash, &hash_size);
2490 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2491 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2492 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2493 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2494 :
2495 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2496 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2497 : data_size;
2498 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2499 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2500 : data, data_size);
2501 : #else
2502 1 : libspdm_hash_all(
2503 : spdm_context->connection_info.algorithm.base_hash_algo,
2504 : data, data_size,
2505 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2506 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2507 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2508 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2509 : spdm_context->connection_info.algorithm.base_hash_algo,
2510 : spdm_context->connection_info.algorithm.base_asym_algo,
2511 : data, data_size,
2512 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2513 : #endif
2514 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2515 :
2516 1 : session_id = 0xFFFFFFFF;
2517 1 : spdm_context->connection_info.capability.flags |=
2518 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2519 1 : spdm_context->local_context.capability.flags |=
2520 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2521 1 : req_slot_id_param = 0;
2522 :
2523 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
2524 19 : while(error_code <= 0xff) {
2525 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2526 18 : libspdm_reset_message_a(spdm_context);
2527 :
2528 18 : session_info = &spdm_context->session_info[0];
2529 18 : libspdm_session_info_init (spdm_context, session_info, session_id,
2530 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2531 18 : hash_size = libspdm_get_hash_size (m_libspdm_use_hash_algo);
2532 18 : libspdm_set_mem (m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2533 18 : libspdm_secured_message_set_response_finished_key (session_info->secured_message_context,
2534 : m_libspdm_dummy_buffer, hash_size);
2535 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
2536 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2537 :
2538 18 : status = libspdm_send_receive_finish (spdm_context, session_id, req_slot_id_param);
2539 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
2540 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
2541 : } else {
2542 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
2543 : }
2544 :
2545 18 : error_code++;
2546 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
2547 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
2548 : }
2549 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
2550 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
2551 : }
2552 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
2553 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
2554 : }
2555 : }
2556 :
2557 1 : free(data);
2558 1 : }
2559 :
2560 1 : static void req_finish_case11(void **state)
2561 : {
2562 : libspdm_return_t status;
2563 : libspdm_test_context_t *spdm_test_context;
2564 : libspdm_context_t *spdm_context;
2565 : uint32_t session_id;
2566 : uint8_t req_slot_id_param;
2567 : void *data;
2568 : size_t data_size;
2569 : void *hash;
2570 : size_t hash_size;
2571 : libspdm_session_info_t *session_info;
2572 :
2573 1 : spdm_test_context = *state;
2574 1 : spdm_context = spdm_test_context->spdm_context;
2575 1 : spdm_test_context->case_id = 0xB;
2576 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2577 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2578 1 : spdm_context->connection_info.connection_state =
2579 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2580 1 : spdm_context->connection_info.capability.flags |=
2581 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2582 1 : spdm_context->connection_info.capability.flags |=
2583 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2584 1 : spdm_context->connection_info.capability.flags |=
2585 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2586 1 : spdm_context->local_context.capability.flags |=
2587 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2588 1 : spdm_context->local_context.capability.flags |=
2589 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2590 1 : spdm_context->local_context.capability.flags |=
2591 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2592 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2593 : m_libspdm_use_asym_algo, &data,
2594 : &data_size, &hash, &hash_size)) {
2595 0 : assert(false);
2596 : }
2597 1 : libspdm_reset_message_a(spdm_context);
2598 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2599 : m_libspdm_use_hash_algo;
2600 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2601 : m_libspdm_use_asym_algo;
2602 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2603 : m_libspdm_use_dhe_algo;
2604 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2605 : m_libspdm_use_aead_algo;
2606 :
2607 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2608 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2609 : data_size;
2610 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2611 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2612 : data, data_size);
2613 : #else
2614 1 : libspdm_hash_all(
2615 : spdm_context->connection_info.algorithm.base_hash_algo,
2616 : data, data_size,
2617 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2618 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2619 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2620 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2621 : spdm_context->connection_info.algorithm.base_hash_algo,
2622 : spdm_context->connection_info.algorithm.base_asym_algo,
2623 : data, data_size,
2624 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2625 : #endif
2626 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2627 :
2628 1 : session_id = 0xFFFFFFFF;
2629 1 : session_info = &spdm_context->session_info[0];
2630 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2631 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2632 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2633 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2634 1 : libspdm_secured_message_set_response_finished_key(
2635 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2636 : hash_size);
2637 1 : libspdm_secured_message_set_session_state(
2638 : session_info->secured_message_context,
2639 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2640 :
2641 1 : spdm_context->connection_info.capability.flags |=
2642 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2643 1 : spdm_context->local_context.capability.flags |=
2644 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2645 1 : req_slot_id_param = 0;
2646 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2647 : session_info->session_transcript.message_m.buffer_size =
2648 : session_info->session_transcript.message_m.max_buffer_size;
2649 : spdm_context->transcript.message_b.buffer_size =
2650 : spdm_context->transcript.message_b.max_buffer_size;
2651 : spdm_context->transcript.message_c.buffer_size =
2652 : spdm_context->transcript.message_c.max_buffer_size;
2653 : spdm_context->transcript.message_mut_b.buffer_size =
2654 : spdm_context->transcript.message_mut_b.max_buffer_size;
2655 : spdm_context->transcript.message_mut_c.buffer_size =
2656 : spdm_context->transcript.message_mut_c.max_buffer_size;
2657 : #endif
2658 :
2659 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2660 : req_slot_id_param);
2661 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2662 1 : assert_int_equal(
2663 : libspdm_secured_message_get_session_state(
2664 : spdm_context->session_info[0].secured_message_context),
2665 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2666 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2667 : assert_int_equal(session_info->session_transcript.message_m.buffer_size,
2668 : 0);
2669 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
2670 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2671 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
2672 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
2673 : #endif
2674 1 : free(data);
2675 1 : }
2676 :
2677 : /**
2678 : * Test 12: requester is not setup correctly to support key exchange
2679 : * (no capabilities). The responder would attempt to return a correct
2680 : * FINISH_RSP message.
2681 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2682 : **/
2683 1 : static void req_finish_case12(void **state)
2684 : {
2685 : libspdm_return_t status;
2686 : libspdm_test_context_t *spdm_test_context;
2687 : libspdm_context_t *spdm_context;
2688 : uint32_t session_id;
2689 : uint8_t req_slot_id_param;
2690 : void *data;
2691 : size_t data_size;
2692 : void *hash;
2693 : size_t hash_size;
2694 : libspdm_session_info_t *session_info;
2695 :
2696 1 : spdm_test_context = *state;
2697 1 : spdm_context = spdm_test_context->spdm_context;
2698 1 : spdm_test_context->case_id = 0xC;
2699 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2700 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2701 1 : spdm_context->connection_info.connection_state =
2702 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2703 1 : spdm_context->connection_info.capability.flags = 0;
2704 1 : spdm_context->connection_info.capability.flags |=
2705 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2706 1 : spdm_context->connection_info.capability.flags |=
2707 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2708 1 : spdm_context->connection_info.capability.flags |=
2709 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2710 1 : spdm_context->local_context.capability.flags = 0;
2711 : /* no key exchange capabilities (requester)*/
2712 1 : spdm_context->local_context.capability.flags |=
2713 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2714 1 : spdm_context->local_context.capability.flags |=
2715 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2716 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2717 : m_libspdm_use_asym_algo, &data,
2718 : &data_size, &hash, &hash_size)) {
2719 0 : assert(false);
2720 : }
2721 1 : libspdm_reset_message_a(spdm_context);
2722 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2723 : m_libspdm_use_hash_algo;
2724 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2725 : m_libspdm_use_asym_algo;
2726 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2727 : m_libspdm_use_dhe_algo;
2728 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2729 : m_libspdm_use_aead_algo;
2730 :
2731 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2732 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2733 : data_size;
2734 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2735 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2736 : data, data_size);
2737 : #else
2738 1 : libspdm_hash_all(
2739 : spdm_context->connection_info.algorithm.base_hash_algo,
2740 : data, data_size,
2741 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2742 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2743 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2744 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2745 : spdm_context->connection_info.algorithm.base_hash_algo,
2746 : spdm_context->connection_info.algorithm.base_asym_algo,
2747 : data, data_size,
2748 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2749 : #endif
2750 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2751 :
2752 1 : session_id = 0xFFFFFFFF;
2753 1 : session_info = &spdm_context->session_info[0];
2754 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2755 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2756 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2757 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2758 1 : libspdm_secured_message_set_response_finished_key(
2759 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2760 : hash_size);
2761 1 : libspdm_secured_message_set_session_state(
2762 : session_info->secured_message_context,
2763 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2764 :
2765 1 : spdm_context->connection_info.capability.flags |=
2766 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2767 1 : spdm_context->local_context.capability.flags |=
2768 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2769 1 : req_slot_id_param = 0;
2770 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2771 : req_slot_id_param);
2772 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2773 1 : free(data);
2774 1 : }
2775 :
2776 : /**
2777 : * Test 13: requester is not setup correctly to accept key exchange and
2778 : * finish at this point (at least NEGOTIATE_ALGORITHMS is required, if
2779 : * the public key was provisioned before the key exchange). The
2780 : * responder would attempt to return a correct FINISH_RSP message.
2781 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2782 : **/
2783 1 : static void req_finish_case13(void **state)
2784 : {
2785 : libspdm_return_t status;
2786 : libspdm_test_context_t *spdm_test_context;
2787 : libspdm_context_t *spdm_context;
2788 : uint32_t session_id;
2789 : uint8_t req_slot_id_param;
2790 : void *data;
2791 : size_t data_size;
2792 : void *hash;
2793 : size_t hash_size;
2794 : libspdm_session_info_t *session_info;
2795 :
2796 1 : spdm_test_context = *state;
2797 1 : spdm_context = spdm_test_context->spdm_context;
2798 1 : spdm_test_context->case_id = 0xD;
2799 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2800 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2801 1 : spdm_context->connection_info.connection_state =
2802 : LIBSPDM_CONNECTION_STATE_AFTER_CAPABILITIES;
2803 1 : spdm_context->connection_info.capability.flags |=
2804 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2805 1 : spdm_context->connection_info.capability.flags |=
2806 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2807 1 : spdm_context->connection_info.capability.flags |=
2808 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2809 1 : spdm_context->local_context.capability.flags |=
2810 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2811 1 : spdm_context->local_context.capability.flags |=
2812 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2813 1 : spdm_context->local_context.capability.flags |=
2814 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2815 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2816 : m_libspdm_use_asym_algo, &data,
2817 : &data_size, &hash, &hash_size)) {
2818 0 : assert(false);
2819 : }
2820 1 : libspdm_reset_message_a(spdm_context);
2821 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2822 : m_libspdm_use_hash_algo;
2823 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2824 : m_libspdm_use_asym_algo;
2825 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2826 : m_libspdm_use_dhe_algo;
2827 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2828 : m_libspdm_use_aead_algo;
2829 :
2830 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2831 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2832 : data_size;
2833 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2834 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2835 : data, data_size);
2836 : #else
2837 1 : libspdm_hash_all(
2838 : spdm_context->connection_info.algorithm.base_hash_algo,
2839 : data, data_size,
2840 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2841 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2842 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2843 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2844 : spdm_context->connection_info.algorithm.base_hash_algo,
2845 : spdm_context->connection_info.algorithm.base_asym_algo,
2846 : data, data_size,
2847 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2848 : #endif
2849 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2850 :
2851 1 : session_id = 0xFFFFFFFF;
2852 1 : session_info = &spdm_context->session_info[0];
2853 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2854 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2855 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2856 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2857 1 : libspdm_secured_message_set_response_finished_key(
2858 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2859 : hash_size);
2860 1 : libspdm_secured_message_set_session_state(
2861 : session_info->secured_message_context,
2862 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2863 :
2864 1 : spdm_context->connection_info.capability.flags |=
2865 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2866 1 : spdm_context->local_context.capability.flags |=
2867 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2868 1 : req_slot_id_param = 0;
2869 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2870 : req_slot_id_param);
2871 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2872 1 : free(data);
2873 1 : }
2874 :
2875 : /**
2876 : * Test 14: receiving an incorrect FINISH_RSP message, with wrong response
2877 : * code, but all other field correct.
2878 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
2879 : **/
2880 1 : static void req_finish_case14(void **state)
2881 : {
2882 : libspdm_return_t status;
2883 : libspdm_test_context_t *spdm_test_context;
2884 : libspdm_context_t *spdm_context;
2885 : uint32_t session_id;
2886 : uint8_t req_slot_id_param;
2887 : void *data;
2888 : size_t data_size;
2889 : void *hash;
2890 : size_t hash_size;
2891 : libspdm_session_info_t *session_info;
2892 :
2893 1 : spdm_test_context = *state;
2894 1 : spdm_context = spdm_test_context->spdm_context;
2895 1 : spdm_test_context->case_id = 0xE;
2896 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2897 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2898 1 : spdm_context->connection_info.connection_state =
2899 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2900 1 : spdm_context->connection_info.capability.flags |=
2901 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2902 1 : spdm_context->connection_info.capability.flags |=
2903 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2904 1 : spdm_context->connection_info.capability.flags |=
2905 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2906 1 : spdm_context->local_context.capability.flags |=
2907 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2908 1 : spdm_context->local_context.capability.flags |=
2909 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2910 1 : spdm_context->local_context.capability.flags |=
2911 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2912 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2913 : m_libspdm_use_asym_algo, &data,
2914 : &data_size, &hash, &hash_size)) {
2915 0 : assert(false);
2916 : }
2917 1 : libspdm_reset_message_a(spdm_context);
2918 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2919 : m_libspdm_use_hash_algo;
2920 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2921 : m_libspdm_use_asym_algo;
2922 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2923 : m_libspdm_use_dhe_algo;
2924 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2925 : m_libspdm_use_aead_algo;
2926 :
2927 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2928 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2929 : data_size;
2930 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2931 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2932 : data, data_size);
2933 : #else
2934 1 : libspdm_hash_all(
2935 : spdm_context->connection_info.algorithm.base_hash_algo,
2936 : data, data_size,
2937 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2938 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2939 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2940 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2941 : spdm_context->connection_info.algorithm.base_hash_algo,
2942 : spdm_context->connection_info.algorithm.base_asym_algo,
2943 : data, data_size,
2944 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2945 : #endif
2946 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
2947 :
2948 1 : session_id = 0xFFFFFFFF;
2949 1 : session_info = &spdm_context->session_info[0];
2950 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2951 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2952 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2953 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2954 1 : libspdm_secured_message_set_response_finished_key(
2955 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2956 : hash_size);
2957 1 : libspdm_secured_message_set_session_state(
2958 : session_info->secured_message_context,
2959 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2960 :
2961 1 : spdm_context->connection_info.capability.flags |=
2962 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2963 1 : spdm_context->local_context.capability.flags |=
2964 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2965 1 : req_slot_id_param = 0;
2966 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
2967 : req_slot_id_param);
2968 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2969 1 : free(data);
2970 1 : }
2971 :
2972 : /**
2973 : * Test 15: requester is not setup correctly by not initializing a
2974 : * session during KEY_EXCHANGE. The responder would attempt to
2975 : * return a correct FINISH_RSP message.
2976 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2977 : **/
2978 1 : static void req_finish_case15(void **state)
2979 : {
2980 : libspdm_return_t status;
2981 : libspdm_test_context_t *spdm_test_context;
2982 : libspdm_context_t *spdm_context;
2983 : uint32_t session_id;
2984 : uint8_t req_slot_id_param;
2985 : void *data;
2986 : size_t data_size;
2987 : void *hash;
2988 : size_t hash_size;
2989 : libspdm_session_info_t *session_info;
2990 :
2991 1 : spdm_test_context = *state;
2992 1 : spdm_context = spdm_test_context->spdm_context;
2993 1 : spdm_test_context->case_id = 0xF;
2994 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2995 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2996 1 : spdm_context->connection_info.connection_state =
2997 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2998 1 : spdm_context->connection_info.capability.flags |=
2999 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3000 1 : spdm_context->connection_info.capability.flags |=
3001 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3002 1 : spdm_context->connection_info.capability.flags |=
3003 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3004 1 : spdm_context->local_context.capability.flags |=
3005 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3006 1 : spdm_context->local_context.capability.flags |=
3007 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3008 1 : spdm_context->local_context.capability.flags |=
3009 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3010 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3011 : m_libspdm_use_asym_algo, &data,
3012 : &data_size, &hash, &hash_size)) {
3013 0 : assert(false);
3014 : }
3015 1 : libspdm_reset_message_a(spdm_context);
3016 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3017 : m_libspdm_use_hash_algo;
3018 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3019 : m_libspdm_use_asym_algo;
3020 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3021 : m_libspdm_use_dhe_algo;
3022 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3023 : m_libspdm_use_aead_algo;
3024 :
3025 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3026 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3027 : data_size;
3028 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3029 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3030 : data, data_size);
3031 : #else
3032 1 : libspdm_hash_all(
3033 : spdm_context->connection_info.algorithm.base_hash_algo,
3034 : data, data_size,
3035 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3036 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3037 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3038 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3039 : spdm_context->connection_info.algorithm.base_hash_algo,
3040 : spdm_context->connection_info.algorithm.base_asym_algo,
3041 : data, data_size,
3042 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3043 : #endif
3044 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3045 :
3046 1 : session_id = 0xFFFFFFFF;
3047 1 : session_info = &spdm_context->session_info[0];
3048 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3049 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3050 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3051 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3052 1 : libspdm_secured_message_set_response_finished_key(
3053 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3054 : hash_size);
3055 1 : libspdm_secured_message_set_session_state(
3056 : session_info->secured_message_context,
3057 : LIBSPDM_SESSION_STATE_NOT_STARTED);
3058 :
3059 1 : spdm_context->connection_info.capability.flags |=
3060 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3061 1 : spdm_context->local_context.capability.flags |=
3062 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3063 1 : req_slot_id_param = 0;
3064 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3065 : req_slot_id_param);
3066 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
3067 1 : free(data);
3068 1 : }
3069 :
3070 : /**
3071 : * Test 16: receiving a correct FINISH_RSP message with a correct MAC,
3072 : * mutual authentication and 'handshake in the clear'.
3073 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3074 : * session is established.
3075 : **/
3076 1 : static void req_finish_case16(void **state)
3077 : {
3078 : libspdm_return_t status;
3079 : libspdm_test_context_t *spdm_test_context;
3080 : libspdm_context_t *spdm_context;
3081 : uint32_t session_id;
3082 : uint8_t req_slot_id_param;
3083 : void *data;
3084 : size_t data_size;
3085 : void *hash;
3086 : size_t hash_size;
3087 : libspdm_session_info_t *session_info;
3088 :
3089 1 : spdm_test_context = *state;
3090 1 : spdm_context = spdm_test_context->spdm_context;
3091 1 : spdm_test_context->case_id = 0x10;
3092 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3093 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3094 1 : spdm_context->connection_info.connection_state =
3095 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3096 1 : spdm_context->connection_info.capability.flags |=
3097 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3098 1 : spdm_context->connection_info.capability.flags |=
3099 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3100 1 : spdm_context->connection_info.capability.flags |=
3101 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3102 1 : spdm_context->local_context.capability.flags |=
3103 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3104 1 : spdm_context->local_context.capability.flags |=
3105 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3106 1 : spdm_context->local_context.capability.flags |=
3107 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3108 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3109 : m_libspdm_use_asym_algo, &data,
3110 : &data_size, &hash, &hash_size)) {
3111 0 : assert(false);
3112 : }
3113 1 : libspdm_reset_message_a(spdm_context);
3114 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3115 : m_libspdm_use_hash_algo;
3116 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3117 : m_libspdm_use_asym_algo;
3118 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
3119 : m_libspdm_use_req_asym_algo;
3120 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3121 : m_libspdm_use_dhe_algo;
3122 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3123 : m_libspdm_use_aead_algo;
3124 :
3125 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3126 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3127 : data_size;
3128 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3129 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3130 : data, data_size);
3131 : #else
3132 1 : libspdm_hash_all(
3133 : spdm_context->connection_info.algorithm.base_hash_algo,
3134 : data, data_size,
3135 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3136 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3137 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3138 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3139 : spdm_context->connection_info.algorithm.base_hash_algo,
3140 : spdm_context->connection_info.algorithm.base_asym_algo,
3141 : data, data_size,
3142 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3143 : #endif
3144 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3145 :
3146 1 : req_slot_id_param = 0;
3147 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3148 : m_libspdm_use_req_asym_algo, &data,
3149 : &data_size, &hash, &hash_size);
3150 : spdm_context->local_context.
3151 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3152 : spdm_context->local_context.
3153 1 : local_cert_chain_provision[req_slot_id_param] = data;
3154 :
3155 1 : session_id = 0xFFFFFFFF;
3156 1 : session_info = &spdm_context->session_info[0];
3157 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3158 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3159 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3160 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3161 1 : libspdm_secured_message_set_response_finished_key(
3162 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3163 : hash_size);
3164 1 : libspdm_secured_message_set_session_state(
3165 : session_info->secured_message_context,
3166 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3167 1 : session_info->mut_auth_requested = 1;
3168 :
3169 1 : spdm_context->connection_info.capability.flags |=
3170 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3171 1 : spdm_context->local_context.capability.flags |=
3172 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3173 :
3174 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3175 : req_slot_id_param);
3176 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3177 1 : assert_int_equal(
3178 : libspdm_secured_message_get_session_state(
3179 : spdm_context->session_info[0].secured_message_context),
3180 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3181 1 : free(data);
3182 1 : }
3183 :
3184 : /**
3185 : * Test 17: receiving a FINISH_RSP message with an incorrect MAC
3186 : * (all-zero), mutual authentication, and 'handshake in the clear'.
3187 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
3188 : **/
3189 1 : static void req_finish_case17(void **state)
3190 : {
3191 : libspdm_return_t status;
3192 : libspdm_test_context_t *spdm_test_context;
3193 : libspdm_context_t *spdm_context;
3194 : uint32_t session_id;
3195 : uint8_t req_slot_id_param;
3196 : void *data;
3197 : size_t data_size;
3198 : void *hash;
3199 : size_t hash_size;
3200 : libspdm_session_info_t *session_info;
3201 :
3202 1 : spdm_test_context = *state;
3203 1 : spdm_context = spdm_test_context->spdm_context;
3204 1 : spdm_test_context->case_id = 0x11;
3205 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3206 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3207 1 : spdm_context->connection_info.connection_state =
3208 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3209 1 : spdm_context->connection_info.capability.flags |=
3210 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3211 1 : spdm_context->connection_info.capability.flags |=
3212 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3213 1 : spdm_context->connection_info.capability.flags |=
3214 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3215 1 : spdm_context->local_context.capability.flags |=
3216 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3217 1 : spdm_context->local_context.capability.flags |=
3218 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3219 1 : spdm_context->local_context.capability.flags |=
3220 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3221 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3222 : m_libspdm_use_asym_algo, &data,
3223 : &data_size, &hash, &hash_size)) {
3224 0 : assert(false);
3225 : }
3226 1 : libspdm_reset_message_a(spdm_context);
3227 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3228 : m_libspdm_use_hash_algo;
3229 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3230 : m_libspdm_use_asym_algo;
3231 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
3232 : m_libspdm_use_req_asym_algo;
3233 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3234 : m_libspdm_use_dhe_algo;
3235 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3236 : m_libspdm_use_aead_algo;
3237 :
3238 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3239 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3240 : data_size;
3241 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3242 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3243 : data, data_size);
3244 : #else
3245 1 : libspdm_hash_all(
3246 : spdm_context->connection_info.algorithm.base_hash_algo,
3247 : data, data_size,
3248 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3249 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3250 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3251 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3252 : spdm_context->connection_info.algorithm.base_hash_algo,
3253 : spdm_context->connection_info.algorithm.base_asym_algo,
3254 : data, data_size,
3255 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3256 : #endif
3257 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3258 :
3259 1 : req_slot_id_param = 0;
3260 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3261 : m_libspdm_use_req_asym_algo, &data,
3262 : &data_size, &hash, &hash_size);
3263 : spdm_context->local_context.
3264 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3265 : spdm_context->local_context.
3266 1 : local_cert_chain_provision[req_slot_id_param] = data;
3267 :
3268 1 : session_id = 0xFFFFFFFF;
3269 1 : session_info = &spdm_context->session_info[0];
3270 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3271 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3272 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3273 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3274 1 : libspdm_secured_message_set_response_finished_key(
3275 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3276 : hash_size);
3277 1 : libspdm_secured_message_set_session_state(
3278 : session_info->secured_message_context,
3279 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3280 1 : session_info->mut_auth_requested = 1;
3281 :
3282 1 : spdm_context->connection_info.capability.flags |=
3283 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3284 1 : spdm_context->local_context.capability.flags |=
3285 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3286 :
3287 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3288 : req_slot_id_param);
3289 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3290 1 : free(data);
3291 1 : }
3292 :
3293 : /**
3294 : * Test 18: receiving a FINISH_RSP message with an incorrect MAC
3295 : * (arbitrary), mutual authentication, and 'handshake in the clear'.
3296 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
3297 : **/
3298 1 : static void req_finish_case18(void **state)
3299 : {
3300 : libspdm_return_t status;
3301 : libspdm_test_context_t *spdm_test_context;
3302 : libspdm_context_t *spdm_context;
3303 : uint32_t session_id;
3304 : uint8_t req_slot_id_param;
3305 : void *data;
3306 : size_t data_size;
3307 : void *hash;
3308 : size_t hash_size;
3309 : libspdm_session_info_t *session_info;
3310 :
3311 1 : spdm_test_context = *state;
3312 1 : spdm_context = spdm_test_context->spdm_context;
3313 1 : spdm_test_context->case_id = 0x12;
3314 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3315 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3316 1 : spdm_context->connection_info.connection_state =
3317 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3318 1 : spdm_context->connection_info.capability.flags |=
3319 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3320 1 : spdm_context->connection_info.capability.flags |=
3321 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3322 1 : spdm_context->connection_info.capability.flags |=
3323 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3324 1 : spdm_context->local_context.capability.flags |=
3325 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3326 1 : spdm_context->local_context.capability.flags |=
3327 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3328 1 : spdm_context->local_context.capability.flags |=
3329 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3330 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3331 : m_libspdm_use_asym_algo, &data,
3332 : &data_size, &hash, &hash_size)) {
3333 0 : assert(false);
3334 : }
3335 1 : libspdm_reset_message_a(spdm_context);
3336 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3337 : m_libspdm_use_hash_algo;
3338 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3339 : m_libspdm_use_asym_algo;
3340 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
3341 : m_libspdm_use_req_asym_algo;
3342 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3343 : m_libspdm_use_dhe_algo;
3344 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3345 : m_libspdm_use_aead_algo;
3346 :
3347 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3348 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3349 : data_size;
3350 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3351 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3352 : data, data_size);
3353 : #else
3354 1 : libspdm_hash_all(
3355 : spdm_context->connection_info.algorithm.base_hash_algo,
3356 : data, data_size,
3357 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3358 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3359 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3360 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3361 : spdm_context->connection_info.algorithm.base_hash_algo,
3362 : spdm_context->connection_info.algorithm.base_asym_algo,
3363 : data, data_size,
3364 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3365 : #endif
3366 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3367 :
3368 1 : req_slot_id_param = 0;
3369 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3370 : m_libspdm_use_req_asym_algo, &data,
3371 : &data_size, &hash, &hash_size);
3372 : spdm_context->local_context.
3373 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3374 : spdm_context->local_context.
3375 1 : local_cert_chain_provision[req_slot_id_param] = data;
3376 :
3377 1 : session_id = 0xFFFFFFFF;
3378 1 : session_info = &spdm_context->session_info[0];
3379 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3380 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3381 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3382 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3383 1 : libspdm_secured_message_set_response_finished_key(
3384 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3385 : hash_size);
3386 1 : libspdm_secured_message_set_session_state(
3387 : session_info->secured_message_context,
3388 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3389 1 : session_info->mut_auth_requested = 1;
3390 :
3391 1 : spdm_context->connection_info.capability.flags |=
3392 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3393 1 : spdm_context->local_context.capability.flags |=
3394 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3395 :
3396 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3397 : req_slot_id_param);
3398 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3399 1 : free(data);
3400 1 : }
3401 :
3402 : /**
3403 : * Test 19:
3404 : * Expected behavior:
3405 : **/
3406 1 : static void req_finish_case19(void **state)
3407 : {
3408 1 : }
3409 :
3410 : /**
3411 : * Test 20: receiving a FINISH_RSP message an incorrect MAC size (only the
3412 : * correct first half of the MAC), mutual authentication, and 'handshake
3413 : * in the clear'.
3414 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
3415 : **/
3416 1 : static void req_finish_case20(void **state)
3417 : {
3418 : libspdm_return_t status;
3419 : libspdm_test_context_t *spdm_test_context;
3420 : libspdm_context_t *spdm_context;
3421 : uint32_t session_id;
3422 : uint8_t req_slot_id_param;
3423 : void *data;
3424 : size_t data_size;
3425 : void *hash;
3426 : size_t hash_size;
3427 : libspdm_session_info_t *session_info;
3428 :
3429 1 : spdm_test_context = *state;
3430 1 : spdm_context = spdm_test_context->spdm_context;
3431 1 : spdm_test_context->case_id = 0x14;
3432 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3433 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3434 1 : spdm_context->connection_info.connection_state =
3435 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3436 1 : spdm_context->connection_info.capability.flags |=
3437 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3438 1 : spdm_context->connection_info.capability.flags |=
3439 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3440 1 : spdm_context->connection_info.capability.flags |=
3441 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3442 1 : spdm_context->local_context.capability.flags |=
3443 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3444 1 : spdm_context->local_context.capability.flags |=
3445 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3446 1 : spdm_context->local_context.capability.flags |=
3447 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3448 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3449 : m_libspdm_use_asym_algo, &data,
3450 : &data_size, &hash, &hash_size)) {
3451 0 : assert(false);
3452 : }
3453 1 : libspdm_reset_message_a(spdm_context);
3454 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3455 : m_libspdm_use_hash_algo;
3456 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3457 : m_libspdm_use_asym_algo;
3458 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
3459 : m_libspdm_use_req_asym_algo;
3460 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3461 : m_libspdm_use_dhe_algo;
3462 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3463 : m_libspdm_use_aead_algo;
3464 :
3465 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3466 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3467 : data_size;
3468 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3469 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3470 : data, data_size);
3471 : #else
3472 1 : libspdm_hash_all(
3473 : spdm_context->connection_info.algorithm.base_hash_algo,
3474 : data, data_size,
3475 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3476 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3477 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3478 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3479 : spdm_context->connection_info.algorithm.base_hash_algo,
3480 : spdm_context->connection_info.algorithm.base_asym_algo,
3481 : data, data_size,
3482 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3483 : #endif
3484 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3485 :
3486 1 : req_slot_id_param = 0;
3487 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3488 : m_libspdm_use_req_asym_algo, &data,
3489 : &data_size, &hash, &hash_size);
3490 : spdm_context->local_context.
3491 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3492 : spdm_context->local_context.
3493 1 : local_cert_chain_provision[req_slot_id_param] = data;
3494 :
3495 1 : session_id = 0xFFFFFFFF;
3496 1 : session_info = &spdm_context->session_info[0];
3497 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3498 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3499 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3500 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3501 1 : libspdm_secured_message_set_response_finished_key(
3502 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3503 : hash_size);
3504 1 : libspdm_secured_message_set_session_state(
3505 : session_info->secured_message_context,
3506 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3507 1 : session_info->mut_auth_requested = 1;
3508 :
3509 1 : spdm_context->connection_info.capability.flags |=
3510 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3511 1 : spdm_context->local_context.capability.flags |=
3512 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3513 :
3514 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3515 : req_slot_id_param);
3516 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
3517 1 : free(data);
3518 1 : }
3519 :
3520 : /**
3521 : * Test 21: the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
3522 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
3523 : **/
3524 1 : static void req_finish_case21(void **state)
3525 : {
3526 : libspdm_return_t status;
3527 : libspdm_test_context_t *spdm_test_context;
3528 : libspdm_context_t *spdm_context;
3529 : uint32_t session_id;
3530 : uint8_t req_slot_id_param;
3531 : void *data;
3532 : size_t data_size;
3533 : void *hash;
3534 : size_t hash_size;
3535 : libspdm_session_info_t *session_info;
3536 :
3537 1 : spdm_test_context = *state;
3538 1 : spdm_context = spdm_test_context->spdm_context;
3539 1 : spdm_test_context->case_id = 0x15;
3540 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3541 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3542 1 : spdm_context->connection_info.connection_state =
3543 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3544 1 : spdm_context->connection_info.capability.flags |=
3545 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3546 1 : spdm_context->connection_info.capability.flags |=
3547 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3548 1 : spdm_context->connection_info.capability.flags |=
3549 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3550 1 : spdm_context->local_context.capability.flags |=
3551 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3552 1 : spdm_context->local_context.capability.flags |=
3553 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3554 1 : spdm_context->local_context.capability.flags |=
3555 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3556 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3557 : m_libspdm_use_asym_algo, &data,
3558 : &data_size, &hash, &hash_size)) {
3559 0 : assert(false);
3560 : }
3561 1 : libspdm_reset_message_a(spdm_context);
3562 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3563 : m_libspdm_use_hash_algo;
3564 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3565 : m_libspdm_use_asym_algo;
3566 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3567 : m_libspdm_use_dhe_algo;
3568 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3569 : m_libspdm_use_aead_algo;
3570 :
3571 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3572 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3573 : data_size;
3574 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3575 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3576 : data, data_size);
3577 : #else
3578 1 : libspdm_hash_all(
3579 : spdm_context->connection_info.algorithm.base_hash_algo,
3580 : data, data_size,
3581 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3582 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3583 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3584 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3585 : spdm_context->connection_info.algorithm.base_hash_algo,
3586 : spdm_context->connection_info.algorithm.base_asym_algo,
3587 : data, data_size,
3588 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3589 : #endif
3590 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3591 :
3592 1 : session_id = 0xFFFFFFFF;
3593 1 : session_info = &spdm_context->session_info[0];
3594 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3595 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3596 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3597 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3598 1 : libspdm_secured_message_set_response_finished_key(
3599 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3600 : hash_size);
3601 1 : libspdm_secured_message_set_session_state(
3602 : session_info->secured_message_context,
3603 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3604 :
3605 1 : spdm_context->connection_info.capability.flags |=
3606 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3607 1 : spdm_context->local_context.capability.flags |=
3608 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3609 1 : req_slot_id_param = 0;
3610 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3611 : req_slot_id_param);
3612 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
3613 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
3614 1 : free(data);
3615 1 : }
3616 :
3617 : /**
3618 : * Test 22: a FINISH request message is successfully sent and a FINISH_RSP response message is
3619 : * successfully received.
3620 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a FINISH_RSP message is
3621 : * received, buffer F appends the exchanged FINISH and FINISH_RSP
3622 : **/
3623 1 : static void req_finish_case22(void **state)
3624 : {
3625 : libspdm_return_t status;
3626 : libspdm_test_context_t *spdm_test_context;
3627 : libspdm_context_t *spdm_context;
3628 : uint32_t session_id;
3629 : uint8_t req_slot_id_param;
3630 : void *data;
3631 : size_t data_size;
3632 : void *hash;
3633 : size_t hash_size;
3634 : libspdm_session_info_t *session_info;
3635 :
3636 1 : spdm_test_context = *state;
3637 1 : spdm_context = spdm_test_context->spdm_context;
3638 1 : spdm_test_context->case_id = 0x16;
3639 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3640 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3641 1 : spdm_context->connection_info.connection_state =
3642 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3643 1 : spdm_context->connection_info.capability.flags |=
3644 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3645 1 : spdm_context->connection_info.capability.flags |=
3646 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3647 1 : spdm_context->connection_info.capability.flags |=
3648 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3649 1 : spdm_context->local_context.capability.flags |=
3650 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3651 1 : spdm_context->local_context.capability.flags |=
3652 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3653 1 : spdm_context->local_context.capability.flags |=
3654 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3655 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3656 : m_libspdm_use_asym_algo, &data,
3657 : &data_size, &hash, &hash_size)) {
3658 0 : assert(false);
3659 : }
3660 1 : libspdm_reset_message_a(spdm_context);
3661 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3662 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3663 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3664 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3665 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3666 :
3667 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3668 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3669 : data_size;
3670 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3671 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3672 : data, data_size);
3673 : #else
3674 1 : libspdm_hash_all(
3675 : spdm_context->connection_info.algorithm.base_hash_algo,
3676 : data, data_size,
3677 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3678 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3679 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3680 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3681 : spdm_context->connection_info.algorithm.base_hash_algo,
3682 : spdm_context->connection_info.algorithm.base_asym_algo,
3683 : data, data_size,
3684 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3685 : #endif
3686 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3687 :
3688 1 : req_slot_id_param = 0;
3689 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3690 : m_libspdm_use_req_asym_algo, &data,
3691 : &data_size, &hash, &hash_size);
3692 : spdm_context->local_context.
3693 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3694 : spdm_context->local_context.
3695 1 : local_cert_chain_provision[req_slot_id_param] = data;
3696 :
3697 1 : session_id = 0xFFFFFFFF;
3698 1 : session_info = &spdm_context->session_info[0];
3699 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3700 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3701 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3702 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3703 1 : libspdm_secured_message_set_response_finished_key(
3704 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3705 : hash_size);
3706 1 : libspdm_secured_message_set_session_state(
3707 : session_info->secured_message_context,
3708 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3709 1 : session_info->mut_auth_requested = 1;
3710 :
3711 1 : spdm_context->connection_info.capability.flags |=
3712 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3713 1 : spdm_context->local_context.capability.flags |=
3714 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3715 :
3716 1 : status = libspdm_send_receive_finish(spdm_context, session_id,
3717 : req_slot_id_param);
3718 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3719 1 : assert_int_equal(
3720 : libspdm_secured_message_get_session_state(
3721 : spdm_context->session_info[0].secured_message_context),
3722 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3723 :
3724 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3725 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
3726 : m_libspdm_local_buffer_size);
3727 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3728 : m_libspdm_local_buffer_size));
3729 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3730 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
3731 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3732 : #endif
3733 1 : free(data);
3734 1 : }
3735 :
3736 : /**
3737 : * Test 23: receiving a correct FINISH_RSP message using slot_id 0xFF
3738 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3739 : * session is established.
3740 : **/
3741 1 : static void req_finish_case23(void **state)
3742 : {
3743 : libspdm_return_t status;
3744 : libspdm_test_context_t *spdm_test_context;
3745 : libspdm_context_t *spdm_context;
3746 : uint32_t session_id;
3747 : uint8_t req_slot_id_param;
3748 : void *data;
3749 : size_t data_size;
3750 : size_t hash_size;
3751 : libspdm_session_info_t *session_info;
3752 : libspdm_secured_message_context_t *secured_message_context;
3753 :
3754 1 : spdm_test_context = *state;
3755 1 : spdm_context = spdm_test_context->spdm_context;
3756 1 : spdm_test_context->case_id = 0x17;
3757 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3758 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3759 1 : spdm_context->connection_info.connection_state =
3760 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3761 1 : spdm_context->connection_info.capability.flags |=
3762 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3763 1 : spdm_context->connection_info.capability.flags |=
3764 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3765 1 : spdm_context->connection_info.capability.flags |=
3766 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3767 1 : spdm_context->connection_info.capability.flags |=
3768 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3769 1 : spdm_context->local_context.capability.flags |=
3770 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3771 1 : spdm_context->local_context.capability.flags |=
3772 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3773 1 : spdm_context->local_context.capability.flags |=
3774 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3775 1 : spdm_context->local_context.capability.flags |=
3776 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
3777 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3778 1 : spdm_context->local_context.peer_public_key_provision = data;
3779 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3780 :
3781 1 : libspdm_reset_message_a(spdm_context);
3782 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3783 : m_libspdm_use_hash_algo;
3784 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3785 : m_libspdm_use_asym_algo;
3786 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3787 : m_libspdm_use_dhe_algo;
3788 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3789 : m_libspdm_use_aead_algo;
3790 :
3791 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0xFF;
3792 :
3793 1 : session_id = 0xFFFFFFFF;
3794 1 : session_info = &spdm_context->session_info[0];
3795 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3796 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3797 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3798 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3799 1 : libspdm_secured_message_set_response_finished_key(
3800 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3801 : hash_size);
3802 1 : libspdm_secured_message_set_session_state(
3803 : session_info->secured_message_context,
3804 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3805 :
3806 1 : spdm_context->connection_info.capability.flags |=
3807 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3808 1 : spdm_context->local_context.capability.flags |=
3809 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3810 1 : req_slot_id_param = 0;
3811 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3812 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3813 1 : assert_int_equal(
3814 : libspdm_secured_message_get_session_state(
3815 : spdm_context->session_info[0].secured_message_context),
3816 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3817 :
3818 1 : secured_message_context = session_info->secured_message_context;
3819 :
3820 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3821 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3822 1 : free(data);
3823 1 : }
3824 :
3825 : /**
3826 : * Test 24: Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.
3827 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3828 : * session is established.
3829 : **/
3830 1 : static void req_finish_case24(void **state)
3831 : {
3832 : libspdm_return_t status;
3833 : libspdm_test_context_t *spdm_test_context;
3834 : libspdm_context_t *spdm_context;
3835 : uint32_t session_id;
3836 : uint8_t req_slot_id_param;
3837 : void *data;
3838 : size_t data_size;
3839 : void *hash;
3840 : size_t hash_size;
3841 : libspdm_session_info_t *session_info;
3842 : libspdm_secured_message_context_t *secured_message_context;
3843 :
3844 1 : spdm_test_context = *state;
3845 1 : spdm_context = spdm_test_context->spdm_context;
3846 1 : spdm_test_context->case_id = 0x18;
3847 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3848 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3849 1 : spdm_context->connection_info.connection_state =
3850 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3851 1 : spdm_context->connection_info.capability.flags |=
3852 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3853 1 : spdm_context->connection_info.capability.flags |=
3854 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3855 1 : spdm_context->connection_info.capability.flags |=
3856 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3857 1 : spdm_context->local_context.capability.flags |=
3858 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3859 1 : spdm_context->local_context.capability.flags |=
3860 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3861 1 : spdm_context->local_context.capability.flags |=
3862 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3863 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3864 : m_libspdm_use_asym_algo, &data,
3865 : &data_size, &hash, &hash_size)) {
3866 0 : assert(false);
3867 : }
3868 1 : libspdm_reset_message_a(spdm_context);
3869 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3870 : m_libspdm_use_hash_algo;
3871 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3872 : m_libspdm_use_asym_algo;
3873 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3874 : m_libspdm_use_dhe_algo;
3875 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3876 : m_libspdm_use_aead_algo;
3877 :
3878 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3879 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3880 : data_size;
3881 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3882 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3883 : data, data_size);
3884 : #else
3885 1 : libspdm_hash_all(
3886 : m_libspdm_use_hash_algo,
3887 : data, data_size,
3888 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3889 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3890 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
3891 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3892 : m_libspdm_use_hash_algo,
3893 : spdm_context->connection_info.algorithm.base_asym_algo,
3894 : data, data_size,
3895 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3896 : #endif
3897 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
3898 :
3899 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
3900 1 : spdm_context->connection_info.capability.flags &=
3901 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3902 1 : spdm_context->local_context.capability.flags &=
3903 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3904 :
3905 1 : session_id = 0xFFFFFFFF;
3906 1 : session_info = &spdm_context->session_info[0];
3907 1 : spdm_context->last_spdm_request_session_id_valid = true;
3908 1 : spdm_context->last_spdm_request_session_id = session_id;
3909 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3910 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3911 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3912 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3913 1 : libspdm_secured_message_set_response_finished_key(
3914 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3915 : hash_size);
3916 1 : libspdm_secured_message_set_session_state(
3917 : session_info->secured_message_context,
3918 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3919 :
3920 1 : req_slot_id_param = 0;
3921 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3922 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3923 1 : assert_int_equal(
3924 : libspdm_secured_message_get_session_state(
3925 : spdm_context->session_info[0].secured_message_context),
3926 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3927 :
3928 1 : secured_message_context = session_info->secured_message_context;
3929 :
3930 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3931 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3932 1 : free(data);
3933 1 : }
3934 :
3935 : /**
3936 : * Test 25: SPDM version 1.4, with OpaqueData
3937 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3938 : * session is established.
3939 : **/
3940 1 : static void req_finish_case25(void **state)
3941 : {
3942 : libspdm_return_t status;
3943 : libspdm_test_context_t *spdm_test_context;
3944 : libspdm_context_t *spdm_context;
3945 : uint32_t session_id;
3946 : uint8_t req_slot_id_param;
3947 : void *data;
3948 : size_t data_size;
3949 : void *hash;
3950 : size_t hash_size;
3951 : libspdm_session_info_t *session_info;
3952 : libspdm_secured_message_context_t *secured_message_context;
3953 :
3954 1 : spdm_test_context = *state;
3955 1 : spdm_context = spdm_test_context->spdm_context;
3956 1 : spdm_test_context->case_id = 0x19;
3957 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
3958 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3959 1 : spdm_context->connection_info.connection_state =
3960 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3961 1 : spdm_context->connection_info.capability.flags |=
3962 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3963 1 : spdm_context->connection_info.capability.flags |=
3964 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3965 1 : spdm_context->connection_info.capability.flags |=
3966 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3967 1 : spdm_context->local_context.capability.flags |=
3968 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3969 1 : spdm_context->local_context.capability.flags |=
3970 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3971 1 : spdm_context->local_context.capability.flags |=
3972 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3973 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3974 : m_libspdm_use_asym_algo, &data,
3975 : &data_size, &hash, &hash_size)) {
3976 0 : assert(false);
3977 : }
3978 1 : libspdm_reset_message_a(spdm_context);
3979 1 : spdm_context->connection_info.algorithm.base_hash_algo =
3980 : m_libspdm_use_hash_algo;
3981 1 : spdm_context->connection_info.algorithm.base_asym_algo =
3982 : m_libspdm_use_asym_algo;
3983 1 : spdm_context->connection_info.algorithm.dhe_named_group =
3984 : m_libspdm_use_dhe_algo;
3985 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
3986 : m_libspdm_use_aead_algo;
3987 :
3988 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3989 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
3990 : data_size;
3991 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3992 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3993 : data, data_size);
3994 : #else
3995 1 : libspdm_hash_all(
3996 : m_libspdm_use_hash_algo,
3997 : data, data_size,
3998 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3999 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
4000 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
4001 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
4002 : m_libspdm_use_hash_algo,
4003 : spdm_context->connection_info.algorithm.base_asym_algo,
4004 : data, data_size,
4005 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
4006 : #endif
4007 1 : spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
4008 :
4009 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
4010 1 : spdm_context->connection_info.capability.flags &=
4011 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
4012 1 : spdm_context->local_context.capability.flags &=
4013 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
4014 :
4015 1 : session_id = 0xFFFFFFFF;
4016 1 : session_info = &spdm_context->session_info[0];
4017 1 : spdm_context->last_spdm_request_session_id_valid = true;
4018 1 : spdm_context->last_spdm_request_session_id = session_id;
4019 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
4020 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
4021 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4022 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
4023 1 : libspdm_secured_message_set_response_finished_key(
4024 : session_info->secured_message_context, m_libspdm_dummy_buffer,
4025 : hash_size);
4026 1 : libspdm_secured_message_set_session_state(
4027 : session_info->secured_message_context,
4028 : LIBSPDM_SESSION_STATE_HANDSHAKING);
4029 :
4030 1 : req_slot_id_param = 0;
4031 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
4032 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
4033 1 : assert_int_equal(
4034 : libspdm_secured_message_get_session_state(
4035 : spdm_context->session_info[0].secured_message_context),
4036 : LIBSPDM_SESSION_STATE_ESTABLISHED);
4037 :
4038 1 : secured_message_context = session_info->secured_message_context;
4039 :
4040 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
4041 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
4042 1 : free(data);
4043 1 : }
4044 :
4045 1 : int libspdm_req_finish_test(void)
4046 : {
4047 1 : const struct CMUnitTest test_cases[] = {
4048 : /* SendRequest failed*/
4049 : cmocka_unit_test(req_finish_case1),
4050 : /* Successful response*/
4051 : cmocka_unit_test(req_finish_case2),
4052 : /* connection_state check failed*/
4053 : cmocka_unit_test(req_finish_case3),
4054 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
4055 : cmocka_unit_test(req_finish_case4),
4056 : /* Always SPDM_ERROR_CODE_BUSY*/
4057 : cmocka_unit_test(req_finish_case5),
4058 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
4059 : cmocka_unit_test(req_finish_case6),
4060 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
4061 : cmocka_unit_test(req_finish_case7),
4062 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
4063 : cmocka_unit_test(req_finish_case8),
4064 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
4065 : cmocka_unit_test(req_finish_case9),
4066 : /* Unexpected errors*/
4067 : cmocka_unit_test(req_finish_case10),
4068 : /* Buffer reset*/
4069 : cmocka_unit_test(req_finish_case11),
4070 : /* No correct setup*/
4071 : cmocka_unit_test(req_finish_case12),
4072 : cmocka_unit_test(req_finish_case13),
4073 : cmocka_unit_test(req_finish_case14),
4074 : cmocka_unit_test(req_finish_case15),
4075 : /* Successful response*/
4076 : cmocka_unit_test(req_finish_case16),
4077 : /* Response with invalid MAC*/
4078 : cmocka_unit_test(req_finish_case17),
4079 : cmocka_unit_test(req_finish_case18),
4080 : /* Can be populated with new test.*/
4081 : cmocka_unit_test(req_finish_case19),
4082 : cmocka_unit_test(req_finish_case20),
4083 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
4084 : cmocka_unit_test(req_finish_case21),
4085 : /* Buffer verification*/
4086 : cmocka_unit_test(req_finish_case22),
4087 : /* Successful response using provisioned public key (slot_id 0xFF) */
4088 : cmocka_unit_test(req_finish_case23),
4089 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.*/
4090 : cmocka_unit_test(req_finish_case24),
4091 : /* SPDM 1.4 with OpaqueData */
4092 : cmocka_unit_test(req_finish_case25),
4093 : };
4094 :
4095 1 : libspdm_test_context_t test_context = {
4096 : LIBSPDM_TEST_CONTEXT_VERSION,
4097 : true,
4098 : send_message,
4099 : receive_message,
4100 : };
4101 :
4102 1 : libspdm_setup_test_context(&test_context);
4103 :
4104 1 : return cmocka_run_group_tests(test_cases,
4105 : libspdm_unit_test_group_setup,
4106 : libspdm_unit_test_group_teardown);
4107 : }
4108 :
4109 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
