Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : static size_t m_libspdm_local_buffer_size;
14 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
15 :
16 : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
17 : static const uint8_t m_libspdm_zero_buffer[LIBSPDM_MAX_HASH_SIZE] = {0};
18 :
19 : static libspdm_th_managed_buffer_t th_curr;
20 :
21 41 : void libspdm_secured_message_set_response_finished_key(
22 : void *spdm_secured_message_context, const void *key, size_t key_size)
23 : {
24 : libspdm_secured_message_context_t *secured_message_context;
25 :
26 41 : secured_message_context = spdm_secured_message_context;
27 41 : LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
28 41 : libspdm_copy_mem(secured_message_context->handshake_secret.response_finished_key,
29 : sizeof(secured_message_context->handshake_secret.response_finished_key),
30 : key, secured_message_context->hash_size);
31 41 : }
32 :
33 40 : static libspdm_return_t send_message(
34 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
35 : {
36 : libspdm_test_context_t *spdm_test_context;
37 : const uint8_t *ptr;
38 :
39 40 : spdm_test_context = libspdm_get_test_context();
40 40 : ptr = (const uint8_t *)request;
41 40 : switch (spdm_test_context->case_id) {
42 1 : case 0x1:
43 1 : return LIBSPDM_STATUS_SEND_FAIL;
44 1 : case 0x2:
45 1 : m_libspdm_local_buffer_size = 0;
46 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
47 : request_size - 1);
48 1 : m_libspdm_local_buffer_size += (request_size - 1);
49 1 : return LIBSPDM_STATUS_SUCCESS;
50 0 : case 0x3:
51 0 : m_libspdm_local_buffer_size = 0;
52 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
53 : request_size - 1);
54 0 : m_libspdm_local_buffer_size += (request_size - 1);
55 0 : return LIBSPDM_STATUS_SUCCESS;
56 1 : case 0x4:
57 1 : m_libspdm_local_buffer_size = 0;
58 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
59 : request_size - 1);
60 1 : m_libspdm_local_buffer_size += (request_size - 1);
61 1 : return LIBSPDM_STATUS_SUCCESS;
62 1 : case 0x5:
63 1 : m_libspdm_local_buffer_size = 0;
64 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
65 : request_size - 1);
66 1 : m_libspdm_local_buffer_size += (request_size - 1);
67 1 : return LIBSPDM_STATUS_SUCCESS;
68 2 : case 0x6:
69 2 : m_libspdm_local_buffer_size = 0;
70 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
71 : request_size - 1);
72 2 : m_libspdm_local_buffer_size += (request_size - 1);
73 2 : return LIBSPDM_STATUS_SUCCESS;
74 1 : case 0x7:
75 1 : m_libspdm_local_buffer_size = 0;
76 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
77 : request_size - 1);
78 1 : m_libspdm_local_buffer_size += (request_size - 1);
79 1 : return LIBSPDM_STATUS_SUCCESS;
80 2 : case 0x8:
81 2 : m_libspdm_local_buffer_size = 0;
82 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
83 : request_size - 1);
84 2 : m_libspdm_local_buffer_size += (request_size - 1);
85 2 : return LIBSPDM_STATUS_SUCCESS;
86 2 : case 0x9: {
87 : static size_t sub_index = 0;
88 2 : if (sub_index == 0) {
89 1 : m_libspdm_local_buffer_size = 0;
90 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
91 : request_size - 1);
92 1 : m_libspdm_local_buffer_size += (request_size - 1);
93 1 : sub_index++;
94 : }
95 : }
96 2 : return LIBSPDM_STATUS_SUCCESS;
97 18 : case 0xA:
98 18 : m_libspdm_local_buffer_size = 0;
99 18 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
100 : request_size - 1);
101 18 : m_libspdm_local_buffer_size += (request_size - 1);
102 18 : return LIBSPDM_STATUS_SUCCESS;
103 1 : case 0xB:
104 1 : m_libspdm_local_buffer_size = 0;
105 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
106 : request_size - 1);
107 1 : m_libspdm_local_buffer_size += (request_size - 1);
108 1 : return LIBSPDM_STATUS_SUCCESS;
109 0 : case 0xC:
110 0 : m_libspdm_local_buffer_size = 0;
111 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
112 : request_size - 1);
113 0 : m_libspdm_local_buffer_size += (request_size - 1);
114 0 : return LIBSPDM_STATUS_SUCCESS;
115 0 : case 0xD:
116 0 : m_libspdm_local_buffer_size = 0;
117 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
118 : request_size - 1);
119 0 : m_libspdm_local_buffer_size += (request_size - 1);
120 0 : return LIBSPDM_STATUS_SUCCESS;
121 1 : case 0xE:
122 1 : m_libspdm_local_buffer_size = 0;
123 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
124 : request_size - 1);
125 1 : m_libspdm_local_buffer_size += (request_size - 1);
126 1 : return LIBSPDM_STATUS_SUCCESS;
127 0 : case 0xF:
128 0 : m_libspdm_local_buffer_size = 0;
129 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 0 : m_libspdm_local_buffer_size += (request_size - 1);
132 0 : return LIBSPDM_STATUS_SUCCESS;
133 1 : case 0x10:
134 1 : m_libspdm_local_buffer_size = 0;
135 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
136 : request_size - 1);
137 1 : m_libspdm_local_buffer_size += (request_size - 1);
138 1 : return LIBSPDM_STATUS_SUCCESS;
139 1 : case 0x11:
140 1 : m_libspdm_local_buffer_size = 0;
141 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
142 : request_size - 1);
143 1 : m_libspdm_local_buffer_size += (request_size - 1);
144 1 : return LIBSPDM_STATUS_SUCCESS;
145 1 : case 0x12:
146 1 : m_libspdm_local_buffer_size = 0;
147 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
148 : request_size - 1);
149 1 : m_libspdm_local_buffer_size += (request_size - 1);
150 1 : return LIBSPDM_STATUS_SUCCESS;
151 0 : case 0x13:
152 0 : m_libspdm_local_buffer_size = 0;
153 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
154 : request_size - 1);
155 0 : m_libspdm_local_buffer_size += (request_size - 1);
156 0 : return LIBSPDM_STATUS_SUCCESS;
157 1 : case 0x14:
158 1 : m_libspdm_local_buffer_size = 0;
159 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
160 : request_size - 1);
161 1 : m_libspdm_local_buffer_size += (request_size - 1);
162 1 : return LIBSPDM_STATUS_SUCCESS;
163 1 : case 0x15:
164 1 : m_libspdm_local_buffer_size = 0;
165 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
166 : request_size - 1);
167 1 : m_libspdm_local_buffer_size += (request_size - 1);
168 1 : return LIBSPDM_STATUS_SUCCESS;
169 1 : case 0x16:
170 1 : m_libspdm_local_buffer_size = 0;
171 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
172 : request_size - 1);
173 1 : m_libspdm_local_buffer_size += (request_size - 1);
174 1 : return LIBSPDM_STATUS_SUCCESS;
175 3 : case 0x17:
176 : case 0x18:
177 : case 0x19:
178 3 : m_libspdm_local_buffer_size = 0;
179 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
180 : request_size - 1);
181 3 : m_libspdm_local_buffer_size += (request_size - 1);
182 3 : return LIBSPDM_STATUS_SUCCESS;
183 0 : default:
184 0 : return LIBSPDM_STATUS_SEND_FAIL;
185 : }
186 : }
187 :
188 39 : static libspdm_return_t receive_message(
189 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
190 : {
191 : libspdm_test_context_t *spdm_test_context;
192 :
193 39 : spdm_test_context = libspdm_get_test_context();
194 39 : switch (spdm_test_context->case_id) {
195 0 : case 0x1:
196 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
197 :
198 1 : case 0x2: {
199 : spdm_finish_response_t *spdm_response;
200 : uint32_t hash_size;
201 : uint32_t hmac_size;
202 : uint8_t *ptr;
203 : void *data;
204 : size_t data_size;
205 : uint8_t *cert_buffer;
206 : size_t cert_buffer_size;
207 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
208 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
209 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
210 : size_t spdm_response_size;
211 : size_t transport_header_size;
212 :
213 : ((libspdm_context_t *)spdm_context)
214 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
215 : ((libspdm_context_t *)spdm_context)
216 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
217 : ((libspdm_context_t *)spdm_context)
218 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
219 : ((libspdm_context_t *)spdm_context)
220 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
221 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
222 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
223 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
224 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
225 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
226 :
227 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
228 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
229 1 : spdm_response->header.param1 = 0;
230 1 : spdm_response->header.param2 = 0;
231 1 : ptr = (void *)(spdm_response + 1);
232 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
233 : sizeof(m_libspdm_local_buffer)
234 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
235 : m_libspdm_local_buffer),
236 : spdm_response, sizeof(spdm_finish_response_t));
237 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
238 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
239 : m_libspdm_use_asym_algo, &data,
240 : &data_size, NULL, NULL)) {
241 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
242 : }
243 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
244 1 : cert_buffer = (uint8_t *)data;
245 1 : cert_buffer_size = data_size;
246 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
247 : /* transcript.message_a size is 0*/
248 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
249 : /* session_transcript.message_k is 0*/
250 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
251 : m_libspdm_local_buffer_size);
252 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
253 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
254 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
255 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
256 : response_finished_key, hash_size, ptr);
257 1 : ptr += hmac_size;
258 1 : free(data);
259 :
260 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
261 : false, spdm_response_size,
262 : spdm_response, response_size,
263 : response);
264 : }
265 1 : return LIBSPDM_STATUS_SUCCESS;
266 :
267 0 : case 0x3: {
268 : spdm_finish_response_t *spdm_response;
269 : uint32_t hash_size;
270 : uint32_t hmac_size;
271 : uint8_t *ptr;
272 : void *data;
273 : size_t data_size;
274 : uint8_t *cert_buffer;
275 : size_t cert_buffer_size;
276 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
277 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
278 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
279 : size_t spdm_response_size;
280 : size_t transport_header_size;
281 :
282 : ((libspdm_context_t *)spdm_context)
283 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
284 : ((libspdm_context_t *)spdm_context)
285 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
286 : ((libspdm_context_t *)spdm_context)
287 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
288 : ((libspdm_context_t *)spdm_context)
289 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
290 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
291 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
292 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
293 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
294 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
295 :
296 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
297 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
298 0 : spdm_response->header.param1 = 0;
299 0 : spdm_response->header.param2 = 0;
300 0 : ptr = (void *)(spdm_response + 1);
301 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
302 : sizeof(m_libspdm_local_buffer)
303 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
304 : m_libspdm_local_buffer),
305 : spdm_response, sizeof(spdm_finish_response_t));
306 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
307 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
308 : m_libspdm_use_asym_algo, &data,
309 : &data_size, NULL, NULL)) {
310 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
311 : }
312 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
313 0 : cert_buffer = (uint8_t *)data;
314 0 : cert_buffer_size = data_size;
315 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
316 : /* transcript.message_a size is 0*/
317 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
318 : /* session_transcript.message_k is 0*/
319 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
320 : m_libspdm_local_buffer_size);
321 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
322 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
323 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
324 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
325 : response_finished_key, hash_size, ptr);
326 0 : ptr += hmac_size;
327 0 : free(data);
328 :
329 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
330 : false, spdm_response_size,
331 : spdm_response, response_size,
332 : response);
333 : }
334 0 : return LIBSPDM_STATUS_SUCCESS;
335 :
336 1 : case 0x4: {
337 : spdm_error_response_t *spdm_response;
338 : size_t spdm_response_size;
339 : size_t transport_header_size;
340 :
341 1 : spdm_response_size = sizeof(spdm_error_response_t);
342 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
343 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
344 :
345 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
346 1 : spdm_response->header.request_response_code = SPDM_ERROR;
347 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
348 1 : spdm_response->header.param2 = 0;
349 :
350 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
351 : false, spdm_response_size,
352 : spdm_response,
353 : response_size, response);
354 : }
355 1 : return LIBSPDM_STATUS_SUCCESS;
356 :
357 1 : case 0x5: {
358 : spdm_error_response_t *spdm_response;
359 : size_t spdm_response_size;
360 : size_t transport_header_size;
361 :
362 1 : spdm_response_size = sizeof(spdm_error_response_t);
363 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
364 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
365 :
366 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
367 1 : spdm_response->header.request_response_code = SPDM_ERROR;
368 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
369 1 : spdm_response->header.param2 = 0;
370 :
371 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
372 : false, spdm_response_size,
373 : spdm_response,
374 : response_size, response);
375 : }
376 1 : return LIBSPDM_STATUS_SUCCESS;
377 :
378 2 : case 0x6: {
379 : static size_t sub_index1 = 0;
380 2 : if (sub_index1 == 0) {
381 : spdm_error_response_t *spdm_response;
382 : size_t spdm_response_size;
383 : size_t transport_header_size;
384 :
385 1 : spdm_response_size = sizeof(spdm_error_response_t);
386 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
387 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
388 :
389 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
390 1 : spdm_response->header.request_response_code = SPDM_ERROR;
391 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
392 1 : spdm_response->header.param2 = 0;
393 :
394 1 : libspdm_transport_test_encode_message(
395 : spdm_context, NULL, false, false,
396 : spdm_response_size, spdm_response,
397 : response_size, response);
398 1 : sub_index1++;
399 1 : } else if (sub_index1 == 1) {
400 : spdm_finish_response_t *spdm_response;
401 : uint32_t hash_size;
402 : uint32_t hmac_size;
403 : uint8_t *ptr;
404 : void *data;
405 : size_t data_size;
406 : uint8_t *cert_buffer;
407 : size_t cert_buffer_size;
408 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
409 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
410 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
411 : size_t spdm_response_size;
412 : size_t transport_header_size;
413 :
414 : ((libspdm_context_t *)spdm_context)
415 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
416 : ((libspdm_context_t *)spdm_context)
417 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
418 : ((libspdm_context_t *)spdm_context)
419 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
420 : ((libspdm_context_t *)spdm_context)
421 : ->connection_info.algorithm
422 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
423 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
424 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
425 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
426 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
427 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
428 :
429 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
430 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
431 1 : spdm_response->header.param1 = 0;
432 1 : spdm_response->header.param2 = 0;
433 1 : ptr = (void *)(spdm_response + 1);
434 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
435 : sizeof(m_libspdm_local_buffer)
436 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
437 : m_libspdm_local_buffer),
438 : spdm_response, sizeof(spdm_finish_response_t));
439 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
440 1 : if (!libspdm_read_responder_public_certificate_chain(
441 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
442 : &data_size, NULL, NULL)) {
443 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
444 : }
445 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
446 1 : cert_buffer = (uint8_t *)data;
447 1 : cert_buffer_size = data_size;
448 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
449 : cert_buffer_size, cert_buffer_hash);
450 : /* transcript.message_a size is 0*/
451 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
452 : /* session_transcript.message_k is 0*/
453 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
454 : m_libspdm_local_buffer_size);
455 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
456 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
457 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
458 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
459 : response_finished_key, hash_size, ptr);
460 1 : ptr += hmac_size;
461 1 : free(data);
462 :
463 1 : libspdm_transport_test_encode_message(
464 : spdm_context, NULL, false, false, spdm_response_size,
465 : spdm_response, response_size, response);
466 : }
467 : }
468 2 : return LIBSPDM_STATUS_SUCCESS;
469 :
470 1 : case 0x7: {
471 : spdm_error_response_t *spdm_response;
472 : size_t spdm_response_size;
473 : size_t transport_header_size;
474 :
475 1 : spdm_response_size = sizeof(spdm_error_response_t);
476 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
477 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
478 :
479 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
480 1 : spdm_response->header.request_response_code = SPDM_ERROR;
481 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
482 1 : spdm_response->header.param2 = 0;
483 :
484 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
485 : false, spdm_response_size,
486 : spdm_response,
487 : response_size, response);
488 : }
489 1 : return LIBSPDM_STATUS_SUCCESS;
490 :
491 2 : case 0x8: {
492 : spdm_error_response_data_response_not_ready_t *spdm_response;
493 : size_t spdm_response_size;
494 : size_t transport_header_size;
495 :
496 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
497 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
498 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
499 :
500 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
501 2 : spdm_response->header.request_response_code = SPDM_ERROR;
502 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
503 2 : spdm_response->header.param2 = 0;
504 2 : spdm_response->extend_error_data.rd_exponent = 1;
505 2 : spdm_response->extend_error_data.rd_tm = 2;
506 2 : spdm_response->extend_error_data.request_code = SPDM_FINISH;
507 2 : spdm_response->extend_error_data.token = 0;
508 :
509 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
510 : false, spdm_response_size,
511 : spdm_response,
512 : response_size, response);
513 : }
514 2 : return LIBSPDM_STATUS_SUCCESS;
515 :
516 2 : case 0x9: {
517 : static size_t sub_index2 = 0;
518 2 : if (sub_index2 == 0) {
519 : spdm_error_response_data_response_not_ready_t
520 : *spdm_response;
521 : size_t spdm_response_size;
522 : size_t transport_header_size;
523 :
524 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
525 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
526 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
527 :
528 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
529 1 : spdm_response->header.request_response_code = SPDM_ERROR;
530 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
531 1 : spdm_response->header.param2 = 0;
532 1 : spdm_response->extend_error_data.rd_exponent = 1;
533 1 : spdm_response->extend_error_data.rd_tm = 2;
534 1 : spdm_response->extend_error_data.request_code = SPDM_FINISH;
535 1 : spdm_response->extend_error_data.token = 1;
536 :
537 1 : libspdm_transport_test_encode_message(
538 : spdm_context, NULL, false, false,
539 : spdm_response_size, spdm_response,
540 : response_size, response);
541 1 : sub_index2++;
542 1 : } else if (sub_index2 == 1) {
543 : spdm_finish_response_t *spdm_response;
544 : uint32_t hash_size;
545 : uint32_t hmac_size;
546 : uint8_t *ptr;
547 : void *data;
548 : size_t data_size;
549 : uint8_t *cert_buffer;
550 : size_t cert_buffer_size;
551 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
552 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
553 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
554 : size_t spdm_response_size;
555 : size_t transport_header_size;
556 :
557 : ((libspdm_context_t *)spdm_context)
558 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
559 : ((libspdm_context_t *)spdm_context)
560 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
561 : ((libspdm_context_t *)spdm_context)
562 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
563 : ((libspdm_context_t *)spdm_context)
564 : ->connection_info.algorithm
565 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
566 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
567 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
568 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
569 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
570 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
571 :
572 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
573 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
574 1 : spdm_response->header.param1 = 0;
575 1 : spdm_response->header.param2 = 0;
576 1 : ptr = (void *)(spdm_response + 1);
577 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
578 : sizeof(m_libspdm_local_buffer)
579 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
580 : m_libspdm_local_buffer),
581 : spdm_response, sizeof(spdm_finish_response_t));
582 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
583 1 : if (!libspdm_read_responder_public_certificate_chain(
584 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
585 : &data_size, NULL, NULL)) {
586 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
587 : }
588 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
589 1 : cert_buffer = (uint8_t *)data;
590 1 : cert_buffer_size = data_size;
591 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
592 : cert_buffer_size, cert_buffer_hash);
593 : /* transcript.message_a size is 0*/
594 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
595 : /* session_transcript.message_k is 0*/
596 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
597 : m_libspdm_local_buffer_size);
598 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
599 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
600 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
601 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
602 : response_finished_key, hash_size, ptr);
603 1 : ptr += hmac_size;
604 1 : free(data);
605 :
606 1 : libspdm_transport_test_encode_message(
607 : spdm_context, NULL, false, false, spdm_response_size,
608 : spdm_response, response_size, response);
609 : }
610 : }
611 2 : return LIBSPDM_STATUS_SUCCESS;
612 :
613 18 : case 0xA:
614 : {
615 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
616 :
617 : spdm_error_response_t *spdm_response;
618 : size_t spdm_response_size;
619 : size_t transport_header_size;
620 :
621 18 : spdm_response_size = sizeof(spdm_error_response_t);
622 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
623 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
624 :
625 18 : if(error_code <= 0xff) {
626 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
627 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
628 18 : spdm_response->header.request_response_code = SPDM_ERROR;
629 18 : spdm_response->header.param1 = (uint8_t) error_code;
630 18 : spdm_response->header.param2 = 0;
631 :
632 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
633 : spdm_response_size, spdm_response,
634 : response_size, response);
635 : }
636 :
637 18 : error_code++;
638 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
639 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
640 : }
641 : /* skip some reserved error codes (0d to 3e) */
642 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
643 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
644 : }
645 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
646 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
647 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
648 : }
649 : }
650 18 : return LIBSPDM_STATUS_SUCCESS;
651 1 : case 0xB:
652 : {
653 : spdm_finish_response_t *spdm_response;
654 : uint32_t hash_size;
655 : uint32_t hmac_size;
656 : uint8_t *ptr;
657 : void *data;
658 : size_t data_size;
659 : uint8_t *cert_buffer;
660 : size_t cert_buffer_size;
661 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
662 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
663 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
664 : size_t spdm_response_size;
665 : size_t transport_header_size;
666 :
667 : ((libspdm_context_t *)spdm_context)
668 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
669 : ((libspdm_context_t *)spdm_context)
670 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
671 : ((libspdm_context_t *)spdm_context)
672 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
673 : ((libspdm_context_t *)spdm_context)
674 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
675 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
676 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
677 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
678 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
679 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
680 :
681 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
682 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
683 1 : spdm_response->header.param1 = 0;
684 1 : spdm_response->header.param2 = 0;
685 1 : ptr = (void *)(spdm_response + 1);
686 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
687 : sizeof(m_libspdm_local_buffer)
688 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
689 : m_libspdm_local_buffer),
690 : spdm_response, sizeof(spdm_finish_response_t));
691 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
692 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
693 : m_libspdm_use_asym_algo, &data,
694 : &data_size, NULL, NULL)) {
695 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
696 : }
697 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
698 1 : cert_buffer = (uint8_t *)data;
699 1 : cert_buffer_size = data_size;
700 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
701 : /* transcript.message_a size is 0*/
702 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
703 : /* session_transcript.message_k is 0*/
704 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
705 : m_libspdm_local_buffer_size);
706 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
707 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
708 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
709 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
710 : response_finished_key, hash_size, ptr);
711 1 : ptr += hmac_size;
712 1 : free(data);
713 :
714 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
715 : false, spdm_response_size,
716 : spdm_response, response_size,
717 : response);
718 : }
719 1 : return LIBSPDM_STATUS_SUCCESS;
720 :
721 0 : case 0xC: {
722 : spdm_finish_response_t *spdm_response;
723 : uint32_t hash_size;
724 : uint32_t hmac_size;
725 : uint8_t *ptr;
726 : void *data;
727 : size_t data_size;
728 : uint8_t *cert_buffer;
729 : size_t cert_buffer_size;
730 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
731 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
732 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
733 : size_t spdm_response_size;
734 : size_t transport_header_size;
735 :
736 : ((libspdm_context_t *)spdm_context)
737 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
738 : ((libspdm_context_t *)spdm_context)
739 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
740 : ((libspdm_context_t *)spdm_context)
741 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
742 : ((libspdm_context_t *)spdm_context)
743 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
744 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
745 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
746 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
747 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
748 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
749 :
750 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
751 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
752 0 : spdm_response->header.param1 = 0;
753 0 : spdm_response->header.param2 = 0;
754 0 : ptr = (void *)(spdm_response + 1);
755 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
756 : sizeof(m_libspdm_local_buffer)
757 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
758 : m_libspdm_local_buffer),
759 : spdm_response, sizeof(spdm_finish_response_t));
760 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
761 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
762 : m_libspdm_use_asym_algo, &data,
763 : &data_size, NULL, NULL)) {
764 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
765 : }
766 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
767 0 : cert_buffer = (uint8_t *)data;
768 0 : cert_buffer_size = data_size;
769 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
770 : /* transcript.message_a size is 0*/
771 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
772 : /* session_transcript.message_k is 0*/
773 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
774 : m_libspdm_local_buffer_size);
775 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
776 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
777 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
778 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
779 : response_finished_key, hash_size, ptr);
780 0 : ptr += hmac_size;
781 0 : free(data);
782 :
783 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
784 : false, spdm_response_size,
785 : spdm_response, response_size,
786 : response);
787 : }
788 0 : return LIBSPDM_STATUS_SUCCESS;
789 :
790 0 : case 0xD: {
791 : spdm_finish_response_t *spdm_response;
792 : uint32_t hash_size;
793 : uint32_t hmac_size;
794 : uint8_t *ptr;
795 : void *data;
796 : size_t data_size;
797 : uint8_t *cert_buffer;
798 : size_t cert_buffer_size;
799 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
800 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
801 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
802 : size_t spdm_response_size;
803 : size_t transport_header_size;
804 :
805 : ((libspdm_context_t *)spdm_context)
806 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
807 : ((libspdm_context_t *)spdm_context)
808 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
809 : ((libspdm_context_t *)spdm_context)
810 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
811 : ((libspdm_context_t *)spdm_context)
812 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
813 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
814 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
815 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
816 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
817 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
818 :
819 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
820 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
821 0 : spdm_response->header.param1 = 0;
822 0 : spdm_response->header.param2 = 0;
823 0 : ptr = (void *)(spdm_response + 1);
824 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
825 : sizeof(m_libspdm_local_buffer)
826 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
827 : m_libspdm_local_buffer),
828 : spdm_response, sizeof(spdm_finish_response_t));
829 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
830 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
831 : m_libspdm_use_asym_algo, &data,
832 : &data_size, NULL, NULL)) {
833 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
834 : }
835 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
836 0 : cert_buffer = (uint8_t *)data;
837 0 : cert_buffer_size = data_size;
838 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
839 : /* transcript.message_a size is 0*/
840 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
841 : /* session_transcript.message_k is 0*/
842 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
843 : m_libspdm_local_buffer_size);
844 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
845 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
846 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
847 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
848 : response_finished_key, hash_size, ptr);
849 0 : ptr += hmac_size;
850 0 : free(data);
851 :
852 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
853 : false, spdm_response_size,
854 : spdm_response, response_size,
855 : response);
856 : }
857 0 : return LIBSPDM_STATUS_SUCCESS;
858 :
859 1 : case 0xE: {
860 : spdm_finish_response_t *spdm_response;
861 : uint32_t hash_size;
862 : uint32_t hmac_size;
863 : uint8_t *ptr;
864 : void *data;
865 : size_t data_size;
866 : uint8_t *cert_buffer;
867 : size_t cert_buffer_size;
868 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
869 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
870 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
871 : size_t spdm_response_size;
872 : size_t transport_header_size;
873 :
874 : ((libspdm_context_t *)spdm_context)
875 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
876 : ((libspdm_context_t *)spdm_context)
877 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
878 : ((libspdm_context_t *)spdm_context)
879 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
880 : ((libspdm_context_t *)spdm_context)
881 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
882 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
883 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
884 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
885 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
886 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
887 :
888 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
889 : /*wrong response code*/
890 1 : spdm_response->header.request_response_code = SPDM_FINISH;
891 1 : spdm_response->header.param1 = 0;
892 1 : spdm_response->header.param2 = 0;
893 1 : ptr = (void *)(spdm_response + 1);
894 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
895 : sizeof(m_libspdm_local_buffer)
896 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
897 : m_libspdm_local_buffer),
898 : spdm_response, sizeof(spdm_finish_response_t));
899 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
900 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
901 : m_libspdm_use_asym_algo, &data,
902 : &data_size, NULL, NULL)) {
903 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
904 : }
905 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
906 1 : cert_buffer = (uint8_t *)data;
907 1 : cert_buffer_size = data_size;
908 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
909 : /* transcript.message_a size is 0*/
910 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
911 : /* session_transcript.message_k is 0*/
912 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
913 : m_libspdm_local_buffer_size);
914 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
915 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
916 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
917 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
918 : response_finished_key, hash_size, ptr);
919 1 : ptr += hmac_size;
920 1 : free(data);
921 :
922 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
923 : false, spdm_response_size,
924 : spdm_response, response_size,
925 : response);
926 : }
927 1 : return LIBSPDM_STATUS_SUCCESS;
928 :
929 0 : case 0xF: {
930 : spdm_finish_response_t *spdm_response;
931 : uint32_t hash_size;
932 : uint32_t hmac_size;
933 : uint8_t *ptr;
934 : void *data;
935 : size_t data_size;
936 : uint8_t *cert_buffer;
937 : size_t cert_buffer_size;
938 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
939 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
940 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
941 : size_t spdm_response_size;
942 : size_t transport_header_size;
943 :
944 : ((libspdm_context_t *)spdm_context)
945 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
946 : ((libspdm_context_t *)spdm_context)
947 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
948 : ((libspdm_context_t *)spdm_context)
949 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
950 : ((libspdm_context_t *)spdm_context)
951 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
952 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
953 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
954 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
955 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
956 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
957 :
958 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
959 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
960 0 : spdm_response->header.param1 = 0;
961 0 : spdm_response->header.param2 = 0;
962 0 : ptr = (void *)(spdm_response + 1);
963 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
964 : sizeof(m_libspdm_local_buffer)
965 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
966 : m_libspdm_local_buffer),
967 : spdm_response, sizeof(spdm_finish_response_t));
968 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
969 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
970 : m_libspdm_use_asym_algo, &data,
971 : &data_size, NULL, NULL)) {
972 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
973 : }
974 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
975 0 : cert_buffer = (uint8_t *)data;
976 0 : cert_buffer_size = data_size;
977 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
978 : /* transcript.message_a size is 0*/
979 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
980 : /* session_transcript.message_k is 0*/
981 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
982 : m_libspdm_local_buffer_size);
983 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
984 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
985 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
986 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
987 : response_finished_key, hash_size, ptr);
988 0 : ptr += hmac_size;
989 0 : free(data);
990 :
991 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
992 : false, spdm_response_size,
993 : spdm_response, response_size,
994 : response);
995 : }
996 0 : return LIBSPDM_STATUS_SUCCESS;
997 :
998 1 : case 0x10: {
999 : spdm_finish_response_t *spdm_response;
1000 : uint32_t hash_size;
1001 : uint32_t hmac_size;
1002 : uint8_t *ptr;
1003 : void *data;
1004 : size_t data_size;
1005 : uint8_t *cert_buffer;
1006 : size_t cert_buffer_size;
1007 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1008 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1009 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1010 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1011 : size_t spdm_response_size;
1012 : size_t transport_header_size;
1013 :
1014 : ((libspdm_context_t *)spdm_context)
1015 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1016 : ((libspdm_context_t *)spdm_context)
1017 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1018 : ((libspdm_context_t *)spdm_context)
1019 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1020 : ((libspdm_context_t *)spdm_context)
1021 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1022 : ((libspdm_context_t *)spdm_context)
1023 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1024 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1025 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1026 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1027 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1028 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1029 :
1030 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1031 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1032 1 : spdm_response->header.param1 = 0;
1033 1 : spdm_response->header.param2 = 0;
1034 1 : ptr = (void *)(spdm_response + 1);
1035 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1036 : sizeof(m_libspdm_local_buffer)
1037 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1038 : m_libspdm_local_buffer),
1039 : spdm_response, sizeof(spdm_finish_response_t));
1040 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1041 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1042 : m_libspdm_use_asym_algo, &data,
1043 : &data_size, NULL, NULL)) {
1044 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1045 : }
1046 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1047 1 : cert_buffer = (uint8_t *)data;
1048 1 : cert_buffer_size = data_size;
1049 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1050 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1051 : m_libspdm_use_req_asym_algo, &data,
1052 : &data_size, NULL, NULL)) {
1053 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1054 : }
1055 1 : cert_buffer = (uint8_t *)data;
1056 1 : cert_buffer_size = data_size;
1057 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1058 : req_cert_buffer_hash);
1059 : /* transcript.message_a size is 0*/
1060 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1061 : /* session_transcript.message_k is 0*/
1062 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1063 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1064 : m_libspdm_local_buffer_size);
1065 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1066 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1067 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1068 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1069 : response_finished_key, hash_size, ptr);
1070 1 : ptr += hmac_size;
1071 1 : free(data);
1072 :
1073 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1074 : false, spdm_response_size,
1075 : spdm_response, response_size,
1076 : response);
1077 : }
1078 1 : return LIBSPDM_STATUS_SUCCESS;
1079 :
1080 1 : case 0x11: {
1081 : spdm_finish_response_t *spdm_response;
1082 : uint32_t hmac_size;
1083 : uint8_t *ptr;
1084 : size_t spdm_response_size;
1085 : size_t transport_header_size;
1086 :
1087 : ((libspdm_context_t *)spdm_context)
1088 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1089 : ((libspdm_context_t *)spdm_context)
1090 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1091 : ((libspdm_context_t *)spdm_context)
1092 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1093 : ((libspdm_context_t *)spdm_context)
1094 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1095 : ((libspdm_context_t *)spdm_context)
1096 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1097 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1098 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1099 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1100 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1101 :
1102 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1103 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1104 1 : spdm_response->header.param1 = 0;
1105 1 : spdm_response->header.param2 = 0;
1106 1 : ptr = (void *)(spdm_response + 1);
1107 1 : libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
1108 1 : ptr += hmac_size;
1109 :
1110 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1111 : false, spdm_response_size,
1112 : spdm_response, response_size,
1113 : response);
1114 : }
1115 1 : return LIBSPDM_STATUS_SUCCESS;
1116 :
1117 1 : case 0x12: {
1118 : spdm_finish_response_t *spdm_response;
1119 : uint32_t hash_size;
1120 : uint32_t hmac_size;
1121 : uint8_t *ptr;
1122 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1123 : uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
1124 : size_t spdm_response_size;
1125 : size_t transport_header_size;
1126 :
1127 : ((libspdm_context_t *)spdm_context)
1128 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1129 : ((libspdm_context_t *)spdm_context)
1130 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1131 : ((libspdm_context_t *)spdm_context)
1132 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1133 : ((libspdm_context_t *)spdm_context)
1134 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1135 : ((libspdm_context_t *)spdm_context)
1136 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1137 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1138 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1139 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1140 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1141 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1142 :
1143 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1144 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1145 1 : spdm_response->header.param1 = 0;
1146 1 : spdm_response->header.param2 = 0;
1147 1 : ptr = (void *)(spdm_response + 1);
1148 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1149 1 : libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
1150 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
1151 : response_finished_key, hash_size, ptr);
1152 1 : ptr += hmac_size;
1153 :
1154 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1155 : false, spdm_response_size,
1156 : spdm_response, response_size,
1157 : response);
1158 : }
1159 1 : return LIBSPDM_STATUS_SUCCESS;
1160 :
1161 0 : case 0x13: {
1162 : }
1163 0 : return LIBSPDM_STATUS_SUCCESS;
1164 :
1165 1 : case 0x14: {
1166 : spdm_finish_response_t *spdm_response;
1167 : uint32_t hash_size;
1168 : uint32_t hmac_size;
1169 : uint8_t *ptr;
1170 : void *data;
1171 : size_t data_size;
1172 : uint8_t *cert_buffer;
1173 : size_t cert_buffer_size;
1174 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1175 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1176 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1177 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1178 : size_t spdm_response_size;
1179 : size_t transport_header_size;
1180 :
1181 : ((libspdm_context_t *)spdm_context)
1182 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1183 : ((libspdm_context_t *)spdm_context)
1184 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1185 : ((libspdm_context_t *)spdm_context)
1186 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1187 : ((libspdm_context_t *)spdm_context)
1188 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1189 : ((libspdm_context_t *)spdm_context)
1190 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1191 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1192 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1193 1 : spdm_response_size = sizeof(spdm_finish_response_t) +
1194 1 : hmac_size/2;/* half HMAC size*/
1195 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1196 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1197 :
1198 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1199 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1200 1 : spdm_response->header.param1 = 0;
1201 1 : spdm_response->header.param2 = 0;
1202 1 : ptr = (void *)(spdm_response + 1);
1203 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1204 : sizeof(m_libspdm_local_buffer)
1205 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1206 : m_libspdm_local_buffer),
1207 : spdm_response, sizeof(spdm_finish_response_t));
1208 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1209 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1210 : m_libspdm_use_asym_algo, &data,
1211 : &data_size, NULL, NULL)) {
1212 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1213 : }
1214 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1215 1 : cert_buffer = (uint8_t *)data;
1216 1 : cert_buffer_size = data_size;
1217 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1218 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1219 : m_libspdm_use_req_asym_algo, &data,
1220 : &data_size, NULL, NULL)) {
1221 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1222 : }
1223 1 : cert_buffer = (uint8_t *)data;
1224 1 : cert_buffer_size = data_size;
1225 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1226 : req_cert_buffer_hash);
1227 : /* transcript.message_a size is 0*/
1228 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1229 : /* session_transcript.message_k is 0*/
1230 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1231 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1232 : m_libspdm_local_buffer_size);
1233 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1234 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1235 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1236 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1237 : response_finished_key, hash_size, ptr);
1238 1 : ptr += hmac_size/2; /* half HMAC size*/
1239 1 : libspdm_set_mem(ptr, hmac_size/2, (uint8_t) 0x00);
1240 1 : free(data);
1241 :
1242 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1243 : false, spdm_response_size,
1244 : spdm_response, response_size,
1245 : response);
1246 : }
1247 1 : return LIBSPDM_STATUS_SUCCESS;
1248 :
1249 1 : case 0x15: {
1250 : spdm_error_response_t *spdm_response;
1251 : size_t spdm_response_size;
1252 : size_t transport_header_size;
1253 :
1254 1 : spdm_response_size = sizeof(spdm_error_response_t);
1255 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1256 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1257 :
1258 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1259 1 : spdm_response->header.request_response_code = SPDM_ERROR;
1260 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
1261 1 : spdm_response->header.param2 = 0;
1262 :
1263 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1264 : false, spdm_response_size,
1265 : spdm_response,
1266 : response_size, response);
1267 : }
1268 1 : return LIBSPDM_STATUS_SUCCESS;
1269 :
1270 1 : case 0x16: {
1271 : spdm_finish_response_t *spdm_response;
1272 : uint32_t hash_size;
1273 : uint32_t hmac_size;
1274 : uint8_t *ptr;
1275 : void *data;
1276 : size_t data_size;
1277 : uint8_t *cert_buffer;
1278 : size_t cert_buffer_size;
1279 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1280 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1281 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1282 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1283 : size_t spdm_response_size;
1284 : size_t transport_header_size;
1285 :
1286 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1287 : m_libspdm_use_asym_algo;
1288 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.req_base_asym_alg =
1289 : m_libspdm_use_req_asym_algo;
1290 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1291 : m_libspdm_use_hash_algo;
1292 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.dhe_named_group =
1293 : m_libspdm_use_dhe_algo;
1294 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.measurement_hash_algo =
1295 : m_libspdm_use_measurement_hash_algo;
1296 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1297 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1298 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1299 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1300 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1301 :
1302 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1303 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1304 1 : spdm_response->header.param1 = 0;
1305 1 : spdm_response->header.param2 = 0;
1306 1 : ptr = (void *)(spdm_response + 1);
1307 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1308 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1309 : spdm_response, sizeof(spdm_finish_response_t));
1310 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1311 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1312 : m_libspdm_use_asym_algo, &data,
1313 : &data_size, NULL, NULL)) {
1314 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1315 : }
1316 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1317 1 : cert_buffer = (uint8_t *)data;
1318 1 : cert_buffer_size = data_size;
1319 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1320 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1321 : m_libspdm_use_req_asym_algo, &data,
1322 : &data_size, NULL, NULL)) {
1323 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1324 : }
1325 1 : cert_buffer = (uint8_t *)data;
1326 1 : cert_buffer_size = data_size;
1327 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1328 : req_cert_buffer_hash);
1329 : /* transcript.message_a size is 0*/
1330 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1331 : /* session_transcript.message_k is 0*/
1332 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1333 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1334 : m_libspdm_local_buffer_size);
1335 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1336 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1337 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1338 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1339 : response_finished_key, hash_size, ptr);
1340 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1341 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1342 : ptr, hmac_size);
1343 1 : m_libspdm_local_buffer_size += hmac_size;
1344 1 : ptr += hmac_size;
1345 1 : free(data);
1346 :
1347 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1348 : false, spdm_response_size,
1349 : spdm_response, response_size,
1350 : response);
1351 : }
1352 1 : return LIBSPDM_STATUS_SUCCESS;
1353 1 : case 0x17: {
1354 : spdm_finish_response_t *spdm_response;
1355 : uint32_t hash_size;
1356 : uint32_t hmac_size;
1357 : uint8_t *ptr;
1358 : void *data;
1359 : size_t data_size;
1360 : uint8_t *cert_buffer;
1361 : size_t cert_buffer_size;
1362 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1363 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1364 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1365 : size_t spdm_response_size;
1366 : size_t transport_header_size;
1367 :
1368 : ((libspdm_context_t *)spdm_context)
1369 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1370 : ((libspdm_context_t *)spdm_context)
1371 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1372 : ((libspdm_context_t *)spdm_context)
1373 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1374 : ((libspdm_context_t *)spdm_context)
1375 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1376 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1377 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1378 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1379 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1380 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1381 :
1382 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1383 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1384 1 : spdm_response->header.param1 = 0;
1385 1 : spdm_response->header.param2 = 0;
1386 1 : ptr = (void *)(spdm_response + 1);
1387 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1388 : sizeof(m_libspdm_local_buffer)
1389 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1390 : m_libspdm_local_buffer),
1391 : spdm_response, sizeof(spdm_finish_response_t));
1392 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1393 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
1394 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1395 : }
1396 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1397 1 : cert_buffer = (uint8_t *)data;
1398 1 : cert_buffer_size = data_size;
1399 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1400 : /* transcript.message_a size is 0*/
1401 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1402 : /* session_transcript.message_k is 0*/
1403 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1404 : m_libspdm_local_buffer_size);
1405 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1406 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1407 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1408 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1409 : response_finished_key, hash_size, ptr);
1410 1 : ptr += hmac_size;
1411 1 : free(data);
1412 :
1413 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1414 : false, spdm_response_size,
1415 : spdm_response, response_size,
1416 : response);
1417 : }
1418 1 : return LIBSPDM_STATUS_SUCCESS;
1419 1 : case 0x18: {
1420 : spdm_finish_response_t *spdm_response;
1421 : libspdm_session_info_t *session_info;
1422 : size_t spdm_response_size;
1423 : size_t transport_header_size;
1424 : uint32_t session_id;
1425 : uint8_t *scratch_buffer;
1426 : size_t scratch_buffer_size;
1427 :
1428 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1429 :
1430 : /* The ResponderVerifyData field does absent.*/
1431 1 : spdm_response_size = sizeof(spdm_finish_response_t);
1432 :
1433 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1434 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1435 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1436 1 : spdm_response->header.param1 = 0;
1437 1 : spdm_response->header.param2 = 0;
1438 :
1439 1 : session_id = 0xFFFFFFFF;
1440 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1441 : * transport_message is always in sender buffer. */
1442 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1443 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1444 : scratch_buffer_size - transport_header_size,
1445 : spdm_response, spdm_response_size);
1446 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1447 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1448 : spdm_response_size, spdm_response,
1449 : response_size, response);
1450 :
1451 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1452 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1453 1 : handshake_secret.response_handshake_sequence_number--;
1454 : }
1455 1 : return LIBSPDM_STATUS_SUCCESS;
1456 1 : case 0x19: {
1457 : spdm_finish_response_t *spdm_response;
1458 : libspdm_session_info_t *session_info;
1459 : size_t spdm_response_size;
1460 : size_t transport_header_size;
1461 : uint32_t session_id;
1462 : uint8_t *scratch_buffer;
1463 : size_t scratch_buffer_size;
1464 : uint16_t opaque_data_size;
1465 : uint8_t *ptr;
1466 :
1467 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1468 :
1469 1 : opaque_data_size = 8;
1470 : /* The ResponderVerifyData field does absent.*/
1471 1 : spdm_response_size = sizeof(spdm_finish_response_t) + sizeof(uint16_t) + opaque_data_size;
1472 :
1473 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1474 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_14;
1475 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1476 1 : spdm_response->header.param1 = 0;
1477 1 : spdm_response->header.param2 = 0;
1478 1 : ptr = (uint8_t *)spdm_response + sizeof(spdm_finish_response_t);
1479 1 : libspdm_write_uint16(ptr, opaque_data_size);
1480 :
1481 1 : session_id = 0xFFFFFFFF;
1482 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1483 : * transport_message is always in sender buffer. */
1484 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1485 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1486 : scratch_buffer_size - transport_header_size,
1487 : spdm_response, spdm_response_size);
1488 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1489 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1490 : spdm_response_size, spdm_response,
1491 : response_size, response);
1492 :
1493 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1494 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1495 1 : handshake_secret.response_handshake_sequence_number--;
1496 : }
1497 1 : return LIBSPDM_STATUS_SUCCESS;
1498 :
1499 0 : default:
1500 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1501 : }
1502 : }
1503 :
1504 : /**
1505 : * Test 1: when no FINISH_RSP message is received, and the client returns a
1506 : * device error.
1507 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1508 : **/
1509 1 : static void req_finish_case1(void **state)
1510 : {
1511 : libspdm_return_t status;
1512 : libspdm_test_context_t *spdm_test_context;
1513 : libspdm_context_t *spdm_context;
1514 : uint32_t session_id;
1515 : uint8_t req_slot_id_param;
1516 : void *data;
1517 : size_t data_size;
1518 : void *hash;
1519 : size_t hash_size;
1520 : libspdm_session_info_t *session_info;
1521 :
1522 1 : spdm_test_context = *state;
1523 1 : spdm_context = spdm_test_context->spdm_context;
1524 1 : spdm_test_context->case_id = 0x1;
1525 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1526 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1527 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1528 1 : spdm_context->connection_info.capability.flags |=
1529 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1530 1 : spdm_context->connection_info.capability.flags |=
1531 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1532 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1533 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1534 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1535 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1536 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1537 : m_libspdm_use_asym_algo, &data,
1538 : &data_size, &hash, &hash_size)) {
1539 0 : assert(false);
1540 : }
1541 1 : libspdm_reset_message_a(spdm_context);
1542 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1543 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1544 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1545 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1546 :
1547 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1548 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1549 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1550 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1551 : data, data_size);
1552 : #else
1553 1 : libspdm_hash_all(
1554 : spdm_context->connection_info.algorithm.base_hash_algo,
1555 : data, data_size,
1556 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1557 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1558 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1559 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1560 : spdm_context->connection_info.algorithm.base_hash_algo,
1561 : spdm_context->connection_info.algorithm.base_asym_algo,
1562 : data, data_size,
1563 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1564 : #endif
1565 :
1566 1 : session_id = 0xFFFFFFFF;
1567 1 : session_info = &spdm_context->session_info[0];
1568 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1569 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1570 1 : session_info->peer_used_cert_chain_slot_id = 0;
1571 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1572 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1573 1 : libspdm_secured_message_set_response_finished_key(
1574 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1575 : hash_size);
1576 1 : libspdm_secured_message_set_session_state(
1577 : session_info->secured_message_context,
1578 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1579 :
1580 1 : spdm_context->connection_info.capability.flags |=
1581 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1582 1 : spdm_context->local_context.capability.flags |=
1583 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1584 1 : req_slot_id_param = 0;
1585 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1586 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
1587 1 : free(data);
1588 1 : }
1589 :
1590 : /**
1591 : * Test 2: receiving a correct FINISH_RSP message with only MAC (no
1592 : * mutual authentication) and 'handshake in the clear'.
1593 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
1594 : * session is established.
1595 : **/
1596 1 : static void req_finish_case2(void **state)
1597 : {
1598 : libspdm_return_t status;
1599 : libspdm_test_context_t *spdm_test_context;
1600 : libspdm_context_t *spdm_context;
1601 : uint32_t session_id;
1602 : uint8_t req_slot_id_param;
1603 : void *data;
1604 : size_t data_size;
1605 : void *hash;
1606 : size_t hash_size;
1607 : libspdm_session_info_t *session_info;
1608 : libspdm_secured_message_context_t *secured_message_context;
1609 :
1610 1 : spdm_test_context = *state;
1611 1 : spdm_context = spdm_test_context->spdm_context;
1612 1 : spdm_test_context->case_id = 0x2;
1613 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1614 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1615 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1616 1 : spdm_context->connection_info.capability.flags |=
1617 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1618 1 : spdm_context->connection_info.capability.flags |=
1619 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1620 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1621 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1622 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1623 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1624 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1625 : m_libspdm_use_asym_algo, &data,
1626 : &data_size, &hash, &hash_size)) {
1627 0 : assert(false);
1628 : }
1629 1 : libspdm_reset_message_a(spdm_context);
1630 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1631 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1632 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1633 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1634 :
1635 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1636 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1637 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1638 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1639 : data, data_size);
1640 : #else
1641 1 : libspdm_hash_all(
1642 : spdm_context->connection_info.algorithm.base_hash_algo,
1643 : data, data_size,
1644 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1645 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1646 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1647 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1648 : spdm_context->connection_info.algorithm.base_hash_algo,
1649 : spdm_context->connection_info.algorithm.base_asym_algo,
1650 : data, data_size,
1651 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1652 : #endif
1653 :
1654 1 : session_id = 0xFFFFFFFF;
1655 1 : session_info = &spdm_context->session_info[0];
1656 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1657 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1658 1 : session_info->peer_used_cert_chain_slot_id = 0;
1659 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1660 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1661 1 : libspdm_secured_message_set_response_finished_key(
1662 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1663 : hash_size);
1664 1 : libspdm_secured_message_set_session_state(
1665 : session_info->secured_message_context,
1666 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1667 :
1668 1 : spdm_context->connection_info.capability.flags |=
1669 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1670 1 : spdm_context->local_context.capability.flags |=
1671 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1672 1 : req_slot_id_param = 0;
1673 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1674 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1675 1 : assert_int_equal(
1676 : libspdm_secured_message_get_session_state(
1677 : spdm_context->session_info[0].secured_message_context),
1678 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1679 :
1680 1 : secured_message_context = session_info->secured_message_context;
1681 :
1682 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
1683 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
1684 1 : free(data);
1685 1 : }
1686 :
1687 : /**
1688 : * Test 3: requester state has not been negotiated, as if GET_VERSION, GET_CAPABILITIES and
1689 : * NEGOTIATE_ALGORITHMS had not been exchanged.
1690 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1691 : **/
1692 1 : static void req_finish_case3(void **state)
1693 : {
1694 : libspdm_return_t status;
1695 : libspdm_test_context_t *spdm_test_context;
1696 : libspdm_context_t *spdm_context;
1697 : uint32_t session_id;
1698 : uint8_t req_slot_id_param;
1699 : void *data;
1700 : size_t data_size;
1701 : void *hash;
1702 : size_t hash_size;
1703 : libspdm_session_info_t *session_info;
1704 :
1705 1 : spdm_test_context = *state;
1706 1 : spdm_context = spdm_test_context->spdm_context;
1707 1 : spdm_test_context->case_id = 0x3;
1708 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1709 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1710 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
1711 1 : spdm_context->connection_info.capability.flags |=
1712 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1713 1 : spdm_context->connection_info.capability.flags |=
1714 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1715 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1716 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1717 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1718 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1719 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1720 : m_libspdm_use_asym_algo, &data,
1721 : &data_size, &hash, &hash_size)) {
1722 0 : assert(false);
1723 : }
1724 1 : libspdm_reset_message_a(spdm_context);
1725 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1726 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1727 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1728 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1729 :
1730 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1731 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1732 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1733 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1734 : data, data_size);
1735 : #else
1736 1 : libspdm_hash_all(
1737 : spdm_context->connection_info.algorithm.base_hash_algo,
1738 : data, data_size,
1739 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1740 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1741 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1742 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1743 : spdm_context->connection_info.algorithm.base_hash_algo,
1744 : spdm_context->connection_info.algorithm.base_asym_algo,
1745 : data, data_size,
1746 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1747 : #endif
1748 :
1749 1 : session_id = 0xFFFFFFFF;
1750 1 : session_info = &spdm_context->session_info[0];
1751 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1752 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1753 1 : session_info->peer_used_cert_chain_slot_id = 0;
1754 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1755 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1756 1 : libspdm_secured_message_set_response_finished_key(
1757 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1758 : hash_size);
1759 1 : libspdm_secured_message_set_session_state(
1760 : session_info->secured_message_context,
1761 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1762 :
1763 1 : spdm_context->connection_info.capability.flags |=
1764 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1765 1 : spdm_context->local_context.capability.flags |=
1766 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1767 1 : req_slot_id_param = 0;
1768 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1769 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
1770 1 : free(data);
1771 1 : }
1772 :
1773 : /**
1774 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
1775 : * message indicating InvalidParameters.
1776 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1777 : **/
1778 1 : static void req_finish_case4(void **state)
1779 : {
1780 : libspdm_return_t status;
1781 : libspdm_test_context_t *spdm_test_context;
1782 : libspdm_context_t *spdm_context;
1783 : uint32_t session_id;
1784 : uint8_t req_slot_id_param;
1785 : void *data;
1786 : size_t data_size;
1787 : void *hash;
1788 : size_t hash_size;
1789 : libspdm_session_info_t *session_info;
1790 :
1791 1 : spdm_test_context = *state;
1792 1 : spdm_context = spdm_test_context->spdm_context;
1793 1 : spdm_test_context->case_id = 0x4;
1794 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1795 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1796 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1797 1 : spdm_context->connection_info.capability.flags |=
1798 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1799 1 : spdm_context->connection_info.capability.flags |=
1800 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1801 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1802 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1803 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1804 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1805 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1806 : m_libspdm_use_asym_algo, &data,
1807 : &data_size, &hash, &hash_size)) {
1808 0 : assert(false);
1809 : }
1810 1 : libspdm_reset_message_a(spdm_context);
1811 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1812 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1813 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1814 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1815 :
1816 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1817 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1818 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1819 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1820 : data, data_size);
1821 : #else
1822 1 : libspdm_hash_all(
1823 : spdm_context->connection_info.algorithm.base_hash_algo,
1824 : data, data_size,
1825 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1826 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1827 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1828 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1829 : spdm_context->connection_info.algorithm.base_hash_algo,
1830 : spdm_context->connection_info.algorithm.base_asym_algo,
1831 : data, data_size,
1832 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1833 : #endif
1834 :
1835 1 : session_id = 0xFFFFFFFF;
1836 1 : session_info = &spdm_context->session_info[0];
1837 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1838 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1839 1 : session_info->peer_used_cert_chain_slot_id = 0;
1840 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1841 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1842 1 : libspdm_secured_message_set_response_finished_key(
1843 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1844 : hash_size);
1845 1 : libspdm_secured_message_set_session_state(
1846 : session_info->secured_message_context,
1847 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1848 :
1849 1 : spdm_context->connection_info.capability.flags |=
1850 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1851 1 : spdm_context->local_context.capability.flags |=
1852 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1853 1 : req_slot_id_param = 0;
1854 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1855 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1856 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1857 1 : free(data);
1858 1 : }
1859 :
1860 : /**
1861 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
1862 : * message indicating the Busy status of the responder.
1863 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1864 : **/
1865 1 : static void req_finish_case5(void **state)
1866 : {
1867 : libspdm_return_t status;
1868 : libspdm_test_context_t *spdm_test_context;
1869 : libspdm_context_t *spdm_context;
1870 : uint32_t session_id;
1871 : uint8_t req_slot_id_param;
1872 : void *data;
1873 : size_t data_size;
1874 : void *hash;
1875 : size_t hash_size;
1876 : libspdm_session_info_t *session_info;
1877 :
1878 1 : spdm_test_context = *state;
1879 1 : spdm_context = spdm_test_context->spdm_context;
1880 1 : spdm_test_context->case_id = 0x5;
1881 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1882 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1883 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1884 1 : spdm_context->connection_info.capability.flags |=
1885 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1886 1 : spdm_context->connection_info.capability.flags |=
1887 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1888 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1889 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1890 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1891 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1892 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1893 : m_libspdm_use_asym_algo, &data,
1894 : &data_size, &hash, &hash_size)) {
1895 0 : assert(false);
1896 : }
1897 1 : libspdm_reset_message_a(spdm_context);
1898 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1899 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1900 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1901 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1902 :
1903 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1904 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1905 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1906 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1907 : data, data_size);
1908 : #else
1909 1 : libspdm_hash_all(
1910 : spdm_context->connection_info.algorithm.base_hash_algo,
1911 : data, data_size,
1912 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1913 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1914 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1915 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1916 : spdm_context->connection_info.algorithm.base_hash_algo,
1917 : spdm_context->connection_info.algorithm.base_asym_algo,
1918 : data, data_size,
1919 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1920 : #endif
1921 :
1922 1 : session_id = 0xFFFFFFFF;
1923 1 : session_info = &spdm_context->session_info[0];
1924 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1925 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1926 1 : session_info->peer_used_cert_chain_slot_id = 0;
1927 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1928 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1929 1 : libspdm_secured_message_set_response_finished_key(
1930 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1931 : hash_size);
1932 1 : libspdm_secured_message_set_session_state(
1933 : session_info->secured_message_context,
1934 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1935 :
1936 1 : spdm_context->connection_info.capability.flags |=
1937 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1938 1 : spdm_context->local_context.capability.flags |=
1939 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1940 1 : req_slot_id_param = 0;
1941 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1942 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
1943 1 : free(data);
1944 1 : }
1945 :
1946 : /**
1947 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
1948 : * receiving a Busy ERROR message, and on retry, receiving a correct FINISH_RSP
1949 : * message with only MAC (no mutual authentication).
1950 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
1951 : **/
1952 1 : static void req_finish_case6(void **state)
1953 : {
1954 : libspdm_return_t status;
1955 : libspdm_test_context_t *spdm_test_context;
1956 : libspdm_context_t *spdm_context;
1957 : uint32_t session_id;
1958 : uint8_t req_slot_id_param;
1959 : void *data;
1960 : size_t data_size;
1961 : void *hash;
1962 : size_t hash_size;
1963 : libspdm_session_info_t *session_info;
1964 :
1965 1 : spdm_test_context = *state;
1966 1 : spdm_context = spdm_test_context->spdm_context;
1967 1 : spdm_test_context->case_id = 0x6;
1968 1 : spdm_context->retry_times = 3;
1969 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1970 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1971 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1972 1 : spdm_context->connection_info.capability.flags |=
1973 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1974 1 : spdm_context->connection_info.capability.flags |=
1975 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1976 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1977 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1978 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1979 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1980 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1981 : m_libspdm_use_asym_algo, &data,
1982 : &data_size, &hash, &hash_size)) {
1983 0 : assert(false);
1984 : }
1985 1 : libspdm_reset_message_a(spdm_context);
1986 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1987 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1988 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1989 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1990 :
1991 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1992 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1993 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1994 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1995 : data, data_size);
1996 : #else
1997 1 : libspdm_hash_all(
1998 : spdm_context->connection_info.algorithm.base_hash_algo,
1999 : data, data_size,
2000 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2001 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2002 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2003 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2004 : spdm_context->connection_info.algorithm.base_hash_algo,
2005 : spdm_context->connection_info.algorithm.base_asym_algo,
2006 : data, data_size,
2007 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2008 : #endif
2009 :
2010 1 : session_id = 0xFFFFFFFF;
2011 1 : session_info = &spdm_context->session_info[0];
2012 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2013 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2014 1 : session_info->peer_used_cert_chain_slot_id = 0;
2015 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2016 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2017 1 : libspdm_secured_message_set_response_finished_key(
2018 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2019 : hash_size);
2020 1 : libspdm_secured_message_set_session_state(
2021 : session_info->secured_message_context,
2022 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2023 :
2024 1 : spdm_context->connection_info.capability.flags |=
2025 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2026 1 : spdm_context->local_context.capability.flags |=
2027 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2028 1 : req_slot_id_param = 0;
2029 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2030 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2031 1 : assert_int_equal(
2032 : libspdm_secured_message_get_session_state(
2033 : spdm_context->session_info[0].secured_message_context),
2034 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2035 1 : free(data);
2036 1 : }
2037 :
2038 : /**
2039 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2040 : * message indicating the RequestResynch status of the responder.
2041 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the
2042 : * communication is reset to expect a new GET_VERSION message.
2043 : **/
2044 1 : static void req_finish_case7(void **state)
2045 : {
2046 : libspdm_return_t status;
2047 : libspdm_test_context_t *spdm_test_context;
2048 : libspdm_context_t *spdm_context;
2049 : uint32_t session_id;
2050 : uint8_t req_slot_id_param;
2051 : void *data;
2052 : size_t data_size;
2053 : void *hash;
2054 : size_t hash_size;
2055 : libspdm_session_info_t *session_info;
2056 :
2057 1 : spdm_test_context = *state;
2058 1 : spdm_context = spdm_test_context->spdm_context;
2059 1 : spdm_test_context->case_id = 0x7;
2060 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2061 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2062 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2063 1 : spdm_context->connection_info.capability.flags |=
2064 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2065 1 : spdm_context->connection_info.capability.flags |=
2066 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2067 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2068 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2069 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2070 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2071 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2072 : m_libspdm_use_asym_algo, &data,
2073 : &data_size, &hash, &hash_size)) {
2074 0 : assert(false);
2075 : }
2076 1 : libspdm_reset_message_a(spdm_context);
2077 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2078 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2079 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2080 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2081 :
2082 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2083 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2084 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2085 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2086 : data, data_size);
2087 : #else
2088 1 : libspdm_hash_all(
2089 : spdm_context->connection_info.algorithm.base_hash_algo,
2090 : data, data_size,
2091 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2092 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2093 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2094 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2095 : spdm_context->connection_info.algorithm.base_hash_algo,
2096 : spdm_context->connection_info.algorithm.base_asym_algo,
2097 : data, data_size,
2098 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2099 : #endif
2100 :
2101 1 : session_id = 0xFFFFFFFF;
2102 1 : session_info = &spdm_context->session_info[0];
2103 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2104 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2105 1 : session_info->peer_used_cert_chain_slot_id = 0;
2106 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2107 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2108 1 : libspdm_secured_message_set_response_finished_key(
2109 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2110 : hash_size);
2111 1 : libspdm_secured_message_set_session_state(
2112 : session_info->secured_message_context,
2113 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2114 :
2115 1 : spdm_context->connection_info.capability.flags |=
2116 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2117 1 : spdm_context->local_context.capability.flags |=
2118 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2119 1 : req_slot_id_param = 0;
2120 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2121 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2122 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2123 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2124 1 : free(data);
2125 1 : }
2126 :
2127 : /**
2128 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2129 : * message indicating the ResponseNotReady status of the responder.
2130 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR,.
2131 : **/
2132 1 : static void req_finish_case8(void **state)
2133 : {
2134 : libspdm_return_t status;
2135 : libspdm_test_context_t *spdm_test_context;
2136 : libspdm_context_t *spdm_context;
2137 : uint32_t session_id;
2138 : uint8_t req_slot_id_param;
2139 : void *data;
2140 : size_t data_size;
2141 : void *hash;
2142 : size_t hash_size;
2143 : libspdm_session_info_t *session_info;
2144 :
2145 1 : spdm_test_context = *state;
2146 1 : spdm_context = spdm_test_context->spdm_context;
2147 1 : spdm_test_context->case_id = 0x8;
2148 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2149 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2150 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2151 1 : spdm_context->connection_info.capability.flags |=
2152 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2153 1 : spdm_context->connection_info.capability.flags |=
2154 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2155 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2156 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2157 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2158 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2159 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2160 : m_libspdm_use_asym_algo, &data,
2161 : &data_size, &hash, &hash_size)) {
2162 0 : assert(false);
2163 : }
2164 1 : libspdm_reset_message_a(spdm_context);
2165 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2166 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2167 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2168 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2169 :
2170 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2171 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2172 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2173 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2174 : data, data_size);
2175 : #else
2176 1 : libspdm_hash_all(
2177 : spdm_context->connection_info.algorithm.base_hash_algo,
2178 : data, data_size,
2179 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2180 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2181 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2182 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2183 : spdm_context->connection_info.algorithm.base_hash_algo,
2184 : spdm_context->connection_info.algorithm.base_asym_algo,
2185 : data, data_size,
2186 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2187 : #endif
2188 :
2189 1 : session_id = 0xFFFFFFFF;
2190 1 : session_info = &spdm_context->session_info[0];
2191 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2192 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2193 1 : session_info->peer_used_cert_chain_slot_id = 0;
2194 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2195 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2196 1 : libspdm_secured_message_set_response_finished_key(
2197 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2198 : hash_size);
2199 1 : libspdm_secured_message_set_session_state(
2200 : session_info->secured_message_context,
2201 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2202 :
2203 1 : spdm_context->connection_info.capability.flags |=
2204 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2205 1 : spdm_context->local_context.capability.flags |=
2206 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2207 1 : req_slot_id_param = 0;
2208 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2209 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2210 1 : free(data);
2211 1 : }
2212 :
2213 : /**
2214 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2215 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2216 : * FINISH_RSP message with only MAC (no mutual authentication).
2217 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
2218 : **/
2219 1 : static void req_finish_case9(void **state)
2220 : {
2221 : libspdm_return_t status;
2222 : libspdm_test_context_t *spdm_test_context;
2223 : libspdm_context_t *spdm_context;
2224 : uint32_t session_id;
2225 : uint8_t req_slot_id_param;
2226 : void *data;
2227 : size_t data_size;
2228 : void *hash;
2229 : size_t hash_size;
2230 : libspdm_session_info_t *session_info;
2231 :
2232 1 : spdm_test_context = *state;
2233 1 : spdm_context = spdm_test_context->spdm_context;
2234 1 : spdm_test_context->case_id = 0x9;
2235 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2236 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2237 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2238 1 : spdm_context->connection_info.capability.flags |=
2239 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2240 1 : spdm_context->connection_info.capability.flags |=
2241 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2242 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2243 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2244 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2245 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2246 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2247 : m_libspdm_use_asym_algo, &data,
2248 : &data_size, &hash, &hash_size)) {
2249 0 : assert(false);
2250 : }
2251 1 : libspdm_reset_message_a(spdm_context);
2252 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2253 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2254 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2255 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2256 :
2257 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2258 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2259 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2260 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2261 : data, data_size);
2262 : #else
2263 1 : libspdm_hash_all(
2264 : spdm_context->connection_info.algorithm.base_hash_algo,
2265 : data, data_size,
2266 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2267 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2268 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2269 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2270 : spdm_context->connection_info.algorithm.base_hash_algo,
2271 : spdm_context->connection_info.algorithm.base_asym_algo,
2272 : data, data_size,
2273 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2274 : #endif
2275 :
2276 1 : session_id = 0xFFFFFFFF;
2277 1 : session_info = &spdm_context->session_info[0];
2278 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2279 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2280 1 : session_info->peer_used_cert_chain_slot_id = 0;
2281 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2282 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2283 1 : libspdm_secured_message_set_response_finished_key(
2284 : session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
2285 1 : libspdm_secured_message_set_session_state(
2286 : session_info->secured_message_context,
2287 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2288 :
2289 1 : spdm_context->connection_info.capability.flags |=
2290 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2291 1 : spdm_context->local_context.capability.flags |=
2292 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2293 1 : req_slot_id_param = 0;
2294 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2295 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2296 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2297 1 : assert_int_equal(
2298 : libspdm_secured_message_get_session_state(
2299 : spdm_context->session_info[0].secured_message_context),
2300 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2301 : } else {
2302 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2303 : }
2304 :
2305 1 : free(data);
2306 1 : }
2307 :
2308 : /**
2309 : * Test 10: receiving an unexpected ERROR message from the responder.
2310 : * There are tests for all named codes, including some reserved ones
2311 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
2312 : * However, for having specific test cases, it is excluded from this case:
2313 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
2314 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2315 : **/
2316 1 : static void req_finish_case10(void **state) {
2317 : libspdm_return_t status;
2318 : libspdm_test_context_t *spdm_test_context;
2319 : libspdm_context_t *spdm_context;
2320 : uint32_t session_id;
2321 : uint8_t req_slot_id_param;
2322 : void *data;
2323 : size_t data_size;
2324 : void *hash;
2325 : size_t hash_size;
2326 : libspdm_session_info_t *session_info;
2327 : uint16_t error_code;
2328 :
2329 1 : spdm_test_context = *state;
2330 1 : spdm_context = spdm_test_context->spdm_context;
2331 1 : spdm_test_context->case_id = 0xA;
2332 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2333 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2334 1 : spdm_context->connection_info.capability.flags |=
2335 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2336 1 : spdm_context->connection_info.capability.flags |=
2337 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2338 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2339 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2340 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2341 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2342 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2343 : m_libspdm_use_asym_algo,
2344 : &data, &data_size,
2345 : &hash, &hash_size);
2346 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2347 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2348 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2349 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2350 :
2351 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2352 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2353 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2354 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2355 : data, data_size);
2356 : #else
2357 1 : libspdm_hash_all(
2358 : spdm_context->connection_info.algorithm.base_hash_algo,
2359 : data, data_size,
2360 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2361 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2362 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2363 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2364 : spdm_context->connection_info.algorithm.base_hash_algo,
2365 : spdm_context->connection_info.algorithm.base_asym_algo,
2366 : data, data_size,
2367 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2368 : #endif
2369 :
2370 1 : session_id = 0xFFFFFFFF;
2371 1 : spdm_context->connection_info.capability.flags |=
2372 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2373 1 : spdm_context->local_context.capability.flags |=
2374 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2375 1 : req_slot_id_param = 0;
2376 :
2377 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
2378 19 : while(error_code <= 0xff) {
2379 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2380 18 : libspdm_reset_message_a(spdm_context);
2381 :
2382 18 : session_info = &spdm_context->session_info[0];
2383 18 : libspdm_session_info_init (spdm_context, session_info, session_id,
2384 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2385 18 : session_info->peer_used_cert_chain_slot_id = 0;
2386 18 : hash_size = libspdm_get_hash_size (m_libspdm_use_hash_algo);
2387 18 : libspdm_set_mem (m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2388 18 : libspdm_secured_message_set_response_finished_key (session_info->secured_message_context,
2389 : m_libspdm_dummy_buffer, hash_size);
2390 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
2391 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2392 :
2393 18 : status = libspdm_send_receive_finish (spdm_context, session_id, req_slot_id_param);
2394 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
2395 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
2396 : } else {
2397 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
2398 : }
2399 :
2400 18 : error_code++;
2401 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
2402 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
2403 : }
2404 : /* skip some reserved error codes (0d to 3e) */
2405 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
2406 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
2407 : }
2408 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
2409 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
2410 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
2411 : }
2412 : }
2413 :
2414 1 : free(data);
2415 1 : }
2416 :
2417 1 : static void req_finish_case11(void **state)
2418 : {
2419 : libspdm_return_t status;
2420 : libspdm_test_context_t *spdm_test_context;
2421 : libspdm_context_t *spdm_context;
2422 : uint32_t session_id;
2423 : uint8_t req_slot_id_param;
2424 : void *data;
2425 : size_t data_size;
2426 : void *hash;
2427 : size_t hash_size;
2428 : libspdm_session_info_t *session_info;
2429 :
2430 1 : spdm_test_context = *state;
2431 1 : spdm_context = spdm_test_context->spdm_context;
2432 1 : spdm_test_context->case_id = 0xB;
2433 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2434 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2435 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2436 1 : spdm_context->connection_info.capability.flags |=
2437 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2438 1 : spdm_context->connection_info.capability.flags |=
2439 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2440 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2441 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2442 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2443 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2444 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2445 : m_libspdm_use_asym_algo, &data,
2446 : &data_size, &hash, &hash_size)) {
2447 0 : assert(false);
2448 : }
2449 1 : libspdm_reset_message_a(spdm_context);
2450 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2451 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2452 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2453 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2454 :
2455 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2456 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2457 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2458 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2459 : data, data_size);
2460 : #else
2461 1 : libspdm_hash_all(
2462 : spdm_context->connection_info.algorithm.base_hash_algo,
2463 : data, data_size,
2464 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2465 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2466 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2467 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2468 : spdm_context->connection_info.algorithm.base_hash_algo,
2469 : spdm_context->connection_info.algorithm.base_asym_algo,
2470 : data, data_size,
2471 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2472 : #endif
2473 :
2474 1 : session_id = 0xFFFFFFFF;
2475 1 : session_info = &spdm_context->session_info[0];
2476 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2477 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2478 1 : session_info->peer_used_cert_chain_slot_id = 0;
2479 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2480 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2481 1 : libspdm_secured_message_set_response_finished_key(
2482 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2483 : hash_size);
2484 1 : libspdm_secured_message_set_session_state(
2485 : session_info->secured_message_context,
2486 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2487 :
2488 1 : spdm_context->connection_info.capability.flags |=
2489 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2490 1 : spdm_context->local_context.capability.flags |=
2491 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2492 1 : req_slot_id_param = 0;
2493 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2494 : session_info->session_transcript.message_m.buffer_size =
2495 : session_info->session_transcript.message_m.max_buffer_size;
2496 : spdm_context->transcript.message_b.buffer_size =
2497 : spdm_context->transcript.message_b.max_buffer_size;
2498 : spdm_context->transcript.message_c.buffer_size =
2499 : spdm_context->transcript.message_c.max_buffer_size;
2500 : spdm_context->transcript.message_mut_b.buffer_size =
2501 : spdm_context->transcript.message_mut_b.max_buffer_size;
2502 : spdm_context->transcript.message_mut_c.buffer_size =
2503 : spdm_context->transcript.message_mut_c.max_buffer_size;
2504 : #endif
2505 :
2506 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2507 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2508 1 : assert_int_equal(
2509 : libspdm_secured_message_get_session_state(
2510 : spdm_context->session_info[0].secured_message_context),
2511 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2512 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2513 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
2514 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
2515 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2516 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
2517 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
2518 : #endif
2519 1 : free(data);
2520 1 : }
2521 :
2522 : /**
2523 : * Test 12: requester is not setup correctly to support key exchange
2524 : * (no capabilities). The responder would attempt to return a correct
2525 : * FINISH_RSP message.
2526 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2527 : **/
2528 1 : static void req_finish_case12(void **state)
2529 : {
2530 : libspdm_return_t status;
2531 : libspdm_test_context_t *spdm_test_context;
2532 : libspdm_context_t *spdm_context;
2533 : uint32_t session_id;
2534 : uint8_t req_slot_id_param;
2535 : void *data;
2536 : size_t data_size;
2537 : void *hash;
2538 : size_t hash_size;
2539 : libspdm_session_info_t *session_info;
2540 :
2541 1 : spdm_test_context = *state;
2542 1 : spdm_context = spdm_test_context->spdm_context;
2543 1 : spdm_test_context->case_id = 0xC;
2544 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2545 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2546 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2547 1 : spdm_context->connection_info.capability.flags = 0;
2548 1 : spdm_context->connection_info.capability.flags |=
2549 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2550 1 : spdm_context->connection_info.capability.flags |=
2551 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2552 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2553 1 : spdm_context->local_context.capability.flags = 0;
2554 : /* no key exchange capabilities (requester)*/
2555 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2556 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2557 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2558 : m_libspdm_use_asym_algo, &data,
2559 : &data_size, &hash, &hash_size)) {
2560 0 : assert(false);
2561 : }
2562 1 : libspdm_reset_message_a(spdm_context);
2563 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2564 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2565 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2566 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2567 :
2568 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2569 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2570 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2571 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2572 : data, data_size);
2573 : #else
2574 1 : libspdm_hash_all(
2575 : spdm_context->connection_info.algorithm.base_hash_algo,
2576 : data, data_size,
2577 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2578 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2579 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2580 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2581 : spdm_context->connection_info.algorithm.base_hash_algo,
2582 : spdm_context->connection_info.algorithm.base_asym_algo,
2583 : data, data_size,
2584 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2585 : #endif
2586 :
2587 1 : session_id = 0xFFFFFFFF;
2588 1 : session_info = &spdm_context->session_info[0];
2589 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2590 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2591 1 : session_info->peer_used_cert_chain_slot_id = 0;
2592 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2593 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2594 1 : libspdm_secured_message_set_response_finished_key(
2595 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2596 : hash_size);
2597 1 : libspdm_secured_message_set_session_state(
2598 : session_info->secured_message_context,
2599 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2600 :
2601 1 : spdm_context->connection_info.capability.flags |=
2602 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2603 1 : spdm_context->local_context.capability.flags |=
2604 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2605 1 : req_slot_id_param = 0;
2606 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2607 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2608 1 : free(data);
2609 1 : }
2610 :
2611 : /**
2612 : * Test 13: requester is not setup correctly to accept key exchange and
2613 : * finish at this point (at least NEGOTIATE_ALGORITHMS is required, if
2614 : * the public key was provisioned before the key exchange). The
2615 : * responder would attempt to return a correct FINISH_RSP message.
2616 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2617 : **/
2618 1 : static void req_finish_case13(void **state)
2619 : {
2620 : libspdm_return_t status;
2621 : libspdm_test_context_t *spdm_test_context;
2622 : libspdm_context_t *spdm_context;
2623 : uint32_t session_id;
2624 : uint8_t req_slot_id_param;
2625 : void *data;
2626 : size_t data_size;
2627 : void *hash;
2628 : size_t hash_size;
2629 : libspdm_session_info_t *session_info;
2630 :
2631 1 : spdm_test_context = *state;
2632 1 : spdm_context = spdm_test_context->spdm_context;
2633 1 : spdm_test_context->case_id = 0xD;
2634 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2635 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2636 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_CAPABILITIES;
2637 1 : spdm_context->connection_info.capability.flags |=
2638 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2639 1 : spdm_context->connection_info.capability.flags |=
2640 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2641 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2642 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2643 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2644 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2645 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2646 : m_libspdm_use_asym_algo, &data,
2647 : &data_size, &hash, &hash_size)) {
2648 0 : assert(false);
2649 : }
2650 1 : libspdm_reset_message_a(spdm_context);
2651 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2652 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2653 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2654 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2655 :
2656 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2657 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2658 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2659 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2660 : data, data_size);
2661 : #else
2662 1 : libspdm_hash_all(
2663 : spdm_context->connection_info.algorithm.base_hash_algo,
2664 : data, data_size,
2665 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2666 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2667 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2668 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2669 : spdm_context->connection_info.algorithm.base_hash_algo,
2670 : spdm_context->connection_info.algorithm.base_asym_algo,
2671 : data, data_size,
2672 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2673 : #endif
2674 :
2675 1 : session_id = 0xFFFFFFFF;
2676 1 : session_info = &spdm_context->session_info[0];
2677 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2678 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2679 1 : session_info->peer_used_cert_chain_slot_id = 0;
2680 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2681 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2682 1 : libspdm_secured_message_set_response_finished_key(
2683 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2684 : hash_size);
2685 1 : libspdm_secured_message_set_session_state(
2686 : session_info->secured_message_context,
2687 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2688 :
2689 1 : spdm_context->connection_info.capability.flags |=
2690 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2691 1 : spdm_context->local_context.capability.flags |=
2692 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2693 1 : req_slot_id_param = 0;
2694 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2695 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2696 1 : free(data);
2697 1 : }
2698 :
2699 : /**
2700 : * Test 14: receiving an incorrect FINISH_RSP message, with wrong response
2701 : * code, but all other field correct.
2702 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
2703 : **/
2704 1 : static void req_finish_case14(void **state)
2705 : {
2706 : libspdm_return_t status;
2707 : libspdm_test_context_t *spdm_test_context;
2708 : libspdm_context_t *spdm_context;
2709 : uint32_t session_id;
2710 : uint8_t req_slot_id_param;
2711 : void *data;
2712 : size_t data_size;
2713 : void *hash;
2714 : size_t hash_size;
2715 : libspdm_session_info_t *session_info;
2716 :
2717 1 : spdm_test_context = *state;
2718 1 : spdm_context = spdm_test_context->spdm_context;
2719 1 : spdm_test_context->case_id = 0xE;
2720 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2721 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2722 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2723 1 : spdm_context->connection_info.capability.flags |=
2724 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2725 1 : spdm_context->connection_info.capability.flags |=
2726 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2727 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2728 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2729 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2730 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2731 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2732 : m_libspdm_use_asym_algo, &data,
2733 : &data_size, &hash, &hash_size)) {
2734 0 : assert(false);
2735 : }
2736 1 : libspdm_reset_message_a(spdm_context);
2737 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2738 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2739 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2740 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2741 :
2742 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2743 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2744 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2745 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2746 : data, data_size);
2747 : #else
2748 1 : libspdm_hash_all(
2749 : spdm_context->connection_info.algorithm.base_hash_algo,
2750 : data, data_size,
2751 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2752 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2753 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2754 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2755 : spdm_context->connection_info.algorithm.base_hash_algo,
2756 : spdm_context->connection_info.algorithm.base_asym_algo,
2757 : data, data_size,
2758 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2759 : #endif
2760 :
2761 1 : session_id = 0xFFFFFFFF;
2762 1 : session_info = &spdm_context->session_info[0];
2763 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2764 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2765 1 : session_info->peer_used_cert_chain_slot_id = 0;
2766 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2767 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2768 1 : libspdm_secured_message_set_response_finished_key(
2769 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2770 : hash_size);
2771 1 : libspdm_secured_message_set_session_state(
2772 : session_info->secured_message_context,
2773 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2774 :
2775 1 : spdm_context->connection_info.capability.flags |=
2776 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2777 1 : spdm_context->local_context.capability.flags |=
2778 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2779 1 : req_slot_id_param = 0;
2780 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2781 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2782 1 : free(data);
2783 1 : }
2784 :
2785 : /**
2786 : * Test 15: requester is not setup correctly by not initializing a
2787 : * session during KEY_EXCHANGE. The responder would attempt to
2788 : * return a correct FINISH_RSP message.
2789 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2790 : **/
2791 1 : static void req_finish_case15(void **state)
2792 : {
2793 : libspdm_return_t status;
2794 : libspdm_test_context_t *spdm_test_context;
2795 : libspdm_context_t *spdm_context;
2796 : uint32_t session_id;
2797 : uint8_t req_slot_id_param;
2798 : void *data;
2799 : size_t data_size;
2800 : void *hash;
2801 : size_t hash_size;
2802 : libspdm_session_info_t *session_info;
2803 :
2804 1 : spdm_test_context = *state;
2805 1 : spdm_context = spdm_test_context->spdm_context;
2806 1 : spdm_test_context->case_id = 0xF;
2807 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2808 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2809 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2810 1 : spdm_context->connection_info.capability.flags |=
2811 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2812 1 : spdm_context->connection_info.capability.flags |=
2813 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2814 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2815 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2816 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2817 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2818 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2819 : m_libspdm_use_asym_algo, &data,
2820 : &data_size, &hash, &hash_size)) {
2821 0 : assert(false);
2822 : }
2823 1 : libspdm_reset_message_a(spdm_context);
2824 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2825 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2826 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2827 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2828 :
2829 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2830 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2831 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2832 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2833 : data, data_size);
2834 : #else
2835 1 : libspdm_hash_all(
2836 : spdm_context->connection_info.algorithm.base_hash_algo,
2837 : data, data_size,
2838 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2839 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2840 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2841 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2842 : spdm_context->connection_info.algorithm.base_hash_algo,
2843 : spdm_context->connection_info.algorithm.base_asym_algo,
2844 : data, data_size,
2845 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2846 : #endif
2847 :
2848 1 : session_id = 0xFFFFFFFF;
2849 1 : session_info = &spdm_context->session_info[0];
2850 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2851 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2852 1 : session_info->peer_used_cert_chain_slot_id = 0;
2853 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2854 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2855 1 : libspdm_secured_message_set_response_finished_key(
2856 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2857 : hash_size);
2858 1 : libspdm_secured_message_set_session_state(
2859 : session_info->secured_message_context,
2860 : LIBSPDM_SESSION_STATE_NOT_STARTED);
2861 :
2862 1 : spdm_context->connection_info.capability.flags |=
2863 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2864 1 : spdm_context->local_context.capability.flags |=
2865 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2866 1 : req_slot_id_param = 0;
2867 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2868 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2869 1 : free(data);
2870 1 : }
2871 :
2872 : /**
2873 : * Test 16: receiving a correct FINISH_RSP message with a correct MAC,
2874 : * mutual authentication and 'handshake in the clear'.
2875 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
2876 : * session is established.
2877 : **/
2878 1 : static void req_finish_case16(void **state)
2879 : {
2880 : libspdm_return_t status;
2881 : libspdm_test_context_t *spdm_test_context;
2882 : libspdm_context_t *spdm_context;
2883 : uint32_t session_id;
2884 : uint8_t req_slot_id_param;
2885 : void *data;
2886 : size_t data_size;
2887 : void *hash;
2888 : size_t hash_size;
2889 : libspdm_session_info_t *session_info;
2890 :
2891 1 : spdm_test_context = *state;
2892 1 : spdm_context = spdm_test_context->spdm_context;
2893 1 : spdm_test_context->case_id = 0x10;
2894 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2895 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2896 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2897 1 : spdm_context->connection_info.capability.flags |=
2898 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2899 1 : spdm_context->connection_info.capability.flags |=
2900 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2901 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2902 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2903 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2904 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2905 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2906 : m_libspdm_use_asym_algo, &data,
2907 : &data_size, &hash, &hash_size)) {
2908 0 : assert(false);
2909 : }
2910 1 : libspdm_reset_message_a(spdm_context);
2911 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2912 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2913 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
2914 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2915 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2916 :
2917 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2918 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2919 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2920 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2921 : data, data_size);
2922 : #else
2923 1 : libspdm_hash_all(
2924 : spdm_context->connection_info.algorithm.base_hash_algo,
2925 : data, data_size,
2926 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2927 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2928 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2929 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2930 : spdm_context->connection_info.algorithm.base_hash_algo,
2931 : spdm_context->connection_info.algorithm.base_asym_algo,
2932 : data, data_size,
2933 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2934 : #endif
2935 :
2936 1 : req_slot_id_param = 0;
2937 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
2938 : m_libspdm_use_req_asym_algo, &data,
2939 : &data_size, &hash, &hash_size)) {
2940 0 : return;
2941 : }
2942 : spdm_context->local_context.
2943 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
2944 : spdm_context->local_context.
2945 1 : local_cert_chain_provision[req_slot_id_param] = data;
2946 :
2947 1 : session_id = 0xFFFFFFFF;
2948 1 : session_info = &spdm_context->session_info[0];
2949 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2950 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2951 1 : session_info->peer_used_cert_chain_slot_id = 0;
2952 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2953 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2954 1 : libspdm_secured_message_set_response_finished_key(
2955 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2956 : hash_size);
2957 1 : libspdm_secured_message_set_session_state(
2958 : session_info->secured_message_context,
2959 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2960 1 : session_info->mut_auth_requested = 1;
2961 :
2962 1 : spdm_context->connection_info.capability.flags |=
2963 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2964 1 : spdm_context->local_context.capability.flags |=
2965 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2966 :
2967 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2968 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2969 1 : assert_int_equal(
2970 : libspdm_secured_message_get_session_state(
2971 : spdm_context->session_info[0].secured_message_context),
2972 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2973 1 : free(data);
2974 : }
2975 :
2976 : /**
2977 : * Test 17: receiving a FINISH_RSP message with an incorrect MAC
2978 : * (all-zero), mutual authentication, and 'handshake in the clear'.
2979 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
2980 : **/
2981 1 : static void req_finish_case17(void **state)
2982 : {
2983 : libspdm_return_t status;
2984 : libspdm_test_context_t *spdm_test_context;
2985 : libspdm_context_t *spdm_context;
2986 : uint32_t session_id;
2987 : uint8_t req_slot_id_param;
2988 : void *data;
2989 : size_t data_size;
2990 : void *hash;
2991 : size_t hash_size;
2992 : libspdm_session_info_t *session_info;
2993 :
2994 1 : spdm_test_context = *state;
2995 1 : spdm_context = spdm_test_context->spdm_context;
2996 1 : spdm_test_context->case_id = 0x11;
2997 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2998 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2999 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3000 1 : spdm_context->connection_info.capability.flags |=
3001 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3002 1 : spdm_context->connection_info.capability.flags |=
3003 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3004 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3005 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3006 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3007 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3008 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3009 : m_libspdm_use_asym_algo, &data,
3010 : &data_size, &hash, &hash_size)) {
3011 0 : assert(false);
3012 : }
3013 1 : libspdm_reset_message_a(spdm_context);
3014 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3015 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3016 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3017 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3018 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3019 :
3020 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3021 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3022 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3023 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3024 : data, data_size);
3025 : #else
3026 1 : libspdm_hash_all(
3027 : spdm_context->connection_info.algorithm.base_hash_algo,
3028 : data, data_size,
3029 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3030 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3031 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3032 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3033 : spdm_context->connection_info.algorithm.base_hash_algo,
3034 : spdm_context->connection_info.algorithm.base_asym_algo,
3035 : data, data_size,
3036 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3037 : #endif
3038 :
3039 1 : req_slot_id_param = 0;
3040 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3041 : m_libspdm_use_req_asym_algo, &data,
3042 : &data_size, &hash, &hash_size)) {
3043 0 : return;
3044 : }
3045 : spdm_context->local_context.
3046 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3047 : spdm_context->local_context.
3048 1 : local_cert_chain_provision[req_slot_id_param] = data;
3049 :
3050 1 : session_id = 0xFFFFFFFF;
3051 1 : session_info = &spdm_context->session_info[0];
3052 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3053 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3054 1 : session_info->peer_used_cert_chain_slot_id = 0;
3055 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3056 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3057 1 : libspdm_secured_message_set_response_finished_key(
3058 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3059 : hash_size);
3060 1 : libspdm_secured_message_set_session_state(
3061 : session_info->secured_message_context,
3062 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3063 1 : session_info->mut_auth_requested = 1;
3064 :
3065 1 : spdm_context->connection_info.capability.flags |=
3066 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3067 1 : spdm_context->local_context.capability.flags |=
3068 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3069 :
3070 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3071 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3072 1 : free(data);
3073 : }
3074 :
3075 : /**
3076 : * Test 18: receiving a FINISH_RSP message with an incorrect MAC
3077 : * (arbitrary), mutual authentication, and 'handshake in the clear'.
3078 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
3079 : **/
3080 1 : static void req_finish_case18(void **state)
3081 : {
3082 : libspdm_return_t status;
3083 : libspdm_test_context_t *spdm_test_context;
3084 : libspdm_context_t *spdm_context;
3085 : uint32_t session_id;
3086 : uint8_t req_slot_id_param;
3087 : void *data;
3088 : size_t data_size;
3089 : void *hash;
3090 : size_t hash_size;
3091 : libspdm_session_info_t *session_info;
3092 :
3093 1 : spdm_test_context = *state;
3094 1 : spdm_context = spdm_test_context->spdm_context;
3095 1 : spdm_test_context->case_id = 0x12;
3096 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3097 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3098 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3099 1 : spdm_context->connection_info.capability.flags |=
3100 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3101 1 : spdm_context->connection_info.capability.flags |=
3102 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3103 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3104 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3105 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3106 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3107 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3108 : m_libspdm_use_asym_algo, &data,
3109 : &data_size, &hash, &hash_size)) {
3110 0 : assert(false);
3111 : }
3112 1 : libspdm_reset_message_a(spdm_context);
3113 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3114 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3115 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3116 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3117 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3118 :
3119 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3120 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3121 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3122 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3123 : data, data_size);
3124 : #else
3125 1 : libspdm_hash_all(
3126 : spdm_context->connection_info.algorithm.base_hash_algo,
3127 : data, data_size,
3128 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3129 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3130 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3131 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3132 : spdm_context->connection_info.algorithm.base_hash_algo,
3133 : spdm_context->connection_info.algorithm.base_asym_algo,
3134 : data, data_size,
3135 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3136 : #endif
3137 :
3138 1 : req_slot_id_param = 0;
3139 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3140 : m_libspdm_use_req_asym_algo, &data,
3141 : &data_size, &hash, &hash_size)) {
3142 0 : return;
3143 : }
3144 : spdm_context->local_context.
3145 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3146 : spdm_context->local_context.
3147 1 : local_cert_chain_provision[req_slot_id_param] = data;
3148 :
3149 1 : session_id = 0xFFFFFFFF;
3150 1 : session_info = &spdm_context->session_info[0];
3151 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3152 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3153 1 : session_info->peer_used_cert_chain_slot_id = 0;
3154 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3155 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3156 1 : libspdm_secured_message_set_response_finished_key(
3157 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3158 : hash_size);
3159 1 : libspdm_secured_message_set_session_state(
3160 : session_info->secured_message_context,
3161 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3162 1 : session_info->mut_auth_requested = 1;
3163 :
3164 1 : spdm_context->connection_info.capability.flags |=
3165 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3166 1 : spdm_context->local_context.capability.flags |=
3167 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3168 :
3169 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3170 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3171 1 : free(data);
3172 : }
3173 :
3174 : /**
3175 : * Test 19:
3176 : * Expected behavior:
3177 : **/
3178 1 : static void req_finish_case19(void **state)
3179 : {
3180 1 : }
3181 :
3182 : /**
3183 : * Test 20: receiving a FINISH_RSP message an incorrect MAC size (only the
3184 : * correct first half of the MAC), mutual authentication, and 'handshake
3185 : * in the clear'.
3186 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
3187 : **/
3188 1 : static void req_finish_case20(void **state)
3189 : {
3190 : libspdm_return_t status;
3191 : libspdm_test_context_t *spdm_test_context;
3192 : libspdm_context_t *spdm_context;
3193 : uint32_t session_id;
3194 : uint8_t req_slot_id_param;
3195 : void *data;
3196 : size_t data_size;
3197 : void *hash;
3198 : size_t hash_size;
3199 : libspdm_session_info_t *session_info;
3200 :
3201 1 : spdm_test_context = *state;
3202 1 : spdm_context = spdm_test_context->spdm_context;
3203 1 : spdm_test_context->case_id = 0x14;
3204 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3205 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3206 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3207 1 : spdm_context->connection_info.capability.flags |=
3208 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3209 1 : spdm_context->connection_info.capability.flags |=
3210 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3211 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3212 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3213 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3214 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3215 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3216 : m_libspdm_use_asym_algo, &data,
3217 : &data_size, &hash, &hash_size)) {
3218 0 : assert(false);
3219 : }
3220 1 : libspdm_reset_message_a(spdm_context);
3221 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3222 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3223 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3224 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3225 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3226 :
3227 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3228 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3229 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3230 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3231 : data, data_size);
3232 : #else
3233 1 : libspdm_hash_all(
3234 : spdm_context->connection_info.algorithm.base_hash_algo,
3235 : data, data_size,
3236 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3237 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3238 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3239 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3240 : spdm_context->connection_info.algorithm.base_hash_algo,
3241 : spdm_context->connection_info.algorithm.base_asym_algo,
3242 : data, data_size,
3243 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3244 : #endif
3245 :
3246 1 : req_slot_id_param = 0;
3247 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3248 : m_libspdm_use_req_asym_algo, &data,
3249 : &data_size, &hash, &hash_size)) {
3250 0 : return;
3251 : }
3252 : spdm_context->local_context.
3253 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3254 : spdm_context->local_context.
3255 1 : local_cert_chain_provision[req_slot_id_param] = data;
3256 :
3257 1 : session_id = 0xFFFFFFFF;
3258 1 : session_info = &spdm_context->session_info[0];
3259 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3260 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3261 1 : session_info->peer_used_cert_chain_slot_id = 0;
3262 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3263 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3264 1 : libspdm_secured_message_set_response_finished_key(
3265 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3266 : hash_size);
3267 1 : libspdm_secured_message_set_session_state(
3268 : session_info->secured_message_context,
3269 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3270 1 : session_info->mut_auth_requested = 1;
3271 :
3272 1 : spdm_context->connection_info.capability.flags |=
3273 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3274 1 : spdm_context->local_context.capability.flags |=
3275 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3276 :
3277 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3278 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
3279 1 : free(data);
3280 : }
3281 :
3282 : /**
3283 : * Test 21: the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
3284 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
3285 : **/
3286 1 : static void req_finish_case21(void **state)
3287 : {
3288 : libspdm_return_t status;
3289 : libspdm_test_context_t *spdm_test_context;
3290 : libspdm_context_t *spdm_context;
3291 : uint32_t session_id;
3292 : uint8_t req_slot_id_param;
3293 : void *data;
3294 : size_t data_size;
3295 : void *hash;
3296 : size_t hash_size;
3297 : libspdm_session_info_t *session_info;
3298 :
3299 1 : spdm_test_context = *state;
3300 1 : spdm_context = spdm_test_context->spdm_context;
3301 1 : spdm_test_context->case_id = 0x15;
3302 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3303 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3304 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3305 1 : spdm_context->connection_info.capability.flags |=
3306 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3307 1 : spdm_context->connection_info.capability.flags |=
3308 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3309 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3310 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3311 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3312 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3313 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3314 : m_libspdm_use_asym_algo, &data,
3315 : &data_size, &hash, &hash_size)) {
3316 0 : assert(false);
3317 : }
3318 1 : libspdm_reset_message_a(spdm_context);
3319 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3320 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3321 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3322 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3323 :
3324 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3325 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3326 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3327 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3328 : data, data_size);
3329 : #else
3330 1 : libspdm_hash_all(
3331 : spdm_context->connection_info.algorithm.base_hash_algo,
3332 : data, data_size,
3333 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3334 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3335 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3336 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3337 : spdm_context->connection_info.algorithm.base_hash_algo,
3338 : spdm_context->connection_info.algorithm.base_asym_algo,
3339 : data, data_size,
3340 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3341 : #endif
3342 :
3343 1 : session_id = 0xFFFFFFFF;
3344 1 : session_info = &spdm_context->session_info[0];
3345 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3346 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3347 1 : session_info->peer_used_cert_chain_slot_id = 0;
3348 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3349 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3350 1 : libspdm_secured_message_set_response_finished_key(
3351 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3352 : hash_size);
3353 1 : libspdm_secured_message_set_session_state(
3354 : session_info->secured_message_context,
3355 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3356 :
3357 1 : spdm_context->connection_info.capability.flags |=
3358 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3359 1 : spdm_context->local_context.capability.flags |=
3360 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3361 1 : req_slot_id_param = 0;
3362 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3363 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
3364 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
3365 1 : free(data);
3366 1 : }
3367 :
3368 : /**
3369 : * Test 22: a FINISH request message is successfully sent and a FINISH_RSP response message is
3370 : * successfully received.
3371 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a FINISH_RSP message is
3372 : * received, buffer F appends the exchanged FINISH and FINISH_RSP
3373 : **/
3374 1 : static void req_finish_case22(void **state)
3375 : {
3376 : libspdm_return_t status;
3377 : libspdm_test_context_t *spdm_test_context;
3378 : libspdm_context_t *spdm_context;
3379 : uint32_t session_id;
3380 : uint8_t req_slot_id_param;
3381 : void *data;
3382 : size_t data_size;
3383 : void *hash;
3384 : size_t hash_size;
3385 : libspdm_session_info_t *session_info;
3386 :
3387 1 : spdm_test_context = *state;
3388 1 : spdm_context = spdm_test_context->spdm_context;
3389 1 : spdm_test_context->case_id = 0x16;
3390 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3391 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3392 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3393 1 : spdm_context->connection_info.capability.flags |=
3394 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3395 1 : spdm_context->connection_info.capability.flags |=
3396 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3397 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3398 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3399 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3400 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3401 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3402 : m_libspdm_use_asym_algo, &data,
3403 : &data_size, &hash, &hash_size)) {
3404 0 : assert(false);
3405 : }
3406 1 : libspdm_reset_message_a(spdm_context);
3407 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3408 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3409 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3410 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3411 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3412 :
3413 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3414 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3415 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3416 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3417 : data, data_size);
3418 : #else
3419 1 : libspdm_hash_all(
3420 : spdm_context->connection_info.algorithm.base_hash_algo,
3421 : data, data_size,
3422 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3423 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3424 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3425 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3426 : spdm_context->connection_info.algorithm.base_hash_algo,
3427 : spdm_context->connection_info.algorithm.base_asym_algo,
3428 : data, data_size,
3429 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3430 : #endif
3431 :
3432 1 : req_slot_id_param = 0;
3433 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3434 : m_libspdm_use_req_asym_algo, &data,
3435 : &data_size, &hash, &hash_size)) {
3436 0 : return;
3437 : }
3438 : spdm_context->local_context.
3439 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3440 : spdm_context->local_context.
3441 1 : local_cert_chain_provision[req_slot_id_param] = data;
3442 :
3443 1 : session_id = 0xFFFFFFFF;
3444 1 : session_info = &spdm_context->session_info[0];
3445 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3446 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3447 1 : session_info->peer_used_cert_chain_slot_id = 0;
3448 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3449 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3450 1 : libspdm_secured_message_set_response_finished_key(
3451 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3452 : hash_size);
3453 1 : libspdm_secured_message_set_session_state(
3454 : session_info->secured_message_context,
3455 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3456 1 : session_info->mut_auth_requested = 1;
3457 :
3458 1 : spdm_context->connection_info.capability.flags |=
3459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3460 1 : spdm_context->local_context.capability.flags |=
3461 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3462 :
3463 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3464 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3465 1 : assert_int_equal(
3466 : libspdm_secured_message_get_session_state(
3467 : spdm_context->session_info[0].secured_message_context),
3468 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3469 :
3470 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3471 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
3472 : m_libspdm_local_buffer_size);
3473 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3474 : m_libspdm_local_buffer_size));
3475 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3476 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
3477 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3478 : #endif
3479 1 : free(data);
3480 : }
3481 :
3482 : /**
3483 : * Test 23: receiving a correct FINISH_RSP message using slot_id 0xFF
3484 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3485 : * session is established.
3486 : **/
3487 1 : static void req_finish_case23(void **state)
3488 : {
3489 : libspdm_return_t status;
3490 : libspdm_test_context_t *spdm_test_context;
3491 : libspdm_context_t *spdm_context;
3492 : uint32_t session_id;
3493 : uint8_t req_slot_id_param;
3494 : void *data;
3495 : size_t data_size;
3496 : size_t hash_size;
3497 : libspdm_session_info_t *session_info;
3498 : libspdm_secured_message_context_t *secured_message_context;
3499 :
3500 1 : spdm_test_context = *state;
3501 1 : spdm_context = spdm_test_context->spdm_context;
3502 1 : spdm_test_context->case_id = 0x17;
3503 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3504 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3505 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3506 1 : spdm_context->connection_info.capability.flags |=
3507 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3508 1 : spdm_context->connection_info.capability.flags |=
3509 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3510 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3511 1 : spdm_context->connection_info.capability.flags |=
3512 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3513 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3514 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3515 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3516 1 : spdm_context->local_context.capability.flags |=
3517 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
3518 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
3519 0 : return;
3520 : }
3521 1 : spdm_context->local_context.peer_public_key_provision = data;
3522 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3523 :
3524 1 : libspdm_reset_message_a(spdm_context);
3525 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3526 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3527 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3528 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3529 :
3530 1 : session_id = 0xFFFFFFFF;
3531 1 : session_info = &spdm_context->session_info[0];
3532 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3533 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3534 1 : session_info->peer_used_cert_chain_slot_id = 0xFF;
3535 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3536 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3537 1 : libspdm_secured_message_set_response_finished_key(
3538 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3539 : hash_size);
3540 1 : libspdm_secured_message_set_session_state(
3541 : session_info->secured_message_context,
3542 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3543 :
3544 1 : spdm_context->connection_info.capability.flags |=
3545 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3546 1 : spdm_context->local_context.capability.flags |=
3547 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3548 1 : req_slot_id_param = 0;
3549 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3550 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3551 1 : assert_int_equal(
3552 : libspdm_secured_message_get_session_state(
3553 : spdm_context->session_info[0].secured_message_context),
3554 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3555 :
3556 1 : secured_message_context = session_info->secured_message_context;
3557 :
3558 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3559 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3560 1 : free(data);
3561 : }
3562 :
3563 : /**
3564 : * Test 24: Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.
3565 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3566 : * session is established.
3567 : **/
3568 1 : static void req_finish_case24(void **state)
3569 : {
3570 : libspdm_return_t status;
3571 : libspdm_test_context_t *spdm_test_context;
3572 : libspdm_context_t *spdm_context;
3573 : uint32_t session_id;
3574 : uint8_t req_slot_id_param;
3575 : void *data;
3576 : size_t data_size;
3577 : void *hash;
3578 : size_t hash_size;
3579 : libspdm_session_info_t *session_info;
3580 : libspdm_secured_message_context_t *secured_message_context;
3581 :
3582 1 : spdm_test_context = *state;
3583 1 : spdm_context = spdm_test_context->spdm_context;
3584 1 : spdm_test_context->case_id = 0x18;
3585 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3586 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3587 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3588 1 : spdm_context->connection_info.capability.flags |=
3589 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3590 1 : spdm_context->connection_info.capability.flags |=
3591 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3592 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3593 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3594 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3595 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3596 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3597 : m_libspdm_use_asym_algo, &data,
3598 : &data_size, &hash, &hash_size)) {
3599 0 : assert(false);
3600 : }
3601 1 : libspdm_reset_message_a(spdm_context);
3602 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3603 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3604 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3605 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3606 :
3607 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3608 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3609 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3610 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3611 : data, data_size);
3612 : #else
3613 1 : libspdm_hash_all(
3614 : m_libspdm_use_hash_algo,
3615 : data, data_size,
3616 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3617 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3618 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
3619 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3620 : m_libspdm_use_hash_algo,
3621 : spdm_context->connection_info.algorithm.base_asym_algo,
3622 : data, data_size,
3623 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3624 : #endif
3625 :
3626 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
3627 1 : spdm_context->connection_info.capability.flags &=
3628 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3629 1 : spdm_context->local_context.capability.flags &=
3630 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3631 :
3632 1 : session_id = 0xFFFFFFFF;
3633 1 : session_info = &spdm_context->session_info[0];
3634 1 : spdm_context->last_spdm_request_session_id_valid = true;
3635 1 : spdm_context->last_spdm_request_session_id = session_id;
3636 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3637 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3638 1 : session_info->peer_used_cert_chain_slot_id = 0;
3639 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3640 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3641 1 : libspdm_secured_message_set_response_finished_key(
3642 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3643 : hash_size);
3644 1 : libspdm_secured_message_set_session_state(
3645 : session_info->secured_message_context,
3646 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3647 :
3648 1 : req_slot_id_param = 0;
3649 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3650 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3651 1 : assert_int_equal(
3652 : libspdm_secured_message_get_session_state(
3653 : spdm_context->session_info[0].secured_message_context),
3654 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3655 :
3656 1 : secured_message_context = session_info->secured_message_context;
3657 :
3658 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3659 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3660 1 : free(data);
3661 1 : }
3662 :
3663 : /**
3664 : * Test 25: SPDM version 1.4, with OpaqueData
3665 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3666 : * session is established.
3667 : **/
3668 1 : static void req_finish_case25(void **state)
3669 : {
3670 : libspdm_return_t status;
3671 : libspdm_test_context_t *spdm_test_context;
3672 : libspdm_context_t *spdm_context;
3673 : uint32_t session_id;
3674 : uint8_t req_slot_id_param;
3675 : void *data;
3676 : size_t data_size;
3677 : void *hash;
3678 : size_t hash_size;
3679 : libspdm_session_info_t *session_info;
3680 : libspdm_secured_message_context_t *secured_message_context;
3681 :
3682 1 : spdm_test_context = *state;
3683 1 : spdm_context = spdm_test_context->spdm_context;
3684 1 : spdm_test_context->case_id = 0x19;
3685 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
3686 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3687 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3688 1 : spdm_context->connection_info.capability.flags |=
3689 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3690 1 : spdm_context->connection_info.capability.flags |=
3691 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3692 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3693 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3694 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3695 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3696 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3697 : m_libspdm_use_asym_algo, &data,
3698 : &data_size, &hash, &hash_size)) {
3699 0 : assert(false);
3700 : }
3701 1 : libspdm_reset_message_a(spdm_context);
3702 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3703 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3704 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3705 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3706 :
3707 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3708 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3709 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3710 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3711 : data, data_size);
3712 : #else
3713 1 : libspdm_hash_all(
3714 : m_libspdm_use_hash_algo,
3715 : data, data_size,
3716 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3717 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3718 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
3719 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3720 : m_libspdm_use_hash_algo,
3721 : spdm_context->connection_info.algorithm.base_asym_algo,
3722 : data, data_size,
3723 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3724 : #endif
3725 :
3726 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
3727 1 : spdm_context->connection_info.capability.flags &=
3728 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3729 1 : spdm_context->local_context.capability.flags &=
3730 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3731 :
3732 1 : session_id = 0xFFFFFFFF;
3733 1 : session_info = &spdm_context->session_info[0];
3734 1 : spdm_context->last_spdm_request_session_id_valid = true;
3735 1 : spdm_context->last_spdm_request_session_id = session_id;
3736 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3737 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3738 1 : session_info->peer_used_cert_chain_slot_id = 0;
3739 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3740 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3741 1 : libspdm_secured_message_set_response_finished_key(
3742 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3743 : hash_size);
3744 1 : libspdm_secured_message_set_session_state(
3745 : session_info->secured_message_context,
3746 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3747 :
3748 1 : req_slot_id_param = 0;
3749 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3750 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3751 1 : assert_int_equal(
3752 : libspdm_secured_message_get_session_state(
3753 : spdm_context->session_info[0].secured_message_context),
3754 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3755 :
3756 1 : secured_message_context = session_info->secured_message_context;
3757 :
3758 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3759 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3760 1 : free(data);
3761 1 : }
3762 :
3763 1 : int libspdm_req_finish_test(void)
3764 : {
3765 1 : const struct CMUnitTest test_cases[] = {
3766 : /* SendRequest failed*/
3767 : cmocka_unit_test(req_finish_case1),
3768 : /* Successful response*/
3769 : cmocka_unit_test(req_finish_case2),
3770 : /* connection_state check failed*/
3771 : cmocka_unit_test(req_finish_case3),
3772 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3773 : cmocka_unit_test(req_finish_case4),
3774 : /* Always SPDM_ERROR_CODE_BUSY*/
3775 : cmocka_unit_test(req_finish_case5),
3776 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3777 : cmocka_unit_test(req_finish_case6),
3778 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3779 : cmocka_unit_test(req_finish_case7),
3780 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3781 : cmocka_unit_test(req_finish_case8),
3782 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3783 : cmocka_unit_test(req_finish_case9),
3784 : /* Unexpected errors*/
3785 : cmocka_unit_test(req_finish_case10),
3786 : /* Buffer reset*/
3787 : cmocka_unit_test(req_finish_case11),
3788 : /* No correct setup*/
3789 : cmocka_unit_test(req_finish_case12),
3790 : cmocka_unit_test(req_finish_case13),
3791 : cmocka_unit_test(req_finish_case14),
3792 : cmocka_unit_test(req_finish_case15),
3793 : /* Successful response*/
3794 : cmocka_unit_test(req_finish_case16),
3795 : /* Response with invalid MAC*/
3796 : cmocka_unit_test(req_finish_case17),
3797 : cmocka_unit_test(req_finish_case18),
3798 : /* Can be populated with new test.*/
3799 : cmocka_unit_test(req_finish_case19),
3800 : cmocka_unit_test(req_finish_case20),
3801 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
3802 : cmocka_unit_test(req_finish_case21),
3803 : /* Buffer verification*/
3804 : cmocka_unit_test(req_finish_case22),
3805 : /* Successful response using provisioned public key (slot_id 0xFF) */
3806 : cmocka_unit_test(req_finish_case23),
3807 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.*/
3808 : cmocka_unit_test(req_finish_case24),
3809 : /* SPDM 1.4 with OpaqueData */
3810 : cmocka_unit_test(req_finish_case25),
3811 : };
3812 :
3813 1 : libspdm_test_context_t test_context = {
3814 : LIBSPDM_TEST_CONTEXT_VERSION,
3815 : true,
3816 : send_message,
3817 : receive_message,
3818 : };
3819 :
3820 1 : libspdm_setup_test_context(&test_context);
3821 :
3822 1 : return cmocka_run_group_tests(test_cases,
3823 : libspdm_unit_test_group_setup,
3824 : libspdm_unit_test_group_teardown);
3825 : }
3826 :
3827 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
