Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : static size_t m_libspdm_local_buffer_size;
14 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
15 :
16 : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
17 : static const uint8_t m_libspdm_zero_buffer[LIBSPDM_MAX_HASH_SIZE] = {0};
18 :
19 : static libspdm_th_managed_buffer_t th_curr;
20 :
21 41 : void libspdm_secured_message_set_response_finished_key(
22 : void *spdm_secured_message_context, const void *key, size_t key_size)
23 : {
24 : libspdm_secured_message_context_t *secured_message_context;
25 :
26 41 : secured_message_context = spdm_secured_message_context;
27 41 : LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
28 41 : libspdm_copy_mem(secured_message_context->handshake_secret.response_finished_key,
29 : sizeof(secured_message_context->handshake_secret.response_finished_key),
30 : key, secured_message_context->hash_size);
31 41 : }
32 :
33 40 : static libspdm_return_t send_message(
34 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
35 : {
36 : libspdm_test_context_t *spdm_test_context;
37 : const uint8_t *ptr;
38 :
39 40 : spdm_test_context = libspdm_get_test_context();
40 40 : ptr = (const uint8_t *)request;
41 40 : switch (spdm_test_context->case_id) {
42 1 : case 0x1:
43 1 : return LIBSPDM_STATUS_SEND_FAIL;
44 1 : case 0x2:
45 1 : m_libspdm_local_buffer_size = 0;
46 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
47 : request_size - 1);
48 1 : m_libspdm_local_buffer_size += (request_size - 1);
49 1 : return LIBSPDM_STATUS_SUCCESS;
50 0 : case 0x3:
51 0 : m_libspdm_local_buffer_size = 0;
52 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
53 : request_size - 1);
54 0 : m_libspdm_local_buffer_size += (request_size - 1);
55 0 : return LIBSPDM_STATUS_SUCCESS;
56 1 : case 0x4:
57 1 : m_libspdm_local_buffer_size = 0;
58 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
59 : request_size - 1);
60 1 : m_libspdm_local_buffer_size += (request_size - 1);
61 1 : return LIBSPDM_STATUS_SUCCESS;
62 1 : case 0x5:
63 1 : m_libspdm_local_buffer_size = 0;
64 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
65 : request_size - 1);
66 1 : m_libspdm_local_buffer_size += (request_size - 1);
67 1 : return LIBSPDM_STATUS_SUCCESS;
68 2 : case 0x6:
69 2 : m_libspdm_local_buffer_size = 0;
70 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
71 : request_size - 1);
72 2 : m_libspdm_local_buffer_size += (request_size - 1);
73 2 : return LIBSPDM_STATUS_SUCCESS;
74 1 : case 0x7:
75 1 : m_libspdm_local_buffer_size = 0;
76 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
77 : request_size - 1);
78 1 : m_libspdm_local_buffer_size += (request_size - 1);
79 1 : return LIBSPDM_STATUS_SUCCESS;
80 2 : case 0x8:
81 2 : m_libspdm_local_buffer_size = 0;
82 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
83 : request_size - 1);
84 2 : m_libspdm_local_buffer_size += (request_size - 1);
85 2 : return LIBSPDM_STATUS_SUCCESS;
86 2 : case 0x9: {
87 : static size_t sub_index = 0;
88 2 : if (sub_index == 0) {
89 1 : m_libspdm_local_buffer_size = 0;
90 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
91 : request_size - 1);
92 1 : m_libspdm_local_buffer_size += (request_size - 1);
93 1 : sub_index++;
94 : }
95 : }
96 2 : return LIBSPDM_STATUS_SUCCESS;
97 18 : case 0xA:
98 18 : m_libspdm_local_buffer_size = 0;
99 18 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
100 : request_size - 1);
101 18 : m_libspdm_local_buffer_size += (request_size - 1);
102 18 : return LIBSPDM_STATUS_SUCCESS;
103 1 : case 0xB:
104 1 : m_libspdm_local_buffer_size = 0;
105 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
106 : request_size - 1);
107 1 : m_libspdm_local_buffer_size += (request_size - 1);
108 1 : return LIBSPDM_STATUS_SUCCESS;
109 0 : case 0xC:
110 0 : m_libspdm_local_buffer_size = 0;
111 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
112 : request_size - 1);
113 0 : m_libspdm_local_buffer_size += (request_size - 1);
114 0 : return LIBSPDM_STATUS_SUCCESS;
115 0 : case 0xD:
116 0 : m_libspdm_local_buffer_size = 0;
117 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
118 : request_size - 1);
119 0 : m_libspdm_local_buffer_size += (request_size - 1);
120 0 : return LIBSPDM_STATUS_SUCCESS;
121 1 : case 0xE:
122 1 : m_libspdm_local_buffer_size = 0;
123 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
124 : request_size - 1);
125 1 : m_libspdm_local_buffer_size += (request_size - 1);
126 1 : return LIBSPDM_STATUS_SUCCESS;
127 0 : case 0xF:
128 0 : m_libspdm_local_buffer_size = 0;
129 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
130 : request_size - 1);
131 0 : m_libspdm_local_buffer_size += (request_size - 1);
132 0 : return LIBSPDM_STATUS_SUCCESS;
133 1 : case 0x10:
134 1 : m_libspdm_local_buffer_size = 0;
135 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
136 : request_size - 1);
137 1 : m_libspdm_local_buffer_size += (request_size - 1);
138 1 : return LIBSPDM_STATUS_SUCCESS;
139 1 : case 0x11:
140 1 : m_libspdm_local_buffer_size = 0;
141 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
142 : request_size - 1);
143 1 : m_libspdm_local_buffer_size += (request_size - 1);
144 1 : return LIBSPDM_STATUS_SUCCESS;
145 1 : case 0x12:
146 1 : m_libspdm_local_buffer_size = 0;
147 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
148 : request_size - 1);
149 1 : m_libspdm_local_buffer_size += (request_size - 1);
150 1 : return LIBSPDM_STATUS_SUCCESS;
151 0 : case 0x13:
152 0 : m_libspdm_local_buffer_size = 0;
153 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
154 : request_size - 1);
155 0 : m_libspdm_local_buffer_size += (request_size - 1);
156 0 : return LIBSPDM_STATUS_SUCCESS;
157 1 : case 0x14:
158 1 : m_libspdm_local_buffer_size = 0;
159 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
160 : request_size - 1);
161 1 : m_libspdm_local_buffer_size += (request_size - 1);
162 1 : return LIBSPDM_STATUS_SUCCESS;
163 1 : case 0x15:
164 1 : m_libspdm_local_buffer_size = 0;
165 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
166 : request_size - 1);
167 1 : m_libspdm_local_buffer_size += (request_size - 1);
168 1 : return LIBSPDM_STATUS_SUCCESS;
169 1 : case 0x16:
170 1 : m_libspdm_local_buffer_size = 0;
171 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
172 : request_size - 1);
173 1 : m_libspdm_local_buffer_size += (request_size - 1);
174 1 : return LIBSPDM_STATUS_SUCCESS;
175 3 : case 0x17:
176 : case 0x18:
177 : case 0x19:
178 3 : m_libspdm_local_buffer_size = 0;
179 3 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1],
180 : request_size - 1);
181 3 : m_libspdm_local_buffer_size += (request_size - 1);
182 3 : return LIBSPDM_STATUS_SUCCESS;
183 0 : default:
184 0 : return LIBSPDM_STATUS_SEND_FAIL;
185 : }
186 : }
187 :
188 39 : static libspdm_return_t receive_message(
189 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
190 : {
191 : libspdm_test_context_t *spdm_test_context;
192 :
193 39 : spdm_test_context = libspdm_get_test_context();
194 39 : switch (spdm_test_context->case_id) {
195 0 : case 0x1:
196 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
197 :
198 1 : case 0x2: {
199 : spdm_finish_response_t *spdm_response;
200 : uint32_t hash_size;
201 : uint32_t hmac_size;
202 : uint8_t *ptr;
203 : void *data;
204 : size_t data_size;
205 : uint8_t *cert_buffer;
206 : size_t cert_buffer_size;
207 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
208 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
209 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
210 : size_t spdm_response_size;
211 : size_t transport_header_size;
212 :
213 : ((libspdm_context_t *)spdm_context)
214 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
215 : ((libspdm_context_t *)spdm_context)
216 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
217 : ((libspdm_context_t *)spdm_context)
218 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
219 : ((libspdm_context_t *)spdm_context)
220 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
221 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
222 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
223 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
224 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
225 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
226 :
227 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
228 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
229 1 : spdm_response->header.param1 = 0;
230 1 : spdm_response->header.param2 = 0;
231 1 : ptr = (void *)(spdm_response + 1);
232 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
233 : sizeof(m_libspdm_local_buffer)
234 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
235 : m_libspdm_local_buffer),
236 : spdm_response, sizeof(spdm_finish_response_t));
237 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
238 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
239 : m_libspdm_use_asym_algo, &data,
240 : &data_size, NULL, NULL);
241 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
242 1 : cert_buffer = (uint8_t *)data;
243 1 : cert_buffer_size = data_size;
244 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
245 : /* transcript.message_a size is 0*/
246 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
247 : /* session_transcript.message_k is 0*/
248 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
249 : m_libspdm_local_buffer_size);
250 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
251 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
252 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
253 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
254 : response_finished_key, hash_size, ptr);
255 1 : ptr += hmac_size;
256 1 : free(data);
257 :
258 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
259 : false, spdm_response_size,
260 : spdm_response, response_size,
261 : response);
262 : }
263 1 : return LIBSPDM_STATUS_SUCCESS;
264 :
265 0 : case 0x3: {
266 : spdm_finish_response_t *spdm_response;
267 : uint32_t hash_size;
268 : uint32_t hmac_size;
269 : uint8_t *ptr;
270 : void *data;
271 : size_t data_size;
272 : uint8_t *cert_buffer;
273 : size_t cert_buffer_size;
274 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
275 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
276 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
277 : size_t spdm_response_size;
278 : size_t transport_header_size;
279 :
280 : ((libspdm_context_t *)spdm_context)
281 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
282 : ((libspdm_context_t *)spdm_context)
283 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
284 : ((libspdm_context_t *)spdm_context)
285 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
286 : ((libspdm_context_t *)spdm_context)
287 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
288 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
289 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
290 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
291 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
292 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
293 :
294 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
295 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
296 0 : spdm_response->header.param1 = 0;
297 0 : spdm_response->header.param2 = 0;
298 0 : ptr = (void *)(spdm_response + 1);
299 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
300 : sizeof(m_libspdm_local_buffer)
301 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
302 : m_libspdm_local_buffer),
303 : spdm_response, sizeof(spdm_finish_response_t));
304 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
305 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
306 : m_libspdm_use_asym_algo, &data,
307 : &data_size, NULL, NULL);
308 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
309 0 : cert_buffer = (uint8_t *)data;
310 0 : cert_buffer_size = data_size;
311 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
312 : /* transcript.message_a size is 0*/
313 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
314 : /* session_transcript.message_k is 0*/
315 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
316 : m_libspdm_local_buffer_size);
317 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
318 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
319 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
320 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
321 : response_finished_key, hash_size, ptr);
322 0 : ptr += hmac_size;
323 0 : free(data);
324 :
325 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
326 : false, spdm_response_size,
327 : spdm_response, response_size,
328 : response);
329 : }
330 0 : return LIBSPDM_STATUS_SUCCESS;
331 :
332 1 : case 0x4: {
333 : spdm_error_response_t *spdm_response;
334 : size_t spdm_response_size;
335 : size_t transport_header_size;
336 :
337 1 : spdm_response_size = sizeof(spdm_error_response_t);
338 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
339 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
340 :
341 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
342 1 : spdm_response->header.request_response_code = SPDM_ERROR;
343 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
344 1 : spdm_response->header.param2 = 0;
345 :
346 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
347 : false, spdm_response_size,
348 : spdm_response,
349 : response_size, response);
350 : }
351 1 : return LIBSPDM_STATUS_SUCCESS;
352 :
353 1 : case 0x5: {
354 : spdm_error_response_t *spdm_response;
355 : size_t spdm_response_size;
356 : size_t transport_header_size;
357 :
358 1 : spdm_response_size = sizeof(spdm_error_response_t);
359 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
360 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
361 :
362 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
363 1 : spdm_response->header.request_response_code = SPDM_ERROR;
364 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
365 1 : spdm_response->header.param2 = 0;
366 :
367 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
368 : false, spdm_response_size,
369 : spdm_response,
370 : response_size, response);
371 : }
372 1 : return LIBSPDM_STATUS_SUCCESS;
373 :
374 2 : case 0x6: {
375 : static size_t sub_index1 = 0;
376 2 : if (sub_index1 == 0) {
377 : spdm_error_response_t *spdm_response;
378 : size_t spdm_response_size;
379 : size_t transport_header_size;
380 :
381 1 : spdm_response_size = sizeof(spdm_error_response_t);
382 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
383 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
384 :
385 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
386 1 : spdm_response->header.request_response_code = SPDM_ERROR;
387 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
388 1 : spdm_response->header.param2 = 0;
389 :
390 1 : libspdm_transport_test_encode_message(
391 : spdm_context, NULL, false, false,
392 : spdm_response_size, spdm_response,
393 : response_size, response);
394 1 : sub_index1++;
395 1 : } else if (sub_index1 == 1) {
396 : spdm_finish_response_t *spdm_response;
397 : uint32_t hash_size;
398 : uint32_t hmac_size;
399 : uint8_t *ptr;
400 : void *data;
401 : size_t data_size;
402 : uint8_t *cert_buffer;
403 : size_t cert_buffer_size;
404 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
405 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
406 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
407 : size_t spdm_response_size;
408 : size_t transport_header_size;
409 :
410 : ((libspdm_context_t *)spdm_context)
411 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
412 : ((libspdm_context_t *)spdm_context)
413 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
414 : ((libspdm_context_t *)spdm_context)
415 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
416 : ((libspdm_context_t *)spdm_context)
417 : ->connection_info.algorithm
418 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
419 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
420 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
421 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
422 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
423 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
424 :
425 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
426 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
427 1 : spdm_response->header.param1 = 0;
428 1 : spdm_response->header.param2 = 0;
429 1 : ptr = (void *)(spdm_response + 1);
430 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
431 : sizeof(m_libspdm_local_buffer)
432 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
433 : m_libspdm_local_buffer),
434 : spdm_response, sizeof(spdm_finish_response_t));
435 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
436 1 : libspdm_read_responder_public_certificate_chain(
437 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
438 : &data_size, NULL, NULL);
439 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
440 1 : cert_buffer = (uint8_t *)data;
441 1 : cert_buffer_size = data_size;
442 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
443 : cert_buffer_size, cert_buffer_hash);
444 : /* transcript.message_a size is 0*/
445 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
446 : /* session_transcript.message_k is 0*/
447 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
448 : m_libspdm_local_buffer_size);
449 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
450 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
451 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
452 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
453 : response_finished_key, hash_size, ptr);
454 1 : ptr += hmac_size;
455 1 : free(data);
456 :
457 1 : libspdm_transport_test_encode_message(
458 : spdm_context, NULL, false, false, spdm_response_size,
459 : spdm_response, response_size, response);
460 : }
461 : }
462 2 : return LIBSPDM_STATUS_SUCCESS;
463 :
464 1 : case 0x7: {
465 : spdm_error_response_t *spdm_response;
466 : size_t spdm_response_size;
467 : size_t transport_header_size;
468 :
469 1 : spdm_response_size = sizeof(spdm_error_response_t);
470 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
471 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
472 :
473 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
474 1 : spdm_response->header.request_response_code = SPDM_ERROR;
475 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
476 1 : spdm_response->header.param2 = 0;
477 :
478 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
479 : false, spdm_response_size,
480 : spdm_response,
481 : response_size, response);
482 : }
483 1 : return LIBSPDM_STATUS_SUCCESS;
484 :
485 2 : case 0x8: {
486 : spdm_error_response_data_response_not_ready_t *spdm_response;
487 : size_t spdm_response_size;
488 : size_t transport_header_size;
489 :
490 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
491 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
492 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
493 :
494 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
495 2 : spdm_response->header.request_response_code = SPDM_ERROR;
496 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
497 2 : spdm_response->header.param2 = 0;
498 2 : spdm_response->extend_error_data.rd_exponent = 1;
499 2 : spdm_response->extend_error_data.rd_tm = 2;
500 2 : spdm_response->extend_error_data.request_code = SPDM_FINISH;
501 2 : spdm_response->extend_error_data.token = 0;
502 :
503 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
504 : false, spdm_response_size,
505 : spdm_response,
506 : response_size, response);
507 : }
508 2 : return LIBSPDM_STATUS_SUCCESS;
509 :
510 2 : case 0x9: {
511 : static size_t sub_index2 = 0;
512 2 : if (sub_index2 == 0) {
513 : spdm_error_response_data_response_not_ready_t
514 : *spdm_response;
515 : size_t spdm_response_size;
516 : size_t transport_header_size;
517 :
518 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
519 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
520 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
521 :
522 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
523 1 : spdm_response->header.request_response_code = SPDM_ERROR;
524 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
525 1 : spdm_response->header.param2 = 0;
526 1 : spdm_response->extend_error_data.rd_exponent = 1;
527 1 : spdm_response->extend_error_data.rd_tm = 2;
528 1 : spdm_response->extend_error_data.request_code = SPDM_FINISH;
529 1 : spdm_response->extend_error_data.token = 1;
530 :
531 1 : libspdm_transport_test_encode_message(
532 : spdm_context, NULL, false, false,
533 : spdm_response_size, spdm_response,
534 : response_size, response);
535 1 : sub_index2++;
536 1 : } else if (sub_index2 == 1) {
537 : spdm_finish_response_t *spdm_response;
538 : uint32_t hash_size;
539 : uint32_t hmac_size;
540 : uint8_t *ptr;
541 : void *data;
542 : size_t data_size;
543 : uint8_t *cert_buffer;
544 : size_t cert_buffer_size;
545 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
546 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
547 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
548 : size_t spdm_response_size;
549 : size_t transport_header_size;
550 :
551 : ((libspdm_context_t *)spdm_context)
552 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
553 : ((libspdm_context_t *)spdm_context)
554 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
555 : ((libspdm_context_t *)spdm_context)
556 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
557 : ((libspdm_context_t *)spdm_context)
558 : ->connection_info.algorithm
559 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
560 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
561 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
562 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
563 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
564 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
565 :
566 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
567 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
568 1 : spdm_response->header.param1 = 0;
569 1 : spdm_response->header.param2 = 0;
570 1 : ptr = (void *)(spdm_response + 1);
571 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
572 : sizeof(m_libspdm_local_buffer)
573 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
574 : m_libspdm_local_buffer),
575 : spdm_response, sizeof(spdm_finish_response_t));
576 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
577 1 : libspdm_read_responder_public_certificate_chain(
578 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
579 : &data_size, NULL, NULL);
580 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
581 1 : cert_buffer = (uint8_t *)data;
582 1 : cert_buffer_size = data_size;
583 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
584 : cert_buffer_size, cert_buffer_hash);
585 : /* transcript.message_a size is 0*/
586 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
587 : /* session_transcript.message_k is 0*/
588 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
589 : m_libspdm_local_buffer_size);
590 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
591 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
592 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
593 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
594 : response_finished_key, hash_size, ptr);
595 1 : ptr += hmac_size;
596 1 : free(data);
597 :
598 1 : libspdm_transport_test_encode_message(
599 : spdm_context, NULL, false, false, spdm_response_size,
600 : spdm_response, response_size, response);
601 : }
602 : }
603 2 : return LIBSPDM_STATUS_SUCCESS;
604 :
605 18 : case 0xA:
606 : {
607 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
608 :
609 : spdm_error_response_t *spdm_response;
610 : size_t spdm_response_size;
611 : size_t transport_header_size;
612 :
613 18 : spdm_response_size = sizeof(spdm_error_response_t);
614 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
615 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
616 :
617 18 : if(error_code <= 0xff) {
618 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
619 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
620 18 : spdm_response->header.request_response_code = SPDM_ERROR;
621 18 : spdm_response->header.param1 = (uint8_t) error_code;
622 18 : spdm_response->header.param2 = 0;
623 :
624 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
625 : spdm_response_size, spdm_response,
626 : response_size, response);
627 : }
628 :
629 18 : error_code++;
630 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
631 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
632 : }
633 : /* skip some reserved error codes (0d to 3e) */
634 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
635 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
636 : }
637 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
638 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
639 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
640 : }
641 : }
642 18 : return LIBSPDM_STATUS_SUCCESS;
643 1 : case 0xB:
644 : {
645 : spdm_finish_response_t *spdm_response;
646 : uint32_t hash_size;
647 : uint32_t hmac_size;
648 : uint8_t *ptr;
649 : void *data;
650 : size_t data_size;
651 : uint8_t *cert_buffer;
652 : size_t cert_buffer_size;
653 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
654 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
655 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
656 : size_t spdm_response_size;
657 : size_t transport_header_size;
658 :
659 : ((libspdm_context_t *)spdm_context)
660 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
661 : ((libspdm_context_t *)spdm_context)
662 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
663 : ((libspdm_context_t *)spdm_context)
664 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
665 : ((libspdm_context_t *)spdm_context)
666 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
667 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
668 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
669 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
670 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
671 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
672 :
673 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
674 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
675 1 : spdm_response->header.param1 = 0;
676 1 : spdm_response->header.param2 = 0;
677 1 : ptr = (void *)(spdm_response + 1);
678 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
679 : sizeof(m_libspdm_local_buffer)
680 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
681 : m_libspdm_local_buffer),
682 : spdm_response, sizeof(spdm_finish_response_t));
683 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
684 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
685 : m_libspdm_use_asym_algo, &data,
686 : &data_size, NULL, NULL);
687 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
688 1 : cert_buffer = (uint8_t *)data;
689 1 : cert_buffer_size = data_size;
690 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
691 : /* transcript.message_a size is 0*/
692 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
693 : /* session_transcript.message_k is 0*/
694 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
695 : m_libspdm_local_buffer_size);
696 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
697 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
698 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
699 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
700 : response_finished_key, hash_size, ptr);
701 1 : ptr += hmac_size;
702 1 : free(data);
703 :
704 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
705 : false, spdm_response_size,
706 : spdm_response, response_size,
707 : response);
708 : }
709 1 : return LIBSPDM_STATUS_SUCCESS;
710 :
711 0 : case 0xC: {
712 : spdm_finish_response_t *spdm_response;
713 : uint32_t hash_size;
714 : uint32_t hmac_size;
715 : uint8_t *ptr;
716 : void *data;
717 : size_t data_size;
718 : uint8_t *cert_buffer;
719 : size_t cert_buffer_size;
720 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
721 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
722 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
723 : size_t spdm_response_size;
724 : size_t transport_header_size;
725 :
726 : ((libspdm_context_t *)spdm_context)
727 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
728 : ((libspdm_context_t *)spdm_context)
729 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
730 : ((libspdm_context_t *)spdm_context)
731 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
732 : ((libspdm_context_t *)spdm_context)
733 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
734 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
735 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
736 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
737 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
738 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
739 :
740 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
741 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
742 0 : spdm_response->header.param1 = 0;
743 0 : spdm_response->header.param2 = 0;
744 0 : ptr = (void *)(spdm_response + 1);
745 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
746 : sizeof(m_libspdm_local_buffer)
747 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
748 : m_libspdm_local_buffer),
749 : spdm_response, sizeof(spdm_finish_response_t));
750 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
751 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
752 : m_libspdm_use_asym_algo, &data,
753 : &data_size, NULL, NULL);
754 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
755 0 : cert_buffer = (uint8_t *)data;
756 0 : cert_buffer_size = data_size;
757 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
758 : /* transcript.message_a size is 0*/
759 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
760 : /* session_transcript.message_k is 0*/
761 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
762 : m_libspdm_local_buffer_size);
763 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
764 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
765 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
766 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
767 : response_finished_key, hash_size, ptr);
768 0 : ptr += hmac_size;
769 0 : free(data);
770 :
771 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
772 : false, spdm_response_size,
773 : spdm_response, response_size,
774 : response);
775 : }
776 0 : return LIBSPDM_STATUS_SUCCESS;
777 :
778 0 : case 0xD: {
779 : spdm_finish_response_t *spdm_response;
780 : uint32_t hash_size;
781 : uint32_t hmac_size;
782 : uint8_t *ptr;
783 : void *data;
784 : size_t data_size;
785 : uint8_t *cert_buffer;
786 : size_t cert_buffer_size;
787 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
788 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
789 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
790 : size_t spdm_response_size;
791 : size_t transport_header_size;
792 :
793 : ((libspdm_context_t *)spdm_context)
794 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
795 : ((libspdm_context_t *)spdm_context)
796 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
797 : ((libspdm_context_t *)spdm_context)
798 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
799 : ((libspdm_context_t *)spdm_context)
800 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
801 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
802 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
803 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
804 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
805 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
806 :
807 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
808 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
809 0 : spdm_response->header.param1 = 0;
810 0 : spdm_response->header.param2 = 0;
811 0 : ptr = (void *)(spdm_response + 1);
812 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
813 : sizeof(m_libspdm_local_buffer)
814 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
815 : m_libspdm_local_buffer),
816 : spdm_response, sizeof(spdm_finish_response_t));
817 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
818 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
819 : m_libspdm_use_asym_algo, &data,
820 : &data_size, NULL, NULL);
821 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
822 0 : cert_buffer = (uint8_t *)data;
823 0 : cert_buffer_size = data_size;
824 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
825 : /* transcript.message_a size is 0*/
826 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
827 : /* session_transcript.message_k is 0*/
828 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
829 : m_libspdm_local_buffer_size);
830 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
831 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
832 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
833 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
834 : response_finished_key, hash_size, ptr);
835 0 : ptr += hmac_size;
836 0 : free(data);
837 :
838 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
839 : false, spdm_response_size,
840 : spdm_response, response_size,
841 : response);
842 : }
843 0 : return LIBSPDM_STATUS_SUCCESS;
844 :
845 1 : case 0xE: {
846 : spdm_finish_response_t *spdm_response;
847 : uint32_t hash_size;
848 : uint32_t hmac_size;
849 : uint8_t *ptr;
850 : void *data;
851 : size_t data_size;
852 : uint8_t *cert_buffer;
853 : size_t cert_buffer_size;
854 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
855 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
856 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
857 : size_t spdm_response_size;
858 : size_t transport_header_size;
859 :
860 : ((libspdm_context_t *)spdm_context)
861 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
862 : ((libspdm_context_t *)spdm_context)
863 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
864 : ((libspdm_context_t *)spdm_context)
865 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
866 : ((libspdm_context_t *)spdm_context)
867 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
868 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
869 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
870 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
871 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
872 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
873 :
874 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
875 : /*wrong response code*/
876 1 : spdm_response->header.request_response_code = SPDM_FINISH;
877 1 : spdm_response->header.param1 = 0;
878 1 : spdm_response->header.param2 = 0;
879 1 : ptr = (void *)(spdm_response + 1);
880 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
881 : sizeof(m_libspdm_local_buffer)
882 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
883 : m_libspdm_local_buffer),
884 : spdm_response, sizeof(spdm_finish_response_t));
885 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
886 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
887 : m_libspdm_use_asym_algo, &data,
888 : &data_size, NULL, NULL);
889 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
890 1 : cert_buffer = (uint8_t *)data;
891 1 : cert_buffer_size = data_size;
892 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
893 : /* transcript.message_a size is 0*/
894 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
895 : /* session_transcript.message_k is 0*/
896 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
897 : m_libspdm_local_buffer_size);
898 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
899 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
900 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
901 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
902 : response_finished_key, hash_size, ptr);
903 1 : ptr += hmac_size;
904 1 : free(data);
905 :
906 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
907 : false, spdm_response_size,
908 : spdm_response, response_size,
909 : response);
910 : }
911 1 : return LIBSPDM_STATUS_SUCCESS;
912 :
913 0 : case 0xF: {
914 : spdm_finish_response_t *spdm_response;
915 : uint32_t hash_size;
916 : uint32_t hmac_size;
917 : uint8_t *ptr;
918 : void *data;
919 : size_t data_size;
920 : uint8_t *cert_buffer;
921 : size_t cert_buffer_size;
922 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
923 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
924 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
925 : size_t spdm_response_size;
926 : size_t transport_header_size;
927 :
928 : ((libspdm_context_t *)spdm_context)
929 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
930 : ((libspdm_context_t *)spdm_context)
931 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
932 : ((libspdm_context_t *)spdm_context)
933 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
934 : ((libspdm_context_t *)spdm_context)
935 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
936 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
937 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
938 0 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
939 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
940 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
941 :
942 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
943 0 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
944 0 : spdm_response->header.param1 = 0;
945 0 : spdm_response->header.param2 = 0;
946 0 : ptr = (void *)(spdm_response + 1);
947 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
948 : sizeof(m_libspdm_local_buffer)
949 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
950 : m_libspdm_local_buffer),
951 : spdm_response, sizeof(spdm_finish_response_t));
952 0 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
953 0 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
954 : m_libspdm_use_asym_algo, &data,
955 : &data_size, NULL, NULL);
956 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
957 0 : cert_buffer = (uint8_t *)data;
958 0 : cert_buffer_size = data_size;
959 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
960 : /* transcript.message_a size is 0*/
961 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
962 : /* session_transcript.message_k is 0*/
963 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
964 : m_libspdm_local_buffer_size);
965 0 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
966 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
967 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
968 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
969 : response_finished_key, hash_size, ptr);
970 0 : ptr += hmac_size;
971 0 : free(data);
972 :
973 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
974 : false, spdm_response_size,
975 : spdm_response, response_size,
976 : response);
977 : }
978 0 : return LIBSPDM_STATUS_SUCCESS;
979 :
980 1 : case 0x10: {
981 : spdm_finish_response_t *spdm_response;
982 : uint32_t hash_size;
983 : uint32_t hmac_size;
984 : uint8_t *ptr;
985 : void *data;
986 : size_t data_size;
987 : uint8_t *cert_buffer;
988 : size_t cert_buffer_size;
989 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
990 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
991 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
992 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
993 : size_t spdm_response_size;
994 : size_t transport_header_size;
995 :
996 : ((libspdm_context_t *)spdm_context)
997 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
998 : ((libspdm_context_t *)spdm_context)
999 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1000 : ((libspdm_context_t *)spdm_context)
1001 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1002 : ((libspdm_context_t *)spdm_context)
1003 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1004 : ((libspdm_context_t *)spdm_context)
1005 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1006 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1007 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1008 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1009 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1010 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1011 :
1012 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1013 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1014 1 : spdm_response->header.param1 = 0;
1015 1 : spdm_response->header.param2 = 0;
1016 1 : ptr = (void *)(spdm_response + 1);
1017 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1018 : sizeof(m_libspdm_local_buffer)
1019 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1020 : m_libspdm_local_buffer),
1021 : spdm_response, sizeof(spdm_finish_response_t));
1022 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1023 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1024 : m_libspdm_use_asym_algo, &data,
1025 : &data_size, NULL, NULL);
1026 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1027 1 : cert_buffer = (uint8_t *)data;
1028 1 : cert_buffer_size = data_size;
1029 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1030 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1031 : m_libspdm_use_req_asym_algo, &data,
1032 : &data_size, NULL, NULL);
1033 1 : cert_buffer = (uint8_t *)data;
1034 1 : cert_buffer_size = data_size;
1035 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1036 : req_cert_buffer_hash);
1037 : /* transcript.message_a size is 0*/
1038 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1039 : /* session_transcript.message_k is 0*/
1040 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1041 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1042 : m_libspdm_local_buffer_size);
1043 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1044 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1045 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1046 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1047 : response_finished_key, hash_size, ptr);
1048 1 : ptr += hmac_size;
1049 1 : free(data);
1050 :
1051 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1052 : false, spdm_response_size,
1053 : spdm_response, response_size,
1054 : response);
1055 : }
1056 1 : return LIBSPDM_STATUS_SUCCESS;
1057 :
1058 1 : case 0x11: {
1059 : spdm_finish_response_t *spdm_response;
1060 : uint32_t hmac_size;
1061 : uint8_t *ptr;
1062 : size_t spdm_response_size;
1063 : size_t transport_header_size;
1064 :
1065 : ((libspdm_context_t *)spdm_context)
1066 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1067 : ((libspdm_context_t *)spdm_context)
1068 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1069 : ((libspdm_context_t *)spdm_context)
1070 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1071 : ((libspdm_context_t *)spdm_context)
1072 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1073 : ((libspdm_context_t *)spdm_context)
1074 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1075 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1076 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1077 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1078 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1079 :
1080 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1081 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1082 1 : spdm_response->header.param1 = 0;
1083 1 : spdm_response->header.param2 = 0;
1084 1 : ptr = (void *)(spdm_response + 1);
1085 1 : libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
1086 1 : ptr += hmac_size;
1087 :
1088 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1089 : false, spdm_response_size,
1090 : spdm_response, response_size,
1091 : response);
1092 : }
1093 1 : return LIBSPDM_STATUS_SUCCESS;
1094 :
1095 1 : case 0x12: {
1096 : spdm_finish_response_t *spdm_response;
1097 : uint32_t hash_size;
1098 : uint32_t hmac_size;
1099 : uint8_t *ptr;
1100 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1101 : uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
1102 : size_t spdm_response_size;
1103 : size_t transport_header_size;
1104 :
1105 : ((libspdm_context_t *)spdm_context)
1106 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1107 : ((libspdm_context_t *)spdm_context)
1108 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1109 : ((libspdm_context_t *)spdm_context)
1110 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1111 : ((libspdm_context_t *)spdm_context)
1112 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1113 : ((libspdm_context_t *)spdm_context)
1114 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1115 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1116 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1117 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1118 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1119 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1120 :
1121 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1122 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1123 1 : spdm_response->header.param1 = 0;
1124 1 : spdm_response->header.param2 = 0;
1125 1 : ptr = (void *)(spdm_response + 1);
1126 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1127 1 : libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
1128 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
1129 : response_finished_key, hash_size, ptr);
1130 1 : ptr += hmac_size;
1131 :
1132 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1133 : false, spdm_response_size,
1134 : spdm_response, response_size,
1135 : response);
1136 : }
1137 1 : return LIBSPDM_STATUS_SUCCESS;
1138 :
1139 0 : case 0x13: {
1140 : }
1141 0 : return LIBSPDM_STATUS_SUCCESS;
1142 :
1143 1 : case 0x14: {
1144 : spdm_finish_response_t *spdm_response;
1145 : uint32_t hash_size;
1146 : uint32_t hmac_size;
1147 : uint8_t *ptr;
1148 : void *data;
1149 : size_t data_size;
1150 : uint8_t *cert_buffer;
1151 : size_t cert_buffer_size;
1152 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1153 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1154 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1155 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1156 : size_t spdm_response_size;
1157 : size_t transport_header_size;
1158 :
1159 : ((libspdm_context_t *)spdm_context)
1160 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1161 : ((libspdm_context_t *)spdm_context)
1162 1 : ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1163 : ((libspdm_context_t *)spdm_context)
1164 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1165 : ((libspdm_context_t *)spdm_context)
1166 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1167 : ((libspdm_context_t *)spdm_context)
1168 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1169 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1170 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1171 1 : spdm_response_size = sizeof(spdm_finish_response_t) +
1172 1 : hmac_size/2;/* half HMAC size*/
1173 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1174 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1175 :
1176 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1177 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1178 1 : spdm_response->header.param1 = 0;
1179 1 : spdm_response->header.param2 = 0;
1180 1 : ptr = (void *)(spdm_response + 1);
1181 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1182 : sizeof(m_libspdm_local_buffer)
1183 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1184 : m_libspdm_local_buffer),
1185 : spdm_response, sizeof(spdm_finish_response_t));
1186 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1187 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1188 : m_libspdm_use_asym_algo, &data,
1189 : &data_size, NULL, NULL);
1190 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1191 1 : cert_buffer = (uint8_t *)data;
1192 1 : cert_buffer_size = data_size;
1193 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1194 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1195 : m_libspdm_use_req_asym_algo, &data,
1196 : &data_size, NULL, NULL);
1197 1 : cert_buffer = (uint8_t *)data;
1198 1 : cert_buffer_size = data_size;
1199 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1200 : req_cert_buffer_hash);
1201 : /* transcript.message_a size is 0*/
1202 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1203 : /* session_transcript.message_k is 0*/
1204 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1205 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1206 : m_libspdm_local_buffer_size);
1207 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1208 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1209 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1210 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1211 : response_finished_key, hash_size, ptr);
1212 1 : ptr += hmac_size/2; /* half HMAC size*/
1213 1 : libspdm_set_mem(ptr, hmac_size/2, (uint8_t) 0x00);
1214 1 : free(data);
1215 :
1216 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1217 : false, spdm_response_size,
1218 : spdm_response, response_size,
1219 : response);
1220 : }
1221 1 : return LIBSPDM_STATUS_SUCCESS;
1222 :
1223 1 : case 0x15: {
1224 : spdm_error_response_t *spdm_response;
1225 : size_t spdm_response_size;
1226 : size_t transport_header_size;
1227 :
1228 1 : spdm_response_size = sizeof(spdm_error_response_t);
1229 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1230 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1231 :
1232 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1233 1 : spdm_response->header.request_response_code = SPDM_ERROR;
1234 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
1235 1 : spdm_response->header.param2 = 0;
1236 :
1237 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1238 : false, spdm_response_size,
1239 : spdm_response,
1240 : response_size, response);
1241 : }
1242 1 : return LIBSPDM_STATUS_SUCCESS;
1243 :
1244 1 : case 0x16: {
1245 : spdm_finish_response_t *spdm_response;
1246 : uint32_t hash_size;
1247 : uint32_t hmac_size;
1248 : uint8_t *ptr;
1249 : void *data;
1250 : size_t data_size;
1251 : uint8_t *cert_buffer;
1252 : size_t cert_buffer_size;
1253 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1254 : uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1255 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1256 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1257 : size_t spdm_response_size;
1258 : size_t transport_header_size;
1259 :
1260 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
1261 : m_libspdm_use_asym_algo;
1262 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.req_base_asym_alg =
1263 : m_libspdm_use_req_asym_algo;
1264 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
1265 : m_libspdm_use_hash_algo;
1266 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.dhe_named_group =
1267 : m_libspdm_use_dhe_algo;
1268 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.measurement_hash_algo =
1269 : m_libspdm_use_measurement_hash_algo;
1270 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1271 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1272 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1273 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1274 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1275 :
1276 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1277 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1278 1 : spdm_response->header.param1 = 0;
1279 1 : spdm_response->header.param2 = 0;
1280 1 : ptr = (void *)(spdm_response + 1);
1281 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1282 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1283 : spdm_response, sizeof(spdm_finish_response_t));
1284 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1285 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1286 : m_libspdm_use_asym_algo, &data,
1287 : &data_size, NULL, NULL);
1288 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1289 1 : cert_buffer = (uint8_t *)data;
1290 1 : cert_buffer_size = data_size;
1291 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1292 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
1293 : m_libspdm_use_req_asym_algo, &data,
1294 : &data_size, NULL, NULL);
1295 1 : cert_buffer = (uint8_t *)data;
1296 1 : cert_buffer_size = data_size;
1297 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
1298 : req_cert_buffer_hash);
1299 : /* transcript.message_a size is 0*/
1300 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1301 : /* session_transcript.message_k is 0*/
1302 1 : libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
1303 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1304 : m_libspdm_local_buffer_size);
1305 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1306 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1307 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1308 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1309 : response_finished_key, hash_size, ptr);
1310 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1311 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
1312 : ptr, hmac_size);
1313 1 : m_libspdm_local_buffer_size += hmac_size;
1314 1 : ptr += hmac_size;
1315 1 : free(data);
1316 :
1317 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1318 : false, spdm_response_size,
1319 : spdm_response, response_size,
1320 : response);
1321 : }
1322 1 : return LIBSPDM_STATUS_SUCCESS;
1323 1 : case 0x17: {
1324 : spdm_finish_response_t *spdm_response;
1325 : uint32_t hash_size;
1326 : uint32_t hmac_size;
1327 : uint8_t *ptr;
1328 : void *data;
1329 : size_t data_size;
1330 : uint8_t *cert_buffer;
1331 : size_t cert_buffer_size;
1332 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1333 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1334 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1335 : size_t spdm_response_size;
1336 : size_t transport_header_size;
1337 :
1338 : ((libspdm_context_t *)spdm_context)
1339 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1340 : ((libspdm_context_t *)spdm_context)
1341 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1342 : ((libspdm_context_t *)spdm_context)
1343 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1344 : ((libspdm_context_t *)spdm_context)
1345 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1346 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1347 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1348 1 : spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size;
1349 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1350 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1351 :
1352 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1353 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1354 1 : spdm_response->header.param1 = 0;
1355 1 : spdm_response->header.param2 = 0;
1356 1 : ptr = (void *)(spdm_response + 1);
1357 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1358 : sizeof(m_libspdm_local_buffer)
1359 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1360 : m_libspdm_local_buffer),
1361 : spdm_response, sizeof(spdm_finish_response_t));
1362 1 : m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t);
1363 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
1364 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1365 1 : cert_buffer = (uint8_t *)data;
1366 1 : cert_buffer_size = data_size;
1367 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1368 : /* transcript.message_a size is 0*/
1369 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1370 : /* session_transcript.message_k is 0*/
1371 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1372 : m_libspdm_local_buffer_size);
1373 1 : libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1374 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1375 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1376 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1377 : response_finished_key, hash_size, ptr);
1378 1 : ptr += hmac_size;
1379 1 : free(data);
1380 :
1381 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1382 : false, spdm_response_size,
1383 : spdm_response, response_size,
1384 : response);
1385 : }
1386 1 : return LIBSPDM_STATUS_SUCCESS;
1387 1 : case 0x18: {
1388 : spdm_finish_response_t *spdm_response;
1389 : libspdm_session_info_t *session_info;
1390 : size_t spdm_response_size;
1391 : size_t transport_header_size;
1392 : uint32_t session_id;
1393 : uint8_t *scratch_buffer;
1394 : size_t scratch_buffer_size;
1395 :
1396 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1397 :
1398 : /* The ResponderVerifyData field does absent.*/
1399 1 : spdm_response_size = sizeof(spdm_finish_response_t);
1400 :
1401 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1402 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1403 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1404 1 : spdm_response->header.param1 = 0;
1405 1 : spdm_response->header.param2 = 0;
1406 :
1407 1 : session_id = 0xFFFFFFFF;
1408 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1409 : * transport_message is always in sender buffer. */
1410 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1411 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1412 : scratch_buffer_size - transport_header_size,
1413 : spdm_response, spdm_response_size);
1414 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1415 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1416 : spdm_response_size, spdm_response,
1417 : response_size, response);
1418 :
1419 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1420 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1421 1 : handshake_secret.response_handshake_sequence_number--;
1422 : }
1423 1 : return LIBSPDM_STATUS_SUCCESS;
1424 1 : case 0x19: {
1425 : spdm_finish_response_t *spdm_response;
1426 : libspdm_session_info_t *session_info;
1427 : size_t spdm_response_size;
1428 : size_t transport_header_size;
1429 : uint32_t session_id;
1430 : uint8_t *scratch_buffer;
1431 : size_t scratch_buffer_size;
1432 : uint16_t opaque_data_size;
1433 : uint8_t *ptr;
1434 :
1435 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1436 :
1437 1 : opaque_data_size = 8;
1438 : /* The ResponderVerifyData field does absent.*/
1439 1 : spdm_response_size = sizeof(spdm_finish_response_t) + sizeof(uint16_t) + opaque_data_size;
1440 :
1441 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1442 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_14;
1443 1 : spdm_response->header.request_response_code = SPDM_FINISH_RSP;
1444 1 : spdm_response->header.param1 = 0;
1445 1 : spdm_response->header.param2 = 0;
1446 1 : ptr = (uint8_t *)spdm_response + sizeof(spdm_finish_response_t);
1447 1 : libspdm_write_uint16(ptr, opaque_data_size);
1448 :
1449 1 : session_id = 0xFFFFFFFF;
1450 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
1451 : * transport_message is always in sender buffer. */
1452 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
1453 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
1454 : scratch_buffer_size - transport_header_size,
1455 : spdm_response, spdm_response_size);
1456 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
1457 1 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
1458 : spdm_response_size, spdm_response,
1459 : response_size, response);
1460 :
1461 1 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
1462 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1463 1 : handshake_secret.response_handshake_sequence_number--;
1464 : }
1465 1 : return LIBSPDM_STATUS_SUCCESS;
1466 :
1467 0 : default:
1468 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1469 : }
1470 : }
1471 :
1472 : /**
1473 : * Test 1: when no FINISH_RSP message is received, and the client returns a
1474 : * device error.
1475 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1476 : **/
1477 1 : static void req_finish_case1(void **state)
1478 : {
1479 : libspdm_return_t status;
1480 : libspdm_test_context_t *spdm_test_context;
1481 : libspdm_context_t *spdm_context;
1482 : uint32_t session_id;
1483 : uint8_t req_slot_id_param;
1484 : void *data;
1485 : size_t data_size;
1486 : void *hash;
1487 : size_t hash_size;
1488 : libspdm_session_info_t *session_info;
1489 :
1490 1 : spdm_test_context = *state;
1491 1 : spdm_context = spdm_test_context->spdm_context;
1492 1 : spdm_test_context->case_id = 0x1;
1493 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1494 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1495 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1496 1 : spdm_context->connection_info.capability.flags |=
1497 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1498 1 : spdm_context->connection_info.capability.flags |=
1499 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1500 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1501 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1502 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1503 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1504 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1505 : m_libspdm_use_asym_algo, &data,
1506 : &data_size, &hash, &hash_size)) {
1507 0 : assert(false);
1508 : }
1509 1 : libspdm_reset_message_a(spdm_context);
1510 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1511 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1512 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1513 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1514 :
1515 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1516 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1517 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1518 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1519 : data, data_size);
1520 : #else
1521 1 : libspdm_hash_all(
1522 : spdm_context->connection_info.algorithm.base_hash_algo,
1523 : data, data_size,
1524 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1525 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1526 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1527 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1528 : spdm_context->connection_info.algorithm.base_hash_algo,
1529 : spdm_context->connection_info.algorithm.base_asym_algo,
1530 : data, data_size,
1531 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1532 : #endif
1533 :
1534 1 : session_id = 0xFFFFFFFF;
1535 1 : session_info = &spdm_context->session_info[0];
1536 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1537 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1538 1 : session_info->peer_used_cert_chain_slot_id = 0;
1539 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1540 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1541 1 : libspdm_secured_message_set_response_finished_key(
1542 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1543 : hash_size);
1544 1 : libspdm_secured_message_set_session_state(
1545 : session_info->secured_message_context,
1546 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1547 :
1548 1 : spdm_context->connection_info.capability.flags |=
1549 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1550 1 : spdm_context->local_context.capability.flags |=
1551 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1552 1 : req_slot_id_param = 0;
1553 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1554 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
1555 1 : free(data);
1556 1 : }
1557 :
1558 : /**
1559 : * Test 2: receiving a correct FINISH_RSP message with only MAC (no
1560 : * mutual authentication) and 'handshake in the clear'.
1561 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
1562 : * session is established.
1563 : **/
1564 1 : static void req_finish_case2(void **state)
1565 : {
1566 : libspdm_return_t status;
1567 : libspdm_test_context_t *spdm_test_context;
1568 : libspdm_context_t *spdm_context;
1569 : uint32_t session_id;
1570 : uint8_t req_slot_id_param;
1571 : void *data;
1572 : size_t data_size;
1573 : void *hash;
1574 : size_t hash_size;
1575 : libspdm_session_info_t *session_info;
1576 : libspdm_secured_message_context_t *secured_message_context;
1577 :
1578 1 : spdm_test_context = *state;
1579 1 : spdm_context = spdm_test_context->spdm_context;
1580 1 : spdm_test_context->case_id = 0x2;
1581 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1582 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1583 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1584 1 : spdm_context->connection_info.capability.flags |=
1585 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1586 1 : spdm_context->connection_info.capability.flags |=
1587 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1588 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1589 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1590 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1591 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1592 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1593 : m_libspdm_use_asym_algo, &data,
1594 : &data_size, &hash, &hash_size)) {
1595 0 : assert(false);
1596 : }
1597 1 : libspdm_reset_message_a(spdm_context);
1598 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1599 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1600 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1601 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1602 :
1603 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1604 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1605 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1606 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1607 : data, data_size);
1608 : #else
1609 1 : libspdm_hash_all(
1610 : spdm_context->connection_info.algorithm.base_hash_algo,
1611 : data, data_size,
1612 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1613 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1614 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1615 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1616 : spdm_context->connection_info.algorithm.base_hash_algo,
1617 : spdm_context->connection_info.algorithm.base_asym_algo,
1618 : data, data_size,
1619 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1620 : #endif
1621 :
1622 1 : session_id = 0xFFFFFFFF;
1623 1 : session_info = &spdm_context->session_info[0];
1624 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1625 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1626 1 : session_info->peer_used_cert_chain_slot_id = 0;
1627 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1628 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1629 1 : libspdm_secured_message_set_response_finished_key(
1630 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1631 : hash_size);
1632 1 : libspdm_secured_message_set_session_state(
1633 : session_info->secured_message_context,
1634 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1635 :
1636 1 : spdm_context->connection_info.capability.flags |=
1637 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1638 1 : spdm_context->local_context.capability.flags |=
1639 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1640 1 : req_slot_id_param = 0;
1641 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1642 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1643 1 : assert_int_equal(
1644 : libspdm_secured_message_get_session_state(
1645 : spdm_context->session_info[0].secured_message_context),
1646 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1647 :
1648 1 : secured_message_context = session_info->secured_message_context;
1649 :
1650 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
1651 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
1652 1 : free(data);
1653 1 : }
1654 :
1655 : /**
1656 : * Test 3: requester state has not been negotiated, as if GET_VERSION, GET_CAPABILITIES and
1657 : * NEGOTIATE_ALGORITHMS had not been exchanged.
1658 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1659 : **/
1660 1 : static void req_finish_case3(void **state)
1661 : {
1662 : libspdm_return_t status;
1663 : libspdm_test_context_t *spdm_test_context;
1664 : libspdm_context_t *spdm_context;
1665 : uint32_t session_id;
1666 : uint8_t req_slot_id_param;
1667 : void *data;
1668 : size_t data_size;
1669 : void *hash;
1670 : size_t hash_size;
1671 : libspdm_session_info_t *session_info;
1672 :
1673 1 : spdm_test_context = *state;
1674 1 : spdm_context = spdm_test_context->spdm_context;
1675 1 : spdm_test_context->case_id = 0x3;
1676 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1677 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1678 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
1679 1 : spdm_context->connection_info.capability.flags |=
1680 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1681 1 : spdm_context->connection_info.capability.flags |=
1682 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1683 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1684 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1685 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1686 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1687 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1688 : m_libspdm_use_asym_algo, &data,
1689 : &data_size, &hash, &hash_size)) {
1690 0 : assert(false);
1691 : }
1692 1 : libspdm_reset_message_a(spdm_context);
1693 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1694 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1695 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1696 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1697 :
1698 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1699 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1700 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1701 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1702 : data, data_size);
1703 : #else
1704 1 : libspdm_hash_all(
1705 : spdm_context->connection_info.algorithm.base_hash_algo,
1706 : data, data_size,
1707 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1708 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1709 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1710 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1711 : spdm_context->connection_info.algorithm.base_hash_algo,
1712 : spdm_context->connection_info.algorithm.base_asym_algo,
1713 : data, data_size,
1714 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1715 : #endif
1716 :
1717 1 : session_id = 0xFFFFFFFF;
1718 1 : session_info = &spdm_context->session_info[0];
1719 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1720 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1721 1 : session_info->peer_used_cert_chain_slot_id = 0;
1722 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1723 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1724 1 : libspdm_secured_message_set_response_finished_key(
1725 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1726 : hash_size);
1727 1 : libspdm_secured_message_set_session_state(
1728 : session_info->secured_message_context,
1729 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1730 :
1731 1 : spdm_context->connection_info.capability.flags |=
1732 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1733 1 : spdm_context->local_context.capability.flags |=
1734 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1735 1 : req_slot_id_param = 0;
1736 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1737 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
1738 1 : free(data);
1739 1 : }
1740 :
1741 : /**
1742 : * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR
1743 : * message indicating InvalidParameters.
1744 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1745 : **/
1746 1 : static void req_finish_case4(void **state)
1747 : {
1748 : libspdm_return_t status;
1749 : libspdm_test_context_t *spdm_test_context;
1750 : libspdm_context_t *spdm_context;
1751 : uint32_t session_id;
1752 : uint8_t req_slot_id_param;
1753 : void *data;
1754 : size_t data_size;
1755 : void *hash;
1756 : size_t hash_size;
1757 : libspdm_session_info_t *session_info;
1758 :
1759 1 : spdm_test_context = *state;
1760 1 : spdm_context = spdm_test_context->spdm_context;
1761 1 : spdm_test_context->case_id = 0x4;
1762 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1763 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1764 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1765 1 : spdm_context->connection_info.capability.flags |=
1766 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1767 1 : spdm_context->connection_info.capability.flags |=
1768 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1769 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1770 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1771 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1772 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1773 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1774 : m_libspdm_use_asym_algo, &data,
1775 : &data_size, &hash, &hash_size)) {
1776 0 : assert(false);
1777 : }
1778 1 : libspdm_reset_message_a(spdm_context);
1779 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1780 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1781 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1782 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1783 :
1784 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1785 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1786 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1787 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1788 : data, data_size);
1789 : #else
1790 1 : libspdm_hash_all(
1791 : spdm_context->connection_info.algorithm.base_hash_algo,
1792 : data, data_size,
1793 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1794 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1795 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1796 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1797 : spdm_context->connection_info.algorithm.base_hash_algo,
1798 : spdm_context->connection_info.algorithm.base_asym_algo,
1799 : data, data_size,
1800 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1801 : #endif
1802 :
1803 1 : session_id = 0xFFFFFFFF;
1804 1 : session_info = &spdm_context->session_info[0];
1805 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1806 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1807 1 : session_info->peer_used_cert_chain_slot_id = 0;
1808 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1809 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1810 1 : libspdm_secured_message_set_response_finished_key(
1811 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1812 : hash_size);
1813 1 : libspdm_secured_message_set_session_state(
1814 : session_info->secured_message_context,
1815 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1816 :
1817 1 : spdm_context->connection_info.capability.flags |=
1818 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1819 1 : spdm_context->local_context.capability.flags |=
1820 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1821 1 : req_slot_id_param = 0;
1822 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1823 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1824 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1825 1 : free(data);
1826 1 : }
1827 :
1828 : /**
1829 : * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR
1830 : * message indicating the Busy status of the responder.
1831 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1832 : **/
1833 1 : static void req_finish_case5(void **state)
1834 : {
1835 : libspdm_return_t status;
1836 : libspdm_test_context_t *spdm_test_context;
1837 : libspdm_context_t *spdm_context;
1838 : uint32_t session_id;
1839 : uint8_t req_slot_id_param;
1840 : void *data;
1841 : size_t data_size;
1842 : void *hash;
1843 : size_t hash_size;
1844 : libspdm_session_info_t *session_info;
1845 :
1846 1 : spdm_test_context = *state;
1847 1 : spdm_context = spdm_test_context->spdm_context;
1848 1 : spdm_test_context->case_id = 0x5;
1849 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1850 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1851 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1852 1 : spdm_context->connection_info.capability.flags |=
1853 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1854 1 : spdm_context->connection_info.capability.flags |=
1855 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1856 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1857 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1858 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1859 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1860 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1861 : m_libspdm_use_asym_algo, &data,
1862 : &data_size, &hash, &hash_size)) {
1863 0 : assert(false);
1864 : }
1865 1 : libspdm_reset_message_a(spdm_context);
1866 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1867 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1868 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1869 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1870 :
1871 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1872 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1873 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1874 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1875 : data, data_size);
1876 : #else
1877 1 : libspdm_hash_all(
1878 : spdm_context->connection_info.algorithm.base_hash_algo,
1879 : data, data_size,
1880 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1881 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1882 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1883 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1884 : spdm_context->connection_info.algorithm.base_hash_algo,
1885 : spdm_context->connection_info.algorithm.base_asym_algo,
1886 : data, data_size,
1887 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1888 : #endif
1889 :
1890 1 : session_id = 0xFFFFFFFF;
1891 1 : session_info = &spdm_context->session_info[0];
1892 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1893 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1894 1 : session_info->peer_used_cert_chain_slot_id = 0;
1895 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1896 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1897 1 : libspdm_secured_message_set_response_finished_key(
1898 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1899 : hash_size);
1900 1 : libspdm_secured_message_set_session_state(
1901 : session_info->secured_message_context,
1902 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1903 :
1904 1 : spdm_context->connection_info.capability.flags |=
1905 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1906 1 : spdm_context->local_context.capability.flags |=
1907 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1908 1 : req_slot_id_param = 0;
1909 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1910 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
1911 1 : free(data);
1912 1 : }
1913 :
1914 : /**
1915 : * Test 6: the requester is setup correctly (see Test 2), but, on the first try,
1916 : * receiving a Busy ERROR message, and on retry, receiving a correct FINISH_RSP
1917 : * message with only MAC (no mutual authentication).
1918 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
1919 : **/
1920 1 : static void req_finish_case6(void **state)
1921 : {
1922 : libspdm_return_t status;
1923 : libspdm_test_context_t *spdm_test_context;
1924 : libspdm_context_t *spdm_context;
1925 : uint32_t session_id;
1926 : uint8_t req_slot_id_param;
1927 : void *data;
1928 : size_t data_size;
1929 : void *hash;
1930 : size_t hash_size;
1931 : libspdm_session_info_t *session_info;
1932 :
1933 1 : spdm_test_context = *state;
1934 1 : spdm_context = spdm_test_context->spdm_context;
1935 1 : spdm_test_context->case_id = 0x6;
1936 1 : spdm_context->retry_times = 3;
1937 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1938 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1939 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1940 1 : spdm_context->connection_info.capability.flags |=
1941 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
1942 1 : spdm_context->connection_info.capability.flags |=
1943 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1944 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1945 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1946 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1947 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1948 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1949 : m_libspdm_use_asym_algo, &data,
1950 : &data_size, &hash, &hash_size)) {
1951 0 : assert(false);
1952 : }
1953 1 : libspdm_reset_message_a(spdm_context);
1954 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1955 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1956 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1957 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1958 :
1959 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1960 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1961 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1962 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1963 : data, data_size);
1964 : #else
1965 1 : libspdm_hash_all(
1966 : spdm_context->connection_info.algorithm.base_hash_algo,
1967 : data, data_size,
1968 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
1969 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
1970 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1971 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
1972 : spdm_context->connection_info.algorithm.base_hash_algo,
1973 : spdm_context->connection_info.algorithm.base_asym_algo,
1974 : data, data_size,
1975 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
1976 : #endif
1977 :
1978 1 : session_id = 0xFFFFFFFF;
1979 1 : session_info = &spdm_context->session_info[0];
1980 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1981 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
1982 1 : session_info->peer_used_cert_chain_slot_id = 0;
1983 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1984 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1985 1 : libspdm_secured_message_set_response_finished_key(
1986 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1987 : hash_size);
1988 1 : libspdm_secured_message_set_session_state(
1989 : session_info->secured_message_context,
1990 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1991 :
1992 1 : spdm_context->connection_info.capability.flags |=
1993 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1994 1 : spdm_context->local_context.capability.flags |=
1995 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1996 1 : req_slot_id_param = 0;
1997 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
1998 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1999 1 : assert_int_equal(
2000 : libspdm_secured_message_get_session_state(
2001 : spdm_context->session_info[0].secured_message_context),
2002 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2003 1 : free(data);
2004 1 : }
2005 :
2006 : /**
2007 : * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR
2008 : * message indicating the RequestResynch status of the responder.
2009 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the
2010 : * communication is reset to expect a new GET_VERSION message.
2011 : **/
2012 1 : static void req_finish_case7(void **state)
2013 : {
2014 : libspdm_return_t status;
2015 : libspdm_test_context_t *spdm_test_context;
2016 : libspdm_context_t *spdm_context;
2017 : uint32_t session_id;
2018 : uint8_t req_slot_id_param;
2019 : void *data;
2020 : size_t data_size;
2021 : void *hash;
2022 : size_t hash_size;
2023 : libspdm_session_info_t *session_info;
2024 :
2025 1 : spdm_test_context = *state;
2026 1 : spdm_context = spdm_test_context->spdm_context;
2027 1 : spdm_test_context->case_id = 0x7;
2028 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2029 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2030 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2031 1 : spdm_context->connection_info.capability.flags |=
2032 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2033 1 : spdm_context->connection_info.capability.flags |=
2034 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2035 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2036 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2037 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2038 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2039 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2040 : m_libspdm_use_asym_algo, &data,
2041 : &data_size, &hash, &hash_size)) {
2042 0 : assert(false);
2043 : }
2044 1 : libspdm_reset_message_a(spdm_context);
2045 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2046 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2047 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2048 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2049 :
2050 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2051 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2052 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2053 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2054 : data, data_size);
2055 : #else
2056 1 : libspdm_hash_all(
2057 : spdm_context->connection_info.algorithm.base_hash_algo,
2058 : data, data_size,
2059 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2060 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2061 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2062 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2063 : spdm_context->connection_info.algorithm.base_hash_algo,
2064 : spdm_context->connection_info.algorithm.base_asym_algo,
2065 : data, data_size,
2066 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2067 : #endif
2068 :
2069 1 : session_id = 0xFFFFFFFF;
2070 1 : session_info = &spdm_context->session_info[0];
2071 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2072 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2073 1 : session_info->peer_used_cert_chain_slot_id = 0;
2074 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2075 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2076 1 : libspdm_secured_message_set_response_finished_key(
2077 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2078 : hash_size);
2079 1 : libspdm_secured_message_set_session_state(
2080 : session_info->secured_message_context,
2081 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2082 :
2083 1 : spdm_context->connection_info.capability.flags |=
2084 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2085 1 : spdm_context->local_context.capability.flags |=
2086 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2087 1 : req_slot_id_param = 0;
2088 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2089 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
2090 1 : assert_int_equal(spdm_context->connection_info.connection_state,
2091 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
2092 1 : free(data);
2093 1 : }
2094 :
2095 : /**
2096 : * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR
2097 : * message indicating the ResponseNotReady status of the responder.
2098 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR,.
2099 : **/
2100 1 : static void req_finish_case8(void **state)
2101 : {
2102 : libspdm_return_t status;
2103 : libspdm_test_context_t *spdm_test_context;
2104 : libspdm_context_t *spdm_context;
2105 : uint32_t session_id;
2106 : uint8_t req_slot_id_param;
2107 : void *data;
2108 : size_t data_size;
2109 : void *hash;
2110 : size_t hash_size;
2111 : libspdm_session_info_t *session_info;
2112 :
2113 1 : spdm_test_context = *state;
2114 1 : spdm_context = spdm_test_context->spdm_context;
2115 1 : spdm_test_context->case_id = 0x8;
2116 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2117 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2118 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2119 1 : spdm_context->connection_info.capability.flags |=
2120 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2121 1 : spdm_context->connection_info.capability.flags |=
2122 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2123 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2124 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2125 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2126 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2127 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2128 : m_libspdm_use_asym_algo, &data,
2129 : &data_size, &hash, &hash_size)) {
2130 0 : assert(false);
2131 : }
2132 1 : libspdm_reset_message_a(spdm_context);
2133 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2134 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2135 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2136 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2137 :
2138 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2139 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2140 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2141 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2142 : data, data_size);
2143 : #else
2144 1 : libspdm_hash_all(
2145 : spdm_context->connection_info.algorithm.base_hash_algo,
2146 : data, data_size,
2147 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2148 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2149 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2150 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2151 : spdm_context->connection_info.algorithm.base_hash_algo,
2152 : spdm_context->connection_info.algorithm.base_asym_algo,
2153 : data, data_size,
2154 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2155 : #endif
2156 :
2157 1 : session_id = 0xFFFFFFFF;
2158 1 : session_info = &spdm_context->session_info[0];
2159 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2160 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2161 1 : session_info->peer_used_cert_chain_slot_id = 0;
2162 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2163 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2164 1 : libspdm_secured_message_set_response_finished_key(
2165 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2166 : hash_size);
2167 1 : libspdm_secured_message_set_session_state(
2168 : session_info->secured_message_context,
2169 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2170 :
2171 1 : spdm_context->connection_info.capability.flags |=
2172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2173 1 : spdm_context->local_context.capability.flags |=
2174 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2175 1 : req_slot_id_param = 0;
2176 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2177 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2178 1 : free(data);
2179 1 : }
2180 :
2181 : /**
2182 : * Test 9: the requester is setup correctly (see Test 2), but, on the first try,
2183 : * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct
2184 : * FINISH_RSP message with only MAC (no mutual authentication).
2185 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS.
2186 : **/
2187 1 : static void req_finish_case9(void **state)
2188 : {
2189 : libspdm_return_t status;
2190 : libspdm_test_context_t *spdm_test_context;
2191 : libspdm_context_t *spdm_context;
2192 : uint32_t session_id;
2193 : uint8_t req_slot_id_param;
2194 : void *data;
2195 : size_t data_size;
2196 : void *hash;
2197 : size_t hash_size;
2198 : libspdm_session_info_t *session_info;
2199 :
2200 1 : spdm_test_context = *state;
2201 1 : spdm_context = spdm_test_context->spdm_context;
2202 1 : spdm_test_context->case_id = 0x9;
2203 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2204 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2205 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2206 1 : spdm_context->connection_info.capability.flags |=
2207 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2208 1 : spdm_context->connection_info.capability.flags |=
2209 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2210 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2211 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2212 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2213 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2214 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2215 : m_libspdm_use_asym_algo, &data,
2216 : &data_size, &hash, &hash_size)) {
2217 0 : assert(false);
2218 : }
2219 1 : libspdm_reset_message_a(spdm_context);
2220 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2221 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2222 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2223 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2224 :
2225 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2226 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2227 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2228 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2229 : data, data_size);
2230 : #else
2231 1 : libspdm_hash_all(
2232 : spdm_context->connection_info.algorithm.base_hash_algo,
2233 : data, data_size,
2234 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2235 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2236 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2237 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2238 : spdm_context->connection_info.algorithm.base_hash_algo,
2239 : spdm_context->connection_info.algorithm.base_asym_algo,
2240 : data, data_size,
2241 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2242 : #endif
2243 :
2244 1 : session_id = 0xFFFFFFFF;
2245 1 : session_info = &spdm_context->session_info[0];
2246 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2247 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2248 1 : session_info->peer_used_cert_chain_slot_id = 0;
2249 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2250 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2251 1 : libspdm_secured_message_set_response_finished_key(
2252 : session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
2253 1 : libspdm_secured_message_set_session_state(
2254 : session_info->secured_message_context,
2255 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2256 :
2257 1 : spdm_context->connection_info.capability.flags |=
2258 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2259 1 : spdm_context->local_context.capability.flags |=
2260 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2261 1 : req_slot_id_param = 0;
2262 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2263 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
2264 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2265 1 : assert_int_equal(
2266 : libspdm_secured_message_get_session_state(
2267 : spdm_context->session_info[0].secured_message_context),
2268 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2269 : } else {
2270 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
2271 : }
2272 :
2273 1 : free(data);
2274 1 : }
2275 :
2276 : /**
2277 : * Test 10: receiving an unexpected ERROR message from the responder.
2278 : * There are tests for all named codes, including some reserved ones
2279 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
2280 : * However, for having specific test cases, it is excluded from this case:
2281 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
2282 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
2283 : **/
2284 1 : static void req_finish_case10(void **state) {
2285 : libspdm_return_t status;
2286 : libspdm_test_context_t *spdm_test_context;
2287 : libspdm_context_t *spdm_context;
2288 : uint32_t session_id;
2289 : uint8_t req_slot_id_param;
2290 : void *data;
2291 : size_t data_size;
2292 : void *hash;
2293 : size_t hash_size;
2294 : libspdm_session_info_t *session_info;
2295 : uint16_t error_code;
2296 :
2297 1 : spdm_test_context = *state;
2298 1 : spdm_context = spdm_test_context->spdm_context;
2299 1 : spdm_test_context->case_id = 0xA;
2300 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2301 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2302 1 : spdm_context->connection_info.capability.flags |=
2303 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2304 1 : spdm_context->connection_info.capability.flags |=
2305 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2306 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2307 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2308 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2309 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2310 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
2311 : m_libspdm_use_asym_algo,
2312 : &data, &data_size,
2313 : &hash, &hash_size);
2314 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2315 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2316 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2317 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2318 :
2319 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2320 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2321 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2322 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2323 : data, data_size);
2324 : #else
2325 1 : libspdm_hash_all(
2326 : spdm_context->connection_info.algorithm.base_hash_algo,
2327 : data, data_size,
2328 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2329 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2330 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2331 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2332 : spdm_context->connection_info.algorithm.base_hash_algo,
2333 : spdm_context->connection_info.algorithm.base_asym_algo,
2334 : data, data_size,
2335 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2336 : #endif
2337 :
2338 1 : session_id = 0xFFFFFFFF;
2339 1 : spdm_context->connection_info.capability.flags |=
2340 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2341 1 : spdm_context->local_context.capability.flags |=
2342 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2343 1 : req_slot_id_param = 0;
2344 :
2345 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
2346 19 : while(error_code <= 0xff) {
2347 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2348 18 : libspdm_reset_message_a(spdm_context);
2349 :
2350 18 : session_info = &spdm_context->session_info[0];
2351 18 : libspdm_session_info_init (spdm_context, session_info, session_id,
2352 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2353 18 : session_info->peer_used_cert_chain_slot_id = 0;
2354 18 : hash_size = libspdm_get_hash_size (m_libspdm_use_hash_algo);
2355 18 : libspdm_set_mem (m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2356 18 : libspdm_secured_message_set_response_finished_key (session_info->secured_message_context,
2357 : m_libspdm_dummy_buffer, hash_size);
2358 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
2359 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2360 :
2361 18 : status = libspdm_send_receive_finish (spdm_context, session_id, req_slot_id_param);
2362 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
2363 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
2364 : } else {
2365 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
2366 : }
2367 :
2368 18 : error_code++;
2369 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
2370 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
2371 : }
2372 : /* skip some reserved error codes (0d to 3e) */
2373 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
2374 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
2375 : }
2376 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
2377 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
2378 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
2379 : }
2380 : }
2381 :
2382 1 : free(data);
2383 1 : }
2384 :
2385 1 : static void req_finish_case11(void **state)
2386 : {
2387 : libspdm_return_t status;
2388 : libspdm_test_context_t *spdm_test_context;
2389 : libspdm_context_t *spdm_context;
2390 : uint32_t session_id;
2391 : uint8_t req_slot_id_param;
2392 : void *data;
2393 : size_t data_size;
2394 : void *hash;
2395 : size_t hash_size;
2396 : libspdm_session_info_t *session_info;
2397 :
2398 1 : spdm_test_context = *state;
2399 1 : spdm_context = spdm_test_context->spdm_context;
2400 1 : spdm_test_context->case_id = 0xB;
2401 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2402 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2403 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2404 1 : spdm_context->connection_info.capability.flags |=
2405 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2406 1 : spdm_context->connection_info.capability.flags |=
2407 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2408 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2409 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2410 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2411 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2412 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2413 : m_libspdm_use_asym_algo, &data,
2414 : &data_size, &hash, &hash_size)) {
2415 0 : assert(false);
2416 : }
2417 1 : libspdm_reset_message_a(spdm_context);
2418 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2419 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2420 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2421 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2422 :
2423 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2424 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2425 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2426 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2427 : data, data_size);
2428 : #else
2429 1 : libspdm_hash_all(
2430 : spdm_context->connection_info.algorithm.base_hash_algo,
2431 : data, data_size,
2432 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2433 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2434 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2435 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2436 : spdm_context->connection_info.algorithm.base_hash_algo,
2437 : spdm_context->connection_info.algorithm.base_asym_algo,
2438 : data, data_size,
2439 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2440 : #endif
2441 :
2442 1 : session_id = 0xFFFFFFFF;
2443 1 : session_info = &spdm_context->session_info[0];
2444 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2445 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2446 1 : session_info->peer_used_cert_chain_slot_id = 0;
2447 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2448 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2449 1 : libspdm_secured_message_set_response_finished_key(
2450 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2451 : hash_size);
2452 1 : libspdm_secured_message_set_session_state(
2453 : session_info->secured_message_context,
2454 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2455 :
2456 1 : spdm_context->connection_info.capability.flags |=
2457 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2458 1 : spdm_context->local_context.capability.flags |=
2459 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2460 1 : req_slot_id_param = 0;
2461 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2462 : session_info->session_transcript.message_m.buffer_size =
2463 : session_info->session_transcript.message_m.max_buffer_size;
2464 : spdm_context->transcript.message_b.buffer_size =
2465 : spdm_context->transcript.message_b.max_buffer_size;
2466 : spdm_context->transcript.message_c.buffer_size =
2467 : spdm_context->transcript.message_c.max_buffer_size;
2468 : spdm_context->transcript.message_mut_b.buffer_size =
2469 : spdm_context->transcript.message_mut_b.max_buffer_size;
2470 : spdm_context->transcript.message_mut_c.buffer_size =
2471 : spdm_context->transcript.message_mut_c.max_buffer_size;
2472 : #endif
2473 :
2474 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2475 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2476 1 : assert_int_equal(
2477 : libspdm_secured_message_get_session_state(
2478 : spdm_context->session_info[0].secured_message_context),
2479 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2480 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2481 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
2482 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
2483 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
2484 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
2485 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
2486 : #endif
2487 1 : free(data);
2488 1 : }
2489 :
2490 : /**
2491 : * Test 12: requester is not setup correctly to support key exchange
2492 : * (no capabilities). The responder would attempt to return a correct
2493 : * FINISH_RSP message.
2494 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2495 : **/
2496 1 : static void req_finish_case12(void **state)
2497 : {
2498 : libspdm_return_t status;
2499 : libspdm_test_context_t *spdm_test_context;
2500 : libspdm_context_t *spdm_context;
2501 : uint32_t session_id;
2502 : uint8_t req_slot_id_param;
2503 : void *data;
2504 : size_t data_size;
2505 : void *hash;
2506 : size_t hash_size;
2507 : libspdm_session_info_t *session_info;
2508 :
2509 1 : spdm_test_context = *state;
2510 1 : spdm_context = spdm_test_context->spdm_context;
2511 1 : spdm_test_context->case_id = 0xC;
2512 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2513 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2514 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2515 1 : spdm_context->connection_info.capability.flags = 0;
2516 1 : spdm_context->connection_info.capability.flags |=
2517 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2518 1 : spdm_context->connection_info.capability.flags |=
2519 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2520 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2521 1 : spdm_context->local_context.capability.flags = 0;
2522 : /* no key exchange capabilities (requester)*/
2523 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2524 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2525 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2526 : m_libspdm_use_asym_algo, &data,
2527 : &data_size, &hash, &hash_size)) {
2528 0 : assert(false);
2529 : }
2530 1 : libspdm_reset_message_a(spdm_context);
2531 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2532 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2533 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2534 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2535 :
2536 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2537 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2538 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2539 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2540 : data, data_size);
2541 : #else
2542 1 : libspdm_hash_all(
2543 : spdm_context->connection_info.algorithm.base_hash_algo,
2544 : data, data_size,
2545 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2546 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2547 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2548 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2549 : spdm_context->connection_info.algorithm.base_hash_algo,
2550 : spdm_context->connection_info.algorithm.base_asym_algo,
2551 : data, data_size,
2552 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2553 : #endif
2554 :
2555 1 : session_id = 0xFFFFFFFF;
2556 1 : session_info = &spdm_context->session_info[0];
2557 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2558 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2559 1 : session_info->peer_used_cert_chain_slot_id = 0;
2560 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2561 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2562 1 : libspdm_secured_message_set_response_finished_key(
2563 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2564 : hash_size);
2565 1 : libspdm_secured_message_set_session_state(
2566 : session_info->secured_message_context,
2567 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2568 :
2569 1 : spdm_context->connection_info.capability.flags |=
2570 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2571 1 : spdm_context->local_context.capability.flags |=
2572 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2573 1 : req_slot_id_param = 0;
2574 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2575 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2576 1 : free(data);
2577 1 : }
2578 :
2579 : /**
2580 : * Test 13: requester is not setup correctly to accept key exchange and
2581 : * finish at this point (at least NEGOTIATE_ALGORITHMS is required, if
2582 : * the public key was provisioned before the key exchange). The
2583 : * responder would attempt to return a correct FINISH_RSP message.
2584 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2585 : **/
2586 1 : static void req_finish_case13(void **state)
2587 : {
2588 : libspdm_return_t status;
2589 : libspdm_test_context_t *spdm_test_context;
2590 : libspdm_context_t *spdm_context;
2591 : uint32_t session_id;
2592 : uint8_t req_slot_id_param;
2593 : void *data;
2594 : size_t data_size;
2595 : void *hash;
2596 : size_t hash_size;
2597 : libspdm_session_info_t *session_info;
2598 :
2599 1 : spdm_test_context = *state;
2600 1 : spdm_context = spdm_test_context->spdm_context;
2601 1 : spdm_test_context->case_id = 0xD;
2602 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2603 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2604 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_CAPABILITIES;
2605 1 : spdm_context->connection_info.capability.flags |=
2606 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2607 1 : spdm_context->connection_info.capability.flags |=
2608 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2609 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2610 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2611 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2612 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2613 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2614 : m_libspdm_use_asym_algo, &data,
2615 : &data_size, &hash, &hash_size)) {
2616 0 : assert(false);
2617 : }
2618 1 : libspdm_reset_message_a(spdm_context);
2619 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2620 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2621 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2622 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2623 :
2624 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2625 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2626 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2627 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2628 : data, data_size);
2629 : #else
2630 1 : libspdm_hash_all(
2631 : spdm_context->connection_info.algorithm.base_hash_algo,
2632 : data, data_size,
2633 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2634 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2635 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2636 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2637 : spdm_context->connection_info.algorithm.base_hash_algo,
2638 : spdm_context->connection_info.algorithm.base_asym_algo,
2639 : data, data_size,
2640 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2641 : #endif
2642 :
2643 1 : session_id = 0xFFFFFFFF;
2644 1 : session_info = &spdm_context->session_info[0];
2645 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2646 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2647 1 : session_info->peer_used_cert_chain_slot_id = 0;
2648 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2649 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2650 1 : libspdm_secured_message_set_response_finished_key(
2651 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2652 : hash_size);
2653 1 : libspdm_secured_message_set_session_state(
2654 : session_info->secured_message_context,
2655 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2656 :
2657 1 : spdm_context->connection_info.capability.flags |=
2658 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2659 1 : spdm_context->local_context.capability.flags |=
2660 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2661 1 : req_slot_id_param = 0;
2662 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2663 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2664 1 : free(data);
2665 1 : }
2666 :
2667 : /**
2668 : * Test 14: receiving an incorrect FINISH_RSP message, with wrong response
2669 : * code, but all other field correct.
2670 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
2671 : **/
2672 1 : static void req_finish_case14(void **state)
2673 : {
2674 : libspdm_return_t status;
2675 : libspdm_test_context_t *spdm_test_context;
2676 : libspdm_context_t *spdm_context;
2677 : uint32_t session_id;
2678 : uint8_t req_slot_id_param;
2679 : void *data;
2680 : size_t data_size;
2681 : void *hash;
2682 : size_t hash_size;
2683 : libspdm_session_info_t *session_info;
2684 :
2685 1 : spdm_test_context = *state;
2686 1 : spdm_context = spdm_test_context->spdm_context;
2687 1 : spdm_test_context->case_id = 0xE;
2688 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2689 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2690 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2691 1 : spdm_context->connection_info.capability.flags |=
2692 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2693 1 : spdm_context->connection_info.capability.flags |=
2694 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2695 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2696 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2697 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2698 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2699 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2700 : m_libspdm_use_asym_algo, &data,
2701 : &data_size, &hash, &hash_size)) {
2702 0 : assert(false);
2703 : }
2704 1 : libspdm_reset_message_a(spdm_context);
2705 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2706 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2707 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2708 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2709 :
2710 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2711 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2712 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2713 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2714 : data, data_size);
2715 : #else
2716 1 : libspdm_hash_all(
2717 : spdm_context->connection_info.algorithm.base_hash_algo,
2718 : data, data_size,
2719 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2720 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2721 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2722 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2723 : spdm_context->connection_info.algorithm.base_hash_algo,
2724 : spdm_context->connection_info.algorithm.base_asym_algo,
2725 : data, data_size,
2726 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2727 : #endif
2728 :
2729 1 : session_id = 0xFFFFFFFF;
2730 1 : session_info = &spdm_context->session_info[0];
2731 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2732 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2733 1 : session_info->peer_used_cert_chain_slot_id = 0;
2734 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2735 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2736 1 : libspdm_secured_message_set_response_finished_key(
2737 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2738 : hash_size);
2739 1 : libspdm_secured_message_set_session_state(
2740 : session_info->secured_message_context,
2741 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2742 :
2743 1 : spdm_context->connection_info.capability.flags |=
2744 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2745 1 : spdm_context->local_context.capability.flags |=
2746 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2747 1 : req_slot_id_param = 0;
2748 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2749 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2750 1 : free(data);
2751 1 : }
2752 :
2753 : /**
2754 : * Test 15: requester is not setup correctly by not initializing a
2755 : * session during KEY_EXCHANGE. The responder would attempt to
2756 : * return a correct FINISH_RSP message.
2757 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2758 : **/
2759 1 : static void req_finish_case15(void **state)
2760 : {
2761 : libspdm_return_t status;
2762 : libspdm_test_context_t *spdm_test_context;
2763 : libspdm_context_t *spdm_context;
2764 : uint32_t session_id;
2765 : uint8_t req_slot_id_param;
2766 : void *data;
2767 : size_t data_size;
2768 : void *hash;
2769 : size_t hash_size;
2770 : libspdm_session_info_t *session_info;
2771 :
2772 1 : spdm_test_context = *state;
2773 1 : spdm_context = spdm_test_context->spdm_context;
2774 1 : spdm_test_context->case_id = 0xF;
2775 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2776 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2777 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2778 1 : spdm_context->connection_info.capability.flags |=
2779 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2780 1 : spdm_context->connection_info.capability.flags |=
2781 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2782 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2783 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2784 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2785 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2786 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2787 : m_libspdm_use_asym_algo, &data,
2788 : &data_size, &hash, &hash_size)) {
2789 0 : assert(false);
2790 : }
2791 1 : libspdm_reset_message_a(spdm_context);
2792 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2793 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2794 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2795 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2796 :
2797 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2798 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2799 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2800 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2801 : data, data_size);
2802 : #else
2803 1 : libspdm_hash_all(
2804 : spdm_context->connection_info.algorithm.base_hash_algo,
2805 : data, data_size,
2806 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2807 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2808 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2809 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2810 : spdm_context->connection_info.algorithm.base_hash_algo,
2811 : spdm_context->connection_info.algorithm.base_asym_algo,
2812 : data, data_size,
2813 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2814 : #endif
2815 :
2816 1 : session_id = 0xFFFFFFFF;
2817 1 : session_info = &spdm_context->session_info[0];
2818 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2819 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2820 1 : session_info->peer_used_cert_chain_slot_id = 0;
2821 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2822 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2823 1 : libspdm_secured_message_set_response_finished_key(
2824 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2825 : hash_size);
2826 1 : libspdm_secured_message_set_session_state(
2827 : session_info->secured_message_context,
2828 : LIBSPDM_SESSION_STATE_NOT_STARTED);
2829 :
2830 1 : spdm_context->connection_info.capability.flags |=
2831 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2832 1 : spdm_context->local_context.capability.flags |=
2833 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2834 1 : req_slot_id_param = 0;
2835 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2836 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2837 1 : free(data);
2838 1 : }
2839 :
2840 : /**
2841 : * Test 16: receiving a correct FINISH_RSP message with a correct MAC,
2842 : * mutual authentication and 'handshake in the clear'.
2843 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
2844 : * session is established.
2845 : **/
2846 1 : static void req_finish_case16(void **state)
2847 : {
2848 : libspdm_return_t status;
2849 : libspdm_test_context_t *spdm_test_context;
2850 : libspdm_context_t *spdm_context;
2851 : uint32_t session_id;
2852 : uint8_t req_slot_id_param;
2853 : void *data;
2854 : size_t data_size;
2855 : void *hash;
2856 : size_t hash_size;
2857 : libspdm_session_info_t *session_info;
2858 :
2859 1 : spdm_test_context = *state;
2860 1 : spdm_context = spdm_test_context->spdm_context;
2861 1 : spdm_test_context->case_id = 0x10;
2862 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2863 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2864 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2865 1 : spdm_context->connection_info.capability.flags |=
2866 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2867 1 : spdm_context->connection_info.capability.flags |=
2868 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2869 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2870 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2871 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2872 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2873 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2874 : m_libspdm_use_asym_algo, &data,
2875 : &data_size, &hash, &hash_size)) {
2876 0 : assert(false);
2877 : }
2878 1 : libspdm_reset_message_a(spdm_context);
2879 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2880 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2881 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
2882 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2883 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2884 :
2885 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2886 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2887 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2888 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2889 : data, data_size);
2890 : #else
2891 1 : libspdm_hash_all(
2892 : spdm_context->connection_info.algorithm.base_hash_algo,
2893 : data, data_size,
2894 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2895 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2896 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2897 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2898 : spdm_context->connection_info.algorithm.base_hash_algo,
2899 : spdm_context->connection_info.algorithm.base_asym_algo,
2900 : data, data_size,
2901 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
2902 : #endif
2903 :
2904 1 : req_slot_id_param = 0;
2905 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
2906 : m_libspdm_use_req_asym_algo, &data,
2907 : &data_size, &hash, &hash_size);
2908 : spdm_context->local_context.
2909 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
2910 : spdm_context->local_context.
2911 1 : local_cert_chain_provision[req_slot_id_param] = data;
2912 :
2913 1 : session_id = 0xFFFFFFFF;
2914 1 : session_info = &spdm_context->session_info[0];
2915 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2916 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
2917 1 : session_info->peer_used_cert_chain_slot_id = 0;
2918 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2919 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
2920 1 : libspdm_secured_message_set_response_finished_key(
2921 : session_info->secured_message_context, m_libspdm_dummy_buffer,
2922 : hash_size);
2923 1 : libspdm_secured_message_set_session_state(
2924 : session_info->secured_message_context,
2925 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2926 1 : session_info->mut_auth_requested = 1;
2927 :
2928 1 : spdm_context->connection_info.capability.flags |=
2929 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2930 1 : spdm_context->local_context.capability.flags |=
2931 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
2932 :
2933 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
2934 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2935 1 : assert_int_equal(
2936 : libspdm_secured_message_get_session_state(
2937 : spdm_context->session_info[0].secured_message_context),
2938 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2939 1 : free(data);
2940 1 : }
2941 :
2942 : /**
2943 : * Test 17: receiving a FINISH_RSP message with an incorrect MAC
2944 : * (all-zero), mutual authentication, and 'handshake in the clear'.
2945 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
2946 : **/
2947 1 : static void req_finish_case17(void **state)
2948 : {
2949 : libspdm_return_t status;
2950 : libspdm_test_context_t *spdm_test_context;
2951 : libspdm_context_t *spdm_context;
2952 : uint32_t session_id;
2953 : uint8_t req_slot_id_param;
2954 : void *data;
2955 : size_t data_size;
2956 : void *hash;
2957 : size_t hash_size;
2958 : libspdm_session_info_t *session_info;
2959 :
2960 1 : spdm_test_context = *state;
2961 1 : spdm_context = spdm_test_context->spdm_context;
2962 1 : spdm_test_context->case_id = 0x11;
2963 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2964 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2965 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2966 1 : spdm_context->connection_info.capability.flags |=
2967 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
2968 1 : spdm_context->connection_info.capability.flags |=
2969 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2970 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2971 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
2972 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2973 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2974 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2975 : m_libspdm_use_asym_algo, &data,
2976 : &data_size, &hash, &hash_size)) {
2977 0 : assert(false);
2978 : }
2979 1 : libspdm_reset_message_a(spdm_context);
2980 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2981 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2982 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
2983 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2984 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2985 :
2986 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2987 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2988 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2989 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2990 : data, data_size);
2991 : #else
2992 1 : libspdm_hash_all(
2993 : spdm_context->connection_info.algorithm.base_hash_algo,
2994 : data, data_size,
2995 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
2996 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
2997 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2998 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
2999 : spdm_context->connection_info.algorithm.base_hash_algo,
3000 : spdm_context->connection_info.algorithm.base_asym_algo,
3001 : data, data_size,
3002 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3003 : #endif
3004 :
3005 1 : req_slot_id_param = 0;
3006 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3007 : m_libspdm_use_req_asym_algo, &data,
3008 : &data_size, &hash, &hash_size);
3009 : spdm_context->local_context.
3010 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3011 : spdm_context->local_context.
3012 1 : local_cert_chain_provision[req_slot_id_param] = data;
3013 :
3014 1 : session_id = 0xFFFFFFFF;
3015 1 : session_info = &spdm_context->session_info[0];
3016 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3017 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3018 1 : session_info->peer_used_cert_chain_slot_id = 0;
3019 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3020 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3021 1 : libspdm_secured_message_set_response_finished_key(
3022 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3023 : hash_size);
3024 1 : libspdm_secured_message_set_session_state(
3025 : session_info->secured_message_context,
3026 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3027 1 : session_info->mut_auth_requested = 1;
3028 :
3029 1 : spdm_context->connection_info.capability.flags |=
3030 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3031 1 : spdm_context->local_context.capability.flags |=
3032 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3033 :
3034 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3035 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3036 1 : free(data);
3037 1 : }
3038 :
3039 : /**
3040 : * Test 18: receiving a FINISH_RSP message with an incorrect MAC
3041 : * (arbitrary), mutual authentication, and 'handshake in the clear'.
3042 : * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION.
3043 : **/
3044 1 : static void req_finish_case18(void **state)
3045 : {
3046 : libspdm_return_t status;
3047 : libspdm_test_context_t *spdm_test_context;
3048 : libspdm_context_t *spdm_context;
3049 : uint32_t session_id;
3050 : uint8_t req_slot_id_param;
3051 : void *data;
3052 : size_t data_size;
3053 : void *hash;
3054 : size_t hash_size;
3055 : libspdm_session_info_t *session_info;
3056 :
3057 1 : spdm_test_context = *state;
3058 1 : spdm_context = spdm_test_context->spdm_context;
3059 1 : spdm_test_context->case_id = 0x12;
3060 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3061 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3062 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3063 1 : spdm_context->connection_info.capability.flags |=
3064 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3065 1 : spdm_context->connection_info.capability.flags |=
3066 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3067 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3068 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3069 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3070 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3071 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3072 : m_libspdm_use_asym_algo, &data,
3073 : &data_size, &hash, &hash_size)) {
3074 0 : assert(false);
3075 : }
3076 1 : libspdm_reset_message_a(spdm_context);
3077 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3078 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3079 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3080 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3081 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3082 :
3083 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3084 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3085 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3086 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3087 : data, data_size);
3088 : #else
3089 1 : libspdm_hash_all(
3090 : spdm_context->connection_info.algorithm.base_hash_algo,
3091 : data, data_size,
3092 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3093 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3094 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3095 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3096 : spdm_context->connection_info.algorithm.base_hash_algo,
3097 : spdm_context->connection_info.algorithm.base_asym_algo,
3098 : data, data_size,
3099 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3100 : #endif
3101 :
3102 1 : req_slot_id_param = 0;
3103 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3104 : m_libspdm_use_req_asym_algo, &data,
3105 : &data_size, &hash, &hash_size);
3106 : spdm_context->local_context.
3107 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3108 : spdm_context->local_context.
3109 1 : local_cert_chain_provision[req_slot_id_param] = data;
3110 :
3111 1 : session_id = 0xFFFFFFFF;
3112 1 : session_info = &spdm_context->session_info[0];
3113 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3114 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3115 1 : session_info->peer_used_cert_chain_slot_id = 0;
3116 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3117 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3118 1 : libspdm_secured_message_set_response_finished_key(
3119 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3120 : hash_size);
3121 1 : libspdm_secured_message_set_session_state(
3122 : session_info->secured_message_context,
3123 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3124 1 : session_info->mut_auth_requested = 1;
3125 :
3126 1 : spdm_context->connection_info.capability.flags |=
3127 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3128 1 : spdm_context->local_context.capability.flags |=
3129 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3130 :
3131 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3132 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
3133 1 : free(data);
3134 1 : }
3135 :
3136 : /**
3137 : * Test 19:
3138 : * Expected behavior:
3139 : **/
3140 1 : static void req_finish_case19(void **state)
3141 : {
3142 1 : }
3143 :
3144 : /**
3145 : * Test 20: receiving a FINISH_RSP message an incorrect MAC size (only the
3146 : * correct first half of the MAC), mutual authentication, and 'handshake
3147 : * in the clear'.
3148 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
3149 : **/
3150 1 : static void req_finish_case20(void **state)
3151 : {
3152 : libspdm_return_t status;
3153 : libspdm_test_context_t *spdm_test_context;
3154 : libspdm_context_t *spdm_context;
3155 : uint32_t session_id;
3156 : uint8_t req_slot_id_param;
3157 : void *data;
3158 : size_t data_size;
3159 : void *hash;
3160 : size_t hash_size;
3161 : libspdm_session_info_t *session_info;
3162 :
3163 1 : spdm_test_context = *state;
3164 1 : spdm_context = spdm_test_context->spdm_context;
3165 1 : spdm_test_context->case_id = 0x14;
3166 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3167 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3168 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3169 1 : spdm_context->connection_info.capability.flags |=
3170 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3171 1 : spdm_context->connection_info.capability.flags |=
3172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3173 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3174 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3175 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3176 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3177 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3178 : m_libspdm_use_asym_algo, &data,
3179 : &data_size, &hash, &hash_size)) {
3180 0 : assert(false);
3181 : }
3182 1 : libspdm_reset_message_a(spdm_context);
3183 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3184 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3185 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3186 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3187 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3188 :
3189 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3190 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3191 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3192 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3193 : data, data_size);
3194 : #else
3195 1 : libspdm_hash_all(
3196 : spdm_context->connection_info.algorithm.base_hash_algo,
3197 : data, data_size,
3198 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3199 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3200 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3201 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3202 : spdm_context->connection_info.algorithm.base_hash_algo,
3203 : spdm_context->connection_info.algorithm.base_asym_algo,
3204 : data, data_size,
3205 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3206 : #endif
3207 :
3208 1 : req_slot_id_param = 0;
3209 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3210 : m_libspdm_use_req_asym_algo, &data,
3211 : &data_size, &hash, &hash_size);
3212 : spdm_context->local_context.
3213 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3214 : spdm_context->local_context.
3215 1 : local_cert_chain_provision[req_slot_id_param] = data;
3216 :
3217 1 : session_id = 0xFFFFFFFF;
3218 1 : session_info = &spdm_context->session_info[0];
3219 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3220 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3221 1 : session_info->peer_used_cert_chain_slot_id = 0;
3222 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3223 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3224 1 : libspdm_secured_message_set_response_finished_key(
3225 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3226 : hash_size);
3227 1 : libspdm_secured_message_set_session_state(
3228 : session_info->secured_message_context,
3229 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3230 1 : session_info->mut_auth_requested = 1;
3231 :
3232 1 : spdm_context->connection_info.capability.flags |=
3233 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3234 1 : spdm_context->local_context.capability.flags |=
3235 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3236 :
3237 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3238 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
3239 1 : free(data);
3240 1 : }
3241 :
3242 : /**
3243 : * Test 21: the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
3244 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
3245 : **/
3246 1 : static void req_finish_case21(void **state)
3247 : {
3248 : libspdm_return_t status;
3249 : libspdm_test_context_t *spdm_test_context;
3250 : libspdm_context_t *spdm_context;
3251 : uint32_t session_id;
3252 : uint8_t req_slot_id_param;
3253 : void *data;
3254 : size_t data_size;
3255 : void *hash;
3256 : size_t hash_size;
3257 : libspdm_session_info_t *session_info;
3258 :
3259 1 : spdm_test_context = *state;
3260 1 : spdm_context = spdm_test_context->spdm_context;
3261 1 : spdm_test_context->case_id = 0x15;
3262 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3263 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3264 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3265 1 : spdm_context->connection_info.capability.flags |=
3266 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3267 1 : spdm_context->connection_info.capability.flags |=
3268 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3269 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3270 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3271 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3272 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3273 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3274 : m_libspdm_use_asym_algo, &data,
3275 : &data_size, &hash, &hash_size)) {
3276 0 : assert(false);
3277 : }
3278 1 : libspdm_reset_message_a(spdm_context);
3279 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3280 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3281 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3282 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3283 :
3284 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3285 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3286 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3287 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3288 : data, data_size);
3289 : #else
3290 1 : libspdm_hash_all(
3291 : spdm_context->connection_info.algorithm.base_hash_algo,
3292 : data, data_size,
3293 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3294 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3295 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3296 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3297 : spdm_context->connection_info.algorithm.base_hash_algo,
3298 : spdm_context->connection_info.algorithm.base_asym_algo,
3299 : data, data_size,
3300 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3301 : #endif
3302 :
3303 1 : session_id = 0xFFFFFFFF;
3304 1 : session_info = &spdm_context->session_info[0];
3305 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3306 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3307 1 : session_info->peer_used_cert_chain_slot_id = 0;
3308 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3309 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3310 1 : libspdm_secured_message_set_response_finished_key(
3311 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3312 : hash_size);
3313 1 : libspdm_secured_message_set_session_state(
3314 : session_info->secured_message_context,
3315 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3316 :
3317 1 : spdm_context->connection_info.capability.flags |=
3318 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3319 1 : spdm_context->local_context.capability.flags |=
3320 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3321 1 : req_slot_id_param = 0;
3322 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3323 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
3324 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
3325 1 : free(data);
3326 1 : }
3327 :
3328 : /**
3329 : * Test 22: a FINISH request message is successfully sent and a FINISH_RSP response message is
3330 : * successfully received.
3331 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a FINISH_RSP message is
3332 : * received, buffer F appends the exchanged FINISH and FINISH_RSP
3333 : **/
3334 1 : static void req_finish_case22(void **state)
3335 : {
3336 : libspdm_return_t status;
3337 : libspdm_test_context_t *spdm_test_context;
3338 : libspdm_context_t *spdm_context;
3339 : uint32_t session_id;
3340 : uint8_t req_slot_id_param;
3341 : void *data;
3342 : size_t data_size;
3343 : void *hash;
3344 : size_t hash_size;
3345 : libspdm_session_info_t *session_info;
3346 :
3347 1 : spdm_test_context = *state;
3348 1 : spdm_context = spdm_test_context->spdm_context;
3349 1 : spdm_test_context->case_id = 0x16;
3350 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3351 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3352 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3353 1 : spdm_context->connection_info.capability.flags |=
3354 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3355 1 : spdm_context->connection_info.capability.flags |=
3356 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3357 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3358 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3359 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3360 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3361 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3362 : m_libspdm_use_asym_algo, &data,
3363 : &data_size, &hash, &hash_size)) {
3364 0 : assert(false);
3365 : }
3366 1 : libspdm_reset_message_a(spdm_context);
3367 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3368 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3369 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
3370 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3371 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3372 :
3373 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3374 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3375 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3376 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3377 : data, data_size);
3378 : #else
3379 1 : libspdm_hash_all(
3380 : spdm_context->connection_info.algorithm.base_hash_algo,
3381 : data, data_size,
3382 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3383 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3384 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
3385 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3386 : spdm_context->connection_info.algorithm.base_hash_algo,
3387 : spdm_context->connection_info.algorithm.base_asym_algo,
3388 : data, data_size,
3389 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3390 : #endif
3391 :
3392 1 : req_slot_id_param = 0;
3393 1 : libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
3394 : m_libspdm_use_req_asym_algo, &data,
3395 : &data_size, &hash, &hash_size);
3396 : spdm_context->local_context.
3397 1 : local_cert_chain_provision_size[req_slot_id_param] = data_size;
3398 : spdm_context->local_context.
3399 1 : local_cert_chain_provision[req_slot_id_param] = data;
3400 :
3401 1 : session_id = 0xFFFFFFFF;
3402 1 : session_info = &spdm_context->session_info[0];
3403 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3404 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3405 1 : session_info->peer_used_cert_chain_slot_id = 0;
3406 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3407 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3408 1 : libspdm_secured_message_set_response_finished_key(
3409 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3410 : hash_size);
3411 1 : libspdm_secured_message_set_session_state(
3412 : session_info->secured_message_context,
3413 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3414 1 : session_info->mut_auth_requested = 1;
3415 :
3416 1 : spdm_context->connection_info.capability.flags |=
3417 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3418 1 : spdm_context->local_context.capability.flags |=
3419 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3420 :
3421 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3422 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3423 1 : assert_int_equal(
3424 : libspdm_secured_message_get_session_state(
3425 : spdm_context->session_info[0].secured_message_context),
3426 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3427 :
3428 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3429 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
3430 : m_libspdm_local_buffer_size);
3431 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
3432 : m_libspdm_local_buffer_size));
3433 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3434 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
3435 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3436 : #endif
3437 1 : free(data);
3438 1 : }
3439 :
3440 : /**
3441 : * Test 23: receiving a correct FINISH_RSP message using slot_id 0xFF
3442 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3443 : * session is established.
3444 : **/
3445 1 : static void req_finish_case23(void **state)
3446 : {
3447 : libspdm_return_t status;
3448 : libspdm_test_context_t *spdm_test_context;
3449 : libspdm_context_t *spdm_context;
3450 : uint32_t session_id;
3451 : uint8_t req_slot_id_param;
3452 : void *data;
3453 : size_t data_size;
3454 : size_t hash_size;
3455 : libspdm_session_info_t *session_info;
3456 : libspdm_secured_message_context_t *secured_message_context;
3457 :
3458 1 : spdm_test_context = *state;
3459 1 : spdm_context = spdm_test_context->spdm_context;
3460 1 : spdm_test_context->case_id = 0x17;
3461 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3462 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3463 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3464 1 : spdm_context->connection_info.capability.flags |=
3465 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3466 1 : spdm_context->connection_info.capability.flags |=
3467 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3468 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3469 1 : spdm_context->connection_info.capability.flags |=
3470 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
3471 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3472 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3473 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3474 1 : spdm_context->local_context.capability.flags |=
3475 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
3476 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size);
3477 1 : spdm_context->local_context.peer_public_key_provision = data;
3478 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
3479 :
3480 1 : libspdm_reset_message_a(spdm_context);
3481 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3482 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3483 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3484 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3485 :
3486 1 : session_id = 0xFFFFFFFF;
3487 1 : session_info = &spdm_context->session_info[0];
3488 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3489 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3490 1 : session_info->peer_used_cert_chain_slot_id = 0xFF;
3491 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3492 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3493 1 : libspdm_secured_message_set_response_finished_key(
3494 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3495 : hash_size);
3496 1 : libspdm_secured_message_set_session_state(
3497 : session_info->secured_message_context,
3498 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3499 :
3500 1 : spdm_context->connection_info.capability.flags |=
3501 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3502 1 : spdm_context->local_context.capability.flags |=
3503 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3504 1 : req_slot_id_param = 0;
3505 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3506 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3507 1 : assert_int_equal(
3508 : libspdm_secured_message_get_session_state(
3509 : spdm_context->session_info[0].secured_message_context),
3510 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3511 :
3512 1 : secured_message_context = session_info->secured_message_context;
3513 :
3514 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3515 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3516 1 : free(data);
3517 1 : }
3518 :
3519 : /**
3520 : * Test 24: Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.
3521 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3522 : * session is established.
3523 : **/
3524 1 : static void req_finish_case24(void **state)
3525 : {
3526 : libspdm_return_t status;
3527 : libspdm_test_context_t *spdm_test_context;
3528 : libspdm_context_t *spdm_context;
3529 : uint32_t session_id;
3530 : uint8_t req_slot_id_param;
3531 : void *data;
3532 : size_t data_size;
3533 : void *hash;
3534 : size_t hash_size;
3535 : libspdm_session_info_t *session_info;
3536 : libspdm_secured_message_context_t *secured_message_context;
3537 :
3538 1 : spdm_test_context = *state;
3539 1 : spdm_context = spdm_test_context->spdm_context;
3540 1 : spdm_test_context->case_id = 0x18;
3541 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
3542 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3543 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3544 1 : spdm_context->connection_info.capability.flags |=
3545 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3546 1 : spdm_context->connection_info.capability.flags |=
3547 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3548 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3549 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3550 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3551 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3552 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3553 : m_libspdm_use_asym_algo, &data,
3554 : &data_size, &hash, &hash_size)) {
3555 0 : assert(false);
3556 : }
3557 1 : libspdm_reset_message_a(spdm_context);
3558 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3559 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3560 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3561 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3562 :
3563 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3564 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3565 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3566 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3567 : data, data_size);
3568 : #else
3569 1 : libspdm_hash_all(
3570 : m_libspdm_use_hash_algo,
3571 : data, data_size,
3572 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3573 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3574 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
3575 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3576 : m_libspdm_use_hash_algo,
3577 : spdm_context->connection_info.algorithm.base_asym_algo,
3578 : data, data_size,
3579 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3580 : #endif
3581 :
3582 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
3583 1 : spdm_context->connection_info.capability.flags &=
3584 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3585 1 : spdm_context->local_context.capability.flags &=
3586 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3587 :
3588 1 : session_id = 0xFFFFFFFF;
3589 1 : session_info = &spdm_context->session_info[0];
3590 1 : spdm_context->last_spdm_request_session_id_valid = true;
3591 1 : spdm_context->last_spdm_request_session_id = session_id;
3592 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3593 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3594 1 : session_info->peer_used_cert_chain_slot_id = 0;
3595 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3596 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3597 1 : libspdm_secured_message_set_response_finished_key(
3598 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3599 : hash_size);
3600 1 : libspdm_secured_message_set_session_state(
3601 : session_info->secured_message_context,
3602 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3603 :
3604 1 : req_slot_id_param = 0;
3605 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3606 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3607 1 : assert_int_equal(
3608 : libspdm_secured_message_get_session_state(
3609 : spdm_context->session_info[0].secured_message_context),
3610 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3611 :
3612 1 : secured_message_context = session_info->secured_message_context;
3613 :
3614 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3615 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3616 1 : free(data);
3617 1 : }
3618 :
3619 : /**
3620 : * Test 25: SPDM version 1.4, with OpaqueData
3621 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
3622 : * session is established.
3623 : **/
3624 1 : static void req_finish_case25(void **state)
3625 : {
3626 : libspdm_return_t status;
3627 : libspdm_test_context_t *spdm_test_context;
3628 : libspdm_context_t *spdm_context;
3629 : uint32_t session_id;
3630 : uint8_t req_slot_id_param;
3631 : void *data;
3632 : size_t data_size;
3633 : void *hash;
3634 : size_t hash_size;
3635 : libspdm_session_info_t *session_info;
3636 : libspdm_secured_message_context_t *secured_message_context;
3637 :
3638 1 : spdm_test_context = *state;
3639 1 : spdm_context = spdm_test_context->spdm_context;
3640 1 : spdm_test_context->case_id = 0x19;
3641 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
3642 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3643 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
3644 1 : spdm_context->connection_info.capability.flags |=
3645 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
3646 1 : spdm_context->connection_info.capability.flags |=
3647 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
3648 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
3649 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
3650 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
3651 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
3652 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3653 : m_libspdm_use_asym_algo, &data,
3654 : &data_size, &hash, &hash_size)) {
3655 0 : assert(false);
3656 : }
3657 1 : libspdm_reset_message_a(spdm_context);
3658 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3659 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3660 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3661 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
3662 :
3663 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3664 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
3665 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
3666 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
3667 : data, data_size);
3668 : #else
3669 1 : libspdm_hash_all(
3670 : m_libspdm_use_hash_algo,
3671 : data, data_size,
3672 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
3673 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
3674 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo);
3675 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
3676 : m_libspdm_use_hash_algo,
3677 : spdm_context->connection_info.algorithm.base_asym_algo,
3678 : data, data_size,
3679 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
3680 : #endif
3681 :
3682 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0*/
3683 1 : spdm_context->connection_info.capability.flags &=
3684 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3685 1 : spdm_context->local_context.capability.flags &=
3686 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
3687 :
3688 1 : session_id = 0xFFFFFFFF;
3689 1 : session_info = &spdm_context->session_info[0];
3690 1 : spdm_context->last_spdm_request_session_id_valid = true;
3691 1 : spdm_context->last_spdm_request_session_id = session_id;
3692 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
3693 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, false);
3694 1 : session_info->peer_used_cert_chain_slot_id = 0;
3695 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3696 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
3697 1 : libspdm_secured_message_set_response_finished_key(
3698 : session_info->secured_message_context, m_libspdm_dummy_buffer,
3699 : hash_size);
3700 1 : libspdm_secured_message_set_session_state(
3701 : session_info->secured_message_context,
3702 : LIBSPDM_SESSION_STATE_HANDSHAKING);
3703 :
3704 1 : req_slot_id_param = 0;
3705 1 : status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param);
3706 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
3707 1 : assert_int_equal(
3708 : libspdm_secured_message_get_session_state(
3709 : spdm_context->session_info[0].secured_message_context),
3710 : LIBSPDM_SESSION_STATE_ESTABLISHED);
3711 :
3712 1 : secured_message_context = session_info->secured_message_context;
3713 :
3714 1 : assert_memory_equal((const void *)secured_message_context->master_secret.master_secret,
3715 : (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer));
3716 1 : free(data);
3717 1 : }
3718 :
3719 1 : int libspdm_req_finish_test(void)
3720 : {
3721 1 : const struct CMUnitTest test_cases[] = {
3722 : /* SendRequest failed*/
3723 : cmocka_unit_test(req_finish_case1),
3724 : /* Successful response*/
3725 : cmocka_unit_test(req_finish_case2),
3726 : /* connection_state check failed*/
3727 : cmocka_unit_test(req_finish_case3),
3728 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
3729 : cmocka_unit_test(req_finish_case4),
3730 : /* Always SPDM_ERROR_CODE_BUSY*/
3731 : cmocka_unit_test(req_finish_case5),
3732 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
3733 : cmocka_unit_test(req_finish_case6),
3734 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
3735 : cmocka_unit_test(req_finish_case7),
3736 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
3737 : cmocka_unit_test(req_finish_case8),
3738 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
3739 : cmocka_unit_test(req_finish_case9),
3740 : /* Unexpected errors*/
3741 : cmocka_unit_test(req_finish_case10),
3742 : /* Buffer reset*/
3743 : cmocka_unit_test(req_finish_case11),
3744 : /* No correct setup*/
3745 : cmocka_unit_test(req_finish_case12),
3746 : cmocka_unit_test(req_finish_case13),
3747 : cmocka_unit_test(req_finish_case14),
3748 : cmocka_unit_test(req_finish_case15),
3749 : /* Successful response*/
3750 : cmocka_unit_test(req_finish_case16),
3751 : /* Response with invalid MAC*/
3752 : cmocka_unit_test(req_finish_case17),
3753 : cmocka_unit_test(req_finish_case18),
3754 : /* Can be populated with new test.*/
3755 : cmocka_unit_test(req_finish_case19),
3756 : cmocka_unit_test(req_finish_case20),
3757 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
3758 : cmocka_unit_test(req_finish_case21),
3759 : /* Buffer verification*/
3760 : cmocka_unit_test(req_finish_case22),
3761 : /* Successful response using provisioned public key (slot_id 0xFF) */
3762 : cmocka_unit_test(req_finish_case23),
3763 : /* Set HANDSHAKE_IN_THE_CLEAR_CAP to 0 , The ResponderVerifyData field is absent.*/
3764 : cmocka_unit_test(req_finish_case24),
3765 : /* SPDM 1.4 with OpaqueData */
3766 : cmocka_unit_test(req_finish_case25),
3767 : };
3768 :
3769 1 : libspdm_test_context_t test_context = {
3770 : LIBSPDM_TEST_CONTEXT_VERSION,
3771 : true,
3772 : send_message,
3773 : receive_message,
3774 : };
3775 :
3776 1 : libspdm_setup_test_context(&test_context);
3777 :
3778 1 : return cmocka_run_group_tests(test_cases,
3779 : libspdm_unit_test_group_setup,
3780 : libspdm_unit_test_group_teardown);
3781 : }
3782 :
3783 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
