Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
12 :
13 : uint8_t m_response_total_key_pairs;
14 : uint8_t m_response_key_pair_id;
15 : uint16_t m_response_capabilities;
16 : uint16_t m_response_key_usage_capabilities;
17 : uint16_t m_response_current_key_usage;
18 : uint32_t m_response_asym_algo_capabilities;
19 : uint32_t m_response_current_asym_algo;
20 : uint8_t m_response_assoc_cert_slot_mask;
21 :
22 16 : static libspdm_return_t send_message(
23 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
24 : {
25 : libspdm_test_context_t *spdm_test_context;
26 :
27 16 : spdm_test_context = libspdm_get_test_context();
28 16 : switch (spdm_test_context->case_id) {
29 16 : case 0x1:
30 : case 0x2:
31 16 : return LIBSPDM_STATUS_SUCCESS;
32 0 : default:
33 0 : return LIBSPDM_STATUS_SEND_FAIL;
34 : }
35 : }
36 :
37 16 : static libspdm_return_t receive_message(
38 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
39 : {
40 : libspdm_test_context_t *spdm_test_context;
41 :
42 16 : spdm_test_context = libspdm_get_test_context();
43 16 : switch (spdm_test_context->case_id) {
44 1 : case 0x1: {
45 : spdm_key_pair_info_response_t *spdm_response;
46 : size_t spdm_response_size;
47 : size_t transport_header_size;
48 :
49 : uint8_t total_key_pairs;
50 : uint8_t key_pair_id;
51 : uint16_t public_key_info_len;
52 : uint16_t capabilities;
53 : uint16_t key_usage_capabilities;
54 : uint16_t current_key_usage;
55 : uint32_t asym_algo_capabilities;
56 : uint32_t current_asym_algo;
57 : uint8_t assoc_cert_slot_mask;
58 :
59 1 : uint8_t public_key_info_rsa2048[] = {0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
60 : 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00};
61 :
62 1 : key_pair_id = 1;
63 1 : total_key_pairs = 1;
64 1 : public_key_info_len = (uint16_t)sizeof(public_key_info_rsa2048);
65 :
66 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
67 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
68 1 : spdm_response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
69 :
70 1 : capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
71 1 : key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
72 1 : current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
73 1 : asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
74 1 : current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
75 :
76 : /*association with slot 1*/
77 1 : assoc_cert_slot_mask = 0x02;
78 :
79 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
80 1 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
81 1 : spdm_response->header.param1 = 0;
82 1 : spdm_response->header.param2 = 0;
83 1 : spdm_response->total_key_pairs = total_key_pairs;
84 1 : spdm_response->key_pair_id = key_pair_id;
85 1 : spdm_response->capabilities = capabilities;
86 1 : spdm_response->key_usage_capabilities = key_usage_capabilities;
87 1 : spdm_response->current_key_usage = current_key_usage;
88 1 : spdm_response->asym_algo_capabilities = asym_algo_capabilities;
89 1 : spdm_response->current_asym_algo = current_asym_algo;
90 1 : spdm_response->public_key_info_len = public_key_info_len;
91 1 : spdm_response->assoc_cert_slot_mask = assoc_cert_slot_mask;
92 :
93 1 : libspdm_copy_mem((void*)(spdm_response + 1), public_key_info_len,
94 : public_key_info_rsa2048, public_key_info_len);
95 :
96 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
97 : false, spdm_response_size,
98 : spdm_response, response_size,
99 : response);
100 : }
101 1 : return LIBSPDM_STATUS_SUCCESS;
102 :
103 15 : case 0x2: {
104 : spdm_key_pair_info_response_t *spdm_response;
105 : size_t spdm_response_size;
106 : size_t transport_header_size;
107 :
108 : uint16_t public_key_info_len;
109 15 : uint8_t public_key_info_rsa2048[] = {0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
110 : 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00};
111 :
112 15 : public_key_info_len = (uint16_t)sizeof(public_key_info_rsa2048);
113 :
114 15 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
115 15 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
116 15 : spdm_response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
117 :
118 15 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
119 15 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
120 15 : spdm_response->header.param1 = 0;
121 15 : spdm_response->header.param2 = 0;
122 15 : spdm_response->total_key_pairs = m_response_total_key_pairs;
123 15 : spdm_response->key_pair_id = m_response_key_pair_id;
124 15 : spdm_response->capabilities = m_response_capabilities;
125 15 : spdm_response->key_usage_capabilities = m_response_key_usage_capabilities;
126 15 : spdm_response->current_key_usage = m_response_current_key_usage;
127 15 : spdm_response->asym_algo_capabilities = m_response_asym_algo_capabilities;
128 15 : spdm_response->current_asym_algo = m_response_current_asym_algo;
129 15 : spdm_response->public_key_info_len = public_key_info_len;
130 15 : spdm_response->assoc_cert_slot_mask = m_response_assoc_cert_slot_mask;
131 :
132 :
133 15 : libspdm_copy_mem((void*)(spdm_response + 1), public_key_info_len,
134 : public_key_info_rsa2048, public_key_info_len);
135 15 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
136 : false, spdm_response_size,
137 : spdm_response, response_size,
138 : response);
139 : }
140 15 : return LIBSPDM_STATUS_SUCCESS;
141 :
142 0 : default:
143 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
144 : }
145 : }
146 :
147 : /**
148 : * Test 1: Successful response to get key pair info
149 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
150 : **/
151 1 : static void req_get_key_pair_info_case1(void **state)
152 : {
153 : libspdm_return_t status;
154 : libspdm_test_context_t *spdm_test_context;
155 : libspdm_context_t *spdm_context;
156 :
157 : uint8_t key_pair_id;
158 : uint8_t associated_slot_id;
159 : uint8_t total_key_pairs;
160 : uint16_t capabilities;
161 : uint16_t key_usage_capabilities;
162 : uint16_t current_key_usage;
163 : uint32_t asym_algo_capabilities;
164 : uint32_t current_asym_algo;
165 : uint32_t pqc_asym_algo_capabilities;
166 : uint32_t current_pqc_asym_algo;
167 : uint16_t public_key_info_len;
168 : uint8_t assoc_cert_slot_mask;
169 : uint8_t public_key_info[SPDM_MAX_PUBLIC_KEY_INFO_LEN];
170 :
171 1 : key_pair_id = 1;
172 1 : associated_slot_id = 1;
173 1 : spdm_test_context = *state;
174 1 : spdm_context = spdm_test_context->spdm_context;
175 1 : spdm_test_context->case_id = 0x1;
176 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
177 : SPDM_VERSION_NUMBER_SHIFT_BIT;
178 :
179 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
180 1 : spdm_context->connection_info.capability.flags |=
181 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP |
182 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP;
183 :
184 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
185 1 : public_key_info_len = SPDM_MAX_PUBLIC_KEY_INFO_LEN;
186 :
187 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
188 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
189 : &asym_algo_capabilities, ¤t_asym_algo,
190 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
191 : &assoc_cert_slot_mask, &public_key_info_len,
192 : public_key_info);
193 :
194 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
195 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
196 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
197 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
198 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
199 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
200 1 : }
201 :
202 : /**
203 : * Test 2: The collection of multiple sub-cases for invalid combination.
204 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
205 : **/
206 1 : void req_get_key_pair_info_case2(void **state)
207 : {
208 : libspdm_return_t status;
209 : libspdm_test_context_t *spdm_test_context;
210 : libspdm_context_t *spdm_context;
211 :
212 : uint8_t key_pair_id;
213 : uint8_t associated_slot_id;
214 : uint8_t total_key_pairs;
215 : uint16_t capabilities;
216 : uint16_t key_usage_capabilities;
217 : uint16_t current_key_usage;
218 : uint32_t asym_algo_capabilities;
219 : uint32_t current_asym_algo;
220 : uint32_t pqc_asym_algo_capabilities;
221 : uint32_t current_pqc_asym_algo;
222 : uint16_t public_key_info_len;
223 : uint8_t assoc_cert_slot_mask;
224 : uint8_t public_key_info[SPDM_MAX_PUBLIC_KEY_INFO_LEN];
225 :
226 1 : spdm_test_context = *state;
227 1 : spdm_context = spdm_test_context->spdm_context;
228 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
229 : SPDM_VERSION_NUMBER_SHIFT_BIT;
230 :
231 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
232 1 : spdm_context->connection_info.capability.flags |=
233 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP;
234 :
235 1 : spdm_test_context->case_id = 0x2;
236 1 : public_key_info_len = SPDM_MAX_PUBLIC_KEY_INFO_LEN;
237 :
238 : /* Sub Case 1: key_pair_id > total_key_pairs*/
239 1 : key_pair_id = 2;
240 1 : associated_slot_id = 1;
241 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
242 :
243 1 : m_response_total_key_pairs = 1;
244 1 : m_response_key_pair_id = 2;
245 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
246 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
247 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
248 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
249 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
250 : /* association with slot 1*/
251 1 : m_response_assoc_cert_slot_mask = 0x2;
252 :
253 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
254 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
255 : &asym_algo_capabilities, ¤t_asym_algo,
256 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
257 : &assoc_cert_slot_mask, &public_key_info_len,
258 : public_key_info);
259 :
260 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
261 :
262 : /* Sub Case 2: responder and requester, the KeyPairID are not consistent.*/
263 1 : key_pair_id = 0xA0;
264 1 : associated_slot_id = 1;
265 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
266 :
267 1 : m_response_total_key_pairs = 1;
268 1 : m_response_key_pair_id = 1;
269 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
270 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
271 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
272 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
273 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
274 : /* association with slot 1*/
275 1 : m_response_assoc_cert_slot_mask = 0x2;
276 :
277 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
278 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
279 : &asym_algo_capabilities, ¤t_asym_algo,
280 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
281 : &assoc_cert_slot_mask, &public_key_info_len,
282 : public_key_info);
283 :
284 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
285 :
286 : /* Sub Case 3: not set capabilities.*/
287 1 : key_pair_id = 1;
288 1 : associated_slot_id = 1;
289 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
290 :
291 1 : m_response_total_key_pairs = 1;
292 1 : m_response_key_pair_id = 1;
293 1 : m_response_capabilities = 0;
294 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
295 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
296 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
297 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
298 : /* association with slot 1*/
299 1 : m_response_assoc_cert_slot_mask = 0x2;
300 :
301 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
302 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
303 : &asym_algo_capabilities, ¤t_asym_algo,
304 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
305 : &assoc_cert_slot_mask, &public_key_info_len,
306 : public_key_info);
307 :
308 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
309 1 : assert_int_equal(capabilities, 0);
310 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
311 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
312 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
313 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
314 :
315 : /* Sub Case 4: This bit shall not be set if CertAssocCap is not set.
316 : * Set the ShareableCap bit and not set the CertAssocCap bit.*/
317 1 : key_pair_id = 1;
318 1 : associated_slot_id = 1;
319 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
320 :
321 1 : m_response_total_key_pairs = 1;
322 1 : m_response_key_pair_id = 1;
323 :
324 1 : m_response_capabilities = 0;
325 1 : m_response_capabilities |= SPDM_KEY_PAIR_CAP_SHAREABLE_CAP;
326 1 : m_response_capabilities &= ~SPDM_KEY_PAIR_CAP_CERT_ASSOC_CAP;
327 :
328 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
329 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
330 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
331 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
332 : /* association with slot 1*/
333 1 : m_response_assoc_cert_slot_mask = 0x2;
334 :
335 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
336 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
337 : &asym_algo_capabilities, ¤t_asym_algo,
338 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
339 : &assoc_cert_slot_mask, &public_key_info_len,
340 : public_key_info);
341 :
342 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
343 :
344 : /* Sub Case 5: KeyUsageCapabilities at least one bit shall be set, not set KeyUsageCapabilities.*/
345 1 : m_response_total_key_pairs = 1;
346 1 : m_response_key_pair_id = 1;
347 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
348 1 : m_response_key_usage_capabilities =0;
349 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
350 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
351 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
352 : /* association with slot 1*/
353 1 : m_response_assoc_cert_slot_mask = 0x2;
354 :
355 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
356 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
357 : &asym_algo_capabilities, ¤t_asym_algo,
358 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
359 : &assoc_cert_slot_mask, &public_key_info_len,
360 : public_key_info);
361 :
362 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
363 :
364 : /* Sub Case 6: KeyUsageCapabilities Set multiple bits.*/
365 1 : m_response_total_key_pairs = 1;
366 1 : m_response_key_pair_id = 1;
367 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
368 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
369 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
370 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE |
371 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE |
372 : SPDM_KEY_USAGE_BIT_MASK_STANDARDS_KEY_USE |
373 : SPDM_KEY_USAGE_BIT_MASK_VENDOR_KEY_USE;
374 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
375 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
376 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
377 : /* association with slot 1*/
378 1 : m_response_assoc_cert_slot_mask = 0x2;
379 :
380 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
381 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
382 : &asym_algo_capabilities, ¤t_asym_algo,
383 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
384 : &assoc_cert_slot_mask, &public_key_info_len,
385 : public_key_info);
386 :
387 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
388 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
389 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK);
390 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
391 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
392 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
393 :
394 : /* Sub Case 7: not set CurrentKeyUsage*/
395 1 : m_response_total_key_pairs = 1;
396 1 : m_response_key_pair_id = 1;
397 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
398 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
399 1 : m_response_current_key_usage = 0;
400 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
401 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
402 : /* association with slot 1*/
403 1 : m_response_assoc_cert_slot_mask = 0x2;
404 :
405 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
406 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
407 : &asym_algo_capabilities, ¤t_asym_algo,
408 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
409 : &assoc_cert_slot_mask, &public_key_info_len,
410 : public_key_info);
411 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
412 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
413 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
414 1 : assert_int_equal(current_key_usage, 0);
415 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
416 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
417 :
418 : /* Sub Case 8: CurrentKeyUsage Set multiple bits.*/
419 1 : m_response_total_key_pairs = 1;
420 1 : m_response_key_pair_id = 1;
421 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
422 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
423 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
424 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
425 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE |
426 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE |
427 : SPDM_KEY_USAGE_BIT_MASK_STANDARDS_KEY_USE |
428 : SPDM_KEY_USAGE_BIT_MASK_VENDOR_KEY_USE;
429 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
430 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
431 : /* association with slot 1*/
432 1 : m_response_assoc_cert_slot_mask = 0x2;
433 :
434 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
435 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
436 : &asym_algo_capabilities, ¤t_asym_algo,
437 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
438 : &assoc_cert_slot_mask, &public_key_info_len,
439 : public_key_info);
440 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
441 :
442 : /* Sub Case 9: CurrentKeyUsage and KeyUsageCapabilities, Set multiple bits.*/
443 1 : m_response_total_key_pairs = 1;
444 1 : m_response_key_pair_id = 1;
445 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
446 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
447 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
448 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
449 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
450 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
451 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
452 : /* association with slot 1*/
453 1 : m_response_assoc_cert_slot_mask = 0x2;
454 :
455 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
456 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
457 : &asym_algo_capabilities, ¤t_asym_algo,
458 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
459 : &assoc_cert_slot_mask, &public_key_info_len,
460 : public_key_info);
461 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
462 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
463 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
464 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE);
465 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
466 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE);
467 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
468 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
469 :
470 : /* Sub Case 10: CurrentKeyUsage and KeyUsageCapabilities are not consistent.*/
471 1 : m_response_total_key_pairs = 1;
472 1 : m_response_key_pair_id = 1;
473 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
474 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
475 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
476 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
477 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
478 : /* association with slot 1*/
479 1 : m_response_assoc_cert_slot_mask = 0x2;
480 :
481 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
482 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
483 : &asym_algo_capabilities, ¤t_asym_algo,
484 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
485 : &assoc_cert_slot_mask, &public_key_info_len,
486 : public_key_info);
487 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
488 :
489 : /* Sub Case 11: AsymAlgoCapabilities, at least one bit shall be set.not set AsymAlgoCapabilities*/
490 1 : m_response_total_key_pairs = 1;
491 1 : m_response_key_pair_id = 1;
492 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
493 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
494 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
495 1 : m_response_asym_algo_capabilities = 0;
496 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
497 : /* association with slot 1*/
498 1 : m_response_assoc_cert_slot_mask = 0x2;
499 :
500 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
501 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
502 : &asym_algo_capabilities, ¤t_asym_algo,
503 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
504 : &assoc_cert_slot_mask, &public_key_info_len,
505 : public_key_info);
506 :
507 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
508 :
509 : /* Sub Case 12: AsymAlgoCapabilities Set multiple bits.*/
510 1 : m_response_total_key_pairs = 1;
511 1 : m_response_key_pair_id = 1;
512 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
513 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
514 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
515 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
516 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_ED448;
517 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
518 : /* association with slot 1*/
519 1 : m_response_assoc_cert_slot_mask = 0x2;
520 :
521 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
522 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
523 : &asym_algo_capabilities, ¤t_asym_algo,
524 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
525 : &assoc_cert_slot_mask, &public_key_info_len,
526 : public_key_info);
527 :
528 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
529 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
530 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
531 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
532 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
533 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_ED448);
534 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
535 :
536 : /* Sub Case 13: CurrentAsymAlgo Set bits more than one bit.*/
537 1 : m_response_total_key_pairs = 1;
538 1 : m_response_key_pair_id = 1;
539 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
540 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
541 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
542 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
543 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
544 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA3072;
545 : /* association with slot 1*/
546 1 : m_response_assoc_cert_slot_mask = 0x2;
547 :
548 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
549 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
550 : &asym_algo_capabilities, ¤t_asym_algo,
551 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
552 : &assoc_cert_slot_mask, &public_key_info_len,
553 : public_key_info);
554 :
555 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
556 :
557 : /* Sub Case 14: AsymAlgoCapabilities and AsymAlgoCapabilities are not consistent.*/
558 1 : m_response_total_key_pairs = 1;
559 1 : m_response_key_pair_id = 1;
560 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
561 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
562 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
563 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA3072;
564 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
565 : /* association with slot 1*/
566 1 : m_response_assoc_cert_slot_mask = 0x2;
567 :
568 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
569 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
570 : &asym_algo_capabilities, ¤t_asym_algo,
571 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
572 : &assoc_cert_slot_mask, &public_key_info_len,
573 : public_key_info);
574 :
575 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
576 :
577 : /* Sub Case 15: AssocCertSlotMask set more than one bit, but ShareableCap is not set.*/
578 1 : m_response_total_key_pairs = 1;
579 1 : m_response_key_pair_id = 1;
580 1 : m_response_capabilities = 0;
581 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
582 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
583 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
584 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
585 : /* association with slot 1*/
586 1 : m_response_assoc_cert_slot_mask = 0xFF;
587 :
588 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
589 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
590 : &asym_algo_capabilities, ¤t_asym_algo,
591 : &pqc_asym_algo_capabilities, ¤t_pqc_asym_algo,
592 : &assoc_cert_slot_mask, &public_key_info_len,
593 : public_key_info);
594 :
595 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
596 1 : }
597 :
598 1 : int libspdm_req_get_key_pair_info_test(void)
599 : {
600 1 : const struct CMUnitTest test_cases[] = {
601 : /* Successful response to get key pair info, key_pair_id is 1*/
602 : cmocka_unit_test(req_get_key_pair_info_case1),
603 : /* The collection of multiple sub-cases for invalid combination.*/
604 : cmocka_unit_test(req_get_key_pair_info_case2),
605 : };
606 :
607 1 : libspdm_test_context_t test_context = {
608 : LIBSPDM_TEST_CONTEXT_VERSION,
609 : true,
610 : send_message,
611 : receive_message,
612 : };
613 :
614 1 : libspdm_setup_test_context(&test_context);
615 :
616 1 : return cmocka_run_group_tests(test_cases,
617 : libspdm_unit_test_group_setup,
618 : libspdm_unit_test_group_teardown);
619 : }
620 :
621 : #endif /*LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP*/
|
