Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
12 :
13 : uint8_t m_response_total_key_pairs;
14 : uint8_t m_response_key_pair_id;
15 : uint16_t m_response_capabilities;
16 : uint16_t m_response_key_usage_capabilities;
17 : uint16_t m_response_current_key_usage;
18 : uint32_t m_response_asym_algo_capabilities;
19 : uint32_t m_response_current_asym_algo;
20 : uint8_t m_response_assoc_cert_slot_mask;
21 :
22 16 : static libspdm_return_t send_message(
23 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
24 : {
25 : libspdm_test_context_t *spdm_test_context;
26 :
27 16 : spdm_test_context = libspdm_get_test_context();
28 16 : switch (spdm_test_context->case_id) {
29 16 : case 0x1:
30 : case 0x2:
31 16 : return LIBSPDM_STATUS_SUCCESS;
32 0 : default:
33 0 : return LIBSPDM_STATUS_SEND_FAIL;
34 : }
35 : }
36 :
37 16 : static libspdm_return_t receive_message(
38 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
39 : {
40 : libspdm_test_context_t *spdm_test_context;
41 :
42 16 : spdm_test_context = libspdm_get_test_context();
43 16 : switch (spdm_test_context->case_id) {
44 1 : case 0x1: {
45 : spdm_key_pair_info_response_t *spdm_response;
46 : size_t spdm_response_size;
47 : size_t transport_header_size;
48 :
49 : uint8_t total_key_pairs;
50 : uint8_t key_pair_id;
51 : uint16_t public_key_info_len;
52 : uint16_t capabilities;
53 : uint16_t key_usage_capabilities;
54 : uint16_t current_key_usage;
55 : uint32_t asym_algo_capabilities;
56 : uint32_t current_asym_algo;
57 : uint8_t assoc_cert_slot_mask;
58 :
59 1 : uint8_t public_key_info_rsa2048[] = {0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
60 : 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00};
61 :
62 1 : key_pair_id = 1;
63 1 : total_key_pairs = 1;
64 1 : public_key_info_len = (uint16_t)sizeof(public_key_info_rsa2048);
65 :
66 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
67 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
68 1 : spdm_response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
69 :
70 1 : capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
71 1 : key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
72 1 : current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
73 1 : asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
74 1 : current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
75 :
76 : /*association with slot 1*/
77 1 : assoc_cert_slot_mask = 0x02;
78 :
79 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
80 1 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
81 1 : spdm_response->header.param1 = 0;
82 1 : spdm_response->header.param2 = 0;
83 1 : spdm_response->total_key_pairs = total_key_pairs;
84 1 : spdm_response->key_pair_id = key_pair_id;
85 1 : spdm_response->capabilities = capabilities;
86 1 : spdm_response->key_usage_capabilities = key_usage_capabilities;
87 1 : spdm_response->current_key_usage = current_key_usage;
88 1 : spdm_response->asym_algo_capabilities = asym_algo_capabilities;
89 1 : spdm_response->current_asym_algo = current_asym_algo;
90 1 : spdm_response->public_key_info_len = public_key_info_len;
91 1 : spdm_response->assoc_cert_slot_mask = assoc_cert_slot_mask;
92 :
93 1 : libspdm_copy_mem((void*)(spdm_response + 1), public_key_info_len,
94 : public_key_info_rsa2048, public_key_info_len);
95 :
96 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
97 : false, spdm_response_size,
98 : spdm_response, response_size,
99 : response);
100 : }
101 1 : return LIBSPDM_STATUS_SUCCESS;
102 :
103 15 : case 0x2: {
104 : spdm_key_pair_info_response_t *spdm_response;
105 : size_t spdm_response_size;
106 : size_t transport_header_size;
107 :
108 : uint16_t public_key_info_len;
109 15 : uint8_t public_key_info_rsa2048[] = {0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
110 : 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00};
111 :
112 15 : public_key_info_len = (uint16_t)sizeof(public_key_info_rsa2048);
113 :
114 15 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
115 15 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
116 15 : spdm_response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
117 :
118 15 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
119 15 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
120 15 : spdm_response->header.param1 = 0;
121 15 : spdm_response->header.param2 = 0;
122 15 : spdm_response->total_key_pairs = m_response_total_key_pairs;
123 15 : spdm_response->key_pair_id = m_response_key_pair_id;
124 15 : spdm_response->capabilities = m_response_capabilities;
125 15 : spdm_response->key_usage_capabilities = m_response_key_usage_capabilities;
126 15 : spdm_response->current_key_usage = m_response_current_key_usage;
127 15 : spdm_response->asym_algo_capabilities = m_response_asym_algo_capabilities;
128 15 : spdm_response->current_asym_algo = m_response_current_asym_algo;
129 15 : spdm_response->public_key_info_len = public_key_info_len;
130 15 : spdm_response->assoc_cert_slot_mask = m_response_assoc_cert_slot_mask;
131 :
132 :
133 15 : libspdm_copy_mem((void*)(spdm_response + 1), public_key_info_len,
134 : public_key_info_rsa2048, public_key_info_len);
135 15 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
136 : false, spdm_response_size,
137 : spdm_response, response_size,
138 : response);
139 : }
140 15 : return LIBSPDM_STATUS_SUCCESS;
141 :
142 0 : default:
143 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
144 : }
145 : }
146 :
147 : /**
148 : * Test 1: Successful response to get key pair info
149 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
150 : **/
151 1 : static void req_get_key_pair_info_case1(void **state)
152 : {
153 : libspdm_return_t status;
154 : libspdm_test_context_t *spdm_test_context;
155 : libspdm_context_t *spdm_context;
156 :
157 : uint8_t key_pair_id;
158 : uint8_t associated_slot_id;
159 : uint8_t total_key_pairs;
160 : uint16_t capabilities;
161 : uint16_t key_usage_capabilities;
162 : uint16_t current_key_usage;
163 : uint32_t asym_algo_capabilities;
164 : uint32_t current_asym_algo;
165 : uint16_t public_key_info_len;
166 : uint8_t assoc_cert_slot_mask;
167 : uint8_t public_key_info[SPDM_MAX_PUBLIC_KEY_INFO_LEN];
168 :
169 1 : key_pair_id = 1;
170 1 : associated_slot_id = 1;
171 1 : spdm_test_context = *state;
172 1 : spdm_context = spdm_test_context->spdm_context;
173 1 : spdm_test_context->case_id = 0x1;
174 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
175 : SPDM_VERSION_NUMBER_SHIFT_BIT;
176 :
177 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
178 1 : spdm_context->connection_info.capability.flags |=
179 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP |
180 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP;
181 :
182 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
183 1 : public_key_info_len = SPDM_MAX_PUBLIC_KEY_INFO_LEN;
184 :
185 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
186 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
187 : &asym_algo_capabilities, ¤t_asym_algo,
188 : &assoc_cert_slot_mask, &public_key_info_len,
189 : public_key_info);
190 :
191 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
192 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
193 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
194 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
195 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
196 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
197 1 : }
198 :
199 : /**
200 : * Test 2: The collection of multiple sub-cases for invalid combination.
201 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_MSG_FIELD return code
202 : **/
203 1 : void req_get_key_pair_info_case2(void **state)
204 : {
205 : libspdm_return_t status;
206 : libspdm_test_context_t *spdm_test_context;
207 : libspdm_context_t *spdm_context;
208 :
209 : uint8_t key_pair_id;
210 : uint8_t associated_slot_id;
211 : uint8_t total_key_pairs;
212 : uint16_t capabilities;
213 : uint16_t key_usage_capabilities;
214 : uint16_t current_key_usage;
215 : uint32_t asym_algo_capabilities;
216 : uint32_t current_asym_algo;
217 : uint16_t public_key_info_len;
218 : uint8_t assoc_cert_slot_mask;
219 : uint8_t public_key_info[SPDM_MAX_PUBLIC_KEY_INFO_LEN];
220 :
221 1 : spdm_test_context = *state;
222 1 : spdm_context = spdm_test_context->spdm_context;
223 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
224 : SPDM_VERSION_NUMBER_SHIFT_BIT;
225 :
226 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
227 1 : spdm_context->connection_info.capability.flags |=
228 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP;
229 :
230 1 : spdm_test_context->case_id = 0x2;
231 1 : public_key_info_len = SPDM_MAX_PUBLIC_KEY_INFO_LEN;
232 :
233 : /* Sub Case 1: key_pair_id > total_key_pairs*/
234 1 : key_pair_id = 2;
235 1 : associated_slot_id = 1;
236 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
237 :
238 1 : m_response_total_key_pairs = 1;
239 1 : m_response_key_pair_id = 2;
240 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
241 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
242 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
243 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
244 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
245 : /* association with slot 1*/
246 1 : m_response_assoc_cert_slot_mask = 0x2;
247 :
248 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
249 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
250 : &asym_algo_capabilities, ¤t_asym_algo,
251 : &assoc_cert_slot_mask, &public_key_info_len,
252 : public_key_info);
253 :
254 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
255 :
256 : /* Sub Case 2: responder and requester, the KeyPairID are not consistent.*/
257 1 : key_pair_id = 0xA0;
258 1 : associated_slot_id = 1;
259 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
260 :
261 1 : m_response_total_key_pairs = 1;
262 1 : m_response_key_pair_id = 1;
263 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
264 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
265 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
266 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
267 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
268 : /* association with slot 1*/
269 1 : m_response_assoc_cert_slot_mask = 0x2;
270 :
271 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
272 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
273 : &asym_algo_capabilities, ¤t_asym_algo,
274 : &assoc_cert_slot_mask, &public_key_info_len,
275 : public_key_info);
276 :
277 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
278 :
279 : /* Sub Case 3: not set capabilities.*/
280 1 : key_pair_id = 1;
281 1 : associated_slot_id = 1;
282 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
283 :
284 1 : m_response_total_key_pairs = 1;
285 1 : m_response_key_pair_id = 1;
286 1 : m_response_capabilities = 0;
287 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
288 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
289 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
290 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
291 : /* association with slot 1*/
292 1 : m_response_assoc_cert_slot_mask = 0x2;
293 :
294 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
295 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
296 : &asym_algo_capabilities, ¤t_asym_algo,
297 : &assoc_cert_slot_mask, &public_key_info_len,
298 : public_key_info);
299 :
300 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
301 1 : assert_int_equal(capabilities, 0);
302 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
303 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
304 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
305 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
306 :
307 : /* Sub Case 4: This bit shall not be set if CertAssocCap is not set.
308 : * Set the ShareableCap bit and not set the CertAssocCap bit.*/
309 1 : key_pair_id = 1;
310 1 : associated_slot_id = 1;
311 1 : spdm_context->connection_info.peer_key_pair_id[associated_slot_id] = key_pair_id;
312 :
313 1 : m_response_total_key_pairs = 1;
314 1 : m_response_key_pair_id = 1;
315 :
316 1 : m_response_capabilities = 0;
317 1 : m_response_capabilities |= SPDM_KEY_PAIR_CAP_SHAREABLE_CAP;
318 1 : m_response_capabilities &= ~SPDM_KEY_PAIR_CAP_CERT_ASSOC_CAP;
319 :
320 1 : m_response_key_usage_capabilities =SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
321 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
322 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
323 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
324 : /* association with slot 1*/
325 1 : m_response_assoc_cert_slot_mask = 0x2;
326 :
327 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
328 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
329 : &asym_algo_capabilities, ¤t_asym_algo,
330 : &assoc_cert_slot_mask, &public_key_info_len,
331 : public_key_info);
332 :
333 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
334 :
335 : /* Sub Case 5: KeyUsageCapabilities at least one bit shall be set, not set KeyUsageCapabilities.*/
336 1 : m_response_total_key_pairs = 1;
337 1 : m_response_key_pair_id = 1;
338 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
339 1 : m_response_key_usage_capabilities =0;
340 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
341 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
342 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
343 : /* association with slot 1*/
344 1 : m_response_assoc_cert_slot_mask = 0x2;
345 :
346 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
347 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
348 : &asym_algo_capabilities, ¤t_asym_algo,
349 : &assoc_cert_slot_mask, &public_key_info_len,
350 : public_key_info);
351 :
352 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
353 :
354 : /* Sub Case 6: KeyUsageCapabilities Set multiple bits.*/
355 1 : m_response_total_key_pairs = 1;
356 1 : m_response_key_pair_id = 1;
357 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
358 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
359 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
360 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE |
361 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE |
362 : SPDM_KEY_USAGE_BIT_MASK_STANDARDS_KEY_USE |
363 : SPDM_KEY_USAGE_BIT_MASK_VENDOR_KEY_USE;
364 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
365 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
366 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
367 : /* association with slot 1*/
368 1 : m_response_assoc_cert_slot_mask = 0x2;
369 :
370 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
371 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
372 : &asym_algo_capabilities, ¤t_asym_algo,
373 : &assoc_cert_slot_mask, &public_key_info_len,
374 : public_key_info);
375 :
376 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
377 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
378 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK);
379 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
380 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
381 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
382 :
383 : /* Sub Case 7: not set CurrentKeyUsage*/
384 1 : m_response_total_key_pairs = 1;
385 1 : m_response_key_pair_id = 1;
386 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
387 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
388 1 : m_response_current_key_usage = 0;
389 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
390 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
391 : /* association with slot 1*/
392 1 : m_response_assoc_cert_slot_mask = 0x2;
393 :
394 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
395 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
396 : &asym_algo_capabilities, ¤t_asym_algo,
397 : &assoc_cert_slot_mask, &public_key_info_len,
398 : public_key_info);
399 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
400 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
401 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
402 1 : assert_int_equal(current_key_usage, 0);
403 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
404 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
405 :
406 : /* Sub Case 8: CurrentKeyUsage Set multiple bits.*/
407 1 : m_response_total_key_pairs = 1;
408 1 : m_response_key_pair_id = 1;
409 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
410 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
411 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
412 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
413 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE |
414 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE |
415 : SPDM_KEY_USAGE_BIT_MASK_STANDARDS_KEY_USE |
416 : SPDM_KEY_USAGE_BIT_MASK_VENDOR_KEY_USE;
417 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
418 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
419 : /* association with slot 1*/
420 1 : m_response_assoc_cert_slot_mask = 0x2;
421 :
422 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
423 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
424 : &asym_algo_capabilities, ¤t_asym_algo,
425 : &assoc_cert_slot_mask, &public_key_info_len,
426 : public_key_info);
427 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
428 :
429 : /* Sub Case 9: CurrentKeyUsage and KeyUsageCapabilities, Set multiple bits.*/
430 1 : m_response_total_key_pairs = 1;
431 1 : m_response_key_pair_id = 1;
432 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
433 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
434 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
435 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
436 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
437 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
438 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
439 : /* association with slot 1*/
440 1 : m_response_assoc_cert_slot_mask = 0x2;
441 :
442 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
443 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
444 : &asym_algo_capabilities, ¤t_asym_algo,
445 : &assoc_cert_slot_mask, &public_key_info_len,
446 : public_key_info);
447 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
448 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
449 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
450 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE);
451 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE |
452 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE);
453 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
454 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
455 :
456 : /* Sub Case 10: CurrentKeyUsage and KeyUsageCapabilities are not consistent.*/
457 1 : m_response_total_key_pairs = 1;
458 1 : m_response_key_pair_id = 1;
459 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
460 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE;
461 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
462 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
463 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
464 : /* association with slot 1*/
465 1 : m_response_assoc_cert_slot_mask = 0x2;
466 :
467 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
468 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
469 : &asym_algo_capabilities, ¤t_asym_algo,
470 : &assoc_cert_slot_mask, &public_key_info_len,
471 : public_key_info);
472 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
473 :
474 : /* Sub Case 11: AsymAlgoCapabilities, at least one bit shall be set.not set AsymAlgoCapabilities*/
475 1 : m_response_total_key_pairs = 1;
476 1 : m_response_key_pair_id = 1;
477 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
478 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
479 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
480 1 : m_response_asym_algo_capabilities = 0;
481 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
482 : /* association with slot 1*/
483 1 : m_response_assoc_cert_slot_mask = 0x2;
484 :
485 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
486 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
487 : &asym_algo_capabilities, ¤t_asym_algo,
488 : &assoc_cert_slot_mask, &public_key_info_len,
489 : public_key_info);
490 :
491 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
492 :
493 : /* Sub Case 12: AsymAlgoCapabilities Set multiple bits.*/
494 1 : m_response_total_key_pairs = 1;
495 1 : m_response_key_pair_id = 1;
496 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
497 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
498 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
499 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
500 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_ED448;
501 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
502 : /* association with slot 1*/
503 1 : m_response_assoc_cert_slot_mask = 0x2;
504 :
505 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
506 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
507 : &asym_algo_capabilities, ¤t_asym_algo,
508 : &assoc_cert_slot_mask, &public_key_info_len,
509 : public_key_info);
510 :
511 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
512 1 : assert_int_equal(capabilities, SPDM_KEY_PAIR_CAP_GEN_KEY_CAP);
513 1 : assert_int_equal(key_usage_capabilities, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
514 1 : assert_int_equal(current_key_usage, SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE);
515 1 : assert_int_equal(asym_algo_capabilities, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
516 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_ED448);
517 1 : assert_int_equal(current_asym_algo, SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048);
518 :
519 : /* Sub Case 13: CurrentAsymAlgo Set bits more than one bit.*/
520 1 : m_response_total_key_pairs = 1;
521 1 : m_response_key_pair_id = 1;
522 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
523 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
524 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
525 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
526 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048 |
527 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA3072;
528 : /* association with slot 1*/
529 1 : m_response_assoc_cert_slot_mask = 0x2;
530 :
531 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
532 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
533 : &asym_algo_capabilities, ¤t_asym_algo,
534 : &assoc_cert_slot_mask, &public_key_info_len,
535 : public_key_info);
536 :
537 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
538 :
539 : /* Sub Case 14: AsymAlgoCapabilities and AsymAlgoCapabilities are not consistent.*/
540 1 : m_response_total_key_pairs = 1;
541 1 : m_response_key_pair_id = 1;
542 1 : m_response_capabilities = SPDM_KEY_PAIR_CAP_GEN_KEY_CAP;
543 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
544 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
545 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA3072;
546 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
547 : /* association with slot 1*/
548 1 : m_response_assoc_cert_slot_mask = 0x2;
549 :
550 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
551 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
552 : &asym_algo_capabilities, ¤t_asym_algo,
553 : &assoc_cert_slot_mask, &public_key_info_len,
554 : public_key_info);
555 :
556 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
557 :
558 : /* Sub Case 15: AssocCertSlotMask set more than one bit, but ShareableCap is not set.*/
559 1 : m_response_total_key_pairs = 1;
560 1 : m_response_key_pair_id = 1;
561 1 : m_response_capabilities = 0;
562 1 : m_response_key_usage_capabilities = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
563 1 : m_response_current_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
564 1 : m_response_asym_algo_capabilities = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
565 1 : m_response_current_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_RSA2048;
566 : /* association with slot 1*/
567 1 : m_response_assoc_cert_slot_mask = 0xFF;
568 :
569 1 : status = libspdm_get_key_pair_info(spdm_context, NULL, key_pair_id, &total_key_pairs,
570 : &capabilities, &key_usage_capabilities, ¤t_key_usage,
571 : &asym_algo_capabilities, ¤t_asym_algo,
572 : &assoc_cert_slot_mask, &public_key_info_len,
573 : public_key_info);
574 :
575 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
576 1 : }
577 :
578 1 : int libspdm_req_get_key_pair_info_test(void)
579 : {
580 1 : const struct CMUnitTest test_cases[] = {
581 : /* Successful response to get key pair info, key_pair_id is 1*/
582 : cmocka_unit_test(req_get_key_pair_info_case1),
583 : /* The collection of multiple sub-cases for invalid combination.*/
584 : cmocka_unit_test(req_get_key_pair_info_case2),
585 : };
586 :
587 1 : libspdm_test_context_t test_context = {
588 : LIBSPDM_TEST_CONTEXT_VERSION,
589 : true,
590 : send_message,
591 : receive_message,
592 : };
593 :
594 1 : libspdm_setup_test_context(&test_context);
595 :
596 1 : return cmocka_run_group_tests(test_cases,
597 : libspdm_unit_test_group_setup,
598 : libspdm_unit_test_group_teardown);
599 : }
600 :
601 : #endif /*LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP*/
|
