Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_responder_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : static size_t m_libspdm_local_buffer_size;
14 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
15 : static uint8_t m_libspdm_zero_filled_buffer[LIBSPDM_MAX_HASH_SIZE];
16 :
17 : static libspdm_th_managed_buffer_t th_curr;
18 :
19 51 : static size_t libspdm_test_get_key_exchange_request_size(const void *spdm_context,
20 : const void *buffer,
21 : size_t buffer_size)
22 : {
23 : const spdm_key_exchange_request_t *spdm_request;
24 : size_t message_size;
25 : size_t dhe_key_size;
26 : uint16_t opaque_length;
27 :
28 51 : spdm_request = buffer;
29 51 : message_size = sizeof(spdm_message_header_t);
30 51 : if (buffer_size < message_size) {
31 0 : return buffer_size;
32 : }
33 :
34 51 : if (spdm_request->header.request_response_code != SPDM_KEY_EXCHANGE) {
35 1 : return buffer_size;
36 : }
37 :
38 50 : message_size = sizeof(spdm_key_exchange_request_t);
39 50 : if (buffer_size < message_size) {
40 0 : return buffer_size;
41 : }
42 :
43 50 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
44 50 : message_size += dhe_key_size + sizeof(uint16_t);
45 50 : if (buffer_size < message_size) {
46 0 : return buffer_size;
47 : }
48 :
49 : opaque_length =
50 50 : libspdm_read_uint16((const uint8_t *)buffer +
51 50 : sizeof(spdm_key_exchange_request_t) + dhe_key_size);
52 50 : message_size += opaque_length;
53 50 : if (buffer_size < message_size) {
54 0 : return buffer_size;
55 : }
56 :
57 : /* Good message, return actual size*/
58 50 : return message_size;
59 : }
60 :
61 53 : static libspdm_return_t send_message(
62 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
63 : {
64 : libspdm_test_context_t *spdm_test_context;
65 : size_t header_size;
66 : size_t message_size;
67 :
68 53 : spdm_test_context = libspdm_get_test_context();
69 53 : header_size = sizeof(libspdm_test_message_header_t);
70 53 : switch (spdm_test_context->case_id) {
71 1 : case 0x1:
72 1 : return LIBSPDM_STATUS_SEND_FAIL;
73 1 : case 0x2:
74 1 : m_libspdm_local_buffer_size = 0;
75 1 : message_size = libspdm_test_get_key_exchange_request_size(
76 : spdm_context, (const uint8_t *)request + header_size,
77 : request_size - header_size);
78 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
79 : (const uint8_t *)request + header_size, message_size);
80 1 : m_libspdm_local_buffer_size += message_size;
81 1 : return LIBSPDM_STATUS_SUCCESS;
82 0 : case 0x3:
83 0 : m_libspdm_local_buffer_size = 0;
84 0 : message_size = libspdm_test_get_key_exchange_request_size(
85 : spdm_context, (const uint8_t *)request + header_size,
86 : request_size - header_size);
87 0 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
88 : (const uint8_t *)request + header_size, message_size);
89 0 : m_libspdm_local_buffer_size += message_size;
90 0 : return LIBSPDM_STATUS_SUCCESS;
91 1 : case 0x4:
92 1 : m_libspdm_local_buffer_size = 0;
93 1 : message_size = libspdm_test_get_key_exchange_request_size(
94 : spdm_context, (const uint8_t *)request + header_size,
95 : request_size - header_size);
96 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
97 : (const uint8_t *)request + header_size, message_size);
98 1 : m_libspdm_local_buffer_size += message_size;
99 1 : return LIBSPDM_STATUS_SUCCESS;
100 1 : case 0x5:
101 1 : m_libspdm_local_buffer_size = 0;
102 1 : message_size = libspdm_test_get_key_exchange_request_size(
103 : spdm_context, (const uint8_t *)request + header_size,
104 : request_size - header_size);
105 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
106 : (const uint8_t *)request + header_size, message_size);
107 1 : m_libspdm_local_buffer_size += message_size;
108 1 : return LIBSPDM_STATUS_SUCCESS;
109 2 : case 0x6:
110 2 : m_libspdm_local_buffer_size = 0;
111 2 : message_size = libspdm_test_get_key_exchange_request_size(
112 : spdm_context, (const uint8_t *)request + header_size,
113 : request_size - header_size);
114 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
115 : (const uint8_t *)request + header_size, message_size);
116 2 : m_libspdm_local_buffer_size += message_size;
117 2 : return LIBSPDM_STATUS_SUCCESS;
118 1 : case 0x7:
119 1 : m_libspdm_local_buffer_size = 0;
120 1 : message_size = libspdm_test_get_key_exchange_request_size(
121 : spdm_context, (const uint8_t *)request + header_size,
122 : request_size - header_size);
123 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
124 : (const uint8_t *)request + header_size, message_size);
125 1 : m_libspdm_local_buffer_size += message_size;
126 1 : return LIBSPDM_STATUS_SUCCESS;
127 2 : case 0x8:
128 2 : m_libspdm_local_buffer_size = 0;
129 2 : message_size = libspdm_test_get_key_exchange_request_size(
130 : spdm_context, (const uint8_t *)request + header_size,
131 : request_size - header_size);
132 2 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
133 : (const uint8_t *)request + header_size, message_size);
134 2 : m_libspdm_local_buffer_size += message_size;
135 2 : return LIBSPDM_STATUS_SUCCESS;
136 2 : case 0x9: {
137 : static size_t sub_index = 0;
138 2 : if (sub_index == 0) {
139 1 : m_libspdm_local_buffer_size = 0;
140 1 : message_size = libspdm_test_get_key_exchange_request_size(
141 : spdm_context, (const uint8_t *)request + header_size,
142 : request_size - header_size);
143 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
144 : (const uint8_t *)request + header_size, message_size);
145 1 : m_libspdm_local_buffer_size += message_size;
146 1 : sub_index++;
147 : }
148 : }
149 2 : return LIBSPDM_STATUS_SUCCESS;
150 18 : case 0xA:
151 18 : m_libspdm_local_buffer_size = 0;
152 18 : message_size = libspdm_test_get_key_exchange_request_size(
153 : spdm_context, (const uint8_t *)request + header_size,
154 : request_size - header_size);
155 18 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
156 : (const uint8_t *)request + header_size, message_size);
157 18 : m_libspdm_local_buffer_size += message_size;
158 18 : return LIBSPDM_STATUS_SUCCESS;
159 1 : case 0xB:
160 1 : m_libspdm_local_buffer_size = 0;
161 1 : message_size = libspdm_test_get_key_exchange_request_size(
162 : spdm_context, (const uint8_t *)request + header_size,
163 : request_size - header_size);
164 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
165 : (const uint8_t *)request + header_size, message_size);
166 1 : m_libspdm_local_buffer_size += message_size;
167 1 : return LIBSPDM_STATUS_SUCCESS;
168 1 : case 0xC:
169 1 : m_libspdm_local_buffer_size = 0;
170 1 : message_size = libspdm_test_get_key_exchange_request_size(
171 : spdm_context, (const uint8_t *)request + header_size,
172 : request_size - header_size);
173 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
174 : (const uint8_t *)request + header_size, message_size);
175 1 : m_libspdm_local_buffer_size += message_size;
176 1 : return LIBSPDM_STATUS_SUCCESS;
177 1 : case 0xD:
178 1 : m_libspdm_local_buffer_size = 0;
179 1 : message_size = libspdm_test_get_key_exchange_request_size(
180 : spdm_context, (const uint8_t *)request + header_size,
181 : request_size - header_size);
182 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
183 : (const uint8_t *)request + header_size, message_size);
184 1 : m_libspdm_local_buffer_size += message_size;
185 1 : return LIBSPDM_STATUS_SUCCESS;
186 1 : case 0xE:
187 1 : m_libspdm_local_buffer_size = 0;
188 1 : message_size = libspdm_test_get_key_exchange_request_size(
189 : spdm_context, (const uint8_t *)request + header_size,
190 : request_size - header_size);
191 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
192 : (const uint8_t *)request + header_size, message_size);
193 1 : m_libspdm_local_buffer_size += message_size;
194 1 : return LIBSPDM_STATUS_SUCCESS;
195 1 : case 0xF:
196 1 : m_libspdm_local_buffer_size = 0;
197 1 : message_size = libspdm_test_get_key_exchange_request_size(
198 : spdm_context, (const uint8_t *)request + header_size,
199 : request_size - header_size);
200 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
201 : (const uint8_t *)request + header_size, message_size);
202 1 : m_libspdm_local_buffer_size += message_size;
203 1 : return LIBSPDM_STATUS_SUCCESS;
204 1 : case 0x10:
205 1 : m_libspdm_local_buffer_size = 0;
206 1 : message_size = libspdm_test_get_key_exchange_request_size(
207 : spdm_context, (const uint8_t *)request + header_size,
208 : request_size - header_size);
209 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
210 : (const uint8_t *)request + header_size, message_size);
211 1 : m_libspdm_local_buffer_size += message_size;
212 1 : return LIBSPDM_STATUS_SUCCESS;
213 1 : case 0x11:
214 1 : m_libspdm_local_buffer_size = 0;
215 1 : message_size = libspdm_test_get_key_exchange_request_size(
216 : spdm_context, (const uint8_t *)request + header_size,
217 : request_size - header_size);
218 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
219 : (const uint8_t *)request + header_size, message_size);
220 1 : m_libspdm_local_buffer_size += message_size;
221 1 : return LIBSPDM_STATUS_SUCCESS;
222 1 : case 0x12:
223 1 : m_libspdm_local_buffer_size = 0;
224 1 : message_size = libspdm_test_get_key_exchange_request_size(
225 : spdm_context, (const uint8_t *)request + header_size,
226 : request_size - header_size);
227 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
228 : (const uint8_t *)request + header_size, message_size);
229 1 : m_libspdm_local_buffer_size += message_size;
230 1 : return LIBSPDM_STATUS_SUCCESS;
231 1 : case 0x13:
232 1 : m_libspdm_local_buffer_size = 0;
233 1 : message_size = libspdm_test_get_key_exchange_request_size(
234 : spdm_context, (const uint8_t *)request + header_size,
235 : request_size - header_size);
236 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
237 : (const uint8_t *)request + header_size, message_size);
238 1 : m_libspdm_local_buffer_size += message_size;
239 1 : return LIBSPDM_STATUS_SUCCESS;
240 1 : case 0x14:
241 1 : m_libspdm_local_buffer_size = 0;
242 1 : message_size = libspdm_test_get_key_exchange_request_size(
243 : spdm_context, (const uint8_t *)request + header_size,
244 : request_size - header_size);
245 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
246 : (const uint8_t *)request + header_size, message_size);
247 1 : m_libspdm_local_buffer_size += message_size;
248 1 : return LIBSPDM_STATUS_SUCCESS;
249 1 : case 0x15:
250 1 : m_libspdm_local_buffer_size = 0;
251 1 : message_size = libspdm_test_get_key_exchange_request_size(
252 : spdm_context, (const uint8_t *)request + header_size,
253 : request_size - header_size);
254 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
255 : (const uint8_t *)request + header_size, message_size);
256 1 : m_libspdm_local_buffer_size += message_size;
257 1 : return LIBSPDM_STATUS_SUCCESS;
258 1 : case 0x16:
259 1 : m_libspdm_local_buffer_size = 0;
260 1 : message_size = libspdm_test_get_key_exchange_request_size(
261 : spdm_context, (const uint8_t *)request + header_size,
262 : request_size - header_size);
263 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
264 : (const uint8_t *)request + header_size, message_size);
265 1 : m_libspdm_local_buffer_size += message_size;
266 1 : return LIBSPDM_STATUS_SUCCESS;
267 1 : case 0x17:
268 1 : m_libspdm_local_buffer_size = 0;
269 1 : message_size = libspdm_test_get_key_exchange_request_size(
270 : spdm_context, (const uint8_t *)request + header_size,
271 : request_size - header_size);
272 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
273 : (const uint8_t *)request + header_size, message_size);
274 1 : m_libspdm_local_buffer_size += message_size;
275 1 : return LIBSPDM_STATUS_SUCCESS;
276 1 : case 0x18:
277 1 : m_libspdm_local_buffer_size = 0;
278 1 : message_size = libspdm_test_get_key_exchange_request_size(
279 : spdm_context, (const uint8_t *)request + header_size,
280 : request_size - header_size);
281 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
282 : (const uint8_t *)request + header_size, message_size);
283 1 : m_libspdm_local_buffer_size += message_size;
284 1 : return LIBSPDM_STATUS_SUCCESS;
285 1 : case 0x19:
286 1 : m_libspdm_local_buffer_size = 0;
287 1 : message_size = libspdm_test_get_key_exchange_request_size(
288 : spdm_context, (const uint8_t *)request + header_size,
289 : request_size - header_size);
290 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
291 : (const uint8_t *)request + header_size, message_size);
292 1 : m_libspdm_local_buffer_size += message_size;
293 1 : return LIBSPDM_STATUS_SUCCESS;
294 1 : case 0x1A:
295 1 : m_libspdm_local_buffer_size = 0;
296 1 : message_size = libspdm_test_get_key_exchange_request_size(
297 : spdm_context, (const uint8_t *)request + header_size,
298 : request_size - header_size);
299 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
300 : (const uint8_t *)request + header_size, message_size);
301 1 : m_libspdm_local_buffer_size += message_size;
302 1 : return LIBSPDM_STATUS_SUCCESS;
303 1 : case 0x1B:
304 1 : m_libspdm_local_buffer_size = 0;
305 1 : message_size = libspdm_test_get_key_exchange_request_size(
306 : spdm_context, (const uint8_t *)request + header_size,
307 : request_size - header_size);
308 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
309 : (const uint8_t *)request + header_size, message_size);
310 1 : m_libspdm_local_buffer_size += message_size;
311 1 : return LIBSPDM_STATUS_SUCCESS;
312 1 : case 0x1C:
313 1 : m_libspdm_local_buffer_size = 0;
314 1 : message_size = libspdm_test_get_key_exchange_request_size(
315 : spdm_context, (const uint8_t *)request + header_size,
316 : request_size - header_size);
317 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
318 : (const uint8_t *)request + header_size, message_size);
319 1 : m_libspdm_local_buffer_size += message_size;
320 1 : return LIBSPDM_STATUS_SUCCESS;
321 1 : case 0x1D:
322 1 : m_libspdm_local_buffer_size = 0;
323 1 : message_size = libspdm_test_get_key_exchange_request_size(
324 : spdm_context, (const uint8_t *)request + header_size,
325 : request_size - header_size);
326 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
327 : (const uint8_t *)request + header_size, message_size);
328 1 : m_libspdm_local_buffer_size += message_size;
329 1 : return LIBSPDM_STATUS_SUCCESS;
330 1 : case 0x1E:
331 1 : m_libspdm_local_buffer_size = 0;
332 1 : message_size = libspdm_test_get_key_exchange_request_size(
333 : spdm_context, (const uint8_t *)request + header_size,
334 : request_size - header_size);
335 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
336 : (const uint8_t *)request + header_size, message_size);
337 1 : m_libspdm_local_buffer_size += message_size;
338 1 : return LIBSPDM_STATUS_SUCCESS;
339 1 : case 0x1F:
340 1 : m_libspdm_local_buffer_size = 0;
341 1 : message_size = libspdm_test_get_key_exchange_request_size(
342 : spdm_context, (const uint8_t *)request + header_size,
343 : request_size - header_size);
344 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
345 : (const uint8_t *)request + header_size, message_size);
346 1 : m_libspdm_local_buffer_size += message_size;
347 1 : return LIBSPDM_STATUS_SUCCESS;
348 1 : case 0x20:
349 1 : m_libspdm_local_buffer_size = 0;
350 1 : message_size = libspdm_test_get_key_exchange_request_size(
351 : spdm_context, (const uint8_t *)request + header_size,
352 : request_size - header_size);
353 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
354 : (const uint8_t *)request + header_size, message_size);
355 1 : m_libspdm_local_buffer_size += message_size;
356 1 : return LIBSPDM_STATUS_SUCCESS;
357 1 : case 0x21:
358 1 : m_libspdm_local_buffer_size = 0;
359 1 : message_size = libspdm_test_get_key_exchange_request_size(
360 : spdm_context, (const uint8_t *)request + header_size,
361 : request_size - header_size);
362 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
363 : (const uint8_t *)request + header_size, message_size);
364 1 : m_libspdm_local_buffer_size += message_size;
365 1 : return LIBSPDM_STATUS_SUCCESS;
366 1 : case 0x22:
367 1 : m_libspdm_local_buffer_size = 0;
368 1 : message_size = libspdm_test_get_key_exchange_request_size(
369 : spdm_context, (const uint8_t *)request + header_size,
370 : request_size - header_size);
371 1 : libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer),
372 : (const uint8_t *)request + header_size, message_size);
373 1 : m_libspdm_local_buffer_size += message_size;
374 1 : return LIBSPDM_STATUS_SUCCESS;
375 0 : default:
376 0 : return LIBSPDM_STATUS_SEND_FAIL;
377 : }
378 : }
379 :
380 52 : static libspdm_return_t receive_message(
381 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
382 : {
383 : libspdm_test_context_t *spdm_test_context;
384 :
385 52 : spdm_test_context = libspdm_get_test_context();
386 52 : switch (spdm_test_context->case_id) {
387 0 : case 0x1:
388 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
389 :
390 1 : case 0x2: {
391 : spdm_key_exchange_response_t *spdm_response;
392 : size_t dhe_key_size;
393 : uint32_t hash_size;
394 : size_t signature_size;
395 : uint32_t hmac_size;
396 : uint8_t *ptr;
397 : void *dhe_context;
398 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
399 : size_t final_key_size;
400 : size_t opaque_key_exchange_rsp_size;
401 : void *data;
402 : size_t data_size;
403 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
404 : uint8_t *cert_buffer;
405 : size_t cert_buffer_size;
406 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
407 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
408 : uint8_t bin_str0[128];
409 : size_t bin_str0_size;
410 : uint8_t bin_str2[128];
411 : size_t bin_str2_size;
412 : uint8_t bin_str7[128];
413 : size_t bin_str7_size;
414 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
415 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
416 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
417 : size_t spdm_response_size;
418 : size_t transport_header_size;
419 :
420 : ((libspdm_context_t *)spdm_context)
421 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
422 : ((libspdm_context_t *)spdm_context)
423 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
424 : ((libspdm_context_t *)spdm_context)
425 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
426 : ((libspdm_context_t *)spdm_context)
427 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
428 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
429 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
430 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
431 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
432 1 : opaque_key_exchange_rsp_size =
433 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
434 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
435 1 : dhe_key_size + 0 + sizeof(uint16_t) +
436 1 : opaque_key_exchange_rsp_size + signature_size +
437 : hmac_size;
438 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
439 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
440 :
441 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
442 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
443 1 : spdm_response->header.param1 = 0;
444 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
445 1 : spdm_response->mut_auth_requested = 0;
446 1 : spdm_response->req_slot_id_param = 0;
447 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
448 1 : ptr = (void *)(spdm_response + 1);
449 1 : dhe_context = libspdm_dhe_new(
450 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
451 : m_libspdm_use_dhe_algo,
452 : true);
453 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
454 1 : final_key_size = sizeof(final_key);
455 1 : libspdm_dhe_compute_key(
456 : m_libspdm_use_dhe_algo, dhe_context,
457 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
458 : sizeof(spdm_key_exchange_request_t),
459 : dhe_key_size, final_key, &final_key_size);
460 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
461 1 : ptr += dhe_key_size;
462 : /* libspdm_zero_mem (ptr, hash_size);
463 : * ptr += hash_size;*/
464 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
465 1 : ptr += sizeof(uint16_t);
466 1 : libspdm_build_opaque_data_version_selection_data(
467 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
468 : &opaque_key_exchange_rsp_size, ptr);
469 1 : ptr += opaque_key_exchange_rsp_size;
470 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
471 : m_libspdm_use_asym_algo, &data,
472 : &data_size, NULL, NULL)) {
473 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
474 : }
475 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
476 : sizeof(m_libspdm_local_buffer)
477 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
478 : m_libspdm_local_buffer),
479 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
480 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
481 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
482 : m_libspdm_local_buffer_size));
483 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
484 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
485 1 : cert_buffer = (uint8_t *)data;
486 1 : cert_buffer_size = data_size;
487 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
488 : /* transcript.message_a size is 0*/
489 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
490 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
491 : m_libspdm_local_buffer_size);
492 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
493 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
494 1 : free(data);
495 1 : libspdm_responder_data_sign(
496 : spdm_context,
497 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
498 : 0, SPDM_KEY_EXCHANGE_RSP,
499 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
500 1 : false, libspdm_get_managed_buffer(&th_curr),
501 : libspdm_get_managed_buffer_size(&th_curr), ptr,
502 : &signature_size);
503 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
504 : sizeof(m_libspdm_local_buffer)
505 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
506 : m_libspdm_local_buffer),
507 : ptr, signature_size);
508 1 : m_libspdm_local_buffer_size += signature_size;
509 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
510 1 : ptr += signature_size;
511 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
512 : libspdm_get_managed_buffer_size(&th_curr),
513 : th_curr_hash_data);
514 1 : bin_str0_size = sizeof(bin_str0);
515 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
516 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
517 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
518 : &bin_str0_size);
519 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
520 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
521 1 : bin_str2_size = sizeof(bin_str2);
522 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
523 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
524 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
525 : bin_str2, &bin_str2_size);
526 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
527 : bin_str2, bin_str2_size,
528 : response_handshake_secret, hash_size);
529 1 : bin_str7_size = sizeof(bin_str7);
530 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
531 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
532 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
533 : &bin_str7_size);
534 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
535 : hash_size, bin_str7, bin_str7_size,
536 : response_finished_key, hash_size);
537 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
538 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
539 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
540 : response_finished_key, hash_size, ptr);
541 1 : ptr += hmac_size;
542 :
543 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
544 : false, spdm_response_size,
545 : spdm_response, response_size,
546 : response);
547 : }
548 1 : return LIBSPDM_STATUS_SUCCESS;
549 :
550 0 : case 0x3: {
551 : spdm_key_exchange_response_t *spdm_response;
552 : size_t dhe_key_size;
553 : uint32_t hash_size;
554 : size_t signature_size;
555 : uint32_t hmac_size;
556 : uint8_t *ptr;
557 : void *dhe_context;
558 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
559 : size_t final_key_size;
560 : size_t opaque_key_exchange_rsp_size;
561 : void *data;
562 : size_t data_size;
563 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
564 : uint8_t *cert_buffer;
565 : size_t cert_buffer_size;
566 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
567 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
568 : uint8_t bin_str0[128];
569 : size_t bin_str0_size;
570 : uint8_t bin_str2[128];
571 : size_t bin_str2_size;
572 : uint8_t bin_str7[128];
573 : size_t bin_str7_size;
574 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
575 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
576 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
577 : size_t spdm_response_size;
578 : size_t transport_header_size;
579 :
580 : ((libspdm_context_t *)spdm_context)
581 0 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
582 : ((libspdm_context_t *)spdm_context)
583 0 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
584 : ((libspdm_context_t *)spdm_context)
585 0 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
586 : ((libspdm_context_t *)spdm_context)
587 0 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
588 0 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
589 0 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
590 0 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
591 0 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
592 0 : opaque_key_exchange_rsp_size =
593 0 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
594 0 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
595 0 : dhe_key_size + 0 + sizeof(uint16_t) +
596 0 : opaque_key_exchange_rsp_size + signature_size +
597 : hmac_size;
598 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
599 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
600 :
601 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
602 0 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
603 0 : spdm_response->header.param1 = 0;
604 0 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
605 0 : spdm_response->mut_auth_requested = 0;
606 0 : spdm_response->req_slot_id_param = 0;
607 0 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
608 0 : ptr = (void *)(spdm_response + 1);
609 0 : dhe_context = libspdm_dhe_new(
610 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
611 : m_libspdm_use_dhe_algo,
612 : true);
613 0 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
614 0 : final_key_size = sizeof(final_key);
615 0 : libspdm_dhe_compute_key(
616 : m_libspdm_use_dhe_algo, dhe_context,
617 0 : (uint8_t *)&m_libspdm_local_buffer[0] +
618 : sizeof(spdm_key_exchange_request_t),
619 : dhe_key_size, final_key, &final_key_size);
620 0 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
621 0 : ptr += dhe_key_size;
622 : /* libspdm_zero_mem (ptr, hash_size);
623 : * ptr += hash_size;*/
624 0 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
625 0 : ptr += sizeof(uint16_t);
626 0 : libspdm_build_opaque_data_version_selection_data(
627 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
628 : &opaque_key_exchange_rsp_size, ptr);
629 0 : ptr += opaque_key_exchange_rsp_size;
630 0 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
631 : m_libspdm_use_asym_algo, &data,
632 : &data_size, NULL, NULL)) {
633 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
634 : }
635 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
636 : sizeof(m_libspdm_local_buffer)
637 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
638 : m_libspdm_local_buffer),
639 0 : spdm_response, (size_t)ptr - (size_t)spdm_response);
640 0 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
641 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
642 : m_libspdm_local_buffer_size));
643 0 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
644 0 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
645 0 : cert_buffer = (uint8_t *)data;
646 0 : cert_buffer_size = data_size;
647 0 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
648 : /* transcript.message_a size is 0*/
649 0 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
650 0 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
651 : m_libspdm_local_buffer_size);
652 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
653 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
654 0 : free(data);
655 0 : libspdm_responder_data_sign(
656 : spdm_context,
657 0 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
658 : 0, SPDM_KEY_EXCHANGE_RSP,
659 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
660 0 : false, libspdm_get_managed_buffer(&th_curr),
661 : libspdm_get_managed_buffer_size(&th_curr), ptr,
662 : &signature_size);
663 0 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
664 : sizeof(m_libspdm_local_buffer)
665 0 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
666 : m_libspdm_local_buffer),
667 : ptr, signature_size);
668 0 : m_libspdm_local_buffer_size += signature_size;
669 0 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
670 0 : ptr += signature_size;
671 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
672 : libspdm_get_managed_buffer_size(&th_curr),
673 : th_curr_hash_data);
674 0 : bin_str0_size = sizeof(bin_str0);
675 0 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
676 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
677 0 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
678 : &bin_str0_size);
679 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
680 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
681 0 : bin_str2_size = sizeof(bin_str2);
682 0 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
683 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
684 0 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
685 : bin_str2, &bin_str2_size);
686 0 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
687 : bin_str2, bin_str2_size,
688 : response_handshake_secret, hash_size);
689 0 : bin_str7_size = sizeof(bin_str7);
690 0 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
691 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
692 0 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
693 : &bin_str7_size);
694 0 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
695 : hash_size, bin_str7, bin_str7_size,
696 : response_finished_key, hash_size);
697 0 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
698 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
699 0 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
700 : response_finished_key, hash_size, ptr);
701 0 : ptr += hmac_size;
702 :
703 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
704 : false, spdm_response_size,
705 : spdm_response, response_size,
706 : response);
707 : }
708 0 : return LIBSPDM_STATUS_SUCCESS;
709 :
710 1 : case 0x4: {
711 : spdm_error_response_t *spdm_response;
712 : size_t spdm_response_size;
713 : size_t transport_header_size;
714 :
715 1 : spdm_response_size = sizeof(spdm_error_response_t);
716 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
717 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
718 :
719 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
720 1 : spdm_response->header.request_response_code = SPDM_ERROR;
721 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
722 1 : spdm_response->header.param2 = 0;
723 :
724 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
725 : false, spdm_response_size,
726 : spdm_response,
727 : response_size, response);
728 : }
729 1 : return LIBSPDM_STATUS_SUCCESS;
730 :
731 1 : case 0x5: {
732 : spdm_error_response_t *spdm_response;
733 : size_t spdm_response_size;
734 : size_t transport_header_size;
735 :
736 1 : spdm_response_size = sizeof(spdm_error_response_t);
737 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
738 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
739 :
740 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
741 1 : spdm_response->header.request_response_code = SPDM_ERROR;
742 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
743 1 : spdm_response->header.param2 = 0;
744 :
745 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
746 : false, spdm_response_size,
747 : spdm_response,
748 : response_size, response);
749 : }
750 1 : return LIBSPDM_STATUS_SUCCESS;
751 :
752 2 : case 0x6: {
753 : static size_t sub_index1 = 0;
754 2 : if (sub_index1 == 0) {
755 : spdm_error_response_t *spdm_response;
756 : size_t spdm_response_size;
757 : size_t transport_header_size;
758 :
759 1 : spdm_response_size = sizeof(spdm_error_response_t);
760 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
761 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
762 :
763 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
764 1 : spdm_response->header.request_response_code = SPDM_ERROR;
765 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
766 1 : spdm_response->header.param2 = 0;
767 :
768 1 : libspdm_transport_test_encode_message(
769 : spdm_context, NULL, false, false,
770 : spdm_response_size, spdm_response,
771 : response_size, response);
772 1 : sub_index1++;
773 1 : } else if (sub_index1 == 1) {
774 : spdm_key_exchange_response_t *spdm_response;
775 : size_t dhe_key_size;
776 : uint32_t hash_size;
777 : size_t signature_size;
778 : uint32_t hmac_size;
779 : uint8_t *ptr;
780 : void *dhe_context;
781 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
782 : size_t final_key_size;
783 : size_t opaque_key_exchange_rsp_size;
784 : void *data;
785 : size_t data_size;
786 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
787 : uint8_t *cert_buffer;
788 : size_t cert_buffer_size;
789 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
790 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
791 : uint8_t bin_str0[128];
792 : size_t bin_str0_size;
793 : uint8_t bin_str2[128];
794 : size_t bin_str2_size;
795 : uint8_t bin_str7[128];
796 : size_t bin_str7_size;
797 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
798 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
799 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
800 : size_t spdm_response_size;
801 : size_t transport_header_size;
802 :
803 : ((libspdm_context_t *)spdm_context)
804 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
805 : ((libspdm_context_t *)spdm_context)
806 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
807 : ((libspdm_context_t *)spdm_context)
808 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
809 : ((libspdm_context_t *)spdm_context)
810 : ->connection_info.algorithm
811 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
812 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
813 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
814 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
815 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
816 1 : opaque_key_exchange_rsp_size =
817 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
818 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
819 1 : dhe_key_size + 0 + sizeof(uint16_t) +
820 1 : opaque_key_exchange_rsp_size +
821 1 : signature_size + hmac_size;
822 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
823 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
824 :
825 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
826 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
827 1 : spdm_response->header.param1 = 0;
828 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
829 1 : spdm_response->mut_auth_requested = 0;
830 1 : spdm_response->req_slot_id_param = 0;
831 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
832 1 : ptr = (void *)(spdm_response + 1);
833 1 : dhe_context = libspdm_dhe_new(
834 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
835 : m_libspdm_use_dhe_algo, true);
836 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
837 1 : final_key_size = sizeof(final_key);
838 1 : libspdm_dhe_compute_key(
839 : m_libspdm_use_dhe_algo, dhe_context,
840 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
841 : sizeof(spdm_key_exchange_request_t),
842 : dhe_key_size, final_key, &final_key_size);
843 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
844 1 : ptr += dhe_key_size;
845 : /* libspdm_zero_mem (ptr, hash_size);
846 : * ptr += hash_size;*/
847 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
848 1 : ptr += sizeof(uint16_t);
849 1 : libspdm_build_opaque_data_version_selection_data(
850 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
851 : &opaque_key_exchange_rsp_size, ptr);
852 1 : ptr += opaque_key_exchange_rsp_size;
853 1 : if (!libspdm_read_responder_public_certificate_chain(
854 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
855 : &data_size, NULL, NULL)) {
856 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
857 : }
858 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
859 : sizeof(m_libspdm_local_buffer)
860 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
861 : m_libspdm_local_buffer),
862 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
863 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
864 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
865 : m_libspdm_local_buffer_size));
866 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
867 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
868 1 : cert_buffer = (uint8_t *)data;
869 1 : cert_buffer_size = data_size;
870 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
871 : cert_buffer_size, cert_buffer_hash);
872 : /* transcript.message_a size is 0*/
873 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
874 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
875 : m_libspdm_local_buffer_size);
876 2 : libspdm_hash_all(m_libspdm_use_hash_algo,
877 1 : libspdm_get_managed_buffer(&th_curr),
878 : libspdm_get_managed_buffer_size(&th_curr),
879 : hash_data);
880 1 : free(data);
881 1 : libspdm_responder_data_sign(
882 : spdm_context,
883 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
884 : 0, SPDM_KEY_EXCHANGE_RSP,
885 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
886 1 : false, libspdm_get_managed_buffer(&th_curr),
887 : libspdm_get_managed_buffer_size(&th_curr), ptr,
888 : &signature_size);
889 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
890 : sizeof(m_libspdm_local_buffer)
891 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
892 : m_libspdm_local_buffer),
893 : ptr, signature_size);
894 1 : m_libspdm_local_buffer_size += signature_size;
895 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
896 1 : ptr += signature_size;
897 2 : libspdm_hash_all(m_libspdm_use_hash_algo,
898 1 : libspdm_get_managed_buffer(&th_curr),
899 : libspdm_get_managed_buffer_size(&th_curr),
900 : th_curr_hash_data);
901 1 : bin_str0_size = sizeof(bin_str0);
902 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
903 : SPDM_BIN_STR_0_LABEL,
904 : sizeof(SPDM_BIN_STR_0_LABEL) - 1, NULL,
905 1 : (uint16_t)hash_size, hash_size, bin_str0,
906 : &bin_str0_size);
907 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
908 : m_libspdm_zero_filled_buffer, hash_size, handshake_secret);
909 1 : bin_str2_size = sizeof(bin_str2);
910 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
911 : SPDM_BIN_STR_2_LABEL,
912 : sizeof(SPDM_BIN_STR_2_LABEL) - 1,
913 1 : th_curr_hash_data, (uint16_t)hash_size,
914 : hash_size, bin_str2, &bin_str2_size);
915 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret,
916 : hash_size, bin_str2, bin_str2_size,
917 : response_handshake_secret, hash_size);
918 1 : bin_str7_size = sizeof(bin_str7);
919 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
920 : SPDM_BIN_STR_7_LABEL,
921 : sizeof(SPDM_BIN_STR_7_LABEL) - 1, NULL,
922 1 : (uint16_t)hash_size, hash_size, bin_str7,
923 : &bin_str7_size);
924 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo,
925 : response_handshake_secret, hash_size,
926 : bin_str7, bin_str7_size,
927 : response_finished_key, hash_size);
928 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
929 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
930 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
931 : response_finished_key, hash_size, ptr);
932 1 : ptr += hmac_size;
933 :
934 1 : libspdm_transport_test_encode_message(
935 : spdm_context, NULL, false, false, spdm_response_size,
936 : spdm_response, response_size, response);
937 : }
938 : }
939 2 : return LIBSPDM_STATUS_SUCCESS;
940 :
941 1 : case 0x7: {
942 : spdm_error_response_t *spdm_response;
943 : size_t spdm_response_size;
944 : size_t transport_header_size;
945 :
946 1 : spdm_response_size = sizeof(spdm_error_response_t);
947 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
948 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
949 :
950 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
951 1 : spdm_response->header.request_response_code = SPDM_ERROR;
952 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
953 1 : spdm_response->header.param2 = 0;
954 :
955 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
956 : false, spdm_response_size,
957 : spdm_response,
958 : response_size, response);
959 : }
960 1 : return LIBSPDM_STATUS_SUCCESS;
961 :
962 2 : case 0x8: {
963 : spdm_error_response_data_response_not_ready_t *spdm_response;
964 : size_t spdm_response_size;
965 : size_t transport_header_size;
966 :
967 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
968 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
969 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
970 :
971 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
972 2 : spdm_response->header.request_response_code = SPDM_ERROR;
973 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
974 2 : spdm_response->header.param2 = 0;
975 2 : spdm_response->extend_error_data.rd_exponent = 1;
976 2 : spdm_response->extend_error_data.rd_tm = 2;
977 2 : spdm_response->extend_error_data.request_code = SPDM_KEY_EXCHANGE;
978 2 : spdm_response->extend_error_data.token = 0;
979 :
980 2 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
981 : false, spdm_response_size,
982 : spdm_response,
983 : response_size, response);
984 : }
985 2 : return LIBSPDM_STATUS_SUCCESS;
986 :
987 2 : case 0x9: {
988 : static size_t sub_index2 = 0;
989 2 : if (sub_index2 == 0) {
990 : spdm_error_response_data_response_not_ready_t
991 : *spdm_response;
992 : size_t spdm_response_size;
993 : size_t transport_header_size;
994 :
995 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
996 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
997 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
998 :
999 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1000 1 : spdm_response->header.request_response_code = SPDM_ERROR;
1001 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
1002 1 : spdm_response->header.param2 = 0;
1003 1 : spdm_response->extend_error_data.rd_exponent = 1;
1004 1 : spdm_response->extend_error_data.rd_tm = 2;
1005 1 : spdm_response->extend_error_data.request_code = SPDM_KEY_EXCHANGE;
1006 1 : spdm_response->extend_error_data.token = 1;
1007 :
1008 1 : libspdm_transport_test_encode_message(
1009 : spdm_context, NULL, false, false,
1010 : spdm_response_size, spdm_response,
1011 : response_size, response);
1012 1 : sub_index2++;
1013 1 : } else if (sub_index2 == 1) {
1014 : spdm_key_exchange_response_t *spdm_response;
1015 : size_t dhe_key_size;
1016 : uint32_t hash_size;
1017 : size_t signature_size;
1018 : uint32_t hmac_size;
1019 : uint8_t *ptr;
1020 : void *dhe_context;
1021 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1022 : size_t final_key_size;
1023 : size_t opaque_key_exchange_rsp_size;
1024 : void *data;
1025 : size_t data_size;
1026 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1027 : uint8_t *cert_buffer;
1028 : size_t cert_buffer_size;
1029 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1030 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1031 : uint8_t bin_str0[128];
1032 : size_t bin_str0_size;
1033 : uint8_t bin_str2[128];
1034 : size_t bin_str2_size;
1035 : uint8_t bin_str7[128];
1036 : size_t bin_str7_size;
1037 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1038 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1039 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1040 : size_t spdm_response_size;
1041 : size_t transport_header_size;
1042 :
1043 : ((libspdm_context_t *)spdm_context)
1044 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1045 : ((libspdm_context_t *)spdm_context)
1046 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1047 : ((libspdm_context_t *)spdm_context)
1048 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1049 : ((libspdm_context_t *)spdm_context)
1050 : ->connection_info.algorithm
1051 1 : .measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1052 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1053 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1054 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1055 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1056 1 : opaque_key_exchange_rsp_size =
1057 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1058 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1059 1 : dhe_key_size + 0 + sizeof(uint16_t) +
1060 1 : opaque_key_exchange_rsp_size +
1061 1 : signature_size + hmac_size;
1062 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1063 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1064 :
1065 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1066 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1067 1 : spdm_response->header.param1 = 0;
1068 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1069 1 : spdm_response->mut_auth_requested = 0;
1070 1 : spdm_response->req_slot_id_param = 0;
1071 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1072 1 : ptr = (void *)(spdm_response + 1);
1073 1 : dhe_context = libspdm_dhe_new(
1074 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1075 : m_libspdm_use_dhe_algo, true);
1076 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1077 1 : final_key_size = sizeof(final_key);
1078 1 : libspdm_dhe_compute_key(
1079 : m_libspdm_use_dhe_algo, dhe_context,
1080 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1081 : sizeof(spdm_key_exchange_request_t),
1082 : dhe_key_size, final_key, &final_key_size);
1083 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1084 1 : ptr += dhe_key_size;
1085 : /* libspdm_zero_mem (ptr, hash_size);
1086 : * ptr += hash_size;*/
1087 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1088 1 : ptr += sizeof(uint16_t);
1089 1 : libspdm_build_opaque_data_version_selection_data(
1090 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1091 : &opaque_key_exchange_rsp_size, ptr);
1092 1 : ptr += opaque_key_exchange_rsp_size;
1093 1 : if (!libspdm_read_responder_public_certificate_chain(
1094 : m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data,
1095 : &data_size, NULL, NULL)) {
1096 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1097 : }
1098 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1099 : sizeof(m_libspdm_local_buffer)
1100 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1101 : m_libspdm_local_buffer),
1102 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1103 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1104 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1105 : m_libspdm_local_buffer_size));
1106 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1107 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1108 1 : cert_buffer = (uint8_t *)data;
1109 1 : cert_buffer_size = data_size;
1110 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer,
1111 : cert_buffer_size, cert_buffer_hash);
1112 : /* transcript.message_a size is 0*/
1113 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1114 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1115 : m_libspdm_local_buffer_size);
1116 2 : libspdm_hash_all(m_libspdm_use_hash_algo,
1117 1 : libspdm_get_managed_buffer(&th_curr),
1118 : libspdm_get_managed_buffer_size(&th_curr),
1119 : hash_data);
1120 1 : free(data);
1121 1 : libspdm_responder_data_sign(
1122 : spdm_context,
1123 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1124 : 0, SPDM_KEY_EXCHANGE_RSP,
1125 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1126 1 : false, libspdm_get_managed_buffer(&th_curr),
1127 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1128 : &signature_size);
1129 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1130 : sizeof(m_libspdm_local_buffer)
1131 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1132 : m_libspdm_local_buffer),
1133 : ptr, signature_size);
1134 1 : m_libspdm_local_buffer_size += signature_size;
1135 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
1136 1 : ptr += signature_size;
1137 2 : libspdm_hash_all(m_libspdm_use_hash_algo,
1138 1 : libspdm_get_managed_buffer(&th_curr),
1139 : libspdm_get_managed_buffer_size(&th_curr),
1140 : th_curr_hash_data);
1141 1 : bin_str0_size = sizeof(bin_str0);
1142 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1143 : SPDM_BIN_STR_0_LABEL,
1144 : sizeof(SPDM_BIN_STR_0_LABEL) - 1, NULL,
1145 1 : (uint16_t)hash_size, hash_size, bin_str0,
1146 : &bin_str0_size);
1147 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
1148 : m_libspdm_zero_filled_buffer, hash_size, handshake_secret);
1149 1 : bin_str2_size = sizeof(bin_str2);
1150 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1151 : SPDM_BIN_STR_2_LABEL,
1152 : sizeof(SPDM_BIN_STR_2_LABEL) - 1,
1153 1 : th_curr_hash_data, (uint16_t)hash_size,
1154 : hash_size, bin_str2, &bin_str2_size);
1155 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret,
1156 : hash_size, bin_str2, bin_str2_size,
1157 : response_handshake_secret, hash_size);
1158 1 : bin_str7_size = sizeof(bin_str7);
1159 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1160 : SPDM_BIN_STR_7_LABEL,
1161 : sizeof(SPDM_BIN_STR_7_LABEL) - 1, NULL,
1162 1 : (uint16_t)hash_size, hash_size, bin_str7,
1163 : &bin_str7_size);
1164 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo,
1165 : response_handshake_secret, hash_size,
1166 : bin_str7, bin_str7_size,
1167 : response_finished_key, hash_size);
1168 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1169 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1170 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1171 : response_finished_key, hash_size, ptr);
1172 1 : ptr += hmac_size;
1173 :
1174 1 : libspdm_transport_test_encode_message(
1175 : spdm_context, NULL, false, false, spdm_response_size,
1176 : spdm_response, response_size, response);
1177 : }
1178 : }
1179 2 : return LIBSPDM_STATUS_SUCCESS;
1180 :
1181 18 : case 0xA:
1182 : {
1183 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1184 :
1185 : spdm_error_response_t *spdm_response;
1186 : size_t spdm_response_size;
1187 : size_t transport_header_size;
1188 :
1189 18 : spdm_response_size = sizeof(spdm_error_response_t);
1190 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1191 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1192 :
1193 18 : if(error_code <= 0xff) {
1194 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
1195 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1196 18 : spdm_response->header.request_response_code = SPDM_ERROR;
1197 18 : spdm_response->header.param1 = (uint8_t) error_code;
1198 18 : spdm_response->header.param2 = 0;
1199 :
1200 18 : libspdm_transport_test_encode_message (spdm_context, NULL, false, false,
1201 : spdm_response_size, spdm_response,
1202 : response_size, response);
1203 : }
1204 :
1205 18 : error_code++;
1206 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1207 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1208 : }
1209 : /* skip some reserved error codes (0d to 3e) */
1210 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
1211 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1212 : }
1213 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
1214 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
1215 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1216 : }
1217 : }
1218 18 : return LIBSPDM_STATUS_SUCCESS;
1219 1 : case 0xB: {
1220 : spdm_key_exchange_response_t *spdm_response;
1221 : size_t dhe_key_size;
1222 : uint32_t hash_size;
1223 : size_t signature_size;
1224 : uint32_t hmac_size;
1225 : uint8_t *ptr;
1226 : void *dhe_context;
1227 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1228 : size_t final_key_size;
1229 : size_t opaque_key_exchange_rsp_size;
1230 : void *data;
1231 : size_t data_size;
1232 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1233 : uint8_t *cert_buffer;
1234 : size_t cert_buffer_size;
1235 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1236 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1237 : uint8_t bin_str0[128];
1238 : size_t bin_str0_size;
1239 : uint8_t bin_str2[128];
1240 : size_t bin_str2_size;
1241 : uint8_t bin_str7[128];
1242 : size_t bin_str7_size;
1243 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1244 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1245 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1246 : size_t spdm_response_size;
1247 : size_t transport_header_size;
1248 :
1249 : ((libspdm_context_t *)spdm_context)
1250 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1251 : ((libspdm_context_t *)spdm_context)
1252 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1253 : ((libspdm_context_t *)spdm_context)
1254 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1255 : ((libspdm_context_t *)spdm_context)
1256 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1257 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1258 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1259 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1260 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1261 1 : opaque_key_exchange_rsp_size =
1262 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1263 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1264 1 : dhe_key_size + 0 + sizeof(uint16_t) +
1265 1 : opaque_key_exchange_rsp_size + signature_size +
1266 : hmac_size;
1267 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1268 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1269 :
1270 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1271 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1272 1 : spdm_response->header.param1 = 0;
1273 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1274 1 : spdm_response->mut_auth_requested = 0;
1275 1 : spdm_response->req_slot_id_param = 0;
1276 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1277 1 : ptr = (void *)(spdm_response + 1);
1278 1 : dhe_context = libspdm_dhe_new(
1279 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1280 : m_libspdm_use_dhe_algo,
1281 : true);
1282 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1283 1 : final_key_size = sizeof(final_key);
1284 1 : libspdm_dhe_compute_key(
1285 : m_libspdm_use_dhe_algo, dhe_context,
1286 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1287 : sizeof(spdm_key_exchange_request_t),
1288 : dhe_key_size, final_key, &final_key_size);
1289 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1290 1 : ptr += dhe_key_size;
1291 : /* libspdm_zero_mem (ptr, hash_size);
1292 : * ptr += hash_size;*/
1293 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1294 1 : ptr += sizeof(uint16_t);
1295 1 : libspdm_build_opaque_data_version_selection_data(
1296 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1297 : &opaque_key_exchange_rsp_size, ptr);
1298 1 : ptr += opaque_key_exchange_rsp_size;
1299 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1300 : m_libspdm_use_asym_algo, &data,
1301 : &data_size, NULL, NULL)) {
1302 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1303 : }
1304 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1305 : sizeof(m_libspdm_local_buffer)
1306 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1307 : m_libspdm_local_buffer),
1308 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1309 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1310 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1311 : m_libspdm_local_buffer_size));
1312 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1313 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1314 1 : cert_buffer = (uint8_t *)data;
1315 1 : cert_buffer_size = data_size;
1316 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1317 : /* transcript.message_a size is 0*/
1318 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1319 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1320 : m_libspdm_local_buffer_size);
1321 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1322 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1323 1 : free(data);
1324 1 : libspdm_responder_data_sign(
1325 : spdm_context,
1326 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1327 : 0, SPDM_KEY_EXCHANGE_RSP,
1328 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1329 1 : false, libspdm_get_managed_buffer(&th_curr),
1330 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1331 : &signature_size);
1332 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1333 : sizeof(m_libspdm_local_buffer)
1334 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1335 : m_libspdm_local_buffer),
1336 : ptr, signature_size);
1337 1 : m_libspdm_local_buffer_size += signature_size;
1338 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
1339 1 : ptr += signature_size;
1340 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1341 : libspdm_get_managed_buffer_size(&th_curr),
1342 : th_curr_hash_data);
1343 1 : bin_str0_size = sizeof(bin_str0);
1344 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1345 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
1346 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
1347 : &bin_str0_size);
1348 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
1349 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
1350 1 : bin_str2_size = sizeof(bin_str2);
1351 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1352 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
1353 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
1354 : bin_str2, &bin_str2_size);
1355 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
1356 : bin_str2, bin_str2_size,
1357 : response_handshake_secret, hash_size);
1358 1 : bin_str7_size = sizeof(bin_str7);
1359 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1360 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
1361 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
1362 : &bin_str7_size);
1363 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
1364 : hash_size, bin_str7, bin_str7_size,
1365 : response_finished_key, hash_size);
1366 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1367 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1368 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1369 : response_finished_key, hash_size, ptr);
1370 1 : ptr += hmac_size;
1371 :
1372 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1373 : false, spdm_response_size,
1374 : spdm_response, response_size,
1375 : response);
1376 : }
1377 1 : return LIBSPDM_STATUS_SUCCESS;
1378 1 : case 0xC: {
1379 : spdm_key_exchange_response_t *spdm_response;
1380 : size_t dhe_key_size;
1381 : uint32_t hash_size;
1382 : uint32_t measurement_hash_size;
1383 : size_t signature_size;
1384 : uint32_t hmac_size;
1385 : uint8_t *ptr;
1386 : void *dhe_context;
1387 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1388 : size_t final_key_size;
1389 : size_t opaque_key_exchange_rsp_size;
1390 : void *data;
1391 : size_t data_size;
1392 : uint8_t measurement_hash_data[LIBSPDM_MAX_HASH_SIZE];
1393 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1394 : uint8_t *cert_buffer;
1395 : size_t cert_buffer_size;
1396 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1397 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1398 : uint8_t bin_str0[128];
1399 : size_t bin_str0_size;
1400 : uint8_t bin_str2[128];
1401 : size_t bin_str2_size;
1402 : uint8_t bin_str7[128];
1403 : size_t bin_str7_size;
1404 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1405 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1406 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1407 : size_t spdm_response_size;
1408 : size_t transport_header_size;
1409 :
1410 : ((libspdm_context_t *)spdm_context)
1411 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1412 : ((libspdm_context_t *)spdm_context)
1413 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1414 : ((libspdm_context_t *)spdm_context)
1415 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1416 : ((libspdm_context_t *)spdm_context)
1417 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1418 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1419 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1420 1 : measurement_hash_size = libspdm_get_hash_size( m_libspdm_use_hash_algo);
1421 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1422 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1423 1 : opaque_key_exchange_rsp_size =
1424 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1425 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1426 1 : dhe_key_size + measurement_hash_size + sizeof(uint16_t) +
1427 1 : opaque_key_exchange_rsp_size + signature_size +
1428 : hmac_size;
1429 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1430 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1431 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
1432 :
1433 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1434 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1435 1 : spdm_response->header.param1 = 0;
1436 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1437 1 : spdm_response->mut_auth_requested = 0;
1438 1 : spdm_response->req_slot_id_param = 0;
1439 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1440 1 : ptr = (void *)(spdm_response + 1);
1441 1 : dhe_context = libspdm_dhe_new(
1442 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1443 : m_libspdm_use_dhe_algo,
1444 : true);
1445 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1446 1 : final_key_size = sizeof(final_key);
1447 1 : libspdm_dhe_compute_key(
1448 : m_libspdm_use_dhe_algo, dhe_context,
1449 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1450 : sizeof(spdm_key_exchange_request_t),
1451 : dhe_key_size, final_key, &final_key_size);
1452 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1453 1 : ptr += dhe_key_size;
1454 : /*Mock measurement hash as TCB*/
1455 1 : libspdm_copy_mem(measurement_hash_data, sizeof(measurement_hash_data),
1456 : m_libspdm_use_tcb_hash_value, measurement_hash_size);
1457 1 : libspdm_copy_mem(ptr, spdm_response_size - (ptr - (uint8_t *)spdm_response),
1458 : measurement_hash_data, measurement_hash_size);
1459 : /*libspdm_zero_mem (ptr, measurement_hash_size);*/
1460 1 : ptr += measurement_hash_size;
1461 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1462 1 : ptr += sizeof(uint16_t);
1463 1 : libspdm_build_opaque_data_version_selection_data(
1464 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1465 : &opaque_key_exchange_rsp_size, ptr);
1466 1 : ptr += opaque_key_exchange_rsp_size;
1467 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1468 : m_libspdm_use_asym_algo, &data,
1469 : &data_size, NULL, NULL)) {
1470 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1471 : }
1472 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1473 : sizeof(m_libspdm_local_buffer)
1474 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1475 : m_libspdm_local_buffer),
1476 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1477 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1478 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1479 : m_libspdm_local_buffer_size));
1480 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1481 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1482 1 : cert_buffer = (uint8_t *)data;
1483 1 : cert_buffer_size = data_size;
1484 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1485 : /* transcript.message_a size is 0*/
1486 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1487 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1488 : m_libspdm_local_buffer_size);
1489 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1490 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1491 1 : free(data);
1492 1 : libspdm_responder_data_sign(
1493 : spdm_context,
1494 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1495 : 0, SPDM_KEY_EXCHANGE_RSP,
1496 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1497 1 : false, libspdm_get_managed_buffer(&th_curr),
1498 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1499 : &signature_size);
1500 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1501 : sizeof(m_libspdm_local_buffer)
1502 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1503 : m_libspdm_local_buffer),
1504 : ptr, signature_size);
1505 1 : m_libspdm_local_buffer_size += signature_size;
1506 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
1507 1 : ptr += signature_size;
1508 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1509 : libspdm_get_managed_buffer_size(&th_curr),
1510 : th_curr_hash_data);
1511 1 : bin_str0_size = sizeof(bin_str0);
1512 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1513 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
1514 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
1515 : &bin_str0_size);
1516 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
1517 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
1518 1 : bin_str2_size = sizeof(bin_str2);
1519 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1520 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
1521 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
1522 : bin_str2, &bin_str2_size);
1523 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
1524 : bin_str2, bin_str2_size,
1525 : response_handshake_secret, hash_size);
1526 1 : bin_str7_size = sizeof(bin_str7);
1527 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1528 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
1529 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
1530 : &bin_str7_size);
1531 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
1532 : hash_size, bin_str7, bin_str7_size,
1533 : response_finished_key, hash_size);
1534 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1535 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1536 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1537 : response_finished_key, hash_size, ptr);
1538 1 : ptr += hmac_size;
1539 :
1540 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1541 : false, spdm_response_size,
1542 : spdm_response, response_size,
1543 : response);
1544 : }
1545 1 : return LIBSPDM_STATUS_SUCCESS;
1546 :
1547 1 : case 0xD: {
1548 : spdm_key_exchange_response_t *spdm_response;
1549 : size_t dhe_key_size;
1550 : uint32_t hash_size;
1551 : uint32_t measurement_hash_size;
1552 : size_t signature_size;
1553 : uint32_t hmac_size;
1554 : uint8_t *ptr;
1555 : void *dhe_context;
1556 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1557 : size_t final_key_size;
1558 : size_t opaque_key_exchange_rsp_size;
1559 : void *data;
1560 : size_t data_size;
1561 : uint8_t measurement_hash_data[LIBSPDM_MAX_HASH_SIZE];
1562 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1563 : uint8_t *cert_buffer;
1564 : size_t cert_buffer_size;
1565 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1566 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1567 : uint8_t bin_str0[128];
1568 : size_t bin_str0_size;
1569 : uint8_t bin_str2[128];
1570 : size_t bin_str2_size;
1571 : uint8_t bin_str7[128];
1572 : size_t bin_str7_size;
1573 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1574 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1575 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1576 : size_t spdm_response_size;
1577 : size_t transport_header_size;
1578 :
1579 : ((libspdm_context_t *)spdm_context)
1580 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1581 : ((libspdm_context_t *)spdm_context)
1582 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1583 : ((libspdm_context_t *)spdm_context)
1584 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1585 : ((libspdm_context_t *)spdm_context)
1586 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1587 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1588 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1589 1 : measurement_hash_size = libspdm_get_hash_size( m_libspdm_use_hash_algo);
1590 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1591 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1592 1 : opaque_key_exchange_rsp_size =
1593 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1594 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1595 1 : dhe_key_size + measurement_hash_size + sizeof(uint16_t) +
1596 1 : opaque_key_exchange_rsp_size + signature_size +
1597 : hmac_size;
1598 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1599 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1600 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
1601 :
1602 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1603 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1604 1 : spdm_response->header.param1 = 0;
1605 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1606 1 : spdm_response->mut_auth_requested = 0;
1607 1 : spdm_response->req_slot_id_param = 0;
1608 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1609 1 : ptr = (void *)(spdm_response + 1);
1610 1 : dhe_context = libspdm_dhe_new(
1611 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1612 : m_libspdm_use_dhe_algo,
1613 : true);
1614 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1615 1 : final_key_size = sizeof(final_key);
1616 1 : libspdm_dhe_compute_key(
1617 : m_libspdm_use_dhe_algo, dhe_context,
1618 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1619 : sizeof(spdm_key_exchange_request_t),
1620 : dhe_key_size, final_key, &final_key_size);
1621 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1622 1 : ptr += dhe_key_size;
1623 : /*Mock measurement hash as 0x00 array*/
1624 1 : libspdm_zero_mem(measurement_hash_data, measurement_hash_size);
1625 1 : libspdm_copy_mem(ptr, spdm_response_size - (ptr - (uint8_t *)spdm_response),
1626 : measurement_hash_data, measurement_hash_size);
1627 : /*libspdm_zero_mem (ptr, measurement_hash_size);*/
1628 1 : ptr += measurement_hash_size;
1629 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1630 1 : ptr += sizeof(uint16_t);
1631 1 : libspdm_build_opaque_data_version_selection_data(
1632 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1633 : &opaque_key_exchange_rsp_size, ptr);
1634 1 : ptr += opaque_key_exchange_rsp_size;
1635 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1636 : m_libspdm_use_asym_algo, &data,
1637 : &data_size, NULL, NULL)) {
1638 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1639 : }
1640 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1641 : sizeof(m_libspdm_local_buffer)
1642 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1643 : m_libspdm_local_buffer),
1644 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1645 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1646 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1647 : m_libspdm_local_buffer_size));
1648 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1649 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1650 1 : cert_buffer = (uint8_t *)data;
1651 1 : cert_buffer_size = data_size;
1652 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1653 : /* transcript.message_a size is 0*/
1654 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1655 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1656 : m_libspdm_local_buffer_size);
1657 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1658 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1659 1 : free(data);
1660 1 : libspdm_responder_data_sign(
1661 : spdm_context,
1662 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1663 : 0, SPDM_KEY_EXCHANGE_RSP,
1664 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1665 1 : false, libspdm_get_managed_buffer(&th_curr),
1666 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1667 : &signature_size);
1668 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1669 : sizeof(m_libspdm_local_buffer)
1670 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1671 : m_libspdm_local_buffer),
1672 : ptr, signature_size);
1673 1 : m_libspdm_local_buffer_size += signature_size;
1674 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
1675 1 : ptr += signature_size;
1676 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1677 : libspdm_get_managed_buffer_size(&th_curr),
1678 : th_curr_hash_data);
1679 1 : bin_str0_size = sizeof(bin_str0);
1680 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1681 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
1682 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
1683 : &bin_str0_size);
1684 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
1685 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
1686 1 : bin_str2_size = sizeof(bin_str2);
1687 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1688 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
1689 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
1690 : bin_str2, &bin_str2_size);
1691 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
1692 : bin_str2, bin_str2_size,
1693 : response_handshake_secret, hash_size);
1694 1 : bin_str7_size = sizeof(bin_str7);
1695 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1696 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
1697 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
1698 : &bin_str7_size);
1699 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
1700 : hash_size, bin_str7, bin_str7_size,
1701 : response_finished_key, hash_size);
1702 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1703 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1704 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1705 : response_finished_key, hash_size, ptr);
1706 1 : ptr += hmac_size;
1707 :
1708 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1709 : false, spdm_response_size,
1710 : spdm_response, response_size,
1711 : response);
1712 : }
1713 1 : return LIBSPDM_STATUS_SUCCESS;
1714 :
1715 1 : case 0xE: {
1716 : spdm_key_exchange_response_t *spdm_response;
1717 : size_t dhe_key_size;
1718 : uint32_t hash_size;
1719 : uint32_t measurement_hash_size;
1720 : size_t signature_size;
1721 : uint32_t hmac_size;
1722 : uint8_t *ptr;
1723 : void *dhe_context;
1724 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1725 : size_t final_key_size;
1726 : size_t opaque_key_exchange_rsp_size;
1727 : void *data;
1728 : size_t data_size;
1729 : uint8_t measurement_hash_data[LIBSPDM_MAX_HASH_SIZE];
1730 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1731 : uint8_t *cert_buffer;
1732 : size_t cert_buffer_size;
1733 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1734 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1735 : uint8_t bin_str0[128];
1736 : size_t bin_str0_size;
1737 : uint8_t bin_str2[128];
1738 : size_t bin_str2_size;
1739 : uint8_t bin_str7[128];
1740 : size_t bin_str7_size;
1741 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1742 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1743 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1744 : size_t spdm_response_size;
1745 : size_t transport_header_size;
1746 :
1747 : ((libspdm_context_t *)spdm_context)
1748 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1749 : ((libspdm_context_t *)spdm_context)
1750 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1751 : ((libspdm_context_t *)spdm_context)
1752 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1753 : ((libspdm_context_t *)spdm_context)
1754 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1755 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1756 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1757 1 : measurement_hash_size = libspdm_get_hash_size( m_libspdm_use_hash_algo);
1758 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1759 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1760 1 : opaque_key_exchange_rsp_size =
1761 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1762 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1763 1 : dhe_key_size + measurement_hash_size + sizeof(uint16_t) +
1764 1 : opaque_key_exchange_rsp_size + signature_size +
1765 : hmac_size;
1766 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1767 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1768 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
1769 :
1770 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1771 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1772 1 : spdm_response->header.param1 = 0;
1773 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1774 1 : spdm_response->mut_auth_requested = 0;
1775 1 : spdm_response->req_slot_id_param = 0;
1776 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1777 1 : ptr = (void *)(spdm_response + 1);
1778 1 : dhe_context = libspdm_dhe_new(
1779 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1780 : m_libspdm_use_dhe_algo,
1781 : true);
1782 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1783 1 : final_key_size = sizeof(final_key);
1784 1 : libspdm_dhe_compute_key(
1785 : m_libspdm_use_dhe_algo, dhe_context,
1786 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1787 : sizeof(spdm_key_exchange_request_t),
1788 : dhe_key_size, final_key, &final_key_size);
1789 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1790 1 : ptr += dhe_key_size;
1791 : /*Mock measurement hash*/
1792 1 : libspdm_copy_mem(measurement_hash_data, sizeof(measurement_hash_data),
1793 : m_libspdm_use_tcb_hash_value, measurement_hash_size);
1794 1 : libspdm_copy_mem(ptr, spdm_response_size - (ptr - (uint8_t *)spdm_response),
1795 : measurement_hash_data, measurement_hash_size);
1796 : /*libspdm_zero_mem (ptr, measurement_hash_size);*/
1797 1 : ptr += measurement_hash_size;
1798 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1799 1 : ptr += sizeof(uint16_t);
1800 1 : libspdm_build_opaque_data_version_selection_data(
1801 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1802 : &opaque_key_exchange_rsp_size, ptr);
1803 1 : ptr += opaque_key_exchange_rsp_size;
1804 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1805 : m_libspdm_use_asym_algo, &data,
1806 : &data_size, NULL, NULL)) {
1807 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1808 : }
1809 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1810 : sizeof(m_libspdm_local_buffer)
1811 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1812 : m_libspdm_local_buffer),
1813 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1814 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1815 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1816 : m_libspdm_local_buffer_size));
1817 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1818 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1819 1 : cert_buffer = (uint8_t *)data;
1820 1 : cert_buffer_size = data_size;
1821 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1822 : /* transcript.message_a size is 0*/
1823 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1824 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1825 : m_libspdm_local_buffer_size);
1826 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1827 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1828 1 : free(data);
1829 1 : libspdm_responder_data_sign(
1830 : spdm_context,
1831 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1832 : 0, SPDM_KEY_EXCHANGE_RSP,
1833 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1834 1 : false, libspdm_get_managed_buffer(&th_curr),
1835 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1836 : &signature_size);
1837 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1838 : sizeof(m_libspdm_local_buffer)
1839 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1840 : m_libspdm_local_buffer),
1841 : ptr, signature_size);
1842 1 : m_libspdm_local_buffer_size += signature_size;
1843 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
1844 1 : ptr += signature_size;
1845 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1846 : libspdm_get_managed_buffer_size(&th_curr),
1847 : th_curr_hash_data);
1848 1 : bin_str0_size = sizeof(bin_str0);
1849 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1850 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
1851 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
1852 : &bin_str0_size);
1853 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
1854 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
1855 1 : bin_str2_size = sizeof(bin_str2);
1856 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1857 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
1858 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
1859 : bin_str2, &bin_str2_size);
1860 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
1861 : bin_str2, bin_str2_size,
1862 : response_handshake_secret, hash_size);
1863 1 : bin_str7_size = sizeof(bin_str7);
1864 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
1865 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
1866 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
1867 : &bin_str7_size);
1868 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
1869 : hash_size, bin_str7, bin_str7_size,
1870 : response_finished_key, hash_size);
1871 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1872 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1873 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1874 : response_finished_key, hash_size, ptr);
1875 1 : ptr += hmac_size;
1876 :
1877 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
1878 : false, spdm_response_size,
1879 : spdm_response, response_size,
1880 : response);
1881 : }
1882 1 : return LIBSPDM_STATUS_SUCCESS;
1883 :
1884 1 : case 0xF: {
1885 : spdm_key_exchange_response_t *spdm_response;
1886 : size_t dhe_key_size;
1887 : uint32_t hash_size;
1888 : size_t signature_size;
1889 : uint32_t hmac_size;
1890 : uint8_t *ptr;
1891 : void *dhe_context;
1892 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
1893 : size_t final_key_size;
1894 : size_t opaque_key_exchange_rsp_size;
1895 : void *data;
1896 : size_t data_size;
1897 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1898 : uint8_t *cert_buffer;
1899 : size_t cert_buffer_size;
1900 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1901 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
1902 : uint8_t bin_str0[128];
1903 : size_t bin_str0_size;
1904 : uint8_t bin_str2[128];
1905 : size_t bin_str2_size;
1906 : uint8_t bin_str7[128];
1907 : size_t bin_str7_size;
1908 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1909 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
1910 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
1911 : size_t spdm_response_size;
1912 : size_t transport_header_size;
1913 :
1914 : ((libspdm_context_t *)spdm_context)
1915 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1916 : ((libspdm_context_t *)spdm_context)
1917 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1918 : ((libspdm_context_t *)spdm_context)
1919 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1920 : ((libspdm_context_t *)spdm_context)
1921 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
1922 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
1923 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1924 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1925 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1926 1 : opaque_key_exchange_rsp_size =
1927 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
1928 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
1929 1 : dhe_key_size + 0 + sizeof(uint16_t) +
1930 1 : opaque_key_exchange_rsp_size + signature_size +
1931 : hmac_size;
1932 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
1933 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
1934 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
1935 :
1936 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
1937 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
1938 1 : spdm_response->header.param1 = 0;
1939 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
1940 1 : spdm_response->mut_auth_requested = 0;
1941 1 : spdm_response->req_slot_id_param = 0;
1942 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
1943 1 : ptr = (void *)(spdm_response + 1);
1944 1 : dhe_context = libspdm_dhe_new(
1945 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1946 : m_libspdm_use_dhe_algo,
1947 : true);
1948 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1949 1 : final_key_size = sizeof(final_key);
1950 1 : libspdm_dhe_compute_key(
1951 : m_libspdm_use_dhe_algo, dhe_context,
1952 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
1953 : sizeof(spdm_key_exchange_request_t),
1954 : dhe_key_size, final_key, &final_key_size);
1955 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1956 1 : ptr += dhe_key_size;
1957 : /* libspdm_zero_mem (ptr, hash_size);
1958 : * ptr += hash_size;*/
1959 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
1960 1 : ptr += sizeof(uint16_t);
1961 1 : libspdm_build_opaque_data_version_selection_data(
1962 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
1963 : &opaque_key_exchange_rsp_size, ptr);
1964 1 : ptr += opaque_key_exchange_rsp_size;
1965 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1966 : m_libspdm_use_asym_algo, &data,
1967 : &data_size, NULL, NULL)) {
1968 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
1969 : }
1970 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1971 : sizeof(m_libspdm_local_buffer)
1972 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
1973 : m_libspdm_local_buffer),
1974 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
1975 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
1976 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
1977 : m_libspdm_local_buffer_size));
1978 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
1979 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1980 1 : cert_buffer = (uint8_t *)data;
1981 1 : cert_buffer_size = data_size;
1982 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
1983 : /* transcript.message_a size is 0*/
1984 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
1985 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
1986 : m_libspdm_local_buffer_size);
1987 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1988 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1989 1 : free(data);
1990 1 : libspdm_responder_data_sign(
1991 : spdm_context,
1992 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
1993 : 0, SPDM_KEY_EXCHANGE_RSP,
1994 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
1995 1 : false, libspdm_get_managed_buffer(&th_curr),
1996 : libspdm_get_managed_buffer_size(&th_curr), ptr,
1997 : &signature_size);
1998 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
1999 : sizeof(m_libspdm_local_buffer)
2000 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2001 : m_libspdm_local_buffer),
2002 : ptr, signature_size);
2003 1 : m_libspdm_local_buffer_size += signature_size;
2004 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2005 1 : ptr += signature_size;
2006 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2007 : libspdm_get_managed_buffer_size(&th_curr),
2008 : th_curr_hash_data);
2009 1 : bin_str0_size = sizeof(bin_str0);
2010 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2011 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2012 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2013 : &bin_str0_size);
2014 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2015 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2016 1 : bin_str2_size = sizeof(bin_str2);
2017 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2018 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2019 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2020 : bin_str2, &bin_str2_size);
2021 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2022 : bin_str2, bin_str2_size,
2023 : response_handshake_secret, hash_size);
2024 1 : bin_str7_size = sizeof(bin_str7);
2025 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2026 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2027 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2028 : &bin_str7_size);
2029 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2030 : hash_size, bin_str7, bin_str7_size,
2031 : response_finished_key, hash_size);
2032 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2033 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2034 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2035 : response_finished_key, hash_size, ptr);
2036 1 : ptr += hmac_size;
2037 :
2038 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2039 : false, spdm_response_size,
2040 : spdm_response, response_size,
2041 : response);
2042 : }
2043 1 : return LIBSPDM_STATUS_SUCCESS;
2044 :
2045 1 : case 0x10: {
2046 : spdm_key_exchange_response_t *spdm_response;
2047 : size_t dhe_key_size;
2048 : uint32_t hash_size;
2049 : size_t signature_size;
2050 : uint32_t hmac_size;
2051 : uint8_t *ptr;
2052 : void *dhe_context;
2053 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2054 : size_t final_key_size;
2055 : size_t opaque_key_exchange_rsp_size;
2056 : void *data;
2057 : size_t data_size;
2058 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2059 : uint8_t *cert_buffer;
2060 : size_t cert_buffer_size;
2061 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2062 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2063 : uint8_t bin_str0[128];
2064 : size_t bin_str0_size;
2065 : uint8_t bin_str2[128];
2066 : size_t bin_str2_size;
2067 : uint8_t bin_str7[128];
2068 : size_t bin_str7_size;
2069 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2070 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2071 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
2072 : size_t spdm_response_size;
2073 : size_t transport_header_size;
2074 :
2075 : ((libspdm_context_t *)spdm_context)
2076 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2077 : ((libspdm_context_t *)spdm_context)
2078 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2079 : ((libspdm_context_t *)spdm_context)
2080 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2081 : ((libspdm_context_t *)spdm_context)
2082 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2083 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2084 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2085 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2086 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2087 1 : opaque_key_exchange_rsp_size =
2088 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2089 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2090 1 : dhe_key_size + 0 + sizeof(uint16_t) +
2091 1 : opaque_key_exchange_rsp_size + signature_size +
2092 : hmac_size;
2093 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2094 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2095 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2096 :
2097 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2098 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2099 1 : spdm_response->header.param1 = 0;
2100 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2101 1 : spdm_response->mut_auth_requested = 0;
2102 1 : spdm_response->req_slot_id_param = 0;
2103 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2104 1 : ptr = (void *)(spdm_response + 1);
2105 1 : dhe_context = libspdm_dhe_new(
2106 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2107 : m_libspdm_use_dhe_algo,
2108 : true);
2109 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2110 1 : final_key_size = sizeof(final_key);
2111 1 : libspdm_dhe_compute_key(
2112 : m_libspdm_use_dhe_algo, dhe_context,
2113 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2114 : sizeof(spdm_key_exchange_request_t),
2115 : dhe_key_size, final_key, &final_key_size);
2116 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2117 1 : ptr += dhe_key_size;
2118 : /* libspdm_zero_mem (ptr, hash_size);
2119 : * ptr += hash_size;*/
2120 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2121 1 : ptr += sizeof(uint16_t);
2122 1 : libspdm_build_opaque_data_version_selection_data(
2123 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2124 : &opaque_key_exchange_rsp_size, ptr);
2125 1 : ptr += opaque_key_exchange_rsp_size;
2126 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2127 : m_libspdm_use_asym_algo, &data,
2128 : &data_size, NULL, NULL)) {
2129 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2130 : }
2131 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2132 : sizeof(m_libspdm_local_buffer)
2133 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2134 : m_libspdm_local_buffer),
2135 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2136 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2137 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2138 : m_libspdm_local_buffer_size));
2139 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2140 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2141 1 : cert_buffer = (uint8_t *)data;
2142 1 : cert_buffer_size = data_size;
2143 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2144 : /* transcript.message_a size is 0*/
2145 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2146 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2147 : m_libspdm_local_buffer_size);
2148 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2149 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2150 1 : free(data);
2151 1 : libspdm_responder_data_sign(
2152 : spdm_context,
2153 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2154 : 0, SPDM_KEY_EXCHANGE_RSP,
2155 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2156 1 : false, libspdm_get_managed_buffer(&th_curr),
2157 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2158 : &signature_size);
2159 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2160 : sizeof(m_libspdm_local_buffer)
2161 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2162 : m_libspdm_local_buffer),
2163 : ptr, signature_size);
2164 1 : m_libspdm_local_buffer_size += signature_size;
2165 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2166 1 : ptr += signature_size;
2167 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2168 : libspdm_get_managed_buffer_size(&th_curr),
2169 : th_curr_hash_data);
2170 1 : bin_str0_size = sizeof(bin_str0);
2171 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2172 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2173 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2174 : &bin_str0_size);
2175 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2176 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2177 1 : bin_str2_size = sizeof(bin_str2);
2178 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2179 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2180 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2181 : bin_str2, &bin_str2_size);
2182 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2183 : bin_str2, bin_str2_size,
2184 : response_handshake_secret, hash_size);
2185 1 : bin_str7_size = sizeof(bin_str7);
2186 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2187 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2188 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2189 : &bin_str7_size);
2190 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2191 : hash_size, bin_str7, bin_str7_size,
2192 : response_finished_key, hash_size);
2193 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2194 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2195 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2196 : response_finished_key, hash_size, ptr);
2197 1 : ptr += hmac_size;
2198 :
2199 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2200 : false, spdm_response_size,
2201 : spdm_response, response_size,
2202 : response);
2203 : }
2204 1 : return LIBSPDM_STATUS_SUCCESS;
2205 :
2206 1 : case 0x11: {
2207 : spdm_key_exchange_response_t *spdm_response;
2208 : size_t dhe_key_size;
2209 : uint32_t hash_size;
2210 : uint32_t measurement_hash_size;
2211 : size_t signature_size;
2212 : uint32_t hmac_size;
2213 : uint8_t *ptr;
2214 : void *dhe_context;
2215 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2216 : size_t final_key_size;
2217 : size_t opaque_key_exchange_rsp_size;
2218 : void *data;
2219 : size_t data_size;
2220 : uint8_t measurement_hash_data[LIBSPDM_MAX_HASH_SIZE];
2221 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2222 : uint8_t *cert_buffer;
2223 : size_t cert_buffer_size;
2224 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2225 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2226 : uint8_t bin_str0[128];
2227 : size_t bin_str0_size;
2228 : uint8_t bin_str2[128];
2229 : size_t bin_str2_size;
2230 : uint8_t bin_str7[128];
2231 : size_t bin_str7_size;
2232 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2233 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2234 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
2235 : size_t spdm_response_size;
2236 : size_t transport_header_size;
2237 :
2238 : ((libspdm_context_t *)spdm_context)
2239 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2240 : ((libspdm_context_t *)spdm_context)
2241 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2242 : ((libspdm_context_t *)spdm_context)
2243 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2244 : ((libspdm_context_t *)spdm_context)
2245 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2246 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2247 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2248 1 : measurement_hash_size = libspdm_get_hash_size( m_libspdm_use_hash_algo);
2249 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2250 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2251 1 : opaque_key_exchange_rsp_size =
2252 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2253 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2254 1 : dhe_key_size + measurement_hash_size + sizeof(uint16_t) +
2255 1 : opaque_key_exchange_rsp_size + signature_size +
2256 : hmac_size;
2257 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2258 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2259 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2260 :
2261 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2262 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2263 1 : spdm_response->header.param1 = 0;
2264 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2265 1 : spdm_response->mut_auth_requested = 0;
2266 1 : spdm_response->req_slot_id_param = 0;
2267 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2268 1 : ptr = (void *)(spdm_response + 1);
2269 1 : dhe_context = libspdm_dhe_new(
2270 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2271 : m_libspdm_use_dhe_algo,
2272 : true);
2273 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2274 1 : final_key_size = sizeof(final_key);
2275 1 : libspdm_dhe_compute_key(
2276 : m_libspdm_use_dhe_algo, dhe_context,
2277 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2278 : sizeof(spdm_key_exchange_request_t),
2279 : dhe_key_size, final_key, &final_key_size);
2280 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2281 1 : ptr += dhe_key_size;
2282 : /*Mock measurement hash as TCB*/
2283 1 : libspdm_copy_mem(measurement_hash_data, sizeof(measurement_hash_data),
2284 : m_libspdm_use_tcb_hash_value, measurement_hash_size);
2285 1 : libspdm_copy_mem(ptr, spdm_response_size - (ptr - (uint8_t *)spdm_response),
2286 : measurement_hash_data, measurement_hash_size);
2287 : /*libspdm_zero_mem (ptr, measurement_hash_size);*/
2288 1 : ptr += measurement_hash_size;
2289 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2290 1 : ptr += sizeof(uint16_t);
2291 1 : libspdm_build_opaque_data_version_selection_data(
2292 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2293 : &opaque_key_exchange_rsp_size, ptr);
2294 1 : ptr += opaque_key_exchange_rsp_size;
2295 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2296 : m_libspdm_use_asym_algo, &data,
2297 : &data_size, NULL, NULL)) {
2298 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2299 : }
2300 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2301 : sizeof(m_libspdm_local_buffer)
2302 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2303 : m_libspdm_local_buffer),
2304 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2305 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2306 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2307 : m_libspdm_local_buffer_size));
2308 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2309 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2310 1 : cert_buffer = (uint8_t *)data;
2311 1 : cert_buffer_size = data_size;
2312 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2313 : /* transcript.message_a size is 0*/
2314 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2315 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2316 : m_libspdm_local_buffer_size);
2317 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2318 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2319 1 : free(data);
2320 1 : libspdm_responder_data_sign(
2321 : spdm_context,
2322 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2323 : 0, SPDM_KEY_EXCHANGE_RSP,
2324 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2325 1 : false, libspdm_get_managed_buffer(&th_curr),
2326 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2327 : &signature_size);
2328 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2329 : sizeof(m_libspdm_local_buffer)
2330 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2331 : m_libspdm_local_buffer),
2332 : ptr, signature_size);
2333 1 : m_libspdm_local_buffer_size += signature_size;
2334 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2335 1 : ptr += signature_size;
2336 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2337 : libspdm_get_managed_buffer_size(&th_curr),
2338 : th_curr_hash_data);
2339 1 : bin_str0_size = sizeof(bin_str0);
2340 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2341 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2342 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2343 : &bin_str0_size);
2344 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2345 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2346 1 : bin_str2_size = sizeof(bin_str2);
2347 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2348 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2349 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2350 : bin_str2, &bin_str2_size);
2351 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2352 : bin_str2, bin_str2_size,
2353 : response_handshake_secret, hash_size);
2354 1 : bin_str7_size = sizeof(bin_str7);
2355 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2356 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2357 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2358 : &bin_str7_size);
2359 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2360 : hash_size, bin_str7, bin_str7_size,
2361 : response_finished_key, hash_size);
2362 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2363 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2364 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2365 : response_finished_key, hash_size, ptr);
2366 1 : ptr += hmac_size;
2367 :
2368 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2369 : false, spdm_response_size,
2370 : spdm_response, response_size,
2371 : response);
2372 : }
2373 1 : return LIBSPDM_STATUS_SUCCESS;
2374 :
2375 1 : case 0x12: {
2376 : spdm_key_exchange_response_t *spdm_response;
2377 : size_t dhe_key_size;
2378 : uint32_t hash_size;
2379 : uint32_t measurement_hash_size;
2380 : size_t signature_size;
2381 : uint32_t hmac_size;
2382 : uint8_t *ptr;
2383 : void *dhe_context;
2384 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2385 : size_t final_key_size;
2386 : size_t opaque_key_exchange_rsp_size;
2387 : void *data;
2388 : size_t data_size;
2389 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2390 : uint8_t *cert_buffer;
2391 : size_t cert_buffer_size;
2392 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2393 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2394 : uint8_t bin_str0[128];
2395 : size_t bin_str0_size;
2396 : uint8_t bin_str2[128];
2397 : size_t bin_str2_size;
2398 : uint8_t bin_str7[128];
2399 : size_t bin_str7_size;
2400 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2401 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2402 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
2403 : size_t spdm_response_size;
2404 : size_t transport_header_size;
2405 :
2406 : ((libspdm_context_t *)spdm_context)
2407 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2408 : ((libspdm_context_t *)spdm_context)
2409 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2410 : ((libspdm_context_t *)spdm_context)
2411 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2412 : ((libspdm_context_t *)spdm_context)
2413 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2414 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2415 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2416 1 : measurement_hash_size = 0;
2417 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2418 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2419 1 : opaque_key_exchange_rsp_size =
2420 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2421 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2422 1 : dhe_key_size + measurement_hash_size + sizeof(uint16_t) +
2423 1 : opaque_key_exchange_rsp_size + signature_size +
2424 : hmac_size;
2425 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2426 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2427 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2428 :
2429 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2430 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2431 1 : spdm_response->header.param1 = 0;
2432 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2433 1 : spdm_response->mut_auth_requested = 0;
2434 1 : spdm_response->req_slot_id_param = 0;
2435 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2436 1 : ptr = (void *)(spdm_response + 1);
2437 1 : dhe_context = libspdm_dhe_new(
2438 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2439 : m_libspdm_use_dhe_algo,
2440 : true);
2441 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2442 1 : final_key_size = sizeof(final_key);
2443 1 : libspdm_dhe_compute_key(
2444 : m_libspdm_use_dhe_algo, dhe_context,
2445 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2446 : sizeof(spdm_key_exchange_request_t),
2447 : dhe_key_size, final_key, &final_key_size);
2448 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2449 1 : ptr += dhe_key_size;
2450 :
2451 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2452 1 : ptr += sizeof(uint16_t);
2453 1 : libspdm_build_opaque_data_version_selection_data(
2454 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2455 : &opaque_key_exchange_rsp_size, ptr);
2456 1 : ptr += opaque_key_exchange_rsp_size;
2457 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2458 : m_libspdm_use_asym_algo, &data,
2459 : &data_size, NULL, NULL)) {
2460 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2461 : }
2462 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2463 : sizeof(m_libspdm_local_buffer)
2464 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2465 : m_libspdm_local_buffer),
2466 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2467 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2468 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2469 : m_libspdm_local_buffer_size));
2470 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2471 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2472 1 : cert_buffer = (uint8_t *)data;
2473 1 : cert_buffer_size = data_size;
2474 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2475 : /* transcript.message_a size is 0*/
2476 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2477 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2478 : m_libspdm_local_buffer_size);
2479 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2480 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2481 1 : free(data);
2482 1 : libspdm_responder_data_sign(
2483 : spdm_context,
2484 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2485 : 0, SPDM_KEY_EXCHANGE_RSP,
2486 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2487 1 : false, libspdm_get_managed_buffer(&th_curr),
2488 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2489 : &signature_size);
2490 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2491 : sizeof(m_libspdm_local_buffer)
2492 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2493 : m_libspdm_local_buffer),
2494 : ptr, signature_size);
2495 1 : m_libspdm_local_buffer_size += signature_size;
2496 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2497 1 : ptr += signature_size-1;
2498 1 : *ptr ^= 0xFF;
2499 1 : ptr++;
2500 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2501 : libspdm_get_managed_buffer_size(&th_curr),
2502 : th_curr_hash_data);
2503 1 : bin_str0_size = sizeof(bin_str0);
2504 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2505 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2506 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2507 : &bin_str0_size);
2508 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2509 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2510 1 : bin_str2_size = sizeof(bin_str2);
2511 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2512 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2513 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2514 : bin_str2, &bin_str2_size);
2515 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2516 : bin_str2, bin_str2_size,
2517 : response_handshake_secret, hash_size);
2518 1 : bin_str7_size = sizeof(bin_str7);
2519 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2520 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2521 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2522 : &bin_str7_size);
2523 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2524 : hash_size, bin_str7, bin_str7_size,
2525 : response_finished_key, hash_size);
2526 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2527 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2528 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2529 : response_finished_key, hash_size, ptr);
2530 1 : ptr += hmac_size;
2531 :
2532 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2533 : false, spdm_response_size,
2534 : spdm_response, response_size,
2535 : response);
2536 : }
2537 1 : return LIBSPDM_STATUS_SUCCESS;
2538 :
2539 1 : case 0x13: {
2540 : spdm_key_exchange_response_t *spdm_response;
2541 : size_t dhe_key_size;
2542 : uint32_t hash_size;
2543 : size_t signature_size;
2544 : uint32_t hmac_size;
2545 : uint8_t *ptr;
2546 : void *dhe_context;
2547 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2548 : size_t final_key_size;
2549 : size_t opaque_key_exchange_rsp_size;
2550 : void *data;
2551 : size_t data_size;
2552 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2553 : uint8_t *cert_buffer;
2554 : size_t cert_buffer_size;
2555 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2556 : size_t spdm_response_size;
2557 : size_t transport_header_size;
2558 :
2559 : ((libspdm_context_t *)spdm_context)
2560 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2561 : ((libspdm_context_t *)spdm_context)
2562 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2563 : ((libspdm_context_t *)spdm_context)
2564 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2565 : ((libspdm_context_t *)spdm_context)
2566 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2567 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2568 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2569 1 : hmac_size = 0;
2570 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2571 1 : opaque_key_exchange_rsp_size =
2572 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2573 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2574 1 : dhe_key_size + 0 + sizeof(uint16_t) +
2575 1 : opaque_key_exchange_rsp_size + signature_size +
2576 : hmac_size;
2577 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2578 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2579 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2580 :
2581 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2582 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2583 1 : spdm_response->header.param1 = 0;
2584 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2585 1 : spdm_response->mut_auth_requested = 0;
2586 1 : spdm_response->req_slot_id_param = 0;
2587 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2588 1 : ptr = (void *)(spdm_response + 1);
2589 1 : dhe_context = libspdm_dhe_new(
2590 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2591 : m_libspdm_use_dhe_algo,
2592 : true);
2593 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2594 1 : final_key_size = sizeof(final_key);
2595 1 : libspdm_dhe_compute_key(
2596 : m_libspdm_use_dhe_algo, dhe_context,
2597 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2598 : sizeof(spdm_key_exchange_request_t),
2599 : dhe_key_size, final_key, &final_key_size);
2600 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2601 1 : ptr += dhe_key_size;
2602 : /* libspdm_zero_mem (ptr, hash_size);
2603 : * ptr += hash_size;*/
2604 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2605 1 : ptr += sizeof(uint16_t);
2606 1 : libspdm_build_opaque_data_version_selection_data(
2607 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2608 : &opaque_key_exchange_rsp_size, ptr);
2609 1 : ptr += opaque_key_exchange_rsp_size;
2610 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2611 : m_libspdm_use_asym_algo, &data,
2612 : &data_size, NULL, NULL)) {
2613 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2614 : }
2615 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2616 : sizeof(m_libspdm_local_buffer)
2617 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2618 : m_libspdm_local_buffer),
2619 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2620 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2621 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2622 : m_libspdm_local_buffer_size));
2623 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2624 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2625 1 : cert_buffer = (uint8_t *)data;
2626 1 : cert_buffer_size = data_size;
2627 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2628 : /* transcript.message_a size is 0*/
2629 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2630 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2631 : m_libspdm_local_buffer_size);
2632 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2633 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2634 1 : free(data);
2635 1 : libspdm_responder_data_sign(
2636 : spdm_context,
2637 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2638 : 0, SPDM_KEY_EXCHANGE_RSP,
2639 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2640 1 : false, libspdm_get_managed_buffer(&th_curr),
2641 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2642 : &signature_size);
2643 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2644 : sizeof(m_libspdm_local_buffer)
2645 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2646 : m_libspdm_local_buffer),
2647 : ptr, signature_size);
2648 1 : m_libspdm_local_buffer_size += signature_size;
2649 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2650 1 : ptr += signature_size;
2651 :
2652 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2653 : false, spdm_response_size,
2654 : spdm_response, response_size,
2655 : response);
2656 : }
2657 1 : return LIBSPDM_STATUS_SUCCESS;
2658 :
2659 1 : case 0x14: {
2660 : spdm_key_exchange_response_t *spdm_response;
2661 : size_t dhe_key_size;
2662 : uint32_t hash_size;
2663 : size_t signature_size;
2664 : uint32_t hmac_size;
2665 : uint8_t *ptr;
2666 : void *dhe_context;
2667 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2668 : size_t final_key_size;
2669 : size_t opaque_key_exchange_rsp_size;
2670 : void *data;
2671 : size_t data_size;
2672 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2673 : uint8_t *cert_buffer;
2674 : size_t cert_buffer_size;
2675 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2676 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2677 : uint8_t bin_str0[128];
2678 : size_t bin_str0_size;
2679 : uint8_t bin_str2[128];
2680 : size_t bin_str2_size;
2681 : uint8_t bin_str7[128];
2682 : size_t bin_str7_size;
2683 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2684 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2685 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
2686 : size_t spdm_response_size;
2687 : size_t transport_header_size;
2688 :
2689 : ((libspdm_context_t *)spdm_context)
2690 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2691 : ((libspdm_context_t *)spdm_context)
2692 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2693 : ((libspdm_context_t *)spdm_context)
2694 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2695 : ((libspdm_context_t *)spdm_context)
2696 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2697 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2698 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2699 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2700 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2701 1 : opaque_key_exchange_rsp_size =
2702 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2703 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2704 1 : dhe_key_size + 0 + sizeof(uint16_t) +
2705 1 : opaque_key_exchange_rsp_size + signature_size +
2706 : hmac_size;
2707 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2708 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2709 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2710 :
2711 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2712 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2713 1 : spdm_response->header.param1 = 5;
2714 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2715 1 : spdm_response->mut_auth_requested = 0;
2716 1 : spdm_response->req_slot_id_param = 0;
2717 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2718 1 : ptr = (void *)(spdm_response + 1);
2719 1 : dhe_context = libspdm_dhe_new(
2720 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2721 : m_libspdm_use_dhe_algo,
2722 : true);
2723 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2724 1 : final_key_size = sizeof(final_key);
2725 1 : libspdm_dhe_compute_key(
2726 : m_libspdm_use_dhe_algo, dhe_context,
2727 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2728 : sizeof(spdm_key_exchange_request_t),
2729 : dhe_key_size, final_key, &final_key_size);
2730 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2731 1 : ptr += dhe_key_size;
2732 : /* libspdm_zero_mem (ptr, hash_size);
2733 : * ptr += hash_size;*/
2734 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2735 1 : ptr += sizeof(uint16_t);
2736 1 : libspdm_build_opaque_data_version_selection_data(
2737 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2738 : &opaque_key_exchange_rsp_size, ptr);
2739 1 : ptr += opaque_key_exchange_rsp_size;
2740 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2741 : m_libspdm_use_asym_algo, &data,
2742 : &data_size, NULL, NULL)) {
2743 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2744 : }
2745 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2746 : sizeof(m_libspdm_local_buffer)
2747 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2748 : m_libspdm_local_buffer),
2749 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2750 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2751 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2752 : m_libspdm_local_buffer_size));
2753 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2754 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2755 1 : cert_buffer = (uint8_t *)data;
2756 1 : cert_buffer_size = data_size;
2757 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2758 : /* transcript.message_a size is 0*/
2759 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2760 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2761 : m_libspdm_local_buffer_size);
2762 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2763 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2764 1 : free(data);
2765 1 : libspdm_responder_data_sign(
2766 : spdm_context,
2767 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2768 : 0, SPDM_KEY_EXCHANGE_RSP,
2769 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2770 1 : false, libspdm_get_managed_buffer(&th_curr),
2771 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2772 : &signature_size);
2773 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2774 : sizeof(m_libspdm_local_buffer)
2775 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2776 : m_libspdm_local_buffer),
2777 : ptr, signature_size);
2778 1 : m_libspdm_local_buffer_size += signature_size;
2779 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2780 1 : ptr += signature_size;
2781 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2782 : libspdm_get_managed_buffer_size(&th_curr),
2783 : th_curr_hash_data);
2784 1 : bin_str0_size = sizeof(bin_str0);
2785 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2786 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2787 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2788 : &bin_str0_size);
2789 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2790 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2791 1 : bin_str2_size = sizeof(bin_str2);
2792 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2793 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2794 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2795 : bin_str2, &bin_str2_size);
2796 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2797 : bin_str2, bin_str2_size,
2798 : response_handshake_secret, hash_size);
2799 1 : bin_str7_size = sizeof(bin_str7);
2800 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2801 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2802 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2803 : &bin_str7_size);
2804 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2805 : hash_size, bin_str7, bin_str7_size,
2806 : response_finished_key, hash_size);
2807 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2808 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2809 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2810 : response_finished_key, hash_size, ptr);
2811 1 : ptr += hmac_size;
2812 :
2813 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2814 : false, spdm_response_size,
2815 : spdm_response, response_size,
2816 : response);
2817 : }
2818 1 : return LIBSPDM_STATUS_SUCCESS;
2819 :
2820 1 : case 0x15: {
2821 : spdm_key_exchange_response_t *spdm_response;
2822 : size_t dhe_key_size;
2823 : uint32_t hash_size;
2824 : size_t signature_size;
2825 : uint32_t hmac_size;
2826 : uint8_t *ptr;
2827 : void *dhe_context;
2828 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2829 : size_t final_key_size;
2830 : size_t opaque_key_exchange_rsp_size;
2831 : void *data;
2832 : size_t data_size;
2833 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2834 : uint8_t *cert_buffer;
2835 : size_t cert_buffer_size;
2836 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2837 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2838 : uint8_t bin_str0[128];
2839 : size_t bin_str0_size;
2840 : uint8_t bin_str2[128];
2841 : size_t bin_str2_size;
2842 : uint8_t bin_str7[128];
2843 : size_t bin_str7_size;
2844 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2845 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
2846 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
2847 : size_t spdm_response_size;
2848 : size_t transport_header_size;
2849 :
2850 : ((libspdm_context_t *)spdm_context)
2851 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2852 : ((libspdm_context_t *)spdm_context)
2853 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2854 : ((libspdm_context_t *)spdm_context)
2855 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2856 : ((libspdm_context_t *)spdm_context)
2857 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
2858 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
2859 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2860 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
2861 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2862 1 : opaque_key_exchange_rsp_size =
2863 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
2864 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
2865 1 : dhe_key_size + 0 + sizeof(uint16_t) +
2866 1 : opaque_key_exchange_rsp_size + signature_size +
2867 : hmac_size;
2868 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
2869 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
2870 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
2871 :
2872 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
2873 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
2874 1 : spdm_response->header.param1 = 5;
2875 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
2876 1 : spdm_response->mut_auth_requested = 0;
2877 1 : spdm_response->req_slot_id_param = 0;
2878 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
2879 1 : ptr = (void *)(spdm_response + 1);
2880 1 : dhe_context = libspdm_dhe_new(
2881 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2882 : m_libspdm_use_dhe_algo,
2883 : true);
2884 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2885 1 : final_key_size = sizeof(final_key);
2886 1 : libspdm_dhe_compute_key(
2887 : m_libspdm_use_dhe_algo, dhe_context,
2888 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
2889 : sizeof(spdm_key_exchange_request_t),
2890 : dhe_key_size, final_key, &final_key_size);
2891 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2892 1 : ptr += dhe_key_size;
2893 : /* libspdm_zero_mem (ptr, hash_size);
2894 : * ptr += hash_size;*/
2895 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
2896 1 : ptr += sizeof(uint16_t);
2897 1 : libspdm_build_opaque_data_version_selection_data(
2898 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
2899 : &opaque_key_exchange_rsp_size, ptr);
2900 1 : ptr += opaque_key_exchange_rsp_size;
2901 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2902 : m_libspdm_use_asym_algo, &data,
2903 : &data_size, NULL, NULL)) {
2904 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
2905 : }
2906 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2907 : sizeof(m_libspdm_local_buffer)
2908 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2909 : m_libspdm_local_buffer),
2910 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
2911 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
2912 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
2913 : m_libspdm_local_buffer_size));
2914 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2915 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
2916 1 : cert_buffer = (uint8_t *)data;
2917 1 : cert_buffer_size = data_size;
2918 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
2919 : /* transcript.message_a size is 0*/
2920 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
2921 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
2922 : m_libspdm_local_buffer_size);
2923 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2924 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2925 1 : free(data);
2926 1 : libspdm_responder_data_sign(
2927 : spdm_context,
2928 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
2929 : 0, SPDM_KEY_EXCHANGE_RSP,
2930 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
2931 1 : false, libspdm_get_managed_buffer(&th_curr),
2932 : libspdm_get_managed_buffer_size(&th_curr), ptr,
2933 : &signature_size);
2934 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
2935 : sizeof(m_libspdm_local_buffer)
2936 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
2937 : m_libspdm_local_buffer),
2938 : ptr, signature_size);
2939 1 : m_libspdm_local_buffer_size += signature_size;
2940 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
2941 1 : ptr += signature_size;
2942 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2943 : libspdm_get_managed_buffer_size(&th_curr),
2944 : th_curr_hash_data);
2945 1 : bin_str0_size = sizeof(bin_str0);
2946 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2947 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
2948 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
2949 : &bin_str0_size);
2950 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
2951 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
2952 1 : bin_str2_size = sizeof(bin_str2);
2953 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2954 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
2955 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
2956 : bin_str2, &bin_str2_size);
2957 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
2958 : bin_str2, bin_str2_size,
2959 : response_handshake_secret, hash_size);
2960 1 : bin_str7_size = sizeof(bin_str7);
2961 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
2962 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
2963 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
2964 : &bin_str7_size);
2965 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
2966 : hash_size, bin_str7, bin_str7_size,
2967 : response_finished_key, hash_size);
2968 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
2969 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
2970 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
2971 : response_finished_key, hash_size, ptr);
2972 1 : ptr += hmac_size;
2973 :
2974 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
2975 : false, spdm_response_size,
2976 : spdm_response, response_size,
2977 : response);
2978 : }
2979 1 : return LIBSPDM_STATUS_SUCCESS;
2980 :
2981 1 : case 0x16: {
2982 : spdm_key_exchange_response_t *spdm_response;
2983 : size_t dhe_key_size;
2984 : uint32_t hash_size;
2985 : size_t signature_size;
2986 : uint32_t hmac_size;
2987 : uint8_t *ptr;
2988 : void *dhe_context;
2989 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
2990 : size_t final_key_size;
2991 : size_t opaque_key_exchange_rsp_size;
2992 : void *data;
2993 : size_t data_size;
2994 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
2995 : uint8_t *cert_buffer;
2996 : size_t cert_buffer_size;
2997 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2998 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
2999 : uint8_t bin_str0[128];
3000 : size_t bin_str0_size;
3001 : uint8_t bin_str2[128];
3002 : size_t bin_str2_size;
3003 : uint8_t bin_str7[128];
3004 : size_t bin_str7_size;
3005 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3006 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3007 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3008 : size_t spdm_response_size;
3009 : size_t transport_header_size;
3010 :
3011 : ((libspdm_context_t *)spdm_context)
3012 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3013 : ((libspdm_context_t *)spdm_context)
3014 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3015 : ((libspdm_context_t *)spdm_context)
3016 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3017 : ((libspdm_context_t *)spdm_context)
3018 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3019 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3020 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3021 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3022 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3023 1 : opaque_key_exchange_rsp_size =
3024 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
3025 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3026 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3027 1 : opaque_key_exchange_rsp_size + signature_size +
3028 : hmac_size;
3029 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3030 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3031 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3032 :
3033 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3034 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3035 1 : spdm_response->header.param1 = 0;
3036 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3037 1 : spdm_response->mut_auth_requested = 0;
3038 1 : spdm_response->req_slot_id_param = 0;
3039 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3040 1 : ptr = (void *)(spdm_response + 1);
3041 1 : dhe_context = libspdm_dhe_new(
3042 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3043 : m_libspdm_use_dhe_algo,
3044 : true);
3045 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3046 1 : final_key_size = sizeof(final_key);
3047 1 : libspdm_dhe_compute_key(
3048 : m_libspdm_use_dhe_algo, dhe_context,
3049 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3050 : sizeof(spdm_key_exchange_request_t),
3051 : dhe_key_size, final_key, &final_key_size);
3052 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3053 1 : ptr += dhe_key_size;
3054 : /* libspdm_zero_mem (ptr, hash_size);
3055 : * ptr += hash_size;*/
3056 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3057 1 : ptr += sizeof(uint16_t);
3058 1 : libspdm_build_opaque_data_version_selection_data(
3059 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3060 : &opaque_key_exchange_rsp_size, ptr);
3061 1 : ptr += opaque_key_exchange_rsp_size;
3062 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3063 : m_libspdm_use_asym_algo, &data,
3064 : &data_size, NULL, NULL)) {
3065 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3066 : }
3067 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3068 : sizeof(m_libspdm_local_buffer)
3069 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3070 : m_libspdm_local_buffer),
3071 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3072 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3073 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3074 : m_libspdm_local_buffer_size));
3075 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3076 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3077 1 : cert_buffer = (uint8_t *)data;
3078 1 : cert_buffer_size = data_size;
3079 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3080 : /* transcript.message_a size is 0*/
3081 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3082 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3083 : m_libspdm_local_buffer_size);
3084 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3085 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3086 1 : free(data);
3087 1 : libspdm_responder_data_sign(
3088 : spdm_context,
3089 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3090 : 0, SPDM_KEY_EXCHANGE_RSP,
3091 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3092 1 : false, libspdm_get_managed_buffer(&th_curr),
3093 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3094 : &signature_size);
3095 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3096 : sizeof(m_libspdm_local_buffer)
3097 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3098 : m_libspdm_local_buffer),
3099 : ptr, signature_size);
3100 1 : m_libspdm_local_buffer_size += signature_size;
3101 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3102 1 : ptr += signature_size;
3103 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3104 : libspdm_get_managed_buffer_size(&th_curr),
3105 : th_curr_hash_data);
3106 1 : bin_str0_size = sizeof(bin_str0);
3107 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3108 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3109 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3110 : &bin_str0_size);
3111 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3112 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3113 1 : bin_str2_size = sizeof(bin_str2);
3114 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3115 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3116 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3117 : bin_str2, &bin_str2_size);
3118 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3119 : bin_str2, bin_str2_size,
3120 : response_handshake_secret, hash_size);
3121 1 : bin_str7_size = sizeof(bin_str7);
3122 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3123 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3124 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3125 : &bin_str7_size);
3126 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3127 : hash_size, bin_str7, bin_str7_size,
3128 : response_finished_key, hash_size);
3129 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3130 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3131 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3132 : response_finished_key, hash_size, ptr);
3133 1 : ptr += hmac_size;
3134 :
3135 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3136 : false, spdm_response_size,
3137 : spdm_response, response_size,
3138 : response);
3139 : }
3140 1 : return LIBSPDM_STATUS_SUCCESS;
3141 :
3142 1 : case 0x17: {
3143 : spdm_key_exchange_response_t *spdm_response;
3144 : size_t dhe_key_size;
3145 : uint32_t hash_size;
3146 : size_t signature_size;
3147 : uint32_t hmac_size;
3148 : uint8_t *ptr;
3149 : void *dhe_context;
3150 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3151 : size_t final_key_size;
3152 : size_t opaque_key_exchange_rsp_size;
3153 : void *data;
3154 : size_t data_size;
3155 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3156 : uint8_t *cert_buffer;
3157 : size_t cert_buffer_size;
3158 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3159 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3160 : uint8_t bin_str0[128];
3161 : size_t bin_str0_size;
3162 : uint8_t bin_str2[128];
3163 : size_t bin_str2_size;
3164 : uint8_t bin_str7[128];
3165 : size_t bin_str7_size;
3166 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3167 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3168 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3169 : size_t spdm_response_size;
3170 : size_t transport_header_size;
3171 :
3172 : ((libspdm_context_t *)spdm_context)
3173 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3174 : ((libspdm_context_t *)spdm_context)
3175 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3176 : ((libspdm_context_t *)spdm_context)
3177 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3178 : ((libspdm_context_t *)spdm_context)
3179 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3180 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3181 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3182 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3183 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3184 1 : opaque_key_exchange_rsp_size =
3185 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
3186 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3187 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3188 1 : opaque_key_exchange_rsp_size + signature_size +
3189 : hmac_size;
3190 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3191 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3192 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3193 :
3194 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3195 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3196 1 : spdm_response->header.param1 = 0;
3197 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3198 1 : spdm_response->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
3199 1 : spdm_response->req_slot_id_param = 0xF;
3200 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3201 1 : ptr = (void *)(spdm_response + 1);
3202 1 : dhe_context = libspdm_dhe_new(
3203 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3204 : m_libspdm_use_dhe_algo,
3205 : true);
3206 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3207 1 : final_key_size = sizeof(final_key);
3208 1 : libspdm_dhe_compute_key(
3209 : m_libspdm_use_dhe_algo, dhe_context,
3210 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3211 : sizeof(spdm_key_exchange_request_t),
3212 : dhe_key_size, final_key, &final_key_size);
3213 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3214 1 : ptr += dhe_key_size;
3215 : /* libspdm_zero_mem (ptr, hash_size);
3216 : * ptr += hash_size;*/
3217 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3218 1 : ptr += sizeof(uint16_t);
3219 1 : libspdm_build_opaque_data_version_selection_data(
3220 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3221 : &opaque_key_exchange_rsp_size, ptr);
3222 1 : ptr += opaque_key_exchange_rsp_size;
3223 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3224 : m_libspdm_use_asym_algo, &data,
3225 : &data_size, NULL, NULL)) {
3226 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3227 : }
3228 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3229 : sizeof(m_libspdm_local_buffer)
3230 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3231 : m_libspdm_local_buffer),
3232 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3233 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3234 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3235 : m_libspdm_local_buffer_size));
3236 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3237 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3238 1 : cert_buffer = (uint8_t *)data;
3239 1 : cert_buffer_size = data_size;
3240 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3241 : /* transcript.message_a size is 0*/
3242 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3243 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3244 : m_libspdm_local_buffer_size);
3245 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3246 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3247 1 : free(data);
3248 1 : libspdm_responder_data_sign(
3249 : spdm_context,
3250 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3251 : 0, SPDM_KEY_EXCHANGE_RSP,
3252 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3253 1 : false, libspdm_get_managed_buffer(&th_curr),
3254 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3255 : &signature_size);
3256 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3257 : sizeof(m_libspdm_local_buffer)
3258 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3259 : m_libspdm_local_buffer),
3260 : ptr, signature_size);
3261 1 : m_libspdm_local_buffer_size += signature_size;
3262 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3263 1 : ptr += signature_size;
3264 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3265 : libspdm_get_managed_buffer_size(&th_curr),
3266 : th_curr_hash_data);
3267 1 : bin_str0_size = sizeof(bin_str0);
3268 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3269 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3270 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3271 : &bin_str0_size);
3272 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3273 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3274 1 : bin_str2_size = sizeof(bin_str2);
3275 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3276 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3277 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3278 : bin_str2, &bin_str2_size);
3279 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3280 : bin_str2, bin_str2_size,
3281 : response_handshake_secret, hash_size);
3282 1 : bin_str7_size = sizeof(bin_str7);
3283 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3284 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3285 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3286 : &bin_str7_size);
3287 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3288 : hash_size, bin_str7, bin_str7_size,
3289 : response_finished_key, hash_size);
3290 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3291 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3292 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3293 : response_finished_key, hash_size, ptr);
3294 1 : ptr += hmac_size;
3295 :
3296 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3297 : false, spdm_response_size,
3298 : spdm_response, response_size,
3299 : response);
3300 : }
3301 1 : return LIBSPDM_STATUS_SUCCESS;
3302 :
3303 1 : case 0x18: {
3304 : spdm_key_exchange_response_t *spdm_response;
3305 : size_t dhe_key_size;
3306 : uint32_t hash_size;
3307 : size_t signature_size;
3308 : uint32_t hmac_size;
3309 : uint8_t *ptr;
3310 : void *dhe_context;
3311 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3312 : size_t final_key_size;
3313 : size_t opaque_key_exchange_rsp_size;
3314 : void *data;
3315 : size_t data_size;
3316 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3317 : uint8_t *cert_buffer;
3318 : size_t cert_buffer_size;
3319 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3320 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3321 : uint8_t bin_str0[128];
3322 : size_t bin_str0_size;
3323 : uint8_t bin_str2[128];
3324 : size_t bin_str2_size;
3325 : uint8_t bin_str7[128];
3326 : size_t bin_str7_size;
3327 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3328 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3329 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3330 : size_t spdm_response_size;
3331 : size_t transport_header_size;
3332 :
3333 : ((libspdm_context_t *)spdm_context)
3334 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3335 : ((libspdm_context_t *)spdm_context)
3336 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3337 : ((libspdm_context_t *)spdm_context)
3338 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3339 : ((libspdm_context_t *)spdm_context)
3340 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3341 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3342 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3343 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3344 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3345 1 : opaque_key_exchange_rsp_size =
3346 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
3347 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3348 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3349 1 : opaque_key_exchange_rsp_size + signature_size +
3350 : hmac_size;
3351 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3352 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3353 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3354 :
3355 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3356 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3357 1 : spdm_response->header.param1 = 0x0;
3358 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3359 1 : spdm_response->mut_auth_requested =
3360 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST;
3361 1 : spdm_response->req_slot_id_param = 0x0;
3362 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3363 1 : ptr = (void *)(spdm_response + 1);
3364 1 : dhe_context = libspdm_dhe_new(
3365 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3366 : m_libspdm_use_dhe_algo, true);
3367 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3368 1 : final_key_size = sizeof(final_key);
3369 1 : libspdm_dhe_compute_key(
3370 : m_libspdm_use_dhe_algo, dhe_context,
3371 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3372 : sizeof(spdm_key_exchange_request_t),
3373 : dhe_key_size, final_key, &final_key_size);
3374 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3375 1 : ptr += dhe_key_size;
3376 : /* libspdm_zero_mem (ptr, hash_size);
3377 : * ptr += hash_size;*/
3378 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3379 1 : ptr += sizeof(uint16_t);
3380 1 : libspdm_build_opaque_data_version_selection_data(
3381 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3382 : &opaque_key_exchange_rsp_size, ptr);
3383 1 : ptr += opaque_key_exchange_rsp_size;
3384 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3385 : m_libspdm_use_asym_algo, &data,
3386 : &data_size, NULL, NULL)) {
3387 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3388 : }
3389 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3390 : sizeof(m_libspdm_local_buffer)
3391 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3392 : m_libspdm_local_buffer),
3393 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3394 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3395 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3396 : m_libspdm_local_buffer_size));
3397 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3398 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3399 1 : cert_buffer = (uint8_t *)data;
3400 1 : cert_buffer_size = data_size;
3401 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3402 : /* transcript.message_a size is 0*/
3403 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3404 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3405 : m_libspdm_local_buffer_size);
3406 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3407 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3408 1 : free(data);
3409 1 : libspdm_responder_data_sign(
3410 : spdm_context,
3411 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3412 : 0, SPDM_KEY_EXCHANGE_RSP,
3413 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3414 1 : false, libspdm_get_managed_buffer(&th_curr),
3415 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3416 : &signature_size);
3417 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3418 : sizeof(m_libspdm_local_buffer)
3419 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3420 : m_libspdm_local_buffer),
3421 : ptr, signature_size);
3422 1 : m_libspdm_local_buffer_size += signature_size;
3423 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3424 1 : ptr += signature_size;
3425 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3426 : libspdm_get_managed_buffer_size(&th_curr),
3427 : th_curr_hash_data);
3428 1 : bin_str0_size = sizeof(bin_str0);
3429 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3430 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3431 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3432 : &bin_str0_size);
3433 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3434 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3435 1 : bin_str2_size = sizeof(bin_str2);
3436 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3437 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3438 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3439 : bin_str2, &bin_str2_size);
3440 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3441 : bin_str2, bin_str2_size,
3442 : response_handshake_secret, hash_size);
3443 1 : bin_str7_size = sizeof(bin_str7);
3444 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3445 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3446 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3447 : &bin_str7_size);
3448 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3449 : hash_size, bin_str7, bin_str7_size,
3450 : response_finished_key, hash_size);
3451 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3452 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3453 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3454 : response_finished_key, hash_size, ptr);
3455 1 : ptr += hmac_size;
3456 :
3457 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3458 : false, spdm_response_size,
3459 : spdm_response, response_size,
3460 : response);
3461 : }
3462 1 : return LIBSPDM_STATUS_SUCCESS;
3463 :
3464 1 : case 0x19: {
3465 : spdm_key_exchange_response_t *spdm_response;
3466 : size_t dhe_key_size;
3467 : uint32_t hash_size;
3468 : size_t signature_size;
3469 : uint32_t hmac_size;
3470 : uint8_t *ptr;
3471 : void *dhe_context;
3472 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3473 : size_t final_key_size;
3474 : size_t opaque_key_exchange_rsp_size;
3475 : void *data;
3476 : size_t data_size;
3477 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3478 : uint8_t *cert_buffer;
3479 : size_t cert_buffer_size;
3480 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3481 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3482 : uint8_t bin_str0[128];
3483 : size_t bin_str0_size;
3484 : uint8_t bin_str2[128];
3485 : size_t bin_str2_size;
3486 : uint8_t bin_str7[128];
3487 : size_t bin_str7_size;
3488 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3489 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3490 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3491 : size_t spdm_response_size;
3492 : size_t transport_header_size;
3493 :
3494 : ((libspdm_context_t *)spdm_context)
3495 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3496 : ((libspdm_context_t *)spdm_context)
3497 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3498 : ((libspdm_context_t *)spdm_context)
3499 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3500 : ((libspdm_context_t *)spdm_context)
3501 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3502 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3503 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3504 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3505 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3506 1 : opaque_key_exchange_rsp_size =
3507 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
3508 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3509 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3510 1 : opaque_key_exchange_rsp_size + signature_size +
3511 : hmac_size;
3512 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3513 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3514 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3515 :
3516 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3517 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3518 1 : spdm_response->header.param1 = 0;
3519 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3520 1 : spdm_response->mut_auth_requested =
3521 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS;
3522 1 : spdm_response->req_slot_id_param = 0;
3523 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3524 1 : ptr = (void *)(spdm_response + 1);
3525 1 : dhe_context = libspdm_dhe_new(
3526 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3527 : m_libspdm_use_dhe_algo, true);
3528 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3529 1 : final_key_size = sizeof(final_key);
3530 1 : libspdm_dhe_compute_key(
3531 : m_libspdm_use_dhe_algo, dhe_context,
3532 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3533 : sizeof(spdm_key_exchange_request_t),
3534 : dhe_key_size, final_key, &final_key_size);
3535 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3536 1 : ptr += dhe_key_size;
3537 : /* libspdm_zero_mem (ptr, hash_size);
3538 : * ptr += hash_size;*/
3539 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3540 1 : ptr += sizeof(uint16_t);
3541 1 : libspdm_build_opaque_data_version_selection_data(
3542 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3543 : &opaque_key_exchange_rsp_size, ptr);
3544 1 : ptr += opaque_key_exchange_rsp_size;
3545 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3546 : m_libspdm_use_asym_algo, &data,
3547 : &data_size, NULL, NULL)) {
3548 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3549 : }
3550 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3551 : sizeof(m_libspdm_local_buffer)
3552 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3553 : m_libspdm_local_buffer),
3554 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3555 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3556 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3557 : m_libspdm_local_buffer_size));
3558 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3559 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3560 1 : cert_buffer = (uint8_t *)data;
3561 1 : cert_buffer_size = data_size;
3562 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3563 : /* transcript.message_a size is 0*/
3564 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3565 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3566 : m_libspdm_local_buffer_size);
3567 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3568 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3569 1 : free(data);
3570 1 : libspdm_responder_data_sign(
3571 : spdm_context,
3572 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3573 : 0, SPDM_KEY_EXCHANGE_RSP,
3574 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3575 1 : false, libspdm_get_managed_buffer(&th_curr),
3576 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3577 : &signature_size);
3578 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3579 : sizeof(m_libspdm_local_buffer)
3580 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3581 : m_libspdm_local_buffer),
3582 : ptr, signature_size);
3583 1 : m_libspdm_local_buffer_size += signature_size;
3584 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3585 1 : ptr += signature_size;
3586 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3587 : libspdm_get_managed_buffer_size(&th_curr),
3588 : th_curr_hash_data);
3589 1 : bin_str0_size = sizeof(bin_str0);
3590 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3591 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3592 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3593 : &bin_str0_size);
3594 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3595 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3596 1 : bin_str2_size = sizeof(bin_str2);
3597 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3598 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3599 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3600 : bin_str2, &bin_str2_size);
3601 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3602 : bin_str2, bin_str2_size,
3603 : response_handshake_secret, hash_size);
3604 1 : bin_str7_size = sizeof(bin_str7);
3605 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3606 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3607 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3608 : &bin_str7_size);
3609 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3610 : hash_size, bin_str7, bin_str7_size,
3611 : response_finished_key, hash_size);
3612 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3613 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3614 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3615 : response_finished_key, hash_size, ptr);
3616 1 : ptr += hmac_size;
3617 :
3618 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3619 : false, spdm_response_size,
3620 : spdm_response, response_size,
3621 : response);
3622 : }
3623 1 : return LIBSPDM_STATUS_SUCCESS;
3624 :
3625 1 : case 0x1A: {
3626 : spdm_key_exchange_response_t *spdm_response;
3627 : size_t dhe_key_size;
3628 : uint32_t hash_size;
3629 : size_t signature_size;
3630 : uint32_t hmac_size;
3631 : uint8_t *ptr;
3632 : void *dhe_context;
3633 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3634 : size_t final_key_size;
3635 : size_t opaque_key_exchange_rsp_size;
3636 : void *data;
3637 : size_t data_size;
3638 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3639 : uint8_t *cert_buffer;
3640 : size_t cert_buffer_size;
3641 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3642 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3643 : uint8_t bin_str0[128];
3644 : size_t bin_str0_size;
3645 : uint8_t bin_str2[128];
3646 : size_t bin_str2_size;
3647 : uint8_t bin_str7[128];
3648 : size_t bin_str7_size;
3649 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3650 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3651 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3652 : size_t spdm_response_size;
3653 : size_t transport_header_size;
3654 :
3655 : ((libspdm_context_t *)spdm_context)
3656 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3657 : ((libspdm_context_t *)spdm_context)
3658 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3659 : ((libspdm_context_t *)spdm_context)
3660 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3661 : ((libspdm_context_t *)spdm_context)
3662 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3663 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3664 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3665 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3666 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3667 1 : opaque_key_exchange_rsp_size =
3668 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
3669 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3670 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3671 1 : opaque_key_exchange_rsp_size + signature_size +
3672 : hmac_size;
3673 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3674 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3675 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3676 :
3677 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3678 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3679 1 : spdm_response->header.param1 = 0;
3680 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3681 1 : spdm_response->mut_auth_requested =
3682 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED |
3683 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST;
3684 1 : spdm_response->req_slot_id_param = 0xF;
3685 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3686 1 : ptr = (void *)(spdm_response + 1);
3687 1 : dhe_context = libspdm_dhe_new(
3688 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3689 : m_libspdm_use_dhe_algo,
3690 : true);
3691 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3692 1 : final_key_size = sizeof(final_key);
3693 1 : libspdm_dhe_compute_key(
3694 : m_libspdm_use_dhe_algo, dhe_context,
3695 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3696 : sizeof(spdm_key_exchange_request_t),
3697 : dhe_key_size, final_key, &final_key_size);
3698 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3699 1 : ptr += dhe_key_size;
3700 : /* libspdm_zero_mem (ptr, hash_size);
3701 : * ptr += hash_size;*/
3702 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3703 1 : ptr += sizeof(uint16_t);
3704 1 : libspdm_build_opaque_data_version_selection_data(
3705 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3706 : &opaque_key_exchange_rsp_size, ptr);
3707 1 : ptr += opaque_key_exchange_rsp_size;
3708 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3709 : m_libspdm_use_asym_algo, &data,
3710 : &data_size, NULL, NULL)) {
3711 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3712 : }
3713 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3714 : sizeof(m_libspdm_local_buffer)
3715 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3716 : m_libspdm_local_buffer),
3717 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3718 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3719 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3720 : m_libspdm_local_buffer_size));
3721 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3722 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3723 1 : cert_buffer = (uint8_t *)data;
3724 1 : cert_buffer_size = data_size;
3725 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3726 : /* transcript.message_a size is 0*/
3727 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3728 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3729 : m_libspdm_local_buffer_size);
3730 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3731 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3732 1 : free(data);
3733 1 : libspdm_responder_data_sign(
3734 : spdm_context,
3735 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3736 : 0, SPDM_KEY_EXCHANGE_RSP,
3737 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3738 1 : false, libspdm_get_managed_buffer(&th_curr),
3739 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3740 : &signature_size);
3741 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3742 : sizeof(m_libspdm_local_buffer)
3743 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3744 : m_libspdm_local_buffer),
3745 : ptr, signature_size);
3746 1 : m_libspdm_local_buffer_size += signature_size;
3747 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3748 1 : ptr += signature_size;
3749 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3750 : libspdm_get_managed_buffer_size(&th_curr),
3751 : th_curr_hash_data);
3752 1 : bin_str0_size = sizeof(bin_str0);
3753 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3754 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3755 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3756 : &bin_str0_size);
3757 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3758 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3759 1 : bin_str2_size = sizeof(bin_str2);
3760 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3761 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3762 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3763 : bin_str2, &bin_str2_size);
3764 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3765 : bin_str2, bin_str2_size,
3766 : response_handshake_secret, hash_size);
3767 1 : bin_str7_size = sizeof(bin_str7);
3768 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3769 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3770 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3771 : &bin_str7_size);
3772 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3773 : hash_size, bin_str7, bin_str7_size,
3774 : response_finished_key, hash_size);
3775 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3776 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3777 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3778 : response_finished_key, hash_size, ptr);
3779 1 : ptr += hmac_size;
3780 :
3781 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3782 : false, spdm_response_size,
3783 : spdm_response, response_size,
3784 : response);
3785 : }
3786 1 : return LIBSPDM_STATUS_SUCCESS;
3787 :
3788 1 : case 0x1B: {
3789 : spdm_key_exchange_response_t *spdm_response;
3790 : size_t dhe_key_size;
3791 : uint32_t hash_size;
3792 : size_t signature_size;
3793 : uint32_t hmac_size;
3794 : uint8_t *ptr;
3795 : void *dhe_context;
3796 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3797 : size_t final_key_size;
3798 : size_t opaque_key_exchange_rsp_size;
3799 : void *data;
3800 : size_t data_size;
3801 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3802 : uint8_t *cert_buffer;
3803 : size_t cert_buffer_size;
3804 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3805 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3806 : uint8_t bin_str0[128];
3807 : size_t bin_str0_size;
3808 : uint8_t bin_str2[128];
3809 : size_t bin_str2_size;
3810 : uint8_t bin_str7[128];
3811 : size_t bin_str7_size;
3812 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3813 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3814 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3815 : size_t spdm_response_size;
3816 : size_t transport_header_size;
3817 :
3818 : ((libspdm_context_t *)spdm_context)
3819 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3820 : ((libspdm_context_t *)spdm_context)
3821 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3822 : ((libspdm_context_t *)spdm_context)
3823 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3824 : ((libspdm_context_t *)spdm_context)
3825 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3826 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3827 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3828 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3829 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3830 1 : opaque_key_exchange_rsp_size =
3831 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
3832 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3833 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3834 1 : opaque_key_exchange_rsp_size + signature_size +
3835 : hmac_size;
3836 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
3837 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
3838 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
3839 :
3840 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
3841 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
3842 1 : spdm_response->header.param1 = 0;
3843 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
3844 1 : spdm_response->mut_auth_requested =
3845 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED |
3846 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS;
3847 1 : spdm_response->req_slot_id_param = 0xF;
3848 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
3849 1 : ptr = (void *)(spdm_response + 1);
3850 1 : dhe_context = libspdm_dhe_new(
3851 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3852 : m_libspdm_use_dhe_algo,
3853 : true);
3854 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
3855 1 : final_key_size = sizeof(final_key);
3856 1 : libspdm_dhe_compute_key(
3857 : m_libspdm_use_dhe_algo, dhe_context,
3858 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
3859 : sizeof(spdm_key_exchange_request_t),
3860 : dhe_key_size, final_key, &final_key_size);
3861 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
3862 1 : ptr += dhe_key_size;
3863 : /* libspdm_zero_mem (ptr, hash_size);
3864 : * ptr += hash_size;*/
3865 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
3866 1 : ptr += sizeof(uint16_t);
3867 1 : libspdm_build_opaque_data_version_selection_data(
3868 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
3869 : &opaque_key_exchange_rsp_size, ptr);
3870 1 : ptr += opaque_key_exchange_rsp_size;
3871 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
3872 : m_libspdm_use_asym_algo, &data,
3873 : &data_size, NULL, NULL)) {
3874 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
3875 : }
3876 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3877 : sizeof(m_libspdm_local_buffer)
3878 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3879 : m_libspdm_local_buffer),
3880 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
3881 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
3882 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
3883 : m_libspdm_local_buffer_size));
3884 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
3885 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
3886 1 : cert_buffer = (uint8_t *)data;
3887 1 : cert_buffer_size = data_size;
3888 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
3889 : /* transcript.message_a size is 0*/
3890 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
3891 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
3892 : m_libspdm_local_buffer_size);
3893 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3894 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3895 1 : free(data);
3896 1 : libspdm_responder_data_sign(
3897 : spdm_context,
3898 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
3899 : 0, SPDM_KEY_EXCHANGE_RSP,
3900 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
3901 1 : false, libspdm_get_managed_buffer(&th_curr),
3902 : libspdm_get_managed_buffer_size(&th_curr), ptr,
3903 : &signature_size);
3904 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
3905 : sizeof(m_libspdm_local_buffer)
3906 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
3907 : m_libspdm_local_buffer),
3908 : ptr, signature_size);
3909 1 : m_libspdm_local_buffer_size += signature_size;
3910 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
3911 1 : ptr += signature_size;
3912 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3913 : libspdm_get_managed_buffer_size(&th_curr),
3914 : th_curr_hash_data);
3915 1 : bin_str0_size = sizeof(bin_str0);
3916 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3917 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
3918 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
3919 : &bin_str0_size);
3920 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
3921 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
3922 1 : bin_str2_size = sizeof(bin_str2);
3923 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3924 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
3925 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
3926 : bin_str2, &bin_str2_size);
3927 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
3928 : bin_str2, bin_str2_size,
3929 : response_handshake_secret, hash_size);
3930 1 : bin_str7_size = sizeof(bin_str7);
3931 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
3932 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
3933 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
3934 : &bin_str7_size);
3935 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
3936 : hash_size, bin_str7, bin_str7_size,
3937 : response_finished_key, hash_size);
3938 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
3939 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
3940 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
3941 : response_finished_key, hash_size, ptr);
3942 1 : ptr += hmac_size;
3943 :
3944 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
3945 : false, spdm_response_size,
3946 : spdm_response, response_size,
3947 : response);
3948 : }
3949 1 : return LIBSPDM_STATUS_SUCCESS;
3950 :
3951 1 : case 0x1C: {
3952 : spdm_key_exchange_response_t *spdm_response;
3953 : size_t dhe_key_size;
3954 : uint32_t hash_size;
3955 : size_t signature_size;
3956 : uint32_t hmac_size;
3957 : uint8_t *ptr;
3958 : void *dhe_context;
3959 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
3960 : size_t final_key_size;
3961 : size_t opaque_key_exchange_rsp_size;
3962 : void *data;
3963 : size_t data_size;
3964 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
3965 : uint8_t *cert_buffer;
3966 : size_t cert_buffer_size;
3967 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
3968 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
3969 : uint8_t bin_str0[128];
3970 : size_t bin_str0_size;
3971 : uint8_t bin_str2[128];
3972 : size_t bin_str2_size;
3973 : uint8_t bin_str7[128];
3974 : size_t bin_str7_size;
3975 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3976 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
3977 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
3978 : size_t spdm_response_size;
3979 : size_t transport_header_size;
3980 :
3981 : ((libspdm_context_t *)spdm_context)
3982 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
3983 : ((libspdm_context_t *)spdm_context)
3984 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
3985 : ((libspdm_context_t *)spdm_context)
3986 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
3987 : ((libspdm_context_t *)spdm_context)
3988 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
3989 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
3990 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3991 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
3992 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
3993 1 : opaque_key_exchange_rsp_size =
3994 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
3995 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
3996 1 : dhe_key_size + 0 + sizeof(uint16_t) +
3997 1 : opaque_key_exchange_rsp_size + signature_size +
3998 : hmac_size;
3999 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4000 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4001 1 : libspdm_zero_mem(spdm_response,spdm_response_size);
4002 :
4003 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
4004 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4005 1 : spdm_response->header.param1 = 0;
4006 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4007 1 : spdm_response->mut_auth_requested =
4008 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST |
4009 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS;
4010 1 : spdm_response->req_slot_id_param = 0xF;
4011 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4012 1 : ptr = (void *)(spdm_response + 1);
4013 1 : dhe_context = libspdm_dhe_new(
4014 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4015 : m_libspdm_use_dhe_algo,
4016 : true);
4017 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4018 1 : final_key_size = sizeof(final_key);
4019 1 : libspdm_dhe_compute_key(
4020 : m_libspdm_use_dhe_algo, dhe_context,
4021 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4022 : sizeof(spdm_key_exchange_request_t),
4023 : dhe_key_size, final_key, &final_key_size);
4024 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4025 1 : ptr += dhe_key_size;
4026 : /* libspdm_zero_mem (ptr, hash_size);
4027 : * ptr += hash_size;*/
4028 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4029 1 : ptr += sizeof(uint16_t);
4030 1 : libspdm_build_opaque_data_version_selection_data(
4031 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4032 : &opaque_key_exchange_rsp_size, ptr);
4033 1 : ptr += opaque_key_exchange_rsp_size;
4034 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4035 : m_libspdm_use_asym_algo, &data,
4036 : &data_size, NULL, NULL)) {
4037 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4038 : }
4039 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4040 : sizeof(m_libspdm_local_buffer)
4041 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4042 : m_libspdm_local_buffer),
4043 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4044 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4045 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4046 : m_libspdm_local_buffer_size));
4047 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4048 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4049 1 : cert_buffer = (uint8_t *)data;
4050 1 : cert_buffer_size = data_size;
4051 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4052 : /* transcript.message_a size is 0*/
4053 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4054 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4055 : m_libspdm_local_buffer_size);
4056 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4057 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4058 1 : free(data);
4059 1 : libspdm_responder_data_sign(
4060 : spdm_context,
4061 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4062 : 0, SPDM_KEY_EXCHANGE_RSP,
4063 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4064 1 : false, libspdm_get_managed_buffer(&th_curr),
4065 : libspdm_get_managed_buffer_size(&th_curr), ptr,
4066 : &signature_size);
4067 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4068 : sizeof(m_libspdm_local_buffer)
4069 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4070 : m_libspdm_local_buffer),
4071 : ptr, signature_size);
4072 1 : m_libspdm_local_buffer_size += signature_size;
4073 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4074 1 : ptr += signature_size;
4075 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4076 : libspdm_get_managed_buffer_size(&th_curr),
4077 : th_curr_hash_data);
4078 1 : bin_str0_size = sizeof(bin_str0);
4079 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4080 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4081 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
4082 : &bin_str0_size);
4083 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4084 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4085 1 : bin_str2_size = sizeof(bin_str2);
4086 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4087 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4088 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4089 : bin_str2, &bin_str2_size);
4090 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4091 : bin_str2, bin_str2_size,
4092 : response_handshake_secret, hash_size);
4093 1 : bin_str7_size = sizeof(bin_str7);
4094 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4095 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4096 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4097 : &bin_str7_size);
4098 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4099 : hash_size, bin_str7, bin_str7_size,
4100 : response_finished_key, hash_size);
4101 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4102 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4103 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4104 : response_finished_key, hash_size, ptr);
4105 1 : ptr += hmac_size;
4106 :
4107 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4108 : false, spdm_response_size,
4109 : spdm_response, response_size,
4110 : response);
4111 : }
4112 1 : return LIBSPDM_STATUS_SUCCESS;
4113 :
4114 1 : case 0x1D: {
4115 : spdm_key_exchange_response_t *spdm_response;
4116 : size_t dhe_key_size;
4117 : uint32_t hash_size;
4118 : size_t signature_size;
4119 : uint32_t hmac_size;
4120 : uint8_t *ptr;
4121 : void *dhe_context;
4122 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4123 : size_t final_key_size;
4124 : size_t opaque_key_exchange_rsp_size;
4125 : void *data;
4126 : size_t data_size;
4127 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4128 : uint8_t *cert_buffer;
4129 : size_t cert_buffer_size;
4130 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4131 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4132 : uint8_t bin_str0[128];
4133 : size_t bin_str0_size;
4134 : uint8_t bin_str2[128];
4135 : size_t bin_str2_size;
4136 : uint8_t bin_str7[128];
4137 : size_t bin_str7_size;
4138 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4139 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4140 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4141 : size_t spdm_response_size;
4142 : size_t transport_header_size;
4143 :
4144 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo =
4145 : m_libspdm_use_asym_algo;
4146 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo =
4147 : m_libspdm_use_hash_algo;
4148 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.dhe_named_group =
4149 : m_libspdm_use_dhe_algo;
4150 1 : ((libspdm_context_t *)spdm_context)->connection_info.algorithm.measurement_hash_algo =
4151 : m_libspdm_use_measurement_hash_algo;
4152 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4153 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4154 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4155 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4156 1 : opaque_key_exchange_rsp_size =
4157 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
4158 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4159 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4160 1 : opaque_key_exchange_rsp_size + signature_size +
4161 : hmac_size;
4162 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4163 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4164 :
4165 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
4166 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4167 1 : spdm_response->header.param1 = 0;
4168 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4169 1 : spdm_response->mut_auth_requested = 0;
4170 1 : spdm_response->req_slot_id_param = 0;
4171 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4172 1 : ptr = (void *)(spdm_response + 1);
4173 1 : dhe_context = libspdm_dhe_new(
4174 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4175 : m_libspdm_use_dhe_algo, true);
4176 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4177 1 : final_key_size = sizeof(final_key);
4178 1 : libspdm_dhe_compute_key(
4179 : m_libspdm_use_dhe_algo, dhe_context,
4180 1 : (uint8_t *)&m_libspdm_local_buffer[0] + sizeof(spdm_key_exchange_request_t),
4181 : dhe_key_size, final_key, &final_key_size);
4182 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4183 1 : ptr += dhe_key_size;
4184 : /* libspdm_zero_mem (ptr, hash_size);
4185 : * ptr += hash_size;*/
4186 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4187 1 : ptr += sizeof(uint16_t);
4188 1 : libspdm_build_opaque_data_version_selection_data(
4189 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4190 : &opaque_key_exchange_rsp_size, ptr);
4191 1 : ptr += opaque_key_exchange_rsp_size;
4192 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4193 : m_libspdm_use_asym_algo, &data,
4194 : &data_size, NULL, NULL)) {
4195 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4196 : }
4197 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4198 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
4199 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4200 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4201 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%zx):\n",
4202 : m_libspdm_local_buffer_size));
4203 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4204 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4205 1 : cert_buffer = (uint8_t *)data;
4206 1 : cert_buffer_size = data_size;
4207 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4208 : /* transcript.message_a size is 0*/
4209 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4210 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4211 : m_libspdm_local_buffer_size);
4212 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4213 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4214 1 : free(data);
4215 1 : libspdm_responder_data_sign(
4216 : spdm_context,
4217 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4218 : 0, SPDM_KEY_EXCHANGE_RSP,
4219 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4220 1 : false, libspdm_get_managed_buffer(&th_curr),
4221 : libspdm_get_managed_buffer_size(&th_curr), ptr, &signature_size);
4222 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4223 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
4224 : ptr, signature_size);
4225 1 : m_libspdm_local_buffer_size += signature_size;
4226 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4227 1 : ptr += signature_size;
4228 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4229 : libspdm_get_managed_buffer_size(&th_curr), th_curr_hash_data);
4230 1 : bin_str0_size = sizeof(bin_str0);
4231 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4232 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4233 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0, &bin_str0_size);
4234 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4235 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4236 1 : bin_str2_size = sizeof(bin_str2);
4237 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4238 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4239 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4240 : bin_str2, &bin_str2_size);
4241 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4242 : bin_str2, bin_str2_size,
4243 : response_handshake_secret, hash_size);
4244 1 : bin_str7_size = sizeof(bin_str7);
4245 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4246 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4247 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4248 : &bin_str7_size);
4249 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4250 : hash_size, bin_str7, bin_str7_size,
4251 : response_finished_key, hash_size);
4252 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4253 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4254 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4255 : response_finished_key, hash_size, ptr);
4256 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4257 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
4258 : ptr, hmac_size);
4259 1 : m_libspdm_local_buffer_size += hmac_size;
4260 1 : ptr += hmac_size;
4261 :
4262 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4263 : false, spdm_response_size,
4264 : spdm_response, response_size,
4265 : response);
4266 : }
4267 1 : return LIBSPDM_STATUS_SUCCESS;
4268 1 : case 0x1E: {
4269 : spdm_key_exchange_response_t *spdm_response;
4270 : size_t dhe_key_size;
4271 : uint32_t hash_size;
4272 : size_t signature_size;
4273 : uint32_t hmac_size;
4274 : uint8_t *ptr;
4275 : void *dhe_context;
4276 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4277 : size_t final_key_size;
4278 : size_t opaque_key_exchange_rsp_size;
4279 : void *data;
4280 : size_t data_size;
4281 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4282 : uint8_t *cert_buffer;
4283 : size_t cert_buffer_size;
4284 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4285 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4286 : uint8_t bin_str0[128];
4287 : size_t bin_str0_size;
4288 : uint8_t bin_str2[128];
4289 : size_t bin_str2_size;
4290 : uint8_t bin_str7[128];
4291 : size_t bin_str7_size;
4292 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4293 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4294 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4295 : size_t spdm_response_size;
4296 : size_t transport_header_size;
4297 :
4298 :
4299 : ((libspdm_context_t *)spdm_context)
4300 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
4301 : ((libspdm_context_t *)spdm_context)
4302 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
4303 : ((libspdm_context_t *)spdm_context)
4304 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
4305 : ((libspdm_context_t *)spdm_context)
4306 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
4307 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4308 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4309 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4310 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4311 1 : opaque_key_exchange_rsp_size =
4312 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
4313 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4314 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4315 1 : opaque_key_exchange_rsp_size + signature_size +
4316 : hmac_size;
4317 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4318 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4319 :
4320 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
4321 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4322 1 : spdm_response->header.param1 = 0;
4323 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4324 1 : spdm_response->mut_auth_requested = 0;
4325 1 : spdm_response->req_slot_id_param = 0;
4326 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4327 1 : ptr = (void *)(spdm_response + 1);
4328 1 : dhe_context = libspdm_dhe_new(
4329 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4330 : m_libspdm_use_dhe_algo,
4331 : true);
4332 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4333 1 : final_key_size = sizeof(final_key);
4334 1 : libspdm_dhe_compute_key(
4335 : m_libspdm_use_dhe_algo, dhe_context,
4336 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4337 : sizeof(spdm_key_exchange_request_t),
4338 : dhe_key_size, final_key, &final_key_size);
4339 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4340 1 : ptr += dhe_key_size;
4341 : /* libspdm_zero_mem (ptr, hash_size);
4342 : * ptr += hash_size;*/
4343 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4344 1 : ptr += sizeof(uint16_t);
4345 1 : libspdm_build_opaque_data_version_selection_data(
4346 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4347 : &opaque_key_exchange_rsp_size, ptr);
4348 1 : ptr += opaque_key_exchange_rsp_size;
4349 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4350 : m_libspdm_use_asym_algo, &data,
4351 : &data_size, NULL, NULL)) {
4352 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4353 : }
4354 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4355 : sizeof(m_libspdm_local_buffer)
4356 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4357 : m_libspdm_local_buffer),
4358 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4359 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4360 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4361 : m_libspdm_local_buffer_size));
4362 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4363 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4364 1 : cert_buffer = (uint8_t *)data;
4365 1 : cert_buffer_size = data_size;
4366 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4367 : /* transcript.message_a size is 0*/
4368 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4369 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4370 : m_libspdm_local_buffer_size);
4371 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4372 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4373 1 : free(data);
4374 1 : libspdm_responder_data_sign(
4375 : spdm_context,
4376 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4377 : 0, SPDM_KEY_EXCHANGE_RSP,
4378 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4379 1 : false, libspdm_get_managed_buffer(&th_curr),
4380 : libspdm_get_managed_buffer_size(&th_curr), ptr,
4381 : &signature_size);
4382 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4383 : sizeof(m_libspdm_local_buffer)
4384 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4385 : m_libspdm_local_buffer),
4386 : ptr, signature_size);
4387 1 : m_libspdm_local_buffer_size += signature_size;
4388 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4389 1 : ptr += signature_size;
4390 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4391 : libspdm_get_managed_buffer_size(&th_curr),
4392 : th_curr_hash_data);
4393 1 : bin_str0_size = sizeof(bin_str0);
4394 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4395 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4396 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
4397 : &bin_str0_size);
4398 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4399 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4400 1 : bin_str2_size = sizeof(bin_str2);
4401 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4402 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4403 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4404 : bin_str2, &bin_str2_size);
4405 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4406 : bin_str2, bin_str2_size,
4407 : response_handshake_secret, hash_size);
4408 1 : bin_str7_size = sizeof(bin_str7);
4409 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4410 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4411 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4412 : &bin_str7_size);
4413 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4414 : hash_size, bin_str7, bin_str7_size,
4415 : response_finished_key, hash_size);
4416 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4417 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4418 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4419 : response_finished_key, hash_size, ptr);
4420 1 : ptr += hmac_size;
4421 :
4422 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4423 : false, spdm_response_size,
4424 : spdm_response, response_size,
4425 : response);
4426 : }
4427 1 : return LIBSPDM_STATUS_SUCCESS;
4428 :
4429 1 : case 0x1F: {
4430 : spdm_key_exchange_response_t *spdm_response;
4431 : size_t dhe_key_size;
4432 : uint32_t hash_size;
4433 : size_t signature_size;
4434 : uint32_t hmac_size;
4435 : uint8_t *ptr;
4436 : void *dhe_context;
4437 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4438 : size_t final_key_size;
4439 : size_t opaque_key_exchange_rsp_size;
4440 : void *data;
4441 : size_t data_size;
4442 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4443 : uint8_t *cert_buffer;
4444 : size_t cert_buffer_size;
4445 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4446 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4447 : uint8_t bin_str0[128];
4448 : size_t bin_str0_size;
4449 : uint8_t bin_str2[128];
4450 : size_t bin_str2_size;
4451 : uint8_t bin_str7[128];
4452 : size_t bin_str7_size;
4453 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4454 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4455 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4456 : size_t spdm_response_size;
4457 : size_t transport_header_size;
4458 :
4459 :
4460 : ((libspdm_context_t *)spdm_context)
4461 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
4462 : ((libspdm_context_t *)spdm_context)
4463 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
4464 : ((libspdm_context_t *)spdm_context)
4465 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
4466 : ((libspdm_context_t *)spdm_context)
4467 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
4468 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4469 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4470 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4471 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4472 1 : opaque_key_exchange_rsp_size =
4473 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
4474 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4475 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4476 1 : opaque_key_exchange_rsp_size + signature_size +
4477 : hmac_size;
4478 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4479 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4480 :
4481 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
4482 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4483 1 : spdm_response->header.param1 = 0;
4484 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4485 1 : spdm_response->mut_auth_requested = 0;
4486 1 : spdm_response->req_slot_id_param = 0;
4487 1 : memset(spdm_response->random_data, 0x5c, SPDM_RANDOM_DATA_SIZE);
4488 1 : ptr = (void *)(spdm_response + 1);
4489 1 : dhe_context = libspdm_dhe_new(
4490 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4491 : m_libspdm_use_dhe_algo, true);
4492 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4493 1 : final_key_size = sizeof(final_key);
4494 1 : libspdm_dhe_compute_key(
4495 : m_libspdm_use_dhe_algo, dhe_context,
4496 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4497 : sizeof(spdm_key_exchange_request_t),
4498 : dhe_key_size, final_key, &final_key_size);
4499 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4500 1 : ptr += dhe_key_size;
4501 : /* libspdm_zero_mem (ptr, hash_size);
4502 : * ptr += hash_size;*/
4503 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4504 1 : ptr += sizeof(uint16_t);
4505 1 : libspdm_build_opaque_data_version_selection_data(
4506 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4507 : &opaque_key_exchange_rsp_size, ptr);
4508 1 : ptr += opaque_key_exchange_rsp_size;
4509 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4510 : m_libspdm_use_asym_algo, &data,
4511 : &data_size, NULL, NULL)) {
4512 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4513 : }
4514 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4515 : sizeof(m_libspdm_local_buffer)
4516 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4517 : m_libspdm_local_buffer),
4518 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4519 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4520 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4521 : m_libspdm_local_buffer_size));
4522 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4523 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4524 1 : cert_buffer = (uint8_t *)data;
4525 1 : cert_buffer_size = data_size;
4526 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4527 : /* transcript.message_a size is 0*/
4528 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4529 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4530 : m_libspdm_local_buffer_size);
4531 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4532 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4533 1 : free(data);
4534 1 : libspdm_responder_data_sign(
4535 : spdm_context,
4536 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4537 : 0, SPDM_KEY_EXCHANGE_RSP,
4538 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4539 1 : false, libspdm_get_managed_buffer(&th_curr),
4540 : libspdm_get_managed_buffer_size(&th_curr), ptr,
4541 : &signature_size);
4542 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4543 : sizeof(m_libspdm_local_buffer)
4544 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4545 : m_libspdm_local_buffer),
4546 : ptr, signature_size);
4547 1 : m_libspdm_local_buffer_size += signature_size;
4548 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4549 1 : ptr += signature_size;
4550 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4551 : libspdm_get_managed_buffer_size(&th_curr),
4552 : th_curr_hash_data);
4553 1 : bin_str0_size = sizeof(bin_str0);
4554 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4555 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4556 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
4557 : &bin_str0_size);
4558 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4559 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4560 1 : bin_str2_size = sizeof(bin_str2);
4561 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4562 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4563 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4564 : bin_str2, &bin_str2_size);
4565 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4566 : bin_str2, bin_str2_size,
4567 : response_handshake_secret, hash_size);
4568 1 : bin_str7_size = sizeof(bin_str7);
4569 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4570 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4571 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4572 : &bin_str7_size);
4573 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4574 : hash_size, bin_str7, bin_str7_size,
4575 : response_finished_key, hash_size);
4576 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4577 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4578 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4579 : response_finished_key, hash_size, ptr);
4580 1 : ptr += hmac_size;
4581 :
4582 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4583 : false, spdm_response_size,
4584 : spdm_response, response_size,
4585 : response);
4586 : }
4587 1 : return LIBSPDM_STATUS_SUCCESS;
4588 :
4589 1 : case 0x20: {
4590 : spdm_key_exchange_response_t *spdm_response;
4591 : size_t dhe_key_size;
4592 : uint32_t hash_size;
4593 : size_t signature_size;
4594 : uint32_t hmac_size;
4595 : uint8_t *ptr;
4596 : void *dhe_context;
4597 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4598 : size_t final_key_size;
4599 : size_t opaque_key_exchange_rsp_size;
4600 : void *data;
4601 : size_t data_size;
4602 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4603 : uint8_t *cert_buffer;
4604 : size_t cert_buffer_size;
4605 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4606 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4607 : uint8_t bin_str0[128];
4608 : size_t bin_str0_size;
4609 : uint8_t bin_str2[128];
4610 : size_t bin_str2_size;
4611 : uint8_t bin_str7[128];
4612 : size_t bin_str7_size;
4613 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4614 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4615 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4616 : size_t spdm_response_size;
4617 : size_t transport_header_size;
4618 :
4619 :
4620 : ((libspdm_context_t *)spdm_context)
4621 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
4622 : ((libspdm_context_t *)spdm_context)
4623 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
4624 : ((libspdm_context_t *)spdm_context)
4625 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
4626 : ((libspdm_context_t *)spdm_context)
4627 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
4628 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4629 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4630 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4631 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4632 1 : opaque_key_exchange_rsp_size =
4633 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
4634 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4635 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4636 1 : opaque_key_exchange_rsp_size + signature_size +
4637 : hmac_size;
4638 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4639 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4640 :
4641 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
4642 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4643 1 : spdm_response->header.param1 = 0;
4644 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4645 1 : spdm_response->mut_auth_requested = 0;
4646 1 : spdm_response->req_slot_id_param = 0;
4647 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4648 1 : ptr = (void *)(spdm_response + 1);
4649 1 : dhe_context = libspdm_dhe_new(
4650 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4651 : m_libspdm_use_dhe_algo,
4652 : true);
4653 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4654 1 : final_key_size = sizeof(final_key);
4655 1 : libspdm_dhe_compute_key(
4656 : m_libspdm_use_dhe_algo, dhe_context,
4657 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4658 : sizeof(spdm_key_exchange_request_t),
4659 : dhe_key_size, final_key, &final_key_size);
4660 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4661 1 : ptr += dhe_key_size;
4662 : /* libspdm_zero_mem (ptr, hash_size);
4663 : * ptr += hash_size;*/
4664 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4665 1 : ptr += sizeof(uint16_t);
4666 1 : libspdm_build_opaque_data_version_selection_data(
4667 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4668 : &opaque_key_exchange_rsp_size, ptr);
4669 1 : ptr += opaque_key_exchange_rsp_size;
4670 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
4671 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4672 : }
4673 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4674 : sizeof(m_libspdm_local_buffer)
4675 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4676 : m_libspdm_local_buffer),
4677 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4678 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4679 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4680 : m_libspdm_local_buffer_size));
4681 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4682 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4683 1 : cert_buffer = (uint8_t *)data;
4684 1 : cert_buffer_size = data_size;
4685 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4686 : /* transcript.message_a size is 0*/
4687 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4688 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4689 : m_libspdm_local_buffer_size);
4690 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4691 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4692 1 : free(data);
4693 1 : libspdm_responder_data_sign(
4694 : spdm_context,
4695 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4696 : 0, SPDM_KEY_EXCHANGE_RSP,
4697 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4698 1 : false, libspdm_get_managed_buffer(&th_curr),
4699 : libspdm_get_managed_buffer_size(&th_curr), ptr,
4700 : &signature_size);
4701 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4702 : sizeof(m_libspdm_local_buffer)
4703 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4704 : m_libspdm_local_buffer),
4705 : ptr, signature_size);
4706 1 : m_libspdm_local_buffer_size += signature_size;
4707 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4708 1 : ptr += signature_size;
4709 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4710 : libspdm_get_managed_buffer_size(&th_curr),
4711 : th_curr_hash_data);
4712 1 : bin_str0_size = sizeof(bin_str0);
4713 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4714 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4715 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
4716 : &bin_str0_size);
4717 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4718 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4719 1 : bin_str2_size = sizeof(bin_str2);
4720 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4721 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4722 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4723 : bin_str2, &bin_str2_size);
4724 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4725 : bin_str2, bin_str2_size,
4726 : response_handshake_secret, hash_size);
4727 1 : bin_str7_size = sizeof(bin_str7);
4728 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4729 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4730 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4731 : &bin_str7_size);
4732 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4733 : hash_size, bin_str7, bin_str7_size,
4734 : response_finished_key, hash_size);
4735 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4736 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4737 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4738 : response_finished_key, hash_size, ptr);
4739 1 : ptr += hmac_size;
4740 :
4741 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4742 : false, spdm_response_size,
4743 : spdm_response, response_size,
4744 : response);
4745 : }
4746 1 : return LIBSPDM_STATUS_SUCCESS;
4747 1 : case 0x21: {
4748 : spdm_key_exchange_response_t *spdm_response;
4749 : size_t dhe_key_size;
4750 : uint32_t hash_size;
4751 : size_t signature_size;
4752 : uint32_t hmac_size;
4753 : uint8_t *ptr;
4754 : void *dhe_context;
4755 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4756 : size_t final_key_size;
4757 : size_t opaque_key_exchange_rsp_size;
4758 : void *data;
4759 : size_t data_size;
4760 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4761 : uint8_t *cert_buffer;
4762 : size_t cert_buffer_size;
4763 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4764 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4765 : uint8_t bin_str0[128];
4766 : size_t bin_str0_size;
4767 : uint8_t bin_str2[128];
4768 : size_t bin_str2_size;
4769 : uint8_t bin_str7[128];
4770 : size_t bin_str7_size;
4771 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4772 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4773 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4774 : size_t spdm_response_size;
4775 : size_t transport_header_size;
4776 :
4777 :
4778 : ((libspdm_context_t *)spdm_context)
4779 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
4780 : ((libspdm_context_t *)spdm_context)
4781 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
4782 : ((libspdm_context_t *)spdm_context)
4783 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
4784 : ((libspdm_context_t *)spdm_context)
4785 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
4786 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4787 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4788 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4789 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4790 1 : opaque_key_exchange_rsp_size =
4791 1 : libspdm_get_opaque_data_version_selection_data_size( spdm_context);
4792 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4793 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4794 1 : opaque_key_exchange_rsp_size + signature_size +
4795 : hmac_size;
4796 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4797 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4798 :
4799 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
4800 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4801 1 : spdm_response->header.param1 = 0;
4802 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4803 1 : spdm_response->mut_auth_requested = 0;
4804 1 : spdm_response->req_slot_id_param = 0;
4805 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4806 1 : ptr = (void *)(spdm_response + 1);
4807 1 : dhe_context = libspdm_dhe_new(
4808 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4809 : m_libspdm_use_dhe_algo,
4810 : true);
4811 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4812 1 : final_key_size = sizeof(final_key);
4813 1 : libspdm_dhe_compute_key(
4814 : m_libspdm_use_dhe_algo, dhe_context,
4815 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4816 : sizeof(spdm_key_exchange_request_t),
4817 : dhe_key_size, final_key, &final_key_size);
4818 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4819 1 : ptr += dhe_key_size;
4820 : /* libspdm_zero_mem (ptr, hash_size);
4821 : * ptr += hash_size;*/
4822 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4823 1 : ptr += sizeof(uint16_t);
4824 1 : libspdm_build_opaque_data_version_selection_data(
4825 : spdm_context, SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4826 : &opaque_key_exchange_rsp_size, ptr);
4827 1 : ptr += opaque_key_exchange_rsp_size;
4828 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4829 : m_libspdm_use_asym_algo, &data,
4830 : &data_size, NULL, NULL)) {
4831 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4832 : }
4833 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4834 : sizeof(m_libspdm_local_buffer)
4835 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4836 : m_libspdm_local_buffer),
4837 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4838 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4839 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4840 : m_libspdm_local_buffer_size));
4841 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
4842 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
4843 1 : cert_buffer = (uint8_t *)data;
4844 1 : cert_buffer_size = data_size;
4845 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
4846 : /* transcript.message_a size is 0*/
4847 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
4848 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
4849 : m_libspdm_local_buffer_size);
4850 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4851 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4852 1 : free(data);
4853 1 : libspdm_responder_data_sign(
4854 : spdm_context,
4855 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4856 : 0, SPDM_KEY_EXCHANGE_RSP,
4857 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
4858 1 : false, libspdm_get_managed_buffer(&th_curr),
4859 : libspdm_get_managed_buffer_size(&th_curr), ptr,
4860 : &signature_size);
4861 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4862 : sizeof(m_libspdm_local_buffer)
4863 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4864 : m_libspdm_local_buffer),
4865 : ptr, signature_size);
4866 1 : m_libspdm_local_buffer_size += signature_size;
4867 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
4868 1 : ptr += signature_size;
4869 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4870 : libspdm_get_managed_buffer_size(&th_curr),
4871 : th_curr_hash_data);
4872 1 : bin_str0_size = sizeof(bin_str0);
4873 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4874 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
4875 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
4876 : &bin_str0_size);
4877 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
4878 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
4879 1 : bin_str2_size = sizeof(bin_str2);
4880 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4881 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
4882 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
4883 : bin_str2, &bin_str2_size);
4884 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
4885 : bin_str2, bin_str2_size,
4886 : response_handshake_secret, hash_size);
4887 1 : bin_str7_size = sizeof(bin_str7);
4888 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
4889 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
4890 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
4891 : &bin_str7_size);
4892 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
4893 : hash_size, bin_str7, bin_str7_size,
4894 : response_finished_key, hash_size);
4895 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
4896 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
4897 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
4898 : response_finished_key, hash_size, ptr);
4899 1 : ptr += hmac_size;
4900 :
4901 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
4902 : false, spdm_response_size,
4903 : spdm_response, response_size,
4904 : response);
4905 : }
4906 1 : return LIBSPDM_STATUS_SUCCESS;
4907 1 : case 0x22: {
4908 : spdm_key_exchange_response_t *spdm_response;
4909 : size_t dhe_key_size;
4910 : uint32_t hash_size;
4911 : size_t signature_size;
4912 : uint32_t hmac_size;
4913 : uint8_t *ptr;
4914 : void *dhe_context;
4915 : uint8_t final_key[LIBSPDM_MAX_DHE_SS_SIZE];
4916 : size_t final_key_size;
4917 : size_t opaque_key_exchange_rsp_size;
4918 : void *data;
4919 : size_t data_size;
4920 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
4921 : uint8_t *cert_buffer;
4922 : size_t cert_buffer_size;
4923 : uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
4924 : uint8_t th_curr_hash_data[LIBSPDM_MAX_HASH_SIZE];
4925 : uint8_t bin_str0[128];
4926 : size_t bin_str0_size;
4927 : uint8_t bin_str2[128];
4928 : size_t bin_str2_size;
4929 : uint8_t bin_str7[128];
4930 : size_t bin_str7_size;
4931 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4932 : uint8_t response_handshake_secret[LIBSPDM_MAX_HASH_SIZE];
4933 : uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE];
4934 : size_t spdm_response_size;
4935 : size_t transport_header_size;
4936 :
4937 : ((libspdm_context_t *)spdm_context)
4938 1 : ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
4939 : ((libspdm_context_t *)spdm_context)
4940 1 : ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
4941 : ((libspdm_context_t *)spdm_context)
4942 1 : ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
4943 : ((libspdm_context_t *)spdm_context)
4944 1 : ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo;
4945 1 : signature_size = libspdm_get_asym_signature_size(m_libspdm_use_asym_algo);
4946 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4947 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
4948 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
4949 1 : opaque_key_exchange_rsp_size =
4950 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
4951 1 : spdm_response_size = sizeof(spdm_key_exchange_response_t) +
4952 1 : dhe_key_size + 0 + sizeof(uint16_t) +
4953 1 : opaque_key_exchange_rsp_size + signature_size +
4954 : hmac_size;
4955 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
4956 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
4957 :
4958 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
4959 1 : spdm_response->header.request_response_code = SPDM_KEY_EXCHANGE_RSP;
4960 1 : spdm_response->header.param1 = 0;
4961 1 : spdm_response->rsp_session_id = libspdm_allocate_rsp_session_id(spdm_context, false);
4962 1 : spdm_response->mut_auth_requested = 0;
4963 1 : spdm_response->req_slot_id_param = 0;
4964 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, spdm_response->random_data);
4965 1 : ptr = (void *)(spdm_response + 1);
4966 1 : dhe_context = libspdm_dhe_new(
4967 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
4968 : m_libspdm_use_dhe_algo, true);
4969 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
4970 1 : final_key_size = sizeof(final_key);
4971 1 : libspdm_dhe_compute_key(
4972 : m_libspdm_use_dhe_algo, dhe_context,
4973 1 : (uint8_t *)&m_libspdm_local_buffer[0] +
4974 : sizeof(spdm_key_exchange_request_t),
4975 : dhe_key_size, final_key, &final_key_size);
4976 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
4977 1 : ptr += dhe_key_size;
4978 : /* libspdm_zero_mem (ptr, hash_size);
4979 : * ptr += hash_size;*/
4980 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_rsp_size);
4981 1 : ptr += sizeof(uint16_t);
4982 1 : libspdm_build_opaque_data_version_selection_data(
4983 : spdm_context, SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT,
4984 : &opaque_key_exchange_rsp_size, ptr);
4985 1 : ptr += opaque_key_exchange_rsp_size;
4986 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
4987 : m_libspdm_use_asym_algo, &data,
4988 : &data_size, NULL, NULL)) {
4989 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
4990 : }
4991 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
4992 : sizeof(m_libspdm_local_buffer)
4993 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
4994 : m_libspdm_local_buffer),
4995 1 : spdm_response, (size_t)ptr - (size_t)spdm_response);
4996 1 : m_libspdm_local_buffer_size += ((size_t)ptr - (size_t)spdm_response);
4997 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer_size (0x%zx):\n",
4998 : m_libspdm_local_buffer_size));
4999 1 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
5000 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
5001 1 : cert_buffer = (uint8_t *)data;
5002 1 : cert_buffer_size = data_size;
5003 1 : libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
5004 : /* transcript.message_a size is 0*/
5005 1 : libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
5006 1 : libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer,
5007 : m_libspdm_local_buffer_size);
5008 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
5009 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
5010 1 : free(data);
5011 1 : libspdm_responder_data_sign(
5012 : spdm_context,
5013 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
5014 : 0, SPDM_KEY_EXCHANGE_RSP,
5015 : m_libspdm_use_asym_algo, m_libspdm_use_pqc_asym_algo, m_libspdm_use_hash_algo,
5016 1 : false, libspdm_get_managed_buffer(&th_curr),
5017 : libspdm_get_managed_buffer_size(&th_curr), ptr,
5018 : &signature_size);
5019 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
5020 : sizeof(m_libspdm_local_buffer)
5021 1 : - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] -
5022 : m_libspdm_local_buffer),
5023 : ptr, signature_size);
5024 1 : m_libspdm_local_buffer_size += signature_size;
5025 1 : libspdm_append_managed_buffer(&th_curr, ptr, signature_size);
5026 1 : ptr += signature_size;
5027 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
5028 : libspdm_get_managed_buffer_size(&th_curr),
5029 : th_curr_hash_data);
5030 1 : bin_str0_size = sizeof(bin_str0);
5031 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
5032 : SPDM_BIN_STR_0_LABEL, sizeof(SPDM_BIN_STR_0_LABEL) - 1,
5033 1 : NULL, (uint16_t)hash_size, hash_size, bin_str0,
5034 : &bin_str0_size);
5035 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, final_key, final_key_size,
5036 : m_libspdm_zero_filled_buffer, hash_size,handshake_secret);
5037 1 : bin_str2_size = sizeof(bin_str2);
5038 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
5039 : SPDM_BIN_STR_2_LABEL, sizeof(SPDM_BIN_STR_2_LABEL) - 1,
5040 1 : th_curr_hash_data, (uint16_t)hash_size, hash_size,
5041 : bin_str2, &bin_str2_size);
5042 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, handshake_secret, hash_size,
5043 : bin_str2, bin_str2_size,
5044 : response_handshake_secret, hash_size);
5045 1 : bin_str7_size = sizeof(bin_str7);
5046 1 : libspdm_bin_concat(((libspdm_context_t *)spdm_context)->connection_info.version,
5047 : SPDM_BIN_STR_7_LABEL, sizeof(SPDM_BIN_STR_7_LABEL) - 1,
5048 1 : NULL, (uint16_t)hash_size, hash_size, bin_str7,
5049 : &bin_str7_size);
5050 1 : libspdm_hkdf_expand(m_libspdm_use_hash_algo, response_handshake_secret,
5051 : hash_size, bin_str7, bin_str7_size,
5052 : response_finished_key, hash_size);
5053 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
5054 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
5055 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
5056 : response_finished_key, hash_size, ptr);
5057 1 : ptr += hmac_size;
5058 :
5059 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
5060 : false, spdm_response_size,
5061 : spdm_response, response_size,
5062 : response);
5063 : }
5064 1 : return LIBSPDM_STATUS_SUCCESS;
5065 :
5066 0 : default:
5067 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
5068 : }
5069 : }
5070 :
5071 1 : static void req_key_exchange_case1(void **state)
5072 : {
5073 : libspdm_return_t status;
5074 : libspdm_test_context_t *spdm_test_context;
5075 : libspdm_context_t *spdm_context;
5076 : uint32_t session_id;
5077 : uint8_t heartbeat_period;
5078 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5079 : uint8_t slot_id_param;
5080 : void *data;
5081 : size_t data_size;
5082 : void *hash;
5083 : size_t hash_size;
5084 :
5085 1 : spdm_test_context = *state;
5086 1 : spdm_context = spdm_test_context->spdm_context;
5087 1 : spdm_test_context->case_id = 0x1;
5088 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5089 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5090 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5091 1 : spdm_context->connection_info.capability.flags |=
5092 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5093 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5094 1 : spdm_context->local_context.capability.flags |=
5095 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5096 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5097 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5098 : m_libspdm_use_asym_algo, &data,
5099 : &data_size, &hash, &hash_size)) {
5100 0 : assert(false);
5101 : }
5102 1 : libspdm_reset_message_a(spdm_context);
5103 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5104 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5105 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5106 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5107 :
5108 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5109 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5110 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5111 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5112 : data, data_size);
5113 : #else
5114 1 : libspdm_hash_all(
5115 : spdm_context->connection_info.algorithm.base_hash_algo,
5116 : data, data_size,
5117 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5118 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5119 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5120 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5121 : spdm_context->connection_info.algorithm.base_hash_algo,
5122 : spdm_context->connection_info.algorithm.base_asym_algo,
5123 : data, data_size,
5124 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5125 : #endif
5126 :
5127 1 : heartbeat_period = 0;
5128 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5129 1 : status = libspdm_send_receive_key_exchange(
5130 : spdm_context,
5131 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5132 : &session_id, &heartbeat_period, &slot_id_param,
5133 : measurement_hash);
5134 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
5135 1 : free(data);
5136 1 : }
5137 :
5138 1 : static void req_key_exchange_case2(void **state)
5139 : {
5140 : libspdm_return_t status;
5141 : libspdm_test_context_t *spdm_test_context;
5142 : libspdm_context_t *spdm_context;
5143 : uint32_t session_id;
5144 : uint8_t heartbeat_period;
5145 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5146 : uint8_t slot_id_param;
5147 : void *data;
5148 : size_t data_size;
5149 : void *hash;
5150 : size_t hash_size;
5151 :
5152 1 : spdm_test_context = *state;
5153 1 : spdm_context = spdm_test_context->spdm_context;
5154 1 : spdm_test_context->case_id = 0x2;
5155 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5156 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5157 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5158 1 : spdm_context->connection_info.capability.flags |=
5159 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5160 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5161 1 : spdm_context->local_context.capability.flags |=
5162 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5163 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5164 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
5165 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
5166 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
5167 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5168 : m_libspdm_use_asym_algo, &data,
5169 : &data_size, &hash, &hash_size)) {
5170 0 : assert(false);
5171 : }
5172 1 : libspdm_reset_message_a(spdm_context);
5173 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5174 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5175 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5176 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5177 :
5178 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5179 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5180 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5181 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5182 : data, data_size);
5183 : #else
5184 1 : libspdm_hash_all(
5185 : spdm_context->connection_info.algorithm.base_hash_algo,
5186 : data, data_size,
5187 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5188 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5189 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5190 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5191 : spdm_context->connection_info.algorithm.base_hash_algo,
5192 : spdm_context->connection_info.algorithm.base_asym_algo,
5193 : data, data_size,
5194 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5195 : #endif
5196 :
5197 1 : heartbeat_period = 0;
5198 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5199 1 : status = libspdm_send_receive_key_exchange(
5200 : spdm_context,
5201 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5202 : &session_id, &heartbeat_period, &slot_id_param,
5203 : measurement_hash);
5204 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
5205 1 : assert_int_equal(session_id, 0xFFFFFFFF);
5206 1 : assert_int_equal(
5207 : libspdm_secured_message_get_session_state(
5208 : spdm_context->session_info[0].secured_message_context),
5209 : LIBSPDM_SESSION_STATE_HANDSHAKING);
5210 1 : free(data);
5211 1 : }
5212 :
5213 1 : static void req_key_exchange_case3(void **state)
5214 : {
5215 : libspdm_return_t status;
5216 : libspdm_test_context_t *spdm_test_context;
5217 : libspdm_context_t *spdm_context;
5218 : uint32_t session_id;
5219 : uint8_t heartbeat_period;
5220 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5221 : uint8_t slot_id_param;
5222 : void *data;
5223 : size_t data_size;
5224 : void *hash;
5225 : size_t hash_size;
5226 :
5227 1 : spdm_test_context = *state;
5228 1 : spdm_context = spdm_test_context->spdm_context;
5229 1 : spdm_test_context->case_id = 0x3;
5230 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5231 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5232 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
5233 1 : spdm_context->connection_info.capability.flags |=
5234 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5235 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5236 1 : spdm_context->local_context.capability.flags |=
5237 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5238 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5239 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5240 : m_libspdm_use_asym_algo, &data,
5241 : &data_size, &hash, &hash_size)) {
5242 0 : assert(false);
5243 : }
5244 1 : libspdm_reset_message_a(spdm_context);
5245 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5246 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5247 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5248 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5249 :
5250 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5251 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5252 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5253 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5254 : data, data_size);
5255 : #else
5256 1 : libspdm_hash_all(
5257 : spdm_context->connection_info.algorithm.base_hash_algo,
5258 : data, data_size,
5259 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5260 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5261 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5262 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5263 : spdm_context->connection_info.algorithm.base_hash_algo,
5264 : spdm_context->connection_info.algorithm.base_asym_algo,
5265 : data, data_size,
5266 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5267 : #endif
5268 :
5269 1 : heartbeat_period = 0;
5270 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5271 1 : status = libspdm_send_receive_key_exchange(
5272 : spdm_context,
5273 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5274 : &session_id, &heartbeat_period, &slot_id_param,
5275 : measurement_hash);
5276 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
5277 1 : free(data);
5278 1 : }
5279 :
5280 1 : static void req_key_exchange_case4(void **state)
5281 : {
5282 : libspdm_return_t status;
5283 : libspdm_test_context_t *spdm_test_context;
5284 : libspdm_context_t *spdm_context;
5285 : uint32_t session_id;
5286 : uint8_t heartbeat_period;
5287 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5288 : uint8_t slot_id_param;
5289 : void *data;
5290 : size_t data_size;
5291 : void *hash;
5292 : size_t hash_size;
5293 :
5294 1 : spdm_test_context = *state;
5295 1 : spdm_context = spdm_test_context->spdm_context;
5296 1 : spdm_test_context->case_id = 0x4;
5297 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5298 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5299 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5300 1 : spdm_context->connection_info.capability.flags |=
5301 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5302 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5303 1 : spdm_context->local_context.capability.flags |=
5304 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5305 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5306 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5307 : m_libspdm_use_asym_algo, &data,
5308 : &data_size, &hash, &hash_size)) {
5309 0 : assert(false);
5310 : }
5311 1 : libspdm_reset_message_a(spdm_context);
5312 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5313 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5314 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5315 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5316 :
5317 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5318 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5319 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5320 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5321 : data, data_size);
5322 : #else
5323 1 : libspdm_hash_all(
5324 : spdm_context->connection_info.algorithm.base_hash_algo,
5325 : data, data_size,
5326 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5327 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5328 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5329 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5330 : spdm_context->connection_info.algorithm.base_hash_algo,
5331 : spdm_context->connection_info.algorithm.base_asym_algo,
5332 : data, data_size,
5333 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5334 : #endif
5335 :
5336 1 : heartbeat_period = 0;
5337 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5338 1 : status = libspdm_send_receive_key_exchange(
5339 : spdm_context,
5340 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5341 : &session_id, &heartbeat_period, &slot_id_param,
5342 : measurement_hash);
5343 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
5344 1 : free(data);
5345 1 : }
5346 :
5347 1 : static void req_key_exchange_case5(void **state)
5348 : {
5349 : libspdm_return_t status;
5350 : libspdm_test_context_t *spdm_test_context;
5351 : libspdm_context_t *spdm_context;
5352 : uint32_t session_id;
5353 : uint8_t heartbeat_period;
5354 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5355 : uint8_t slot_id_param;
5356 : void *data;
5357 : size_t data_size;
5358 : void *hash;
5359 : size_t hash_size;
5360 :
5361 1 : spdm_test_context = *state;
5362 1 : spdm_context = spdm_test_context->spdm_context;
5363 1 : spdm_test_context->case_id = 0x5;
5364 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5365 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5366 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5367 1 : spdm_context->connection_info.capability.flags |=
5368 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5369 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5370 1 : spdm_context->local_context.capability.flags |=
5371 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5372 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5373 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5374 : m_libspdm_use_asym_algo, &data,
5375 : &data_size, &hash, &hash_size)) {
5376 0 : assert(false);
5377 : }
5378 1 : libspdm_reset_message_a(spdm_context);
5379 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5380 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5381 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5382 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5383 :
5384 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5385 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5386 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5387 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5388 : data, data_size);
5389 : #else
5390 1 : libspdm_hash_all(
5391 : spdm_context->connection_info.algorithm.base_hash_algo,
5392 : data, data_size,
5393 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5394 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5395 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5396 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5397 : spdm_context->connection_info.algorithm.base_hash_algo,
5398 : spdm_context->connection_info.algorithm.base_asym_algo,
5399 : data, data_size,
5400 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5401 : #endif
5402 :
5403 1 : heartbeat_period = 0;
5404 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5405 1 : status = libspdm_send_receive_key_exchange(
5406 : spdm_context,
5407 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5408 : &session_id, &heartbeat_period, &slot_id_param,
5409 : measurement_hash);
5410 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
5411 1 : free(data);
5412 1 : }
5413 :
5414 1 : static void req_key_exchange_case6(void **state)
5415 : {
5416 : libspdm_return_t status;
5417 : libspdm_test_context_t *spdm_test_context;
5418 : libspdm_context_t *spdm_context;
5419 : uint32_t session_id;
5420 : uint8_t heartbeat_period;
5421 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5422 : uint8_t slot_id_param;
5423 : void *data;
5424 : size_t data_size;
5425 : void *hash;
5426 : size_t hash_size;
5427 :
5428 1 : spdm_test_context = *state;
5429 1 : spdm_context = spdm_test_context->spdm_context;
5430 1 : spdm_test_context->case_id = 0x6;
5431 1 : spdm_context->retry_times = 3;
5432 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5433 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5434 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5435 1 : spdm_context->connection_info.capability.flags |=
5436 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5437 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5438 1 : spdm_context->local_context.capability.flags |=
5439 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5440 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5441 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5442 : m_libspdm_use_asym_algo, &data,
5443 : &data_size, &hash, &hash_size)) {
5444 0 : assert(false);
5445 : }
5446 1 : libspdm_reset_message_a(spdm_context);
5447 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5448 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5449 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5450 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5451 :
5452 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5453 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5454 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5455 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5456 : data, data_size);
5457 : #else
5458 1 : libspdm_hash_all(
5459 : spdm_context->connection_info.algorithm.base_hash_algo,
5460 : data, data_size,
5461 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5462 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5463 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5464 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5465 : spdm_context->connection_info.algorithm.base_hash_algo,
5466 : spdm_context->connection_info.algorithm.base_asym_algo,
5467 : data, data_size,
5468 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5469 : #endif
5470 :
5471 1 : heartbeat_period = 0;
5472 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5473 1 : status = libspdm_send_receive_key_exchange(
5474 : spdm_context,
5475 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5476 : &session_id, &heartbeat_period, &slot_id_param,
5477 : measurement_hash);
5478 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
5479 1 : assert_int_equal(session_id, 0xFFFEFFFE);
5480 1 : assert_int_equal(
5481 : libspdm_secured_message_get_session_state(
5482 : spdm_context->session_info[0].secured_message_context),
5483 : LIBSPDM_SESSION_STATE_HANDSHAKING);
5484 1 : free(data);
5485 1 : }
5486 :
5487 1 : static void req_key_exchange_case7(void **state)
5488 : {
5489 : libspdm_return_t status;
5490 : libspdm_test_context_t *spdm_test_context;
5491 : libspdm_context_t *spdm_context;
5492 : uint32_t session_id;
5493 : uint8_t heartbeat_period;
5494 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5495 : uint8_t slot_id_param;
5496 : void *data;
5497 : size_t data_size;
5498 : void *hash;
5499 : size_t hash_size;
5500 :
5501 1 : spdm_test_context = *state;
5502 1 : spdm_context = spdm_test_context->spdm_context;
5503 1 : spdm_test_context->case_id = 0x7;
5504 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5505 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5506 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5507 1 : spdm_context->connection_info.capability.flags |=
5508 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5509 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5510 1 : spdm_context->local_context.capability.flags |=
5511 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5512 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5513 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5514 : m_libspdm_use_asym_algo, &data,
5515 : &data_size, &hash, &hash_size)) {
5516 0 : assert(false);
5517 : }
5518 1 : libspdm_reset_message_a(spdm_context);
5519 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5520 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5521 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5522 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5523 :
5524 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5525 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5526 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5527 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5528 : data, data_size);
5529 : #else
5530 1 : libspdm_hash_all(
5531 : spdm_context->connection_info.algorithm.base_hash_algo,
5532 : data, data_size,
5533 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5534 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5535 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5536 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5537 : spdm_context->connection_info.algorithm.base_hash_algo,
5538 : spdm_context->connection_info.algorithm.base_asym_algo,
5539 : data, data_size,
5540 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5541 : #endif
5542 :
5543 1 : heartbeat_period = 0;
5544 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5545 1 : status = libspdm_send_receive_key_exchange(
5546 : spdm_context,
5547 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5548 : &session_id, &heartbeat_period, &slot_id_param,
5549 : measurement_hash);
5550 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
5551 1 : assert_int_equal(spdm_context->connection_info.connection_state,
5552 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
5553 1 : free(data);
5554 1 : }
5555 :
5556 1 : static void req_key_exchange_case8(void **state)
5557 : {
5558 : libspdm_return_t status;
5559 : libspdm_test_context_t *spdm_test_context;
5560 : libspdm_context_t *spdm_context;
5561 : uint32_t session_id;
5562 : uint8_t heartbeat_period;
5563 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5564 : uint8_t slot_id_param;
5565 : void *data;
5566 : size_t data_size;
5567 : void *hash;
5568 : size_t hash_size;
5569 :
5570 1 : spdm_test_context = *state;
5571 1 : spdm_context = spdm_test_context->spdm_context;
5572 1 : spdm_test_context->case_id = 0x8;
5573 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5574 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5575 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5576 1 : spdm_context->connection_info.capability.flags |=
5577 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5578 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5579 1 : spdm_context->local_context.capability.flags |=
5580 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5581 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5582 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5583 : m_libspdm_use_asym_algo, &data,
5584 : &data_size, &hash, &hash_size)) {
5585 0 : assert(false);
5586 : }
5587 1 : libspdm_reset_message_a(spdm_context);
5588 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5589 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5590 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5591 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5592 :
5593 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5594 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5595 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5596 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5597 : data, data_size);
5598 : #else
5599 1 : libspdm_hash_all(
5600 : spdm_context->connection_info.algorithm.base_hash_algo,
5601 : data, data_size,
5602 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5603 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5604 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5605 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5606 : spdm_context->connection_info.algorithm.base_hash_algo,
5607 : spdm_context->connection_info.algorithm.base_asym_algo,
5608 : data, data_size,
5609 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5610 : #endif
5611 :
5612 1 : heartbeat_period = 0;
5613 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5614 1 : status = libspdm_send_receive_key_exchange(
5615 : spdm_context,
5616 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5617 : &session_id, &heartbeat_period, &slot_id_param,
5618 : measurement_hash);
5619 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
5620 1 : free(data);
5621 1 : }
5622 :
5623 1 : static void req_key_exchange_case9(void **state)
5624 : {
5625 : libspdm_return_t status;
5626 : libspdm_test_context_t *spdm_test_context;
5627 : libspdm_context_t *spdm_context;
5628 : uint32_t session_id;
5629 : uint8_t heartbeat_period;
5630 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5631 : uint8_t slot_id_param;
5632 : void *data;
5633 : size_t data_size;
5634 : void *hash;
5635 : size_t hash_size;
5636 :
5637 1 : spdm_test_context = *state;
5638 1 : spdm_context = spdm_test_context->spdm_context;
5639 1 : spdm_test_context->case_id = 0x9;
5640 1 : spdm_context->retry_times = 3;
5641 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5642 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5643 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5644 1 : spdm_context->connection_info.capability.flags |=
5645 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5646 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5647 1 : spdm_context->local_context.capability.flags |=
5648 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5649 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5650 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5651 : m_libspdm_use_asym_algo, &data,
5652 : &data_size, &hash, &hash_size)) {
5653 0 : assert(false);
5654 : }
5655 1 : libspdm_reset_message_a(spdm_context);
5656 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5657 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5658 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5659 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5660 :
5661 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5662 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5663 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5664 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5665 : data, data_size);
5666 : #else
5667 1 : libspdm_hash_all(
5668 : spdm_context->connection_info.algorithm.base_hash_algo,
5669 : data, data_size,
5670 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5671 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5672 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5673 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5674 : spdm_context->connection_info.algorithm.base_hash_algo,
5675 : spdm_context->connection_info.algorithm.base_asym_algo,
5676 : data, data_size,
5677 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5678 : #endif
5679 :
5680 1 : heartbeat_period = 0;
5681 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5682 1 : status = libspdm_send_receive_key_exchange(
5683 : spdm_context,
5684 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5685 : &session_id, &heartbeat_period, &slot_id_param,
5686 : measurement_hash);
5687 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
5688 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
5689 1 : assert_int_equal(session_id, 0xFFFDFFFD);
5690 1 : assert_int_equal(
5691 : libspdm_secured_message_get_session_state(
5692 : spdm_context->session_info[0].secured_message_context),
5693 : LIBSPDM_SESSION_STATE_HANDSHAKING);
5694 : } else {
5695 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
5696 : }
5697 1 : free(data);
5698 1 : }
5699 :
5700 1 : static void req_key_exchange_case10(void **state) {
5701 : libspdm_return_t status;
5702 : libspdm_test_context_t *spdm_test_context;
5703 : libspdm_context_t *spdm_context;
5704 : uint32_t session_id;
5705 : uint8_t heartbeat_period;
5706 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5707 : uint8_t slot_id_param;
5708 : void *data;
5709 : size_t data_size;
5710 : void *hash;
5711 : size_t hash_size;
5712 : uint16_t error_code;
5713 :
5714 1 : spdm_test_context = *state;
5715 1 : spdm_context = spdm_test_context->spdm_context;
5716 1 : spdm_test_context->case_id = 0xA;
5717 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5718 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5719 1 : spdm_context->connection_info.capability.flags |=
5720 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
5721 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
5722 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
5723 : m_libspdm_use_asym_algo,
5724 : &data, &data_size,
5725 : &hash, &hash_size);
5726 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5727 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5728 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5729 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5730 :
5731 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5732 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5733 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5734 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5735 : data, data_size);
5736 : #else
5737 1 : libspdm_hash_all(
5738 : spdm_context->connection_info.algorithm.base_hash_algo,
5739 : data, data_size,
5740 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5741 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5742 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5743 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5744 : spdm_context->connection_info.algorithm.base_hash_algo,
5745 : spdm_context->connection_info.algorithm.base_asym_algo,
5746 : data, data_size,
5747 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5748 : #endif
5749 :
5750 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
5751 19 : while(error_code <= 0xff) {
5752 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5753 18 : libspdm_reset_message_a(spdm_context);
5754 :
5755 18 : heartbeat_period = 0;
5756 18 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5757 18 : status = libspdm_send_receive_key_exchange (spdm_context,
5758 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH,
5759 : 0, 0, &session_id, &heartbeat_period,
5760 : &slot_id_param, measurement_hash);
5761 18 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
5762 :
5763 18 : error_code++;
5764 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
5765 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
5766 : }
5767 : /* skip some reserved error codes (0d to 3e) */
5768 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
5769 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
5770 : }
5771 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
5772 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
5773 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
5774 : }
5775 : }
5776 :
5777 1 : free(data);
5778 1 : }
5779 :
5780 1 : static void req_key_exchange_case11(void **state)
5781 : {
5782 : libspdm_return_t status;
5783 : libspdm_test_context_t *spdm_test_context;
5784 : libspdm_context_t *spdm_context;
5785 : uint32_t session_id;
5786 : uint8_t heartbeat_period;
5787 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5788 : uint8_t slot_id_param;
5789 : void *data;
5790 : size_t data_size;
5791 : void *hash;
5792 : size_t hash_size;
5793 :
5794 1 : spdm_test_context = *state;
5795 1 : spdm_context = spdm_test_context->spdm_context;
5796 1 : spdm_test_context->case_id = 0xB;
5797 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5798 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5799 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5800 1 : spdm_context->connection_info.capability.flags |=
5801 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
5802 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
5803 1 : spdm_context->local_context.capability.flags |=
5804 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
5805 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
5806 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5807 : m_libspdm_use_asym_algo, &data,
5808 : &data_size, &hash, &hash_size)) {
5809 0 : assert(false);
5810 : }
5811 1 : libspdm_reset_message_a(spdm_context);
5812 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5813 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5814 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5815 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5816 :
5817 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5818 : spdm_context->transcript.message_m.buffer_size =
5819 : spdm_context->transcript.message_m.max_buffer_size;
5820 : spdm_context->transcript.message_b.buffer_size =
5821 : spdm_context->transcript.message_b.max_buffer_size;
5822 : spdm_context->transcript.message_c.buffer_size =
5823 : spdm_context->transcript.message_c.max_buffer_size;
5824 : spdm_context->transcript.message_mut_b.buffer_size =
5825 : spdm_context->transcript.message_mut_b.max_buffer_size;
5826 : spdm_context->transcript.message_mut_c.buffer_size =
5827 : spdm_context->transcript.message_mut_c.max_buffer_size;
5828 : #endif
5829 :
5830 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5831 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5832 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5833 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5834 : data, data_size);
5835 : #else
5836 1 : libspdm_hash_all(
5837 : spdm_context->connection_info.algorithm.base_hash_algo,
5838 : data, data_size,
5839 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5840 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5841 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5842 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5843 : spdm_context->connection_info.algorithm.base_hash_algo,
5844 : spdm_context->connection_info.algorithm.base_asym_algo,
5845 : data, data_size,
5846 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5847 : #endif
5848 :
5849 1 : heartbeat_period = 0;
5850 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5851 1 : status = libspdm_send_receive_key_exchange(
5852 : spdm_context,
5853 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
5854 : &session_id, &heartbeat_period, &slot_id_param,
5855 : measurement_hash);
5856 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
5857 1 : assert_int_equal(
5858 : libspdm_secured_message_get_session_state(
5859 : spdm_context->session_info[0].secured_message_context),
5860 : LIBSPDM_SESSION_STATE_HANDSHAKING);
5861 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5862 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
5863 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
5864 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
5865 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
5866 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
5867 : #endif
5868 1 : free(data);
5869 1 : }
5870 :
5871 1 : static void req_key_exchange_case12(void **state)
5872 : {
5873 : libspdm_return_t status;
5874 : libspdm_test_context_t *spdm_test_context;
5875 : libspdm_context_t *spdm_context;
5876 : uint32_t session_id;
5877 : uint8_t heartbeat_period;
5878 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5879 : uint8_t slot_id_param;
5880 : void *data;
5881 : size_t data_size;
5882 : void *hash;
5883 : size_t hash_size;
5884 :
5885 1 : spdm_test_context = *state;
5886 1 : spdm_context = spdm_test_context->spdm_context;
5887 :
5888 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
5889 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
5890 : }
5891 :
5892 1 : spdm_test_context->case_id = 0xC;
5893 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5894 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5895 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5896 1 : spdm_context->connection_info.capability.flags |=
5897 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
5898 1 : spdm_context->connection_info.capability.flags |=
5899 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
5900 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
5901 :
5902 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5903 : m_libspdm_use_asym_algo, &data,
5904 : &data_size, &hash, &hash_size)) {
5905 0 : assert(false);
5906 : }
5907 1 : libspdm_reset_message_a(spdm_context);
5908 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5909 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5910 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5911 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5912 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
5913 : m_libspdm_use_measurement_hash_algo;
5914 :
5915 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5916 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
5917 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
5918 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
5919 : data, data_size);
5920 : #else
5921 1 : libspdm_hash_all(
5922 : spdm_context->connection_info.algorithm.base_hash_algo,
5923 : data, data_size,
5924 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
5925 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
5926 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
5927 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
5928 : spdm_context->connection_info.algorithm.base_hash_algo,
5929 : spdm_context->connection_info.algorithm.base_asym_algo,
5930 : data, data_size,
5931 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
5932 : #endif
5933 :
5934 1 : heartbeat_period = 0;
5935 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
5936 1 : status = libspdm_send_receive_key_exchange(
5937 : spdm_context,
5938 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0, 0,
5939 : &session_id, &heartbeat_period, &slot_id_param,
5940 : measurement_hash);
5941 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
5942 1 : assert_int_equal(session_id, 0xFFFFFFFF);
5943 1 : assert_memory_equal(
5944 : measurement_hash,
5945 : m_libspdm_use_tcb_hash_value,
5946 : libspdm_get_hash_size(m_libspdm_use_hash_algo));
5947 1 : assert_int_equal(
5948 : libspdm_secured_message_get_session_state(
5949 : spdm_context->session_info[0].secured_message_context),
5950 : LIBSPDM_SESSION_STATE_HANDSHAKING);
5951 1 : free(data);
5952 1 : }
5953 :
5954 1 : static void req_key_exchange_case13(void **state)
5955 : {
5956 : libspdm_return_t status;
5957 : libspdm_test_context_t *spdm_test_context;
5958 : libspdm_context_t *spdm_context;
5959 : uint32_t session_id;
5960 : uint8_t heartbeat_period;
5961 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
5962 : uint8_t slot_id_param;
5963 : void *data;
5964 : size_t data_size;
5965 : void *hash;
5966 : size_t hash_size;
5967 :
5968 1 : spdm_test_context = *state;
5969 1 : spdm_context = spdm_test_context->spdm_context;
5970 :
5971 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
5972 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
5973 : }
5974 :
5975 1 : spdm_test_context->case_id = 0xD;
5976 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
5977 : SPDM_VERSION_NUMBER_SHIFT_BIT;
5978 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
5979 1 : spdm_context->connection_info.capability.flags |=
5980 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
5981 1 : spdm_context->connection_info.capability.flags |=
5982 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
5983 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
5984 :
5985 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
5986 : m_libspdm_use_asym_algo, &data,
5987 : &data_size, &hash, &hash_size)) {
5988 0 : assert(false);
5989 : }
5990 1 : libspdm_reset_message_a(spdm_context);
5991 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
5992 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
5993 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
5994 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
5995 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
5996 : m_libspdm_use_measurement_hash_algo;
5997 :
5998 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
5999 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6000 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6001 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6002 : data, data_size);
6003 : #else
6004 1 : libspdm_hash_all(
6005 : spdm_context->connection_info.algorithm.base_hash_algo,
6006 : data, data_size,
6007 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6008 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6009 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6010 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6011 : spdm_context->connection_info.algorithm.base_hash_algo,
6012 : spdm_context->connection_info.algorithm.base_asym_algo,
6013 : data, data_size,
6014 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6015 : #endif
6016 :
6017 1 : heartbeat_period = 0;
6018 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6019 1 : status = libspdm_send_receive_key_exchange(
6020 : spdm_context,
6021 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0, 0,
6022 : &session_id, &heartbeat_period, &slot_id_param,
6023 : measurement_hash);
6024 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6025 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6026 1 : assert_memory_equal(
6027 : measurement_hash,
6028 : m_libspdm_zero_filled_buffer,
6029 : libspdm_get_hash_size(m_libspdm_use_hash_algo));
6030 1 : assert_int_equal(
6031 : libspdm_secured_message_get_session_state(
6032 : spdm_context->session_info[0].secured_message_context),
6033 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6034 1 : free(data);
6035 1 : }
6036 :
6037 1 : static void req_key_exchange_case14(void **state)
6038 : {
6039 : libspdm_return_t status;
6040 : libspdm_test_context_t *spdm_test_context;
6041 : libspdm_context_t *spdm_context;
6042 : uint32_t session_id;
6043 : uint8_t heartbeat_period;
6044 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6045 : uint8_t slot_id_param;
6046 : void *data;
6047 : size_t data_size;
6048 : void *hash;
6049 : size_t hash_size;
6050 :
6051 1 : spdm_test_context = *state;
6052 1 : spdm_context = spdm_test_context->spdm_context;
6053 :
6054 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6055 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6056 : }
6057 :
6058 1 : spdm_test_context->case_id = 0xE;
6059 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6060 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6061 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6062 1 : spdm_context->connection_info.capability.flags |=
6063 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6064 1 : spdm_context->connection_info.capability.flags |=
6065 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6066 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6067 :
6068 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6069 : m_libspdm_use_asym_algo, &data,
6070 : &data_size, &hash, &hash_size)) {
6071 0 : assert(false);
6072 : }
6073 1 : libspdm_reset_message_a(spdm_context);
6074 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6075 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6076 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6077 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6078 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6079 : m_libspdm_use_measurement_hash_algo;
6080 :
6081 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6082 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6083 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6084 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6085 : data, data_size);
6086 : #else
6087 1 : libspdm_hash_all(
6088 : spdm_context->connection_info.algorithm.base_hash_algo,
6089 : data, data_size,
6090 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6091 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6092 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6093 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6094 : spdm_context->connection_info.algorithm.base_hash_algo,
6095 : spdm_context->connection_info.algorithm.base_asym_algo,
6096 : data, data_size,
6097 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6098 : #endif
6099 :
6100 1 : heartbeat_period = 0;
6101 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6102 1 : status = libspdm_send_receive_key_exchange(
6103 : spdm_context,
6104 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0, 0,
6105 : &session_id, &heartbeat_period, &slot_id_param,
6106 : measurement_hash);
6107 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6108 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6109 1 : assert_memory_equal(
6110 : measurement_hash,
6111 : m_libspdm_use_tcb_hash_value,
6112 : libspdm_get_hash_size(m_libspdm_use_hash_algo));
6113 1 : assert_int_equal(
6114 : libspdm_secured_message_get_session_state(
6115 : spdm_context->session_info[0].secured_message_context),
6116 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6117 1 : free(data);
6118 1 : }
6119 :
6120 1 : static void req_key_exchange_case15(void **state)
6121 : {
6122 : libspdm_return_t status;
6123 : libspdm_test_context_t *spdm_test_context;
6124 : libspdm_context_t *spdm_context;
6125 : uint32_t session_id;
6126 : uint8_t heartbeat_period;
6127 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6128 : uint8_t slot_id_param;
6129 : void *data;
6130 : size_t data_size;
6131 : void *hash;
6132 : size_t hash_size;
6133 :
6134 1 : spdm_test_context = *state;
6135 1 : spdm_context = spdm_test_context->spdm_context;
6136 :
6137 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6138 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6139 : }
6140 :
6141 1 : spdm_test_context->case_id = 0xF;
6142 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6143 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6144 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6145 1 : spdm_context->connection_info.capability.flags |=
6146 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6147 1 : spdm_context->connection_info.capability.flags |=
6148 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6149 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6150 :
6151 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6152 : m_libspdm_use_asym_algo, &data,
6153 : &data_size, &hash, &hash_size)) {
6154 0 : assert(false);
6155 : }
6156 1 : libspdm_reset_message_a(spdm_context);
6157 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6158 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6159 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6160 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6161 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6162 : m_libspdm_use_measurement_hash_algo;
6163 :
6164 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6165 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6166 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6167 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6168 : data, data_size);
6169 : #else
6170 1 : libspdm_hash_all(
6171 : spdm_context->connection_info.algorithm.base_hash_algo,
6172 : data, data_size,
6173 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6174 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6175 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6176 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6177 : spdm_context->connection_info.algorithm.base_hash_algo,
6178 : spdm_context->connection_info.algorithm.base_asym_algo,
6179 : data, data_size,
6180 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6181 : #endif
6182 :
6183 1 : heartbeat_period = 0;
6184 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6185 1 : status = libspdm_send_receive_key_exchange(
6186 : spdm_context,
6187 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0, 0,
6188 : &session_id, &heartbeat_period, &slot_id_param,
6189 : measurement_hash);
6190 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
6191 1 : free(data);
6192 1 : }
6193 :
6194 1 : static void req_key_exchange_case16(void **state)
6195 : {
6196 : libspdm_return_t status;
6197 : libspdm_test_context_t *spdm_test_context;
6198 : libspdm_context_t *spdm_context;
6199 : uint32_t session_id;
6200 : uint8_t heartbeat_period;
6201 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6202 : uint8_t slot_id_param;
6203 : void *data;
6204 : size_t data_size;
6205 : void *hash;
6206 : size_t hash_size;
6207 :
6208 1 : spdm_test_context = *state;
6209 1 : spdm_context = spdm_test_context->spdm_context;
6210 :
6211 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6212 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6213 : }
6214 :
6215 1 : spdm_test_context->case_id = 0x10;
6216 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6217 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6218 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6219 1 : spdm_context->connection_info.capability.flags |=
6220 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6221 1 : spdm_context->connection_info.capability.flags |=
6222 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6223 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6224 :
6225 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6226 : m_libspdm_use_asym_algo, &data,
6227 : &data_size, &hash, &hash_size)) {
6228 0 : assert(false);
6229 : }
6230 1 : libspdm_reset_message_a(spdm_context);
6231 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6232 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6233 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6234 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6235 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6236 : m_libspdm_use_measurement_hash_algo;
6237 :
6238 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6239 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6240 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6241 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6242 : data, data_size);
6243 : #else
6244 1 : libspdm_hash_all(
6245 : spdm_context->connection_info.algorithm.base_hash_algo,
6246 : data, data_size,
6247 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6248 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6249 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6250 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6251 : spdm_context->connection_info.algorithm.base_hash_algo,
6252 : spdm_context->connection_info.algorithm.base_asym_algo,
6253 : data, data_size,
6254 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6255 : #endif
6256 :
6257 1 : heartbeat_period = 0;
6258 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6259 1 : status = libspdm_send_receive_key_exchange(
6260 : spdm_context,
6261 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0, 0,
6262 : &session_id, &heartbeat_period, &slot_id_param,
6263 : measurement_hash);
6264 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
6265 1 : free(data);
6266 1 : }
6267 :
6268 1 : static void req_key_exchange_case17(void **state)
6269 : {
6270 : libspdm_return_t status;
6271 : libspdm_test_context_t *spdm_test_context;
6272 : libspdm_context_t *spdm_context;
6273 : uint32_t session_id;
6274 : uint8_t heartbeat_period;
6275 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6276 : uint8_t slot_id_param;
6277 : void *data;
6278 : size_t data_size;
6279 : void *hash;
6280 : size_t hash_size;
6281 :
6282 1 : spdm_test_context = *state;
6283 1 : spdm_context = spdm_test_context->spdm_context;
6284 :
6285 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6286 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6287 : }
6288 :
6289 1 : spdm_test_context->case_id = 0x11;
6290 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6291 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6292 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6293 1 : spdm_context->connection_info.capability.flags |=
6294 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6295 1 : spdm_context->connection_info.capability.flags |=
6296 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6297 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6298 :
6299 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6300 : m_libspdm_use_asym_algo, &data,
6301 : &data_size, &hash, &hash_size)) {
6302 0 : assert(false);
6303 : }
6304 1 : libspdm_reset_message_a(spdm_context);
6305 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6306 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6307 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6308 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6309 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6310 : m_libspdm_use_measurement_hash_algo;
6311 :
6312 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6313 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6314 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6315 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6316 : data, data_size);
6317 : #else
6318 1 : libspdm_hash_all(
6319 : spdm_context->connection_info.algorithm.base_hash_algo,
6320 : data, data_size,
6321 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6322 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6323 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6324 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6325 : spdm_context->connection_info.algorithm.base_hash_algo,
6326 : spdm_context->connection_info.algorithm.base_asym_algo,
6327 : data, data_size,
6328 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6329 : #endif
6330 :
6331 1 : heartbeat_period = 0;
6332 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6333 1 : status = libspdm_send_receive_key_exchange(
6334 : spdm_context,
6335 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6336 : &session_id, &heartbeat_period, &slot_id_param,
6337 : measurement_hash);
6338 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE);
6339 1 : free(data);
6340 1 : }
6341 :
6342 1 : static void req_key_exchange_case18(void **state)
6343 : {
6344 : libspdm_return_t status;
6345 : libspdm_test_context_t *spdm_test_context;
6346 : libspdm_context_t *spdm_context;
6347 : uint32_t session_id;
6348 : uint8_t heartbeat_period;
6349 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6350 : uint8_t slot_id_param;
6351 : void *data;
6352 : size_t data_size;
6353 : void *hash;
6354 : size_t hash_size;
6355 :
6356 1 : spdm_test_context = *state;
6357 1 : spdm_context = spdm_test_context->spdm_context;
6358 :
6359 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6360 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6361 : }
6362 :
6363 1 : spdm_test_context->case_id = 0x12;
6364 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6365 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6366 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6367 1 : spdm_context->connection_info.capability.flags |=
6368 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6369 1 : spdm_context->connection_info.capability.flags |=
6370 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6371 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6372 :
6373 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6374 : m_libspdm_use_asym_algo, &data,
6375 : &data_size, &hash, &hash_size)) {
6376 0 : assert(false);
6377 : }
6378 1 : libspdm_reset_message_a(spdm_context);
6379 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6380 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6381 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6382 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6383 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6384 : m_libspdm_use_measurement_hash_algo;
6385 :
6386 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6387 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6388 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6389 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6390 : data, data_size);
6391 : #else
6392 1 : libspdm_hash_all(
6393 : spdm_context->connection_info.algorithm.base_hash_algo,
6394 : data, data_size,
6395 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6396 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6397 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6398 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6399 : spdm_context->connection_info.algorithm.base_hash_algo,
6400 : spdm_context->connection_info.algorithm.base_asym_algo,
6401 : data, data_size,
6402 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6403 : #endif
6404 :
6405 1 : heartbeat_period = 0;
6406 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6407 1 : status = libspdm_send_receive_key_exchange(
6408 : spdm_context,
6409 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6410 : &session_id, &heartbeat_period, &slot_id_param,
6411 : measurement_hash);
6412 1 : assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL);
6413 1 : free(data);
6414 1 : }
6415 :
6416 1 : static void req_key_exchange_case19(void **state)
6417 : {
6418 : libspdm_return_t status;
6419 : libspdm_test_context_t *spdm_test_context;
6420 : libspdm_context_t *spdm_context;
6421 : uint32_t session_id;
6422 : uint8_t heartbeat_period;
6423 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6424 : uint8_t slot_id_param;
6425 : void *data;
6426 : size_t data_size;
6427 : void *hash;
6428 : size_t hash_size;
6429 :
6430 1 : spdm_test_context = *state;
6431 1 : spdm_context = spdm_test_context->spdm_context;
6432 1 : spdm_test_context->case_id = 0x13;
6433 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6434 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6435 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6436 1 : spdm_context->connection_info.capability.flags |=
6437 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6438 1 : spdm_context->connection_info.capability.flags |=
6439 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6440 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6441 :
6442 1 : spdm_context->connection_info.capability.flags |=
6443 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
6444 1 : spdm_context->local_context.capability.flags |=
6445 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
6446 :
6447 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6448 : m_libspdm_use_asym_algo, &data,
6449 : &data_size, &hash, &hash_size)) {
6450 0 : assert(false);
6451 : }
6452 1 : libspdm_reset_message_a(spdm_context);
6453 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6454 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6455 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6456 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6457 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6458 : m_libspdm_use_measurement_hash_algo;
6459 :
6460 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6461 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6462 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6463 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6464 : data, data_size);
6465 : #else
6466 1 : libspdm_hash_all(
6467 : spdm_context->connection_info.algorithm.base_hash_algo,
6468 : data, data_size,
6469 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6470 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6471 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6472 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6473 : spdm_context->connection_info.algorithm.base_hash_algo,
6474 : spdm_context->connection_info.algorithm.base_asym_algo,
6475 : data, data_size,
6476 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6477 : #endif
6478 :
6479 1 : heartbeat_period = 0;
6480 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6481 1 : status = libspdm_send_receive_key_exchange(
6482 : spdm_context,
6483 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6484 : &session_id, &heartbeat_period, &slot_id_param,
6485 : measurement_hash);
6486 : /* Clear Handshake in the clear flags */
6487 1 : spdm_context->connection_info.capability.flags &=
6488 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
6489 1 : spdm_context->local_context.capability.flags &=
6490 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
6491 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6492 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6493 1 : assert_int_equal(
6494 : libspdm_secured_message_get_session_state(
6495 : spdm_context->session_info[0].secured_message_context),
6496 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6497 1 : free(data);
6498 1 : }
6499 :
6500 1 : static void req_key_exchange_case20(void **state)
6501 : {
6502 : libspdm_return_t status;
6503 : libspdm_test_context_t *spdm_test_context;
6504 : libspdm_context_t *spdm_context;
6505 : uint32_t session_id;
6506 : uint8_t heartbeat_period;
6507 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6508 : uint8_t slot_id_param;
6509 : void *data;
6510 : size_t data_size;
6511 : void *hash;
6512 : size_t hash_size;
6513 :
6514 1 : spdm_test_context = *state;
6515 1 : spdm_context = spdm_test_context->spdm_context;
6516 :
6517 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6518 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6519 : }
6520 :
6521 1 : spdm_test_context->case_id = 0x14;
6522 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6523 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6524 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6525 1 : spdm_context->connection_info.capability.flags |=
6526 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6527 1 : spdm_context->connection_info.capability.flags |=
6528 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6529 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6530 :
6531 :
6532 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6533 : m_libspdm_use_asym_algo, &data,
6534 : &data_size, &hash, &hash_size)) {
6535 0 : assert(false);
6536 : }
6537 1 : libspdm_reset_message_a(spdm_context);
6538 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6539 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6540 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6541 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6542 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6543 : m_libspdm_use_measurement_hash_algo;
6544 :
6545 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6546 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6547 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6548 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6549 : data, data_size);
6550 : #else
6551 1 : libspdm_hash_all(
6552 : spdm_context->connection_info.algorithm.base_hash_algo,
6553 : data, data_size,
6554 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6555 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6556 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6557 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6558 : spdm_context->connection_info.algorithm.base_hash_algo,
6559 : spdm_context->connection_info.algorithm.base_asym_algo,
6560 : data, data_size,
6561 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6562 : #endif
6563 :
6564 1 : heartbeat_period = 0;
6565 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6566 1 : status = libspdm_send_receive_key_exchange(
6567 : spdm_context,
6568 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6569 : &session_id, &heartbeat_period, &slot_id_param,
6570 : measurement_hash);
6571 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
6572 1 : free(data);
6573 1 : }
6574 :
6575 1 : static void req_key_exchange_case21(void **state)
6576 : {
6577 : libspdm_return_t status;
6578 : libspdm_test_context_t *spdm_test_context;
6579 : libspdm_context_t *spdm_context;
6580 : uint32_t session_id;
6581 : uint8_t heartbeat_period;
6582 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6583 : uint8_t slot_id_param;
6584 : void *data;
6585 : size_t data_size;
6586 : void *hash;
6587 : size_t hash_size;
6588 :
6589 1 : spdm_test_context = *state;
6590 1 : spdm_context = spdm_test_context->spdm_context;
6591 :
6592 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6593 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6594 : }
6595 :
6596 1 : spdm_test_context->case_id = 0x15;
6597 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6598 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6599 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6600 1 : spdm_context->connection_info.capability.flags |=
6601 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6602 1 : spdm_context->connection_info.capability.flags |=
6603 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6604 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6605 :
6606 1 : spdm_context->connection_info.capability.flags |=
6607 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP;
6608 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP;
6609 :
6610 :
6611 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6612 : m_libspdm_use_asym_algo, &data,
6613 : &data_size, &hash, &hash_size)) {
6614 0 : assert(false);
6615 : }
6616 1 : libspdm_reset_message_a(spdm_context);
6617 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6618 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6619 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6620 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6621 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6622 : m_libspdm_use_measurement_hash_algo;
6623 :
6624 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6625 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6626 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6627 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6628 : data, data_size);
6629 : #else
6630 1 : libspdm_hash_all(
6631 : spdm_context->connection_info.algorithm.base_hash_algo,
6632 : data, data_size,
6633 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6634 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6635 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6636 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6637 : spdm_context->connection_info.algorithm.base_hash_algo,
6638 : spdm_context->connection_info.algorithm.base_asym_algo,
6639 : data, data_size,
6640 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6641 : #endif
6642 :
6643 1 : heartbeat_period = 0;
6644 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6645 1 : status = libspdm_send_receive_key_exchange(
6646 : spdm_context,
6647 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6648 : &session_id, &heartbeat_period, &slot_id_param,
6649 : measurement_hash);
6650 : /* clear Heartbeat flags */
6651 1 : spdm_context->connection_info.capability.flags &=
6652 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP;
6653 1 : spdm_context->local_context.capability.flags &= ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP;
6654 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6655 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6656 1 : assert_int_equal(
6657 : libspdm_secured_message_get_session_state(
6658 : spdm_context->session_info[0].secured_message_context),
6659 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6660 1 : assert_int_equal(heartbeat_period,5);
6661 1 : free(data);
6662 1 : }
6663 :
6664 1 : static void req_key_exchange_case22(void **state)
6665 : {
6666 : libspdm_return_t status;
6667 : libspdm_test_context_t *spdm_test_context;
6668 : libspdm_context_t *spdm_context;
6669 : uint32_t session_id;
6670 : uint8_t heartbeat_period;
6671 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6672 : uint8_t slot_id_param;
6673 : void *data;
6674 : size_t data_size;
6675 : void *hash;
6676 : size_t hash_size;
6677 :
6678 1 : spdm_test_context = *state;
6679 1 : spdm_context = spdm_test_context->spdm_context;
6680 :
6681 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6682 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6683 : }
6684 :
6685 1 : spdm_test_context->case_id = 0x16;
6686 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6687 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6688 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6689 1 : spdm_context->connection_info.capability.flags |=
6690 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6691 1 : spdm_context->connection_info.capability.flags |=
6692 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6693 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6694 :
6695 1 : spdm_context->connection_info.capability.flags |=
6696 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP;
6697 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP;
6698 :
6699 :
6700 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6701 : m_libspdm_use_asym_algo, &data,
6702 : &data_size, &hash, &hash_size)) {
6703 0 : assert(false);
6704 : }
6705 1 : libspdm_reset_message_a(spdm_context);
6706 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6707 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6708 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6709 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6710 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6711 : m_libspdm_use_measurement_hash_algo;
6712 :
6713 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6714 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6715 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6716 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6717 : data, data_size);
6718 : #else
6719 1 : libspdm_hash_all(
6720 : spdm_context->connection_info.algorithm.base_hash_algo,
6721 : data, data_size,
6722 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6723 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6724 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6725 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6726 : spdm_context->connection_info.algorithm.base_hash_algo,
6727 : spdm_context->connection_info.algorithm.base_asym_algo,
6728 : data, data_size,
6729 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6730 : #endif
6731 :
6732 1 : heartbeat_period = 0;
6733 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6734 1 : status = libspdm_send_receive_key_exchange(
6735 : spdm_context,
6736 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6737 : &session_id, &heartbeat_period, &slot_id_param,
6738 : measurement_hash);
6739 :
6740 : /*clear Heartbeat flags*/
6741 1 : spdm_context->connection_info.capability.flags &=
6742 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP;
6743 1 : spdm_context->local_context.capability.flags &= ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP;
6744 :
6745 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6746 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6747 1 : assert_int_equal(
6748 : libspdm_secured_message_get_session_state(
6749 : spdm_context->session_info[0].secured_message_context),
6750 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6751 1 : assert_int_equal(heartbeat_period,0);
6752 1 : free(data);
6753 1 : }
6754 :
6755 1 : static void req_key_exchange_case23(void **state)
6756 : {
6757 : libspdm_return_t status;
6758 : libspdm_test_context_t *spdm_test_context;
6759 : libspdm_context_t *spdm_context;
6760 : uint32_t session_id;
6761 : uint8_t heartbeat_period;
6762 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6763 : uint8_t slot_id_param;
6764 : void *data;
6765 : size_t data_size;
6766 : void *hash;
6767 : size_t hash_size;
6768 :
6769 1 : spdm_test_context = *state;
6770 1 : spdm_context = spdm_test_context->spdm_context;
6771 :
6772 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6773 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6774 : }
6775 :
6776 1 : spdm_test_context->case_id = 0x17;
6777 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6778 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6779 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6780 1 : spdm_context->connection_info.capability.flags |=
6781 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6782 1 : spdm_context->connection_info.capability.flags |=
6783 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6784 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6785 :
6786 1 : spdm_context->connection_info.capability.flags |=
6787 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
6788 1 : spdm_context->local_context.capability.flags |=
6789 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
6790 :
6791 :
6792 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6793 : m_libspdm_use_asym_algo, &data,
6794 : &data_size, &hash, &hash_size)) {
6795 0 : assert(false);
6796 : }
6797 1 : libspdm_reset_message_a(spdm_context);
6798 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6799 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6800 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6801 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6802 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6803 : m_libspdm_use_measurement_hash_algo;
6804 :
6805 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6806 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6807 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6808 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6809 : data, data_size);
6810 : #else
6811 1 : libspdm_hash_all(
6812 : spdm_context->connection_info.algorithm.base_hash_algo,
6813 : data, data_size,
6814 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6815 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6816 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6817 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6818 : spdm_context->connection_info.algorithm.base_hash_algo,
6819 : spdm_context->connection_info.algorithm.base_asym_algo,
6820 : data, data_size,
6821 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6822 : #endif
6823 :
6824 1 : heartbeat_period = 0;
6825 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6826 1 : status = libspdm_send_receive_key_exchange(
6827 : spdm_context,
6828 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6829 : &session_id, &heartbeat_period, &slot_id_param,
6830 : measurement_hash);
6831 : /* Clear Mut_auth flags */
6832 1 : spdm_context->connection_info.capability.flags &=
6833 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
6834 1 : spdm_context->local_context.capability.flags &=
6835 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
6836 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6837 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6838 1 : assert_int_equal(
6839 : libspdm_secured_message_get_session_state(
6840 : spdm_context->session_info[0].secured_message_context),
6841 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6842 1 : assert_int_equal(
6843 : spdm_context->session_info[0].mut_auth_requested,
6844 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED);
6845 1 : free(data);
6846 1 : }
6847 :
6848 1 : static void req_key_exchange_case24(void **state)
6849 : {
6850 : libspdm_return_t status;
6851 : libspdm_test_context_t *spdm_test_context;
6852 : libspdm_context_t *spdm_context;
6853 : uint32_t session_id;
6854 : uint8_t heartbeat_period;
6855 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6856 : uint8_t slot_id_param;
6857 : void *data;
6858 : size_t data_size;
6859 : void *hash;
6860 : size_t hash_size;
6861 :
6862 1 : spdm_test_context = *state;
6863 1 : spdm_context = spdm_test_context->spdm_context;
6864 :
6865 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6866 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6867 : }
6868 :
6869 1 : spdm_test_context->case_id = 0x18;
6870 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6871 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6872 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6873 1 : spdm_context->connection_info.capability.flags |=
6874 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6875 1 : spdm_context->connection_info.capability.flags |=
6876 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6877 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6878 :
6879 1 : spdm_context->connection_info.capability.flags |=
6880 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
6881 1 : spdm_context->local_context.capability.flags |=
6882 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
6883 :
6884 1 : spdm_context->connection_info.capability.flags |=
6885 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP;
6886 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP;
6887 :
6888 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6889 : m_libspdm_use_asym_algo, &data,
6890 : &data_size, &hash, &hash_size)) {
6891 0 : assert(false);
6892 : }
6893 1 : libspdm_reset_message_a(spdm_context);
6894 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6895 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6896 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6897 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6898 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6899 : m_libspdm_use_measurement_hash_algo;
6900 :
6901 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6902 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6903 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
6904 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
6905 : data, data_size);
6906 : #else
6907 1 : libspdm_hash_all(
6908 : spdm_context->connection_info.algorithm.base_hash_algo,
6909 : data, data_size,
6910 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
6911 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
6912 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
6913 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
6914 : spdm_context->connection_info.algorithm.base_hash_algo,
6915 : spdm_context->connection_info.algorithm.base_asym_algo,
6916 : data, data_size,
6917 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
6918 : #endif
6919 :
6920 1 : heartbeat_period = 0;
6921 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
6922 1 : status = libspdm_send_receive_key_exchange(
6923 : spdm_context,
6924 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
6925 : &session_id, &heartbeat_period, &slot_id_param,
6926 : measurement_hash);
6927 : /* Clear Mut_auth flags */
6928 1 : spdm_context->connection_info.capability.flags &=
6929 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
6930 1 : spdm_context->local_context.capability.flags &=
6931 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
6932 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
6933 1 : assert_int_equal(session_id, 0xFFFFFFFF);
6934 1 : assert_int_equal(
6935 : libspdm_secured_message_get_session_state(
6936 : spdm_context->session_info[0].secured_message_context),
6937 : LIBSPDM_SESSION_STATE_HANDSHAKING);
6938 1 : assert_int_equal(
6939 : spdm_context->session_info[0].mut_auth_requested,
6940 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST);
6941 1 : free(data);
6942 1 : }
6943 :
6944 1 : static void req_key_exchange_case25(void **state)
6945 : {
6946 : libspdm_return_t status;
6947 : libspdm_test_context_t *spdm_test_context;
6948 : libspdm_context_t *spdm_context;
6949 : uint32_t session_id;
6950 : uint8_t heartbeat_period;
6951 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
6952 : uint8_t slot_id_param;
6953 : void *data;
6954 : size_t data_size;
6955 : void *hash;
6956 : size_t hash_size;
6957 :
6958 1 : spdm_test_context = *state;
6959 1 : spdm_context = spdm_test_context->spdm_context;
6960 :
6961 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
6962 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
6963 : }
6964 :
6965 1 : spdm_test_context->case_id = 0x19;
6966 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
6967 : SPDM_VERSION_NUMBER_SHIFT_BIT;
6968 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
6969 1 : spdm_context->connection_info.capability.flags |=
6970 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
6971 1 : spdm_context->connection_info.capability.flags |=
6972 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
6973 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
6974 :
6975 1 : spdm_context->connection_info.capability.flags |=
6976 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
6977 1 : spdm_context->local_context.capability.flags |=
6978 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
6979 :
6980 1 : spdm_context->connection_info.capability.flags |=
6981 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP;
6982 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP;
6983 :
6984 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
6985 : m_libspdm_use_asym_algo, &data,
6986 : &data_size, &hash, &hash_size)) {
6987 0 : assert(false);
6988 : }
6989 1 : libspdm_reset_message_a(spdm_context);
6990 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
6991 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
6992 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
6993 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
6994 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
6995 : m_libspdm_use_measurement_hash_algo;
6996 :
6997 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
6998 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
6999 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7000 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7001 : data, data_size);
7002 : #else
7003 1 : libspdm_hash_all(
7004 : spdm_context->connection_info.algorithm.base_hash_algo,
7005 : data, data_size,
7006 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7007 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7008 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7009 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7010 : spdm_context->connection_info.algorithm.base_hash_algo,
7011 : spdm_context->connection_info.algorithm.base_asym_algo,
7012 : data, data_size,
7013 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7014 : #endif
7015 :
7016 1 : heartbeat_period = 0;
7017 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7018 1 : status = libspdm_send_receive_key_exchange(
7019 : spdm_context,
7020 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7021 : &session_id, &heartbeat_period, &slot_id_param,
7022 : measurement_hash);
7023 : /* Clear Mut_auth flags */
7024 1 : spdm_context->connection_info.capability.flags &=
7025 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7026 1 : spdm_context->local_context.capability.flags &=
7027 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7028 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7029 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7030 1 : assert_int_equal(
7031 : libspdm_secured_message_get_session_state(
7032 : spdm_context->session_info[0].secured_message_context),
7033 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7034 1 : assert_int_equal(
7035 : spdm_context->session_info[0].mut_auth_requested,
7036 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS);
7037 1 : free(data);
7038 1 : }
7039 :
7040 1 : static void req_key_exchange_case26(void **state)
7041 : {
7042 : libspdm_return_t status;
7043 : libspdm_test_context_t *spdm_test_context;
7044 : libspdm_context_t *spdm_context;
7045 : uint32_t session_id;
7046 : uint8_t heartbeat_period;
7047 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7048 : uint8_t slot_id_param;
7049 : void *data;
7050 : size_t data_size;
7051 : void *hash;
7052 : size_t hash_size;
7053 :
7054 1 : spdm_test_context = *state;
7055 1 : spdm_context = spdm_test_context->spdm_context;
7056 :
7057 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7058 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7059 : }
7060 :
7061 1 : spdm_test_context->case_id = 0x1A;
7062 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7063 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7064 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7065 1 : spdm_context->connection_info.capability.flags |=
7066 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
7067 1 : spdm_context->connection_info.capability.flags |=
7068 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
7069 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
7070 :
7071 1 : spdm_context->connection_info.capability.flags |=
7072 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7073 1 : spdm_context->local_context.capability.flags |=
7074 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7075 :
7076 :
7077 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7078 : m_libspdm_use_asym_algo, &data,
7079 : &data_size, &hash, &hash_size)) {
7080 0 : assert(false);
7081 : }
7082 1 : libspdm_reset_message_a(spdm_context);
7083 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7084 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7085 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7086 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7087 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
7088 : m_libspdm_use_measurement_hash_algo;
7089 :
7090 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7091 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7092 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7093 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7094 : data, data_size);
7095 : #else
7096 1 : libspdm_hash_all(
7097 : spdm_context->connection_info.algorithm.base_hash_algo,
7098 : data, data_size,
7099 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7100 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7101 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7102 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7103 : spdm_context->connection_info.algorithm.base_hash_algo,
7104 : spdm_context->connection_info.algorithm.base_asym_algo,
7105 : data, data_size,
7106 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7107 : #endif
7108 :
7109 1 : heartbeat_period = 0;
7110 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7111 1 : status = libspdm_send_receive_key_exchange(
7112 : spdm_context,
7113 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7114 : &session_id, &heartbeat_period, &slot_id_param,
7115 : measurement_hash);
7116 : /* Clear Mut_auth flags */
7117 1 : spdm_context->connection_info.capability.flags &=
7118 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7119 1 : spdm_context->local_context.capability.flags &=
7120 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7121 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
7122 1 : free(data);
7123 1 : }
7124 :
7125 1 : static void req_key_exchange_case27(void **state)
7126 : {
7127 : libspdm_return_t status;
7128 : libspdm_test_context_t *spdm_test_context;
7129 : libspdm_context_t *spdm_context;
7130 : uint32_t session_id;
7131 : uint8_t heartbeat_period;
7132 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7133 : uint8_t slot_id_param;
7134 : void *data;
7135 : size_t data_size;
7136 : void *hash;
7137 : size_t hash_size;
7138 :
7139 1 : spdm_test_context = *state;
7140 1 : spdm_context = spdm_test_context->spdm_context;
7141 :
7142 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7143 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7144 : }
7145 :
7146 1 : spdm_test_context->case_id = 0x1B;
7147 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7148 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7149 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7150 1 : spdm_context->connection_info.capability.flags |=
7151 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
7152 1 : spdm_context->connection_info.capability.flags |=
7153 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
7154 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
7155 :
7156 1 : spdm_context->connection_info.capability.flags |=
7157 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7158 1 : spdm_context->local_context.capability.flags |=
7159 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7160 :
7161 :
7162 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7163 : m_libspdm_use_asym_algo, &data,
7164 : &data_size, &hash, &hash_size)) {
7165 0 : assert(false);
7166 : }
7167 1 : libspdm_reset_message_a(spdm_context);
7168 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7169 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7170 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7171 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7172 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
7173 : m_libspdm_use_measurement_hash_algo;
7174 :
7175 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7176 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7177 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7178 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7179 : data, data_size);
7180 : #else
7181 1 : libspdm_hash_all(
7182 : spdm_context->connection_info.algorithm.base_hash_algo,
7183 : data, data_size,
7184 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7185 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7186 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7187 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7188 : spdm_context->connection_info.algorithm.base_hash_algo,
7189 : spdm_context->connection_info.algorithm.base_asym_algo,
7190 : data, data_size,
7191 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7192 : #endif
7193 :
7194 1 : heartbeat_period = 0;
7195 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7196 1 : status = libspdm_send_receive_key_exchange(
7197 : spdm_context,
7198 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7199 : &session_id, &heartbeat_period, &slot_id_param,
7200 : measurement_hash);
7201 : /*Clear Mut_auth flags*/
7202 1 : spdm_context->connection_info.capability.flags &=
7203 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7204 1 : spdm_context->local_context.capability.flags &=
7205 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7206 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
7207 1 : free(data);
7208 1 : }
7209 :
7210 1 : static void req_key_exchange_case28(void **state)
7211 : {
7212 : libspdm_return_t status;
7213 : libspdm_test_context_t *spdm_test_context;
7214 : libspdm_context_t *spdm_context;
7215 : uint32_t session_id;
7216 : uint8_t heartbeat_period;
7217 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7218 : uint8_t slot_id_param;
7219 : void *data;
7220 : size_t data_size;
7221 : void *hash;
7222 : size_t hash_size;
7223 :
7224 1 : spdm_test_context = *state;
7225 1 : spdm_context = spdm_test_context->spdm_context;
7226 :
7227 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7228 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7229 : }
7230 :
7231 1 : spdm_test_context->case_id = 0x1C;
7232 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7233 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7234 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7235 1 : spdm_context->connection_info.capability.flags |=
7236 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
7237 1 : spdm_context->connection_info.capability.flags |=
7238 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
7239 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
7240 :
7241 1 : spdm_context->connection_info.capability.flags |=
7242 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7243 1 : spdm_context->local_context.capability.flags |=
7244 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7245 :
7246 :
7247 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7248 : m_libspdm_use_asym_algo, &data,
7249 : &data_size, &hash, &hash_size)) {
7250 0 : assert(false);
7251 : }
7252 1 : libspdm_reset_message_a(spdm_context);
7253 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7254 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7255 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7256 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7257 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
7258 : m_libspdm_use_measurement_hash_algo;
7259 :
7260 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7261 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7262 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7263 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7264 : data, data_size);
7265 : #else
7266 1 : libspdm_hash_all(
7267 : spdm_context->connection_info.algorithm.base_hash_algo,
7268 : data, data_size,
7269 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7270 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7271 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7272 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7273 : spdm_context->connection_info.algorithm.base_hash_algo,
7274 : spdm_context->connection_info.algorithm.base_asym_algo,
7275 : data, data_size,
7276 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7277 : #endif
7278 :
7279 1 : heartbeat_period = 0;
7280 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7281 1 : status = libspdm_send_receive_key_exchange(
7282 : spdm_context,
7283 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7284 : &session_id, &heartbeat_period, &slot_id_param,
7285 : measurement_hash);
7286 : /* Clear Mut_auth flags */
7287 1 : spdm_context->connection_info.capability.flags &=
7288 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP;
7289 1 : spdm_context->local_context.capability.flags &=
7290 : ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP;
7291 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
7292 1 : free(data);
7293 1 : }
7294 :
7295 1 : static void req_key_exchange_case29(void **state)
7296 : {
7297 : libspdm_return_t status;
7298 : libspdm_test_context_t *spdm_test_context;
7299 : libspdm_context_t *spdm_context;
7300 : uint32_t session_id;
7301 : uint8_t heartbeat_period;
7302 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7303 : uint8_t slot_id_param;
7304 : void *data;
7305 : size_t data_size;
7306 : void *hash;
7307 : size_t hash_size;
7308 :
7309 1 : spdm_test_context = *state;
7310 1 : spdm_context = spdm_test_context->spdm_context;
7311 :
7312 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7313 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7314 : }
7315 :
7316 1 : spdm_test_context->case_id = 0x1D;
7317 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7318 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7319 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7320 1 : spdm_context->connection_info.capability.flags |=
7321 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7322 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7323 1 : spdm_context->local_context.capability.flags |=
7324 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7325 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7326 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7327 : m_libspdm_use_asym_algo, &data,
7328 : &data_size, &hash, &hash_size)) {
7329 0 : assert(false);
7330 : }
7331 1 : libspdm_reset_message_a(spdm_context);
7332 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7333 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7334 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7335 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7336 :
7337 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7338 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7339 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7340 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7341 : data, data_size);
7342 : #else
7343 1 : libspdm_hash_all(
7344 : spdm_context->connection_info.algorithm.base_hash_algo,
7345 : data, data_size,
7346 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7347 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7348 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7349 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7350 : spdm_context->connection_info.algorithm.base_hash_algo,
7351 : spdm_context->connection_info.algorithm.base_asym_algo,
7352 : data, data_size,
7353 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7354 : #endif
7355 :
7356 1 : heartbeat_period = 0;
7357 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7358 1 : status = libspdm_send_receive_key_exchange(
7359 : spdm_context,
7360 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7361 : &session_id, &heartbeat_period, &slot_id_param,
7362 : measurement_hash);
7363 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7364 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7365 1 : assert_int_equal(
7366 : libspdm_secured_message_get_session_state(
7367 : spdm_context->session_info[0].secured_message_context),
7368 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7369 :
7370 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7371 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
7372 : m_libspdm_local_buffer_size);
7373 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
7374 : m_libspdm_local_buffer_size));
7375 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
7376 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
7377 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
7378 : #endif
7379 :
7380 1 : free(data);
7381 1 : }
7382 :
7383 1 : static void req_key_exchange_case30(void **state)
7384 : {
7385 : libspdm_return_t status;
7386 : libspdm_test_context_t *spdm_test_context;
7387 : libspdm_context_t *spdm_context;
7388 : uint32_t session_id;
7389 : uint8_t heartbeat_period;
7390 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7391 : uint8_t slot_id_param;
7392 : void *data;
7393 : size_t data_size;
7394 : void *hash;
7395 : size_t hash_size;
7396 :
7397 1 : spdm_test_context = *state;
7398 1 : spdm_context = spdm_test_context->spdm_context;
7399 1 : spdm_test_context->case_id = 0x1e;
7400 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
7401 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7402 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7403 1 : spdm_context->connection_info.capability.flags |=
7404 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7405 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7406 1 : spdm_context->local_context.capability.flags |=
7407 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7408 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7409 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
7410 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
7411 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
7412 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7413 : m_libspdm_use_asym_algo, &data,
7414 : &data_size, &hash, &hash_size)) {
7415 0 : assert(false);
7416 : }
7417 1 : libspdm_reset_message_a(spdm_context);
7418 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7419 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7420 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7421 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7422 1 : spdm_context->connection_info.algorithm.other_params_support =
7423 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
7424 1 : libspdm_session_info_init(spdm_context,
7425 1 : spdm_context->session_info,
7426 : 0,
7427 : INVALID_SESSION_ID, false);
7428 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7429 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7430 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7431 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7432 : data, data_size);
7433 : #else
7434 1 : libspdm_hash_all(
7435 : spdm_context->connection_info.algorithm.base_hash_algo,
7436 : data, data_size,
7437 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7438 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7439 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7440 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7441 : spdm_context->connection_info.algorithm.base_hash_algo,
7442 : spdm_context->connection_info.algorithm.base_asym_algo,
7443 : data, data_size,
7444 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7445 : #endif
7446 :
7447 1 : heartbeat_period = 0;
7448 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7449 1 : status = libspdm_send_receive_key_exchange(
7450 : spdm_context,
7451 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0,
7452 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE,
7453 : &session_id, &heartbeat_period, &slot_id_param,
7454 : measurement_hash);
7455 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7456 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7457 1 : assert_int_equal(
7458 : libspdm_secured_message_get_session_state(
7459 : spdm_context->session_info[0].secured_message_context),
7460 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7461 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
7462 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE);
7463 1 : free(data);
7464 1 : }
7465 :
7466 : /**
7467 : * Test 31: Exercise the libspdm_send_receive_key_exchange_ex path
7468 : * Expected Behavior: requester_random_in is sent to Responder and correct responder_random is
7469 : * returned to Requester.
7470 : **/
7471 1 : static void req_key_exchange_case31(void **state)
7472 : {
7473 : libspdm_return_t status;
7474 : libspdm_test_context_t *spdm_test_context;
7475 : libspdm_context_t *spdm_context;
7476 : uint32_t session_id;
7477 : uint8_t heartbeat_period;
7478 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7479 : uint8_t slot_id_param;
7480 : void *data;
7481 : size_t data_size;
7482 : void *hash;
7483 : size_t hash_size;
7484 : uint8_t requester_random_in[SPDM_RANDOM_DATA_SIZE];
7485 : uint8_t requester_random[SPDM_RANDOM_DATA_SIZE];
7486 : uint8_t responder_random[SPDM_RANDOM_DATA_SIZE];
7487 : uint8_t responder_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
7488 : size_t responder_opaque_data_size;
7489 : uint8_t requester_opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
7490 : size_t requester_opaque_data_size;
7491 :
7492 1 : spdm_test_context = *state;
7493 1 : spdm_context = spdm_test_context->spdm_context;
7494 1 : spdm_test_context->case_id = 0x1f;
7495 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7496 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7497 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7498 1 : spdm_context->connection_info.capability.flags |=
7499 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7500 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7501 1 : spdm_context->local_context.capability.flags |=
7502 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7503 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7504 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
7505 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
7506 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
7507 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7508 : m_libspdm_use_asym_algo, &data,
7509 : &data_size, &hash, &hash_size)) {
7510 0 : assert(false);
7511 : }
7512 1 : libspdm_reset_message_a(spdm_context);
7513 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7514 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7515 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7516 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7517 :
7518 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7519 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7520 : }
7521 :
7522 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7523 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7524 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7525 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7526 : data, data_size);
7527 : #else
7528 1 : libspdm_hash_all(
7529 : spdm_context->connection_info.algorithm.base_hash_algo,
7530 : data, data_size,
7531 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7532 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7533 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7534 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7535 : spdm_context->connection_info.algorithm.base_hash_algo,
7536 : spdm_context->connection_info.algorithm.base_asym_algo,
7537 : data, data_size,
7538 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7539 : #endif
7540 :
7541 33 : for (int index = 0; index < SPDM_RANDOM_DATA_SIZE; index++) {
7542 32 : requester_random_in[index] = 0x12;
7543 : }
7544 :
7545 1 : heartbeat_period = 0;
7546 1 : responder_opaque_data_size = sizeof(responder_opaque_data);
7547 1 : requester_opaque_data_size = sizeof(requester_opaque_data);
7548 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7549 1 : status = libspdm_send_receive_key_exchange_ex(
7550 : spdm_context,
7551 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7552 : &session_id, &heartbeat_period, &slot_id_param,
7553 : measurement_hash, requester_random_in, requester_random, responder_random,
7554 : requester_opaque_data, requester_opaque_data_size,
7555 : responder_opaque_data, &responder_opaque_data_size);
7556 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7557 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7558 1 : assert_int_equal(
7559 : libspdm_secured_message_get_session_state(
7560 : spdm_context->session_info[0].secured_message_context),
7561 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7562 :
7563 33 : for (int index = 0; index < SPDM_RANDOM_DATA_SIZE; index++) {
7564 32 : assert_int_equal(requester_random[index], requester_random_in[index]);
7565 32 : assert_int_equal(requester_random[index], 0x12);
7566 32 : assert_int_equal(responder_random[index], 0x5c);
7567 : }
7568 :
7569 1 : free(data);
7570 1 : }
7571 :
7572 1 : void req_key_exchange_case32(void **state)
7573 : {
7574 : libspdm_return_t status;
7575 : libspdm_test_context_t *spdm_test_context;
7576 : libspdm_context_t *spdm_context;
7577 : uint32_t session_id;
7578 : uint8_t heartbeat_period;
7579 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7580 : uint8_t slot_id_param;
7581 : void *data;
7582 : size_t data_size;
7583 :
7584 1 : spdm_test_context = *state;
7585 1 : spdm_context = spdm_test_context->spdm_context;
7586 1 : spdm_test_context->case_id = 0x20;
7587 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
7588 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7589 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7590 1 : spdm_context->connection_info.capability.flags |=
7591 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7592 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7593 1 : spdm_context->local_context.capability.flags |=
7594 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7595 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7596 1 : spdm_context->connection_info.capability.flags |=
7597 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
7598 1 : spdm_context->local_context.capability.flags |=
7599 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
7600 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
7601 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
7602 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
7603 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size)) {
7604 0 : return;
7605 : }
7606 1 : spdm_context->local_context.peer_public_key_provision = data;
7607 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
7608 :
7609 1 : libspdm_reset_message_a(spdm_context);
7610 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7611 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7612 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7613 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7614 1 : spdm_context->connection_info.algorithm.other_params_support =
7615 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
7616 1 : libspdm_session_info_init(spdm_context,
7617 1 : spdm_context->session_info,
7618 : 0,
7619 : INVALID_SESSION_ID, false);
7620 :
7621 1 : heartbeat_period = 0;
7622 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7623 1 : status = libspdm_send_receive_key_exchange(
7624 : spdm_context,
7625 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF,
7626 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE,
7627 : &session_id, &heartbeat_period, &slot_id_param,
7628 : measurement_hash);
7629 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7630 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7631 1 : assert_int_equal(
7632 : libspdm_secured_message_get_session_state(
7633 : spdm_context->session_info[0].secured_message_context),
7634 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7635 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
7636 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE);
7637 1 : free(data);
7638 : }
7639 :
7640 1 : static void req_key_exchange_case33(void **state)
7641 : {
7642 : libspdm_return_t status;
7643 : libspdm_test_context_t *spdm_test_context;
7644 : libspdm_context_t *spdm_context;
7645 : uint32_t session_id;
7646 : uint8_t heartbeat_period;
7647 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7648 : uint8_t slot_id_param;
7649 : void *data;
7650 : size_t data_size;
7651 : void *hash;
7652 : size_t hash_size;
7653 :
7654 1 : spdm_test_context = *state;
7655 1 : spdm_context = spdm_test_context->spdm_context;
7656 1 : spdm_test_context->case_id = 0x21;
7657 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
7658 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7659 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7660 1 : spdm_context->connection_info.capability.flags |=
7661 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7662 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7663 1 : spdm_context->local_context.capability.flags |=
7664 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7665 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7666 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
7667 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
7668 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
7669 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7670 : m_libspdm_use_asym_algo, &data,
7671 : &data_size, &hash, &hash_size)) {
7672 0 : assert(false);
7673 : }
7674 1 : libspdm_reset_message_a(spdm_context);
7675 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7676 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7677 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7678 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7679 1 : spdm_context->connection_info.algorithm.other_params_support =
7680 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
7681 1 : libspdm_session_info_init(spdm_context,
7682 1 : spdm_context->session_info,
7683 : 0,
7684 : INVALID_SESSION_ID, false);
7685 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7686 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7687 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7688 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7689 : data, data_size);
7690 : #else
7691 1 : libspdm_hash_all(
7692 : spdm_context->connection_info.algorithm.base_hash_algo,
7693 : data, data_size,
7694 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7695 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7696 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7697 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7698 : spdm_context->connection_info.algorithm.base_hash_algo,
7699 : spdm_context->connection_info.algorithm.base_asym_algo,
7700 : data, data_size,
7701 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7702 : #endif
7703 :
7704 1 : heartbeat_period = 0;
7705 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7706 1 : status = libspdm_send_receive_key_exchange(
7707 : spdm_context,
7708 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0,
7709 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE,
7710 : &session_id, &heartbeat_period, &slot_id_param,
7711 : measurement_hash);
7712 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7713 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7714 1 : assert_int_equal(
7715 : libspdm_secured_message_get_session_state(
7716 : spdm_context->session_info[0].secured_message_context),
7717 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7718 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
7719 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIME_UPDATE);
7720 1 : free(data);
7721 1 : }
7722 :
7723 : /**
7724 : * Test 34: The secured message version is 1.2 and the Integrator has set the sequence number
7725 : * endianness to big-endian. After key exchange the session's endianness will be
7726 : * little-endian as 277 1.2 only supports little-endian.
7727 : * Expected Behavior: A successful key exchange with the session's endianness set to little-endian.
7728 : **/
7729 1 : static void req_key_exchange_case34(void **state)
7730 : {
7731 : libspdm_return_t status;
7732 : libspdm_test_context_t *spdm_test_context;
7733 : libspdm_context_t *spdm_context;
7734 : uint32_t session_id;
7735 : uint8_t heartbeat_period;
7736 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
7737 : uint8_t slot_id_param;
7738 : void *data;
7739 : size_t data_size;
7740 : void *hash;
7741 : size_t hash_size;
7742 :
7743 1 : spdm_test_context = *state;
7744 1 : spdm_context = spdm_test_context->spdm_context;
7745 :
7746 1 : if (spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
7747 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
7748 : }
7749 :
7750 1 : spdm_test_context->case_id = 0x22;
7751 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
7752 : SPDM_VERSION_NUMBER_SHIFT_BIT;
7753 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
7754 1 : spdm_context->connection_info.capability.flags |=
7755 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
7756 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
7757 1 : spdm_context->local_context.capability.flags |=
7758 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
7759 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
7760 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
7761 1 : spdm_context->local_context.secured_message_version.secured_message_version[0] =
7762 : SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT;
7763 :
7764 : /* Set 277 sequence number endianness to big-endian. */
7765 1 : spdm_context->sequence_number_endian = LIBSPDM_DATA_SESSION_SEQ_NUM_ENC_BIG_DEC_BIG;
7766 :
7767 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
7768 : m_libspdm_use_asym_algo, &data,
7769 : &data_size, &hash, &hash_size)) {
7770 0 : assert(false);
7771 : }
7772 1 : libspdm_reset_message_a(spdm_context);
7773 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
7774 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
7775 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
7776 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
7777 :
7778 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
7779 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
7780 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
7781 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
7782 : data, data_size);
7783 : #else
7784 1 : libspdm_hash_all(
7785 : spdm_context->connection_info.algorithm.base_hash_algo,
7786 : data, data_size,
7787 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
7788 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
7789 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
7790 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
7791 : spdm_context->connection_info.algorithm.base_hash_algo,
7792 : spdm_context->connection_info.algorithm.base_asym_algo,
7793 : data, data_size,
7794 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
7795 : #endif
7796 :
7797 1 : heartbeat_period = 0;
7798 1 : libspdm_zero_mem(measurement_hash, sizeof(measurement_hash));
7799 1 : status = libspdm_send_receive_key_exchange(
7800 : spdm_context,
7801 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0,
7802 : &session_id, &heartbeat_period, &slot_id_param,
7803 : measurement_hash);
7804 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
7805 1 : assert_int_equal(session_id, 0xFFFFFFFF);
7806 1 : assert_int_equal(
7807 : libspdm_secured_message_get_session_state(
7808 : spdm_context->session_info[0].secured_message_context),
7809 : LIBSPDM_SESSION_STATE_HANDSHAKING);
7810 1 : assert_int_equal(((libspdm_secured_message_context_t *)spdm_context->session_info->
7811 : secured_message_context)->sequence_number_endian,
7812 : LIBSPDM_DATA_SESSION_SEQ_NUM_ENC_LITTLE_DEC_LITTLE);
7813 1 : free(data);
7814 1 : }
7815 :
7816 1 : int libspdm_req_key_exchange_test(void)
7817 : {
7818 1 : const struct CMUnitTest test_cases[] = {
7819 : /* SendRequest failed*/
7820 : cmocka_unit_test(req_key_exchange_case1),
7821 : /* Successful response*/
7822 : cmocka_unit_test(req_key_exchange_case2),
7823 : /* connection_state check failed*/
7824 : cmocka_unit_test(req_key_exchange_case3),
7825 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
7826 : cmocka_unit_test(req_key_exchange_case4),
7827 : /* Always SPDM_ERROR_CODE_BUSY*/
7828 : cmocka_unit_test(req_key_exchange_case5),
7829 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
7830 : cmocka_unit_test(req_key_exchange_case6),
7831 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
7832 : cmocka_unit_test(req_key_exchange_case7),
7833 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
7834 : cmocka_unit_test(req_key_exchange_case8),
7835 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
7836 : cmocka_unit_test(req_key_exchange_case9),
7837 : /* Unexpected errors*/
7838 : cmocka_unit_test(req_key_exchange_case10),
7839 : /* Buffer reset*/
7840 : cmocka_unit_test(req_key_exchange_case11),
7841 : /* Measurement hash 1, returns a measurement hash*/
7842 : cmocka_unit_test(req_key_exchange_case12),
7843 : /* Measurement hash 1, returns a 0x00 array (no TCB components)*/
7844 : cmocka_unit_test(req_key_exchange_case13),
7845 : /* Measurement hash FF, returns a measurement_hash*/
7846 : cmocka_unit_test(req_key_exchange_case14),
7847 : /* Measurement hash 1, returns no measurement_hash*/
7848 : cmocka_unit_test(req_key_exchange_case15),
7849 : /* Measurement hash FF, returns no measurement_hash*/
7850 : cmocka_unit_test(req_key_exchange_case16),
7851 : /* Measurement hash not requested, returns a measurement_hash*/
7852 : cmocka_unit_test(req_key_exchange_case17),
7853 : /* Wrong signature*/
7854 : cmocka_unit_test(req_key_exchange_case18),
7855 : /* Requester and Responder Handshake in the clear set, no ResponderVerifyData*/
7856 : cmocka_unit_test(req_key_exchange_case19),
7857 : /* Heartbeat not supported, heartbeat period different from 0 sent*/
7858 : cmocka_unit_test(req_key_exchange_case20),
7859 : /* Heartbeat supported, heartbeat period different from 0 sent*/
7860 : cmocka_unit_test(req_key_exchange_case21),
7861 : /* Heartbeat supported, heartbeat period 0 sent NOTE: This should disable heartbeat*/
7862 : cmocka_unit_test(req_key_exchange_case22),
7863 : /* Muth Auth requested*/
7864 : cmocka_unit_test(req_key_exchange_case23),
7865 : /* Muth Auth requested with Encapsulated request*/
7866 : cmocka_unit_test(req_key_exchange_case24),
7867 : /* Muth Auth requested with implicit get digest*/
7868 : cmocka_unit_test(req_key_exchange_case25),
7869 : /* Muth Auth requested with Encapsulated request and bit 0 set*/
7870 : cmocka_unit_test(req_key_exchange_case26),
7871 : /* Muth Auth requested with implicit get digest and bit 0 set*/
7872 : cmocka_unit_test(req_key_exchange_case27),
7873 : /* Muth Auth requested with Encapsulated request and Muth Auth requested with implicit get digest simultaneously*/
7874 : cmocka_unit_test(req_key_exchange_case28),
7875 : /* Buffer verification*/
7876 : cmocka_unit_test(req_key_exchange_case29),
7877 : /* Successful response V1.2*/
7878 : cmocka_unit_test(req_key_exchange_case30),
7879 : cmocka_unit_test(req_key_exchange_case31),
7880 : /* Successful response using provisioned public key (slot_id 0xFF) */
7881 : cmocka_unit_test(req_key_exchange_case32),
7882 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
7883 : cmocka_unit_test(req_key_exchange_case33),
7884 : cmocka_unit_test(req_key_exchange_case34),
7885 : };
7886 :
7887 1 : libspdm_test_context_t test_context = {
7888 : LIBSPDM_TEST_CONTEXT_VERSION,
7889 : true,
7890 : send_message,
7891 : receive_message,
7892 : };
7893 :
7894 1 : libspdm_setup_test_context(&test_context);
7895 :
7896 1 : return cmocka_run_group_tests(test_cases,
7897 : libspdm_unit_test_group_setup,
7898 : libspdm_unit_test_group_teardown);
7899 : }
7900 :
7901 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
