Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
12 :
13 : static uint8_t m_libspdm_dummy_key_buffer[LIBSPDM_MAX_AEAD_KEY_SIZE];
14 : static uint8_t m_libspdm_dummy_salt_buffer[LIBSPDM_MAX_AEAD_IV_SIZE];
15 :
16 : static size_t m_libspdm_local_buffer_size;
17 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
18 :
19 35 : static void libspdm_secured_message_set_dummy_finished_key( void *spdm_secured_message_context) {
20 35 : }
21 :
22 34 : void libspdm_secured_message_set_response_handshake_encryption_key(
23 : void *spdm_secured_message_context, const void *key, size_t key_size)
24 : {
25 : libspdm_secured_message_context_t *secured_message_context;
26 :
27 34 : secured_message_context = spdm_secured_message_context;
28 34 : LIBSPDM_ASSERT(key_size == secured_message_context->aead_key_size);
29 34 : libspdm_copy_mem(secured_message_context->handshake_secret.response_handshake_encryption_key,
30 : sizeof(secured_message_context->handshake_secret.
31 : response_handshake_encryption_key),
32 : key, secured_message_context->aead_key_size);
33 34 : }
34 :
35 34 : void libspdm_secured_message_set_response_handshake_salt(
36 : void *spdm_secured_message_context, const void *salt,
37 : size_t salt_size)
38 : {
39 : libspdm_secured_message_context_t *secured_message_context;
40 :
41 34 : secured_message_context = spdm_secured_message_context;
42 34 : LIBSPDM_ASSERT(salt_size == secured_message_context->aead_iv_size);
43 34 : libspdm_copy_mem(secured_message_context->handshake_secret.response_handshake_salt,
44 : sizeof(secured_message_context->handshake_secret.response_handshake_salt),
45 : salt, secured_message_context->aead_iv_size);
46 34 : }
47 :
48 35 : static libspdm_return_t send_message(
49 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
50 : {
51 : libspdm_test_context_t *spdm_test_context;
52 :
53 35 : spdm_test_context = libspdm_get_test_context();
54 35 : switch (spdm_test_context->case_id) {
55 1 : case 0x1:
56 1 : return LIBSPDM_STATUS_SEND_FAIL;
57 1 : case 0x2:
58 1 : return LIBSPDM_STATUS_SUCCESS;
59 0 : case 0x3:
60 0 : return LIBSPDM_STATUS_SUCCESS;
61 1 : case 0x4:
62 1 : return LIBSPDM_STATUS_SUCCESS;
63 1 : case 0x5:
64 1 : return LIBSPDM_STATUS_SUCCESS;
65 2 : case 0x6:
66 2 : return LIBSPDM_STATUS_SUCCESS;
67 1 : case 0x7:
68 1 : return LIBSPDM_STATUS_SUCCESS;
69 2 : case 0x8:
70 2 : return LIBSPDM_STATUS_SUCCESS;
71 2 : case 0x9:
72 2 : return LIBSPDM_STATUS_SUCCESS;
73 18 : case 0xA:
74 18 : return LIBSPDM_STATUS_SUCCESS;
75 1 : case 0xB:
76 1 : return LIBSPDM_STATUS_SUCCESS;
77 0 : case 0xC:
78 0 : return LIBSPDM_STATUS_SUCCESS;
79 1 : case 0xD:
80 1 : return LIBSPDM_STATUS_SUCCESS;
81 0 : case 0xE:
82 0 : return LIBSPDM_STATUS_SUCCESS;
83 1 : case 0xF:
84 1 : return LIBSPDM_STATUS_SUCCESS;
85 2 : case 0x10:
86 : case 0x11:
87 : {
88 : libspdm_return_t status;
89 : uint8_t *decoded_message;
90 : size_t decoded_message_size;
91 : uint32_t session_id;
92 : uint32_t *message_session_id;
93 : bool is_app_message;
94 : libspdm_session_info_t *session_info;
95 : uint8_t message_buffer[LIBSPDM_SENDER_BUFFER_SIZE];
96 :
97 2 : message_session_id = NULL;
98 2 : session_id = 0xFFFFFFFF;
99 2 : decoded_message = (uint8_t *) &m_libspdm_local_buffer[0];
100 2 : decoded_message_size = sizeof(m_libspdm_local_buffer);
101 :
102 2 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
103 2 : if (session_info == NULL) {
104 0 : return LIBSPDM_STATUS_SEND_FAIL;
105 : }
106 :
107 2 : memcpy(message_buffer, request, request_size);
108 :
109 2 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
110 2 : ->handshake_secret.request_handshake_sequence_number--;
111 2 : m_libspdm_local_buffer_size = 0;
112 2 : libspdm_get_scratch_buffer (spdm_context, (void **)&decoded_message, &decoded_message_size);
113 2 : status = libspdm_transport_test_decode_message(
114 : spdm_context,
115 : &message_session_id, &is_app_message, true, request_size, message_buffer,
116 : &decoded_message_size, (void **)&decoded_message);
117 2 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
118 0 : return LIBSPDM_STATUS_SEND_FAIL;
119 : }
120 2 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
121 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
122 : decoded_message, decoded_message_size);
123 2 : m_libspdm_local_buffer_size += decoded_message_size;
124 : }
125 2 : return LIBSPDM_STATUS_SUCCESS;
126 1 : case 0x12:
127 1 : return LIBSPDM_STATUS_SUCCESS;
128 0 : default:
129 0 : return LIBSPDM_STATUS_SEND_FAIL;
130 : }
131 : }
132 :
133 34 : static libspdm_return_t receive_message(
134 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
135 : {
136 : libspdm_test_context_t *spdm_test_context;
137 :
138 34 : spdm_test_context = libspdm_get_test_context();
139 34 : switch (spdm_test_context->case_id) {
140 0 : case 0x1:
141 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
142 :
143 1 : case 0x2: {
144 : spdm_psk_finish_response_t *spdm_response;
145 : size_t spdm_response_size;
146 : size_t transport_header_size;
147 : uint32_t session_id;
148 : libspdm_session_info_t *session_info;
149 : uint8_t *scratch_buffer;
150 : size_t scratch_buffer_size;
151 :
152 1 : session_id = 0xFFFFFFFF;
153 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
154 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
155 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
156 :
157 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
158 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
159 1 : spdm_response->header.param1 = 0;
160 1 : spdm_response->header.param2 = 0;
161 :
162 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
163 : * transport_message is always in sender buffer. */
164 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
165 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
166 : scratch_buffer_size - transport_header_size,
167 : spdm_response, spdm_response_size);
168 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
169 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
170 : false, false, spdm_response_size,
171 : spdm_response, response_size,
172 : response);
173 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
174 1 : if (session_info == NULL) {
175 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
176 : }
177 : /* WALKAROUND: If just use single context to encode message and then decode message */
178 : ((libspdm_secured_message_context_t
179 1 : *)(session_info->secured_message_context))
180 1 : ->handshake_secret.response_handshake_sequence_number--;
181 : }
182 1 : return LIBSPDM_STATUS_SUCCESS;
183 :
184 0 : case 0x3: {
185 : spdm_psk_finish_response_t *spdm_response;
186 : size_t spdm_response_size;
187 : size_t transport_header_size;
188 : uint32_t session_id;
189 : libspdm_session_info_t *session_info;
190 : uint8_t *scratch_buffer;
191 : size_t scratch_buffer_size;
192 :
193 0 : session_id = 0xFFFFFFFF;
194 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
195 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
196 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
197 :
198 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
199 0 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
200 0 : spdm_response->header.param1 = 0;
201 0 : spdm_response->header.param2 = 0;
202 :
203 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
204 : * transport_message is always in sender buffer. */
205 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
206 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
207 : scratch_buffer_size - transport_header_size,
208 : spdm_response, spdm_response_size);
209 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
210 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
211 : false, false, spdm_response_size,
212 : spdm_response, response_size,
213 : response);
214 0 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
215 0 : if (session_info == NULL) {
216 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
217 : }
218 : ((libspdm_secured_message_context_t
219 0 : *)(session_info->secured_message_context))
220 0 : ->handshake_secret.response_handshake_sequence_number--;
221 : }
222 0 : return LIBSPDM_STATUS_SUCCESS;
223 :
224 1 : case 0x4: {
225 : spdm_error_response_t *spdm_response;
226 : size_t spdm_response_size;
227 : size_t transport_header_size;
228 : uint32_t session_id;
229 : libspdm_session_info_t *session_info;
230 : uint8_t *scratch_buffer;
231 : size_t scratch_buffer_size;
232 :
233 1 : spdm_response_size = sizeof(spdm_error_response_t);
234 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
235 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
236 :
237 1 : session_id = 0xFFFFFFFF;
238 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
239 1 : spdm_response->header.request_response_code = SPDM_ERROR;
240 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
241 1 : spdm_response->header.param2 = 0;
242 :
243 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
244 : * transport_message is always in sender buffer. */
245 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
246 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
247 : scratch_buffer_size - transport_header_size,
248 : spdm_response, spdm_response_size);
249 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
250 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
251 : false, false,
252 : spdm_response_size,
253 : spdm_response,
254 : response_size, response);
255 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
256 1 : if (session_info == NULL) {
257 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
258 : }
259 : ((libspdm_secured_message_context_t
260 1 : *)(session_info->secured_message_context))
261 1 : ->handshake_secret.response_handshake_sequence_number--;
262 : }
263 1 : return LIBSPDM_STATUS_SUCCESS;
264 :
265 1 : case 0x5: {
266 : spdm_error_response_t *spdm_response;
267 : size_t spdm_response_size;
268 : size_t transport_header_size;
269 : uint32_t session_id;
270 : libspdm_session_info_t *session_info;
271 : uint8_t *scratch_buffer;
272 : size_t scratch_buffer_size;
273 :
274 1 : spdm_response_size = sizeof(spdm_error_response_t);
275 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
276 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
277 :
278 1 : session_id = 0xFFFFFFFF;
279 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
280 1 : spdm_response->header.request_response_code = SPDM_ERROR;
281 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
282 1 : spdm_response->header.param2 = 0;
283 :
284 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
285 : * transport_message is always in sender buffer. */
286 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
287 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
288 : scratch_buffer_size - transport_header_size,
289 : spdm_response, spdm_response_size);
290 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
291 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
292 : false, false,
293 : spdm_response_size,
294 : spdm_response,
295 : response_size, response);
296 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
297 1 : if (session_info == NULL) {
298 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
299 : }
300 : ((libspdm_secured_message_context_t
301 1 : *)(session_info->secured_message_context))
302 1 : ->handshake_secret.response_handshake_sequence_number--;
303 : }
304 1 : return LIBSPDM_STATUS_SUCCESS;
305 :
306 2 : case 0x6: {
307 : static size_t sub_index1 = 0;
308 2 : if (sub_index1 == 0) {
309 : spdm_error_response_t *spdm_response;
310 : size_t spdm_response_size;
311 : size_t transport_header_size;
312 : uint32_t session_id;
313 : libspdm_session_info_t *session_info;
314 : uint8_t *scratch_buffer;
315 : size_t scratch_buffer_size;
316 :
317 1 : spdm_response_size = sizeof(spdm_error_response_t);
318 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
319 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
320 :
321 1 : session_id = 0xFFFFFFFF;
322 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
323 1 : spdm_response->header.request_response_code = SPDM_ERROR;
324 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
325 1 : spdm_response->header.param2 = 0;
326 :
327 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
328 : * transport_message is always in sender buffer. */
329 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
330 : &scratch_buffer_size);
331 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
332 : scratch_buffer_size - transport_header_size,
333 : spdm_response, spdm_response_size);
334 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
335 1 : libspdm_transport_test_encode_message(
336 : spdm_context, &session_id, false, false,
337 : spdm_response_size, spdm_response,
338 : response_size, response);
339 1 : sub_index1++;
340 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
341 1 : if (session_info == NULL) {
342 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
343 : }
344 : ((libspdm_secured_message_context_t
345 1 : *)(session_info->secured_message_context))
346 : ->handshake_secret
347 1 : .response_handshake_sequence_number--;
348 1 : } else if (sub_index1 == 1) {
349 : spdm_psk_finish_response_t *spdm_response;
350 : size_t spdm_response_size;
351 : size_t transport_header_size;
352 : uint32_t session_id;
353 : libspdm_session_info_t *session_info;
354 : uint8_t *scratch_buffer;
355 : size_t scratch_buffer_size;
356 :
357 1 : session_id = 0xFFFFFFFF;
358 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
359 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
360 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
361 :
362 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
363 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
364 1 : spdm_response->header.param1 = 0;
365 1 : spdm_response->header.param2 = 0;
366 :
367 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
368 : * transport_message is always in sender buffer. */
369 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
370 : &scratch_buffer_size);
371 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
372 : scratch_buffer_size - transport_header_size,
373 : spdm_response, spdm_response_size);
374 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
375 1 : libspdm_transport_test_encode_message(
376 : spdm_context, &session_id, false, false,
377 : spdm_response_size, spdm_response, response_size,
378 : response);
379 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
380 1 : if (session_info == NULL) {
381 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
382 : }
383 : ((libspdm_secured_message_context_t
384 1 : *)(session_info->secured_message_context))
385 : ->handshake_secret
386 1 : .response_handshake_sequence_number--;
387 : }
388 : }
389 2 : return LIBSPDM_STATUS_SUCCESS;
390 :
391 1 : case 0x7: {
392 : spdm_error_response_t *spdm_response;
393 : size_t spdm_response_size;
394 : size_t transport_header_size;
395 : uint32_t session_id;
396 : libspdm_session_info_t *session_info;
397 : uint8_t *scratch_buffer;
398 : size_t scratch_buffer_size;
399 :
400 1 : spdm_response_size = sizeof(spdm_error_response_t);
401 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
402 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
403 :
404 1 : session_id = 0xFFFFFFFF;
405 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_10;
406 1 : spdm_response->header.request_response_code = SPDM_ERROR;
407 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
408 1 : spdm_response->header.param2 = 0;
409 :
410 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
411 : * transport_message is always in sender buffer. */
412 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
413 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
414 : scratch_buffer_size - transport_header_size,
415 : spdm_response, spdm_response_size);
416 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
417 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
418 : false, false,
419 : spdm_response_size,
420 : spdm_response,
421 : response_size, response);
422 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
423 1 : if (session_info == NULL) {
424 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
425 : }
426 : ((libspdm_secured_message_context_t
427 1 : *)(session_info->secured_message_context))
428 1 : ->handshake_secret.response_handshake_sequence_number--;
429 : }
430 1 : return LIBSPDM_STATUS_SUCCESS;
431 :
432 2 : case 0x8: {
433 : spdm_error_response_data_response_not_ready_t *spdm_response;
434 : size_t spdm_response_size;
435 : size_t transport_header_size;
436 : uint32_t session_id;
437 : libspdm_session_info_t *session_info;
438 : uint8_t *scratch_buffer;
439 : size_t scratch_buffer_size;
440 :
441 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
442 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
443 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
444 :
445 2 : session_id = 0xFFFFFFFF;
446 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
447 2 : spdm_response->header.request_response_code = SPDM_ERROR;
448 2 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
449 2 : spdm_response->header.param2 = 0;
450 2 : spdm_response->extend_error_data.rd_exponent = 1;
451 2 : spdm_response->extend_error_data.rd_tm = 2;
452 2 : spdm_response->extend_error_data.request_code = SPDM_PSK_FINISH;
453 2 : spdm_response->extend_error_data.token = 0;
454 :
455 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
456 : * transport_message is always in sender buffer. */
457 2 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
458 2 : libspdm_copy_mem (scratch_buffer + transport_header_size,
459 : scratch_buffer_size - transport_header_size,
460 : spdm_response, spdm_response_size);
461 2 : spdm_response = (void *)(scratch_buffer + transport_header_size);
462 2 : libspdm_transport_test_encode_message(spdm_context, &session_id,
463 : false, false,
464 : spdm_response_size,
465 : spdm_response,
466 : response_size, response);
467 2 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
468 2 : if (session_info == NULL) {
469 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
470 : }
471 : ((libspdm_secured_message_context_t
472 2 : *)(session_info->secured_message_context))
473 2 : ->handshake_secret.response_handshake_sequence_number--;
474 : }
475 2 : return LIBSPDM_STATUS_SUCCESS;
476 :
477 2 : case 0x9: {
478 : static size_t sub_index2 = 0;
479 2 : if (sub_index2 == 0) {
480 : spdm_error_response_data_response_not_ready_t
481 : *spdm_response;
482 : size_t spdm_response_size;
483 : size_t transport_header_size;
484 : uint32_t session_id;
485 : libspdm_session_info_t *session_info;
486 : uint8_t *scratch_buffer;
487 : size_t scratch_buffer_size;
488 :
489 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
490 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
491 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
492 :
493 1 : session_id = 0xFFFFFFFF;
494 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
495 1 : spdm_response->header.request_response_code = SPDM_ERROR;
496 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY;
497 1 : spdm_response->header.param2 = 0;
498 1 : spdm_response->extend_error_data.rd_exponent = 1;
499 1 : spdm_response->extend_error_data.rd_tm = 2;
500 1 : spdm_response->extend_error_data.request_code = SPDM_PSK_FINISH;
501 1 : spdm_response->extend_error_data.token = 1;
502 :
503 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
504 : * transport_message is always in sender buffer. */
505 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
506 : &scratch_buffer_size);
507 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
508 : scratch_buffer_size - transport_header_size,
509 : spdm_response, spdm_response_size);
510 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
511 1 : libspdm_transport_test_encode_message(
512 : spdm_context, &session_id, false, false,
513 : spdm_response_size, spdm_response,
514 : response_size, response);
515 1 : sub_index2++;
516 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
517 1 : if (session_info == NULL) {
518 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
519 : }
520 : ((libspdm_secured_message_context_t
521 1 : *)(session_info->secured_message_context))
522 : ->handshake_secret
523 1 : .response_handshake_sequence_number--;
524 1 : } else if (sub_index2 == 1) {
525 : spdm_psk_finish_response_t *spdm_response;
526 : size_t spdm_response_size;
527 : size_t transport_header_size;
528 : uint32_t session_id;
529 : libspdm_session_info_t *session_info;
530 : uint8_t *scratch_buffer;
531 : size_t scratch_buffer_size;
532 :
533 1 : session_id = 0xFFFFFFFF;
534 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
535 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
536 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
537 :
538 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
539 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
540 1 : spdm_response->header.param1 = 0;
541 1 : spdm_response->header.param2 = 0;
542 :
543 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
544 : * transport_message is always in sender buffer. */
545 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
546 : &scratch_buffer_size);
547 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
548 : scratch_buffer_size - transport_header_size,
549 : spdm_response, spdm_response_size);
550 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
551 1 : libspdm_transport_test_encode_message(
552 : spdm_context, &session_id, false, false,
553 : spdm_response_size, spdm_response, response_size,
554 : response);
555 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
556 1 : if (session_info == NULL) {
557 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
558 : }
559 : ((libspdm_secured_message_context_t
560 1 : *)(session_info->secured_message_context))
561 : ->handshake_secret
562 1 : .response_handshake_sequence_number--;
563 : }
564 : }
565 2 : return LIBSPDM_STATUS_SUCCESS;
566 :
567 18 : case 0xA:
568 : {
569 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
570 :
571 : spdm_error_response_t *spdm_response;
572 : size_t spdm_response_size;
573 : size_t transport_header_size;
574 : uint32_t session_id;
575 : libspdm_session_info_t *session_info;
576 : uint8_t *scratch_buffer;
577 : size_t scratch_buffer_size;
578 :
579 18 : session_id = 0xFFFFFFFF;
580 :
581 18 : spdm_response_size = sizeof(spdm_error_response_t);
582 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
583 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
584 :
585 18 : if(error_code <= 0xff) {
586 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
587 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
588 18 : spdm_response->header.request_response_code = SPDM_ERROR;
589 18 : spdm_response->header.param1 = (uint8_t) error_code;
590 18 : spdm_response->header.param2 = 0;
591 :
592 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
593 : * transport_message is always in sender buffer. */
594 18 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
595 : &scratch_buffer_size);
596 18 : libspdm_copy_mem (scratch_buffer + transport_header_size,
597 : scratch_buffer_size - transport_header_size,
598 : spdm_response, spdm_response_size);
599 18 : spdm_response = (void *)(scratch_buffer + transport_header_size);
600 18 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
601 : spdm_response_size, spdm_response,
602 : response_size, response);
603 18 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
604 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
605 18 : handshake_secret.response_handshake_sequence_number--;
606 : }
607 :
608 18 : error_code++;
609 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
610 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
611 : }
612 : /* skip some reserved error codes (0d to 3e) */
613 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
614 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
615 : }
616 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
617 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
618 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
619 : }
620 : }
621 18 : return LIBSPDM_STATUS_SUCCESS;
622 1 : case 0xB: {
623 : spdm_psk_finish_response_t *spdm_response;
624 : size_t spdm_response_size;
625 : size_t transport_header_size;
626 : uint32_t session_id;
627 : libspdm_session_info_t *session_info;
628 : uint8_t *scratch_buffer;
629 : size_t scratch_buffer_size;
630 :
631 1 : session_id = 0xFFFFFFFF;
632 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
633 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
634 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
635 :
636 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
637 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
638 1 : spdm_response->header.param1 = 0;
639 1 : spdm_response->header.param2 = 0;
640 :
641 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
642 : * transport_message is always in sender buffer. */
643 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
644 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
645 : scratch_buffer_size - transport_header_size,
646 : spdm_response, spdm_response_size);
647 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
648 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
649 : false, false, spdm_response_size,
650 : spdm_response, response_size,
651 : response);
652 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
653 1 : if (session_info == NULL) {
654 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
655 : }
656 : /* WALKAROUND: If just use single context to encode message and then decode message */
657 : ((libspdm_secured_message_context_t
658 1 : *)(session_info->secured_message_context))
659 1 : ->handshake_secret.response_handshake_sequence_number--;
660 : }
661 1 : return LIBSPDM_STATUS_SUCCESS;
662 :
663 0 : case 0xC: {
664 : spdm_psk_finish_response_t *spdm_response;
665 : size_t spdm_response_size;
666 : size_t transport_header_size;
667 : uint32_t session_id;
668 : libspdm_session_info_t *session_info;
669 : uint8_t *scratch_buffer;
670 : size_t scratch_buffer_size;
671 :
672 0 : session_id = 0xFFFFFFFF;
673 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
674 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
675 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
676 :
677 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
678 0 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
679 0 : spdm_response->header.param1 = 0;
680 0 : spdm_response->header.param2 = 0;
681 :
682 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
683 : * transport_message is always in sender buffer. */
684 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
685 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
686 : scratch_buffer_size - transport_header_size,
687 : spdm_response, spdm_response_size);
688 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
689 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
690 : false, false, spdm_response_size,
691 : spdm_response, response_size,
692 : response);
693 0 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
694 0 : if (session_info == NULL) {
695 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
696 : }
697 : /* WALKAROUND: If just use single context to encode message and then decode message */
698 : ((libspdm_secured_message_context_t
699 0 : *)(session_info->secured_message_context))
700 0 : ->handshake_secret.response_handshake_sequence_number--;
701 : }
702 0 : return LIBSPDM_STATUS_SUCCESS;
703 :
704 1 : case 0xD: {
705 : spdm_psk_finish_response_t *spdm_response;
706 : size_t spdm_response_size;
707 : size_t transport_header_size;
708 : uint32_t session_id;
709 : libspdm_session_info_t *session_info;
710 : uint8_t *scratch_buffer;
711 : size_t scratch_buffer_size;
712 :
713 1 : session_id = 0xFFFFFFFF;
714 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
715 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
716 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
717 :
718 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
719 1 : spdm_response->header.request_response_code =
720 : SPDM_FINISH_RSP; /*wrong response code*/
721 1 : spdm_response->header.param1 = 0;
722 1 : spdm_response->header.param2 = 0;
723 :
724 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
725 : * transport_message is always in sender buffer. */
726 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
727 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
728 : scratch_buffer_size - transport_header_size,
729 : spdm_response, spdm_response_size);
730 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
731 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
732 : false, false, spdm_response_size,
733 : spdm_response, response_size,
734 : response);
735 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
736 1 : if (session_info == NULL) {
737 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
738 : }
739 : /* WALKAROUND: If just use single context to encode message and then decode message */
740 : ((libspdm_secured_message_context_t
741 1 : *)(session_info->secured_message_context))
742 1 : ->handshake_secret.response_handshake_sequence_number--;
743 : }
744 1 : return LIBSPDM_STATUS_SUCCESS;
745 :
746 0 : case 0xE: {
747 : spdm_psk_finish_response_t *spdm_response;
748 : size_t spdm_response_size;
749 : size_t transport_header_size;
750 : uint32_t session_id;
751 : libspdm_session_info_t *session_info;
752 : uint8_t *scratch_buffer;
753 : size_t scratch_buffer_size;
754 :
755 0 : session_id = 0xFFFFFFFF;
756 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
757 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
758 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
759 :
760 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
761 0 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
762 0 : spdm_response->header.param1 = 0;
763 0 : spdm_response->header.param2 = 0;
764 :
765 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
766 : * transport_message is always in sender buffer. */
767 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
768 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
769 : scratch_buffer_size - transport_header_size,
770 : spdm_response, spdm_response_size);
771 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
772 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
773 : false, false, spdm_response_size,
774 : spdm_response, response_size,
775 : response);
776 0 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
777 0 : if (session_info == NULL) {
778 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
779 : }
780 : /* WALKAROUND: If just use single context to encode message and then decode message */
781 : ((libspdm_secured_message_context_t
782 0 : *)(session_info->secured_message_context))
783 0 : ->handshake_secret.response_handshake_sequence_number--;
784 : }
785 0 : return LIBSPDM_STATUS_SUCCESS;
786 :
787 1 : case 0xF: {
788 : spdm_error_response_t *spdm_response;
789 : size_t spdm_response_size;
790 : size_t transport_header_size;
791 : uint32_t session_id;
792 : libspdm_session_info_t *session_info;
793 : uint8_t *scratch_buffer;
794 : size_t scratch_buffer_size;
795 :
796 1 : session_id = 0xFFFFFFFF;
797 :
798 1 : spdm_response_size = sizeof(spdm_error_response_t);
799 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
800 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
801 :
802 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
803 1 : spdm_response->header.request_response_code = SPDM_ERROR;
804 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
805 1 : spdm_response->header.param2 = 0;
806 :
807 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
808 : * transport_message is always in sender buffer. */
809 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
810 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
811 : scratch_buffer_size - transport_header_size,
812 : spdm_response, spdm_response_size);
813 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
814 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
815 : false, false,
816 : spdm_response_size,
817 : spdm_response,
818 : response_size, response);
819 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
820 1 : if (session_info == NULL) {
821 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
822 : }
823 : ((libspdm_secured_message_context_t
824 1 : *)(session_info->secured_message_context))
825 1 : ->handshake_secret.response_handshake_sequence_number--;
826 : }
827 1 : return LIBSPDM_STATUS_SUCCESS;
828 :
829 1 : case 0x10: {
830 : spdm_psk_finish_response_t *spdm_response;
831 : size_t spdm_response_size;
832 : size_t transport_header_size;
833 : uint32_t session_id;
834 : libspdm_session_info_t *session_info;
835 : uint8_t *scratch_buffer;
836 : size_t scratch_buffer_size;
837 :
838 1 : session_id = 0xFFFFFFFF;
839 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
840 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
841 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
842 :
843 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
844 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
845 1 : spdm_response->header.param1 = 0;
846 1 : spdm_response->header.param2 = 0;
847 :
848 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
849 : * transport_message is always in sender buffer. */
850 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
851 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
852 : scratch_buffer_size - transport_header_size,
853 : spdm_response, spdm_response_size);
854 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
855 :
856 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
857 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
858 : spdm_response, spdm_response_size);
859 1 : m_libspdm_local_buffer_size += spdm_response_size;
860 :
861 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
862 : false, false, spdm_response_size,
863 : spdm_response, response_size,
864 : response);
865 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
866 1 : if (session_info == NULL) {
867 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
868 : }
869 : /* WALKAROUND: If just use single context to encode message and then decode message */
870 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
871 1 : ->handshake_secret.response_handshake_sequence_number--;
872 : }
873 1 : return LIBSPDM_STATUS_SUCCESS;
874 :
875 1 : case 0x11: {
876 : spdm_psk_finish_response_t *spdm_response;
877 : size_t spdm_response_size;
878 : size_t transport_header_size;
879 : uint32_t session_id;
880 : libspdm_session_info_t *session_info;
881 : uint8_t *scratch_buffer;
882 : size_t scratch_buffer_size;
883 : uint16_t opaque_data_size;
884 : uint8_t *ptr;
885 :
886 1 : session_id = 0xFFFFFFFF;
887 1 : opaque_data_size = 8;
888 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t) + sizeof(uint16_t) + opaque_data_size;
889 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
890 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
891 :
892 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_14;
893 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
894 1 : spdm_response->header.param1 = 0;
895 1 : spdm_response->header.param2 = 0;
896 1 : ptr = (uint8_t *)spdm_response + sizeof(spdm_psk_finish_response_t);
897 1 : libspdm_write_uint16(ptr, opaque_data_size);
898 :
899 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
900 : * transport_message is always in sender buffer. */
901 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
902 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
903 : scratch_buffer_size - transport_header_size,
904 : spdm_response, spdm_response_size);
905 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
906 :
907 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
908 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
909 : spdm_response, spdm_response_size);
910 1 : m_libspdm_local_buffer_size += spdm_response_size;
911 :
912 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
913 : false, false, spdm_response_size,
914 : spdm_response, response_size,
915 : response);
916 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
917 1 : if (session_info == NULL) {
918 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
919 : }
920 : /* WALKAROUND: If just use single context to encode message and then decode message */
921 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
922 1 : ->handshake_secret.response_handshake_sequence_number--;
923 : }
924 1 : return LIBSPDM_STATUS_SUCCESS;
925 :
926 1 : case 0x12: {
927 : spdm_psk_finish_response_t *spdm_response;
928 : size_t spdm_response_size;
929 : size_t transport_header_size;
930 : uint32_t session_id;
931 : libspdm_session_info_t *session_info;
932 : uint8_t *scratch_buffer;
933 : size_t scratch_buffer_size;
934 : uint16_t opaque_data_size;
935 : uint8_t *ptr;
936 :
937 1 : session_id = 0xFFFFFFFF;
938 1 : opaque_data_size = SPDM_MAX_OPAQUE_DATA_SIZE + 1;
939 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t) + sizeof(uint16_t);
940 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
941 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
942 :
943 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_14;
944 1 : spdm_response->header.request_response_code = SPDM_PSK_FINISH_RSP;
945 1 : spdm_response->header.param1 = 0;
946 1 : spdm_response->header.param2 = 0;
947 1 : ptr = (uint8_t *)spdm_response + sizeof(spdm_psk_finish_response_t);
948 1 : libspdm_write_uint16(ptr, opaque_data_size);
949 :
950 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
951 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
952 : scratch_buffer_size - transport_header_size,
953 : spdm_response, spdm_response_size);
954 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
955 :
956 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
957 : false, false, spdm_response_size,
958 : spdm_response, response_size,
959 : response);
960 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
961 1 : if (session_info == NULL) {
962 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
963 : }
964 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
965 1 : ->handshake_secret.response_handshake_sequence_number--;
966 : }
967 1 : return LIBSPDM_STATUS_SUCCESS;
968 :
969 0 : default:
970 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
971 : }
972 : }
973 :
974 : /**
975 : * Test 1: when no PSK_FINISH_RSP message is received, and the client returns
976 : * a device error.
977 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
978 : **/
979 1 : static void req_psk_finish_case1(void **state)
980 : {
981 : libspdm_return_t status;
982 : libspdm_test_context_t *spdm_test_context;
983 : libspdm_context_t *spdm_context;
984 : uint32_t session_id;
985 : void *data;
986 : size_t data_size;
987 : void *hash;
988 : size_t hash_size;
989 : libspdm_session_info_t *session_info;
990 :
991 1 : spdm_test_context = *state;
992 1 : spdm_context = spdm_test_context->spdm_context;
993 1 : spdm_test_context->case_id = 0x1;
994 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
995 : SPDM_VERSION_NUMBER_SHIFT_BIT;
996 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
997 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
998 1 : spdm_context->connection_info.capability.flags |=
999 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1000 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1001 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1002 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1003 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1004 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1005 : m_libspdm_use_asym_algo, &data,
1006 : &data_size, &hash, &hash_size)) {
1007 0 : assert(false);
1008 : }
1009 1 : libspdm_reset_message_a(spdm_context);
1010 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1011 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1012 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1013 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1014 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1015 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1016 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1017 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1018 : data, data_size);
1019 : #endif
1020 :
1021 1 : session_id = 0xFFFFFFFF;
1022 1 : session_info = &spdm_context->session_info[0];
1023 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1024 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1025 1 : libspdm_session_info_set_psk_hint(session_info,
1026 : LIBSPDM_TEST_PSK_HINT_STRING,
1027 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1028 1 : libspdm_secured_message_set_session_state(
1029 : session_info->secured_message_context,
1030 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1031 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1032 :
1033 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1034 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
1035 1 : free(data);
1036 1 : }
1037 :
1038 : /**
1039 : * Test 2: receiving a correct PSK_FINISH_RSP message.
1040 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and
1041 : * session is established.
1042 : **/
1043 1 : static void req_psk_finish_case2(void **state)
1044 : {
1045 : libspdm_return_t status;
1046 : libspdm_test_context_t *spdm_test_context;
1047 : libspdm_context_t *spdm_context;
1048 : uint32_t session_id;
1049 : void *data;
1050 : size_t data_size;
1051 : void *hash;
1052 : size_t hash_size;
1053 : libspdm_session_info_t *session_info;
1054 :
1055 1 : spdm_test_context = *state;
1056 1 : spdm_context = spdm_test_context->spdm_context;
1057 1 : spdm_test_context->case_id = 0x2;
1058 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1059 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1060 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1061 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1062 1 : spdm_context->connection_info.capability.flags |=
1063 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1064 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1065 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1066 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1067 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1068 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1069 : m_libspdm_use_asym_algo, &data,
1070 : &data_size, &hash, &hash_size)) {
1071 0 : assert(false);
1072 : }
1073 1 : libspdm_reset_message_a(spdm_context);
1074 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1075 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1076 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1077 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1078 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1079 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1080 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1081 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1082 : data, data_size);
1083 : #endif
1084 :
1085 1 : session_id = 0xFFFFFFFF;
1086 1 : session_info = &spdm_context->session_info[0];
1087 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1088 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1089 1 : libspdm_session_info_set_psk_hint(session_info,
1090 : LIBSPDM_TEST_PSK_HINT_STRING,
1091 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1092 1 : libspdm_secured_message_set_session_state(
1093 : session_info->secured_message_context,
1094 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1095 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1096 : ((libspdm_secured_message_context_t
1097 1 : *)(session_info->secured_message_context))
1098 : ->aead_key_size,
1099 : (uint8_t)(0xFF));
1100 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1101 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1102 : ((libspdm_secured_message_context_t
1103 1 : *)(session_info->secured_message_context))
1104 : ->aead_key_size);
1105 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1106 : ((libspdm_secured_message_context_t
1107 1 : *)(session_info->secured_message_context))
1108 : ->aead_iv_size,
1109 : (uint8_t)(0xFF));
1110 1 : libspdm_secured_message_set_response_handshake_salt(
1111 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1112 : ((libspdm_secured_message_context_t
1113 1 : *)(session_info->secured_message_context))
1114 : ->aead_iv_size);
1115 : ((libspdm_secured_message_context_t *)(session_info
1116 1 : ->secured_message_context))
1117 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1118 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1119 :
1120 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1121 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1122 1 : assert_int_equal(
1123 : libspdm_secured_message_get_session_state(
1124 : spdm_context->session_info[0].secured_message_context),
1125 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1126 1 : free(data);
1127 1 : }
1128 :
1129 : /**
1130 : * Test 3: requester state has not been negotiated, as if GET_VERSION,
1131 : * GET_CAPABILITIES and NEGOTIATE_ALGORITHMS had not been exchanged.
1132 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1133 : **/
1134 1 : static void req_psk_finish_case3(void **state)
1135 : {
1136 : libspdm_return_t status;
1137 : libspdm_test_context_t *spdm_test_context;
1138 : libspdm_context_t *spdm_context;
1139 : uint32_t session_id;
1140 : void *data;
1141 : size_t data_size;
1142 : void *hash;
1143 : size_t hash_size;
1144 : libspdm_session_info_t *session_info;
1145 :
1146 1 : spdm_test_context = *state;
1147 1 : spdm_context = spdm_test_context->spdm_context;
1148 1 : spdm_test_context->case_id = 0x3;
1149 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1150 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1151 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
1152 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1153 1 : spdm_context->connection_info.capability.flags |=
1154 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1155 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1156 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1157 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1158 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1159 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1160 : m_libspdm_use_asym_algo, &data,
1161 : &data_size, &hash, &hash_size)) {
1162 0 : assert(false);
1163 : }
1164 1 : libspdm_reset_message_a(spdm_context);
1165 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1166 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1167 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1168 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1169 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1170 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1171 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1172 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1173 : data, data_size);
1174 : #endif
1175 :
1176 1 : session_id = 0xFFFFFFFF;
1177 1 : session_info = &spdm_context->session_info[0];
1178 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1179 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1180 1 : libspdm_session_info_set_psk_hint(session_info,
1181 : LIBSPDM_TEST_PSK_HINT_STRING,
1182 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1183 1 : libspdm_secured_message_set_session_state(
1184 : session_info->secured_message_context,
1185 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1186 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1187 : ((libspdm_secured_message_context_t
1188 1 : *)(session_info->secured_message_context))
1189 : ->aead_key_size,
1190 : (uint8_t)(0xFF));
1191 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1192 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1193 : ((libspdm_secured_message_context_t
1194 1 : *)(session_info->secured_message_context))
1195 : ->aead_key_size);
1196 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1197 : ((libspdm_secured_message_context_t
1198 1 : *)(session_info->secured_message_context))
1199 : ->aead_iv_size,
1200 : (uint8_t)(0xFF));
1201 1 : libspdm_secured_message_set_response_handshake_salt(
1202 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1203 : ((libspdm_secured_message_context_t
1204 1 : *)(session_info->secured_message_context))
1205 : ->aead_iv_size);
1206 : ((libspdm_secured_message_context_t *)(session_info
1207 1 : ->secured_message_context))
1208 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1209 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1210 :
1211 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1212 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
1213 1 : free(data);
1214 1 : }
1215 :
1216 : /**
1217 : * Test 4: the requester is setup correctly, but receives an ERROR message
1218 : * indicating InvalidParameters.
1219 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1220 : **/
1221 1 : static void req_psk_finish_case4(void **state)
1222 : {
1223 : libspdm_return_t status;
1224 : libspdm_test_context_t *spdm_test_context;
1225 : libspdm_context_t *spdm_context;
1226 : uint32_t session_id;
1227 : void *data;
1228 : size_t data_size;
1229 : void *hash;
1230 : size_t hash_size;
1231 : libspdm_session_info_t *session_info;
1232 :
1233 1 : spdm_test_context = *state;
1234 1 : spdm_context = spdm_test_context->spdm_context;
1235 1 : spdm_test_context->case_id = 0x4;
1236 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1237 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1238 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1239 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1240 1 : spdm_context->connection_info.capability.flags |=
1241 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1242 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1243 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1244 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1245 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1246 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1247 : m_libspdm_use_asym_algo, &data,
1248 : &data_size, &hash, &hash_size)) {
1249 0 : assert(false);
1250 : }
1251 1 : libspdm_reset_message_a(spdm_context);
1252 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1253 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1254 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1255 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1256 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1257 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1258 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1259 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1260 : data, data_size);
1261 : #endif
1262 :
1263 1 : session_id = 0xFFFFFFFF;
1264 1 : session_info = &spdm_context->session_info[0];
1265 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1266 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1267 1 : libspdm_session_info_set_psk_hint(session_info,
1268 : LIBSPDM_TEST_PSK_HINT_STRING,
1269 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1270 1 : libspdm_secured_message_set_session_state(
1271 : session_info->secured_message_context,
1272 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1273 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1274 : ((libspdm_secured_message_context_t
1275 1 : *)(session_info->secured_message_context))
1276 : ->aead_key_size,
1277 : (uint8_t)(0xFF));
1278 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1279 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1280 : ((libspdm_secured_message_context_t
1281 1 : *)(session_info->secured_message_context))
1282 : ->aead_key_size);
1283 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1284 : ((libspdm_secured_message_context_t
1285 1 : *)(session_info->secured_message_context))
1286 : ->aead_iv_size,
1287 : (uint8_t)(0xFF));
1288 1 : libspdm_secured_message_set_response_handshake_salt(
1289 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1290 : ((libspdm_secured_message_context_t
1291 1 : *)(session_info->secured_message_context))
1292 : ->aead_iv_size);
1293 : ((libspdm_secured_message_context_t *)(session_info
1294 1 : ->secured_message_context))
1295 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1296 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1297 :
1298 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1299 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1300 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1301 1 : free(data);
1302 1 : }
1303 :
1304 : /**
1305 : * Test 5: the requester is setup correctly, but receives an ERROR message
1306 : * indicating the Busy status of the responder.
1307 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1308 : **/
1309 1 : static void req_psk_finish_case5(void **state)
1310 : {
1311 : libspdm_return_t status;
1312 : libspdm_test_context_t *spdm_test_context;
1313 : libspdm_context_t *spdm_context;
1314 : uint32_t session_id;
1315 : void *data;
1316 : size_t data_size;
1317 : void *hash;
1318 : size_t hash_size;
1319 : libspdm_session_info_t *session_info;
1320 :
1321 1 : spdm_test_context = *state;
1322 1 : spdm_context = spdm_test_context->spdm_context;
1323 1 : spdm_test_context->case_id = 0x5;
1324 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1325 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1326 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1327 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1328 1 : spdm_context->connection_info.capability.flags |=
1329 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1330 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1331 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1332 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1333 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1334 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1335 : m_libspdm_use_asym_algo, &data,
1336 : &data_size, &hash, &hash_size)) {
1337 0 : assert(false);
1338 : }
1339 1 : libspdm_reset_message_a(spdm_context);
1340 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1341 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1342 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1343 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1344 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1345 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1346 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1347 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1348 : data, data_size);
1349 : #endif
1350 :
1351 1 : session_id = 0xFFFFFFFF;
1352 1 : session_info = &spdm_context->session_info[0];
1353 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1354 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1355 1 : libspdm_session_info_set_psk_hint(session_info,
1356 : LIBSPDM_TEST_PSK_HINT_STRING,
1357 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1358 1 : libspdm_secured_message_set_session_state(
1359 : session_info->secured_message_context,
1360 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1361 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1362 : ((libspdm_secured_message_context_t
1363 1 : *)(session_info->secured_message_context))
1364 : ->aead_key_size,
1365 : (uint8_t)(0xFF));
1366 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1367 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1368 : ((libspdm_secured_message_context_t
1369 1 : *)(session_info->secured_message_context))
1370 : ->aead_key_size);
1371 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1372 : ((libspdm_secured_message_context_t
1373 1 : *)(session_info->secured_message_context))
1374 : ->aead_iv_size,
1375 : (uint8_t)(0xFF));
1376 1 : libspdm_secured_message_set_response_handshake_salt(
1377 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1378 : ((libspdm_secured_message_context_t
1379 1 : *)(session_info->secured_message_context))
1380 : ->aead_iv_size);
1381 : ((libspdm_secured_message_context_t *)(session_info
1382 1 : ->secured_message_context))
1383 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1384 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1385 :
1386 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1387 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
1388 1 : free(data);
1389 1 : }
1390 :
1391 : /**
1392 : * Test 6: the requester is setup correctly, but, on the first try, receiving
1393 : * a Busy ERROR message, and, on retry, receiving a correct PSK_FINISH_RSP
1394 : * message.
1395 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and session
1396 : * is established.
1397 : **/
1398 1 : static void req_psk_finish_case6(void **state)
1399 : {
1400 : libspdm_return_t status;
1401 : libspdm_test_context_t *spdm_test_context;
1402 : libspdm_context_t *spdm_context;
1403 : uint32_t session_id;
1404 : void *data;
1405 : size_t data_size;
1406 : void *hash;
1407 : size_t hash_size;
1408 : libspdm_session_info_t *session_info;
1409 :
1410 1 : spdm_test_context = *state;
1411 1 : spdm_context = spdm_test_context->spdm_context;
1412 1 : spdm_test_context->case_id = 0x6;
1413 1 : spdm_context->retry_times = 3;
1414 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1415 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1416 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1417 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1418 1 : spdm_context->connection_info.capability.flags |=
1419 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1420 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1421 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1422 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1423 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1424 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1425 : m_libspdm_use_asym_algo, &data,
1426 : &data_size, &hash, &hash_size)) {
1427 0 : assert(false);
1428 : }
1429 1 : libspdm_reset_message_a(spdm_context);
1430 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1431 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1432 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1433 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1434 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1435 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1436 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1437 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1438 : data, data_size);
1439 : #endif
1440 :
1441 1 : session_id = 0xFFFFFFFF;
1442 1 : session_info = &spdm_context->session_info[0];
1443 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1444 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1445 1 : libspdm_session_info_set_psk_hint(session_info,
1446 : LIBSPDM_TEST_PSK_HINT_STRING,
1447 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1448 1 : libspdm_secured_message_set_session_state(
1449 : session_info->secured_message_context,
1450 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1451 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1452 : ((libspdm_secured_message_context_t
1453 1 : *)(session_info->secured_message_context))
1454 : ->aead_key_size,
1455 : (uint8_t)(0xFF));
1456 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1457 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1458 : ((libspdm_secured_message_context_t
1459 1 : *)(session_info->secured_message_context))
1460 : ->aead_key_size);
1461 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1462 : ((libspdm_secured_message_context_t
1463 1 : *)(session_info->secured_message_context))
1464 : ->aead_iv_size,
1465 : (uint8_t)(0xFF));
1466 1 : libspdm_secured_message_set_response_handshake_salt(
1467 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1468 : ((libspdm_secured_message_context_t
1469 1 : *)(session_info->secured_message_context))
1470 : ->aead_iv_size);
1471 : ((libspdm_secured_message_context_t *)(session_info
1472 1 : ->secured_message_context))
1473 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1474 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1475 :
1476 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1477 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1478 1 : assert_int_equal(
1479 : libspdm_secured_message_get_session_state(
1480 : spdm_context->session_info[0].secured_message_context),
1481 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1482 1 : free(data);
1483 1 : }
1484 :
1485 : /**
1486 : * Test 7: the requester is setup correctly, but receives an ERROR message
1487 : * indicating the RequestResynch status of the responder.
1488 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the
1489 : * communication is reset to expect a new GET_VERSION message.
1490 : **/
1491 1 : static void req_psk_finish_case7(void **state)
1492 : {
1493 : libspdm_return_t status;
1494 : libspdm_test_context_t *spdm_test_context;
1495 : libspdm_context_t *spdm_context;
1496 : uint32_t session_id;
1497 : void *data;
1498 : size_t data_size;
1499 : void *hash;
1500 : size_t hash_size;
1501 : libspdm_session_info_t *session_info;
1502 :
1503 1 : spdm_test_context = *state;
1504 1 : spdm_context = spdm_test_context->spdm_context;
1505 1 : spdm_test_context->case_id = 0x7;
1506 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1507 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1508 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1509 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1510 1 : spdm_context->connection_info.capability.flags |=
1511 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1512 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1513 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1514 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1515 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1516 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1517 : m_libspdm_use_asym_algo, &data,
1518 : &data_size, &hash, &hash_size)) {
1519 0 : assert(false);
1520 : }
1521 1 : libspdm_reset_message_a(spdm_context);
1522 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1523 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1524 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1525 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1526 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1527 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1528 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1529 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1530 : data, data_size);
1531 : #endif
1532 :
1533 1 : session_id = 0xFFFFFFFF;
1534 1 : session_info = &spdm_context->session_info[0];
1535 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1536 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1537 1 : libspdm_session_info_set_psk_hint(session_info,
1538 : LIBSPDM_TEST_PSK_HINT_STRING,
1539 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1540 1 : libspdm_secured_message_set_session_state(
1541 : session_info->secured_message_context,
1542 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1543 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1544 : ((libspdm_secured_message_context_t
1545 1 : *)(session_info->secured_message_context))
1546 : ->aead_key_size,
1547 : (uint8_t)(0xFF));
1548 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1549 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1550 : ((libspdm_secured_message_context_t
1551 1 : *)(session_info->secured_message_context))
1552 : ->aead_key_size);
1553 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1554 : ((libspdm_secured_message_context_t
1555 1 : *)(session_info->secured_message_context))
1556 : ->aead_iv_size,
1557 : (uint8_t)(0xFF));
1558 1 : libspdm_secured_message_set_response_handshake_salt(
1559 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1560 : ((libspdm_secured_message_context_t
1561 1 : *)(session_info->secured_message_context))
1562 : ->aead_iv_size);
1563 : ((libspdm_secured_message_context_t *)(session_info
1564 1 : ->secured_message_context))
1565 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1566 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1567 :
1568 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1569 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
1570 1 : assert_int_equal(spdm_context->connection_info.connection_state,
1571 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
1572 1 : free(data);
1573 1 : }
1574 :
1575 : /**
1576 : * Test 8: the requester is setup correctly, but receives an ERROR message
1577 : * indicating the ResponseNotReady status of the responder.
1578 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1579 : **/
1580 1 : static void req_psk_finish_case8(void **state)
1581 : {
1582 : libspdm_return_t status;
1583 : libspdm_test_context_t *spdm_test_context;
1584 : libspdm_context_t *spdm_context;
1585 : uint32_t session_id;
1586 : void *data;
1587 : size_t data_size;
1588 : void *hash;
1589 : size_t hash_size;
1590 : libspdm_session_info_t *session_info;
1591 :
1592 1 : spdm_test_context = *state;
1593 1 : spdm_context = spdm_test_context->spdm_context;
1594 1 : spdm_test_context->case_id = 0x8;
1595 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1596 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1597 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1598 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1599 1 : spdm_context->connection_info.capability.flags |=
1600 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1601 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1602 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1603 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1604 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1605 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1606 : m_libspdm_use_asym_algo, &data,
1607 : &data_size, &hash, &hash_size)) {
1608 0 : assert(false);
1609 : }
1610 1 : libspdm_reset_message_a(spdm_context);
1611 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1612 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1613 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1614 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1615 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1616 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1617 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1618 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1619 : data, data_size);
1620 : #endif
1621 :
1622 1 : session_id = 0xFFFFFFFF;
1623 1 : session_info = &spdm_context->session_info[0];
1624 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1625 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1626 1 : libspdm_session_info_set_psk_hint(session_info,
1627 : LIBSPDM_TEST_PSK_HINT_STRING,
1628 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1629 1 : libspdm_secured_message_set_session_state(
1630 : session_info->secured_message_context,
1631 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1632 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1633 : ((libspdm_secured_message_context_t
1634 1 : *)(session_info->secured_message_context))
1635 : ->aead_key_size,
1636 : (uint8_t)(0xFF));
1637 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1638 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1639 : ((libspdm_secured_message_context_t
1640 1 : *)(session_info->secured_message_context))
1641 : ->aead_key_size);
1642 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1643 : ((libspdm_secured_message_context_t
1644 1 : *)(session_info->secured_message_context))
1645 : ->aead_iv_size,
1646 : (uint8_t)(0xFF));
1647 1 : libspdm_secured_message_set_response_handshake_salt(
1648 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1649 : ((libspdm_secured_message_context_t
1650 1 : *)(session_info->secured_message_context))
1651 : ->aead_iv_size);
1652 : ((libspdm_secured_message_context_t *)(session_info
1653 1 : ->secured_message_context))
1654 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1655 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1656 :
1657 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1658 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1659 1 : free(data);
1660 1 : }
1661 :
1662 : /**
1663 : * Test 9: the requester is setup correctly, but, on the first try, receiving
1664 : * a ResponseNotReady ERROR message, and, on retry, receiving a correct
1665 : * PSK_FINISH_RSP message.
1666 : * Expected behavior: client returns a Status of LIBSPDM_STATUS_SUCCESS and session
1667 : * is established.
1668 : **/
1669 1 : static void req_psk_finish_case9(void **state)
1670 : {
1671 : libspdm_return_t status;
1672 : libspdm_test_context_t *spdm_test_context;
1673 : libspdm_context_t *spdm_context;
1674 : uint32_t session_id;
1675 : void *data;
1676 : size_t data_size;
1677 : void *hash;
1678 : size_t hash_size;
1679 : libspdm_session_info_t *session_info;
1680 :
1681 1 : spdm_test_context = *state;
1682 1 : spdm_context = spdm_test_context->spdm_context;
1683 1 : spdm_test_context->case_id = 0x9;
1684 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1685 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1686 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1687 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1688 1 : spdm_context->connection_info.capability.flags |=
1689 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1690 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1691 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1692 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1693 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1694 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1695 : m_libspdm_use_asym_algo, &data,
1696 : &data_size, &hash, &hash_size)) {
1697 0 : assert(false);
1698 : }
1699 1 : libspdm_reset_message_a(spdm_context);
1700 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1701 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1702 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1703 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1704 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1705 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1706 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1707 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1708 : data, data_size);
1709 : #endif
1710 :
1711 1 : session_id = 0xFFFFFFFF;
1712 1 : session_info = &spdm_context->session_info[0];
1713 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1714 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1715 1 : libspdm_session_info_set_psk_hint(session_info,
1716 : LIBSPDM_TEST_PSK_HINT_STRING,
1717 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1718 1 : libspdm_secured_message_set_session_state(
1719 : session_info->secured_message_context,
1720 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1721 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1722 : ((libspdm_secured_message_context_t
1723 1 : *)(session_info->secured_message_context))
1724 : ->aead_key_size,
1725 : (uint8_t)(0xFF));
1726 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1727 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1728 : ((libspdm_secured_message_context_t
1729 1 : *)(session_info->secured_message_context))
1730 : ->aead_key_size);
1731 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1732 : ((libspdm_secured_message_context_t
1733 1 : *)(session_info->secured_message_context))
1734 : ->aead_iv_size,
1735 : (uint8_t)(0xFF));
1736 1 : libspdm_secured_message_set_response_handshake_salt(
1737 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1738 : ((libspdm_secured_message_context_t
1739 1 : *)(session_info->secured_message_context))
1740 : ->aead_iv_size);
1741 : ((libspdm_secured_message_context_t *)(session_info
1742 1 : ->secured_message_context))
1743 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1744 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1745 :
1746 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1747 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
1748 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1749 1 : assert_int_equal(
1750 : libspdm_secured_message_get_session_state(
1751 : spdm_context->session_info[0].secured_message_context),
1752 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1753 : } else {
1754 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1755 : }
1756 :
1757 1 : free(data);
1758 1 : }
1759 :
1760 : /**
1761 : * Test 10: receiving an unexpected ERROR message from the responder.
1762 : * There are tests for all named codes, including some reserved ones
1763 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
1764 : * However, for having specific test cases, it is excluded from this case:
1765 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
1766 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1767 : **/
1768 1 : static void req_psk_finish_case10(void **state) {
1769 : libspdm_return_t status;
1770 : libspdm_test_context_t *spdm_test_context;
1771 : libspdm_context_t *spdm_context;
1772 : uint32_t session_id;
1773 : void *data;
1774 : size_t data_size;
1775 : void *hash;
1776 : size_t hash_size;
1777 : libspdm_session_info_t *session_info;
1778 : uint16_t error_code;
1779 :
1780 1 : spdm_test_context = *state;
1781 1 : spdm_context = spdm_test_context->spdm_context;
1782 1 : spdm_test_context->case_id = 0xA;
1783 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1784 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1785 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1786 1 : spdm_context->connection_info.capability.flags |=
1787 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1788 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1789 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1790 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1791 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1792 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1793 : m_libspdm_use_asym_algo,
1794 : &data, &data_size,
1795 : &hash, &hash_size);
1796 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1797 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1798 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1799 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1800 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1801 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1802 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1803 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1804 : data, data_size);
1805 : #endif
1806 :
1807 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1808 19 : while(error_code <= 0xff) {
1809 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1810 18 : libspdm_reset_message_a(spdm_context);
1811 :
1812 18 : session_id = 0xFFFFFFFF;
1813 18 : session_info = &spdm_context->session_info[0];
1814 18 : libspdm_session_info_init (spdm_context, session_info, session_id,
1815 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1816 18 : libspdm_session_info_set_psk_hint(session_info,
1817 : LIBSPDM_TEST_PSK_HINT_STRING,
1818 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1819 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
1820 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1821 18 : libspdm_set_mem (m_libspdm_dummy_key_buffer,
1822 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size,
1823 : (uint8_t)(0xFF));
1824 18 : libspdm_secured_message_set_response_handshake_encryption_key (
1825 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1826 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size);
1827 18 : libspdm_set_mem (m_libspdm_dummy_salt_buffer,
1828 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_iv_size,
1829 : (uint8_t)(0xFF));
1830 18 : libspdm_secured_message_set_response_handshake_salt (session_info->secured_message_context,
1831 : m_libspdm_dummy_salt_buffer,
1832 : ((libspdm_secured_message_context_t*)(
1833 18 : session_info->
1834 : secured_message_context))->aead_iv_size);
1835 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1836 : handshake_secret
1837 18 : .response_handshake_sequence_number = 0;
1838 18 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1839 :
1840 18 : status = libspdm_send_receive_psk_finish (spdm_context, session_id);
1841 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
1842 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
1843 : } else {
1844 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
1845 : }
1846 :
1847 18 : error_code++;
1848 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1849 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1850 : }
1851 : /* skip some reserved error codes (0d to 3e) */
1852 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) {
1853 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1854 : }
1855 : /* skip response not ready, request resync, and some reserved codes (44 to fc) */
1856 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) {
1857 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1858 : }
1859 : }
1860 :
1861 1 : free(data);
1862 1 : }
1863 :
1864 1 : static void req_psk_finish_case11(void **state)
1865 : {
1866 : libspdm_return_t status;
1867 : libspdm_test_context_t *spdm_test_context;
1868 : libspdm_context_t *spdm_context;
1869 : uint32_t session_id;
1870 : void *data;
1871 : size_t data_size;
1872 : void *hash;
1873 : size_t hash_size;
1874 : libspdm_session_info_t *session_info;
1875 :
1876 1 : spdm_test_context = *state;
1877 1 : spdm_context = spdm_test_context->spdm_context;
1878 1 : spdm_test_context->case_id = 0xB;
1879 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1880 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1881 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1882 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1883 1 : spdm_context->connection_info.capability.flags |=
1884 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1885 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1886 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1887 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1888 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1889 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1890 : m_libspdm_use_asym_algo, &data,
1891 : &data_size, &hash, &hash_size)) {
1892 0 : assert(false);
1893 : }
1894 1 : libspdm_reset_message_a(spdm_context);
1895 :
1896 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1897 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1898 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1899 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1900 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1901 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
1902 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1903 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1904 : data, data_size);
1905 : #endif
1906 :
1907 1 : session_id = 0xFFFFFFFF;
1908 1 : session_info = &spdm_context->session_info[0];
1909 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1910 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1911 1 : libspdm_session_info_set_psk_hint(session_info,
1912 : LIBSPDM_TEST_PSK_HINT_STRING,
1913 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1914 1 : libspdm_secured_message_set_session_state(
1915 : session_info->secured_message_context,
1916 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1917 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1918 : ((libspdm_secured_message_context_t
1919 1 : *)(session_info->secured_message_context))
1920 : ->aead_key_size,
1921 : (uint8_t)(0xFF));
1922 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1923 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1924 : ((libspdm_secured_message_context_t
1925 1 : *)(session_info->secured_message_context))
1926 : ->aead_key_size);
1927 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1928 : ((libspdm_secured_message_context_t
1929 1 : *)(session_info->secured_message_context))
1930 : ->aead_iv_size,
1931 : (uint8_t)(0xFF));
1932 1 : libspdm_secured_message_set_response_handshake_salt(
1933 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1934 : ((libspdm_secured_message_context_t
1935 1 : *)(session_info->secured_message_context))
1936 : ->aead_iv_size);
1937 : ((libspdm_secured_message_context_t *)(session_info
1938 1 : ->secured_message_context))
1939 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1940 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1941 :
1942 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1943 : session_info->session_transcript.message_m.buffer_size =
1944 : session_info->session_transcript.message_m.max_buffer_size;
1945 : spdm_context->transcript.message_b.buffer_size =
1946 : spdm_context->transcript.message_b.max_buffer_size;
1947 : spdm_context->transcript.message_c.buffer_size =
1948 : spdm_context->transcript.message_c.max_buffer_size;
1949 : spdm_context->transcript.message_mut_b.buffer_size =
1950 : spdm_context->transcript.message_mut_b.max_buffer_size;
1951 : spdm_context->transcript.message_mut_c.buffer_size =
1952 : spdm_context->transcript.message_mut_c.max_buffer_size;
1953 : #endif
1954 :
1955 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1956 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1957 1 : assert_int_equal(
1958 : libspdm_secured_message_get_session_state(
1959 : spdm_context->session_info[0].secured_message_context),
1960 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1961 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1962 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
1963 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
1964 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
1965 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
1966 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
1967 : #endif
1968 1 : free(data);
1969 1 : }
1970 :
1971 : /**
1972 : * Test 12: requester is not setup correctly to support pre-shared keys
1973 : * (no capabilities). The responder would attempt to return a correct
1974 : * PSK_FINISH_RSP message.
1975 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1976 : **/
1977 1 : static void req_psk_finish_case12(void **state)
1978 : {
1979 : libspdm_return_t status;
1980 : libspdm_test_context_t *spdm_test_context;
1981 : libspdm_context_t *spdm_context;
1982 : uint32_t session_id;
1983 : void *data;
1984 : size_t data_size;
1985 : void *hash;
1986 : size_t hash_size;
1987 : libspdm_session_info_t *session_info;
1988 :
1989 1 : spdm_test_context = *state;
1990 1 : spdm_context = spdm_test_context->spdm_context;
1991 1 : spdm_test_context->case_id = 0xC;
1992 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1993 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1994 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1995 : /*no PSK capabilities*/
1996 1 : spdm_context->connection_info.capability.flags &=
1997 : ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP);
1998 1 : spdm_context->connection_info.capability.flags |=
1999 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2000 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2001 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2002 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2003 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2004 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2005 : m_libspdm_use_asym_algo, &data,
2006 : &data_size, &hash, &hash_size)) {
2007 0 : assert(false);
2008 : }
2009 1 : spdm_context->transcript.message_a.buffer_size = 0;
2010 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2011 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2012 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2013 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2014 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2015 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2016 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2017 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2018 : data, data_size);
2019 : #endif
2020 :
2021 1 : session_id = 0xFFFFFFFF;
2022 1 : session_info = &spdm_context->session_info[0];
2023 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2024 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2025 1 : libspdm_session_info_set_psk_hint(session_info,
2026 : LIBSPDM_TEST_PSK_HINT_STRING,
2027 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2028 1 : libspdm_secured_message_set_session_state(
2029 : session_info->secured_message_context,
2030 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2031 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2032 : ((libspdm_secured_message_context_t
2033 1 : *)(session_info->secured_message_context))
2034 : ->aead_key_size,
2035 : (uint8_t)(0xFF));
2036 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2037 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2038 : ((libspdm_secured_message_context_t
2039 1 : *)(session_info->secured_message_context))
2040 : ->aead_key_size);
2041 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2042 : ((libspdm_secured_message_context_t
2043 1 : *)(session_info->secured_message_context))
2044 : ->aead_iv_size,
2045 : (uint8_t)(0xFF));
2046 1 : libspdm_secured_message_set_response_handshake_salt(
2047 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2048 : ((libspdm_secured_message_context_t
2049 1 : *)(session_info->secured_message_context))
2050 : ->aead_iv_size);
2051 : ((libspdm_secured_message_context_t *)(session_info
2052 1 : ->secured_message_context))
2053 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2054 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2055 :
2056 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2057 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2058 1 : free(data);
2059 1 : }
2060 :
2061 : /**
2062 : * Test 13: receiving an incorrect FINISH_RSP message, with wrong response
2063 : * code, but all other field correct.
2064 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
2065 : **/
2066 1 : static void req_psk_finish_case13(void **state)
2067 : {
2068 : libspdm_return_t status;
2069 : libspdm_test_context_t *spdm_test_context;
2070 : libspdm_context_t *spdm_context;
2071 : uint32_t session_id;
2072 : void *data;
2073 : size_t data_size;
2074 : void *hash;
2075 : size_t hash_size;
2076 : libspdm_session_info_t *session_info;
2077 :
2078 1 : spdm_test_context = *state;
2079 1 : spdm_context = spdm_test_context->spdm_context;
2080 1 : spdm_test_context->case_id = 0xD;
2081 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2082 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2083 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2084 : /*no PSK capabilities*/
2085 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2086 1 : spdm_context->connection_info.capability.flags |=
2087 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2088 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2089 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2090 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2091 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2092 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2093 : m_libspdm_use_asym_algo, &data,
2094 : &data_size, &hash, &hash_size)) {
2095 0 : assert(false);
2096 : }
2097 1 : spdm_context->transcript.message_a.buffer_size = 0;
2098 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2099 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2100 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2101 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2102 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2103 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2104 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2105 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2106 : data, data_size);
2107 : #endif
2108 :
2109 1 : session_id = 0xFFFFFFFF;
2110 1 : session_info = &spdm_context->session_info[0];
2111 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2112 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2113 1 : libspdm_session_info_set_psk_hint(session_info,
2114 : LIBSPDM_TEST_PSK_HINT_STRING,
2115 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2116 1 : libspdm_secured_message_set_session_state(
2117 : session_info->secured_message_context,
2118 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2119 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2120 : ((libspdm_secured_message_context_t
2121 1 : *)(session_info->secured_message_context))
2122 : ->aead_key_size,
2123 : (uint8_t)(0xFF));
2124 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2125 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2126 : ((libspdm_secured_message_context_t
2127 1 : *)(session_info->secured_message_context))
2128 : ->aead_key_size);
2129 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2130 : ((libspdm_secured_message_context_t
2131 1 : *)(session_info->secured_message_context))
2132 : ->aead_iv_size,
2133 : (uint8_t)(0xFF));
2134 1 : libspdm_secured_message_set_response_handshake_salt(
2135 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2136 : ((libspdm_secured_message_context_t
2137 1 : *)(session_info->secured_message_context))
2138 : ->aead_iv_size);
2139 : ((libspdm_secured_message_context_t *)(session_info
2140 1 : ->secured_message_context))
2141 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2142 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2143 :
2144 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2145 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2146 1 : free(data);
2147 1 : }
2148 :
2149 : /**
2150 : * Test 14: requester is not setup correctly by not initializing a
2151 : * session during PSK_EXCHANGE. The responder would attempt to
2152 : * return a correct PSK_FINISH_RSP message.
2153 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2154 : **/
2155 1 : static void req_psk_finish_case14(void **state)
2156 : {
2157 : libspdm_return_t status;
2158 : libspdm_test_context_t *spdm_test_context;
2159 : libspdm_context_t *spdm_context;
2160 : uint32_t session_id;
2161 : void *data;
2162 : size_t data_size;
2163 : void *hash;
2164 : size_t hash_size;
2165 : libspdm_session_info_t *session_info;
2166 :
2167 1 : spdm_test_context = *state;
2168 1 : spdm_context = spdm_test_context->spdm_context;
2169 1 : spdm_test_context->case_id = 0xE;
2170 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2171 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2172 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2173 : /*no PSK capabilities*/
2174 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2175 1 : spdm_context->connection_info.capability.flags |=
2176 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2177 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2178 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2179 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2180 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2181 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2182 : m_libspdm_use_asym_algo, &data,
2183 : &data_size, &hash, &hash_size)) {
2184 0 : assert(false);
2185 : }
2186 1 : spdm_context->transcript.message_a.buffer_size = 0;
2187 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2188 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2189 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2190 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2191 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2192 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2193 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2194 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2195 : data, data_size);
2196 : #endif
2197 :
2198 1 : session_id = 0xFFFFFFFF;
2199 1 : session_info = &spdm_context->session_info[0];
2200 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2201 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2202 1 : libspdm_session_info_set_psk_hint(session_info,
2203 : LIBSPDM_TEST_PSK_HINT_STRING,
2204 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2205 1 : libspdm_secured_message_set_session_state(
2206 : session_info->secured_message_context,
2207 : LIBSPDM_SESSION_STATE_NOT_STARTED);
2208 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2209 : ((libspdm_secured_message_context_t
2210 1 : *)(session_info->secured_message_context))
2211 : ->aead_key_size,
2212 : (uint8_t)(0xFF));
2213 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2214 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2215 : ((libspdm_secured_message_context_t
2216 1 : *)(session_info->secured_message_context))
2217 : ->aead_key_size);
2218 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2219 : ((libspdm_secured_message_context_t
2220 1 : *)(session_info->secured_message_context))
2221 : ->aead_iv_size,
2222 : (uint8_t)(0xFF));
2223 1 : libspdm_secured_message_set_response_handshake_salt(
2224 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2225 : ((libspdm_secured_message_context_t
2226 1 : *)(session_info->secured_message_context))
2227 : ->aead_iv_size);
2228 : ((libspdm_secured_message_context_t *)(session_info
2229 1 : ->secured_message_context))
2230 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2231 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2232 :
2233 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2234 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2235 1 : free(data);
2236 1 : }
2237 :
2238 : /**
2239 : * Test 15 the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
2240 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
2241 : **/
2242 1 : static void req_psk_finish_case15(void **state)
2243 : {
2244 : libspdm_return_t status;
2245 : libspdm_test_context_t *spdm_test_context;
2246 : libspdm_context_t *spdm_context;
2247 : uint32_t session_id;
2248 : void *data;
2249 : size_t data_size;
2250 : void *hash;
2251 : size_t hash_size;
2252 : libspdm_session_info_t *session_info;
2253 :
2254 1 : spdm_test_context = *state;
2255 1 : spdm_context = spdm_test_context->spdm_context;
2256 1 : spdm_test_context->case_id = 0xF;
2257 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2258 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2259 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2260 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2261 1 : spdm_context->connection_info.capability.flags |=
2262 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2263 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2264 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2265 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2266 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2267 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2268 : m_libspdm_use_asym_algo, &data,
2269 : &data_size, &hash, &hash_size)) {
2270 0 : assert(false);
2271 : }
2272 1 : libspdm_reset_message_a(spdm_context);
2273 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2274 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2275 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2276 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2277 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2278 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2279 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2280 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2281 : data, data_size);
2282 : #endif
2283 :
2284 1 : session_id = 0xFFFFFFFF;
2285 1 : session_info = &spdm_context->session_info[0];
2286 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2287 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2288 1 : libspdm_session_info_set_psk_hint(session_info,
2289 : LIBSPDM_TEST_PSK_HINT_STRING,
2290 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2291 1 : libspdm_secured_message_set_session_state(
2292 : session_info->secured_message_context,
2293 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2294 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2295 : ((libspdm_secured_message_context_t
2296 1 : *)(session_info->secured_message_context))
2297 : ->aead_key_size,
2298 : (uint8_t)(0xFF));
2299 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2300 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2301 : ((libspdm_secured_message_context_t
2302 1 : *)(session_info->secured_message_context))
2303 : ->aead_key_size);
2304 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2305 : ((libspdm_secured_message_context_t
2306 1 : *)(session_info->secured_message_context))
2307 : ->aead_iv_size,
2308 : (uint8_t)(0xFF));
2309 1 : libspdm_secured_message_set_response_handshake_salt(
2310 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2311 : ((libspdm_secured_message_context_t
2312 1 : *)(session_info->secured_message_context))
2313 : ->aead_iv_size);
2314 : ((libspdm_secured_message_context_t *)(session_info
2315 1 : ->secured_message_context))
2316 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2317 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2318 :
2319 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2320 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
2321 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
2322 1 : free(data);
2323 1 : }
2324 :
2325 : /**
2326 : * Test 16: a request message is successfully sent and a response message is successfully received.
2327 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a PSK_FINISH_RSP message is
2328 : * received, buffer F appends the exchanged PSK_FINISH and PSK_FINISH_RSP messages.
2329 : **/
2330 1 : static void req_psk_finish_case16(void **state)
2331 : {
2332 : libspdm_return_t status;
2333 : libspdm_test_context_t *spdm_test_context;
2334 : libspdm_context_t *spdm_context;
2335 : uint32_t session_id;
2336 : void *data;
2337 : size_t data_size;
2338 : void *hash;
2339 : size_t hash_size;
2340 : libspdm_session_info_t *session_info;
2341 :
2342 1 : spdm_test_context = *state;
2343 1 : spdm_context = spdm_test_context->spdm_context;
2344 1 : spdm_test_context->case_id = 0x10;
2345 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2346 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2347 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2348 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2349 1 : spdm_context->connection_info.capability.flags |=
2350 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2351 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2352 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2353 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2354 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2355 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2356 : m_libspdm_use_asym_algo, &data,
2357 : &data_size, &hash, &hash_size)) {
2358 0 : assert(false);
2359 : }
2360 1 : libspdm_reset_message_a(spdm_context);
2361 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2362 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2363 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2364 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2365 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2366 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
2367 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2368 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2369 : data, data_size);
2370 : #endif
2371 :
2372 :
2373 1 : session_id = 0xFFFFFFFF;
2374 1 : session_info = &spdm_context->session_info[0];
2375 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2376 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2377 1 : libspdm_session_info_set_psk_hint(session_info,
2378 : LIBSPDM_TEST_PSK_HINT_STRING,
2379 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2380 1 : libspdm_secured_message_set_session_state(
2381 : session_info->secured_message_context,
2382 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2383 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2384 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2385 : ->aead_key_size, (uint8_t)(0xFF));
2386 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2387 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2388 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2389 : ->aead_key_size);
2390 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2391 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2392 : ->aead_iv_size, (uint8_t)(0xFF));
2393 1 : libspdm_secured_message_set_response_handshake_salt(
2394 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2395 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2396 : ->aead_iv_size);
2397 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2398 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2399 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2400 1 : ->handshake_secret.request_handshake_sequence_number = 0;
2401 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2402 :
2403 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2404 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2405 1 : assert_int_equal(
2406 : libspdm_secured_message_get_session_state(
2407 : spdm_context->session_info[0].secured_message_context),
2408 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2409 :
2410 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2411 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
2412 : m_libspdm_local_buffer_size);
2413 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
2414 : m_libspdm_local_buffer_size));
2415 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2416 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
2417 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2418 : #endif
2419 1 : free(data);
2420 1 : }
2421 :
2422 : /**
2423 : * Test 17: SPDM version 1.4, with OpaqueData
2424 : * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS and a PSK_FINISH_RSP message is
2425 : * received.
2426 : **/
2427 1 : static void req_psk_finish_case17(void **state)
2428 : {
2429 : libspdm_return_t status;
2430 : libspdm_test_context_t *spdm_test_context;
2431 : libspdm_context_t *spdm_context;
2432 : uint32_t session_id;
2433 : void *data;
2434 : size_t data_size;
2435 : void *hash;
2436 : size_t hash_size;
2437 : libspdm_session_info_t *session_info;
2438 :
2439 1 : spdm_test_context = *state;
2440 1 : spdm_context = spdm_test_context->spdm_context;
2441 1 : spdm_test_context->case_id = 0x11;
2442 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
2443 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2444 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2445 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2446 1 : spdm_context->connection_info.capability.flags |=
2447 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2448 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2449 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2450 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2451 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2452 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2453 : m_libspdm_use_asym_algo, &data,
2454 : &data_size, &hash, &hash_size)) {
2455 0 : assert(false);
2456 : }
2457 1 : libspdm_reset_message_a(spdm_context);
2458 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2459 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2460 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2461 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2462 1 : spdm_context->connection_info.algorithm.other_params_support =
2463 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
2464 :
2465 1 : session_id = 0xFFFFFFFF;
2466 1 : session_info = &spdm_context->session_info[0];
2467 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2468 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2469 1 : libspdm_session_info_set_psk_hint(session_info,
2470 : LIBSPDM_TEST_PSK_HINT_STRING,
2471 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2472 1 : libspdm_secured_message_set_session_state(
2473 : session_info->secured_message_context,
2474 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2475 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2476 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2477 : ->aead_key_size, (uint8_t)(0xFF));
2478 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2479 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2480 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2481 : ->aead_key_size);
2482 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2483 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2484 : ->aead_iv_size, (uint8_t)(0xFF));
2485 1 : libspdm_secured_message_set_response_handshake_salt(
2486 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2487 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2488 : ->aead_iv_size);
2489 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2490 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2491 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2492 1 : ->handshake_secret.request_handshake_sequence_number = 0;
2493 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2494 :
2495 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2496 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2497 1 : assert_int_equal(
2498 : libspdm_secured_message_get_session_state(
2499 : spdm_context->session_info[0].secured_message_context),
2500 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2501 :
2502 1 : free(data);
2503 1 : }
2504 :
2505 : /**
2506 : * Test 18: SPDM version 1.4, response opaque length exceeds protocol max.
2507 : * Expected behavior: requester returns LIBSPDM_STATUS_INVALID_MSG_FIELD.
2508 : **/
2509 1 : static void req_psk_finish_case18(void **state)
2510 : {
2511 : libspdm_return_t status;
2512 : libspdm_test_context_t *spdm_test_context;
2513 : libspdm_context_t *spdm_context;
2514 : uint32_t session_id;
2515 : void *data;
2516 : size_t data_size;
2517 : void *hash;
2518 : size_t hash_size;
2519 : libspdm_session_info_t *session_info;
2520 :
2521 1 : spdm_test_context = *state;
2522 1 : spdm_context = spdm_test_context->spdm_context;
2523 1 : spdm_test_context->case_id = 0x12;
2524 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
2525 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2526 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2527 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2528 1 : spdm_context->connection_info.capability.flags |=
2529 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2530 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2531 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2532 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2533 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2534 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2535 : m_libspdm_use_asym_algo, &data,
2536 : &data_size, &hash, &hash_size)) {
2537 0 : assert(false);
2538 : }
2539 1 : libspdm_reset_message_a(spdm_context);
2540 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2541 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2542 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2543 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2544 1 : spdm_context->connection_info.algorithm.other_params_support =
2545 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
2546 :
2547 1 : session_id = 0xFFFFFFFF;
2548 1 : session_info = &spdm_context->session_info[0];
2549 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
2550 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
2551 1 : libspdm_session_info_set_psk_hint(session_info,
2552 : LIBSPDM_TEST_PSK_HINT_STRING,
2553 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2554 1 : libspdm_secured_message_set_session_state(
2555 : session_info->secured_message_context,
2556 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2557 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2558 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2559 : ->aead_key_size, (uint8_t)(0xFF));
2560 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2561 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2562 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2563 : ->aead_key_size);
2564 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2565 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2566 : ->aead_iv_size, (uint8_t)(0xFF));
2567 1 : libspdm_secured_message_set_response_handshake_salt(
2568 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2569 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2570 : ->aead_iv_size);
2571 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2572 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2573 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2574 1 : ->handshake_secret.request_handshake_sequence_number = 0;
2575 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2576 :
2577 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2578 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2579 :
2580 1 : free(data);
2581 1 : }
2582 :
2583 1 : int libspdm_req_psk_finish_test(void)
2584 : {
2585 1 : const struct CMUnitTest test_cases[] = {
2586 : /* SendRequest failed*/
2587 : cmocka_unit_test(req_psk_finish_case1),
2588 : /* Successful response*/
2589 : cmocka_unit_test(req_psk_finish_case2),
2590 : /* connection_state check failed*/
2591 : cmocka_unit_test(req_psk_finish_case3),
2592 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
2593 : cmocka_unit_test(req_psk_finish_case4),
2594 : /* Always SPDM_ERROR_CODE_BUSY*/
2595 : cmocka_unit_test(req_psk_finish_case5),
2596 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
2597 : cmocka_unit_test(req_psk_finish_case6),
2598 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
2599 : cmocka_unit_test(req_psk_finish_case7),
2600 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
2601 : cmocka_unit_test(req_psk_finish_case8),
2602 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
2603 : cmocka_unit_test(req_psk_finish_case9),
2604 : /* Unexpected errors*/
2605 : cmocka_unit_test(req_psk_finish_case10),
2606 : /* Buffer reset*/
2607 : cmocka_unit_test(req_psk_finish_case11),
2608 : /* No correct setup*/
2609 : cmocka_unit_test(req_psk_finish_case12),
2610 : /* Wrong response code*/
2611 : cmocka_unit_test(req_psk_finish_case13),
2612 : /* Uninitialized session*/
2613 : cmocka_unit_test(req_psk_finish_case14),
2614 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
2615 : cmocka_unit_test(req_psk_finish_case15),
2616 : /* Buffer verification*/
2617 : cmocka_unit_test(req_psk_finish_case16),
2618 : /* SPDM 1.4 with OpaqueData */
2619 : cmocka_unit_test(req_psk_finish_case17),
2620 : /* SPDM 1.4 response opaque length over protocol max */
2621 : cmocka_unit_test(req_psk_finish_case18),
2622 : };
2623 :
2624 1 : libspdm_test_context_t test_context = {
2625 : LIBSPDM_TEST_CONTEXT_VERSION,
2626 : true,
2627 : send_message,
2628 : receive_message,
2629 : };
2630 :
2631 1 : libspdm_setup_test_context(&test_context);
2632 :
2633 1 : return cmocka_run_group_tests(test_cases,
2634 : libspdm_unit_test_group_setup,
2635 : libspdm_unit_test_group_teardown);
2636 : }
2637 :
2638 : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP*/
|
