Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2022 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
12 :
13 : static uint8_t m_libspdm_dummy_key_buffer[LIBSPDM_MAX_AEAD_KEY_SIZE];
14 : static uint8_t m_libspdm_dummy_salt_buffer[LIBSPDM_MAX_AEAD_IV_SIZE];
15 :
16 : static size_t m_libspdm_local_buffer_size;
17 : static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE];
18 :
19 33 : static void libspdm_secured_message_set_dummy_finished_key(
20 : void *spdm_secured_message_context)
21 : {
22 33 : }
23 :
24 32 : void libspdm_secured_message_set_response_handshake_encryption_key(
25 : void *spdm_secured_message_context, const void *key, size_t key_size)
26 : {
27 : libspdm_secured_message_context_t *secured_message_context;
28 :
29 32 : secured_message_context = spdm_secured_message_context;
30 32 : LIBSPDM_ASSERT(key_size == secured_message_context->aead_key_size);
31 32 : libspdm_copy_mem(secured_message_context->handshake_secret.response_handshake_encryption_key,
32 : sizeof(secured_message_context->handshake_secret.
33 : response_handshake_encryption_key),
34 : key, secured_message_context->aead_key_size);
35 32 : }
36 :
37 32 : void libspdm_secured_message_set_response_handshake_salt(
38 : void *spdm_secured_message_context, const void *salt,
39 : size_t salt_size)
40 : {
41 : libspdm_secured_message_context_t *secured_message_context;
42 :
43 32 : secured_message_context = spdm_secured_message_context;
44 32 : LIBSPDM_ASSERT(salt_size == secured_message_context->aead_iv_size);
45 32 : libspdm_copy_mem(secured_message_context->handshake_secret.response_handshake_salt,
46 : sizeof(secured_message_context->handshake_secret.response_handshake_salt),
47 : salt, secured_message_context->aead_iv_size);
48 32 : }
49 :
50 33 : libspdm_return_t libspdm_requester_psk_finish_test_send_message(void *spdm_context,
51 : size_t request_size,
52 : const void *request,
53 : uint64_t timeout)
54 : {
55 : libspdm_test_context_t *spdm_test_context;
56 :
57 33 : spdm_test_context = libspdm_get_test_context();
58 33 : switch (spdm_test_context->case_id) {
59 1 : case 0x1:
60 1 : return LIBSPDM_STATUS_SEND_FAIL;
61 1 : case 0x2:
62 1 : return LIBSPDM_STATUS_SUCCESS;
63 0 : case 0x3:
64 0 : return LIBSPDM_STATUS_SUCCESS;
65 1 : case 0x4:
66 1 : return LIBSPDM_STATUS_SUCCESS;
67 1 : case 0x5:
68 1 : return LIBSPDM_STATUS_SUCCESS;
69 2 : case 0x6:
70 2 : return LIBSPDM_STATUS_SUCCESS;
71 1 : case 0x7:
72 1 : return LIBSPDM_STATUS_SUCCESS;
73 2 : case 0x8:
74 2 : return LIBSPDM_STATUS_SUCCESS;
75 2 : case 0x9:
76 2 : return LIBSPDM_STATUS_SUCCESS;
77 18 : case 0xA:
78 18 : return LIBSPDM_STATUS_SUCCESS;
79 1 : case 0xB:
80 1 : return LIBSPDM_STATUS_SUCCESS;
81 0 : case 0xC:
82 0 : return LIBSPDM_STATUS_SUCCESS;
83 1 : case 0xD:
84 1 : return LIBSPDM_STATUS_SUCCESS;
85 0 : case 0xE:
86 0 : return LIBSPDM_STATUS_SUCCESS;
87 1 : case 0xF:
88 1 : return LIBSPDM_STATUS_SUCCESS;
89 1 : case 0x10: {
90 : libspdm_return_t status;
91 : uint8_t *decoded_message;
92 : size_t decoded_message_size;
93 : uint32_t session_id;
94 : uint32_t *message_session_id;
95 : bool is_app_message;
96 : libspdm_session_info_t *session_info;
97 : uint8_t message_buffer[LIBSPDM_SENDER_BUFFER_SIZE];
98 :
99 1 : message_session_id = NULL;
100 1 : session_id = 0xFFFFFFFF;
101 1 : decoded_message = (uint8_t *) &m_libspdm_local_buffer[0];
102 1 : decoded_message_size = sizeof(m_libspdm_local_buffer);
103 :
104 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
105 1 : if (session_info == NULL) {
106 0 : return LIBSPDM_STATUS_SEND_FAIL;
107 : }
108 :
109 1 : memcpy(message_buffer, request, request_size);
110 :
111 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
112 1 : ->handshake_secret.request_handshake_sequence_number--;
113 1 : m_libspdm_local_buffer_size = 0;
114 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&decoded_message, &decoded_message_size);
115 1 : status = libspdm_transport_test_decode_message(
116 : spdm_context,
117 : &message_session_id, &is_app_message, true, request_size, message_buffer,
118 : &decoded_message_size, (void **)&decoded_message);
119 1 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
120 0 : return LIBSPDM_STATUS_SEND_FAIL;
121 : }
122 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
123 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
124 : decoded_message, decoded_message_size);
125 1 : m_libspdm_local_buffer_size += decoded_message_size;
126 : }
127 1 : return LIBSPDM_STATUS_SUCCESS;
128 0 : default:
129 0 : return LIBSPDM_STATUS_SEND_FAIL;
130 : }
131 : }
132 :
133 32 : libspdm_return_t libspdm_requester_psk_finish_test_receive_message(
134 : void *spdm_context, size_t *response_size,
135 : void **response, uint64_t timeout)
136 : {
137 : libspdm_test_context_t *spdm_test_context;
138 :
139 32 : spdm_test_context = libspdm_get_test_context();
140 32 : switch (spdm_test_context->case_id) {
141 0 : case 0x1:
142 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
143 :
144 1 : case 0x2: {
145 : spdm_psk_finish_response_t *spdm_response;
146 : size_t spdm_response_size;
147 : size_t transport_header_size;
148 : uint32_t session_id;
149 : libspdm_session_info_t *session_info;
150 : uint8_t *scratch_buffer;
151 : size_t scratch_buffer_size;
152 :
153 1 : session_id = 0xFFFFFFFF;
154 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
155 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
156 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
157 :
158 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
159 1 : spdm_response->header.request_response_code =
160 : SPDM_PSK_FINISH_RSP;
161 1 : spdm_response->header.param1 = 0;
162 1 : spdm_response->header.param2 = 0;
163 :
164 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
165 : * transport_message is always in sender buffer. */
166 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
167 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
168 : scratch_buffer_size - transport_header_size,
169 : spdm_response, spdm_response_size);
170 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
171 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
172 : false, false, spdm_response_size,
173 : spdm_response, response_size,
174 : response);
175 1 : session_info = libspdm_get_session_info_via_session_id(
176 : spdm_context, session_id);
177 1 : if (session_info == NULL) {
178 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
179 : }
180 : /* WALKAROUND: If just use single context to encode message and then decode message */
181 : ((libspdm_secured_message_context_t
182 1 : *)(session_info->secured_message_context))
183 1 : ->handshake_secret.response_handshake_sequence_number--;
184 : }
185 1 : return LIBSPDM_STATUS_SUCCESS;
186 :
187 0 : case 0x3: {
188 : spdm_psk_finish_response_t *spdm_response;
189 : size_t spdm_response_size;
190 : size_t transport_header_size;
191 : uint32_t session_id;
192 : libspdm_session_info_t *session_info;
193 : uint8_t *scratch_buffer;
194 : size_t scratch_buffer_size;
195 :
196 0 : session_id = 0xFFFFFFFF;
197 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
198 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
199 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
200 :
201 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
202 0 : spdm_response->header.request_response_code =
203 : SPDM_PSK_FINISH_RSP;
204 0 : spdm_response->header.param1 = 0;
205 0 : spdm_response->header.param2 = 0;
206 :
207 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
208 : * transport_message is always in sender buffer. */
209 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
210 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
211 : scratch_buffer_size - transport_header_size,
212 : spdm_response, spdm_response_size);
213 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
214 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
215 : false, false, spdm_response_size,
216 : spdm_response, response_size,
217 : response);
218 0 : session_info = libspdm_get_session_info_via_session_id(
219 : spdm_context, session_id);
220 0 : if (session_info == NULL) {
221 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
222 : }
223 : ((libspdm_secured_message_context_t
224 0 : *)(session_info->secured_message_context))
225 0 : ->handshake_secret.response_handshake_sequence_number--;
226 : }
227 0 : return LIBSPDM_STATUS_SUCCESS;
228 :
229 1 : case 0x4: {
230 : spdm_error_response_t *spdm_response;
231 : size_t spdm_response_size;
232 : size_t transport_header_size;
233 : uint32_t session_id;
234 : libspdm_session_info_t *session_info;
235 : uint8_t *scratch_buffer;
236 : size_t scratch_buffer_size;
237 :
238 1 : spdm_response_size = sizeof(spdm_error_response_t);
239 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
240 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
241 :
242 1 : session_id = 0xFFFFFFFF;
243 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
244 1 : spdm_response->header.request_response_code = SPDM_ERROR;
245 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST;
246 1 : spdm_response->header.param2 = 0;
247 :
248 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
249 : * transport_message is always in sender buffer. */
250 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
251 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
252 : scratch_buffer_size - transport_header_size,
253 : spdm_response, spdm_response_size);
254 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
255 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
256 : false, false,
257 : spdm_response_size,
258 : spdm_response,
259 : response_size, response);
260 1 : session_info = libspdm_get_session_info_via_session_id(
261 : spdm_context, session_id);
262 1 : if (session_info == NULL) {
263 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
264 : }
265 : ((libspdm_secured_message_context_t
266 1 : *)(session_info->secured_message_context))
267 1 : ->handshake_secret.response_handshake_sequence_number--;
268 : }
269 1 : return LIBSPDM_STATUS_SUCCESS;
270 :
271 1 : case 0x5: {
272 : spdm_error_response_t *spdm_response;
273 : size_t spdm_response_size;
274 : size_t transport_header_size;
275 : uint32_t session_id;
276 : libspdm_session_info_t *session_info;
277 : uint8_t *scratch_buffer;
278 : size_t scratch_buffer_size;
279 :
280 1 : spdm_response_size = sizeof(spdm_error_response_t);
281 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
282 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
283 :
284 1 : session_id = 0xFFFFFFFF;
285 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
286 1 : spdm_response->header.request_response_code = SPDM_ERROR;
287 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
288 1 : spdm_response->header.param2 = 0;
289 :
290 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
291 : * transport_message is always in sender buffer. */
292 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
293 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
294 : scratch_buffer_size - transport_header_size,
295 : spdm_response, spdm_response_size);
296 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
297 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
298 : false, false,
299 : spdm_response_size,
300 : spdm_response,
301 : response_size, response);
302 1 : session_info = libspdm_get_session_info_via_session_id(
303 : spdm_context, session_id);
304 1 : if (session_info == NULL) {
305 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
306 : }
307 : ((libspdm_secured_message_context_t
308 1 : *)(session_info->secured_message_context))
309 1 : ->handshake_secret.response_handshake_sequence_number--;
310 : }
311 1 : return LIBSPDM_STATUS_SUCCESS;
312 :
313 2 : case 0x6: {
314 : static size_t sub_index1 = 0;
315 2 : if (sub_index1 == 0) {
316 : spdm_error_response_t *spdm_response;
317 : size_t spdm_response_size;
318 : size_t transport_header_size;
319 : uint32_t session_id;
320 : libspdm_session_info_t *session_info;
321 : uint8_t *scratch_buffer;
322 : size_t scratch_buffer_size;
323 :
324 1 : spdm_response_size = sizeof(spdm_error_response_t);
325 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
326 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
327 :
328 1 : session_id = 0xFFFFFFFF;
329 1 : spdm_response->header.spdm_version =
330 : SPDM_MESSAGE_VERSION_11;
331 1 : spdm_response->header.request_response_code = SPDM_ERROR;
332 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY;
333 1 : spdm_response->header.param2 = 0;
334 :
335 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
336 : * transport_message is always in sender buffer. */
337 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
338 : &scratch_buffer_size);
339 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
340 : scratch_buffer_size - transport_header_size,
341 : spdm_response, spdm_response_size);
342 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
343 1 : libspdm_transport_test_encode_message(
344 : spdm_context, &session_id, false, false,
345 : spdm_response_size, spdm_response,
346 : response_size, response);
347 1 : sub_index1++;
348 1 : session_info = libspdm_get_session_info_via_session_id(
349 : spdm_context, session_id);
350 1 : if (session_info == NULL) {
351 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
352 : }
353 : ((libspdm_secured_message_context_t
354 1 : *)(session_info->secured_message_context))
355 : ->handshake_secret
356 1 : .response_handshake_sequence_number--;
357 1 : } else if (sub_index1 == 1) {
358 : spdm_psk_finish_response_t *spdm_response;
359 : size_t spdm_response_size;
360 : size_t transport_header_size;
361 : uint32_t session_id;
362 : libspdm_session_info_t *session_info;
363 : uint8_t *scratch_buffer;
364 : size_t scratch_buffer_size;
365 :
366 1 : session_id = 0xFFFFFFFF;
367 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
368 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
369 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
370 :
371 1 : spdm_response->header.spdm_version =
372 : SPDM_MESSAGE_VERSION_11;
373 1 : spdm_response->header.request_response_code =
374 : SPDM_PSK_FINISH_RSP;
375 1 : spdm_response->header.param1 = 0;
376 1 : spdm_response->header.param2 = 0;
377 :
378 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
379 : * transport_message is always in sender buffer. */
380 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
381 : &scratch_buffer_size);
382 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
383 : scratch_buffer_size - transport_header_size,
384 : spdm_response, spdm_response_size);
385 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
386 1 : libspdm_transport_test_encode_message(
387 : spdm_context, &session_id, false, false,
388 : spdm_response_size, spdm_response, response_size,
389 : response);
390 1 : session_info = libspdm_get_session_info_via_session_id(
391 : spdm_context, session_id);
392 1 : if (session_info == NULL) {
393 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
394 : }
395 : ((libspdm_secured_message_context_t
396 1 : *)(session_info->secured_message_context))
397 : ->handshake_secret
398 1 : .response_handshake_sequence_number--;
399 : }
400 : }
401 2 : return LIBSPDM_STATUS_SUCCESS;
402 :
403 1 : case 0x7: {
404 : spdm_error_response_t *spdm_response;
405 : size_t spdm_response_size;
406 : size_t transport_header_size;
407 : uint32_t session_id;
408 : libspdm_session_info_t *session_info;
409 : uint8_t *scratch_buffer;
410 : size_t scratch_buffer_size;
411 :
412 1 : spdm_response_size = sizeof(spdm_error_response_t);
413 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
414 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
415 :
416 1 : session_id = 0xFFFFFFFF;
417 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
418 1 : spdm_response->header.request_response_code = SPDM_ERROR;
419 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH;
420 1 : spdm_response->header.param2 = 0;
421 :
422 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
423 : * transport_message is always in sender buffer. */
424 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
425 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
426 : scratch_buffer_size - transport_header_size,
427 : spdm_response, spdm_response_size);
428 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
429 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
430 : false, false,
431 : spdm_response_size,
432 : spdm_response,
433 : response_size, response);
434 1 : session_info = libspdm_get_session_info_via_session_id(
435 : spdm_context, session_id);
436 1 : if (session_info == NULL) {
437 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
438 : }
439 : ((libspdm_secured_message_context_t
440 1 : *)(session_info->secured_message_context))
441 1 : ->handshake_secret.response_handshake_sequence_number--;
442 : }
443 1 : return LIBSPDM_STATUS_SUCCESS;
444 :
445 2 : case 0x8: {
446 : spdm_error_response_data_response_not_ready_t *spdm_response;
447 : size_t spdm_response_size;
448 : size_t transport_header_size;
449 : uint32_t session_id;
450 : libspdm_session_info_t *session_info;
451 : uint8_t *scratch_buffer;
452 : size_t scratch_buffer_size;
453 :
454 2 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
455 2 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
456 2 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
457 :
458 2 : session_id = 0xFFFFFFFF;
459 2 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
460 2 : spdm_response->header.request_response_code = SPDM_ERROR;
461 2 : spdm_response->header.param1 =
462 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
463 2 : spdm_response->header.param2 = 0;
464 2 : spdm_response->extend_error_data.rd_exponent = 1;
465 2 : spdm_response->extend_error_data.rd_tm = 2;
466 2 : spdm_response->extend_error_data.request_code = SPDM_PSK_FINISH;
467 2 : spdm_response->extend_error_data.token = 0;
468 :
469 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
470 : * transport_message is always in sender buffer. */
471 2 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
472 2 : libspdm_copy_mem (scratch_buffer + transport_header_size,
473 : scratch_buffer_size - transport_header_size,
474 : spdm_response, spdm_response_size);
475 2 : spdm_response = (void *)(scratch_buffer + transport_header_size);
476 2 : libspdm_transport_test_encode_message(spdm_context, &session_id,
477 : false, false,
478 : spdm_response_size,
479 : spdm_response,
480 : response_size, response);
481 2 : session_info = libspdm_get_session_info_via_session_id(
482 : spdm_context, session_id);
483 2 : if (session_info == NULL) {
484 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
485 : }
486 : ((libspdm_secured_message_context_t
487 2 : *)(session_info->secured_message_context))
488 2 : ->handshake_secret.response_handshake_sequence_number--;
489 : }
490 2 : return LIBSPDM_STATUS_SUCCESS;
491 :
492 2 : case 0x9: {
493 : static size_t sub_index2 = 0;
494 2 : if (sub_index2 == 0) {
495 : spdm_error_response_data_response_not_ready_t
496 : *spdm_response;
497 : size_t spdm_response_size;
498 : size_t transport_header_size;
499 : uint32_t session_id;
500 : libspdm_session_info_t *session_info;
501 : uint8_t *scratch_buffer;
502 : size_t scratch_buffer_size;
503 :
504 1 : spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t);
505 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
506 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
507 :
508 1 : session_id = 0xFFFFFFFF;
509 1 : spdm_response->header.spdm_version =
510 : SPDM_MESSAGE_VERSION_11;
511 1 : spdm_response->header.request_response_code = SPDM_ERROR;
512 1 : spdm_response->header.param1 =
513 : SPDM_ERROR_CODE_RESPONSE_NOT_READY;
514 1 : spdm_response->header.param2 = 0;
515 1 : spdm_response->extend_error_data.rd_exponent = 1;
516 1 : spdm_response->extend_error_data.rd_tm = 2;
517 1 : spdm_response->extend_error_data.request_code =
518 : SPDM_PSK_FINISH;
519 1 : spdm_response->extend_error_data.token = 1;
520 :
521 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
522 : * transport_message is always in sender buffer. */
523 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
524 : &scratch_buffer_size);
525 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
526 : scratch_buffer_size - transport_header_size,
527 : spdm_response, spdm_response_size);
528 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
529 1 : libspdm_transport_test_encode_message(
530 : spdm_context, &session_id, false, false,
531 : spdm_response_size, spdm_response,
532 : response_size, response);
533 1 : sub_index2++;
534 1 : session_info = libspdm_get_session_info_via_session_id(
535 : spdm_context, session_id);
536 1 : if (session_info == NULL) {
537 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
538 : }
539 : ((libspdm_secured_message_context_t
540 1 : *)(session_info->secured_message_context))
541 : ->handshake_secret
542 1 : .response_handshake_sequence_number--;
543 1 : } else if (sub_index2 == 1) {
544 : spdm_psk_finish_response_t *spdm_response;
545 : size_t spdm_response_size;
546 : size_t transport_header_size;
547 : uint32_t session_id;
548 : libspdm_session_info_t *session_info;
549 : uint8_t *scratch_buffer;
550 : size_t scratch_buffer_size;
551 :
552 1 : session_id = 0xFFFFFFFF;
553 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
554 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
555 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
556 :
557 1 : spdm_response->header.spdm_version =
558 : SPDM_MESSAGE_VERSION_11;
559 1 : spdm_response->header.request_response_code =
560 : SPDM_PSK_FINISH_RSP;
561 1 : spdm_response->header.param1 = 0;
562 1 : spdm_response->header.param2 = 0;
563 :
564 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
565 : * transport_message is always in sender buffer. */
566 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
567 : &scratch_buffer_size);
568 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
569 : scratch_buffer_size - transport_header_size,
570 : spdm_response, spdm_response_size);
571 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
572 1 : libspdm_transport_test_encode_message(
573 : spdm_context, &session_id, false, false,
574 : spdm_response_size, spdm_response, response_size,
575 : response);
576 1 : session_info = libspdm_get_session_info_via_session_id(
577 : spdm_context, session_id);
578 1 : if (session_info == NULL) {
579 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
580 : }
581 : ((libspdm_secured_message_context_t
582 1 : *)(session_info->secured_message_context))
583 : ->handshake_secret
584 1 : .response_handshake_sequence_number--;
585 : }
586 : }
587 2 : return LIBSPDM_STATUS_SUCCESS;
588 :
589 18 : case 0xA:
590 : {
591 : static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
592 :
593 : spdm_error_response_t *spdm_response;
594 : size_t spdm_response_size;
595 : size_t transport_header_size;
596 : uint32_t session_id;
597 : libspdm_session_info_t *session_info;
598 : uint8_t *scratch_buffer;
599 : size_t scratch_buffer_size;
600 :
601 18 : session_id = 0xFFFFFFFF;
602 :
603 18 : spdm_response_size = sizeof(spdm_error_response_t);
604 18 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
605 18 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
606 :
607 18 : if(error_code <= 0xff) {
608 18 : libspdm_zero_mem (spdm_response, spdm_response_size);
609 18 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
610 18 : spdm_response->header.request_response_code = SPDM_ERROR;
611 18 : spdm_response->header.param1 = (uint8_t) error_code;
612 18 : spdm_response->header.param2 = 0;
613 :
614 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
615 : * transport_message is always in sender buffer. */
616 18 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer,
617 : &scratch_buffer_size);
618 18 : libspdm_copy_mem (scratch_buffer + transport_header_size,
619 : scratch_buffer_size - transport_header_size,
620 : spdm_response, spdm_response_size);
621 18 : spdm_response = (void *)(scratch_buffer + transport_header_size);
622 18 : libspdm_transport_test_encode_message (spdm_context, &session_id, false, false,
623 : spdm_response_size, spdm_response,
624 : response_size, response);
625 18 : session_info = libspdm_get_session_info_via_session_id (spdm_context, session_id);
626 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
627 18 : handshake_secret.response_handshake_sequence_number--;
628 : }
629 :
630 18 : error_code++;
631 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
632 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
633 : }
634 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
635 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
636 : }
637 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
638 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
639 : }
640 : }
641 18 : return LIBSPDM_STATUS_SUCCESS;
642 1 : case 0xB: {
643 : spdm_psk_finish_response_t *spdm_response;
644 : size_t spdm_response_size;
645 : size_t transport_header_size;
646 : uint32_t session_id;
647 : libspdm_session_info_t *session_info;
648 : uint8_t *scratch_buffer;
649 : size_t scratch_buffer_size;
650 :
651 1 : session_id = 0xFFFFFFFF;
652 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
653 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
654 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
655 :
656 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
657 1 : spdm_response->header.request_response_code =
658 : SPDM_PSK_FINISH_RSP;
659 1 : spdm_response->header.param1 = 0;
660 1 : spdm_response->header.param2 = 0;
661 :
662 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
663 : * transport_message is always in sender buffer. */
664 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
665 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
666 : scratch_buffer_size - transport_header_size,
667 : spdm_response, spdm_response_size);
668 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
669 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
670 : false, false, spdm_response_size,
671 : spdm_response, response_size,
672 : response);
673 1 : session_info = libspdm_get_session_info_via_session_id(
674 : spdm_context, session_id);
675 1 : if (session_info == NULL) {
676 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
677 : }
678 : /* WALKAROUND: If just use single context to encode message and then decode message */
679 : ((libspdm_secured_message_context_t
680 1 : *)(session_info->secured_message_context))
681 1 : ->handshake_secret.response_handshake_sequence_number--;
682 : }
683 1 : return LIBSPDM_STATUS_SUCCESS;
684 :
685 0 : case 0xC: {
686 : spdm_psk_finish_response_t *spdm_response;
687 : size_t spdm_response_size;
688 : size_t transport_header_size;
689 : uint32_t session_id;
690 : libspdm_session_info_t *session_info;
691 : uint8_t *scratch_buffer;
692 : size_t scratch_buffer_size;
693 :
694 0 : session_id = 0xFFFFFFFF;
695 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
696 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
697 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
698 :
699 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
700 0 : spdm_response->header.request_response_code =
701 : SPDM_PSK_FINISH_RSP;
702 0 : spdm_response->header.param1 = 0;
703 0 : spdm_response->header.param2 = 0;
704 :
705 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
706 : * transport_message is always in sender buffer. */
707 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
708 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
709 : scratch_buffer_size - transport_header_size,
710 : spdm_response, spdm_response_size);
711 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
712 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
713 : false, false, spdm_response_size,
714 : spdm_response, response_size,
715 : response);
716 0 : session_info = libspdm_get_session_info_via_session_id(
717 : spdm_context, session_id);
718 0 : if (session_info == NULL) {
719 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
720 : }
721 : /* WALKAROUND: If just use single context to encode message and then decode message */
722 : ((libspdm_secured_message_context_t
723 0 : *)(session_info->secured_message_context))
724 0 : ->handshake_secret.response_handshake_sequence_number--;
725 : }
726 0 : return LIBSPDM_STATUS_SUCCESS;
727 :
728 1 : case 0xD: {
729 : spdm_psk_finish_response_t *spdm_response;
730 : size_t spdm_response_size;
731 : size_t transport_header_size;
732 : uint32_t session_id;
733 : libspdm_session_info_t *session_info;
734 : uint8_t *scratch_buffer;
735 : size_t scratch_buffer_size;
736 :
737 1 : session_id = 0xFFFFFFFF;
738 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
739 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
740 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
741 :
742 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
743 1 : spdm_response->header.request_response_code =
744 : SPDM_FINISH_RSP; /*wrong response code*/
745 1 : spdm_response->header.param1 = 0;
746 1 : spdm_response->header.param2 = 0;
747 :
748 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
749 : * transport_message is always in sender buffer. */
750 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
751 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
752 : scratch_buffer_size - transport_header_size,
753 : spdm_response, spdm_response_size);
754 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
755 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
756 : false, false, spdm_response_size,
757 : spdm_response, response_size,
758 : response);
759 1 : session_info = libspdm_get_session_info_via_session_id(
760 : spdm_context, session_id);
761 1 : if (session_info == NULL) {
762 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
763 : }
764 : /* WALKAROUND: If just use single context to encode message and then decode message */
765 : ((libspdm_secured_message_context_t
766 1 : *)(session_info->secured_message_context))
767 1 : ->handshake_secret.response_handshake_sequence_number--;
768 : }
769 1 : return LIBSPDM_STATUS_SUCCESS;
770 :
771 0 : case 0xE: {
772 : spdm_psk_finish_response_t *spdm_response;
773 : size_t spdm_response_size;
774 : size_t transport_header_size;
775 : uint32_t session_id;
776 : libspdm_session_info_t *session_info;
777 : uint8_t *scratch_buffer;
778 : size_t scratch_buffer_size;
779 :
780 0 : session_id = 0xFFFFFFFF;
781 0 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
782 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
783 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
784 :
785 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
786 0 : spdm_response->header.request_response_code =
787 : SPDM_PSK_FINISH_RSP;
788 0 : spdm_response->header.param1 = 0;
789 0 : spdm_response->header.param2 = 0;
790 :
791 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
792 : * transport_message is always in sender buffer. */
793 0 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
794 0 : libspdm_copy_mem (scratch_buffer + transport_header_size,
795 : scratch_buffer_size - transport_header_size,
796 : spdm_response, spdm_response_size);
797 0 : spdm_response = (void *)(scratch_buffer + transport_header_size);
798 0 : libspdm_transport_test_encode_message(spdm_context, &session_id,
799 : false, false, spdm_response_size,
800 : spdm_response, response_size,
801 : response);
802 0 : session_info = libspdm_get_session_info_via_session_id(
803 : spdm_context, session_id);
804 0 : if (session_info == NULL) {
805 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
806 : }
807 : /* WALKAROUND: If just use single context to encode message and then decode message */
808 : ((libspdm_secured_message_context_t
809 0 : *)(session_info->secured_message_context))
810 0 : ->handshake_secret.response_handshake_sequence_number--;
811 : }
812 0 : return LIBSPDM_STATUS_SUCCESS;
813 :
814 1 : case 0xF: {
815 : spdm_error_response_t *spdm_response;
816 : size_t spdm_response_size;
817 : size_t transport_header_size;
818 : uint32_t session_id;
819 : libspdm_session_info_t *session_info;
820 : uint8_t *scratch_buffer;
821 : size_t scratch_buffer_size;
822 :
823 1 : session_id = 0xFFFFFFFF;
824 :
825 1 : spdm_response_size = sizeof(spdm_error_response_t);
826 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
827 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
828 :
829 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
830 1 : spdm_response->header.request_response_code = SPDM_ERROR;
831 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR;
832 1 : spdm_response->header.param2 = 0;
833 :
834 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
835 : * transport_message is always in sender buffer. */
836 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
837 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
838 : scratch_buffer_size - transport_header_size,
839 : spdm_response, spdm_response_size);
840 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
841 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
842 : false, false,
843 : spdm_response_size,
844 : spdm_response,
845 : response_size, response);
846 1 : session_info = libspdm_get_session_info_via_session_id(
847 : spdm_context, session_id);
848 1 : if (session_info == NULL) {
849 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
850 : }
851 : ((libspdm_secured_message_context_t
852 1 : *)(session_info->secured_message_context))
853 1 : ->handshake_secret.response_handshake_sequence_number--;
854 : }
855 1 : return LIBSPDM_STATUS_SUCCESS;
856 :
857 1 : case 0x10: {
858 : spdm_psk_finish_response_t *spdm_response;
859 : size_t spdm_response_size;
860 : size_t transport_header_size;
861 : uint32_t session_id;
862 : libspdm_session_info_t *session_info;
863 : uint8_t *scratch_buffer;
864 : size_t scratch_buffer_size;
865 :
866 1 : session_id = 0xFFFFFFFF;
867 1 : spdm_response_size = sizeof(spdm_psk_finish_response_t);
868 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
869 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
870 :
871 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
872 1 : spdm_response->header.request_response_code =
873 : SPDM_PSK_FINISH_RSP;
874 1 : spdm_response->header.param1 = 0;
875 1 : spdm_response->header.param2 = 0;
876 :
877 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
878 : * transport_message is always in sender buffer. */
879 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
880 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
881 : scratch_buffer_size - transport_header_size,
882 : spdm_response, spdm_response_size);
883 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
884 :
885 1 : libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size],
886 : sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size,
887 : spdm_response, spdm_response_size);
888 1 : m_libspdm_local_buffer_size += spdm_response_size;
889 :
890 1 : libspdm_transport_test_encode_message(spdm_context, &session_id,
891 : false, false, spdm_response_size,
892 : spdm_response, response_size,
893 : response);
894 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, session_id);
895 1 : if (session_info == NULL) {
896 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
897 : }
898 : /* WALKAROUND: If just use single context to encode message and then decode message */
899 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
900 1 : ->handshake_secret.response_handshake_sequence_number--;
901 : }
902 1 : return LIBSPDM_STATUS_SUCCESS;
903 :
904 0 : default:
905 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
906 : }
907 : }
908 :
909 : /**
910 : * Test 1: when no PSK_FINISH_RSP message is received, and the client returns
911 : * a device error.
912 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
913 : **/
914 1 : void libspdm_test_requester_psk_finish_case1(void **state)
915 : {
916 : libspdm_return_t status;
917 : libspdm_test_context_t *spdm_test_context;
918 : libspdm_context_t *spdm_context;
919 : uint32_t session_id;
920 : void *data;
921 : size_t data_size;
922 : void *hash;
923 : size_t hash_size;
924 : libspdm_session_info_t *session_info;
925 :
926 1 : spdm_test_context = *state;
927 1 : spdm_context = spdm_test_context->spdm_context;
928 1 : spdm_test_context->case_id = 0x1;
929 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
930 : SPDM_VERSION_NUMBER_SHIFT_BIT;
931 1 : spdm_context->connection_info.connection_state =
932 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
933 1 : spdm_context->connection_info.capability.flags |=
934 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
935 1 : spdm_context->connection_info.capability.flags |=
936 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
937 1 : spdm_context->connection_info.capability.flags |=
938 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
939 1 : spdm_context->local_context.capability.flags |=
940 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
941 1 : spdm_context->local_context.capability.flags |=
942 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
943 1 : spdm_context->local_context.capability.flags |=
944 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
945 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
946 : m_libspdm_use_asym_algo, &data,
947 : &data_size, &hash, &hash_size);
948 1 : libspdm_reset_message_a(spdm_context);
949 1 : spdm_context->connection_info.algorithm.base_hash_algo =
950 : m_libspdm_use_hash_algo;
951 1 : spdm_context->connection_info.algorithm.base_asym_algo =
952 : m_libspdm_use_asym_algo;
953 1 : spdm_context->connection_info.algorithm.dhe_named_group =
954 : m_libspdm_use_dhe_algo;
955 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
956 : m_libspdm_use_aead_algo;
957 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
958 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
959 : data_size;
960 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
961 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
962 : data, data_size);
963 : #endif
964 :
965 1 : session_id = 0xFFFFFFFF;
966 1 : session_info = &spdm_context->session_info[0];
967 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
968 1 : libspdm_session_info_set_psk_hint(session_info,
969 : LIBSPDM_TEST_PSK_HINT_STRING,
970 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
971 1 : libspdm_secured_message_set_session_state(
972 : session_info->secured_message_context,
973 : LIBSPDM_SESSION_STATE_HANDSHAKING);
974 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
975 :
976 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
977 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
978 1 : free(data);
979 1 : }
980 :
981 : /**
982 : * Test 2: receiving a correct PSK_FINISH_RSP message.
983 : * Expected behavior: client returns a Status of RETURN_SUCCESS and
984 : * session is established.
985 : **/
986 1 : void libspdm_test_requester_psk_finish_case2(void **state)
987 : {
988 : libspdm_return_t status;
989 : libspdm_test_context_t *spdm_test_context;
990 : libspdm_context_t *spdm_context;
991 : uint32_t session_id;
992 : void *data;
993 : size_t data_size;
994 : void *hash;
995 : size_t hash_size;
996 : libspdm_session_info_t *session_info;
997 :
998 1 : spdm_test_context = *state;
999 1 : spdm_context = spdm_test_context->spdm_context;
1000 1 : spdm_test_context->case_id = 0x2;
1001 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1002 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1003 1 : spdm_context->connection_info.connection_state =
1004 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1005 1 : spdm_context->connection_info.capability.flags |=
1006 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1007 1 : spdm_context->connection_info.capability.flags |=
1008 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1009 1 : spdm_context->connection_info.capability.flags |=
1010 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1011 1 : spdm_context->local_context.capability.flags |=
1012 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1013 1 : spdm_context->local_context.capability.flags |=
1014 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1015 1 : spdm_context->local_context.capability.flags |=
1016 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1017 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1018 : m_libspdm_use_asym_algo, &data,
1019 : &data_size, &hash, &hash_size);
1020 1 : libspdm_reset_message_a(spdm_context);
1021 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1022 : m_libspdm_use_hash_algo;
1023 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1024 : m_libspdm_use_asym_algo;
1025 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1026 : m_libspdm_use_dhe_algo;
1027 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1028 : m_libspdm_use_aead_algo;
1029 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1030 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1031 : data_size;
1032 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1033 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1034 : data, data_size);
1035 : #endif
1036 :
1037 1 : session_id = 0xFFFFFFFF;
1038 1 : session_info = &spdm_context->session_info[0];
1039 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1040 1 : libspdm_session_info_set_psk_hint(session_info,
1041 : LIBSPDM_TEST_PSK_HINT_STRING,
1042 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1043 1 : libspdm_secured_message_set_session_state(
1044 : session_info->secured_message_context,
1045 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1046 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1047 : ((libspdm_secured_message_context_t
1048 1 : *)(session_info->secured_message_context))
1049 : ->aead_key_size,
1050 : (uint8_t)(0xFF));
1051 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1052 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1053 : ((libspdm_secured_message_context_t
1054 1 : *)(session_info->secured_message_context))
1055 : ->aead_key_size);
1056 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1057 : ((libspdm_secured_message_context_t
1058 1 : *)(session_info->secured_message_context))
1059 : ->aead_iv_size,
1060 : (uint8_t)(0xFF));
1061 1 : libspdm_secured_message_set_response_handshake_salt(
1062 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1063 : ((libspdm_secured_message_context_t
1064 1 : *)(session_info->secured_message_context))
1065 : ->aead_iv_size);
1066 : ((libspdm_secured_message_context_t *)(session_info
1067 1 : ->secured_message_context))
1068 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1069 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1070 :
1071 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1072 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1073 1 : assert_int_equal(
1074 : libspdm_secured_message_get_session_state(
1075 : spdm_context->session_info[0].secured_message_context),
1076 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1077 1 : free(data);
1078 1 : }
1079 :
1080 : /**
1081 : * Test 3: requester state has not been negotiated, as if GET_VERSION,
1082 : * GET_CAPABILITIES and NEGOTIATE_ALGORITHMS had not been exchanged.
1083 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1084 : **/
1085 1 : void libspdm_test_requester_psk_finish_case3(void **state)
1086 : {
1087 : libspdm_return_t status;
1088 : libspdm_test_context_t *spdm_test_context;
1089 : libspdm_context_t *spdm_context;
1090 : uint32_t session_id;
1091 : void *data;
1092 : size_t data_size;
1093 : void *hash;
1094 : size_t hash_size;
1095 : libspdm_session_info_t *session_info;
1096 :
1097 1 : spdm_test_context = *state;
1098 1 : spdm_context = spdm_test_context->spdm_context;
1099 1 : spdm_test_context->case_id = 0x3;
1100 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1101 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1102 1 : spdm_context->connection_info.connection_state =
1103 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
1104 1 : spdm_context->connection_info.capability.flags |=
1105 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1106 1 : spdm_context->connection_info.capability.flags |=
1107 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1108 1 : spdm_context->connection_info.capability.flags |=
1109 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1110 1 : spdm_context->local_context.capability.flags |=
1111 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1112 1 : spdm_context->local_context.capability.flags |=
1113 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1114 1 : spdm_context->local_context.capability.flags |=
1115 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1116 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1117 : m_libspdm_use_asym_algo, &data,
1118 : &data_size, &hash, &hash_size);
1119 1 : libspdm_reset_message_a(spdm_context);
1120 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1121 : m_libspdm_use_hash_algo;
1122 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1123 : m_libspdm_use_asym_algo;
1124 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1125 : m_libspdm_use_dhe_algo;
1126 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1127 : m_libspdm_use_aead_algo;
1128 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1129 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1130 : data_size;
1131 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1132 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1133 : data, data_size);
1134 : #endif
1135 :
1136 1 : session_id = 0xFFFFFFFF;
1137 1 : session_info = &spdm_context->session_info[0];
1138 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1139 1 : libspdm_session_info_set_psk_hint(session_info,
1140 : LIBSPDM_TEST_PSK_HINT_STRING,
1141 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1142 1 : libspdm_secured_message_set_session_state(
1143 : session_info->secured_message_context,
1144 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1145 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1146 : ((libspdm_secured_message_context_t
1147 1 : *)(session_info->secured_message_context))
1148 : ->aead_key_size,
1149 : (uint8_t)(0xFF));
1150 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1151 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1152 : ((libspdm_secured_message_context_t
1153 1 : *)(session_info->secured_message_context))
1154 : ->aead_key_size);
1155 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1156 : ((libspdm_secured_message_context_t
1157 1 : *)(session_info->secured_message_context))
1158 : ->aead_iv_size,
1159 : (uint8_t)(0xFF));
1160 1 : libspdm_secured_message_set_response_handshake_salt(
1161 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1162 : ((libspdm_secured_message_context_t
1163 1 : *)(session_info->secured_message_context))
1164 : ->aead_iv_size);
1165 : ((libspdm_secured_message_context_t *)(session_info
1166 1 : ->secured_message_context))
1167 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1168 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1169 :
1170 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1171 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
1172 1 : free(data);
1173 1 : }
1174 :
1175 : /**
1176 : * Test 4: the requester is setup correctly, but receives an ERROR message
1177 : * indicating InvalidParameters.
1178 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1179 : **/
1180 1 : void libspdm_test_requester_psk_finish_case4(void **state)
1181 : {
1182 : libspdm_return_t status;
1183 : libspdm_test_context_t *spdm_test_context;
1184 : libspdm_context_t *spdm_context;
1185 : uint32_t session_id;
1186 : void *data;
1187 : size_t data_size;
1188 : void *hash;
1189 : size_t hash_size;
1190 : libspdm_session_info_t *session_info;
1191 :
1192 1 : spdm_test_context = *state;
1193 1 : spdm_context = spdm_test_context->spdm_context;
1194 1 : spdm_test_context->case_id = 0x4;
1195 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1196 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1197 1 : spdm_context->connection_info.connection_state =
1198 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1199 1 : spdm_context->connection_info.capability.flags |=
1200 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1201 1 : spdm_context->connection_info.capability.flags |=
1202 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1203 1 : spdm_context->connection_info.capability.flags |=
1204 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1205 1 : spdm_context->local_context.capability.flags |=
1206 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1207 1 : spdm_context->local_context.capability.flags |=
1208 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1209 1 : spdm_context->local_context.capability.flags |=
1210 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1211 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1212 : m_libspdm_use_asym_algo, &data,
1213 : &data_size, &hash, &hash_size);
1214 1 : libspdm_reset_message_a(spdm_context);
1215 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1216 : m_libspdm_use_hash_algo;
1217 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1218 : m_libspdm_use_asym_algo;
1219 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1220 : m_libspdm_use_dhe_algo;
1221 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1222 : m_libspdm_use_aead_algo;
1223 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1224 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1225 : data_size;
1226 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1227 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1228 : data, data_size);
1229 : #endif
1230 :
1231 1 : session_id = 0xFFFFFFFF;
1232 1 : session_info = &spdm_context->session_info[0];
1233 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1234 1 : libspdm_session_info_set_psk_hint(session_info,
1235 : LIBSPDM_TEST_PSK_HINT_STRING,
1236 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1237 1 : libspdm_secured_message_set_session_state(
1238 : session_info->secured_message_context,
1239 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1240 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1241 : ((libspdm_secured_message_context_t
1242 1 : *)(session_info->secured_message_context))
1243 : ->aead_key_size,
1244 : (uint8_t)(0xFF));
1245 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1246 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1247 : ((libspdm_secured_message_context_t
1248 1 : *)(session_info->secured_message_context))
1249 : ->aead_key_size);
1250 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1251 : ((libspdm_secured_message_context_t
1252 1 : *)(session_info->secured_message_context))
1253 : ->aead_iv_size,
1254 : (uint8_t)(0xFF));
1255 1 : libspdm_secured_message_set_response_handshake_salt(
1256 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1257 : ((libspdm_secured_message_context_t
1258 1 : *)(session_info->secured_message_context))
1259 : ->aead_iv_size);
1260 : ((libspdm_secured_message_context_t *)(session_info
1261 1 : ->secured_message_context))
1262 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1263 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1264 :
1265 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1266 1 : assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER);
1267 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
1268 1 : free(data);
1269 1 : }
1270 :
1271 : /**
1272 : * Test 5: the requester is setup correctly, but receives an ERROR message
1273 : * indicating the Busy status of the responder.
1274 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1275 : **/
1276 1 : void libspdm_test_requester_psk_finish_case5(void **state)
1277 : {
1278 : libspdm_return_t status;
1279 : libspdm_test_context_t *spdm_test_context;
1280 : libspdm_context_t *spdm_context;
1281 : uint32_t session_id;
1282 : void *data;
1283 : size_t data_size;
1284 : void *hash;
1285 : size_t hash_size;
1286 : libspdm_session_info_t *session_info;
1287 :
1288 1 : spdm_test_context = *state;
1289 1 : spdm_context = spdm_test_context->spdm_context;
1290 1 : spdm_test_context->case_id = 0x5;
1291 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1292 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1293 1 : spdm_context->connection_info.connection_state =
1294 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1295 1 : spdm_context->connection_info.capability.flags |=
1296 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1297 1 : spdm_context->connection_info.capability.flags |=
1298 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1299 1 : spdm_context->connection_info.capability.flags |=
1300 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1301 1 : spdm_context->local_context.capability.flags |=
1302 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1303 1 : spdm_context->local_context.capability.flags |=
1304 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1305 1 : spdm_context->local_context.capability.flags |=
1306 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1307 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1308 : m_libspdm_use_asym_algo, &data,
1309 : &data_size, &hash, &hash_size);
1310 1 : libspdm_reset_message_a(spdm_context);
1311 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1312 : m_libspdm_use_hash_algo;
1313 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1314 : m_libspdm_use_asym_algo;
1315 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1316 : m_libspdm_use_dhe_algo;
1317 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1318 : m_libspdm_use_aead_algo;
1319 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1320 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1321 : data_size;
1322 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1323 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1324 : data, data_size);
1325 : #endif
1326 :
1327 1 : session_id = 0xFFFFFFFF;
1328 1 : session_info = &spdm_context->session_info[0];
1329 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1330 1 : libspdm_session_info_set_psk_hint(session_info,
1331 : LIBSPDM_TEST_PSK_HINT_STRING,
1332 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1333 1 : libspdm_secured_message_set_session_state(
1334 : session_info->secured_message_context,
1335 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1336 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1337 : ((libspdm_secured_message_context_t
1338 1 : *)(session_info->secured_message_context))
1339 : ->aead_key_size,
1340 : (uint8_t)(0xFF));
1341 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1342 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1343 : ((libspdm_secured_message_context_t
1344 1 : *)(session_info->secured_message_context))
1345 : ->aead_key_size);
1346 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1347 : ((libspdm_secured_message_context_t
1348 1 : *)(session_info->secured_message_context))
1349 : ->aead_iv_size,
1350 : (uint8_t)(0xFF));
1351 1 : libspdm_secured_message_set_response_handshake_salt(
1352 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1353 : ((libspdm_secured_message_context_t
1354 1 : *)(session_info->secured_message_context))
1355 : ->aead_iv_size);
1356 : ((libspdm_secured_message_context_t *)(session_info
1357 1 : ->secured_message_context))
1358 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1359 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1360 :
1361 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1362 1 : assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER);
1363 1 : free(data);
1364 1 : }
1365 :
1366 : /**
1367 : * Test 6: the requester is setup correctly, but, on the first try, receiving
1368 : * a Busy ERROR message, and, on retry, receiving a correct PSK_FINISH_RSP
1369 : * message.
1370 : * Expected behavior: client returns a Status of RETURN_SUCCESS and session
1371 : * is established.
1372 : **/
1373 1 : void libspdm_test_requester_psk_finish_case6(void **state)
1374 : {
1375 : libspdm_return_t status;
1376 : libspdm_test_context_t *spdm_test_context;
1377 : libspdm_context_t *spdm_context;
1378 : uint32_t session_id;
1379 : void *data;
1380 : size_t data_size;
1381 : void *hash;
1382 : size_t hash_size;
1383 : libspdm_session_info_t *session_info;
1384 :
1385 1 : spdm_test_context = *state;
1386 1 : spdm_context = spdm_test_context->spdm_context;
1387 1 : spdm_test_context->case_id = 0x6;
1388 1 : spdm_context->retry_times = 3;
1389 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1390 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1391 1 : spdm_context->connection_info.connection_state =
1392 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1393 1 : spdm_context->connection_info.capability.flags |=
1394 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1395 1 : spdm_context->connection_info.capability.flags |=
1396 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1397 1 : spdm_context->connection_info.capability.flags |=
1398 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1399 1 : spdm_context->local_context.capability.flags |=
1400 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1401 1 : spdm_context->local_context.capability.flags |=
1402 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1403 1 : spdm_context->local_context.capability.flags |=
1404 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1405 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1406 : m_libspdm_use_asym_algo, &data,
1407 : &data_size, &hash, &hash_size);
1408 1 : libspdm_reset_message_a(spdm_context);
1409 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1410 : m_libspdm_use_hash_algo;
1411 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1412 : m_libspdm_use_asym_algo;
1413 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1414 : m_libspdm_use_dhe_algo;
1415 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1416 : m_libspdm_use_aead_algo;
1417 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1418 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1419 : data_size;
1420 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1421 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1422 : data, data_size);
1423 : #endif
1424 :
1425 1 : session_id = 0xFFFFFFFF;
1426 1 : session_info = &spdm_context->session_info[0];
1427 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1428 1 : libspdm_session_info_set_psk_hint(session_info,
1429 : LIBSPDM_TEST_PSK_HINT_STRING,
1430 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1431 1 : libspdm_secured_message_set_session_state(
1432 : session_info->secured_message_context,
1433 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1434 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1435 : ((libspdm_secured_message_context_t
1436 1 : *)(session_info->secured_message_context))
1437 : ->aead_key_size,
1438 : (uint8_t)(0xFF));
1439 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1440 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1441 : ((libspdm_secured_message_context_t
1442 1 : *)(session_info->secured_message_context))
1443 : ->aead_key_size);
1444 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1445 : ((libspdm_secured_message_context_t
1446 1 : *)(session_info->secured_message_context))
1447 : ->aead_iv_size,
1448 : (uint8_t)(0xFF));
1449 1 : libspdm_secured_message_set_response_handshake_salt(
1450 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1451 : ((libspdm_secured_message_context_t
1452 1 : *)(session_info->secured_message_context))
1453 : ->aead_iv_size);
1454 : ((libspdm_secured_message_context_t *)(session_info
1455 1 : ->secured_message_context))
1456 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1457 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1458 :
1459 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1460 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1461 1 : assert_int_equal(
1462 : libspdm_secured_message_get_session_state(
1463 : spdm_context->session_info[0].secured_message_context),
1464 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1465 1 : free(data);
1466 1 : }
1467 :
1468 : /**
1469 : * Test 7: the requester is setup correctly, but receives an ERROR message
1470 : * indicating the RequestResynch status of the responder.
1471 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the
1472 : * communication is reset to expect a new GET_VERSION message.
1473 : **/
1474 1 : void libspdm_test_requester_psk_finish_case7(void **state)
1475 : {
1476 : libspdm_return_t status;
1477 : libspdm_test_context_t *spdm_test_context;
1478 : libspdm_context_t *spdm_context;
1479 : uint32_t session_id;
1480 : void *data;
1481 : size_t data_size;
1482 : void *hash;
1483 : size_t hash_size;
1484 : libspdm_session_info_t *session_info;
1485 :
1486 1 : spdm_test_context = *state;
1487 1 : spdm_context = spdm_test_context->spdm_context;
1488 1 : spdm_test_context->case_id = 0x7;
1489 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1490 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1491 1 : spdm_context->connection_info.connection_state =
1492 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1493 1 : spdm_context->connection_info.capability.flags |=
1494 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1495 1 : spdm_context->connection_info.capability.flags |=
1496 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1497 1 : spdm_context->connection_info.capability.flags |=
1498 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1499 1 : spdm_context->local_context.capability.flags |=
1500 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1501 1 : spdm_context->local_context.capability.flags |=
1502 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1503 1 : spdm_context->local_context.capability.flags |=
1504 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1505 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1506 : m_libspdm_use_asym_algo, &data,
1507 : &data_size, &hash, &hash_size);
1508 1 : libspdm_reset_message_a(spdm_context);
1509 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1510 : m_libspdm_use_hash_algo;
1511 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1512 : m_libspdm_use_asym_algo;
1513 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1514 : m_libspdm_use_dhe_algo;
1515 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1516 : m_libspdm_use_aead_algo;
1517 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1518 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1519 : data_size;
1520 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1521 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1522 : data, data_size);
1523 : #endif
1524 :
1525 1 : session_id = 0xFFFFFFFF;
1526 1 : session_info = &spdm_context->session_info[0];
1527 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1528 1 : libspdm_session_info_set_psk_hint(session_info,
1529 : LIBSPDM_TEST_PSK_HINT_STRING,
1530 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1531 1 : libspdm_secured_message_set_session_state(
1532 : session_info->secured_message_context,
1533 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1534 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1535 : ((libspdm_secured_message_context_t
1536 1 : *)(session_info->secured_message_context))
1537 : ->aead_key_size,
1538 : (uint8_t)(0xFF));
1539 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1540 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1541 : ((libspdm_secured_message_context_t
1542 1 : *)(session_info->secured_message_context))
1543 : ->aead_key_size);
1544 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1545 : ((libspdm_secured_message_context_t
1546 1 : *)(session_info->secured_message_context))
1547 : ->aead_iv_size,
1548 : (uint8_t)(0xFF));
1549 1 : libspdm_secured_message_set_response_handshake_salt(
1550 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1551 : ((libspdm_secured_message_context_t
1552 1 : *)(session_info->secured_message_context))
1553 : ->aead_iv_size);
1554 : ((libspdm_secured_message_context_t *)(session_info
1555 1 : ->secured_message_context))
1556 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1557 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1558 :
1559 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1560 1 : assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER);
1561 1 : assert_int_equal(spdm_context->connection_info.connection_state,
1562 : LIBSPDM_CONNECTION_STATE_NOT_STARTED);
1563 1 : free(data);
1564 1 : }
1565 :
1566 : /**
1567 : * Test 8: the requester is setup correctly, but receives an ERROR message
1568 : * indicating the ResponseNotReady status of the responder.
1569 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
1570 : **/
1571 1 : void libspdm_test_requester_psk_finish_case8(void **state)
1572 : {
1573 : libspdm_return_t status;
1574 : libspdm_test_context_t *spdm_test_context;
1575 : libspdm_context_t *spdm_context;
1576 : uint32_t session_id;
1577 : void *data;
1578 : size_t data_size;
1579 : void *hash;
1580 : size_t hash_size;
1581 : libspdm_session_info_t *session_info;
1582 :
1583 1 : spdm_test_context = *state;
1584 1 : spdm_context = spdm_test_context->spdm_context;
1585 1 : spdm_test_context->case_id = 0x8;
1586 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1587 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1588 1 : spdm_context->connection_info.connection_state =
1589 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1590 1 : spdm_context->connection_info.capability.flags |=
1591 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1592 1 : spdm_context->connection_info.capability.flags |=
1593 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1594 1 : spdm_context->connection_info.capability.flags |=
1595 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1596 1 : spdm_context->local_context.capability.flags |=
1597 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1598 1 : spdm_context->local_context.capability.flags |=
1599 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1600 1 : spdm_context->local_context.capability.flags |=
1601 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1602 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1603 : m_libspdm_use_asym_algo, &data,
1604 : &data_size, &hash, &hash_size);
1605 1 : libspdm_reset_message_a(spdm_context);
1606 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1607 : m_libspdm_use_hash_algo;
1608 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1609 : m_libspdm_use_asym_algo;
1610 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1611 : m_libspdm_use_dhe_algo;
1612 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1613 : m_libspdm_use_aead_algo;
1614 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1615 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1616 : data_size;
1617 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1618 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1619 : data, data_size);
1620 : #endif
1621 :
1622 1 : session_id = 0xFFFFFFFF;
1623 1 : session_info = &spdm_context->session_info[0];
1624 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1625 1 : libspdm_session_info_set_psk_hint(session_info,
1626 : LIBSPDM_TEST_PSK_HINT_STRING,
1627 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1628 1 : libspdm_secured_message_set_session_state(
1629 : session_info->secured_message_context,
1630 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1631 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1632 : ((libspdm_secured_message_context_t
1633 1 : *)(session_info->secured_message_context))
1634 : ->aead_key_size,
1635 : (uint8_t)(0xFF));
1636 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1637 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1638 : ((libspdm_secured_message_context_t
1639 1 : *)(session_info->secured_message_context))
1640 : ->aead_key_size);
1641 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1642 : ((libspdm_secured_message_context_t
1643 1 : *)(session_info->secured_message_context))
1644 : ->aead_iv_size,
1645 : (uint8_t)(0xFF));
1646 1 : libspdm_secured_message_set_response_handshake_salt(
1647 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1648 : ((libspdm_secured_message_context_t
1649 1 : *)(session_info->secured_message_context))
1650 : ->aead_iv_size);
1651 : ((libspdm_secured_message_context_t *)(session_info
1652 1 : ->secured_message_context))
1653 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1654 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1655 :
1656 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1657 1 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1658 1 : free(data);
1659 1 : }
1660 :
1661 : /**
1662 : * Test 9: the requester is setup correctly, but, on the first try, receiving
1663 : * a ResponseNotReady ERROR message, and, on retry, receiving a correct
1664 : * PSK_FINISH_RSP message.
1665 : * Expected behavior: client returns a Status of RETURN_SUCCESS and session
1666 : * is established.
1667 : **/
1668 1 : void libspdm_test_requester_psk_finish_case9(void **state)
1669 : {
1670 : libspdm_return_t status;
1671 : libspdm_test_context_t *spdm_test_context;
1672 : libspdm_context_t *spdm_context;
1673 : uint32_t session_id;
1674 : void *data;
1675 : size_t data_size;
1676 : void *hash;
1677 : size_t hash_size;
1678 : libspdm_session_info_t *session_info;
1679 :
1680 1 : spdm_test_context = *state;
1681 1 : spdm_context = spdm_test_context->spdm_context;
1682 1 : spdm_test_context->case_id = 0x9;
1683 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1684 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1685 1 : spdm_context->connection_info.connection_state =
1686 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1687 1 : spdm_context->connection_info.capability.flags |=
1688 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1689 1 : spdm_context->connection_info.capability.flags |=
1690 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1691 1 : spdm_context->connection_info.capability.flags |=
1692 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1693 1 : spdm_context->local_context.capability.flags |=
1694 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1695 1 : spdm_context->local_context.capability.flags |=
1696 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1697 1 : spdm_context->local_context.capability.flags |=
1698 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1699 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1700 : m_libspdm_use_asym_algo, &data,
1701 : &data_size, &hash, &hash_size);
1702 1 : libspdm_reset_message_a(spdm_context);
1703 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1704 : m_libspdm_use_hash_algo;
1705 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1706 : m_libspdm_use_asym_algo;
1707 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1708 : m_libspdm_use_dhe_algo;
1709 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1710 : m_libspdm_use_aead_algo;
1711 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1712 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1713 : data_size;
1714 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1715 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1716 : data, data_size);
1717 : #endif
1718 :
1719 1 : session_id = 0xFFFFFFFF;
1720 1 : session_info = &spdm_context->session_info[0];
1721 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1722 1 : libspdm_session_info_set_psk_hint(session_info,
1723 : LIBSPDM_TEST_PSK_HINT_STRING,
1724 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1725 1 : libspdm_secured_message_set_session_state(
1726 : session_info->secured_message_context,
1727 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1728 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1729 : ((libspdm_secured_message_context_t
1730 1 : *)(session_info->secured_message_context))
1731 : ->aead_key_size,
1732 : (uint8_t)(0xFF));
1733 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1734 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1735 : ((libspdm_secured_message_context_t
1736 1 : *)(session_info->secured_message_context))
1737 : ->aead_key_size);
1738 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1739 : ((libspdm_secured_message_context_t
1740 1 : *)(session_info->secured_message_context))
1741 : ->aead_iv_size,
1742 : (uint8_t)(0xFF));
1743 1 : libspdm_secured_message_set_response_handshake_salt(
1744 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1745 : ((libspdm_secured_message_context_t
1746 1 : *)(session_info->secured_message_context))
1747 : ->aead_iv_size);
1748 : ((libspdm_secured_message_context_t *)(session_info
1749 1 : ->secured_message_context))
1750 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1751 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1752 :
1753 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1754 : if (LIBSPDM_RESPOND_IF_READY_SUPPORT) {
1755 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1756 1 : assert_int_equal(
1757 : libspdm_secured_message_get_session_state(
1758 : spdm_context->session_info[0].secured_message_context),
1759 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1760 : } else {
1761 : assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER);
1762 : }
1763 :
1764 1 : free(data);
1765 1 : }
1766 :
1767 : /**
1768 : * Test 10: receiving an unexpected ERROR message from the responder.
1769 : * There are tests for all named codes, including some reserved ones
1770 : * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe).
1771 : * However, for having specific test cases, it is excluded from this case:
1772 : * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43).
1773 : * Expected behavior: client returns a status of RETURN_DEVICE_ERROR.
1774 : **/
1775 1 : void libspdm_test_requester_psk_finish_case10(void **state) {
1776 : libspdm_return_t status;
1777 : libspdm_test_context_t *spdm_test_context;
1778 : libspdm_context_t *spdm_context;
1779 : uint32_t session_id;
1780 : void *data;
1781 : size_t data_size;
1782 : void *hash;
1783 : size_t hash_size;
1784 : libspdm_session_info_t *session_info;
1785 : uint16_t error_code;
1786 :
1787 1 : spdm_test_context = *state;
1788 1 : spdm_context = spdm_test_context->spdm_context;
1789 1 : spdm_test_context->case_id = 0xA;
1790 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1791 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1792 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1793 1 : spdm_context->connection_info.capability.flags |=
1794 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1795 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1796 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1797 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1798 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1799 1 : libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo,
1800 : m_libspdm_use_asym_algo,
1801 : &data, &data_size,
1802 : &hash, &hash_size);
1803 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1804 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1805 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1806 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1807 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1808 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1809 : data_size;
1810 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1811 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1812 : data, data_size);
1813 : #endif
1814 :
1815 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_00;
1816 19 : while(error_code <= 0xff) {
1817 18 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1818 18 : libspdm_reset_message_a(spdm_context);
1819 :
1820 18 : session_id = 0xFFFFFFFF;
1821 18 : session_info = &spdm_context->session_info[0];
1822 18 : libspdm_session_info_init (spdm_context, session_info, session_id, true);
1823 18 : libspdm_session_info_set_psk_hint(session_info,
1824 : LIBSPDM_TEST_PSK_HINT_STRING,
1825 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1826 18 : libspdm_secured_message_set_session_state (session_info->secured_message_context,
1827 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1828 18 : libspdm_set_mem (m_libspdm_dummy_key_buffer,
1829 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size,
1830 : (uint8_t)(0xFF));
1831 18 : libspdm_secured_message_set_response_handshake_encryption_key (
1832 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1833 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_key_size);
1834 18 : libspdm_set_mem (m_libspdm_dummy_salt_buffer,
1835 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->aead_iv_size,
1836 : (uint8_t)(0xFF));
1837 18 : libspdm_secured_message_set_response_handshake_salt (session_info->secured_message_context,
1838 : m_libspdm_dummy_salt_buffer,
1839 : ((libspdm_secured_message_context_t*)(
1840 18 : session_info->
1841 : secured_message_context))->aead_iv_size);
1842 18 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))->
1843 : handshake_secret
1844 18 : .response_handshake_sequence_number = 0;
1845 18 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1846 :
1847 18 : status = libspdm_send_receive_psk_finish (spdm_context, session_id);
1848 18 : if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) {
1849 17 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code);
1850 : } else {
1851 1 : LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code);
1852 : }
1853 :
1854 18 : error_code++;
1855 18 : if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/
1856 1 : error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST;
1857 : }
1858 18 : if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/
1859 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_3F;
1860 : }
1861 18 : if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/
1862 1 : error_code = LIBSPDM_ERROR_CODE_RESERVED_FD;
1863 : }
1864 : }
1865 :
1866 1 : free(data);
1867 1 : }
1868 :
1869 1 : void libspdm_test_requester_psk_finish_case11(void **state)
1870 : {
1871 : libspdm_return_t status;
1872 : libspdm_test_context_t *spdm_test_context;
1873 : libspdm_context_t *spdm_context;
1874 : uint32_t session_id;
1875 : void *data;
1876 : size_t data_size;
1877 : void *hash;
1878 : size_t hash_size;
1879 : libspdm_session_info_t *session_info;
1880 :
1881 1 : spdm_test_context = *state;
1882 1 : spdm_context = spdm_test_context->spdm_context;
1883 1 : spdm_test_context->case_id = 0xB;
1884 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1885 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1886 1 : spdm_context->connection_info.connection_state =
1887 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1888 1 : spdm_context->connection_info.capability.flags |=
1889 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1890 1 : spdm_context->connection_info.capability.flags |=
1891 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
1892 1 : spdm_context->connection_info.capability.flags |=
1893 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1894 1 : spdm_context->local_context.capability.flags |=
1895 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1896 1 : spdm_context->local_context.capability.flags |=
1897 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
1898 1 : spdm_context->local_context.capability.flags |=
1899 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1900 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1901 : m_libspdm_use_asym_algo, &data,
1902 : &data_size, &hash, &hash_size);
1903 1 : libspdm_reset_message_a(spdm_context);
1904 :
1905 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1906 : m_libspdm_use_hash_algo;
1907 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1908 : m_libspdm_use_asym_algo;
1909 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1910 : m_libspdm_use_dhe_algo;
1911 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1912 : m_libspdm_use_aead_algo;
1913 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1914 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
1915 : data_size;
1916 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
1917 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
1918 : data, data_size);
1919 : #endif
1920 :
1921 1 : session_id = 0xFFFFFFFF;
1922 1 : session_info = &spdm_context->session_info[0];
1923 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
1924 1 : libspdm_session_info_set_psk_hint(session_info,
1925 : LIBSPDM_TEST_PSK_HINT_STRING,
1926 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1927 1 : libspdm_secured_message_set_session_state(
1928 : session_info->secured_message_context,
1929 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1930 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
1931 : ((libspdm_secured_message_context_t
1932 1 : *)(session_info->secured_message_context))
1933 : ->aead_key_size,
1934 : (uint8_t)(0xFF));
1935 1 : libspdm_secured_message_set_response_handshake_encryption_key(
1936 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
1937 : ((libspdm_secured_message_context_t
1938 1 : *)(session_info->secured_message_context))
1939 : ->aead_key_size);
1940 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
1941 : ((libspdm_secured_message_context_t
1942 1 : *)(session_info->secured_message_context))
1943 : ->aead_iv_size,
1944 : (uint8_t)(0xFF));
1945 1 : libspdm_secured_message_set_response_handshake_salt(
1946 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
1947 : ((libspdm_secured_message_context_t
1948 1 : *)(session_info->secured_message_context))
1949 : ->aead_iv_size);
1950 : ((libspdm_secured_message_context_t *)(session_info
1951 1 : ->secured_message_context))
1952 1 : ->handshake_secret.response_handshake_sequence_number = 0;
1953 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
1954 :
1955 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1956 : session_info->session_transcript.message_m.buffer_size =
1957 : session_info->session_transcript.message_m.max_buffer_size;
1958 : spdm_context->transcript.message_b.buffer_size =
1959 : spdm_context->transcript.message_b.max_buffer_size;
1960 : spdm_context->transcript.message_c.buffer_size =
1961 : spdm_context->transcript.message_c.max_buffer_size;
1962 : spdm_context->transcript.message_mut_b.buffer_size =
1963 : spdm_context->transcript.message_mut_b.max_buffer_size;
1964 : spdm_context->transcript.message_mut_c.buffer_size =
1965 : spdm_context->transcript.message_mut_c.max_buffer_size;
1966 : #endif
1967 :
1968 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
1969 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1970 1 : assert_int_equal(
1971 : libspdm_secured_message_get_session_state(
1972 : spdm_context->session_info[0].secured_message_context),
1973 : LIBSPDM_SESSION_STATE_ESTABLISHED);
1974 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1975 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
1976 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
1977 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
1978 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
1979 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
1980 : #endif
1981 1 : free(data);
1982 1 : }
1983 :
1984 : /**
1985 : * Test 12: requester is not setup correctly to support pre-shared keys
1986 : * (no capabilities). The responder would attempt to return a correct
1987 : * PSK_FINISH_RSP message.
1988 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
1989 : **/
1990 1 : void libspdm_test_requester_psk_finish_case12(void **state)
1991 : {
1992 : libspdm_return_t status;
1993 : libspdm_test_context_t *spdm_test_context;
1994 : libspdm_context_t *spdm_context;
1995 : uint32_t session_id;
1996 : void *data;
1997 : size_t data_size;
1998 : void *hash;
1999 : size_t hash_size;
2000 : libspdm_session_info_t *session_info;
2001 :
2002 1 : spdm_test_context = *state;
2003 1 : spdm_context = spdm_test_context->spdm_context;
2004 1 : spdm_test_context->case_id = 0xC;
2005 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2006 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2007 1 : spdm_context->connection_info.connection_state =
2008 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2009 : /*no PSK capabilities*/
2010 1 : spdm_context->connection_info.capability.flags &=
2011 : ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP);
2012 1 : spdm_context->connection_info.capability.flags |=
2013 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2014 1 : spdm_context->connection_info.capability.flags |=
2015 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2016 1 : spdm_context->local_context.capability.flags |=
2017 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2018 1 : spdm_context->local_context.capability.flags |=
2019 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2020 1 : spdm_context->local_context.capability.flags |=
2021 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2022 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2023 : m_libspdm_use_asym_algo, &data,
2024 : &data_size, &hash, &hash_size);
2025 1 : spdm_context->transcript.message_a.buffer_size = 0;
2026 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2027 : m_libspdm_use_hash_algo;
2028 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2029 : m_libspdm_use_asym_algo;
2030 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2031 : m_libspdm_use_dhe_algo;
2032 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2033 : m_libspdm_use_aead_algo;
2034 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2035 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2036 : data_size;
2037 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2038 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2039 : data, data_size);
2040 : #endif
2041 :
2042 1 : session_id = 0xFFFFFFFF;
2043 1 : session_info = &spdm_context->session_info[0];
2044 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
2045 1 : libspdm_session_info_set_psk_hint(session_info,
2046 : LIBSPDM_TEST_PSK_HINT_STRING,
2047 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2048 1 : libspdm_secured_message_set_session_state(
2049 : session_info->secured_message_context,
2050 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2051 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2052 : ((libspdm_secured_message_context_t
2053 1 : *)(session_info->secured_message_context))
2054 : ->aead_key_size,
2055 : (uint8_t)(0xFF));
2056 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2057 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2058 : ((libspdm_secured_message_context_t
2059 1 : *)(session_info->secured_message_context))
2060 : ->aead_key_size);
2061 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2062 : ((libspdm_secured_message_context_t
2063 1 : *)(session_info->secured_message_context))
2064 : ->aead_iv_size,
2065 : (uint8_t)(0xFF));
2066 1 : libspdm_secured_message_set_response_handshake_salt(
2067 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2068 : ((libspdm_secured_message_context_t
2069 1 : *)(session_info->secured_message_context))
2070 : ->aead_iv_size);
2071 : ((libspdm_secured_message_context_t *)(session_info
2072 1 : ->secured_message_context))
2073 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2074 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2075 :
2076 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2077 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
2078 1 : free(data);
2079 1 : }
2080 :
2081 : /**
2082 : * Test 13: receiving an incorrect FINISH_RSP message, with wrong response
2083 : * code, but all other field correct.
2084 : * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR.
2085 : **/
2086 1 : void libspdm_test_requester_psk_finish_case13(void **state)
2087 : {
2088 : libspdm_return_t status;
2089 : libspdm_test_context_t *spdm_test_context;
2090 : libspdm_context_t *spdm_context;
2091 : uint32_t session_id;
2092 : void *data;
2093 : size_t data_size;
2094 : void *hash;
2095 : size_t hash_size;
2096 : libspdm_session_info_t *session_info;
2097 :
2098 1 : spdm_test_context = *state;
2099 1 : spdm_context = spdm_test_context->spdm_context;
2100 1 : spdm_test_context->case_id = 0xD;
2101 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2102 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2103 1 : spdm_context->connection_info.connection_state =
2104 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2105 : /*no PSK capabilities*/
2106 1 : spdm_context->connection_info.capability.flags |=
2107 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2108 1 : spdm_context->connection_info.capability.flags |=
2109 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2110 1 : spdm_context->connection_info.capability.flags |=
2111 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2112 1 : spdm_context->local_context.capability.flags |=
2113 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2114 1 : spdm_context->local_context.capability.flags |=
2115 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2116 1 : spdm_context->local_context.capability.flags |=
2117 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2118 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2119 : m_libspdm_use_asym_algo, &data,
2120 : &data_size, &hash, &hash_size);
2121 1 : spdm_context->transcript.message_a.buffer_size = 0;
2122 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2123 : m_libspdm_use_hash_algo;
2124 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2125 : m_libspdm_use_asym_algo;
2126 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2127 : m_libspdm_use_dhe_algo;
2128 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2129 : m_libspdm_use_aead_algo;
2130 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2131 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2132 : data_size;
2133 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2134 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2135 : data, data_size);
2136 : #endif
2137 :
2138 1 : session_id = 0xFFFFFFFF;
2139 1 : session_info = &spdm_context->session_info[0];
2140 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
2141 1 : libspdm_session_info_set_psk_hint(session_info,
2142 : LIBSPDM_TEST_PSK_HINT_STRING,
2143 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2144 1 : libspdm_secured_message_set_session_state(
2145 : session_info->secured_message_context,
2146 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2147 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2148 : ((libspdm_secured_message_context_t
2149 1 : *)(session_info->secured_message_context))
2150 : ->aead_key_size,
2151 : (uint8_t)(0xFF));
2152 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2153 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2154 : ((libspdm_secured_message_context_t
2155 1 : *)(session_info->secured_message_context))
2156 : ->aead_key_size);
2157 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2158 : ((libspdm_secured_message_context_t
2159 1 : *)(session_info->secured_message_context))
2160 : ->aead_iv_size,
2161 : (uint8_t)(0xFF));
2162 1 : libspdm_secured_message_set_response_handshake_salt(
2163 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2164 : ((libspdm_secured_message_context_t
2165 1 : *)(session_info->secured_message_context))
2166 : ->aead_iv_size);
2167 : ((libspdm_secured_message_context_t *)(session_info
2168 1 : ->secured_message_context))
2169 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2170 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2171 :
2172 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2173 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
2174 1 : free(data);
2175 1 : }
2176 :
2177 : /**
2178 : * Test 14: requester is not setup correctly by not initializing a
2179 : * session during PSK_EXCHANGE. The responder would attempt to
2180 : * return a correct PSK_FINISH_RSP message.
2181 : * Expected behavior: client returns a Status of RETURN_UNSUPPORTED.
2182 : **/
2183 1 : void libspdm_test_requester_psk_finish_case14(void **state)
2184 : {
2185 : libspdm_return_t status;
2186 : libspdm_test_context_t *spdm_test_context;
2187 : libspdm_context_t *spdm_context;
2188 : uint32_t session_id;
2189 : void *data;
2190 : size_t data_size;
2191 : void *hash;
2192 : size_t hash_size;
2193 : libspdm_session_info_t *session_info;
2194 :
2195 1 : spdm_test_context = *state;
2196 1 : spdm_context = spdm_test_context->spdm_context;
2197 1 : spdm_test_context->case_id = 0xE;
2198 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2199 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2200 1 : spdm_context->connection_info.connection_state =
2201 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2202 : /*no PSK capabilities*/
2203 1 : spdm_context->connection_info.capability.flags |=
2204 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2205 1 : spdm_context->connection_info.capability.flags |=
2206 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2207 1 : spdm_context->connection_info.capability.flags |=
2208 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2209 1 : spdm_context->local_context.capability.flags |=
2210 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2211 1 : spdm_context->local_context.capability.flags |=
2212 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2213 1 : spdm_context->local_context.capability.flags |=
2214 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2215 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2216 : m_libspdm_use_asym_algo, &data,
2217 : &data_size, &hash, &hash_size);
2218 1 : spdm_context->transcript.message_a.buffer_size = 0;
2219 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2220 : m_libspdm_use_hash_algo;
2221 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2222 : m_libspdm_use_asym_algo;
2223 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2224 : m_libspdm_use_dhe_algo;
2225 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2226 : m_libspdm_use_aead_algo;
2227 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2228 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2229 : data_size;
2230 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2231 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2232 : data, data_size);
2233 : #endif
2234 :
2235 1 : session_id = 0xFFFFFFFF;
2236 1 : session_info = &spdm_context->session_info[0];
2237 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
2238 1 : libspdm_session_info_set_psk_hint(session_info,
2239 : LIBSPDM_TEST_PSK_HINT_STRING,
2240 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2241 1 : libspdm_secured_message_set_session_state(
2242 : session_info->secured_message_context,
2243 : LIBSPDM_SESSION_STATE_NOT_STARTED);
2244 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2245 : ((libspdm_secured_message_context_t
2246 1 : *)(session_info->secured_message_context))
2247 : ->aead_key_size,
2248 : (uint8_t)(0xFF));
2249 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2250 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2251 : ((libspdm_secured_message_context_t
2252 1 : *)(session_info->secured_message_context))
2253 : ->aead_key_size);
2254 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2255 : ((libspdm_secured_message_context_t
2256 1 : *)(session_info->secured_message_context))
2257 : ->aead_iv_size,
2258 : (uint8_t)(0xFF));
2259 1 : libspdm_secured_message_set_response_handshake_salt(
2260 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2261 : ((libspdm_secured_message_context_t
2262 1 : *)(session_info->secured_message_context))
2263 : ->aead_iv_size);
2264 : ((libspdm_secured_message_context_t *)(session_info
2265 1 : ->secured_message_context))
2266 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2267 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2268 :
2269 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2270 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL);
2271 1 : free(data);
2272 1 : }
2273 :
2274 : /**
2275 : * Test 15 the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR.
2276 : * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID.
2277 : **/
2278 1 : void libspdm_test_requester_psk_finish_case15(void **state)
2279 : {
2280 : libspdm_return_t status;
2281 : libspdm_test_context_t *spdm_test_context;
2282 : libspdm_context_t *spdm_context;
2283 : uint32_t session_id;
2284 : void *data;
2285 : size_t data_size;
2286 : void *hash;
2287 : size_t hash_size;
2288 : libspdm_session_info_t *session_info;
2289 :
2290 1 : spdm_test_context = *state;
2291 1 : spdm_context = spdm_test_context->spdm_context;
2292 1 : spdm_test_context->case_id = 0xF;
2293 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2294 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2295 1 : spdm_context->connection_info.connection_state =
2296 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2297 1 : spdm_context->connection_info.capability.flags |=
2298 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2299 1 : spdm_context->connection_info.capability.flags |=
2300 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2301 1 : spdm_context->connection_info.capability.flags |=
2302 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2303 1 : spdm_context->local_context.capability.flags |=
2304 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2305 1 : spdm_context->local_context.capability.flags |=
2306 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2307 1 : spdm_context->local_context.capability.flags |=
2308 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2309 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2310 : m_libspdm_use_asym_algo, &data,
2311 : &data_size, &hash, &hash_size);
2312 1 : libspdm_reset_message_a(spdm_context);
2313 1 : spdm_context->connection_info.algorithm.base_hash_algo =
2314 : m_libspdm_use_hash_algo;
2315 1 : spdm_context->connection_info.algorithm.base_asym_algo =
2316 : m_libspdm_use_asym_algo;
2317 1 : spdm_context->connection_info.algorithm.dhe_named_group =
2318 : m_libspdm_use_dhe_algo;
2319 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
2320 : m_libspdm_use_aead_algo;
2321 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2322 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2323 : data_size;
2324 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2325 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2326 : data, data_size);
2327 : #endif
2328 :
2329 1 : session_id = 0xFFFFFFFF;
2330 1 : session_info = &spdm_context->session_info[0];
2331 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
2332 1 : libspdm_session_info_set_psk_hint(session_info,
2333 : LIBSPDM_TEST_PSK_HINT_STRING,
2334 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2335 1 : libspdm_secured_message_set_session_state(
2336 : session_info->secured_message_context,
2337 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2338 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2339 : ((libspdm_secured_message_context_t
2340 1 : *)(session_info->secured_message_context))
2341 : ->aead_key_size,
2342 : (uint8_t)(0xFF));
2343 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2344 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2345 : ((libspdm_secured_message_context_t
2346 1 : *)(session_info->secured_message_context))
2347 : ->aead_key_size);
2348 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2349 : ((libspdm_secured_message_context_t
2350 1 : *)(session_info->secured_message_context))
2351 : ->aead_iv_size,
2352 : (uint8_t)(0xFF));
2353 1 : libspdm_secured_message_set_response_handshake_salt(
2354 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2355 : ((libspdm_secured_message_context_t
2356 1 : *)(session_info->secured_message_context))
2357 : ->aead_iv_size);
2358 : ((libspdm_secured_message_context_t *)(session_info
2359 1 : ->secured_message_context))
2360 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2361 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2362 :
2363 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2364 1 : assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR);
2365 1 : assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID);
2366 1 : free(data);
2367 1 : }
2368 :
2369 : /**
2370 : * Test 16: a request message is successfully sent and a response message is successfully received.
2371 : * Expected Behavior: requester returns the status RETURN_SUCCESS and a PSK_FINISH_RSP message is
2372 : * received, buffer F appends the exchanged PSK_FINISH and PSK_FINISH_RSP messages.
2373 : **/
2374 1 : void libspdm_test_requester_psk_finish_case16(void **state)
2375 : {
2376 : libspdm_return_t status;
2377 : libspdm_test_context_t *spdm_test_context;
2378 : libspdm_context_t *spdm_context;
2379 : uint32_t session_id;
2380 : void *data;
2381 : size_t data_size;
2382 : void *hash;
2383 : size_t hash_size;
2384 : libspdm_session_info_t *session_info;
2385 :
2386 1 : spdm_test_context = *state;
2387 1 : spdm_context = spdm_test_context->spdm_context;
2388 1 : spdm_test_context->case_id = 0x10;
2389 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2390 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2391 1 : spdm_context->connection_info.connection_state =
2392 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2393 1 : spdm_context->connection_info.capability.flags |=
2394 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
2395 1 : spdm_context->connection_info.capability.flags |=
2396 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
2397 1 : spdm_context->connection_info.capability.flags |=
2398 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2399 1 : spdm_context->local_context.capability.flags |=
2400 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
2401 1 : spdm_context->local_context.capability.flags |=
2402 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
2403 1 : spdm_context->local_context.capability.flags |=
2404 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2405 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2406 : m_libspdm_use_asym_algo, &data,
2407 : &data_size, &hash, &hash_size);
2408 1 : libspdm_reset_message_a(spdm_context);
2409 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2410 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2411 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2412 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2413 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2414 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
2415 : data_size;
2416 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
2417 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
2418 : data, data_size);
2419 : #endif
2420 :
2421 :
2422 1 : session_id = 0xFFFFFFFF;
2423 1 : session_info = &spdm_context->session_info[0];
2424 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
2425 1 : libspdm_session_info_set_psk_hint(session_info,
2426 : LIBSPDM_TEST_PSK_HINT_STRING,
2427 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
2428 1 : libspdm_secured_message_set_session_state(
2429 : session_info->secured_message_context,
2430 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2431 1 : libspdm_set_mem(m_libspdm_dummy_key_buffer,
2432 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2433 : ->aead_key_size, (uint8_t)(0xFF));
2434 1 : libspdm_secured_message_set_response_handshake_encryption_key(
2435 : session_info->secured_message_context, m_libspdm_dummy_key_buffer,
2436 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2437 : ->aead_key_size);
2438 1 : libspdm_set_mem(m_libspdm_dummy_salt_buffer,
2439 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2440 : ->aead_iv_size, (uint8_t)(0xFF));
2441 1 : libspdm_secured_message_set_response_handshake_salt(
2442 : session_info->secured_message_context, m_libspdm_dummy_salt_buffer,
2443 1 : ((libspdm_secured_message_context_t*)(session_info->secured_message_context))
2444 : ->aead_iv_size);
2445 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2446 1 : ->handshake_secret.response_handshake_sequence_number = 0;
2447 1 : ((libspdm_secured_message_context_t *)(session_info->secured_message_context))
2448 1 : ->handshake_secret.request_handshake_sequence_number = 0;
2449 1 : libspdm_secured_message_set_dummy_finished_key (session_info->secured_message_context);
2450 :
2451 1 : status = libspdm_send_receive_psk_finish(spdm_context, session_id);
2452 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2453 1 : assert_int_equal(
2454 : libspdm_secured_message_get_session_state(
2455 : spdm_context->session_info[0].secured_message_context),
2456 : LIBSPDM_SESSION_STATE_ESTABLISHED);
2457 :
2458 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2459 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
2460 : m_libspdm_local_buffer_size);
2461 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n",
2462 : m_libspdm_local_buffer_size));
2463 : libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2464 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
2465 : m_libspdm_local_buffer, m_libspdm_local_buffer_size);
2466 : #endif
2467 1 : free(data);
2468 1 : }
2469 :
2470 1 : int libspdm_requester_psk_finish_test_main(void)
2471 : {
2472 1 : const struct CMUnitTest spdm_requester_psk_finish_tests[] = {
2473 : /* SendRequest failed*/
2474 : cmocka_unit_test(libspdm_test_requester_psk_finish_case1),
2475 : /* Successful response*/
2476 : cmocka_unit_test(libspdm_test_requester_psk_finish_case2),
2477 : /* connection_state check failed*/
2478 : cmocka_unit_test(libspdm_test_requester_psk_finish_case3),
2479 : /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/
2480 : cmocka_unit_test(libspdm_test_requester_psk_finish_case4),
2481 : /* Always SPDM_ERROR_CODE_BUSY*/
2482 : cmocka_unit_test(libspdm_test_requester_psk_finish_case5),
2483 : /* SPDM_ERROR_CODE_BUSY + Successful response*/
2484 : cmocka_unit_test(libspdm_test_requester_psk_finish_case6),
2485 : /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/
2486 : cmocka_unit_test(libspdm_test_requester_psk_finish_case7),
2487 : /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/
2488 : cmocka_unit_test(libspdm_test_requester_psk_finish_case8),
2489 : /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/
2490 : cmocka_unit_test(libspdm_test_requester_psk_finish_case9),
2491 : /* Unexpected errors*/
2492 : cmocka_unit_test(libspdm_test_requester_psk_finish_case10),
2493 : /* Buffer reset*/
2494 : cmocka_unit_test(libspdm_test_requester_psk_finish_case11),
2495 : /* No correct setup*/
2496 : cmocka_unit_test(libspdm_test_requester_psk_finish_case12),
2497 : /* Wrong response code*/
2498 : cmocka_unit_test(libspdm_test_requester_psk_finish_case13),
2499 : /* Uninitialized session*/
2500 : cmocka_unit_test(libspdm_test_requester_psk_finish_case14),
2501 : /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/
2502 : cmocka_unit_test(libspdm_test_requester_psk_finish_case15),
2503 : /* Buffer verification*/
2504 : cmocka_unit_test(libspdm_test_requester_psk_finish_case16),
2505 : };
2506 :
2507 1 : libspdm_test_context_t test_context = {
2508 : LIBSPDM_TEST_CONTEXT_VERSION,
2509 : true,
2510 : libspdm_requester_psk_finish_test_send_message,
2511 : libspdm_requester_psk_finish_test_receive_message,
2512 : };
2513 :
2514 1 : libspdm_setup_test_context(&test_context);
2515 :
2516 1 : return cmocka_run_group_tests(spdm_requester_psk_finish_tests,
2517 : libspdm_unit_test_group_setup,
2518 : libspdm_unit_test_group_teardown);
2519 : }
2520 :
2521 : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP*/
|
