Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP
12 :
13 6 : static libspdm_return_t send_message(
14 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
15 : {
16 : libspdm_test_context_t *spdm_test_context;
17 : uint32_t *session_id;
18 : libspdm_session_info_t *session_info;
19 : bool is_app_message;
20 : uint8_t *app_message;
21 : size_t app_message_size;
22 : uint8_t message_buffer[LIBSPDM_SENDER_BUFFER_SIZE];
23 : spdm_set_certificate_request_t *spdm_request;
24 :
25 6 : memcpy(message_buffer, request, request_size);
26 6 : libspdm_transport_test_decode_message(spdm_context, &session_id, &is_app_message, true,
27 : request_size, message_buffer, &app_message_size,
28 : (void **)&app_message);
29 :
30 6 : spdm_test_context = libspdm_get_test_context();
31 6 : switch (spdm_test_context->case_id) {
32 1 : case 0x1:
33 1 : return LIBSPDM_STATUS_SEND_FAIL;
34 1 : case 0x2:
35 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
36 :
37 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
38 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
39 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
40 : 0);
41 1 : assert_int_equal(spdm_request->header.param2, 0);
42 :
43 1 : return LIBSPDM_STATUS_SUCCESS;
44 0 : case 0x3:
45 0 : assert_true(false);
46 :
47 0 : return LIBSPDM_STATUS_SUCCESS;
48 0 : case 0x4:
49 0 : return LIBSPDM_STATUS_SUCCESS;
50 1 : case 0x5:
51 1 : session_id = NULL;
52 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, 0xFFFFFFFF);
53 1 : if (session_info == NULL) {
54 0 : return LIBSPDM_STATUS_SEND_FAIL;
55 : }
56 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "Request (0x%zx):\n", request_size));
57 1 : libspdm_dump_hex(request, request_size);
58 :
59 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&app_message, &app_message_size);
60 1 : libspdm_transport_test_decode_message(
61 : spdm_context, &session_id, &is_app_message,
62 : false, request_size, message_buffer,
63 : &app_message_size, (void **)&app_message);
64 :
65 : /* WALKAROUND: If just use single context to encode
66 : * message and then decode message */
67 : ((libspdm_secured_message_context_t
68 1 : *)(session_info->secured_message_context))
69 1 : ->application_secret.request_data_sequence_number--;
70 :
71 1 : return LIBSPDM_STATUS_SUCCESS;
72 1 : case 0x6:
73 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
74 :
75 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
76 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
77 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
78 : 0);
79 1 : assert_int_equal(spdm_request->header.param2, 0);
80 :
81 1 : return LIBSPDM_STATUS_SUCCESS;
82 1 : case 0x7:
83 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
84 :
85 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
86 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
87 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
88 : 0);
89 1 : assert_int_equal((spdm_request->header.param1 &
90 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
91 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
92 : SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE);
93 1 : assert_int_equal(spdm_request->header.param1 &
94 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE,
95 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE);
96 1 : assert_int_equal(spdm_request->header.param2, 0);
97 :
98 1 : return LIBSPDM_STATUS_SUCCESS;
99 0 : case 0x8:
100 0 : assert_true(false);
101 0 : return LIBSPDM_STATUS_SEND_FAIL;
102 1 : case 0x9:
103 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
104 :
105 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
106 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
107 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
108 : 3);
109 1 : assert_int_equal((spdm_request->header.param1 &
110 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
111 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
112 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
113 1 : assert_int_equal(spdm_request->header.param2, 1);
114 :
115 1 : return LIBSPDM_STATUS_SUCCESS;
116 :
117 0 : default:
118 0 : return LIBSPDM_STATUS_SEND_FAIL;
119 : }
120 : }
121 :
122 5 : static libspdm_return_t receive_message(
123 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
124 : {
125 : libspdm_test_context_t *spdm_test_context;
126 :
127 5 : spdm_test_context = libspdm_get_test_context();
128 5 : switch (spdm_test_context->case_id) {
129 0 : case 0x1:
130 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
131 :
132 1 : case 0x2: {
133 : spdm_set_certificate_response_t *spdm_response;
134 : size_t spdm_response_size;
135 : size_t transport_header_size;
136 :
137 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
138 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
139 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
140 :
141 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
142 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
143 1 : spdm_response->header.param1 = 0;
144 1 : spdm_response->header.param2 = 0;
145 :
146 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
147 : false, spdm_response_size,
148 : spdm_response, response_size,
149 : response);
150 : }
151 1 : return LIBSPDM_STATUS_SUCCESS;
152 :
153 0 : case 0x3: {
154 : spdm_set_certificate_response_t *spdm_response;
155 : size_t spdm_response_size;
156 : size_t transport_header_size;
157 :
158 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
159 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
160 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
161 :
162 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
163 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
164 0 : spdm_response->header.param1 = 0;
165 0 : spdm_response->header.param2 = 0;
166 :
167 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
168 : false, spdm_response_size,
169 : spdm_response, response_size,
170 : response);
171 : }
172 0 : return LIBSPDM_STATUS_SUCCESS;
173 :
174 0 : case 0x4: {
175 : spdm_set_certificate_response_t *spdm_response;
176 : size_t spdm_response_size;
177 : size_t transport_header_size;
178 :
179 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
180 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
181 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
182 :
183 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
184 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
185 0 : spdm_response->header.param1 = 1;
186 0 : spdm_response->header.param2 = 0;
187 :
188 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
189 : false, spdm_response_size,
190 : spdm_response, response_size,
191 : response);
192 : }
193 0 : return LIBSPDM_STATUS_SUCCESS;
194 :
195 1 : case 0x05: {
196 : spdm_set_certificate_response_t *spdm_response;
197 : size_t spdm_response_size;
198 : size_t transport_header_size;
199 : uint32_t session_id;
200 : libspdm_session_info_t *session_info;
201 : uint8_t *scratch_buffer;
202 : size_t scratch_buffer_size;
203 :
204 1 : session_id = 0xFFFFFFFF;
205 :
206 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
207 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
208 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
209 :
210 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
211 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
212 : /*slot id is 1*/
213 1 : spdm_response->header.param1 = 1;
214 1 : spdm_response->header.param2 = 0;
215 :
216 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
217 : * transport_message is always in sender buffer. */
218 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
219 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
220 : scratch_buffer_size - transport_header_size,
221 : spdm_response, spdm_response_size);
222 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
223 1 : libspdm_transport_test_encode_message(spdm_context, &session_id, false,
224 : false, spdm_response_size,
225 : spdm_response, response_size,
226 : response);
227 1 : session_info = libspdm_get_session_info_via_session_id( spdm_context, session_id);
228 1 : if (session_info == NULL) {
229 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
230 : }
231 : /* WALKAROUND: If just use single context to encode message and then decode message */
232 : ((libspdm_secured_message_context_t
233 1 : *)(session_info->secured_message_context))
234 1 : ->application_secret.response_data_sequence_number--;
235 : }
236 1 : return LIBSPDM_STATUS_SUCCESS;
237 :
238 1 : case 0x6: {
239 : spdm_set_certificate_response_t *spdm_response;
240 : size_t spdm_response_size;
241 : size_t transport_header_size;
242 :
243 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
244 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
245 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
246 :
247 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
248 1 : spdm_response->header.request_response_code = SPDM_ERROR;
249 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESET_REQUIRED;
250 1 : spdm_response->header.param2 = 0;
251 :
252 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
253 : false, spdm_response_size,
254 : spdm_response, response_size,
255 : response);
256 : }
257 1 : return LIBSPDM_STATUS_SUCCESS;
258 :
259 1 : case 0x7: {
260 : spdm_set_certificate_response_t *spdm_response;
261 : size_t spdm_response_size;
262 : size_t transport_header_size;
263 :
264 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
265 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
266 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
267 :
268 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
269 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
270 1 : spdm_response->header.param1 = 0;
271 1 : spdm_response->header.param2 = 0;
272 :
273 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
274 : false, spdm_response_size,
275 : spdm_response, response_size,
276 : response);
277 : }
278 1 : return LIBSPDM_STATUS_SUCCESS;
279 :
280 0 : case 0x8:
281 0 : assert_true(false);
282 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
283 :
284 1 : case 0x9: {
285 : spdm_set_certificate_response_t *spdm_response;
286 : size_t spdm_response_size;
287 : size_t transport_header_size;
288 :
289 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
290 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
291 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
292 :
293 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
294 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
295 1 : spdm_response->header.param1 = 3;
296 1 : spdm_response->header.param2 = 0;
297 :
298 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
299 : false, spdm_response_size,
300 : spdm_response, response_size,
301 : response);
302 : }
303 1 : return LIBSPDM_STATUS_SUCCESS;
304 :
305 0 : default:
306 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
307 : }
308 : }
309 :
310 :
311 : /**
312 : * Test 1: message could not be sent
313 : * Expected Behavior: get a RETURN_DEVICE_ERROR return code
314 : **/
315 1 : static void req_set_certificate_case1(void **state)
316 : {
317 : libspdm_return_t status;
318 : libspdm_test_context_t *spdm_test_context;
319 : libspdm_context_t *spdm_context;
320 :
321 : void *data;
322 : size_t data_size;
323 :
324 1 : spdm_test_context = *state;
325 1 : spdm_context = spdm_test_context->spdm_context;
326 1 : spdm_test_context->case_id = 0x1;
327 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
328 : SPDM_VERSION_NUMBER_SHIFT_BIT;
329 :
330 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
331 1 : spdm_context->connection_info.capability.flags |=
332 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
333 :
334 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
335 : m_libspdm_use_asym_algo,
336 : &data, &data_size, NULL, NULL);
337 :
338 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
339 :
340 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
341 1 : free(data);
342 1 : }
343 :
344 : /**
345 : * Test 2: Successful response to set certificate for slot 0
346 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
347 : **/
348 1 : static void req_set_certificate_case2(void **state)
349 : {
350 : libspdm_return_t status;
351 : libspdm_test_context_t *spdm_test_context;
352 : libspdm_context_t *spdm_context;
353 :
354 : void *data;
355 : size_t data_size;
356 :
357 1 : spdm_test_context = *state;
358 1 : spdm_context = spdm_test_context->spdm_context;
359 1 : spdm_test_context->case_id = 0x2;
360 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
361 : SPDM_VERSION_NUMBER_SHIFT_BIT;
362 :
363 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
364 1 : spdm_context->connection_info.capability.flags |=
365 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
366 :
367 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
368 : m_libspdm_use_asym_algo,
369 : &data, &data_size, NULL, NULL);
370 :
371 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
372 :
373 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
374 1 : free(data);
375 1 : }
376 :
377 : /**
378 : * Test 3: Unsuccessful response to set certificate for slot 0, because cert_chain is NULL.
379 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_PARAMETER return code
380 : **/
381 1 : static void req_set_certificate_case3(void **state)
382 : {
383 : libspdm_return_t status;
384 : libspdm_test_context_t *spdm_test_context;
385 : libspdm_context_t *spdm_context;
386 :
387 1 : spdm_test_context = *state;
388 1 : spdm_context = spdm_test_context->spdm_context;
389 1 : spdm_test_context->case_id = 0x3;
390 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
391 : SPDM_VERSION_NUMBER_SHIFT_BIT;
392 :
393 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
394 1 : spdm_context->connection_info.capability.flags |=
395 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
396 :
397 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, NULL, 0);
398 :
399 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
400 1 : }
401 :
402 : /**
403 : * Test 5: Successful response to set certificate for slot 1 in secure session
404 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
405 : **/
406 1 : static void req_set_certificate_case5(void **state)
407 : {
408 : libspdm_return_t status;
409 : libspdm_test_context_t *spdm_test_context;
410 : libspdm_context_t *spdm_context;
411 : uint32_t session_id;
412 : libspdm_session_info_t *session_info;
413 :
414 : void *data;
415 : size_t data_size;
416 :
417 1 : spdm_test_context = *state;
418 1 : spdm_context = spdm_test_context->spdm_context;
419 1 : spdm_test_context->case_id = 0x05;
420 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AUTHENTICATED;
421 :
422 1 : spdm_context->connection_info.capability.flags |=
423 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
424 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
425 1 : spdm_context->connection_info.capability.flags |=
426 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
427 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
428 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
429 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
430 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
431 1 : spdm_context->connection_info.capability.flags |=
432 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
433 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
434 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
435 :
436 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
437 : m_libspdm_use_asym_algo, &data,
438 : &data_size, NULL, NULL);
439 :
440 1 : session_id = 0xFFFFFFFF;
441 1 : session_info = &spdm_context->session_info[0];
442 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
443 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
444 1 : libspdm_secured_message_set_session_state(session_info->secured_message_context,
445 : LIBSPDM_SESSION_STATE_ESTABLISHED);
446 :
447 : /* slot id is 1*/
448 1 : status = libspdm_set_certificate(spdm_context, &session_id, 1, data, data_size);
449 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
450 :
451 1 : free(data);
452 1 : }
453 :
454 : /**
455 : * Test 6: Successful response to set certificate for slot 0 with a reset required
456 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
457 : **/
458 1 : static void req_set_certificate_case6(void **state)
459 : {
460 : libspdm_return_t status;
461 : libspdm_test_context_t *spdm_test_context;
462 : libspdm_context_t *spdm_context;
463 :
464 : void *data;
465 : size_t data_size;
466 :
467 1 : spdm_test_context = *state;
468 1 : spdm_context = spdm_test_context->spdm_context;
469 1 : spdm_test_context->case_id = 0x6;
470 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
471 : SPDM_VERSION_NUMBER_SHIFT_BIT;
472 :
473 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
474 1 : spdm_context->connection_info.capability.flags |=
475 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP |
476 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP;
477 :
478 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
479 : m_libspdm_use_asym_algo,
480 : &data, &data_size, NULL, NULL);
481 :
482 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
483 :
484 1 : assert_int_equal(status, LIBSPDM_STATUS_RESET_REQUIRED_PEER);
485 1 : free(data);
486 1 : }
487 :
488 : /**
489 : * Test 7: Successful response to erase certificate for slot 0
490 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
491 : **/
492 1 : static void req_set_certificate_case7(void **state)
493 : {
494 : libspdm_return_t status;
495 : libspdm_test_context_t *spdm_test_context;
496 : libspdm_context_t *spdm_context;
497 :
498 1 : spdm_test_context = *state;
499 1 : spdm_context = spdm_test_context->spdm_context;
500 1 : spdm_test_context->case_id = 0x7;
501 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
502 : SPDM_VERSION_NUMBER_SHIFT_BIT;
503 :
504 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
505 1 : spdm_context->connection_info.capability.flags |=
506 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
507 :
508 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, NULL, 0,
509 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE, 0);
510 :
511 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
512 1 : }
513 :
514 : /**
515 : * Test 8: Illegal combination of MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = 0.
516 : * Expected Behavior: function returns LIBSPDM_STATUS_INVALID_PARAMETER.
517 : **/
518 1 : static void req_set_certificate_case8(void **state)
519 : {
520 : libspdm_return_t status;
521 : libspdm_test_context_t *spdm_test_context;
522 : libspdm_context_t *spdm_context;
523 :
524 : void *data;
525 : size_t data_size;
526 :
527 1 : spdm_test_context = *state;
528 1 : spdm_context = spdm_test_context->spdm_context;
529 1 : spdm_test_context->case_id = 0x8;
530 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
531 : SPDM_VERSION_NUMBER_SHIFT_BIT;
532 :
533 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
534 1 : spdm_context->connection_info.capability.flags |=
535 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
536 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
537 :
538 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
539 : m_libspdm_use_asym_algo,
540 : &data, &data_size, NULL, NULL);
541 :
542 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, data, data_size,
543 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE <<
544 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
545 : 1);
546 :
547 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
548 1 : }
549 :
550 : /**
551 : * Test 9: Set MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = DeviceCert.
552 : * Expected Behavior: function returns LIBSPDM_STATUS_SUCCESS.
553 : **/
554 1 : static void req_set_certificate_case9(void **state)
555 : {
556 : libspdm_return_t status;
557 : libspdm_test_context_t *spdm_test_context;
558 : libspdm_context_t *spdm_context;
559 :
560 : void *data;
561 : size_t data_size;
562 :
563 1 : spdm_test_context = *state;
564 1 : spdm_context = spdm_test_context->spdm_context;
565 1 : spdm_test_context->case_id = 0x9;
566 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
567 : SPDM_VERSION_NUMBER_SHIFT_BIT;
568 :
569 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
570 1 : spdm_context->connection_info.capability.flags |=
571 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
572 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
573 :
574 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
575 : m_libspdm_use_asym_algo,
576 : &data, &data_size, NULL, NULL);
577 :
578 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 3, data, data_size,
579 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT <<
580 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
581 : 1);
582 :
583 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
584 1 : }
585 :
586 1 : int libspdm_req_set_certificate_test(void)
587 : {
588 1 : const struct CMUnitTest test_cases[] = {
589 : /* SendRequest failed*/
590 : cmocka_unit_test(req_set_certificate_case1),
591 : /* Successful response to set certificate*/
592 : cmocka_unit_test(req_set_certificate_case2),
593 : /* Set null cert_chain for slot 0*/
594 : cmocka_unit_test(req_set_certificate_case3),
595 : /* Successful response to set certificate for slot 1 in secure session*/
596 : cmocka_unit_test(req_set_certificate_case5),
597 : /* Successful response to set certificate with a reset required */
598 : cmocka_unit_test(req_set_certificate_case6),
599 : /* Successful response to erase certificate*/
600 : cmocka_unit_test(req_set_certificate_case7),
601 : cmocka_unit_test(req_set_certificate_case8),
602 : cmocka_unit_test(req_set_certificate_case9),
603 : };
604 :
605 1 : libspdm_test_context_t test_context = {
606 : LIBSPDM_TEST_CONTEXT_VERSION,
607 : true,
608 : send_message,
609 : receive_message,
610 : };
611 :
612 1 : libspdm_setup_test_context(&test_context);
613 :
614 1 : return cmocka_run_group_tests(test_cases,
615 : libspdm_unit_test_group_setup,
616 : libspdm_unit_test_group_teardown);
617 : }
618 :
619 : #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP*/
|
