Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP
12 :
13 6 : static libspdm_return_t send_message(
14 : void *spdm_context, size_t request_size, const void *request, uint64_t timeout)
15 : {
16 : libspdm_test_context_t *spdm_test_context;
17 : uint32_t *session_id;
18 : libspdm_session_info_t *session_info;
19 : bool is_app_message;
20 : uint8_t *app_message;
21 : size_t app_message_size;
22 : uint8_t message_buffer[LIBSPDM_SENDER_BUFFER_SIZE];
23 : spdm_set_certificate_request_t *spdm_request;
24 :
25 6 : memcpy(message_buffer, request, request_size);
26 6 : libspdm_transport_test_decode_message(spdm_context, &session_id, &is_app_message, true,
27 : request_size, message_buffer, &app_message_size,
28 : (void **)&app_message);
29 :
30 6 : spdm_test_context = libspdm_get_test_context();
31 6 : switch (spdm_test_context->case_id) {
32 1 : case 0x1:
33 1 : return LIBSPDM_STATUS_SEND_FAIL;
34 1 : case 0x2:
35 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
36 :
37 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
38 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
39 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
40 : 0);
41 1 : assert_int_equal(spdm_request->header.param2, 0);
42 :
43 1 : return LIBSPDM_STATUS_SUCCESS;
44 0 : case 0x3:
45 0 : assert_true(false);
46 :
47 0 : return LIBSPDM_STATUS_SUCCESS;
48 0 : case 0x4:
49 0 : return LIBSPDM_STATUS_SUCCESS;
50 1 : case 0x5:
51 1 : session_id = NULL;
52 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, 0xFFFFFFFF);
53 1 : if (session_info == NULL) {
54 0 : return LIBSPDM_STATUS_SEND_FAIL;
55 : }
56 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "Request (0x%zx):\n", request_size));
57 1 : libspdm_dump_hex(request, request_size);
58 :
59 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&app_message, &app_message_size);
60 1 : libspdm_transport_test_decode_message(
61 : spdm_context, &session_id, &is_app_message,
62 : false, request_size, message_buffer,
63 : &app_message_size, (void **)&app_message);
64 :
65 : /* WALKAROUND: If just use single context to encode
66 : * message and then decode message */
67 : ((libspdm_secured_message_context_t
68 1 : *)(session_info->secured_message_context))
69 1 : ->application_secret.request_data_sequence_number--;
70 :
71 1 : return LIBSPDM_STATUS_SUCCESS;
72 1 : case 0x6:
73 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
74 :
75 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
76 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
77 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
78 : 0);
79 1 : assert_int_equal(spdm_request->header.param2, 0);
80 :
81 1 : return LIBSPDM_STATUS_SUCCESS;
82 1 : case 0x7:
83 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
84 :
85 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
86 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
87 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
88 : 0);
89 1 : assert_int_equal((spdm_request->header.param1 &
90 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
91 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
92 : SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE);
93 1 : assert_int_equal(spdm_request->header.param1 &
94 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE,
95 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE);
96 1 : assert_int_equal(spdm_request->header.param2, 0);
97 :
98 1 : return LIBSPDM_STATUS_SUCCESS;
99 0 : case 0x8:
100 0 : assert_true(false);
101 0 : return LIBSPDM_STATUS_SEND_FAIL;
102 1 : case 0x9:
103 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
104 :
105 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
106 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
107 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
108 : 3);
109 1 : assert_int_equal((spdm_request->header.param1 &
110 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
111 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
112 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
113 1 : assert_int_equal(spdm_request->header.param2, 1);
114 :
115 1 : return LIBSPDM_STATUS_SUCCESS;
116 :
117 0 : default:
118 0 : return LIBSPDM_STATUS_SEND_FAIL;
119 : }
120 : }
121 :
122 5 : static libspdm_return_t receive_message(
123 : void *spdm_context, size_t *response_size, void **response, uint64_t timeout)
124 : {
125 : libspdm_test_context_t *spdm_test_context;
126 :
127 5 : spdm_test_context = libspdm_get_test_context();
128 5 : switch (spdm_test_context->case_id) {
129 0 : case 0x1:
130 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
131 :
132 1 : case 0x2: {
133 : spdm_set_certificate_response_t *spdm_response;
134 : size_t spdm_response_size;
135 : size_t transport_header_size;
136 :
137 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
138 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
139 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
140 :
141 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
142 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
143 1 : spdm_response->header.param1 = 0;
144 1 : spdm_response->header.param2 = 0;
145 :
146 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
147 : false, spdm_response_size,
148 : spdm_response, response_size,
149 : response);
150 : }
151 1 : return LIBSPDM_STATUS_SUCCESS;
152 :
153 0 : case 0x3: {
154 : spdm_set_certificate_response_t *spdm_response;
155 : size_t spdm_response_size;
156 : size_t transport_header_size;
157 :
158 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
159 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
160 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
161 :
162 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
163 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
164 0 : spdm_response->header.param1 = 0;
165 0 : spdm_response->header.param2 = 0;
166 :
167 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
168 : false, spdm_response_size,
169 : spdm_response, response_size,
170 : response);
171 : }
172 0 : return LIBSPDM_STATUS_SUCCESS;
173 :
174 0 : case 0x4: {
175 : spdm_set_certificate_response_t *spdm_response;
176 : size_t spdm_response_size;
177 : size_t transport_header_size;
178 :
179 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
180 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
181 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
182 :
183 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
184 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
185 0 : spdm_response->header.param1 = 1;
186 0 : spdm_response->header.param2 = 0;
187 :
188 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
189 : false, spdm_response_size,
190 : spdm_response, response_size,
191 : response);
192 : }
193 0 : return LIBSPDM_STATUS_SUCCESS;
194 :
195 1 : case 0x05: {
196 : spdm_set_certificate_response_t *spdm_response;
197 : size_t spdm_response_size;
198 : size_t transport_header_size;
199 : uint32_t session_id;
200 : libspdm_session_info_t *session_info;
201 : uint8_t *scratch_buffer;
202 : size_t scratch_buffer_size;
203 :
204 1 : session_id = 0xFFFFFFFF;
205 :
206 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
207 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
208 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
209 :
210 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
211 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
212 : /*slot id is 1*/
213 1 : spdm_response->header.param1 = 1;
214 1 : spdm_response->header.param2 = 0;
215 :
216 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
217 : * transport_message is always in sender buffer. */
218 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
219 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
220 : scratch_buffer_size - transport_header_size,
221 : spdm_response, spdm_response_size);
222 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
223 1 : libspdm_transport_test_encode_message(spdm_context, &session_id, false,
224 : false, spdm_response_size,
225 : spdm_response, response_size,
226 : response);
227 1 : session_info = libspdm_get_session_info_via_session_id(
228 : spdm_context, session_id);
229 1 : if (session_info == NULL) {
230 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
231 : }
232 : /* WALKAROUND: If just use single context to encode message and then decode message */
233 : ((libspdm_secured_message_context_t
234 1 : *)(session_info->secured_message_context))
235 1 : ->application_secret.response_data_sequence_number--;
236 : }
237 1 : return LIBSPDM_STATUS_SUCCESS;
238 :
239 1 : case 0x6: {
240 : spdm_set_certificate_response_t *spdm_response;
241 : size_t spdm_response_size;
242 : size_t transport_header_size;
243 :
244 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
245 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
246 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
247 :
248 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
249 1 : spdm_response->header.request_response_code = SPDM_ERROR;
250 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESET_REQUIRED;
251 1 : spdm_response->header.param2 = 0;
252 :
253 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
254 : false, spdm_response_size,
255 : spdm_response, response_size,
256 : response);
257 : }
258 1 : return LIBSPDM_STATUS_SUCCESS;
259 :
260 1 : case 0x7: {
261 : spdm_set_certificate_response_t *spdm_response;
262 : size_t spdm_response_size;
263 : size_t transport_header_size;
264 :
265 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
266 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
267 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
268 :
269 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
270 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
271 1 : spdm_response->header.param1 = 0;
272 1 : spdm_response->header.param2 = 0;
273 :
274 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
275 : false, spdm_response_size,
276 : spdm_response, response_size,
277 : response);
278 : }
279 1 : return LIBSPDM_STATUS_SUCCESS;
280 :
281 0 : case 0x8:
282 0 : assert_true(false);
283 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
284 :
285 1 : case 0x9: {
286 : spdm_set_certificate_response_t *spdm_response;
287 : size_t spdm_response_size;
288 : size_t transport_header_size;
289 :
290 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
291 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
292 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
293 :
294 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
295 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
296 1 : spdm_response->header.param1 = 3;
297 1 : spdm_response->header.param2 = 0;
298 :
299 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
300 : false, spdm_response_size,
301 : spdm_response, response_size,
302 : response);
303 : }
304 1 : return LIBSPDM_STATUS_SUCCESS;
305 :
306 0 : default:
307 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
308 : }
309 : }
310 :
311 :
312 : /**
313 : * Test 1: message could not be sent
314 : * Expected Behavior: get a RETURN_DEVICE_ERROR return code
315 : **/
316 1 : static void req_set_certificate_case1(void **state)
317 : {
318 : libspdm_return_t status;
319 : libspdm_test_context_t *spdm_test_context;
320 : libspdm_context_t *spdm_context;
321 :
322 : void *data;
323 : size_t data_size;
324 :
325 1 : spdm_test_context = *state;
326 1 : spdm_context = spdm_test_context->spdm_context;
327 1 : spdm_test_context->case_id = 0x1;
328 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
329 : SPDM_VERSION_NUMBER_SHIFT_BIT;
330 :
331 1 : spdm_context->connection_info.connection_state =
332 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
333 1 : spdm_context->connection_info.capability.flags |=
334 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
335 :
336 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
337 : m_libspdm_use_asym_algo,
338 : &data, &data_size, NULL, NULL);
339 :
340 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
341 :
342 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
343 1 : free(data);
344 1 : }
345 :
346 : /**
347 : * Test 2: Successful response to set certificate for slot 0
348 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
349 : **/
350 1 : static void req_set_certificate_case2(void **state)
351 : {
352 : libspdm_return_t status;
353 : libspdm_test_context_t *spdm_test_context;
354 : libspdm_context_t *spdm_context;
355 :
356 : void *data;
357 : size_t data_size;
358 :
359 1 : spdm_test_context = *state;
360 1 : spdm_context = spdm_test_context->spdm_context;
361 1 : spdm_test_context->case_id = 0x2;
362 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
363 : SPDM_VERSION_NUMBER_SHIFT_BIT;
364 :
365 1 : spdm_context->connection_info.connection_state =
366 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
367 1 : spdm_context->connection_info.capability.flags |=
368 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
369 :
370 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
371 : m_libspdm_use_asym_algo,
372 : &data, &data_size, NULL, NULL);
373 :
374 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
375 :
376 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
377 1 : free(data);
378 1 : }
379 :
380 : /**
381 : * Test 3: Unsuccessful response to set certificate for slot 0, because cert_chain is NULL.
382 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_PARAMETER return code
383 : **/
384 1 : static void req_set_certificate_case3(void **state)
385 : {
386 : libspdm_return_t status;
387 : libspdm_test_context_t *spdm_test_context;
388 : libspdm_context_t *spdm_context;
389 :
390 1 : spdm_test_context = *state;
391 1 : spdm_context = spdm_test_context->spdm_context;
392 1 : spdm_test_context->case_id = 0x3;
393 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
394 : SPDM_VERSION_NUMBER_SHIFT_BIT;
395 :
396 1 : spdm_context->connection_info.connection_state =
397 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
398 1 : spdm_context->connection_info.capability.flags |=
399 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
400 :
401 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, NULL, 0);
402 :
403 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
404 1 : }
405 :
406 : /**
407 : * Test 5: Successful response to set certificate for slot 1 in secure session
408 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
409 : **/
410 1 : static void req_set_certificate_case5(void **state)
411 : {
412 : libspdm_return_t status;
413 : libspdm_test_context_t *spdm_test_context;
414 : libspdm_context_t *spdm_context;
415 : uint32_t session_id;
416 : libspdm_session_info_t *session_info;
417 :
418 : void *data;
419 : size_t data_size;
420 :
421 1 : spdm_test_context = *state;
422 1 : spdm_context = spdm_test_context->spdm_context;
423 1 : spdm_test_context->case_id = 0x05;
424 1 : spdm_context->connection_info.connection_state =
425 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED;
426 :
427 1 : spdm_context->connection_info.capability.flags |=
428 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
429 1 : spdm_context->connection_info.capability.flags |=
430 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
431 1 : spdm_context->connection_info.capability.flags |=
432 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
433 1 : spdm_context->connection_info.capability.flags |=
434 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
435 1 : spdm_context->local_context.capability.flags |=
436 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
437 1 : spdm_context->local_context.capability.flags |=
438 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
439 1 : spdm_context->local_context.capability.flags |=
440 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
441 1 : spdm_context->connection_info.capability.flags |=
442 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
443 1 : spdm_context->connection_info.algorithm.dhe_named_group =
444 : m_libspdm_use_dhe_algo;
445 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
446 : m_libspdm_use_aead_algo;
447 :
448 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
449 : m_libspdm_use_asym_algo, &data,
450 : &data_size, NULL, NULL);
451 :
452 1 : session_id = 0xFFFFFFFF;
453 1 : session_info = &spdm_context->session_info[0];
454 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
455 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
456 1 : libspdm_secured_message_set_session_state(session_info->secured_message_context,
457 : LIBSPDM_SESSION_STATE_ESTABLISHED);
458 :
459 : /* slot id is 1*/
460 1 : status = libspdm_set_certificate(spdm_context, &session_id, 1, data, data_size);
461 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
462 :
463 1 : free(data);
464 1 : }
465 :
466 : /**
467 : * Test 6: Successful response to set certificate for slot 0 with a reset required
468 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
469 : **/
470 1 : static void req_set_certificate_case6(void **state)
471 : {
472 : libspdm_return_t status;
473 : libspdm_test_context_t *spdm_test_context;
474 : libspdm_context_t *spdm_context;
475 :
476 : void *data;
477 : size_t data_size;
478 :
479 1 : spdm_test_context = *state;
480 1 : spdm_context = spdm_test_context->spdm_context;
481 1 : spdm_test_context->case_id = 0x6;
482 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
483 : SPDM_VERSION_NUMBER_SHIFT_BIT;
484 :
485 1 : spdm_context->connection_info.connection_state =
486 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
487 1 : spdm_context->connection_info.capability.flags |=
488 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP |
489 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP;
490 :
491 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
492 : m_libspdm_use_asym_algo,
493 : &data, &data_size, NULL, NULL);
494 :
495 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
496 :
497 1 : assert_int_equal(status, LIBSPDM_STATUS_RESET_REQUIRED_PEER);
498 1 : free(data);
499 1 : }
500 :
501 : /**
502 : * Test 7: Successful response to erase certificate for slot 0
503 : * Expected Behavior: get a LIBSPDM_STATUS_SUCCESS return code
504 : **/
505 1 : static void req_set_certificate_case7(void **state)
506 : {
507 : libspdm_return_t status;
508 : libspdm_test_context_t *spdm_test_context;
509 : libspdm_context_t *spdm_context;
510 :
511 1 : spdm_test_context = *state;
512 1 : spdm_context = spdm_test_context->spdm_context;
513 1 : spdm_test_context->case_id = 0x7;
514 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
515 : SPDM_VERSION_NUMBER_SHIFT_BIT;
516 :
517 1 : spdm_context->connection_info.connection_state =
518 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
519 1 : spdm_context->connection_info.capability.flags |=
520 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
521 :
522 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, NULL, 0,
523 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE, 0);
524 :
525 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
526 1 : }
527 :
528 : /**
529 : * Test 8: Illegal combination of MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = 0.
530 : * Expected Behavior: function returns LIBSPDM_STATUS_INVALID_PARAMETER.
531 : **/
532 1 : static void req_set_certificate_case8(void **state)
533 : {
534 : libspdm_return_t status;
535 : libspdm_test_context_t *spdm_test_context;
536 : libspdm_context_t *spdm_context;
537 :
538 : void *data;
539 : size_t data_size;
540 :
541 1 : spdm_test_context = *state;
542 1 : spdm_context = spdm_test_context->spdm_context;
543 1 : spdm_test_context->case_id = 0x8;
544 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
545 : SPDM_VERSION_NUMBER_SHIFT_BIT;
546 :
547 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
548 1 : spdm_context->connection_info.capability.flags |=
549 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
550 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
551 :
552 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
553 : m_libspdm_use_asym_algo,
554 : &data, &data_size, NULL, NULL);
555 :
556 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, data, data_size,
557 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE <<
558 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
559 : 1);
560 :
561 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
562 1 : }
563 :
564 : /**
565 : * Test 9: Set MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = DeviceCert.
566 : * Expected Behavior: function returns LIBSPDM_STATUS_SUCCESS.
567 : **/
568 1 : static void req_set_certificate_case9(void **state)
569 : {
570 : libspdm_return_t status;
571 : libspdm_test_context_t *spdm_test_context;
572 : libspdm_context_t *spdm_context;
573 :
574 : void *data;
575 : size_t data_size;
576 :
577 1 : spdm_test_context = *state;
578 1 : spdm_context = spdm_test_context->spdm_context;
579 1 : spdm_test_context->case_id = 0x9;
580 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
581 : SPDM_VERSION_NUMBER_SHIFT_BIT;
582 :
583 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
584 1 : spdm_context->connection_info.capability.flags |=
585 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
586 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
587 :
588 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
589 : m_libspdm_use_asym_algo,
590 : &data, &data_size, NULL, NULL);
591 :
592 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 3, data, data_size,
593 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT <<
594 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
595 : 1);
596 :
597 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
598 1 : }
599 :
600 1 : int libspdm_req_set_certificate_test(void)
601 : {
602 1 : const struct CMUnitTest test_cases[] = {
603 : /* SendRequest failed*/
604 : cmocka_unit_test(req_set_certificate_case1),
605 : /* Successful response to set certificate*/
606 : cmocka_unit_test(req_set_certificate_case2),
607 : /* Set null cert_chain for slot 0*/
608 : cmocka_unit_test(req_set_certificate_case3),
609 : /* Successful response to set certificate for slot 1 in secure session*/
610 : cmocka_unit_test(req_set_certificate_case5),
611 : /* Successful response to set certificate with a reset required */
612 : cmocka_unit_test(req_set_certificate_case6),
613 : /* Successful response to erase certificate*/
614 : cmocka_unit_test(req_set_certificate_case7),
615 : cmocka_unit_test(req_set_certificate_case8),
616 : cmocka_unit_test(req_set_certificate_case9),
617 : };
618 :
619 1 : libspdm_test_context_t test_context = {
620 : LIBSPDM_TEST_CONTEXT_VERSION,
621 : true,
622 : send_message,
623 : receive_message,
624 : };
625 :
626 1 : libspdm_setup_test_context(&test_context);
627 :
628 1 : return cmocka_run_group_tests(test_cases,
629 : libspdm_unit_test_group_setup,
630 : libspdm_unit_test_group_teardown);
631 : }
632 :
633 : #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP*/
|
