Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2022 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_requester_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP
12 :
13 6 : libspdm_return_t libspdm_requester_set_certificate_test_send_message(
14 : void *spdm_context, size_t request_size, const void *request,
15 : uint64_t timeout)
16 : {
17 : libspdm_test_context_t *spdm_test_context;
18 : uint32_t *session_id;
19 : libspdm_session_info_t *session_info;
20 : bool is_app_message;
21 : uint8_t *app_message;
22 : size_t app_message_size;
23 : uint8_t message_buffer[LIBSPDM_SENDER_BUFFER_SIZE];
24 : spdm_set_certificate_request_t *spdm_request;
25 :
26 6 : memcpy(message_buffer, request, request_size);
27 6 : libspdm_transport_test_decode_message(spdm_context, &session_id, &is_app_message, true,
28 : request_size, message_buffer, &app_message_size,
29 : (void **)&app_message);
30 :
31 6 : spdm_test_context = libspdm_get_test_context();
32 6 : switch (spdm_test_context->case_id) {
33 1 : case 0x1:
34 1 : return LIBSPDM_STATUS_SEND_FAIL;
35 1 : case 0x2:
36 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
37 :
38 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
39 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
40 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
41 : 0);
42 1 : assert_int_equal(spdm_request->header.param2, 0);
43 :
44 1 : return LIBSPDM_STATUS_SUCCESS;
45 0 : case 0x3:
46 0 : assert_true(false);
47 :
48 0 : return LIBSPDM_STATUS_SUCCESS;
49 0 : case 0x4:
50 0 : return LIBSPDM_STATUS_SUCCESS;
51 1 : case 0x5:
52 1 : session_id = NULL;
53 1 : session_info = libspdm_get_session_info_via_session_id(spdm_context, 0xFFFFFFFF);
54 1 : if (session_info == NULL) {
55 0 : return LIBSPDM_STATUS_SEND_FAIL;
56 : }
57 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "Request (0x%zx):\n", request_size));
58 1 : libspdm_dump_hex(request, request_size);
59 :
60 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&app_message, &app_message_size);
61 1 : libspdm_transport_test_decode_message(
62 : spdm_context, &session_id, &is_app_message,
63 : false, request_size, message_buffer,
64 : &app_message_size, (void **)&app_message);
65 :
66 : /* WALKAROUND: If just use single context to encode
67 : * message and then decode message */
68 : ((libspdm_secured_message_context_t
69 1 : *)(session_info->secured_message_context))
70 1 : ->application_secret.request_data_sequence_number--;
71 :
72 1 : return LIBSPDM_STATUS_SUCCESS;
73 1 : case 0x6:
74 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
75 :
76 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_12);
77 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
78 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
79 : 0);
80 1 : assert_int_equal(spdm_request->header.param2, 0);
81 :
82 1 : return LIBSPDM_STATUS_SUCCESS;
83 1 : case 0x7:
84 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
85 :
86 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
87 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
88 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
89 : 0);
90 1 : assert_int_equal((spdm_request->header.param1 &
91 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
92 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
93 : SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE);
94 1 : assert_int_equal(spdm_request->header.param1 &
95 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE,
96 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE);
97 1 : assert_int_equal(spdm_request->header.param2, 0);
98 :
99 1 : return LIBSPDM_STATUS_SUCCESS;
100 0 : case 0x8:
101 0 : assert_true(false);
102 0 : return LIBSPDM_STATUS_SEND_FAIL;
103 1 : case 0x9:
104 1 : spdm_request = (spdm_set_certificate_request_t *)app_message;
105 :
106 1 : assert_int_equal(spdm_request->header.spdm_version, SPDM_MESSAGE_VERSION_13);
107 1 : assert_int_equal(spdm_request->header.request_response_code, SPDM_SET_CERTIFICATE);
108 1 : assert_int_equal(spdm_request->header.param1 & SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK,
109 : 3);
110 1 : assert_int_equal((spdm_request->header.param1 &
111 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK) >>
112 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET,
113 : SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT);
114 1 : assert_int_equal(spdm_request->header.param2, 1);
115 :
116 1 : return LIBSPDM_STATUS_SUCCESS;
117 :
118 0 : default:
119 0 : return LIBSPDM_STATUS_SEND_FAIL;
120 : }
121 : }
122 :
123 5 : libspdm_return_t libspdm_requester_set_certificate_test_receive_message(
124 : void *spdm_context, size_t *response_size,
125 : void **response, uint64_t timeout)
126 : {
127 : libspdm_test_context_t *spdm_test_context;
128 :
129 5 : spdm_test_context = libspdm_get_test_context();
130 5 : switch (spdm_test_context->case_id) {
131 0 : case 0x1:
132 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
133 :
134 1 : case 0x2: {
135 : spdm_set_certificate_response_t *spdm_response;
136 : size_t spdm_response_size;
137 : size_t transport_header_size;
138 :
139 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
140 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
141 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
142 :
143 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
144 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
145 1 : spdm_response->header.param1 = 0;
146 1 : spdm_response->header.param2 = 0;
147 :
148 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
149 : false, spdm_response_size,
150 : spdm_response, response_size,
151 : response);
152 : }
153 1 : return LIBSPDM_STATUS_SUCCESS;
154 :
155 0 : case 0x3: {
156 : spdm_set_certificate_response_t *spdm_response;
157 : size_t spdm_response_size;
158 : size_t transport_header_size;
159 :
160 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
161 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
162 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
163 :
164 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
165 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
166 0 : spdm_response->header.param1 = 0;
167 0 : spdm_response->header.param2 = 0;
168 :
169 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
170 : false, spdm_response_size,
171 : spdm_response, response_size,
172 : response);
173 : }
174 0 : return LIBSPDM_STATUS_SUCCESS;
175 :
176 0 : case 0x4: {
177 : spdm_set_certificate_response_t *spdm_response;
178 : size_t spdm_response_size;
179 : size_t transport_header_size;
180 :
181 0 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
182 0 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
183 0 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
184 :
185 0 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
186 0 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
187 0 : spdm_response->header.param1 = 1;
188 0 : spdm_response->header.param2 = 0;
189 :
190 0 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
191 : false, spdm_response_size,
192 : spdm_response, response_size,
193 : response);
194 : }
195 0 : return LIBSPDM_STATUS_SUCCESS;
196 :
197 1 : case 0x05: {
198 : spdm_set_certificate_response_t *spdm_response;
199 : size_t spdm_response_size;
200 : size_t transport_header_size;
201 : uint32_t session_id;
202 : libspdm_session_info_t *session_info;
203 : uint8_t *scratch_buffer;
204 : size_t scratch_buffer_size;
205 :
206 1 : session_id = 0xFFFFFFFF;
207 :
208 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
209 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
210 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
211 :
212 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
213 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
214 : /*slot id is 1*/
215 1 : spdm_response->header.param1 = 1;
216 1 : spdm_response->header.param2 = 0;
217 :
218 : /* For secure message, message is in sender buffer, we need copy it to scratch buffer.
219 : * transport_message is always in sender buffer. */
220 1 : libspdm_get_scratch_buffer (spdm_context, (void **)&scratch_buffer, &scratch_buffer_size);
221 1 : libspdm_copy_mem (scratch_buffer + transport_header_size,
222 : scratch_buffer_size - transport_header_size,
223 : spdm_response, spdm_response_size);
224 1 : spdm_response = (void *)(scratch_buffer + transport_header_size);
225 1 : libspdm_transport_test_encode_message(spdm_context, &session_id, false,
226 : false, spdm_response_size,
227 : spdm_response, response_size,
228 : response);
229 1 : session_info = libspdm_get_session_info_via_session_id(
230 : spdm_context, session_id);
231 1 : if (session_info == NULL) {
232 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
233 : }
234 : /* WALKAROUND: If just use single context to encode message and then decode message */
235 : ((libspdm_secured_message_context_t
236 1 : *)(session_info->secured_message_context))
237 1 : ->application_secret.response_data_sequence_number--;
238 : }
239 1 : return LIBSPDM_STATUS_SUCCESS;
240 :
241 1 : case 0x6: {
242 : spdm_set_certificate_response_t *spdm_response;
243 : size_t spdm_response_size;
244 : size_t transport_header_size;
245 :
246 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
247 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
248 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
249 :
250 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12;
251 1 : spdm_response->header.request_response_code = SPDM_ERROR;
252 1 : spdm_response->header.param1 = SPDM_ERROR_CODE_RESET_REQUIRED;
253 1 : spdm_response->header.param2 = 0;
254 :
255 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
256 : false, spdm_response_size,
257 : spdm_response, response_size,
258 : response);
259 : }
260 1 : return LIBSPDM_STATUS_SUCCESS;
261 :
262 1 : case 0x7: {
263 : spdm_set_certificate_response_t *spdm_response;
264 : size_t spdm_response_size;
265 : size_t transport_header_size;
266 :
267 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
268 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
269 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
270 :
271 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
272 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
273 1 : spdm_response->header.param1 = 0;
274 1 : spdm_response->header.param2 = 0;
275 :
276 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
277 : false, spdm_response_size,
278 : spdm_response, response_size,
279 : response);
280 : }
281 1 : return LIBSPDM_STATUS_SUCCESS;
282 :
283 0 : case 0x8:
284 0 : assert_true(false);
285 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
286 :
287 1 : case 0x9: {
288 : spdm_set_certificate_response_t *spdm_response;
289 : size_t spdm_response_size;
290 : size_t transport_header_size;
291 :
292 1 : spdm_response_size = sizeof(spdm_set_certificate_response_t);
293 1 : transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE;
294 1 : spdm_response = (void *)((uint8_t *)*response + transport_header_size);
295 :
296 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
297 1 : spdm_response->header.request_response_code = SPDM_SET_CERTIFICATE_RSP;
298 1 : spdm_response->header.param1 = 3;
299 1 : spdm_response->header.param2 = 0;
300 :
301 1 : libspdm_transport_test_encode_message(spdm_context, NULL, false,
302 : false, spdm_response_size,
303 : spdm_response, response_size,
304 : response);
305 : }
306 1 : return LIBSPDM_STATUS_SUCCESS;
307 :
308 0 : default:
309 0 : return LIBSPDM_STATUS_RECEIVE_FAIL;
310 : }
311 : }
312 :
313 :
314 : /**
315 : * Test 1: message could not be sent
316 : * Expected Behavior: get a RETURN_DEVICE_ERROR return code
317 : **/
318 1 : void libspdm_test_requester_set_certificate_case1(void **state)
319 : {
320 : libspdm_return_t status;
321 : libspdm_test_context_t *spdm_test_context;
322 : libspdm_context_t *spdm_context;
323 :
324 : void *data;
325 : size_t data_size;
326 :
327 1 : spdm_test_context = *state;
328 1 : spdm_context = spdm_test_context->spdm_context;
329 1 : spdm_test_context->case_id = 0x1;
330 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
331 : SPDM_VERSION_NUMBER_SHIFT_BIT;
332 :
333 1 : spdm_context->connection_info.connection_state =
334 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
335 1 : spdm_context->connection_info.capability.flags |=
336 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
337 :
338 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
339 : m_libspdm_use_asym_algo,
340 : &data, &data_size, NULL, NULL);
341 :
342 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
343 :
344 1 : assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL);
345 1 : free(data);
346 1 : }
347 :
348 : /**
349 : * Test 2: Successful response to set certificate for slot 0
350 : * Expected Behavior: get a RETURN_SUCCESS return code
351 : **/
352 1 : void libspdm_test_requester_set_certificate_case2(void **state)
353 : {
354 : libspdm_return_t status;
355 : libspdm_test_context_t *spdm_test_context;
356 : libspdm_context_t *spdm_context;
357 :
358 : void *data;
359 : size_t data_size;
360 :
361 1 : spdm_test_context = *state;
362 1 : spdm_context = spdm_test_context->spdm_context;
363 1 : spdm_test_context->case_id = 0x2;
364 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
365 : SPDM_VERSION_NUMBER_SHIFT_BIT;
366 :
367 1 : spdm_context->connection_info.connection_state =
368 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
369 1 : spdm_context->connection_info.capability.flags |=
370 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
371 :
372 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
373 : m_libspdm_use_asym_algo,
374 : &data, &data_size, NULL, NULL);
375 :
376 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
377 :
378 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
379 1 : free(data);
380 1 : }
381 :
382 : /**
383 : * Test 3: Unsuccessful response to set certificate for slot 0, because cert_chain is NULL.
384 : * Expected Behavior: get a LIBSPDM_STATUS_INVALID_PARAMETER return code
385 : **/
386 1 : void libspdm_test_requester_set_certificate_case3(void **state)
387 : {
388 : libspdm_return_t status;
389 : libspdm_test_context_t *spdm_test_context;
390 : libspdm_context_t *spdm_context;
391 :
392 1 : spdm_test_context = *state;
393 1 : spdm_context = spdm_test_context->spdm_context;
394 1 : spdm_test_context->case_id = 0x3;
395 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
396 : SPDM_VERSION_NUMBER_SHIFT_BIT;
397 :
398 1 : spdm_context->connection_info.connection_state =
399 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
400 1 : spdm_context->connection_info.capability.flags |=
401 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
402 :
403 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, NULL, 0);
404 :
405 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
406 1 : }
407 :
408 : /**
409 : * Test 5: Successful response to set certificate for slot 1 in secure session
410 : * Expected Behavior: get a RETURN_SUCCESS return code
411 : **/
412 1 : void libspdm_test_requester_set_certificate_case5(void **state)
413 : {
414 : libspdm_return_t status;
415 : libspdm_test_context_t *spdm_test_context;
416 : libspdm_context_t *spdm_context;
417 : uint32_t session_id;
418 : libspdm_session_info_t *session_info;
419 :
420 : void *data;
421 : size_t data_size;
422 :
423 1 : spdm_test_context = *state;
424 1 : spdm_context = spdm_test_context->spdm_context;
425 1 : spdm_test_context->case_id = 0x05;
426 1 : spdm_context->connection_info.connection_state =
427 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED;
428 :
429 1 : spdm_context->connection_info.capability.flags |=
430 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG;
431 1 : spdm_context->connection_info.capability.flags |=
432 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
433 1 : spdm_context->connection_info.capability.flags |=
434 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP;
435 1 : spdm_context->connection_info.capability.flags |=
436 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
437 1 : spdm_context->local_context.capability.flags |=
438 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
439 1 : spdm_context->local_context.capability.flags |=
440 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP;
441 1 : spdm_context->local_context.capability.flags |=
442 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
443 1 : spdm_context->connection_info.capability.flags |=
444 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
445 1 : spdm_context->connection_info.algorithm.dhe_named_group =
446 : m_libspdm_use_dhe_algo;
447 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
448 : m_libspdm_use_aead_algo;
449 :
450 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
451 : m_libspdm_use_asym_algo, &data,
452 : &data_size, NULL, NULL);
453 :
454 1 : session_id = 0xFFFFFFFF;
455 1 : session_info = &spdm_context->session_info[0];
456 1 : libspdm_session_info_init(spdm_context, session_info, session_id, true);
457 1 : libspdm_secured_message_set_session_state(session_info->secured_message_context,
458 : LIBSPDM_SESSION_STATE_ESTABLISHED);
459 :
460 : /* slot id is 1*/
461 1 : status = libspdm_set_certificate(spdm_context, &session_id, 1, data, data_size);
462 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
463 :
464 1 : free(data);
465 1 : }
466 :
467 : /**
468 : * Test 6: Successful response to set certificate for slot 0 with a reset required
469 : * Expected Behavior: get a RETURN_SUCCESS return code
470 : **/
471 1 : void libspdm_test_requester_set_certificate_case6(void **state)
472 : {
473 : libspdm_return_t status;
474 : libspdm_test_context_t *spdm_test_context;
475 : libspdm_context_t *spdm_context;
476 :
477 : void *data;
478 : size_t data_size;
479 :
480 1 : spdm_test_context = *state;
481 1 : spdm_context = spdm_test_context->spdm_context;
482 1 : spdm_test_context->case_id = 0x6;
483 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
484 : SPDM_VERSION_NUMBER_SHIFT_BIT;
485 :
486 1 : spdm_context->connection_info.connection_state =
487 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
488 1 : spdm_context->connection_info.capability.flags |=
489 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP |
490 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP;
491 :
492 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
493 : m_libspdm_use_asym_algo,
494 : &data, &data_size, NULL, NULL);
495 :
496 1 : status = libspdm_set_certificate(spdm_context, NULL, 0, data, data_size);
497 :
498 1 : assert_int_equal(status, LIBSPDM_STATUS_RESET_REQUIRED_PEER);
499 1 : free(data);
500 1 : }
501 :
502 : /**
503 : * Test 7: Successful response to erase certificate for slot 0
504 : * Expected Behavior: get a RETURN_SUCCESS return code
505 : **/
506 1 : void libspdm_test_requester_set_certificate_case7(void **state)
507 : {
508 : libspdm_return_t status;
509 : libspdm_test_context_t *spdm_test_context;
510 : libspdm_context_t *spdm_context;
511 :
512 1 : spdm_test_context = *state;
513 1 : spdm_context = spdm_test_context->spdm_context;
514 1 : spdm_test_context->case_id = 0x7;
515 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
516 : SPDM_VERSION_NUMBER_SHIFT_BIT;
517 :
518 1 : spdm_context->connection_info.connection_state =
519 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
520 1 : spdm_context->connection_info.capability.flags |=
521 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
522 :
523 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, NULL, 0,
524 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE, 0);
525 :
526 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
527 1 : }
528 :
529 : /**
530 : * Test 8: Illegal combination of MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = 0.
531 : * Expected Behavior: function returns LIBSPDM_STATUS_INVALID_PARAMETER.
532 : **/
533 1 : void libspdm_test_requester_set_certificate_case8(void **state)
534 : {
535 : libspdm_return_t status;
536 : libspdm_test_context_t *spdm_test_context;
537 : libspdm_context_t *spdm_context;
538 :
539 : void *data;
540 : size_t data_size;
541 :
542 1 : spdm_test_context = *state;
543 1 : spdm_context = spdm_test_context->spdm_context;
544 1 : spdm_test_context->case_id = 0x8;
545 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
546 : SPDM_VERSION_NUMBER_SHIFT_BIT;
547 :
548 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
549 1 : spdm_context->connection_info.capability.flags |=
550 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
551 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
552 :
553 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
554 : m_libspdm_use_asym_algo,
555 : &data, &data_size, NULL, NULL);
556 :
557 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 0, data, data_size,
558 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE <<
559 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
560 : 1);
561 :
562 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER);
563 1 : }
564 :
565 : /**
566 : * Test 9: Set MULTI_KEY_CONN_RSP = true, Erase = false, and SetCertModel = DeviceCert.
567 : * Expected Behavior: function returns LIBSPDM_STATUS_SUCCESS.
568 : **/
569 1 : void libspdm_test_requester_set_certificate_case9(void **state)
570 : {
571 : libspdm_return_t status;
572 : libspdm_test_context_t *spdm_test_context;
573 : libspdm_context_t *spdm_context;
574 :
575 : void *data;
576 : size_t data_size;
577 :
578 1 : spdm_test_context = *state;
579 1 : spdm_context = spdm_test_context->spdm_context;
580 1 : spdm_test_context->case_id = 0x9;
581 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
582 : SPDM_VERSION_NUMBER_SHIFT_BIT;
583 :
584 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
585 1 : spdm_context->connection_info.capability.flags |=
586 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP;
587 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
588 :
589 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
590 : m_libspdm_use_asym_algo,
591 : &data, &data_size, NULL, NULL);
592 :
593 1 : status = libspdm_set_certificate_ex(spdm_context, NULL, 3, data, data_size,
594 : (SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT <<
595 : SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET),
596 : 1);
597 :
598 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
599 1 : }
600 :
601 1 : int libspdm_requester_set_certificate_test_main(void)
602 : {
603 1 : const struct CMUnitTest spdm_requester_set_certificate_tests[] = {
604 : /* SendRequest failed*/
605 : cmocka_unit_test(libspdm_test_requester_set_certificate_case1),
606 : /* Successful response to set certificate*/
607 : cmocka_unit_test(libspdm_test_requester_set_certificate_case2),
608 : /* Set null cert_chain for slot 0*/
609 : cmocka_unit_test(libspdm_test_requester_set_certificate_case3),
610 : /* Successful response to set certificate for slot 1 in secure session*/
611 : cmocka_unit_test(libspdm_test_requester_set_certificate_case5),
612 : /* Successful response to set certificate with a reset required */
613 : cmocka_unit_test(libspdm_test_requester_set_certificate_case6),
614 : /* Successful response to erase certificate*/
615 : cmocka_unit_test(libspdm_test_requester_set_certificate_case7),
616 : cmocka_unit_test(libspdm_test_requester_set_certificate_case8),
617 : cmocka_unit_test(libspdm_test_requester_set_certificate_case9),
618 : };
619 :
620 1 : libspdm_test_context_t test_context = {
621 : LIBSPDM_TEST_CONTEXT_VERSION,
622 : true,
623 : libspdm_requester_set_certificate_test_send_message,
624 : libspdm_requester_set_certificate_test_receive_message,
625 : };
626 :
627 1 : libspdm_setup_test_context(&test_context);
628 :
629 1 : return cmocka_run_group_tests(spdm_requester_set_certificate_tests,
630 : libspdm_unit_test_group_setup,
631 : libspdm_unit_test_group_teardown);
632 : }
633 :
634 : #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_CERT_CAP*/
|
