Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 :
10 : #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (LIBSPDM_ENABLE_CAPABILITY_ENCAP_CAP) && \
11 : (LIBSPDM_SEND_CHALLENGE_SUPPORT)
12 :
13 : static uint8_t m_requester_context[SPDM_REQ_CONTEXT_SIZE];
14 :
15 1 : static void rsp_encap_challenge_case1(void **state)
16 : {
17 : libspdm_return_t status;
18 : libspdm_test_context_t *spdm_test_context;
19 : libspdm_context_t *spdm_context;
20 : spdm_challenge_auth_response_t *spdm_response;
21 : uint8_t temp_buf[LIBSPDM_SENDER_BUFFER_SIZE];
22 : uint8_t *ptr;
23 : size_t response_size;
24 : size_t sig_size;
25 : bool need_continue;
26 : void *data;
27 : size_t data_size;
28 :
29 1 : spdm_test_context = *state;
30 1 : spdm_context = spdm_test_context->spdm_context;
31 :
32 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
33 : SPDM_VERSION_NUMBER_SHIFT_BIT;
34 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
35 1 : spdm_context->connection_info.capability.flags = 0;
36 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
37 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
38 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
39 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
40 : m_libspdm_use_req_asym_algo, &data,
41 : &data_size,
42 : NULL, NULL)) {
43 0 : return;
44 : }
45 1 : libspdm_reset_message_mut_c(spdm_context);
46 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
47 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
48 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
49 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
50 : data, data_size);
51 : #else
52 1 : libspdm_hash_all(
53 : spdm_context->connection_info.algorithm.base_hash_algo,
54 : data, data_size,
55 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
56 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
57 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
58 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
59 : spdm_context->connection_info.algorithm.base_hash_algo,
60 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
61 : data, data_size,
62 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
63 : #endif
64 1 : spdm_context->encap_context.req_slot_id = 0;
65 :
66 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_req_asym_algo);
67 1 : response_size = sizeof(spdm_challenge_auth_response_t) +
68 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
69 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 + sig_size;
70 1 : spdm_response = (void *)temp_buf;
71 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
72 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
73 1 : spdm_response->header.param1 = 0;
74 1 : spdm_response->header.param2 = (1 << 0);
75 :
76 1 : ptr = (void *)(spdm_response + 1);
77 1 : libspdm_hash_all(m_libspdm_use_hash_algo, data, data_size, ptr);
78 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
79 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
80 1 : ptr += SPDM_NONCE_SIZE;
81 :
82 1 : libspdm_write_uint16(ptr, 0);
83 1 : ptr += sizeof(uint16_t);
84 :
85 1 : libspdm_requester_data_sign(
86 : spdm_context,
87 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
88 : 0, SPDM_CHALLENGE_AUTH,
89 : m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
90 : false, (uint8_t*)spdm_response, response_size - sig_size,
91 : ptr, &sig_size);
92 :
93 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
94 : spdm_response,
95 : &need_continue);
96 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
97 : /* Completion of CHALLENGE sets M1/M2 to null. */
98 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
99 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
100 : #else
101 1 : assert_null(spdm_context->transcript.digest_context_mut_m1m2);
102 : #endif
103 1 : free(data);
104 : }
105 :
106 1 : static void rsp_encap_challenge_case2(void **state)
107 : {
108 : libspdm_return_t status;
109 : libspdm_test_context_t *spdm_test_context;
110 : libspdm_context_t *spdm_context;
111 : spdm_error_response_t *spdm_response;
112 : uint8_t temp_buf[LIBSPDM_MAX_SPDM_MSG_SIZE];
113 : size_t response_size;
114 : void *data;
115 : size_t data_size;
116 :
117 1 : spdm_test_context = *state;
118 1 : spdm_context = spdm_test_context->spdm_context;
119 :
120 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
121 1 : spdm_context->connection_info.capability.flags = 0;
122 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
123 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
124 : m_libspdm_use_asym_algo, &data,
125 : &data_size,
126 : NULL, NULL)) {
127 0 : return;
128 : }
129 1 : libspdm_reset_message_a(spdm_context);
130 1 : libspdm_reset_message_b(spdm_context);
131 1 : libspdm_reset_message_c(spdm_context);
132 :
133 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
134 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
135 :
136 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
137 : SPDM_VERSION_NUMBER_SHIFT_BIT;
138 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
139 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
140 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
141 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
142 : data, data_size);
143 : #else
144 1 : libspdm_hash_all(
145 : spdm_context->connection_info.algorithm.base_hash_algo,
146 : data, data_size,
147 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
148 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
149 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
150 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
151 : spdm_context->connection_info.algorithm.base_hash_algo,
152 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
153 : data, data_size,
154 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
155 : #endif
156 1 : spdm_context->encap_context.req_slot_id = 0;
157 :
158 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
159 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
160 :
161 1 : response_size = sizeof(spdm_error_response_t);
162 1 : spdm_response = (void *)temp_buf;
163 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
164 1 : spdm_response->header.request_response_code = SPDM_ERROR;
165 1 : spdm_response->header.param1 = 0;
166 1 : spdm_response->header.param2 = 0;
167 :
168 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
169 : spdm_response,
170 : NULL);
171 1 : assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP);
172 1 : free(data);
173 : }
174 :
175 :
176 1 : static void rsp_encap_challenge_case3(void **state)
177 : {
178 : libspdm_return_t status;
179 : libspdm_test_context_t *spdm_test_context;
180 : libspdm_context_t *spdm_context;
181 : spdm_challenge_auth_response_t *spdm_response;
182 : uint8_t temp_buf[LIBSPDM_MAX_SPDM_MSG_SIZE];
183 : size_t response_size;
184 : void *data;
185 : size_t data_size;
186 :
187 1 : spdm_test_context = *state;
188 1 : spdm_context = spdm_test_context->spdm_context;
189 :
190 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
191 1 : spdm_context->connection_info.capability.flags = 0;
192 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
193 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
194 : m_libspdm_use_asym_algo, &data,
195 : &data_size,
196 : NULL, NULL)) {
197 0 : return;
198 : }
199 1 : libspdm_reset_message_a(spdm_context);
200 1 : libspdm_reset_message_b(spdm_context);
201 1 : libspdm_reset_message_c(spdm_context);
202 :
203 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
204 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
205 :
206 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
207 : SPDM_VERSION_NUMBER_SHIFT_BIT;
208 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
209 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
210 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
211 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
212 : data, data_size);
213 : #else
214 1 : libspdm_hash_all(
215 : spdm_context->connection_info.algorithm.base_hash_algo,
216 : data, data_size,
217 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
218 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
219 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
220 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
221 : spdm_context->connection_info.algorithm.base_hash_algo,
222 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
223 : data, data_size,
224 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
225 : #endif
226 1 : spdm_context->encap_context.req_slot_id = 0;
227 :
228 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
229 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
230 :
231 1 : response_size = sizeof(spdm_error_response_t);
232 1 : spdm_response = (void *)temp_buf;
233 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
234 1 : spdm_response->header.request_response_code = SPDM_CERTIFICATE;
235 1 : spdm_response->header.param1 = 0;
236 1 : spdm_response->header.param2 = 0;
237 :
238 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
239 : spdm_response,
240 : NULL);
241 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
242 1 : free(data);
243 : }
244 :
245 1 : static void rsp_encap_challenge_case4(void **state)
246 : {
247 : libspdm_return_t status;
248 : libspdm_test_context_t *spdm_test_context;
249 : libspdm_context_t *spdm_context;
250 : spdm_challenge_auth_response_t *spdm_response;
251 : uint8_t temp_buf[LIBSPDM_MAX_SPDM_MSG_SIZE];
252 : size_t response_size;
253 : void *data;
254 : size_t data_size;
255 :
256 1 : spdm_test_context = *state;
257 1 : spdm_context = spdm_test_context->spdm_context;
258 :
259 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
260 1 : spdm_context->connection_info.capability.flags = 0;
261 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
262 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
263 : m_libspdm_use_asym_algo, &data,
264 : &data_size,
265 : NULL, NULL)) {
266 0 : return;
267 : }
268 1 : libspdm_reset_message_a(spdm_context);
269 1 : libspdm_reset_message_b(spdm_context);
270 1 : libspdm_reset_message_c(spdm_context);
271 :
272 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
273 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
274 :
275 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
276 : SPDM_VERSION_NUMBER_SHIFT_BIT;
277 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
278 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
279 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
280 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
281 : data, data_size);
282 : #else
283 1 : libspdm_hash_all(
284 : spdm_context->connection_info.algorithm.base_hash_algo,
285 : data, data_size,
286 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
287 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
288 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
289 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
290 : spdm_context->connection_info.algorithm.base_hash_algo,
291 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
292 : data, data_size,
293 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
294 : #endif
295 1 : spdm_context->encap_context.req_slot_id = 0;
296 :
297 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size;
298 1 : spdm_context->local_context.local_cert_chain_provision[0] = data;
299 :
300 1 : response_size = sizeof(spdm_error_response_t);
301 1 : spdm_response = (void *)temp_buf;
302 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
303 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
304 1 : spdm_response->header.param1 = 0;
305 1 : spdm_response->header.param2 = 0;
306 :
307 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
308 : spdm_response,
309 : NULL);
310 1 : assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD);
311 1 : free(data);
312 : }
313 :
314 1 : static void rsp_encap_challenge_case5(void **state)
315 : {
316 : libspdm_return_t status;
317 : libspdm_test_context_t *spdm_test_context;
318 : libspdm_context_t *spdm_context;
319 : spdm_challenge_auth_response_t *spdm_response;
320 : uint8_t temp_buf[LIBSPDM_MAX_SPDM_MSG_SIZE];
321 : size_t response_size;
322 : size_t sig_size;
323 : uint8_t *ptr;
324 : bool need_continue;
325 : void *data;
326 : size_t data_size;
327 :
328 1 : spdm_test_context = *state;
329 1 : spdm_context = spdm_test_context->spdm_context;
330 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
331 : SPDM_VERSION_NUMBER_SHIFT_BIT;
332 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
333 1 : spdm_context->connection_info.capability.flags = 0;
334 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
335 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
336 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
337 :
338 1 : if (!libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data, &data_size)) {
339 0 : return;
340 : }
341 1 : spdm_context->local_context.peer_public_key_provision = data;
342 1 : spdm_context->local_context.peer_public_key_provision_size = data_size;
343 :
344 1 : spdm_context->encap_context.req_slot_id = 0xFF;
345 :
346 1 : libspdm_reset_message_a(spdm_context);
347 1 : libspdm_reset_message_b(spdm_context);
348 1 : libspdm_reset_message_c(spdm_context);
349 :
350 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_req_asym_algo);
351 1 : response_size = sizeof(spdm_challenge_auth_response_t) +
352 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
353 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 + sig_size;
354 1 : spdm_response = (void *)temp_buf;
355 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11;
356 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
357 1 : spdm_response->header.param1 = (0xFF & SPDM_CHALLENGE_AUTH_RESPONSE_ATTRIBUTE_SLOT_ID_MASK);
358 1 : spdm_response->header.param2 = 0;
359 :
360 1 : ptr = (void *)(spdm_response + 1);
361 1 : libspdm_hash_all(m_libspdm_use_hash_algo, data, data_size, ptr);
362 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
363 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
364 1 : ptr += SPDM_NONCE_SIZE;
365 :
366 1 : libspdm_write_uint16(ptr, 0);
367 1 : ptr += sizeof(uint16_t);
368 :
369 1 : libspdm_requester_data_sign(
370 : spdm_context,
371 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
372 : 0, SPDM_CHALLENGE_AUTH,
373 : m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
374 : false, (uint8_t*)spdm_response, response_size - sig_size,
375 : ptr, &sig_size);
376 :
377 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
378 : spdm_response,
379 : &need_continue);
380 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
381 1 : free(data);
382 : }
383 :
384 : /**
385 : * Test 6: Successful case , With the correct challenge context field
386 : * Expected Behavior: client returns a status of LIBSPDM_STATUS_SUCCESS.
387 : **/
388 1 : static void rsp_encap_challenge_case6(void **state)
389 : {
390 : libspdm_return_t status;
391 : libspdm_test_context_t *spdm_test_context;
392 : libspdm_context_t *spdm_context;
393 : spdm_challenge_auth_response_t *spdm_response;
394 : uint8_t temp_buf[LIBSPDM_SENDER_BUFFER_SIZE];
395 : uint8_t *ptr;
396 : size_t response_size;
397 : size_t sig_size;
398 : bool need_continue;
399 : void *data;
400 : size_t data_size;
401 :
402 1 : spdm_test_context = *state;
403 1 : spdm_context = spdm_test_context->spdm_context;
404 :
405 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
406 : SPDM_VERSION_NUMBER_SHIFT_BIT;
407 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
408 1 : spdm_context->connection_info.capability.flags = 0;
409 1 : spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP;
410 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
411 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
412 1 : if (!libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
413 : m_libspdm_use_req_asym_algo, &data,
414 : &data_size,
415 : NULL, NULL)) {
416 0 : return;
417 : }
418 1 : libspdm_reset_message_mut_c(spdm_context);
419 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
420 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size;
421 : libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
422 : sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
423 : data, data_size);
424 : #else
425 1 : libspdm_hash_all(
426 : spdm_context->connection_info.algorithm.base_hash_algo,
427 : data, data_size,
428 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
429 1 : spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
430 1 : libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
431 1 : libspdm_get_leaf_cert_public_key_from_cert_chain(
432 : spdm_context->connection_info.algorithm.base_hash_algo,
433 1 : spdm_context->connection_info.algorithm.req_base_asym_alg,
434 : data, data_size,
435 : &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
436 : #endif
437 1 : spdm_context->encap_context.req_slot_id = 0;
438 1 : libspdm_set_mem(m_requester_context, SPDM_REQ_CONTEXT_SIZE, 0xAA);
439 1 : libspdm_copy_mem(spdm_context->encap_context.req_context, SPDM_REQ_CONTEXT_SIZE,
440 : m_requester_context, SPDM_REQ_CONTEXT_SIZE);
441 :
442 :
443 1 : sig_size = libspdm_get_asym_signature_size(m_libspdm_use_req_asym_algo);
444 1 : response_size = sizeof(spdm_challenge_auth_response_t) +
445 1 : libspdm_get_hash_size(m_libspdm_use_hash_algo) +
446 1 : SPDM_NONCE_SIZE + 0 + sizeof(uint16_t) + 0 + SPDM_REQ_CONTEXT_SIZE + sig_size;
447 1 : spdm_response = (void *)temp_buf;
448 1 : spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13;
449 1 : spdm_response->header.request_response_code = SPDM_CHALLENGE_AUTH;
450 1 : spdm_response->header.param1 = 0;
451 1 : spdm_response->header.param2 = (1 << 0);
452 :
453 1 : ptr = (void *)(spdm_response + 1);
454 1 : libspdm_hash_all(m_libspdm_use_hash_algo, data, data_size, ptr);
455 1 : ptr += libspdm_get_hash_size(m_libspdm_use_hash_algo);
456 1 : libspdm_get_random_number(SPDM_NONCE_SIZE, ptr);
457 1 : ptr += SPDM_NONCE_SIZE;
458 :
459 1 : libspdm_write_uint16(ptr, 0);
460 1 : ptr += sizeof(uint16_t);
461 :
462 1 : libspdm_set_mem(ptr, SPDM_REQ_CONTEXT_SIZE, 0xAA);
463 1 : ptr += SPDM_REQ_CONTEXT_SIZE;
464 :
465 1 : libspdm_requester_data_sign(
466 : spdm_context,
467 1 : spdm_response->header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
468 : 0, SPDM_CHALLENGE_AUTH,
469 : m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
470 : false, (uint8_t*)spdm_response, response_size - sig_size,
471 : ptr, &sig_size);
472 :
473 1 : status = libspdm_process_encap_response_challenge_auth(spdm_context, response_size,
474 : spdm_response,
475 : &need_continue);
476 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
477 :
478 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
479 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
480 : #else
481 1 : assert_null(spdm_context->transcript.digest_context_mut_m1m2);
482 : #endif
483 1 : free(data);
484 : }
485 :
486 1 : int libspdm_rsp_encap_challenge_test(void)
487 : {
488 1 : const struct CMUnitTest test_cases[] = {
489 : cmocka_unit_test(rsp_encap_challenge_case1),
490 : /* Error response: SPDM_ERROR*/
491 : cmocka_unit_test(rsp_encap_challenge_case2),
492 : /* Error request_response_code : SPDM_CERTIFICATE */
493 : cmocka_unit_test(rsp_encap_challenge_case3),
494 : /* Error spdm_response_size */
495 : cmocka_unit_test(rsp_encap_challenge_case4),
496 : /* Success Case, use provisioned public key (slot 0xFF) */
497 : cmocka_unit_test(rsp_encap_challenge_case5),
498 : /* Success Case, V1.3 With the correct challenge context field */
499 : cmocka_unit_test(rsp_encap_challenge_case6),
500 : };
501 :
502 1 : libspdm_test_context_t test_context = {
503 : LIBSPDM_TEST_CONTEXT_VERSION,
504 : false,
505 : };
506 :
507 1 : libspdm_setup_test_context(&test_context);
508 :
509 1 : return cmocka_run_group_tests(test_cases,
510 : libspdm_unit_test_group_setup,
511 : libspdm_unit_test_group_teardown);
512 : }
513 :
514 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && (...) */
|
