Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : #pragma pack(1)
14 : typedef struct {
15 : spdm_message_header_t header;
16 : uint16_t req_session_id;
17 : uint8_t session_policy;
18 : uint8_t reserved;
19 : uint8_t random_data[SPDM_RANDOM_DATA_SIZE];
20 : uint8_t exchange_data[LIBSPDM_MAX_DHE_KEY_SIZE];
21 : uint16_t opaque_length;
22 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
23 : } libspdm_key_exchange_request_mine_t;
24 : #pragma pack()
25 :
26 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request1 = {
27 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
28 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
29 : };
30 : size_t m_libspdm_key_exchange_request1_size = sizeof(m_libspdm_key_exchange_request1);
31 :
32 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request2 = {
33 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
34 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
35 : };
36 : size_t m_libspdm_key_exchange_request2_size = sizeof(spdm_key_exchange_request_t);
37 :
38 : /* Request TCB measurement hash */
39 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request3 = {
40 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
41 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0 },
42 : };
43 : size_t m_libspdm_key_exchange_request3_size = sizeof(m_libspdm_key_exchange_request3);
44 :
45 : /* Request all measurement hash */
46 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request4 = {
47 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
48 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0 },
49 : };
50 : size_t m_libspdm_key_exchange_request4_size = sizeof(m_libspdm_key_exchange_request4);
51 :
52 : /* Uses a reserved value in measurement hash */
53 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request5 = {
54 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
55 : 0x50, 0 },
56 : };
57 : size_t m_libspdm_key_exchange_request5_size = sizeof(m_libspdm_key_exchange_request5);
58 :
59 : /* Asks for certificate in slot 1 */
60 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request6 = {
61 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
62 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 1 },
63 : };
64 : size_t m_libspdm_key_exchange_request6_size = sizeof(m_libspdm_key_exchange_request6);
65 :
66 : /* Asks for previously provisioned raw public key */
67 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request7 = {
68 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
69 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF },
70 : };
71 : size_t m_libspdm_key_exchange_request7_size = sizeof(m_libspdm_key_exchange_request7);
72 :
73 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request8 = {
74 : { SPDM_MESSAGE_VERSION_12, SPDM_KEY_EXCHANGE,
75 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
76 : };
77 : size_t m_libspdm_key_exchange_request8_size = sizeof(m_libspdm_key_exchange_request8);
78 :
79 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request9 = {
80 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
81 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 9 },
82 : };
83 : size_t m_libspdm_key_exchange_request9_size = sizeof(m_libspdm_key_exchange_request9);
84 :
85 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request10 = {
86 : { SPDM_MESSAGE_VERSION_13, SPDM_KEY_EXCHANGE,
87 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
88 : };
89 : size_t m_libspdm_key_exchange_request10_size = sizeof(m_libspdm_key_exchange_request10);
90 :
91 : extern bool g_event_all_subscribe;
92 : extern bool g_event_all_unsubscribe;
93 :
94 1 : void libspdm_test_responder_key_exchange_case1(void **state)
95 : {
96 : libspdm_return_t status;
97 : libspdm_test_context_t *spdm_test_context;
98 : libspdm_context_t *spdm_context;
99 : size_t response_size;
100 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
101 : spdm_key_exchange_response_t *spdm_response;
102 : void *data1;
103 : size_t data_size1;
104 : uint8_t *ptr;
105 : size_t dhe_key_size;
106 : void *dhe_context;
107 : size_t opaque_key_exchange_req_size;
108 : uint32_t session_id;
109 :
110 1 : spdm_test_context = *state;
111 1 : spdm_context = spdm_test_context->spdm_context;
112 1 : spdm_test_context->case_id = 0x1;
113 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
114 1 : spdm_context->connection_info.capability.flags |=
115 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
116 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
117 1 : spdm_context->local_context.capability.flags |=
118 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
119 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
120 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
121 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
122 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
123 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
124 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
125 : m_libspdm_use_measurement_hash_algo;
126 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
127 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
128 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
129 : SPDM_VERSION_NUMBER_SHIFT_BIT;
130 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
131 : m_libspdm_use_asym_algo, &data1,
132 : &data_size1, NULL, NULL);
133 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
134 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
135 :
136 1 : libspdm_reset_message_a(spdm_context);
137 1 : spdm_context->local_context.mut_auth_requested = 0;
138 :
139 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
140 :
141 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
142 : m_libspdm_key_exchange_request1.random_data);
143 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
144 1 : m_libspdm_key_exchange_request1.reserved = 0;
145 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
146 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
147 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
148 : false);
149 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
150 1 : ptr += dhe_key_size;
151 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
152 1 : opaque_key_exchange_req_size =
153 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
154 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
155 1 : ptr += sizeof(uint16_t);
156 1 : libspdm_build_opaque_data_supported_version_data(
157 : spdm_context, &opaque_key_exchange_req_size, ptr);
158 1 : ptr += opaque_key_exchange_req_size;
159 1 : response_size = sizeof(response);
160 1 : status = libspdm_get_response_key_exchange(
161 : spdm_context, m_libspdm_key_exchange_request1_size,
162 : &m_libspdm_key_exchange_request1, &response_size, response);
163 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
164 1 : assert_int_equal(
165 : libspdm_secured_message_get_session_state(
166 : spdm_context->session_info[0].secured_message_context),
167 : LIBSPDM_SESSION_STATE_HANDSHAKING);
168 1 : spdm_response = (void *)response;
169 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
170 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
171 :
172 1 : session_id = (m_libspdm_key_exchange_request1.req_session_id << 16) |
173 1 : spdm_response->rsp_session_id;
174 1 : libspdm_free_session_id(spdm_context, session_id);
175 1 : free(data1);
176 1 : }
177 :
178 1 : void libspdm_test_responder_key_exchange_case2(void **state)
179 : {
180 : libspdm_return_t status;
181 : libspdm_test_context_t *spdm_test_context;
182 : libspdm_context_t *spdm_context;
183 : size_t response_size;
184 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
185 : spdm_key_exchange_response_t *spdm_response;
186 : void *data1;
187 : size_t data_size1;
188 : uint8_t *ptr;
189 : size_t dhe_key_size;
190 : void *dhe_context;
191 : size_t opaque_key_exchange_req_size;
192 :
193 1 : spdm_test_context = *state;
194 1 : spdm_context = spdm_test_context->spdm_context;
195 1 : spdm_test_context->case_id = 0x2;
196 1 : spdm_context->connection_info.connection_state =
197 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
198 1 : spdm_context->connection_info.capability.flags |=
199 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
200 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
201 1 : spdm_context->local_context.capability.flags |=
202 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
203 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
204 1 : spdm_context->connection_info.algorithm.base_hash_algo =
205 : m_libspdm_use_hash_algo;
206 1 : spdm_context->connection_info.algorithm.base_asym_algo =
207 : m_libspdm_use_asym_algo;
208 1 : spdm_context->connection_info.algorithm.measurement_spec =
209 : m_libspdm_use_measurement_spec;
210 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
211 : m_libspdm_use_measurement_hash_algo;
212 1 : spdm_context->connection_info.algorithm.dhe_named_group =
213 : m_libspdm_use_dhe_algo;
214 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
215 : m_libspdm_use_aead_algo;
216 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
217 : SPDM_VERSION_NUMBER_SHIFT_BIT;
218 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
219 : m_libspdm_use_asym_algo, &data1,
220 : &data_size1, NULL, NULL);
221 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
222 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
223 : data_size1;
224 :
225 1 : libspdm_reset_message_a(spdm_context);
226 1 : spdm_context->local_context.mut_auth_requested = 0;
227 :
228 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
229 : m_libspdm_key_exchange_request2.random_data);
230 1 : m_libspdm_key_exchange_request2.req_session_id = 0xFFFF;
231 1 : m_libspdm_key_exchange_request2.reserved = 0;
232 1 : ptr = m_libspdm_key_exchange_request2.exchange_data;
233 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
234 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
235 : false);
236 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
237 1 : ptr += dhe_key_size;
238 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
239 1 : opaque_key_exchange_req_size =
240 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
241 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
242 1 : ptr += sizeof(uint16_t);
243 1 : libspdm_build_opaque_data_supported_version_data(
244 : spdm_context, &opaque_key_exchange_req_size, ptr);
245 1 : ptr += opaque_key_exchange_req_size;
246 1 : response_size = sizeof(response);
247 1 : status = libspdm_get_response_key_exchange(
248 : spdm_context, m_libspdm_key_exchange_request2_size,
249 : &m_libspdm_key_exchange_request2, &response_size, response);
250 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
251 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
252 1 : spdm_response = (void *)response;
253 1 : assert_int_equal(spdm_response->header.request_response_code,
254 : SPDM_ERROR);
255 1 : assert_int_equal(spdm_response->header.param1,
256 : SPDM_ERROR_CODE_INVALID_REQUEST);
257 1 : assert_int_equal(spdm_response->header.param2, 0);
258 1 : free(data1);
259 1 : }
260 :
261 1 : void libspdm_test_responder_key_exchange_case3(void **state)
262 : {
263 : libspdm_return_t status;
264 : libspdm_test_context_t *spdm_test_context;
265 : libspdm_context_t *spdm_context;
266 : size_t response_size;
267 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
268 : spdm_key_exchange_response_t *spdm_response;
269 : void *data1;
270 : size_t data_size1;
271 : uint8_t *ptr;
272 : size_t dhe_key_size;
273 : void *dhe_context;
274 : size_t opaque_key_exchange_req_size;
275 :
276 1 : spdm_test_context = *state;
277 1 : spdm_context = spdm_test_context->spdm_context;
278 1 : spdm_test_context->case_id = 0x3;
279 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
280 1 : spdm_context->connection_info.connection_state =
281 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
282 1 : spdm_context->connection_info.capability.flags |=
283 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
284 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
285 1 : spdm_context->local_context.capability.flags |=
286 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
287 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
288 1 : spdm_context->connection_info.algorithm.base_hash_algo =
289 : m_libspdm_use_hash_algo;
290 1 : spdm_context->connection_info.algorithm.base_asym_algo =
291 : m_libspdm_use_asym_algo;
292 1 : spdm_context->connection_info.algorithm.measurement_spec =
293 : m_libspdm_use_measurement_spec;
294 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
295 : m_libspdm_use_measurement_hash_algo;
296 1 : spdm_context->connection_info.algorithm.dhe_named_group =
297 : m_libspdm_use_dhe_algo;
298 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
299 : m_libspdm_use_aead_algo;
300 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
301 : SPDM_VERSION_NUMBER_SHIFT_BIT;
302 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
303 : m_libspdm_use_asym_algo, &data1,
304 : &data_size1, NULL, NULL);
305 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
306 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
307 : data_size1;
308 :
309 1 : libspdm_reset_message_a(spdm_context);
310 1 : spdm_context->local_context.mut_auth_requested = 0;
311 :
312 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
313 : m_libspdm_key_exchange_request1.random_data);
314 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
315 1 : m_libspdm_key_exchange_request1.reserved = 0;
316 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
317 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
318 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
319 : false);
320 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
321 1 : ptr += dhe_key_size;
322 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
323 1 : opaque_key_exchange_req_size =
324 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
325 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
326 1 : ptr += sizeof(uint16_t);
327 1 : libspdm_build_opaque_data_supported_version_data(
328 : spdm_context, &opaque_key_exchange_req_size, ptr);
329 1 : ptr += opaque_key_exchange_req_size;
330 1 : response_size = sizeof(response);
331 1 : status = libspdm_get_response_key_exchange(
332 : spdm_context, m_libspdm_key_exchange_request1_size,
333 : &m_libspdm_key_exchange_request1, &response_size, response);
334 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
335 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
336 1 : spdm_response = (void *)response;
337 1 : assert_int_equal(spdm_response->header.request_response_code,
338 : SPDM_ERROR);
339 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
340 1 : assert_int_equal(spdm_response->header.param2, 0);
341 1 : assert_int_equal(spdm_context->response_state,
342 : LIBSPDM_RESPONSE_STATE_BUSY);
343 1 : free(data1);
344 1 : }
345 :
346 1 : void libspdm_test_responder_key_exchange_case4(void **state)
347 : {
348 : libspdm_return_t status;
349 : libspdm_test_context_t *spdm_test_context;
350 : libspdm_context_t *spdm_context;
351 : size_t response_size;
352 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
353 : spdm_key_exchange_response_t *spdm_response;
354 : void *data1;
355 : size_t data_size1;
356 : uint8_t *ptr;
357 : size_t dhe_key_size;
358 : void *dhe_context;
359 : size_t opaque_key_exchange_req_size;
360 :
361 1 : spdm_test_context = *state;
362 1 : spdm_context = spdm_test_context->spdm_context;
363 1 : spdm_test_context->case_id = 0x4;
364 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
365 1 : spdm_context->connection_info.connection_state =
366 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
367 1 : spdm_context->connection_info.capability.flags |=
368 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
369 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
370 1 : spdm_context->local_context.capability.flags |=
371 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
372 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
373 1 : spdm_context->connection_info.algorithm.base_hash_algo =
374 : m_libspdm_use_hash_algo;
375 1 : spdm_context->connection_info.algorithm.base_asym_algo =
376 : m_libspdm_use_asym_algo;
377 1 : spdm_context->connection_info.algorithm.measurement_spec =
378 : m_libspdm_use_measurement_spec;
379 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
380 : m_libspdm_use_measurement_hash_algo;
381 1 : spdm_context->connection_info.algorithm.dhe_named_group =
382 : m_libspdm_use_dhe_algo;
383 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
384 : m_libspdm_use_aead_algo;
385 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
386 : SPDM_VERSION_NUMBER_SHIFT_BIT;
387 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
388 : m_libspdm_use_asym_algo, &data1,
389 : &data_size1, NULL, NULL);
390 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
391 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
392 : data_size1;
393 :
394 1 : libspdm_reset_message_a(spdm_context);
395 1 : spdm_context->local_context.mut_auth_requested = 0;
396 :
397 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
398 : m_libspdm_key_exchange_request1.random_data);
399 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
400 1 : m_libspdm_key_exchange_request1.reserved = 0;
401 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
402 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
403 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
404 : false);
405 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
406 1 : ptr += dhe_key_size;
407 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
408 1 : opaque_key_exchange_req_size =
409 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
410 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
411 1 : ptr += sizeof(uint16_t);
412 1 : libspdm_build_opaque_data_supported_version_data(
413 : spdm_context, &opaque_key_exchange_req_size, ptr);
414 1 : ptr += opaque_key_exchange_req_size;
415 1 : response_size = sizeof(response);
416 1 : status = libspdm_get_response_key_exchange(
417 : spdm_context, m_libspdm_key_exchange_request1_size,
418 : &m_libspdm_key_exchange_request1, &response_size, response);
419 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
420 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
421 1 : spdm_response = (void *)response;
422 1 : assert_int_equal(spdm_response->header.request_response_code,
423 : SPDM_ERROR);
424 1 : assert_int_equal(spdm_response->header.param1,
425 : SPDM_ERROR_CODE_REQUEST_RESYNCH);
426 1 : assert_int_equal(spdm_response->header.param2, 0);
427 1 : assert_int_equal(spdm_context->response_state,
428 : LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
429 1 : free(data1);
430 1 : }
431 :
432 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
433 1 : void libspdm_test_responder_key_exchange_case5(void **state)
434 : {
435 : libspdm_return_t status;
436 : libspdm_test_context_t *spdm_test_context;
437 : libspdm_context_t *spdm_context;
438 : size_t response_size;
439 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
440 : spdm_key_exchange_response_t *spdm_response;
441 : void *data1;
442 : size_t data_size1;
443 : spdm_error_data_response_not_ready_t *error_data;
444 : uint8_t *ptr;
445 : size_t dhe_key_size;
446 : void *dhe_context;
447 : size_t opaque_key_exchange_req_size;
448 :
449 1 : spdm_test_context = *state;
450 1 : spdm_context = spdm_test_context->spdm_context;
451 1 : spdm_test_context->case_id = 0x5;
452 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
453 1 : spdm_context->connection_info.connection_state =
454 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
455 1 : spdm_context->connection_info.capability.flags |=
456 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
457 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
458 1 : spdm_context->local_context.capability.flags |=
459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
460 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
461 1 : spdm_context->connection_info.algorithm.base_hash_algo =
462 : m_libspdm_use_hash_algo;
463 1 : spdm_context->connection_info.algorithm.base_asym_algo =
464 : m_libspdm_use_asym_algo;
465 1 : spdm_context->connection_info.algorithm.measurement_spec =
466 : m_libspdm_use_measurement_spec;
467 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
468 : m_libspdm_use_measurement_hash_algo;
469 1 : spdm_context->connection_info.algorithm.dhe_named_group =
470 : m_libspdm_use_dhe_algo;
471 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
472 : m_libspdm_use_aead_algo;
473 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
474 : SPDM_VERSION_NUMBER_SHIFT_BIT;
475 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
476 : m_libspdm_use_asym_algo, &data1,
477 : &data_size1, NULL, NULL);
478 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
479 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
480 : data_size1;
481 :
482 1 : libspdm_reset_message_a(spdm_context);
483 1 : spdm_context->local_context.mut_auth_requested = 0;
484 :
485 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
486 : m_libspdm_key_exchange_request1.random_data);
487 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
488 1 : m_libspdm_key_exchange_request1.reserved = 0;
489 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
490 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
491 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
492 : false);
493 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
494 1 : ptr += dhe_key_size;
495 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
496 1 : opaque_key_exchange_req_size =
497 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
498 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
499 1 : ptr += sizeof(uint16_t);
500 1 : libspdm_build_opaque_data_supported_version_data(
501 : spdm_context, &opaque_key_exchange_req_size, ptr);
502 1 : ptr += opaque_key_exchange_req_size;
503 1 : response_size = sizeof(response);
504 1 : status = libspdm_get_response_key_exchange(
505 : spdm_context, m_libspdm_key_exchange_request1_size,
506 : &m_libspdm_key_exchange_request1, &response_size, response);
507 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
508 1 : assert_int_equal(response_size,
509 : sizeof(spdm_error_response_t) +
510 : sizeof(spdm_error_data_response_not_ready_t));
511 1 : spdm_response = (void *)response;
512 1 : error_data = (spdm_error_data_response_not_ready_t
513 : *)(&spdm_response->rsp_session_id);
514 1 : assert_int_equal(spdm_response->header.request_response_code,
515 : SPDM_ERROR);
516 1 : assert_int_equal(spdm_response->header.param1,
517 : SPDM_ERROR_CODE_RESPONSE_NOT_READY);
518 1 : assert_int_equal(spdm_response->header.param2, 0);
519 1 : assert_int_equal(spdm_context->response_state,
520 : LIBSPDM_RESPONSE_STATE_NOT_READY);
521 1 : assert_int_equal(error_data->request_code, SPDM_KEY_EXCHANGE);
522 1 : free(data1);
523 1 : }
524 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
525 :
526 1 : void libspdm_test_responder_key_exchange_case6(void **state)
527 : {
528 : libspdm_return_t status;
529 : libspdm_test_context_t *spdm_test_context;
530 : libspdm_context_t *spdm_context;
531 : size_t response_size;
532 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
533 : spdm_key_exchange_response_t *spdm_response;
534 : void *data1;
535 : size_t data_size1;
536 : uint8_t *ptr;
537 : size_t dhe_key_size;
538 : void *dhe_context;
539 : size_t opaque_key_exchange_req_size;
540 :
541 1 : spdm_test_context = *state;
542 1 : spdm_context = spdm_test_context->spdm_context;
543 1 : spdm_test_context->case_id = 0x6;
544 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
545 1 : spdm_context->connection_info.connection_state =
546 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
547 1 : spdm_context->connection_info.capability.flags |=
548 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
549 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
550 1 : spdm_context->local_context.capability.flags |=
551 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
552 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
553 1 : spdm_context->connection_info.algorithm.base_hash_algo =
554 : m_libspdm_use_hash_algo;
555 1 : spdm_context->connection_info.algorithm.base_asym_algo =
556 : m_libspdm_use_asym_algo;
557 1 : spdm_context->connection_info.algorithm.measurement_spec =
558 : m_libspdm_use_measurement_spec;
559 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
560 : m_libspdm_use_measurement_hash_algo;
561 1 : spdm_context->connection_info.algorithm.dhe_named_group =
562 : m_libspdm_use_dhe_algo;
563 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
564 : m_libspdm_use_aead_algo;
565 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
566 : SPDM_VERSION_NUMBER_SHIFT_BIT;
567 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
568 : m_libspdm_use_asym_algo, &data1,
569 : &data_size1, NULL, NULL);
570 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
571 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
572 : data_size1;
573 :
574 1 : libspdm_reset_message_a(spdm_context);
575 1 : spdm_context->local_context.mut_auth_requested = 0;
576 :
577 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
578 : m_libspdm_key_exchange_request1.random_data);
579 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
580 1 : m_libspdm_key_exchange_request1.reserved = 0;
581 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
582 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
583 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
584 : false);
585 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
586 1 : ptr += dhe_key_size;
587 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
588 1 : opaque_key_exchange_req_size =
589 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
590 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
591 1 : ptr += sizeof(uint16_t);
592 1 : libspdm_build_opaque_data_supported_version_data(
593 : spdm_context, &opaque_key_exchange_req_size, ptr);
594 1 : ptr += opaque_key_exchange_req_size;
595 1 : response_size = sizeof(response);
596 1 : status = libspdm_get_response_key_exchange(
597 : spdm_context, m_libspdm_key_exchange_request1_size,
598 : &m_libspdm_key_exchange_request1, &response_size, response);
599 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
600 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
601 1 : spdm_response = (void *)response;
602 1 : assert_int_equal(spdm_response->header.request_response_code,
603 : SPDM_ERROR);
604 1 : assert_int_equal(spdm_response->header.param1,
605 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
606 1 : assert_int_equal(spdm_response->header.param2, 0);
607 1 : free(data1);
608 1 : }
609 :
610 1 : void libspdm_test_responder_key_exchange_case7(void **state)
611 : {
612 : libspdm_return_t status;
613 : libspdm_test_context_t *spdm_test_context;
614 : libspdm_context_t *spdm_context;
615 : size_t response_size;
616 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
617 : spdm_key_exchange_response_t *spdm_response;
618 : void *data1;
619 : size_t data_size1;
620 : uint8_t *ptr;
621 : size_t dhe_key_size;
622 : void *dhe_context;
623 : size_t opaque_key_exchange_req_size;
624 :
625 1 : spdm_test_context = *state;
626 1 : spdm_context = spdm_test_context->spdm_context;
627 1 : spdm_test_context->case_id = 0x1;
628 1 : spdm_context->connection_info.connection_state =
629 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
630 1 : spdm_context->connection_info.capability.flags |=
631 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
632 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
633 1 : spdm_context->local_context.capability.flags |=
634 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
635 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
636 1 : spdm_context->connection_info.algorithm.base_hash_algo =
637 : m_libspdm_use_hash_algo;
638 1 : spdm_context->connection_info.algorithm.base_asym_algo =
639 : m_libspdm_use_asym_algo;
640 1 : spdm_context->connection_info.algorithm.measurement_spec =
641 : m_libspdm_use_measurement_spec;
642 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
643 : m_libspdm_use_measurement_hash_algo;
644 1 : spdm_context->connection_info.algorithm.dhe_named_group =
645 : m_libspdm_use_dhe_algo;
646 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
647 : m_libspdm_use_aead_algo;
648 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
649 : SPDM_VERSION_NUMBER_SHIFT_BIT;
650 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
651 : m_libspdm_use_asym_algo, &data1,
652 : &data_size1, NULL, NULL);
653 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
654 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
655 : data_size1;
656 :
657 1 : libspdm_reset_message_a(spdm_context);
658 1 : spdm_context->local_context.mut_auth_requested = 0;
659 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
660 : spdm_context->transcript.message_m.buffer_size =
661 : spdm_context->transcript.message_m.max_buffer_size;
662 : spdm_context->transcript.message_b.buffer_size =
663 : spdm_context->transcript.message_b.max_buffer_size;
664 : spdm_context->transcript.message_c.buffer_size =
665 : spdm_context->transcript.message_c.max_buffer_size;
666 : spdm_context->transcript.message_mut_b.buffer_size =
667 : spdm_context->transcript.message_mut_b.max_buffer_size;
668 : spdm_context->transcript.message_mut_c.buffer_size =
669 : spdm_context->transcript.message_mut_c.max_buffer_size;
670 : #endif
671 :
672 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
673 : m_libspdm_key_exchange_request1.random_data);
674 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
675 1 : m_libspdm_key_exchange_request1.reserved = 0;
676 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
677 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
678 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
679 : false);
680 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
681 1 : ptr += dhe_key_size;
682 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
683 1 : opaque_key_exchange_req_size =
684 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
685 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
686 1 : ptr += sizeof(uint16_t);
687 1 : libspdm_build_opaque_data_supported_version_data(
688 : spdm_context, &opaque_key_exchange_req_size, ptr);
689 1 : ptr += opaque_key_exchange_req_size;
690 1 : response_size = sizeof(response);
691 1 : status = libspdm_get_response_key_exchange(
692 : spdm_context, m_libspdm_key_exchange_request1_size,
693 : &m_libspdm_key_exchange_request1, &response_size, response);
694 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
695 1 : assert_int_equal(
696 : libspdm_secured_message_get_session_state(
697 : spdm_context->session_info[0].secured_message_context),
698 : LIBSPDM_SESSION_STATE_HANDSHAKING);
699 1 : spdm_response = (void *)response;
700 1 : assert_int_equal(spdm_response->header.request_response_code,
701 : SPDM_KEY_EXCHANGE_RSP);
702 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
703 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
704 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
705 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
706 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
707 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
708 : #endif
709 :
710 1 : free(data1);
711 1 : }
712 :
713 1 : void libspdm_test_responder_key_exchange_case8(void **state)
714 : {
715 : libspdm_return_t status;
716 : libspdm_test_context_t *spdm_test_context;
717 : libspdm_context_t *spdm_context;
718 : size_t response_size;
719 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
720 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
721 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
722 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
723 : uint32_t measurement_summary_hash_size;
724 : spdm_key_exchange_response_t *spdm_response;
725 : void *data1;
726 : size_t data_size1;
727 : uint8_t *ptr;
728 : size_t dhe_key_size;
729 : void *dhe_context;
730 : size_t opaque_key_exchange_req_size;
731 : bool result;
732 :
733 1 : spdm_test_context = *state;
734 1 : spdm_context = spdm_test_context->spdm_context;
735 1 : spdm_test_context->case_id = 0x8;
736 :
737 : /* Clear previous sessions */
738 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
739 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
740 : }
741 :
742 1 : spdm_context->connection_info.connection_state =
743 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
744 1 : spdm_context->connection_info.capability.flags |=
745 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
746 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
747 1 : spdm_context->local_context.capability.flags |=
748 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
749 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
750 1 : spdm_context->local_context.capability.flags |=
751 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
752 1 : spdm_context->connection_info.algorithm.base_hash_algo =
753 : m_libspdm_use_hash_algo;
754 1 : spdm_context->connection_info.algorithm.base_asym_algo =
755 : m_libspdm_use_asym_algo;
756 1 : spdm_context->connection_info.algorithm.measurement_spec =
757 : m_libspdm_use_measurement_spec;
758 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
759 : m_libspdm_use_measurement_hash_algo;
760 1 : spdm_context->connection_info.algorithm.dhe_named_group =
761 : m_libspdm_use_dhe_algo;
762 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
763 : m_libspdm_use_aead_algo;
764 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
765 : SPDM_VERSION_NUMBER_SHIFT_BIT;
766 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
767 : m_libspdm_use_asym_algo, &data1,
768 : &data_size1, NULL, NULL);
769 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
770 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
771 : data_size1;
772 :
773 1 : libspdm_reset_message_a(spdm_context);
774 1 : spdm_context->local_context.mut_auth_requested = 0;
775 :
776 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
777 : m_libspdm_key_exchange_request3.random_data);
778 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
779 1 : m_libspdm_key_exchange_request3.reserved = 0;
780 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
781 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
782 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
783 : false);
784 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
785 1 : ptr += dhe_key_size;
786 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
787 1 : opaque_key_exchange_req_size =
788 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
789 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
790 1 : ptr += sizeof(uint16_t);
791 1 : libspdm_build_opaque_data_supported_version_data(
792 : spdm_context, &opaque_key_exchange_req_size, ptr);
793 1 : ptr += opaque_key_exchange_req_size;
794 1 : response_size = sizeof(response);
795 1 : status = libspdm_get_response_key_exchange(
796 : spdm_context, m_libspdm_key_exchange_request3_size,
797 : &m_libspdm_key_exchange_request3, &response_size, response);
798 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
799 1 : assert_int_equal(
800 : libspdm_secured_message_get_session_state(
801 : spdm_context->session_info[0].secured_message_context),
802 : LIBSPDM_SESSION_STATE_HANDSHAKING);
803 1 : spdm_response = (void *)response;
804 1 : assert_int_equal(spdm_response->header.request_response_code,
805 : SPDM_KEY_EXCHANGE_RSP);
806 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
807 :
808 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
809 1 : spdm_context, false, m_libspdm_key_exchange_request3.header.param1);
810 :
811 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
812 1 : result = libspdm_generate_measurement_summary_hash(
813 : spdm_context,
814 1 : spdm_context->connection_info.version,
815 : spdm_context->connection_info.algorithm.base_hash_algo,
816 1 : spdm_context->connection_info.algorithm.measurement_spec,
817 : spdm_context->connection_info.algorithm.measurement_hash_algo,
818 1 : m_libspdm_key_exchange_request3.header.param1,
819 : measurement_hash,
820 : measurement_summary_hash_size);
821 :
822 1 : assert_true(result);
823 :
824 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
825 : measurement_hash, measurement_summary_hash_size);
826 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
827 1 : free(data1);
828 1 : }
829 :
830 1 : void libspdm_test_responder_key_exchange_case9(void **state)
831 : {
832 : libspdm_return_t status;
833 : libspdm_test_context_t *spdm_test_context;
834 : libspdm_context_t *spdm_context;
835 : size_t response_size;
836 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
837 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
838 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
839 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
840 : uint32_t measurement_summary_hash_size;
841 : spdm_key_exchange_response_t *spdm_response;
842 : void *data1;
843 : size_t data_size1;
844 : uint8_t *ptr;
845 : size_t dhe_key_size;
846 : void *dhe_context;
847 : size_t opaque_key_exchange_req_size;
848 : uint32_t session_id;
849 : bool result;
850 :
851 1 : spdm_test_context = *state;
852 1 : spdm_context = spdm_test_context->spdm_context;
853 1 : spdm_test_context->case_id = 0x9;
854 :
855 : /* Clear previous sessions */
856 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
857 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
858 : }
859 :
860 1 : spdm_context->connection_info.connection_state =
861 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
862 1 : spdm_context->connection_info.capability.flags |=
863 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
864 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
865 1 : spdm_context->local_context.capability.flags |=
866 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
867 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
868 1 : spdm_context->local_context.capability.flags |=
869 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
870 1 : spdm_context->connection_info.algorithm.base_hash_algo =
871 : m_libspdm_use_hash_algo;
872 1 : spdm_context->connection_info.algorithm.base_asym_algo =
873 : m_libspdm_use_asym_algo;
874 1 : spdm_context->connection_info.algorithm.measurement_spec =
875 : m_libspdm_use_measurement_spec;
876 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
877 : m_libspdm_use_measurement_hash_algo;
878 1 : spdm_context->connection_info.algorithm.dhe_named_group =
879 : m_libspdm_use_dhe_algo;
880 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
881 : m_libspdm_use_aead_algo;
882 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
883 : SPDM_VERSION_NUMBER_SHIFT_BIT;
884 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
885 : m_libspdm_use_asym_algo, &data1,
886 : &data_size1, NULL, NULL);
887 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
888 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
889 : data_size1;
890 :
891 1 : libspdm_reset_message_a(spdm_context);
892 1 : spdm_context->local_context.mut_auth_requested = 0;
893 :
894 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
895 : m_libspdm_key_exchange_request4.random_data);
896 1 : m_libspdm_key_exchange_request4.req_session_id = 0xFFFF;
897 1 : m_libspdm_key_exchange_request4.reserved = 0;
898 1 : ptr = m_libspdm_key_exchange_request4.exchange_data;
899 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
900 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
901 : false);
902 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
903 1 : ptr += dhe_key_size;
904 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
905 1 : opaque_key_exchange_req_size =
906 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
907 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
908 1 : ptr += sizeof(uint16_t);
909 1 : libspdm_build_opaque_data_supported_version_data(
910 : spdm_context, &opaque_key_exchange_req_size, ptr);
911 1 : ptr += opaque_key_exchange_req_size;
912 1 : response_size = sizeof(response);
913 1 : status = libspdm_get_response_key_exchange(
914 : spdm_context, m_libspdm_key_exchange_request4_size,
915 : &m_libspdm_key_exchange_request4, &response_size, response);
916 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
917 1 : assert_int_equal(
918 : libspdm_secured_message_get_session_state(
919 : spdm_context->session_info[0].secured_message_context),
920 : LIBSPDM_SESSION_STATE_HANDSHAKING);
921 1 : spdm_response = (void *)response;
922 1 : assert_int_equal(spdm_response->header.request_response_code,
923 : SPDM_KEY_EXCHANGE_RSP);
924 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
925 :
926 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
927 1 : spdm_context, false, m_libspdm_key_exchange_request4.header.param1);
928 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
929 1 : result = libspdm_generate_measurement_summary_hash(
930 : spdm_context,
931 1 : spdm_context->connection_info.version,
932 : spdm_context->connection_info.algorithm.base_hash_algo,
933 1 : spdm_context->connection_info.algorithm.measurement_spec,
934 : spdm_context->connection_info.algorithm.measurement_hash_algo,
935 1 : m_libspdm_key_exchange_request4.header.param1,
936 : measurement_hash,
937 : measurement_summary_hash_size);
938 :
939 1 : assert_true(result);
940 :
941 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
942 : measurement_hash, measurement_summary_hash_size);
943 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
944 :
945 1 : session_id = (m_libspdm_key_exchange_request4.req_session_id << 16) |
946 1 : spdm_response->rsp_session_id;
947 1 : libspdm_free_session_id(spdm_context, session_id);
948 :
949 1 : free(data1);
950 1 : }
951 :
952 1 : void libspdm_test_responder_key_exchange_case10(void **state)
953 : {
954 : libspdm_return_t status;
955 : libspdm_test_context_t *spdm_test_context;
956 : libspdm_context_t *spdm_context;
957 : size_t response_size;
958 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
959 : spdm_key_exchange_response_t *spdm_response;
960 : void *data1;
961 : size_t data_size1;
962 : uint8_t *ptr;
963 : size_t dhe_key_size;
964 : void *dhe_context;
965 : size_t opaque_key_exchange_req_size;
966 :
967 1 : spdm_test_context = *state;
968 1 : spdm_context = spdm_test_context->spdm_context;
969 1 : spdm_test_context->case_id = 0xA;
970 :
971 : /* Clear previous sessions */
972 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
973 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
974 : }
975 :
976 1 : spdm_context->connection_info.connection_state =
977 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
978 1 : spdm_context->connection_info.capability.flags |=
979 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
980 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
981 1 : spdm_context->local_context.capability.flags |=
982 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
983 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
984 1 : spdm_context->local_context.capability.flags |=
985 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
986 1 : spdm_context->connection_info.algorithm.base_hash_algo =
987 : m_libspdm_use_hash_algo;
988 1 : spdm_context->connection_info.algorithm.base_asym_algo =
989 : m_libspdm_use_asym_algo;
990 1 : spdm_context->connection_info.algorithm.measurement_spec =
991 : m_libspdm_use_measurement_spec;
992 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
993 : m_libspdm_use_measurement_hash_algo;
994 1 : spdm_context->connection_info.algorithm.dhe_named_group =
995 : m_libspdm_use_dhe_algo;
996 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
997 : m_libspdm_use_aead_algo;
998 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
999 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1000 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1001 : m_libspdm_use_asym_algo, &data1,
1002 : &data_size1, NULL, NULL);
1003 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1004 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1005 : data_size1;
1006 :
1007 1 : libspdm_reset_message_a(spdm_context);
1008 1 : spdm_context->local_context.mut_auth_requested = 0;
1009 :
1010 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1011 : m_libspdm_key_exchange_request5.random_data);
1012 1 : m_libspdm_key_exchange_request5.req_session_id = 0xFFFF;
1013 1 : m_libspdm_key_exchange_request5.reserved = 0;
1014 1 : ptr = m_libspdm_key_exchange_request5.exchange_data;
1015 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1016 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1017 : false);
1018 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1019 1 : ptr += dhe_key_size;
1020 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1021 1 : opaque_key_exchange_req_size =
1022 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1023 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1024 1 : ptr += sizeof(uint16_t);
1025 1 : libspdm_build_opaque_data_supported_version_data(
1026 : spdm_context, &opaque_key_exchange_req_size, ptr);
1027 1 : ptr += opaque_key_exchange_req_size;
1028 1 : response_size = sizeof(response);
1029 1 : status = libspdm_get_response_key_exchange(
1030 : spdm_context, m_libspdm_key_exchange_request5_size,
1031 : &m_libspdm_key_exchange_request5, &response_size, response);
1032 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1033 :
1034 1 : spdm_response = (void *)response;
1035 1 : assert_int_equal(spdm_response->header.request_response_code,
1036 : SPDM_ERROR);
1037 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1038 :
1039 1 : free(data1);
1040 1 : }
1041 :
1042 1 : void libspdm_test_responder_key_exchange_case11(void **state)
1043 : {
1044 : libspdm_return_t status;
1045 : libspdm_test_context_t *spdm_test_context;
1046 : libspdm_context_t *spdm_context;
1047 : size_t response_size;
1048 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1049 : spdm_key_exchange_response_t *spdm_response;
1050 : void *data1;
1051 : size_t data_size1;
1052 : uint8_t *ptr;
1053 : size_t dhe_key_size;
1054 : void *dhe_context;
1055 : size_t opaque_key_exchange_req_size;
1056 :
1057 1 : spdm_test_context = *state;
1058 1 : spdm_context = spdm_test_context->spdm_context;
1059 1 : spdm_test_context->case_id = 0xB;
1060 :
1061 : /* Clear previous sessions */
1062 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1063 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1064 : }
1065 :
1066 1 : spdm_context->connection_info.connection_state =
1067 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1068 :
1069 : /* Clear capabilities flag */
1070 1 : spdm_context->local_context.capability.flags &=
1071 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
1072 :
1073 : /*set capabilities flags */
1074 1 : spdm_context->connection_info.capability.flags |=
1075 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1076 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1077 1 : spdm_context->local_context.capability.flags |=
1078 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1079 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1080 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1081 : m_libspdm_use_hash_algo;
1082 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1083 : m_libspdm_use_asym_algo;
1084 1 : spdm_context->connection_info.algorithm.measurement_spec =
1085 : m_libspdm_use_measurement_spec;
1086 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1087 : m_libspdm_use_measurement_hash_algo;
1088 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1089 : m_libspdm_use_dhe_algo;
1090 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1091 : m_libspdm_use_aead_algo;
1092 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1093 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1094 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1095 : m_libspdm_use_asym_algo, &data1,
1096 : &data_size1, NULL, NULL);
1097 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1098 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1099 : data_size1;
1100 :
1101 1 : libspdm_reset_message_a(spdm_context);
1102 1 : spdm_context->local_context.mut_auth_requested = 0;
1103 :
1104 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1105 : m_libspdm_key_exchange_request3.random_data);
1106 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
1107 1 : m_libspdm_key_exchange_request3.reserved = 0;
1108 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
1109 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1110 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1111 : false);
1112 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1113 1 : ptr += dhe_key_size;
1114 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1115 1 : opaque_key_exchange_req_size =
1116 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1117 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1118 1 : ptr += sizeof(uint16_t);
1119 1 : libspdm_build_opaque_data_supported_version_data(
1120 : spdm_context, &opaque_key_exchange_req_size, ptr);
1121 1 : ptr += opaque_key_exchange_req_size;
1122 1 : response_size = sizeof(response);
1123 1 : status = libspdm_get_response_key_exchange(
1124 : spdm_context, m_libspdm_key_exchange_request3_size,
1125 : &m_libspdm_key_exchange_request3, &response_size, response);
1126 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1127 :
1128 1 : spdm_response = (void *)response;
1129 1 : assert_int_equal(spdm_response->header.request_response_code,
1130 : SPDM_ERROR);
1131 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1132 :
1133 1 : free(data1);
1134 1 : }
1135 :
1136 1 : void libspdm_test_responder_key_exchange_case14(void **state)
1137 : {
1138 : libspdm_return_t status;
1139 : libspdm_test_context_t *spdm_test_context;
1140 : libspdm_context_t *spdm_context;
1141 : size_t response_size;
1142 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1143 : spdm_key_exchange_response_t *spdm_response;
1144 : void *data1;
1145 : size_t data_size1;
1146 : void *data2;
1147 : size_t data_size2;
1148 : uint8_t *ptr;
1149 : size_t dhe_key_size;
1150 : void *dhe_context;
1151 : size_t opaque_key_exchange_req_size;
1152 :
1153 1 : spdm_test_context = *state;
1154 1 : spdm_context = spdm_test_context->spdm_context;
1155 1 : spdm_test_context->case_id = 0xE;
1156 :
1157 : /* Clear previous sessions */
1158 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1159 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1160 : }
1161 :
1162 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1163 1 : spdm_context->connection_info.capability.flags =
1164 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1165 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1166 1 : spdm_context->local_context.capability.flags =
1167 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1168 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1169 1 : spdm_context->connection_info.capability.flags |=
1170 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
1171 1 : spdm_context->local_context.capability.flags |=
1172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
1173 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1174 : m_libspdm_use_hash_algo;
1175 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1176 : m_libspdm_use_asym_algo;
1177 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
1178 : m_libspdm_use_req_asym_algo;
1179 1 : spdm_context->connection_info.algorithm.measurement_spec =
1180 : m_libspdm_use_measurement_spec;
1181 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1182 : m_libspdm_use_measurement_hash_algo;
1183 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1184 : m_libspdm_use_dhe_algo;
1185 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1186 : m_libspdm_use_aead_algo;
1187 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1188 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1189 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1);
1190 1 : spdm_context->local_context.local_public_key_provision = data1;
1191 1 : spdm_context->local_context.local_public_key_provision_size = data_size1;
1192 1 : libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2);
1193 1 : spdm_context->local_context.peer_public_key_provision = data2;
1194 1 : spdm_context->local_context.peer_public_key_provision_size = data_size2;
1195 :
1196 1 : libspdm_reset_message_a(spdm_context);
1197 1 : spdm_context->local_context.mut_auth_requested = 0;
1198 :
1199 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1200 : m_libspdm_key_exchange_request7.random_data);
1201 1 : m_libspdm_key_exchange_request7.req_session_id = 0xFFFF;
1202 1 : m_libspdm_key_exchange_request7.reserved = 0;
1203 1 : ptr = m_libspdm_key_exchange_request7.exchange_data;
1204 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1205 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1206 : false);
1207 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1208 1 : ptr += dhe_key_size;
1209 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1210 1 : opaque_key_exchange_req_size =
1211 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1212 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1213 1 : ptr += sizeof(uint16_t);
1214 1 : libspdm_build_opaque_data_supported_version_data(
1215 : spdm_context, &opaque_key_exchange_req_size, ptr);
1216 1 : ptr += opaque_key_exchange_req_size;
1217 1 : response_size = sizeof(response);
1218 1 : status = libspdm_get_response_key_exchange(
1219 : spdm_context, m_libspdm_key_exchange_request7_size,
1220 : &m_libspdm_key_exchange_request7, &response_size, response);
1221 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1222 1 : assert_int_equal(
1223 : libspdm_secured_message_get_session_state(
1224 : spdm_context->session_info[0].secured_message_context),
1225 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1226 1 : spdm_response = (void *)response;
1227 1 : assert_int_equal(spdm_response->header.request_response_code,
1228 : SPDM_KEY_EXCHANGE_RSP);
1229 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1230 1 : free(data1);
1231 1 : free(data2);
1232 1 : }
1233 :
1234 1 : void libspdm_test_responder_key_exchange_case15(void **state)
1235 : {
1236 : libspdm_return_t status;
1237 : libspdm_test_context_t *spdm_test_context;
1238 : libspdm_context_t *spdm_context;
1239 : size_t response_size;
1240 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1241 : spdm_key_exchange_response_t *spdm_response;
1242 : void *data1;
1243 : size_t data_size1;
1244 : uint8_t *ptr;
1245 : size_t dhe_key_size;
1246 : void *dhe_context;
1247 : size_t opaque_key_exchange_req_size;
1248 : size_t opaque_key_exchange_rsp_size;
1249 :
1250 1 : spdm_test_context = *state;
1251 1 : spdm_context = spdm_test_context->spdm_context;
1252 1 : spdm_test_context->case_id = 0xF;
1253 :
1254 : /* Clear previous sessions */
1255 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1256 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1257 : }
1258 :
1259 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1260 1 : spdm_context->connection_info.capability.flags =
1261 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1262 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1263 1 : spdm_context->local_context.capability.flags =
1264 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1265 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1266 1 : spdm_context->connection_info.capability.flags |=
1267 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1268 1 : spdm_context->local_context.capability.flags |=
1269 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP |
1270 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1271 :
1272 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1273 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1274 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1275 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1276 : m_libspdm_use_measurement_hash_algo;
1277 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1278 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1279 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1280 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1281 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1282 : m_libspdm_use_asym_algo, &data1,
1283 : &data_size1, NULL, NULL);
1284 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1285 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1286 :
1287 1 : libspdm_reset_message_a(spdm_context);
1288 1 : spdm_context->local_context.mut_auth_requested = 0;
1289 :
1290 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1291 : m_libspdm_key_exchange_request1.random_data);
1292 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1293 1 : m_libspdm_key_exchange_request1.reserved = 0;
1294 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1295 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1296 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1297 : false);
1298 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1299 1 : ptr += dhe_key_size;
1300 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1301 1 : opaque_key_exchange_req_size =
1302 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1303 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1304 1 : ptr += sizeof(uint16_t);
1305 1 : libspdm_build_opaque_data_supported_version_data(
1306 : spdm_context, &opaque_key_exchange_req_size, ptr);
1307 1 : ptr += opaque_key_exchange_req_size;
1308 1 : response_size = sizeof(response);
1309 :
1310 : /* Required to compute response size independently */
1311 : opaque_key_exchange_rsp_size =
1312 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
1313 :
1314 1 : status = libspdm_get_response_key_exchange(
1315 : spdm_context, m_libspdm_key_exchange_request1_size,
1316 : &m_libspdm_key_exchange_request1, &response_size, response);
1317 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1318 1 : assert_int_equal(
1319 : libspdm_secured_message_get_session_state(
1320 : spdm_context->session_info[0].secured_message_context),
1321 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1322 1 : spdm_response = (void *)response;
1323 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1324 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1325 1 : assert_int_equal(response_size,
1326 : sizeof(spdm_key_exchange_response_t) +
1327 : dhe_key_size +
1328 : sizeof(uint16_t) +
1329 : opaque_key_exchange_rsp_size +
1330 : libspdm_get_asym_signature_size(
1331 : spdm_context->connection_info.algorithm.base_asym_algo)
1332 : );
1333 :
1334 1 : free(data1);
1335 1 : }
1336 :
1337 1 : void libspdm_test_responder_key_exchange_case16(void **state)
1338 : {
1339 : libspdm_return_t status;
1340 : libspdm_test_context_t *spdm_test_context;
1341 : libspdm_context_t *spdm_context;
1342 : size_t current_request_size;
1343 : size_t response_size;
1344 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1345 : spdm_key_exchange_response_t *spdm_response;
1346 : void *data1;
1347 : size_t data_size1;
1348 : uint8_t *ptr;
1349 : size_t dhe_key_size;
1350 : void *dhe_context;
1351 : size_t opaque_key_exchange_req_size;
1352 :
1353 1 : spdm_test_context = *state;
1354 1 : spdm_context = spdm_test_context->spdm_context;
1355 1 : spdm_test_context->case_id = 0x10;
1356 :
1357 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1358 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1359 : }
1360 :
1361 1 : spdm_context->connection_info.connection_state =
1362 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1363 1 : spdm_context->connection_info.capability.flags |=
1364 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1365 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1366 1 : spdm_context->local_context.capability.flags |=
1367 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1368 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1369 :
1370 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1371 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1372 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1373 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1374 : m_libspdm_use_measurement_hash_algo;
1375 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1376 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1377 :
1378 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1379 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1380 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1381 : m_libspdm_use_asym_algo, &data1,
1382 : &data_size1, NULL, NULL);
1383 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1384 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1385 :
1386 1 : libspdm_reset_message_a(spdm_context);
1387 1 : spdm_context->local_context.mut_auth_requested = 0;
1388 :
1389 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1390 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1391 1 : m_libspdm_key_exchange_request1.reserved = 0;
1392 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1393 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1394 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1395 : false);
1396 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1397 1 : ptr += dhe_key_size;
1398 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1399 1 : opaque_key_exchange_req_size =
1400 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1401 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1402 1 : ptr += sizeof(uint16_t);
1403 1 : libspdm_build_opaque_data_supported_version_data(
1404 : spdm_context, &opaque_key_exchange_req_size, ptr);
1405 1 : ptr += opaque_key_exchange_req_size;
1406 :
1407 1 : current_request_size = sizeof(spdm_key_exchange_request_t) + dhe_key_size +
1408 1 : sizeof(uint16_t) + opaque_key_exchange_req_size;
1409 1 : response_size = sizeof(response);
1410 1 : status = libspdm_get_response_key_exchange(
1411 : spdm_context, current_request_size, &m_libspdm_key_exchange_request1,
1412 : &response_size, response);
1413 :
1414 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1415 1 : assert_int_equal(
1416 : libspdm_secured_message_get_session_state(
1417 : spdm_context->session_info[0].secured_message_context),
1418 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1419 1 : spdm_response = (void *)response;
1420 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1421 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1422 :
1423 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1424 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
1425 : current_request_size + response_size);
1426 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
1427 : &m_libspdm_key_exchange_request1, current_request_size);
1428 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer +
1429 : current_request_size,
1430 : response, response_size);
1431 : #endif
1432 1 : free(data1);
1433 1 : }
1434 :
1435 1 : void libspdm_test_responder_key_exchange_case17(void **state)
1436 : {
1437 : libspdm_return_t status;
1438 : libspdm_test_context_t *spdm_test_context;
1439 : libspdm_context_t *spdm_context;
1440 : size_t response_size;
1441 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1442 : spdm_key_exchange_response_t *spdm_response;
1443 : void *data1;
1444 : size_t data_size1;
1445 : uint8_t *ptr;
1446 : size_t dhe_key_size;
1447 : void *dhe_context;
1448 : size_t opaque_key_exchange_req_size;
1449 :
1450 1 : spdm_test_context = *state;
1451 1 : spdm_context = spdm_test_context->spdm_context;
1452 1 : spdm_test_context->case_id = 0x11;
1453 1 : spdm_context->connection_info.connection_state =
1454 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1455 1 : spdm_context->connection_info.capability.flags |=
1456 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1457 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1458 1 : spdm_context->local_context.capability.flags |=
1459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1460 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1461 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1462 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1463 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1464 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1465 : m_libspdm_use_measurement_hash_algo;
1466 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1467 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1468 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1469 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1470 1 : spdm_context->connection_info.algorithm.other_params_support =
1471 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1472 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1473 :
1474 1 : libspdm_session_info_init(spdm_context,
1475 1 : spdm_context->session_info,
1476 : INVALID_SESSION_ID, false);
1477 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1478 : m_libspdm_use_asym_algo, &data1,
1479 : &data_size1, NULL, NULL);
1480 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1481 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1482 :
1483 1 : libspdm_reset_message_a(spdm_context);
1484 1 : spdm_context->local_context.mut_auth_requested = 0;
1485 :
1486 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1487 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1488 1 : m_libspdm_key_exchange_request8.reserved = 0;
1489 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1490 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1491 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1492 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1493 : false);
1494 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1495 1 : ptr += dhe_key_size;
1496 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1497 1 : opaque_key_exchange_req_size =
1498 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1499 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1500 1 : ptr += sizeof(uint16_t);
1501 1 : libspdm_build_opaque_data_supported_version_data(
1502 : spdm_context, &opaque_key_exchange_req_size, ptr);
1503 1 : ptr += opaque_key_exchange_req_size;
1504 1 : response_size = sizeof(response);
1505 1 : status = libspdm_get_response_key_exchange(
1506 : spdm_context, m_libspdm_key_exchange_request8_size,
1507 : &m_libspdm_key_exchange_request8, &response_size, response);
1508 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1509 : m_libspdm_key_exchange_request8.session_policy);
1510 1 : spdm_response = (void *)response;
1511 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1512 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1513 1 : assert_int_equal(
1514 : libspdm_secured_message_get_session_state(
1515 : spdm_context->session_info[0].secured_message_context),
1516 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1517 1 : spdm_response = (void *)response;
1518 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1519 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1520 1 : free(data1);
1521 1 : }
1522 :
1523 : /**
1524 : * Test 18: SlotID in KEY_EXCHANGE request message is 9, but it should be 0xFF or between 0 and 7 inclusive.
1525 : * Expected Behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
1526 : **/
1527 1 : void libspdm_test_responder_key_exchange_case18(void **state)
1528 : {
1529 : libspdm_return_t status;
1530 : libspdm_test_context_t *spdm_test_context;
1531 : libspdm_context_t *spdm_context;
1532 : size_t response_size;
1533 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1534 : spdm_key_exchange_response_t *spdm_response;
1535 : void *data1;
1536 : size_t data_size1;
1537 : uint8_t *ptr;
1538 : size_t dhe_key_size;
1539 : void *dhe_context;
1540 : size_t opaque_key_exchange_req_size;
1541 :
1542 1 : spdm_test_context = *state;
1543 1 : spdm_context = spdm_test_context->spdm_context;
1544 1 : spdm_test_context->case_id = 0x12;
1545 1 : spdm_context->connection_info.connection_state =
1546 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1547 1 : spdm_context->connection_info.capability.flags |=
1548 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1549 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1550 1 : spdm_context->local_context.capability.flags |=
1551 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1552 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1553 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1554 : m_libspdm_use_hash_algo;
1555 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1556 : m_libspdm_use_asym_algo;
1557 1 : spdm_context->connection_info.algorithm.measurement_spec =
1558 : m_libspdm_use_measurement_spec;
1559 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1560 : m_libspdm_use_measurement_hash_algo;
1561 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1562 : m_libspdm_use_dhe_algo;
1563 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1564 : m_libspdm_use_aead_algo;
1565 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1566 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1567 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1568 : m_libspdm_use_asym_algo, &data1,
1569 : &data_size1, NULL, NULL);
1570 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1571 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1572 : data_size1;
1573 :
1574 1 : libspdm_reset_message_a(spdm_context);
1575 1 : spdm_context->local_context.mut_auth_requested = 0;
1576 :
1577 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1578 :
1579 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1580 : m_libspdm_key_exchange_request9.random_data);
1581 1 : m_libspdm_key_exchange_request9.req_session_id = 0xFFFF;
1582 1 : m_libspdm_key_exchange_request9.reserved = 0;
1583 1 : ptr = m_libspdm_key_exchange_request9.exchange_data;
1584 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1585 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1586 : false);
1587 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1588 1 : ptr += dhe_key_size;
1589 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1590 1 : opaque_key_exchange_req_size =
1591 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1592 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1593 1 : ptr += sizeof(uint16_t);
1594 1 : libspdm_build_opaque_data_supported_version_data(
1595 : spdm_context, &opaque_key_exchange_req_size, ptr);
1596 1 : ptr += opaque_key_exchange_req_size;
1597 1 : response_size = sizeof(response);
1598 1 : status = libspdm_get_response_key_exchange(
1599 : spdm_context, m_libspdm_key_exchange_request9_size,
1600 : &m_libspdm_key_exchange_request9, &response_size, response);
1601 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1602 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1603 1 : spdm_response = (void *)response;
1604 1 : assert_int_equal(spdm_response->header.request_response_code,
1605 : SPDM_ERROR);
1606 1 : assert_int_equal(spdm_response->header.param1,
1607 : SPDM_ERROR_CODE_INVALID_REQUEST);
1608 1 : assert_int_equal(spdm_response->header.param2, 0);
1609 1 : free(data1);
1610 1 : }
1611 :
1612 1 : void libspdm_test_responder_key_exchange_case19(void **state)
1613 : {
1614 : libspdm_return_t status;
1615 : libspdm_test_context_t *spdm_test_context;
1616 : libspdm_context_t *spdm_context;
1617 : size_t response_size;
1618 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1619 : spdm_key_exchange_response_t *spdm_response;
1620 : void *data1;
1621 : size_t data_size1;
1622 : uint8_t *ptr;
1623 : size_t dhe_key_size;
1624 : void *dhe_context;
1625 :
1626 1 : spdm_test_context = *state;
1627 1 : spdm_context = spdm_test_context->spdm_context;
1628 1 : spdm_test_context->case_id = 0x13;
1629 1 : spdm_context->response_state = 0;
1630 1 : spdm_context->connection_info.connection_state =
1631 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1632 1 : spdm_context->connection_info.capability.flags = 0;
1633 1 : spdm_context->connection_info.capability.flags |=
1634 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1635 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1636 1 : spdm_context->local_context.capability.flags = 0;
1637 1 : spdm_context->local_context.capability.flags |=
1638 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1639 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1640 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1641 : m_libspdm_use_hash_algo;
1642 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1643 : m_libspdm_use_asym_algo;
1644 1 : spdm_context->connection_info.algorithm.measurement_spec =
1645 : m_libspdm_use_measurement_spec;
1646 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1647 : m_libspdm_use_measurement_hash_algo;
1648 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1649 : m_libspdm_use_dhe_algo;
1650 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1651 : m_libspdm_use_aead_algo;
1652 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1653 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1654 1 : spdm_context->connection_info.algorithm.other_params_support =
1655 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1656 :
1657 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1658 : m_libspdm_use_asym_algo, &data1,
1659 : &data_size1, NULL, NULL);
1660 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1661 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1662 : data_size1;
1663 :
1664 1 : libspdm_reset_message_a(spdm_context);
1665 1 : spdm_context->local_context.mut_auth_requested = 0;
1666 :
1667 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1668 :
1669 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1670 : m_libspdm_key_exchange_request8.random_data);
1671 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1672 1 : m_libspdm_key_exchange_request8.reserved = 0;
1673 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1674 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1675 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1676 : false);
1677 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1678 1 : ptr += dhe_key_size;
1679 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1680 :
1681 : size_t opaque_data_size;
1682 : spdm_general_opaque_data_table_header_t
1683 : *spdm_general_opaque_data_table_header;
1684 : secured_message_opaque_element_table_header_t
1685 : *opaque_element_table_header;
1686 : secured_message_opaque_element_header_t
1687 : * secured_message_element_header;
1688 : uint8_t element_num;
1689 : uint8_t element_index;
1690 : size_t current_element_len;
1691 :
1692 1 : spdm_general_opaque_data_table_header =
1693 : (spdm_general_opaque_data_table_header_t *)(ptr + sizeof(uint16_t));
1694 1 : spdm_general_opaque_data_table_header->total_elements = 2;
1695 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1696 :
1697 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1698 1 : opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1699 :
1700 3 : for (element_index = 0; element_index < element_num; element_index++) {
1701 2 : opaque_element_table_header->id = SPDM_REGISTRY_ID_DMTF;
1702 2 : opaque_element_table_header->vendor_len = 0;
1703 : /* When opaque_element_data_len is not four byte aligned*/
1704 2 : opaque_element_table_header->opaque_element_data_len = 0xF;
1705 :
1706 2 : secured_message_element_header = (void *)(opaque_element_table_header + 1);
1707 2 : secured_message_element_header->sm_data_id =
1708 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_ID_SUPPORTED_VERSION;
1709 2 : secured_message_element_header->sm_data_version =
1710 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_DATA_VERSION;
1711 :
1712 2 : current_element_len = sizeof(secured_message_opaque_element_table_header_t) +
1713 2 : opaque_element_table_header->vendor_len +
1714 2 : sizeof(opaque_element_table_header->opaque_element_data_len) +
1715 2 : opaque_element_table_header->opaque_element_data_len;
1716 :
1717 : /*move to next element*/
1718 2 : opaque_element_table_header =
1719 : (secured_message_opaque_element_table_header_t *)
1720 : ((uint8_t *)opaque_element_table_header +
1721 : current_element_len);
1722 :
1723 2 : opaque_data_size += current_element_len;
1724 : }
1725 :
1726 1 : *(uint16_t *)ptr = (uint16_t)opaque_data_size;
1727 :
1728 1 : response_size = sizeof(response);
1729 1 : status = libspdm_get_response_key_exchange(
1730 : spdm_context, m_libspdm_key_exchange_request8_size,
1731 : &m_libspdm_key_exchange_request8, &response_size, response);
1732 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1733 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1734 1 : spdm_response = (void *)response;
1735 1 : assert_int_equal(spdm_response->header.request_response_code,
1736 : SPDM_ERROR);
1737 1 : assert_int_equal(spdm_response->header.param1,
1738 : SPDM_ERROR_CODE_INVALID_REQUEST);
1739 1 : assert_int_equal(spdm_response->header.param2, 0);
1740 1 : free(data1);
1741 1 : }
1742 :
1743 1 : void libspdm_test_responder_key_exchange_case20(void **state)
1744 : {
1745 : libspdm_return_t status;
1746 : libspdm_test_context_t *spdm_test_context;
1747 : libspdm_context_t *spdm_context;
1748 : size_t response_size;
1749 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1750 : spdm_key_exchange_response_t *spdm_response;
1751 : void *data1;
1752 : size_t data_size1;
1753 : uint8_t *ptr;
1754 : size_t dhe_key_size;
1755 : void *dhe_context;
1756 : size_t opaque_key_exchange_req_size;
1757 :
1758 1 : spdm_test_context = *state;
1759 1 : spdm_context = spdm_test_context->spdm_context;
1760 1 : spdm_test_context->case_id = 0x14;
1761 1 : spdm_context->connection_info.connection_state =
1762 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1763 1 : spdm_context->connection_info.capability.flags =
1764 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1765 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1766 1 : spdm_context->local_context.capability.flags =
1767 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1768 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1769 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1770 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1771 : m_libspdm_use_hash_algo;
1772 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1773 : m_libspdm_use_asym_algo;
1774 1 : spdm_context->connection_info.algorithm.measurement_spec =
1775 : m_libspdm_use_measurement_spec;
1776 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1777 : m_libspdm_use_measurement_hash_algo;
1778 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1779 : m_libspdm_use_dhe_algo;
1780 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1781 : m_libspdm_use_aead_algo;
1782 1 : spdm_context->connection_info.algorithm.other_params_support =
1783 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1784 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1785 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1786 :
1787 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1788 :
1789 1 : libspdm_session_info_init(spdm_context,
1790 1 : spdm_context->session_info,
1791 : INVALID_SESSION_ID, false);
1792 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1793 : m_libspdm_use_asym_algo, &data1,
1794 : &data_size1, NULL, NULL);
1795 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1796 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1797 :
1798 1 : libspdm_reset_message_a(spdm_context);
1799 1 : spdm_context->local_context.mut_auth_requested = 0;
1800 :
1801 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1802 : m_libspdm_key_exchange_request8.random_data);
1803 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1804 1 : m_libspdm_key_exchange_request8.reserved = 0;
1805 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1806 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1807 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1808 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1809 : false);
1810 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1811 1 : ptr += dhe_key_size;
1812 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1813 1 : opaque_key_exchange_req_size =
1814 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1815 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1816 1 : ptr += sizeof(uint16_t);
1817 1 : libspdm_build_opaque_data_supported_version_data(
1818 : spdm_context, &opaque_key_exchange_req_size, ptr);
1819 1 : ptr += opaque_key_exchange_req_size;
1820 1 : response_size = sizeof(response);
1821 1 : status = libspdm_get_response_key_exchange(
1822 : spdm_context, m_libspdm_key_exchange_request8_size,
1823 : &m_libspdm_key_exchange_request8, &response_size, response);
1824 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1825 : m_libspdm_key_exchange_request8.session_policy);
1826 1 : spdm_response = (void *)response;
1827 1 : assert_int_equal(spdm_response->header.spdm_version,
1828 : SPDM_MESSAGE_VERSION_12);
1829 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1830 1 : assert_int_equal(
1831 : libspdm_secured_message_get_session_state(
1832 : spdm_context->session_info[0].secured_message_context),
1833 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1834 1 : spdm_response = (void *)response;
1835 1 : assert_int_equal(spdm_response->header.request_response_code,
1836 : SPDM_KEY_EXCHANGE_RSP);
1837 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1838 1 : free(data1);
1839 1 : }
1840 :
1841 : /**
1842 : * Test 21: The key usage bit mask is not set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot
1843 : * Expected Behavior: get a SPDM_ERROR_CODE_INVALID_REQUEST return code
1844 : **/
1845 1 : void libspdm_test_responder_key_exchange_case21(void **state)
1846 : {
1847 : libspdm_return_t status;
1848 : libspdm_test_context_t *spdm_test_context;
1849 : libspdm_context_t *spdm_context;
1850 : size_t response_size;
1851 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1852 : spdm_key_exchange_response_t *spdm_response;
1853 : void *data1;
1854 : size_t data_size1;
1855 : uint8_t *ptr;
1856 : size_t dhe_key_size;
1857 : void *dhe_context;
1858 : size_t opaque_key_exchange_req_size;
1859 : uint8_t slot_id;
1860 :
1861 1 : spdm_test_context = *state;
1862 1 : spdm_context = spdm_test_context->spdm_context;
1863 1 : spdm_test_context->case_id = 0x15;
1864 1 : spdm_context->connection_info.connection_state =
1865 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1866 1 : spdm_context->connection_info.capability.flags |=
1867 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1868 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1869 1 : spdm_context->local_context.capability.flags |=
1870 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1871 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1872 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1873 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1874 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1875 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1876 : m_libspdm_use_measurement_hash_algo;
1877 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1878 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1879 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1880 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1881 1 : spdm_context->connection_info.algorithm.other_params_support =
1882 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1883 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1884 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
1885 :
1886 1 : libspdm_session_info_init(spdm_context,
1887 1 : spdm_context->session_info,
1888 : INVALID_SESSION_ID, false);
1889 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1890 : m_libspdm_use_asym_algo, &data1,
1891 : &data_size1, NULL, NULL);
1892 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1893 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1894 :
1895 1 : libspdm_reset_message_a(spdm_context);
1896 1 : spdm_context->local_context.mut_auth_requested = 0;
1897 :
1898 : /* If set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP can specify this certificate slot. If not set,
1899 : * the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot */
1900 1 : slot_id = 0;
1901 1 : m_libspdm_key_exchange_request10.header.param2 = slot_id;
1902 1 : spdm_context->local_context.local_key_usage_bit_mask[slot_id] =
1903 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
1904 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE;
1905 :
1906 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1907 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1908 1 : m_libspdm_key_exchange_request10.reserved = 0;
1909 1 : m_libspdm_key_exchange_request10.session_policy = 0xFF;
1910 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1911 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1912 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1913 : false);
1914 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1915 1 : ptr += dhe_key_size;
1916 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1917 1 : opaque_key_exchange_req_size =
1918 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1919 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1920 1 : ptr += sizeof(uint16_t);
1921 1 : libspdm_build_opaque_data_supported_version_data(
1922 : spdm_context, &opaque_key_exchange_req_size, ptr);
1923 1 : ptr += opaque_key_exchange_req_size;
1924 1 : response_size = sizeof(response);
1925 1 : status = libspdm_get_response_key_exchange(
1926 : spdm_context, m_libspdm_key_exchange_request10_size,
1927 : &m_libspdm_key_exchange_request10, &response_size, response);
1928 :
1929 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1930 1 : assert_int_equal (response_size, sizeof(spdm_error_response_t));
1931 1 : spdm_response = (void *)response;
1932 1 : assert_int_equal (spdm_response->header.request_response_code, SPDM_ERROR);
1933 1 : assert_int_equal (spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1934 1 : assert_int_equal (spdm_response->header.param2, 0);
1935 :
1936 1 : free(data1);
1937 1 : }
1938 :
1939 : /**
1940 : * Test 21: The Requester subscribes to all events supported by the Responder.
1941 : * Expected Behavior: Responder successfully subscribes the Requester to all events.
1942 : **/
1943 1 : static void libspdm_test_responder_key_exchange_case22(void **state)
1944 : {
1945 : #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP
1946 : libspdm_return_t status;
1947 : libspdm_test_context_t *spdm_test_context;
1948 : libspdm_context_t *spdm_context;
1949 : size_t response_size;
1950 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1951 : spdm_key_exchange_response_t *spdm_response;
1952 : void *data1;
1953 : size_t data_size1;
1954 : uint8_t *ptr;
1955 : size_t dhe_key_size;
1956 : void *dhe_context;
1957 : size_t opaque_key_exchange_req_size;
1958 :
1959 1 : spdm_test_context = *state;
1960 1 : spdm_context = spdm_test_context->spdm_context;
1961 1 : spdm_test_context->case_id = 0x16;
1962 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1963 1 : spdm_context->connection_info.capability.flags |=
1964 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1965 1 : spdm_context->local_context.capability.flags |=
1966 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1967 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP;
1968 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1969 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1970 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1971 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1972 : m_libspdm_use_measurement_hash_algo;
1973 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1974 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1975 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1976 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1977 1 : spdm_context->connection_info.algorithm.other_params_support =
1978 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1979 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1980 1 : spdm_context->connection_info.multi_key_conn_rsp = false;
1981 :
1982 1 : libspdm_session_info_init(spdm_context, spdm_context->session_info, INVALID_SESSION_ID, false);
1983 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1984 : m_libspdm_use_asym_algo, &data1,
1985 : &data_size1, NULL, NULL);
1986 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1987 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1988 :
1989 1 : libspdm_reset_message_a(spdm_context);
1990 1 : spdm_context->local_context.mut_auth_requested = 0;
1991 :
1992 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1993 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1994 1 : m_libspdm_key_exchange_request10.reserved = 0;
1995 1 : m_libspdm_key_exchange_request10.session_policy =
1996 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_EVENT_ALL_POLICY;
1997 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1998 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1999 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2000 : false);
2001 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2002 1 : ptr += dhe_key_size;
2003 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2004 1 : opaque_key_exchange_req_size =
2005 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2006 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2007 1 : ptr += sizeof(uint16_t);
2008 1 : libspdm_build_opaque_data_supported_version_data(
2009 : spdm_context, &opaque_key_exchange_req_size, ptr);
2010 1 : ptr += opaque_key_exchange_req_size;
2011 1 : response_size = sizeof(response);
2012 :
2013 1 : status = libspdm_get_response_key_exchange(
2014 : spdm_context, m_libspdm_key_exchange_request10_size,
2015 : &m_libspdm_key_exchange_request10, &response_size, response);
2016 :
2017 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
2018 : m_libspdm_key_exchange_request10.session_policy);
2019 1 : spdm_response = (void *)response;
2020 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_13);
2021 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2022 1 : assert_int_equal(
2023 : libspdm_secured_message_get_session_state(
2024 : spdm_context->session_info[0].secured_message_context),
2025 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2026 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
2027 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
2028 1 : assert_true(g_event_all_subscribe && !g_event_all_unsubscribe);
2029 1 : free(data1);
2030 : #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */
2031 1 : }
2032 :
2033 1 : void libspdm_test_responder_key_exchange_case23(void **state)
2034 : {
2035 : libspdm_return_t status;
2036 : libspdm_test_context_t *spdm_test_context;
2037 : libspdm_context_t *spdm_context;
2038 : size_t response_size;
2039 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2040 : spdm_key_exchange_response_t *spdm_response;
2041 : void *data1;
2042 : size_t data_size1;
2043 : uint8_t *ptr;
2044 : size_t dhe_key_size;
2045 : void *dhe_context;
2046 : size_t opaque_key_exchange_req_size;
2047 :
2048 1 : spdm_test_context = *state;
2049 1 : spdm_context = spdm_test_context->spdm_context;
2050 1 : spdm_test_context->case_id = 0x17;
2051 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2052 1 : spdm_context->connection_info.capability.flags |=
2053 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2054 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2055 1 : spdm_context->local_context.capability.flags |=
2056 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2057 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2058 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2059 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2060 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2061 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2062 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2063 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2064 : m_libspdm_use_measurement_hash_algo;
2065 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2066 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2067 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2068 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2069 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2070 : m_libspdm_use_asym_algo, &data1,
2071 : &data_size1, NULL, NULL);
2072 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2073 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2074 :
2075 1 : libspdm_reset_message_a(spdm_context);
2076 1 : spdm_context->local_context.mut_auth_requested = 0;
2077 1 : spdm_context->local_context.mandatory_mut_auth = true;
2078 :
2079 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
2080 :
2081 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2082 : m_libspdm_key_exchange_request1.random_data);
2083 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
2084 1 : m_libspdm_key_exchange_request1.reserved = 0;
2085 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
2086 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2087 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2088 : false);
2089 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2090 1 : ptr += dhe_key_size;
2091 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2092 1 : opaque_key_exchange_req_size =
2093 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2094 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2095 1 : ptr += sizeof(uint16_t);
2096 1 : libspdm_build_opaque_data_supported_version_data(
2097 : spdm_context, &opaque_key_exchange_req_size, ptr);
2098 1 : ptr += opaque_key_exchange_req_size;
2099 1 : response_size = sizeof(response);
2100 1 : status = libspdm_get_response_key_exchange(
2101 : spdm_context, m_libspdm_key_exchange_request1_size,
2102 : &m_libspdm_key_exchange_request1, &response_size, response);
2103 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2104 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2105 1 : spdm_response = (void *)response;
2106 1 : assert_int_equal(spdm_response->header.request_response_code,
2107 : SPDM_ERROR);
2108 1 : assert_int_equal(spdm_response->header.param1,
2109 : SPDM_ERROR_CODE_UNSPECIFIED);
2110 1 : assert_int_equal(spdm_response->header.param2, 0);
2111 1 : free(data1);
2112 1 : }
2113 :
2114 :
2115 1 : void libspdm_test_responder_key_exchange_case24(void **state)
2116 : {
2117 : libspdm_return_t status;
2118 : libspdm_test_context_t *spdm_test_context;
2119 : libspdm_context_t *spdm_context;
2120 : size_t response_size;
2121 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2122 : spdm_key_exchange_response_t *spdm_response;
2123 : void *data1;
2124 : size_t data_size1;
2125 : uint8_t *ptr;
2126 : size_t dhe_key_size;
2127 : void *dhe_context;
2128 : size_t opaque_key_exchange_req_size;
2129 :
2130 1 : spdm_test_context = *state;
2131 1 : spdm_context = spdm_test_context->spdm_context;
2132 1 : spdm_test_context->case_id = 0x18;
2133 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2134 1 : spdm_context->connection_info.capability.flags |=
2135 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2136 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2137 1 : spdm_context->local_context.capability.flags |=
2138 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2139 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2140 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2141 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2142 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2143 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2144 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2145 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2146 : m_libspdm_use_measurement_hash_algo;
2147 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2148 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2149 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
2150 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2151 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2152 : m_libspdm_use_asym_algo, &data1,
2153 : &data_size1, NULL, NULL);
2154 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2155 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2156 :
2157 1 : libspdm_reset_message_a(spdm_context);
2158 1 : spdm_context->local_context.mut_auth_requested = 0;
2159 1 : spdm_context->local_context.mandatory_mut_auth = true;
2160 :
2161 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
2162 :
2163 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2164 : m_libspdm_key_exchange_request10.random_data);
2165 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
2166 1 : m_libspdm_key_exchange_request10.reserved = 0;
2167 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2168 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2169 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2170 : false);
2171 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2172 1 : ptr += dhe_key_size;
2173 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2174 1 : opaque_key_exchange_req_size =
2175 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2176 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2177 1 : ptr += sizeof(uint16_t);
2178 1 : libspdm_build_opaque_data_supported_version_data(
2179 : spdm_context, &opaque_key_exchange_req_size, ptr);
2180 1 : ptr += opaque_key_exchange_req_size;
2181 1 : response_size = sizeof(response);
2182 1 : status = libspdm_get_response_key_exchange(
2183 : spdm_context, m_libspdm_key_exchange_request10_size,
2184 : &m_libspdm_key_exchange_request10, &response_size, response);
2185 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2186 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2187 1 : spdm_response = (void *)response;
2188 1 : assert_int_equal(spdm_response->header.request_response_code,
2189 : SPDM_ERROR);
2190 1 : assert_int_equal(spdm_response->header.param1,
2191 : SPDM_ERROR_CODE_INVALID_POLICY);
2192 1 : assert_int_equal(spdm_response->header.param2, 0);
2193 1 : free(data1);
2194 1 : }
2195 :
2196 1 : int libspdm_responder_key_exchange_test_main(void)
2197 : {
2198 1 : const struct CMUnitTest spdm_responder_key_exchange_tests[] = {
2199 : /* Success Case*/
2200 : cmocka_unit_test(libspdm_test_responder_key_exchange_case1),
2201 : /* Bad request size*/
2202 : cmocka_unit_test(libspdm_test_responder_key_exchange_case2),
2203 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
2204 : cmocka_unit_test(libspdm_test_responder_key_exchange_case3),
2205 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
2206 : cmocka_unit_test(libspdm_test_responder_key_exchange_case4),
2207 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2208 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
2209 : cmocka_unit_test(libspdm_test_responder_key_exchange_case5),
2210 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
2211 : /* connection_state Check*/
2212 : cmocka_unit_test(libspdm_test_responder_key_exchange_case6),
2213 : /* Buffer reset*/
2214 : cmocka_unit_test(libspdm_test_responder_key_exchange_case7),
2215 : /* TCB measurement hash requested */
2216 : cmocka_unit_test(libspdm_test_responder_key_exchange_case8),
2217 : /* All measurement hash requested */
2218 : cmocka_unit_test(libspdm_test_responder_key_exchange_case9),
2219 : /* Reserved value in Measurement summary. Error + Invalid */
2220 : cmocka_unit_test(libspdm_test_responder_key_exchange_case10),
2221 : /* TCB measurement hash requested, measurement flag not set */
2222 : cmocka_unit_test(libspdm_test_responder_key_exchange_case11),
2223 : /* Request previously provisioned public key, slot 0xFF */
2224 : cmocka_unit_test(libspdm_test_responder_key_exchange_case14),
2225 : /* HANDSHAKE_IN_THE_CLEAR set for requester and responder */
2226 : cmocka_unit_test(libspdm_test_responder_key_exchange_case15),
2227 : /* Buffer verification*/
2228 : cmocka_unit_test(libspdm_test_responder_key_exchange_case16),
2229 : /* Successful response V1.2*/
2230 : cmocka_unit_test(libspdm_test_responder_key_exchange_case17),
2231 : /* Invalid SlotID in KEY_EXCHANGE request message*/
2232 : cmocka_unit_test(libspdm_test_responder_key_exchange_case18),
2233 : /* Only OpaqueDataFmt1 is supported, Bytes not aligned*/
2234 : cmocka_unit_test(libspdm_test_responder_key_exchange_case19),
2235 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
2236 : cmocka_unit_test(libspdm_test_responder_key_exchange_case20),
2237 : /* The key usage bit mask is not set, failed Case*/
2238 : cmocka_unit_test(libspdm_test_responder_key_exchange_case21),
2239 : cmocka_unit_test(libspdm_test_responder_key_exchange_case22),
2240 : /* The Responder requires mutual authentication, but the Requester does not support it */
2241 : cmocka_unit_test(libspdm_test_responder_key_exchange_case23),
2242 : cmocka_unit_test(libspdm_test_responder_key_exchange_case24),
2243 : };
2244 :
2245 1 : libspdm_test_context_t test_context = {
2246 : LIBSPDM_TEST_CONTEXT_VERSION,
2247 : false,
2248 : };
2249 :
2250 1 : libspdm_setup_test_context(&test_context);
2251 :
2252 1 : return cmocka_run_group_tests(spdm_responder_key_exchange_tests,
2253 : libspdm_unit_test_group_setup,
2254 : libspdm_unit_test_group_teardown);
2255 : }
2256 :
2257 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
