Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : #pragma pack(1)
14 : typedef struct {
15 : spdm_message_header_t header;
16 : uint16_t req_session_id;
17 : uint8_t session_policy;
18 : uint8_t reserved;
19 : uint8_t random_data[SPDM_RANDOM_DATA_SIZE];
20 : uint8_t exchange_data[LIBSPDM_MAX_DHE_KEY_SIZE];
21 : uint16_t opaque_length;
22 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
23 : } libspdm_key_exchange_request_mine_t;
24 : #pragma pack()
25 :
26 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request1 = {
27 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
28 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
29 : };
30 : size_t m_libspdm_key_exchange_request1_size = sizeof(m_libspdm_key_exchange_request1);
31 :
32 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request2 = {
33 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
34 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
35 : };
36 : size_t m_libspdm_key_exchange_request2_size = sizeof(spdm_key_exchange_request_t);
37 :
38 : /* Request TCB measurement hash */
39 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request3 = {
40 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
41 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0 },
42 : };
43 : size_t m_libspdm_key_exchange_request3_size = sizeof(m_libspdm_key_exchange_request3);
44 :
45 : /* Request all measurement hash */
46 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request4 = {
47 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
48 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0 },
49 : };
50 : size_t m_libspdm_key_exchange_request4_size = sizeof(m_libspdm_key_exchange_request4);
51 :
52 : /* Uses a reserved value in measurement hash */
53 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request5 = {
54 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
55 : 0x50, 0 },
56 : };
57 : size_t m_libspdm_key_exchange_request5_size = sizeof(m_libspdm_key_exchange_request5);
58 :
59 : /* Asks for certificate in slot 1 */
60 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request6 = {
61 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
62 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 1 },
63 : };
64 : size_t m_libspdm_key_exchange_request6_size = sizeof(m_libspdm_key_exchange_request6);
65 :
66 : /* Asks for previously provisioned raw public key */
67 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request7 = {
68 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
69 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF },
70 : };
71 : size_t m_libspdm_key_exchange_request7_size = sizeof(m_libspdm_key_exchange_request7);
72 :
73 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request8 = {
74 : { SPDM_MESSAGE_VERSION_12, SPDM_KEY_EXCHANGE,
75 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
76 : };
77 : size_t m_libspdm_key_exchange_request8_size = sizeof(m_libspdm_key_exchange_request8);
78 :
79 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request9 = {
80 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
81 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 9 },
82 : };
83 : size_t m_libspdm_key_exchange_request9_size = sizeof(m_libspdm_key_exchange_request9);
84 :
85 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request10 = {
86 : { SPDM_MESSAGE_VERSION_13, SPDM_KEY_EXCHANGE,
87 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
88 : };
89 : size_t m_libspdm_key_exchange_request10_size = sizeof(m_libspdm_key_exchange_request10);
90 :
91 : extern bool g_event_all_subscribe;
92 : extern bool g_event_all_unsubscribe;
93 :
94 1 : void libspdm_test_responder_key_exchange_case1(void **state)
95 : {
96 : libspdm_return_t status;
97 : libspdm_test_context_t *spdm_test_context;
98 : libspdm_context_t *spdm_context;
99 : size_t response_size;
100 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
101 : spdm_key_exchange_response_t *spdm_response;
102 : void *data1;
103 : size_t data_size1;
104 : uint8_t *ptr;
105 : size_t dhe_key_size;
106 : void *dhe_context;
107 : size_t opaque_key_exchange_req_size;
108 : uint32_t session_id;
109 :
110 1 : spdm_test_context = *state;
111 1 : spdm_context = spdm_test_context->spdm_context;
112 1 : spdm_test_context->case_id = 0x1;
113 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
114 1 : spdm_context->connection_info.capability.flags |=
115 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
116 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
117 1 : spdm_context->local_context.capability.flags |=
118 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
119 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
120 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
121 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
122 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
123 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
124 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
125 : m_libspdm_use_measurement_hash_algo;
126 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
127 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
128 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
129 : SPDM_VERSION_NUMBER_SHIFT_BIT;
130 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
131 : m_libspdm_use_asym_algo, &data1,
132 : &data_size1, NULL, NULL);
133 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
134 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
135 :
136 1 : libspdm_reset_message_a(spdm_context);
137 1 : spdm_context->local_context.mut_auth_requested = 0;
138 :
139 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
140 :
141 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
142 : m_libspdm_key_exchange_request1.random_data);
143 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
144 1 : m_libspdm_key_exchange_request1.reserved = 0;
145 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
146 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
147 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
148 : false);
149 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
150 1 : ptr += dhe_key_size;
151 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
152 1 : opaque_key_exchange_req_size =
153 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
154 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
155 1 : ptr += sizeof(uint16_t);
156 1 : libspdm_build_opaque_data_supported_version_data(
157 : spdm_context, &opaque_key_exchange_req_size, ptr);
158 1 : ptr += opaque_key_exchange_req_size;
159 1 : response_size = sizeof(response);
160 1 : status = libspdm_get_response_key_exchange(
161 : spdm_context, m_libspdm_key_exchange_request1_size,
162 : &m_libspdm_key_exchange_request1, &response_size, response);
163 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
164 1 : assert_int_equal(
165 : libspdm_secured_message_get_session_state(
166 : spdm_context->session_info[0].secured_message_context),
167 : LIBSPDM_SESSION_STATE_HANDSHAKING);
168 1 : spdm_response = (void *)response;
169 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
170 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
171 :
172 1 : session_id = (m_libspdm_key_exchange_request1.req_session_id << 16) |
173 1 : spdm_response->rsp_session_id;
174 1 : libspdm_free_session_id(spdm_context, session_id);
175 1 : free(data1);
176 1 : }
177 :
178 1 : void libspdm_test_responder_key_exchange_case2(void **state)
179 : {
180 : libspdm_return_t status;
181 : libspdm_test_context_t *spdm_test_context;
182 : libspdm_context_t *spdm_context;
183 : size_t response_size;
184 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
185 : spdm_key_exchange_response_t *spdm_response;
186 : void *data1;
187 : size_t data_size1;
188 : uint8_t *ptr;
189 : size_t dhe_key_size;
190 : void *dhe_context;
191 : size_t opaque_key_exchange_req_size;
192 :
193 1 : spdm_test_context = *state;
194 1 : spdm_context = spdm_test_context->spdm_context;
195 1 : spdm_test_context->case_id = 0x2;
196 1 : spdm_context->connection_info.connection_state =
197 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
198 1 : spdm_context->connection_info.capability.flags |=
199 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
200 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
201 1 : spdm_context->local_context.capability.flags |=
202 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
203 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
204 1 : spdm_context->connection_info.algorithm.base_hash_algo =
205 : m_libspdm_use_hash_algo;
206 1 : spdm_context->connection_info.algorithm.base_asym_algo =
207 : m_libspdm_use_asym_algo;
208 1 : spdm_context->connection_info.algorithm.measurement_spec =
209 : m_libspdm_use_measurement_spec;
210 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
211 : m_libspdm_use_measurement_hash_algo;
212 1 : spdm_context->connection_info.algorithm.dhe_named_group =
213 : m_libspdm_use_dhe_algo;
214 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
215 : m_libspdm_use_aead_algo;
216 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
217 : SPDM_VERSION_NUMBER_SHIFT_BIT;
218 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
219 : m_libspdm_use_asym_algo, &data1,
220 : &data_size1, NULL, NULL);
221 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
222 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
223 : data_size1;
224 :
225 1 : libspdm_reset_message_a(spdm_context);
226 1 : spdm_context->local_context.mut_auth_requested = 0;
227 :
228 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
229 : m_libspdm_key_exchange_request2.random_data);
230 1 : m_libspdm_key_exchange_request2.req_session_id = 0xFFFF;
231 1 : m_libspdm_key_exchange_request2.reserved = 0;
232 1 : ptr = m_libspdm_key_exchange_request2.exchange_data;
233 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
234 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
235 : false);
236 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
237 1 : ptr += dhe_key_size;
238 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
239 1 : opaque_key_exchange_req_size =
240 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
241 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
242 1 : ptr += sizeof(uint16_t);
243 1 : libspdm_build_opaque_data_supported_version_data(
244 : spdm_context, &opaque_key_exchange_req_size, ptr);
245 1 : ptr += opaque_key_exchange_req_size;
246 1 : response_size = sizeof(response);
247 1 : status = libspdm_get_response_key_exchange(
248 : spdm_context, m_libspdm_key_exchange_request2_size,
249 : &m_libspdm_key_exchange_request2, &response_size, response);
250 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
251 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
252 1 : spdm_response = (void *)response;
253 1 : assert_int_equal(spdm_response->header.request_response_code,
254 : SPDM_ERROR);
255 1 : assert_int_equal(spdm_response->header.param1,
256 : SPDM_ERROR_CODE_INVALID_REQUEST);
257 1 : assert_int_equal(spdm_response->header.param2, 0);
258 1 : free(data1);
259 1 : }
260 :
261 1 : void libspdm_test_responder_key_exchange_case3(void **state)
262 : {
263 : libspdm_return_t status;
264 : libspdm_test_context_t *spdm_test_context;
265 : libspdm_context_t *spdm_context;
266 : size_t response_size;
267 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
268 : spdm_key_exchange_response_t *spdm_response;
269 : void *data1;
270 : size_t data_size1;
271 : uint8_t *ptr;
272 : size_t dhe_key_size;
273 : void *dhe_context;
274 : size_t opaque_key_exchange_req_size;
275 :
276 1 : spdm_test_context = *state;
277 1 : spdm_context = spdm_test_context->spdm_context;
278 1 : spdm_test_context->case_id = 0x3;
279 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
280 1 : spdm_context->connection_info.connection_state =
281 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
282 1 : spdm_context->connection_info.capability.flags |=
283 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
284 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
285 1 : spdm_context->local_context.capability.flags |=
286 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
287 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
288 1 : spdm_context->connection_info.algorithm.base_hash_algo =
289 : m_libspdm_use_hash_algo;
290 1 : spdm_context->connection_info.algorithm.base_asym_algo =
291 : m_libspdm_use_asym_algo;
292 1 : spdm_context->connection_info.algorithm.measurement_spec =
293 : m_libspdm_use_measurement_spec;
294 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
295 : m_libspdm_use_measurement_hash_algo;
296 1 : spdm_context->connection_info.algorithm.dhe_named_group =
297 : m_libspdm_use_dhe_algo;
298 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
299 : m_libspdm_use_aead_algo;
300 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
301 : SPDM_VERSION_NUMBER_SHIFT_BIT;
302 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
303 : m_libspdm_use_asym_algo, &data1,
304 : &data_size1, NULL, NULL);
305 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
306 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
307 : data_size1;
308 :
309 1 : libspdm_reset_message_a(spdm_context);
310 1 : spdm_context->local_context.mut_auth_requested = 0;
311 :
312 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
313 : m_libspdm_key_exchange_request1.random_data);
314 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
315 1 : m_libspdm_key_exchange_request1.reserved = 0;
316 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
317 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
318 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
319 : false);
320 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
321 1 : ptr += dhe_key_size;
322 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
323 1 : opaque_key_exchange_req_size =
324 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
325 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
326 1 : ptr += sizeof(uint16_t);
327 1 : libspdm_build_opaque_data_supported_version_data(
328 : spdm_context, &opaque_key_exchange_req_size, ptr);
329 1 : ptr += opaque_key_exchange_req_size;
330 1 : response_size = sizeof(response);
331 1 : status = libspdm_get_response_key_exchange(
332 : spdm_context, m_libspdm_key_exchange_request1_size,
333 : &m_libspdm_key_exchange_request1, &response_size, response);
334 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
335 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
336 1 : spdm_response = (void *)response;
337 1 : assert_int_equal(spdm_response->header.request_response_code,
338 : SPDM_ERROR);
339 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
340 1 : assert_int_equal(spdm_response->header.param2, 0);
341 1 : assert_int_equal(spdm_context->response_state,
342 : LIBSPDM_RESPONSE_STATE_BUSY);
343 1 : free(data1);
344 1 : }
345 :
346 1 : void libspdm_test_responder_key_exchange_case4(void **state)
347 : {
348 : libspdm_return_t status;
349 : libspdm_test_context_t *spdm_test_context;
350 : libspdm_context_t *spdm_context;
351 : size_t response_size;
352 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
353 : spdm_key_exchange_response_t *spdm_response;
354 : void *data1;
355 : size_t data_size1;
356 : uint8_t *ptr;
357 : size_t dhe_key_size;
358 : void *dhe_context;
359 : size_t opaque_key_exchange_req_size;
360 :
361 1 : spdm_test_context = *state;
362 1 : spdm_context = spdm_test_context->spdm_context;
363 1 : spdm_test_context->case_id = 0x4;
364 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
365 1 : spdm_context->connection_info.connection_state =
366 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
367 1 : spdm_context->connection_info.capability.flags |=
368 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
369 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
370 1 : spdm_context->local_context.capability.flags |=
371 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
372 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
373 1 : spdm_context->connection_info.algorithm.base_hash_algo =
374 : m_libspdm_use_hash_algo;
375 1 : spdm_context->connection_info.algorithm.base_asym_algo =
376 : m_libspdm_use_asym_algo;
377 1 : spdm_context->connection_info.algorithm.measurement_spec =
378 : m_libspdm_use_measurement_spec;
379 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
380 : m_libspdm_use_measurement_hash_algo;
381 1 : spdm_context->connection_info.algorithm.dhe_named_group =
382 : m_libspdm_use_dhe_algo;
383 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
384 : m_libspdm_use_aead_algo;
385 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
386 : SPDM_VERSION_NUMBER_SHIFT_BIT;
387 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
388 : m_libspdm_use_asym_algo, &data1,
389 : &data_size1, NULL, NULL);
390 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
391 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
392 : data_size1;
393 :
394 1 : libspdm_reset_message_a(spdm_context);
395 1 : spdm_context->local_context.mut_auth_requested = 0;
396 :
397 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
398 : m_libspdm_key_exchange_request1.random_data);
399 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
400 1 : m_libspdm_key_exchange_request1.reserved = 0;
401 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
402 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
403 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
404 : false);
405 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
406 1 : ptr += dhe_key_size;
407 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
408 1 : opaque_key_exchange_req_size =
409 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
410 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
411 1 : ptr += sizeof(uint16_t);
412 1 : libspdm_build_opaque_data_supported_version_data(
413 : spdm_context, &opaque_key_exchange_req_size, ptr);
414 1 : ptr += opaque_key_exchange_req_size;
415 1 : response_size = sizeof(response);
416 1 : status = libspdm_get_response_key_exchange(
417 : spdm_context, m_libspdm_key_exchange_request1_size,
418 : &m_libspdm_key_exchange_request1, &response_size, response);
419 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
420 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
421 1 : spdm_response = (void *)response;
422 1 : assert_int_equal(spdm_response->header.request_response_code,
423 : SPDM_ERROR);
424 1 : assert_int_equal(spdm_response->header.param1,
425 : SPDM_ERROR_CODE_REQUEST_RESYNCH);
426 1 : assert_int_equal(spdm_response->header.param2, 0);
427 1 : assert_int_equal(spdm_context->response_state,
428 : LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
429 1 : free(data1);
430 1 : }
431 :
432 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
433 1 : void libspdm_test_responder_key_exchange_case5(void **state)
434 : {
435 : libspdm_return_t status;
436 : libspdm_test_context_t *spdm_test_context;
437 : libspdm_context_t *spdm_context;
438 : size_t response_size;
439 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
440 : spdm_key_exchange_response_t *spdm_response;
441 : void *data1;
442 : size_t data_size1;
443 : spdm_error_data_response_not_ready_t *error_data;
444 : uint8_t *ptr;
445 : size_t dhe_key_size;
446 : void *dhe_context;
447 : size_t opaque_key_exchange_req_size;
448 :
449 1 : spdm_test_context = *state;
450 1 : spdm_context = spdm_test_context->spdm_context;
451 1 : spdm_test_context->case_id = 0x5;
452 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
453 1 : spdm_context->connection_info.connection_state =
454 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
455 1 : spdm_context->connection_info.capability.flags |=
456 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
457 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
458 1 : spdm_context->local_context.capability.flags |=
459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
460 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
461 1 : spdm_context->connection_info.algorithm.base_hash_algo =
462 : m_libspdm_use_hash_algo;
463 1 : spdm_context->connection_info.algorithm.base_asym_algo =
464 : m_libspdm_use_asym_algo;
465 1 : spdm_context->connection_info.algorithm.measurement_spec =
466 : m_libspdm_use_measurement_spec;
467 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
468 : m_libspdm_use_measurement_hash_algo;
469 1 : spdm_context->connection_info.algorithm.dhe_named_group =
470 : m_libspdm_use_dhe_algo;
471 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
472 : m_libspdm_use_aead_algo;
473 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
474 : SPDM_VERSION_NUMBER_SHIFT_BIT;
475 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
476 : m_libspdm_use_asym_algo, &data1,
477 : &data_size1, NULL, NULL);
478 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
479 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
480 : data_size1;
481 :
482 1 : libspdm_reset_message_a(spdm_context);
483 1 : spdm_context->local_context.mut_auth_requested = 0;
484 :
485 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
486 : m_libspdm_key_exchange_request1.random_data);
487 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
488 1 : m_libspdm_key_exchange_request1.reserved = 0;
489 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
490 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
491 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
492 : false);
493 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
494 1 : ptr += dhe_key_size;
495 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
496 1 : opaque_key_exchange_req_size =
497 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
498 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
499 1 : ptr += sizeof(uint16_t);
500 1 : libspdm_build_opaque_data_supported_version_data(
501 : spdm_context, &opaque_key_exchange_req_size, ptr);
502 1 : ptr += opaque_key_exchange_req_size;
503 1 : response_size = sizeof(response);
504 1 : status = libspdm_get_response_key_exchange(
505 : spdm_context, m_libspdm_key_exchange_request1_size,
506 : &m_libspdm_key_exchange_request1, &response_size, response);
507 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
508 1 : assert_int_equal(response_size,
509 : sizeof(spdm_error_response_t) +
510 : sizeof(spdm_error_data_response_not_ready_t));
511 1 : spdm_response = (void *)response;
512 1 : error_data = (spdm_error_data_response_not_ready_t
513 : *)(&spdm_response->rsp_session_id);
514 1 : assert_int_equal(spdm_response->header.request_response_code,
515 : SPDM_ERROR);
516 1 : assert_int_equal(spdm_response->header.param1,
517 : SPDM_ERROR_CODE_RESPONSE_NOT_READY);
518 1 : assert_int_equal(spdm_response->header.param2, 0);
519 1 : assert_int_equal(spdm_context->response_state,
520 : LIBSPDM_RESPONSE_STATE_NOT_READY);
521 1 : assert_int_equal(error_data->request_code, SPDM_KEY_EXCHANGE);
522 1 : free(data1);
523 1 : }
524 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
525 :
526 1 : void libspdm_test_responder_key_exchange_case6(void **state)
527 : {
528 : libspdm_return_t status;
529 : libspdm_test_context_t *spdm_test_context;
530 : libspdm_context_t *spdm_context;
531 : size_t response_size;
532 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
533 : spdm_key_exchange_response_t *spdm_response;
534 : void *data1;
535 : size_t data_size1;
536 : uint8_t *ptr;
537 : size_t dhe_key_size;
538 : void *dhe_context;
539 : size_t opaque_key_exchange_req_size;
540 :
541 1 : spdm_test_context = *state;
542 1 : spdm_context = spdm_test_context->spdm_context;
543 1 : spdm_test_context->case_id = 0x6;
544 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
545 1 : spdm_context->connection_info.connection_state =
546 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
547 1 : spdm_context->connection_info.capability.flags |=
548 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
549 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
550 1 : spdm_context->local_context.capability.flags |=
551 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
552 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
553 1 : spdm_context->connection_info.algorithm.base_hash_algo =
554 : m_libspdm_use_hash_algo;
555 1 : spdm_context->connection_info.algorithm.base_asym_algo =
556 : m_libspdm_use_asym_algo;
557 1 : spdm_context->connection_info.algorithm.measurement_spec =
558 : m_libspdm_use_measurement_spec;
559 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
560 : m_libspdm_use_measurement_hash_algo;
561 1 : spdm_context->connection_info.algorithm.dhe_named_group =
562 : m_libspdm_use_dhe_algo;
563 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
564 : m_libspdm_use_aead_algo;
565 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
566 : SPDM_VERSION_NUMBER_SHIFT_BIT;
567 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
568 : m_libspdm_use_asym_algo, &data1,
569 : &data_size1, NULL, NULL);
570 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
571 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
572 : data_size1;
573 :
574 1 : libspdm_reset_message_a(spdm_context);
575 1 : spdm_context->local_context.mut_auth_requested = 0;
576 :
577 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
578 : m_libspdm_key_exchange_request1.random_data);
579 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
580 1 : m_libspdm_key_exchange_request1.reserved = 0;
581 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
582 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
583 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
584 : false);
585 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
586 1 : ptr += dhe_key_size;
587 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
588 1 : opaque_key_exchange_req_size =
589 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
590 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
591 1 : ptr += sizeof(uint16_t);
592 1 : libspdm_build_opaque_data_supported_version_data(
593 : spdm_context, &opaque_key_exchange_req_size, ptr);
594 1 : ptr += opaque_key_exchange_req_size;
595 1 : response_size = sizeof(response);
596 1 : status = libspdm_get_response_key_exchange(
597 : spdm_context, m_libspdm_key_exchange_request1_size,
598 : &m_libspdm_key_exchange_request1, &response_size, response);
599 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
600 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
601 1 : spdm_response = (void *)response;
602 1 : assert_int_equal(spdm_response->header.request_response_code,
603 : SPDM_ERROR);
604 1 : assert_int_equal(spdm_response->header.param1,
605 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
606 1 : assert_int_equal(spdm_response->header.param2, 0);
607 1 : free(data1);
608 1 : }
609 :
610 1 : void libspdm_test_responder_key_exchange_case7(void **state)
611 : {
612 : libspdm_return_t status;
613 : libspdm_test_context_t *spdm_test_context;
614 : libspdm_context_t *spdm_context;
615 : size_t response_size;
616 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
617 : spdm_key_exchange_response_t *spdm_response;
618 : void *data1;
619 : size_t data_size1;
620 : uint8_t *ptr;
621 : size_t dhe_key_size;
622 : void *dhe_context;
623 : size_t opaque_key_exchange_req_size;
624 :
625 1 : spdm_test_context = *state;
626 1 : spdm_context = spdm_test_context->spdm_context;
627 1 : spdm_test_context->case_id = 0x1;
628 1 : spdm_context->connection_info.connection_state =
629 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
630 1 : spdm_context->connection_info.capability.flags |=
631 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
632 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
633 1 : spdm_context->local_context.capability.flags |=
634 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
635 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
636 1 : spdm_context->connection_info.algorithm.base_hash_algo =
637 : m_libspdm_use_hash_algo;
638 1 : spdm_context->connection_info.algorithm.base_asym_algo =
639 : m_libspdm_use_asym_algo;
640 1 : spdm_context->connection_info.algorithm.measurement_spec =
641 : m_libspdm_use_measurement_spec;
642 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
643 : m_libspdm_use_measurement_hash_algo;
644 1 : spdm_context->connection_info.algorithm.dhe_named_group =
645 : m_libspdm_use_dhe_algo;
646 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
647 : m_libspdm_use_aead_algo;
648 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
649 : SPDM_VERSION_NUMBER_SHIFT_BIT;
650 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
651 : m_libspdm_use_asym_algo, &data1,
652 : &data_size1, NULL, NULL);
653 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
654 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
655 : data_size1;
656 :
657 1 : libspdm_reset_message_a(spdm_context);
658 1 : spdm_context->local_context.mut_auth_requested = 0;
659 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
660 : spdm_context->transcript.message_m.buffer_size =
661 : spdm_context->transcript.message_m.max_buffer_size;
662 : spdm_context->transcript.message_b.buffer_size =
663 : spdm_context->transcript.message_b.max_buffer_size;
664 : spdm_context->transcript.message_c.buffer_size =
665 : spdm_context->transcript.message_c.max_buffer_size;
666 : spdm_context->transcript.message_mut_b.buffer_size =
667 : spdm_context->transcript.message_mut_b.max_buffer_size;
668 : spdm_context->transcript.message_mut_c.buffer_size =
669 : spdm_context->transcript.message_mut_c.max_buffer_size;
670 : #endif
671 :
672 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
673 : m_libspdm_key_exchange_request1.random_data);
674 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
675 1 : m_libspdm_key_exchange_request1.reserved = 0;
676 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
677 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
678 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
679 : false);
680 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
681 1 : ptr += dhe_key_size;
682 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
683 1 : opaque_key_exchange_req_size =
684 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
685 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
686 1 : ptr += sizeof(uint16_t);
687 1 : libspdm_build_opaque_data_supported_version_data(
688 : spdm_context, &opaque_key_exchange_req_size, ptr);
689 1 : ptr += opaque_key_exchange_req_size;
690 1 : response_size = sizeof(response);
691 1 : status = libspdm_get_response_key_exchange(
692 : spdm_context, m_libspdm_key_exchange_request1_size,
693 : &m_libspdm_key_exchange_request1, &response_size, response);
694 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
695 1 : assert_int_equal(
696 : libspdm_secured_message_get_session_state(
697 : spdm_context->session_info[0].secured_message_context),
698 : LIBSPDM_SESSION_STATE_HANDSHAKING);
699 1 : spdm_response = (void *)response;
700 1 : assert_int_equal(spdm_response->header.request_response_code,
701 : SPDM_KEY_EXCHANGE_RSP);
702 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
703 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
704 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
705 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
706 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
707 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
708 : #endif
709 :
710 1 : free(data1);
711 1 : }
712 :
713 1 : void libspdm_test_responder_key_exchange_case8(void **state)
714 : {
715 : libspdm_return_t status;
716 : libspdm_test_context_t *spdm_test_context;
717 : libspdm_context_t *spdm_context;
718 : size_t response_size;
719 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
720 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
721 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
722 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
723 : uint32_t measurement_summary_hash_size;
724 : spdm_key_exchange_response_t *spdm_response;
725 : void *data1;
726 : size_t data_size1;
727 : uint8_t *ptr;
728 : size_t dhe_key_size;
729 : void *dhe_context;
730 : size_t opaque_key_exchange_req_size;
731 : bool result;
732 :
733 1 : spdm_test_context = *state;
734 1 : spdm_context = spdm_test_context->spdm_context;
735 1 : spdm_test_context->case_id = 0x8;
736 :
737 : /* Clear previous sessions */
738 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
739 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
740 : }
741 :
742 1 : spdm_context->connection_info.connection_state =
743 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
744 1 : spdm_context->connection_info.capability.flags |=
745 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
746 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
747 1 : spdm_context->local_context.capability.flags |=
748 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
749 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
750 1 : spdm_context->local_context.capability.flags |=
751 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
752 1 : spdm_context->connection_info.algorithm.base_hash_algo =
753 : m_libspdm_use_hash_algo;
754 1 : spdm_context->connection_info.algorithm.base_asym_algo =
755 : m_libspdm_use_asym_algo;
756 1 : spdm_context->connection_info.algorithm.measurement_spec =
757 : m_libspdm_use_measurement_spec;
758 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
759 : m_libspdm_use_measurement_hash_algo;
760 1 : spdm_context->connection_info.algorithm.dhe_named_group =
761 : m_libspdm_use_dhe_algo;
762 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
763 : m_libspdm_use_aead_algo;
764 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
765 : SPDM_VERSION_NUMBER_SHIFT_BIT;
766 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
767 : m_libspdm_use_asym_algo, &data1,
768 : &data_size1, NULL, NULL);
769 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
770 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
771 : data_size1;
772 :
773 1 : libspdm_reset_message_a(spdm_context);
774 1 : spdm_context->local_context.mut_auth_requested = 0;
775 :
776 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
777 : m_libspdm_key_exchange_request3.random_data);
778 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
779 1 : m_libspdm_key_exchange_request3.reserved = 0;
780 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
781 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
782 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
783 : false);
784 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
785 1 : ptr += dhe_key_size;
786 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
787 1 : opaque_key_exchange_req_size =
788 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
789 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
790 1 : ptr += sizeof(uint16_t);
791 1 : libspdm_build_opaque_data_supported_version_data(
792 : spdm_context, &opaque_key_exchange_req_size, ptr);
793 1 : ptr += opaque_key_exchange_req_size;
794 1 : response_size = sizeof(response);
795 1 : status = libspdm_get_response_key_exchange(
796 : spdm_context, m_libspdm_key_exchange_request3_size,
797 : &m_libspdm_key_exchange_request3, &response_size, response);
798 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
799 1 : assert_int_equal(
800 : libspdm_secured_message_get_session_state(
801 : spdm_context->session_info[0].secured_message_context),
802 : LIBSPDM_SESSION_STATE_HANDSHAKING);
803 1 : spdm_response = (void *)response;
804 1 : assert_int_equal(spdm_response->header.request_response_code,
805 : SPDM_KEY_EXCHANGE_RSP);
806 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
807 :
808 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
809 1 : spdm_context, false, m_libspdm_key_exchange_request3.header.param1);
810 :
811 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
812 1 : result = libspdm_generate_measurement_summary_hash(
813 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
814 : spdm_context,
815 : #endif
816 1 : spdm_context->connection_info.version,
817 : spdm_context->connection_info.algorithm.base_hash_algo,
818 1 : spdm_context->connection_info.algorithm.measurement_spec,
819 : spdm_context->connection_info.algorithm.measurement_hash_algo,
820 1 : m_libspdm_key_exchange_request3.header.param1,
821 : measurement_hash,
822 : measurement_summary_hash_size);
823 :
824 1 : assert_true(result);
825 :
826 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
827 : measurement_hash, measurement_summary_hash_size);
828 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
829 1 : free(data1);
830 1 : }
831 :
832 1 : void libspdm_test_responder_key_exchange_case9(void **state)
833 : {
834 : libspdm_return_t status;
835 : libspdm_test_context_t *spdm_test_context;
836 : libspdm_context_t *spdm_context;
837 : size_t response_size;
838 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
839 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
840 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
841 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
842 : uint32_t measurement_summary_hash_size;
843 : spdm_key_exchange_response_t *spdm_response;
844 : void *data1;
845 : size_t data_size1;
846 : uint8_t *ptr;
847 : size_t dhe_key_size;
848 : void *dhe_context;
849 : size_t opaque_key_exchange_req_size;
850 : uint32_t session_id;
851 : bool result;
852 :
853 1 : spdm_test_context = *state;
854 1 : spdm_context = spdm_test_context->spdm_context;
855 1 : spdm_test_context->case_id = 0x9;
856 :
857 : /* Clear previous sessions */
858 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
859 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
860 : }
861 :
862 1 : spdm_context->connection_info.connection_state =
863 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
864 1 : spdm_context->connection_info.capability.flags |=
865 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
866 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
867 1 : spdm_context->local_context.capability.flags |=
868 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
869 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
870 1 : spdm_context->local_context.capability.flags |=
871 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
872 1 : spdm_context->connection_info.algorithm.base_hash_algo =
873 : m_libspdm_use_hash_algo;
874 1 : spdm_context->connection_info.algorithm.base_asym_algo =
875 : m_libspdm_use_asym_algo;
876 1 : spdm_context->connection_info.algorithm.measurement_spec =
877 : m_libspdm_use_measurement_spec;
878 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
879 : m_libspdm_use_measurement_hash_algo;
880 1 : spdm_context->connection_info.algorithm.dhe_named_group =
881 : m_libspdm_use_dhe_algo;
882 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
883 : m_libspdm_use_aead_algo;
884 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
885 : SPDM_VERSION_NUMBER_SHIFT_BIT;
886 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
887 : m_libspdm_use_asym_algo, &data1,
888 : &data_size1, NULL, NULL);
889 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
890 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
891 : data_size1;
892 :
893 1 : libspdm_reset_message_a(spdm_context);
894 1 : spdm_context->local_context.mut_auth_requested = 0;
895 :
896 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
897 : m_libspdm_key_exchange_request4.random_data);
898 1 : m_libspdm_key_exchange_request4.req_session_id = 0xFFFF;
899 1 : m_libspdm_key_exchange_request4.reserved = 0;
900 1 : ptr = m_libspdm_key_exchange_request4.exchange_data;
901 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
902 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
903 : false);
904 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
905 1 : ptr += dhe_key_size;
906 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
907 1 : opaque_key_exchange_req_size =
908 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
909 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
910 1 : ptr += sizeof(uint16_t);
911 1 : libspdm_build_opaque_data_supported_version_data(
912 : spdm_context, &opaque_key_exchange_req_size, ptr);
913 1 : ptr += opaque_key_exchange_req_size;
914 1 : response_size = sizeof(response);
915 1 : status = libspdm_get_response_key_exchange(
916 : spdm_context, m_libspdm_key_exchange_request4_size,
917 : &m_libspdm_key_exchange_request4, &response_size, response);
918 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
919 1 : assert_int_equal(
920 : libspdm_secured_message_get_session_state(
921 : spdm_context->session_info[0].secured_message_context),
922 : LIBSPDM_SESSION_STATE_HANDSHAKING);
923 1 : spdm_response = (void *)response;
924 1 : assert_int_equal(spdm_response->header.request_response_code,
925 : SPDM_KEY_EXCHANGE_RSP);
926 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
927 :
928 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
929 1 : spdm_context, false, m_libspdm_key_exchange_request4.header.param1);
930 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
931 1 : result = libspdm_generate_measurement_summary_hash(
932 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
933 : spdm_context,
934 : #endif
935 1 : spdm_context->connection_info.version,
936 : spdm_context->connection_info.algorithm.base_hash_algo,
937 1 : spdm_context->connection_info.algorithm.measurement_spec,
938 : spdm_context->connection_info.algorithm.measurement_hash_algo,
939 1 : m_libspdm_key_exchange_request4.header.param1,
940 : measurement_hash,
941 : measurement_summary_hash_size);
942 :
943 1 : assert_true(result);
944 :
945 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
946 : measurement_hash, measurement_summary_hash_size);
947 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
948 :
949 1 : session_id = (m_libspdm_key_exchange_request4.req_session_id << 16) |
950 1 : spdm_response->rsp_session_id;
951 1 : libspdm_free_session_id(spdm_context, session_id);
952 :
953 1 : free(data1);
954 1 : }
955 :
956 1 : void libspdm_test_responder_key_exchange_case10(void **state)
957 : {
958 : libspdm_return_t status;
959 : libspdm_test_context_t *spdm_test_context;
960 : libspdm_context_t *spdm_context;
961 : size_t response_size;
962 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
963 : spdm_key_exchange_response_t *spdm_response;
964 : void *data1;
965 : size_t data_size1;
966 : uint8_t *ptr;
967 : size_t dhe_key_size;
968 : void *dhe_context;
969 : size_t opaque_key_exchange_req_size;
970 :
971 1 : spdm_test_context = *state;
972 1 : spdm_context = spdm_test_context->spdm_context;
973 1 : spdm_test_context->case_id = 0xA;
974 :
975 : /* Clear previous sessions */
976 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
977 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
978 : }
979 :
980 1 : spdm_context->connection_info.connection_state =
981 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
982 1 : spdm_context->connection_info.capability.flags |=
983 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
984 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
985 1 : spdm_context->local_context.capability.flags |=
986 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
987 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
988 1 : spdm_context->local_context.capability.flags |=
989 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
990 1 : spdm_context->connection_info.algorithm.base_hash_algo =
991 : m_libspdm_use_hash_algo;
992 1 : spdm_context->connection_info.algorithm.base_asym_algo =
993 : m_libspdm_use_asym_algo;
994 1 : spdm_context->connection_info.algorithm.measurement_spec =
995 : m_libspdm_use_measurement_spec;
996 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
997 : m_libspdm_use_measurement_hash_algo;
998 1 : spdm_context->connection_info.algorithm.dhe_named_group =
999 : m_libspdm_use_dhe_algo;
1000 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1001 : m_libspdm_use_aead_algo;
1002 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1003 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1004 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1005 : m_libspdm_use_asym_algo, &data1,
1006 : &data_size1, NULL, NULL);
1007 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1008 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1009 : data_size1;
1010 :
1011 1 : libspdm_reset_message_a(spdm_context);
1012 1 : spdm_context->local_context.mut_auth_requested = 0;
1013 :
1014 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1015 : m_libspdm_key_exchange_request5.random_data);
1016 1 : m_libspdm_key_exchange_request5.req_session_id = 0xFFFF;
1017 1 : m_libspdm_key_exchange_request5.reserved = 0;
1018 1 : ptr = m_libspdm_key_exchange_request5.exchange_data;
1019 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1020 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1021 : false);
1022 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1023 1 : ptr += dhe_key_size;
1024 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1025 1 : opaque_key_exchange_req_size =
1026 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1027 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1028 1 : ptr += sizeof(uint16_t);
1029 1 : libspdm_build_opaque_data_supported_version_data(
1030 : spdm_context, &opaque_key_exchange_req_size, ptr);
1031 1 : ptr += opaque_key_exchange_req_size;
1032 1 : response_size = sizeof(response);
1033 1 : status = libspdm_get_response_key_exchange(
1034 : spdm_context, m_libspdm_key_exchange_request5_size,
1035 : &m_libspdm_key_exchange_request5, &response_size, response);
1036 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1037 :
1038 1 : spdm_response = (void *)response;
1039 1 : assert_int_equal(spdm_response->header.request_response_code,
1040 : SPDM_ERROR);
1041 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1042 :
1043 1 : free(data1);
1044 1 : }
1045 :
1046 1 : void libspdm_test_responder_key_exchange_case11(void **state)
1047 : {
1048 : libspdm_return_t status;
1049 : libspdm_test_context_t *spdm_test_context;
1050 : libspdm_context_t *spdm_context;
1051 : size_t response_size;
1052 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1053 : spdm_key_exchange_response_t *spdm_response;
1054 : void *data1;
1055 : size_t data_size1;
1056 : uint8_t *ptr;
1057 : size_t dhe_key_size;
1058 : void *dhe_context;
1059 : size_t opaque_key_exchange_req_size;
1060 :
1061 1 : spdm_test_context = *state;
1062 1 : spdm_context = spdm_test_context->spdm_context;
1063 1 : spdm_test_context->case_id = 0xB;
1064 :
1065 : /* Clear previous sessions */
1066 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1067 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1068 : }
1069 :
1070 1 : spdm_context->connection_info.connection_state =
1071 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1072 :
1073 : /* Clear capabilities flag */
1074 1 : spdm_context->local_context.capability.flags &=
1075 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
1076 :
1077 : /*set capabilities flags */
1078 1 : spdm_context->connection_info.capability.flags |=
1079 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1080 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1081 1 : spdm_context->local_context.capability.flags |=
1082 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1083 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1084 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1085 : m_libspdm_use_hash_algo;
1086 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1087 : m_libspdm_use_asym_algo;
1088 1 : spdm_context->connection_info.algorithm.measurement_spec =
1089 : m_libspdm_use_measurement_spec;
1090 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1091 : m_libspdm_use_measurement_hash_algo;
1092 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1093 : m_libspdm_use_dhe_algo;
1094 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1095 : m_libspdm_use_aead_algo;
1096 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1097 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1098 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1099 : m_libspdm_use_asym_algo, &data1,
1100 : &data_size1, NULL, NULL);
1101 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1102 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1103 : data_size1;
1104 :
1105 1 : libspdm_reset_message_a(spdm_context);
1106 1 : spdm_context->local_context.mut_auth_requested = 0;
1107 :
1108 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1109 : m_libspdm_key_exchange_request3.random_data);
1110 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
1111 1 : m_libspdm_key_exchange_request3.reserved = 0;
1112 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
1113 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1114 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1115 : false);
1116 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1117 1 : ptr += dhe_key_size;
1118 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1119 1 : opaque_key_exchange_req_size =
1120 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1121 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1122 1 : ptr += sizeof(uint16_t);
1123 1 : libspdm_build_opaque_data_supported_version_data(
1124 : spdm_context, &opaque_key_exchange_req_size, ptr);
1125 1 : ptr += opaque_key_exchange_req_size;
1126 1 : response_size = sizeof(response);
1127 1 : status = libspdm_get_response_key_exchange(
1128 : spdm_context, m_libspdm_key_exchange_request3_size,
1129 : &m_libspdm_key_exchange_request3, &response_size, response);
1130 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1131 :
1132 1 : spdm_response = (void *)response;
1133 1 : assert_int_equal(spdm_response->header.request_response_code,
1134 : SPDM_ERROR);
1135 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1136 :
1137 1 : free(data1);
1138 1 : }
1139 :
1140 1 : void libspdm_test_responder_key_exchange_case14(void **state)
1141 : {
1142 : libspdm_return_t status;
1143 : libspdm_test_context_t *spdm_test_context;
1144 : libspdm_context_t *spdm_context;
1145 : size_t response_size;
1146 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1147 : spdm_key_exchange_response_t *spdm_response;
1148 : void *data1;
1149 : size_t data_size1;
1150 : void *data2;
1151 : size_t data_size2;
1152 : uint8_t *ptr;
1153 : size_t dhe_key_size;
1154 : void *dhe_context;
1155 : size_t opaque_key_exchange_req_size;
1156 :
1157 1 : spdm_test_context = *state;
1158 1 : spdm_context = spdm_test_context->spdm_context;
1159 1 : spdm_test_context->case_id = 0xE;
1160 :
1161 : /* Clear previous sessions */
1162 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1163 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1164 : }
1165 :
1166 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1167 1 : spdm_context->connection_info.capability.flags =
1168 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1169 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1170 1 : spdm_context->local_context.capability.flags =
1171 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1173 1 : spdm_context->connection_info.capability.flags |=
1174 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
1175 1 : spdm_context->local_context.capability.flags |=
1176 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
1177 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1178 : m_libspdm_use_hash_algo;
1179 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1180 : m_libspdm_use_asym_algo;
1181 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
1182 : m_libspdm_use_req_asym_algo;
1183 1 : spdm_context->connection_info.algorithm.measurement_spec =
1184 : m_libspdm_use_measurement_spec;
1185 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1186 : m_libspdm_use_measurement_hash_algo;
1187 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1188 : m_libspdm_use_dhe_algo;
1189 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1190 : m_libspdm_use_aead_algo;
1191 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1192 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1193 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1);
1194 1 : spdm_context->local_context.local_public_key_provision = data1;
1195 1 : spdm_context->local_context.local_public_key_provision_size = data_size1;
1196 1 : libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2);
1197 1 : spdm_context->local_context.peer_public_key_provision = data2;
1198 1 : spdm_context->local_context.peer_public_key_provision_size = data_size2;
1199 :
1200 1 : libspdm_reset_message_a(spdm_context);
1201 1 : spdm_context->local_context.mut_auth_requested = 0;
1202 :
1203 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1204 : m_libspdm_key_exchange_request7.random_data);
1205 1 : m_libspdm_key_exchange_request7.req_session_id = 0xFFFF;
1206 1 : m_libspdm_key_exchange_request7.reserved = 0;
1207 1 : ptr = m_libspdm_key_exchange_request7.exchange_data;
1208 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1209 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1210 : false);
1211 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1212 1 : ptr += dhe_key_size;
1213 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1214 1 : opaque_key_exchange_req_size =
1215 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1216 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1217 1 : ptr += sizeof(uint16_t);
1218 1 : libspdm_build_opaque_data_supported_version_data(
1219 : spdm_context, &opaque_key_exchange_req_size, ptr);
1220 1 : ptr += opaque_key_exchange_req_size;
1221 1 : response_size = sizeof(response);
1222 1 : status = libspdm_get_response_key_exchange(
1223 : spdm_context, m_libspdm_key_exchange_request7_size,
1224 : &m_libspdm_key_exchange_request7, &response_size, response);
1225 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1226 1 : assert_int_equal(
1227 : libspdm_secured_message_get_session_state(
1228 : spdm_context->session_info[0].secured_message_context),
1229 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1230 1 : spdm_response = (void *)response;
1231 1 : assert_int_equal(spdm_response->header.request_response_code,
1232 : SPDM_KEY_EXCHANGE_RSP);
1233 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1234 1 : free(data1);
1235 1 : free(data2);
1236 1 : }
1237 :
1238 1 : void libspdm_test_responder_key_exchange_case15(void **state)
1239 : {
1240 : libspdm_return_t status;
1241 : libspdm_test_context_t *spdm_test_context;
1242 : libspdm_context_t *spdm_context;
1243 : size_t response_size;
1244 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1245 : spdm_key_exchange_response_t *spdm_response;
1246 : void *data1;
1247 : size_t data_size1;
1248 : uint8_t *ptr;
1249 : size_t dhe_key_size;
1250 : void *dhe_context;
1251 : size_t opaque_key_exchange_req_size;
1252 : size_t opaque_key_exchange_rsp_size;
1253 :
1254 1 : spdm_test_context = *state;
1255 1 : spdm_context = spdm_test_context->spdm_context;
1256 1 : spdm_test_context->case_id = 0xF;
1257 :
1258 : /* Clear previous sessions */
1259 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1260 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1261 : }
1262 :
1263 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1264 1 : spdm_context->connection_info.capability.flags =
1265 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1266 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1267 1 : spdm_context->local_context.capability.flags =
1268 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1269 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1270 1 : spdm_context->connection_info.capability.flags |=
1271 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1272 1 : spdm_context->local_context.capability.flags |=
1273 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP |
1274 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1275 :
1276 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1277 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1278 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1279 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1280 : m_libspdm_use_measurement_hash_algo;
1281 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1282 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1283 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1284 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1285 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1286 : m_libspdm_use_asym_algo, &data1,
1287 : &data_size1, NULL, NULL);
1288 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1289 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1290 :
1291 1 : libspdm_reset_message_a(spdm_context);
1292 1 : spdm_context->local_context.mut_auth_requested = 0;
1293 :
1294 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1295 : m_libspdm_key_exchange_request1.random_data);
1296 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1297 1 : m_libspdm_key_exchange_request1.reserved = 0;
1298 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1299 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1300 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1301 : false);
1302 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1303 1 : ptr += dhe_key_size;
1304 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1305 1 : opaque_key_exchange_req_size =
1306 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1307 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1308 1 : ptr += sizeof(uint16_t);
1309 1 : libspdm_build_opaque_data_supported_version_data(
1310 : spdm_context, &opaque_key_exchange_req_size, ptr);
1311 1 : ptr += opaque_key_exchange_req_size;
1312 1 : response_size = sizeof(response);
1313 :
1314 : /* Required to compute response size independently */
1315 : opaque_key_exchange_rsp_size =
1316 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
1317 :
1318 1 : status = libspdm_get_response_key_exchange(
1319 : spdm_context, m_libspdm_key_exchange_request1_size,
1320 : &m_libspdm_key_exchange_request1, &response_size, response);
1321 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1322 1 : assert_int_equal(
1323 : libspdm_secured_message_get_session_state(
1324 : spdm_context->session_info[0].secured_message_context),
1325 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1326 1 : spdm_response = (void *)response;
1327 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1328 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1329 1 : assert_int_equal(response_size,
1330 : sizeof(spdm_key_exchange_response_t) +
1331 : dhe_key_size +
1332 : sizeof(uint16_t) +
1333 : opaque_key_exchange_rsp_size +
1334 : libspdm_get_asym_signature_size(
1335 : spdm_context->connection_info.algorithm.base_asym_algo)
1336 : );
1337 :
1338 1 : free(data1);
1339 1 : }
1340 :
1341 1 : void libspdm_test_responder_key_exchange_case16(void **state)
1342 : {
1343 : libspdm_return_t status;
1344 : libspdm_test_context_t *spdm_test_context;
1345 : libspdm_context_t *spdm_context;
1346 : size_t current_request_size;
1347 : size_t response_size;
1348 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1349 : spdm_key_exchange_response_t *spdm_response;
1350 : void *data1;
1351 : size_t data_size1;
1352 : uint8_t *ptr;
1353 : size_t dhe_key_size;
1354 : void *dhe_context;
1355 : size_t opaque_key_exchange_req_size;
1356 :
1357 1 : spdm_test_context = *state;
1358 1 : spdm_context = spdm_test_context->spdm_context;
1359 1 : spdm_test_context->case_id = 0x10;
1360 :
1361 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1362 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1363 : }
1364 :
1365 1 : spdm_context->connection_info.connection_state =
1366 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1367 1 : spdm_context->connection_info.capability.flags |=
1368 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1369 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1370 1 : spdm_context->local_context.capability.flags |=
1371 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1372 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1373 :
1374 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1375 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1376 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1377 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1378 : m_libspdm_use_measurement_hash_algo;
1379 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1380 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1381 :
1382 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1383 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1384 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1385 : m_libspdm_use_asym_algo, &data1,
1386 : &data_size1, NULL, NULL);
1387 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1388 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1389 :
1390 1 : libspdm_reset_message_a(spdm_context);
1391 1 : spdm_context->local_context.mut_auth_requested = 0;
1392 :
1393 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1394 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1395 1 : m_libspdm_key_exchange_request1.reserved = 0;
1396 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1397 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1398 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1399 : false);
1400 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1401 1 : ptr += dhe_key_size;
1402 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1403 1 : opaque_key_exchange_req_size =
1404 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1405 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1406 1 : ptr += sizeof(uint16_t);
1407 1 : libspdm_build_opaque_data_supported_version_data(
1408 : spdm_context, &opaque_key_exchange_req_size, ptr);
1409 1 : ptr += opaque_key_exchange_req_size;
1410 :
1411 1 : current_request_size = sizeof(spdm_key_exchange_request_t) + dhe_key_size +
1412 1 : sizeof(uint16_t) + opaque_key_exchange_req_size;
1413 1 : response_size = sizeof(response);
1414 1 : status = libspdm_get_response_key_exchange(
1415 : spdm_context, current_request_size, &m_libspdm_key_exchange_request1,
1416 : &response_size, response);
1417 :
1418 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1419 1 : assert_int_equal(
1420 : libspdm_secured_message_get_session_state(
1421 : spdm_context->session_info[0].secured_message_context),
1422 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1423 1 : spdm_response = (void *)response;
1424 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1425 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1426 :
1427 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1428 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
1429 : current_request_size + response_size);
1430 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
1431 : &m_libspdm_key_exchange_request1, current_request_size);
1432 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer +
1433 : current_request_size,
1434 : response, response_size);
1435 : #endif
1436 1 : free(data1);
1437 1 : }
1438 :
1439 1 : void libspdm_test_responder_key_exchange_case17(void **state)
1440 : {
1441 : libspdm_return_t status;
1442 : libspdm_test_context_t *spdm_test_context;
1443 : libspdm_context_t *spdm_context;
1444 : size_t response_size;
1445 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1446 : spdm_key_exchange_response_t *spdm_response;
1447 : void *data1;
1448 : size_t data_size1;
1449 : uint8_t *ptr;
1450 : size_t dhe_key_size;
1451 : void *dhe_context;
1452 : size_t opaque_key_exchange_req_size;
1453 :
1454 1 : spdm_test_context = *state;
1455 1 : spdm_context = spdm_test_context->spdm_context;
1456 1 : spdm_test_context->case_id = 0x11;
1457 1 : spdm_context->connection_info.connection_state =
1458 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1459 1 : spdm_context->connection_info.capability.flags |=
1460 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1461 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1462 1 : spdm_context->local_context.capability.flags |=
1463 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1464 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1465 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1466 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1467 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1468 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1469 : m_libspdm_use_measurement_hash_algo;
1470 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1471 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1472 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1473 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1474 1 : spdm_context->connection_info.algorithm.other_params_support =
1475 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1476 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1477 :
1478 1 : libspdm_session_info_init(spdm_context,
1479 1 : spdm_context->session_info,
1480 : INVALID_SESSION_ID, false);
1481 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1482 : m_libspdm_use_asym_algo, &data1,
1483 : &data_size1, NULL, NULL);
1484 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1485 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1486 :
1487 1 : libspdm_reset_message_a(spdm_context);
1488 1 : spdm_context->local_context.mut_auth_requested = 0;
1489 :
1490 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1491 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1492 1 : m_libspdm_key_exchange_request8.reserved = 0;
1493 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1494 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1495 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1496 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1497 : false);
1498 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1499 1 : ptr += dhe_key_size;
1500 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1501 1 : opaque_key_exchange_req_size =
1502 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1503 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1504 1 : ptr += sizeof(uint16_t);
1505 1 : libspdm_build_opaque_data_supported_version_data(
1506 : spdm_context, &opaque_key_exchange_req_size, ptr);
1507 1 : ptr += opaque_key_exchange_req_size;
1508 1 : response_size = sizeof(response);
1509 1 : status = libspdm_get_response_key_exchange(
1510 : spdm_context, m_libspdm_key_exchange_request8_size,
1511 : &m_libspdm_key_exchange_request8, &response_size, response);
1512 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1513 : m_libspdm_key_exchange_request8.session_policy);
1514 1 : spdm_response = (void *)response;
1515 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1516 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1517 1 : assert_int_equal(
1518 : libspdm_secured_message_get_session_state(
1519 : spdm_context->session_info[0].secured_message_context),
1520 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1521 1 : spdm_response = (void *)response;
1522 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1523 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1524 1 : free(data1);
1525 1 : }
1526 :
1527 : /**
1528 : * Test 18: SlotID in KEY_EXCHANGE request message is 9, but it should be 0xFF or between 0 and 7 inclusive.
1529 : * Expected Behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
1530 : **/
1531 1 : void libspdm_test_responder_key_exchange_case18(void **state)
1532 : {
1533 : libspdm_return_t status;
1534 : libspdm_test_context_t *spdm_test_context;
1535 : libspdm_context_t *spdm_context;
1536 : size_t response_size;
1537 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1538 : spdm_key_exchange_response_t *spdm_response;
1539 : void *data1;
1540 : size_t data_size1;
1541 : uint8_t *ptr;
1542 : size_t dhe_key_size;
1543 : void *dhe_context;
1544 : size_t opaque_key_exchange_req_size;
1545 :
1546 1 : spdm_test_context = *state;
1547 1 : spdm_context = spdm_test_context->spdm_context;
1548 1 : spdm_test_context->case_id = 0x12;
1549 1 : spdm_context->connection_info.connection_state =
1550 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1551 1 : spdm_context->connection_info.capability.flags |=
1552 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1553 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1554 1 : spdm_context->local_context.capability.flags |=
1555 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1556 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1557 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1558 : m_libspdm_use_hash_algo;
1559 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1560 : m_libspdm_use_asym_algo;
1561 1 : spdm_context->connection_info.algorithm.measurement_spec =
1562 : m_libspdm_use_measurement_spec;
1563 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1564 : m_libspdm_use_measurement_hash_algo;
1565 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1566 : m_libspdm_use_dhe_algo;
1567 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1568 : m_libspdm_use_aead_algo;
1569 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1570 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1571 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1572 : m_libspdm_use_asym_algo, &data1,
1573 : &data_size1, NULL, NULL);
1574 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1575 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1576 : data_size1;
1577 :
1578 1 : libspdm_reset_message_a(spdm_context);
1579 1 : spdm_context->local_context.mut_auth_requested = 0;
1580 :
1581 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1582 :
1583 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1584 : m_libspdm_key_exchange_request9.random_data);
1585 1 : m_libspdm_key_exchange_request9.req_session_id = 0xFFFF;
1586 1 : m_libspdm_key_exchange_request9.reserved = 0;
1587 1 : ptr = m_libspdm_key_exchange_request9.exchange_data;
1588 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1589 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1590 : false);
1591 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1592 1 : ptr += dhe_key_size;
1593 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1594 1 : opaque_key_exchange_req_size =
1595 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1596 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1597 1 : ptr += sizeof(uint16_t);
1598 1 : libspdm_build_opaque_data_supported_version_data(
1599 : spdm_context, &opaque_key_exchange_req_size, ptr);
1600 1 : ptr += opaque_key_exchange_req_size;
1601 1 : response_size = sizeof(response);
1602 1 : status = libspdm_get_response_key_exchange(
1603 : spdm_context, m_libspdm_key_exchange_request9_size,
1604 : &m_libspdm_key_exchange_request9, &response_size, response);
1605 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1606 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1607 1 : spdm_response = (void *)response;
1608 1 : assert_int_equal(spdm_response->header.request_response_code,
1609 : SPDM_ERROR);
1610 1 : assert_int_equal(spdm_response->header.param1,
1611 : SPDM_ERROR_CODE_INVALID_REQUEST);
1612 1 : assert_int_equal(spdm_response->header.param2, 0);
1613 1 : free(data1);
1614 1 : }
1615 :
1616 1 : void libspdm_test_responder_key_exchange_case19(void **state)
1617 : {
1618 : libspdm_return_t status;
1619 : libspdm_test_context_t *spdm_test_context;
1620 : libspdm_context_t *spdm_context;
1621 : size_t response_size;
1622 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1623 : spdm_key_exchange_response_t *spdm_response;
1624 : void *data1;
1625 : size_t data_size1;
1626 : uint8_t *ptr;
1627 : size_t dhe_key_size;
1628 : void *dhe_context;
1629 :
1630 1 : spdm_test_context = *state;
1631 1 : spdm_context = spdm_test_context->spdm_context;
1632 1 : spdm_test_context->case_id = 0x13;
1633 1 : spdm_context->response_state = 0;
1634 1 : spdm_context->connection_info.connection_state =
1635 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1636 1 : spdm_context->connection_info.capability.flags = 0;
1637 1 : spdm_context->connection_info.capability.flags |=
1638 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1639 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1640 1 : spdm_context->local_context.capability.flags = 0;
1641 1 : spdm_context->local_context.capability.flags |=
1642 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1643 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1644 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1645 : m_libspdm_use_hash_algo;
1646 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1647 : m_libspdm_use_asym_algo;
1648 1 : spdm_context->connection_info.algorithm.measurement_spec =
1649 : m_libspdm_use_measurement_spec;
1650 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1651 : m_libspdm_use_measurement_hash_algo;
1652 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1653 : m_libspdm_use_dhe_algo;
1654 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1655 : m_libspdm_use_aead_algo;
1656 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1657 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1658 1 : spdm_context->connection_info.algorithm.other_params_support =
1659 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1660 :
1661 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1662 : m_libspdm_use_asym_algo, &data1,
1663 : &data_size1, NULL, NULL);
1664 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1665 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1666 : data_size1;
1667 :
1668 1 : libspdm_reset_message_a(spdm_context);
1669 1 : spdm_context->local_context.mut_auth_requested = 0;
1670 :
1671 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1672 :
1673 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1674 : m_libspdm_key_exchange_request8.random_data);
1675 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1676 1 : m_libspdm_key_exchange_request8.reserved = 0;
1677 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1678 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1679 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1680 : false);
1681 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1682 1 : ptr += dhe_key_size;
1683 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1684 :
1685 : size_t opaque_data_size;
1686 : spdm_general_opaque_data_table_header_t
1687 : *spdm_general_opaque_data_table_header;
1688 : secured_message_opaque_element_table_header_t
1689 : *opaque_element_table_header;
1690 : secured_message_opaque_element_header_t
1691 : * secured_message_element_header;
1692 : uint8_t element_num;
1693 : uint8_t element_index;
1694 : size_t current_element_len;
1695 :
1696 1 : spdm_general_opaque_data_table_header =
1697 : (spdm_general_opaque_data_table_header_t *)(ptr + sizeof(uint16_t));
1698 1 : spdm_general_opaque_data_table_header->total_elements = 2;
1699 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1700 :
1701 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1702 1 : opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1703 :
1704 3 : for (element_index = 0; element_index < element_num; element_index++) {
1705 2 : opaque_element_table_header->id = SPDM_REGISTRY_ID_DMTF;
1706 2 : opaque_element_table_header->vendor_len = 0;
1707 : /* When opaque_element_data_len is not four byte aligned*/
1708 2 : opaque_element_table_header->opaque_element_data_len = 0xF;
1709 :
1710 2 : secured_message_element_header = (void *)(opaque_element_table_header + 1);
1711 2 : secured_message_element_header->sm_data_id =
1712 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_ID_SUPPORTED_VERSION;
1713 2 : secured_message_element_header->sm_data_version =
1714 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_DATA_VERSION;
1715 :
1716 2 : current_element_len = sizeof(secured_message_opaque_element_table_header_t) +
1717 2 : opaque_element_table_header->vendor_len +
1718 2 : sizeof(opaque_element_table_header->opaque_element_data_len) +
1719 2 : opaque_element_table_header->opaque_element_data_len;
1720 :
1721 : /*move to next element*/
1722 2 : opaque_element_table_header =
1723 : (secured_message_opaque_element_table_header_t *)
1724 : ((uint8_t *)opaque_element_table_header +
1725 : current_element_len);
1726 :
1727 2 : opaque_data_size += current_element_len;
1728 : }
1729 :
1730 1 : *(uint16_t *)ptr = (uint16_t)opaque_data_size;
1731 :
1732 1 : response_size = sizeof(response);
1733 1 : status = libspdm_get_response_key_exchange(
1734 : spdm_context, m_libspdm_key_exchange_request8_size,
1735 : &m_libspdm_key_exchange_request8, &response_size, response);
1736 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1737 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1738 1 : spdm_response = (void *)response;
1739 1 : assert_int_equal(spdm_response->header.request_response_code,
1740 : SPDM_ERROR);
1741 1 : assert_int_equal(spdm_response->header.param1,
1742 : SPDM_ERROR_CODE_INVALID_REQUEST);
1743 1 : assert_int_equal(spdm_response->header.param2, 0);
1744 1 : free(data1);
1745 1 : }
1746 :
1747 1 : void libspdm_test_responder_key_exchange_case20(void **state)
1748 : {
1749 : libspdm_return_t status;
1750 : libspdm_test_context_t *spdm_test_context;
1751 : libspdm_context_t *spdm_context;
1752 : size_t response_size;
1753 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1754 : spdm_key_exchange_response_t *spdm_response;
1755 : void *data1;
1756 : size_t data_size1;
1757 : uint8_t *ptr;
1758 : size_t dhe_key_size;
1759 : void *dhe_context;
1760 : size_t opaque_key_exchange_req_size;
1761 :
1762 1 : spdm_test_context = *state;
1763 1 : spdm_context = spdm_test_context->spdm_context;
1764 1 : spdm_test_context->case_id = 0x14;
1765 1 : spdm_context->connection_info.connection_state =
1766 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1767 1 : spdm_context->connection_info.capability.flags =
1768 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1769 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1770 1 : spdm_context->local_context.capability.flags =
1771 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1772 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1773 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1774 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1775 : m_libspdm_use_hash_algo;
1776 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1777 : m_libspdm_use_asym_algo;
1778 1 : spdm_context->connection_info.algorithm.measurement_spec =
1779 : m_libspdm_use_measurement_spec;
1780 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1781 : m_libspdm_use_measurement_hash_algo;
1782 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1783 : m_libspdm_use_dhe_algo;
1784 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1785 : m_libspdm_use_aead_algo;
1786 1 : spdm_context->connection_info.algorithm.other_params_support =
1787 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1788 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1789 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1790 :
1791 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1792 :
1793 1 : libspdm_session_info_init(spdm_context,
1794 1 : spdm_context->session_info,
1795 : INVALID_SESSION_ID, false);
1796 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1797 : m_libspdm_use_asym_algo, &data1,
1798 : &data_size1, NULL, NULL);
1799 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1800 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1801 :
1802 1 : libspdm_reset_message_a(spdm_context);
1803 1 : spdm_context->local_context.mut_auth_requested = 0;
1804 :
1805 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1806 : m_libspdm_key_exchange_request8.random_data);
1807 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1808 1 : m_libspdm_key_exchange_request8.reserved = 0;
1809 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1810 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1811 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1812 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1813 : false);
1814 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1815 1 : ptr += dhe_key_size;
1816 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1817 1 : opaque_key_exchange_req_size =
1818 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1819 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1820 1 : ptr += sizeof(uint16_t);
1821 1 : libspdm_build_opaque_data_supported_version_data(
1822 : spdm_context, &opaque_key_exchange_req_size, ptr);
1823 1 : ptr += opaque_key_exchange_req_size;
1824 1 : response_size = sizeof(response);
1825 1 : status = libspdm_get_response_key_exchange(
1826 : spdm_context, m_libspdm_key_exchange_request8_size,
1827 : &m_libspdm_key_exchange_request8, &response_size, response);
1828 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1829 : m_libspdm_key_exchange_request8.session_policy);
1830 1 : spdm_response = (void *)response;
1831 1 : assert_int_equal(spdm_response->header.spdm_version,
1832 : SPDM_MESSAGE_VERSION_12);
1833 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1834 1 : assert_int_equal(
1835 : libspdm_secured_message_get_session_state(
1836 : spdm_context->session_info[0].secured_message_context),
1837 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1838 1 : spdm_response = (void *)response;
1839 1 : assert_int_equal(spdm_response->header.request_response_code,
1840 : SPDM_KEY_EXCHANGE_RSP);
1841 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1842 1 : free(data1);
1843 1 : }
1844 :
1845 : /**
1846 : * Test 21: The key usage bit mask is not set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot
1847 : * Expected Behavior: get a SPDM_ERROR_CODE_INVALID_REQUEST return code
1848 : **/
1849 1 : void libspdm_test_responder_key_exchange_case21(void **state)
1850 : {
1851 : libspdm_return_t status;
1852 : libspdm_test_context_t *spdm_test_context;
1853 : libspdm_context_t *spdm_context;
1854 : size_t response_size;
1855 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1856 : spdm_key_exchange_response_t *spdm_response;
1857 : void *data1;
1858 : size_t data_size1;
1859 : uint8_t *ptr;
1860 : size_t dhe_key_size;
1861 : void *dhe_context;
1862 : size_t opaque_key_exchange_req_size;
1863 : uint8_t slot_id;
1864 :
1865 1 : spdm_test_context = *state;
1866 1 : spdm_context = spdm_test_context->spdm_context;
1867 1 : spdm_test_context->case_id = 0x15;
1868 1 : spdm_context->connection_info.connection_state =
1869 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1870 1 : spdm_context->connection_info.capability.flags |=
1871 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1872 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1873 1 : spdm_context->local_context.capability.flags |=
1874 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1875 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1876 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1877 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1878 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1879 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1880 : m_libspdm_use_measurement_hash_algo;
1881 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1882 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1883 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1884 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1885 1 : spdm_context->connection_info.algorithm.other_params_support =
1886 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1887 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1888 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
1889 :
1890 1 : libspdm_session_info_init(spdm_context,
1891 1 : spdm_context->session_info,
1892 : INVALID_SESSION_ID, false);
1893 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1894 : m_libspdm_use_asym_algo, &data1,
1895 : &data_size1, NULL, NULL);
1896 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1897 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1898 :
1899 1 : libspdm_reset_message_a(spdm_context);
1900 1 : spdm_context->local_context.mut_auth_requested = 0;
1901 :
1902 : /* If set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP can specify this certificate slot. If not set,
1903 : * the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot */
1904 1 : slot_id = 0;
1905 1 : m_libspdm_key_exchange_request10.header.param2 = slot_id;
1906 1 : spdm_context->local_context.local_key_usage_bit_mask[slot_id] =
1907 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
1908 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE;
1909 :
1910 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1911 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1912 1 : m_libspdm_key_exchange_request10.reserved = 0;
1913 1 : m_libspdm_key_exchange_request10.session_policy = 0xFF;
1914 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1915 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1916 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1917 : false);
1918 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1919 1 : ptr += dhe_key_size;
1920 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1921 1 : opaque_key_exchange_req_size =
1922 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1923 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1924 1 : ptr += sizeof(uint16_t);
1925 1 : libspdm_build_opaque_data_supported_version_data(
1926 : spdm_context, &opaque_key_exchange_req_size, ptr);
1927 1 : ptr += opaque_key_exchange_req_size;
1928 1 : response_size = sizeof(response);
1929 1 : status = libspdm_get_response_key_exchange(
1930 : spdm_context, m_libspdm_key_exchange_request10_size,
1931 : &m_libspdm_key_exchange_request10, &response_size, response);
1932 :
1933 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1934 1 : assert_int_equal (response_size, sizeof(spdm_error_response_t));
1935 1 : spdm_response = (void *)response;
1936 1 : assert_int_equal (spdm_response->header.request_response_code, SPDM_ERROR);
1937 1 : assert_int_equal (spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1938 1 : assert_int_equal (spdm_response->header.param2, 0);
1939 :
1940 1 : free(data1);
1941 1 : }
1942 :
1943 : /**
1944 : * Test 21: The Requester subscribes to all events supported by the Responder.
1945 : * Expected Behavior: Responder successfully subscribes the Requester to all events.
1946 : **/
1947 1 : static void libspdm_test_responder_key_exchange_case22(void **state)
1948 : {
1949 : #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP
1950 : libspdm_return_t status;
1951 : libspdm_test_context_t *spdm_test_context;
1952 : libspdm_context_t *spdm_context;
1953 : size_t response_size;
1954 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1955 : spdm_key_exchange_response_t *spdm_response;
1956 : void *data1;
1957 : size_t data_size1;
1958 : uint8_t *ptr;
1959 : size_t dhe_key_size;
1960 : void *dhe_context;
1961 : size_t opaque_key_exchange_req_size;
1962 :
1963 1 : spdm_test_context = *state;
1964 1 : spdm_context = spdm_test_context->spdm_context;
1965 1 : spdm_test_context->case_id = 0x16;
1966 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1967 1 : spdm_context->connection_info.capability.flags |=
1968 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1969 1 : spdm_context->local_context.capability.flags |=
1970 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1971 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP;
1972 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1973 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1974 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1975 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1976 : m_libspdm_use_measurement_hash_algo;
1977 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1978 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1979 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1980 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1981 1 : spdm_context->connection_info.algorithm.other_params_support =
1982 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1983 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
1984 1 : spdm_context->connection_info.multi_key_conn_rsp = false;
1985 :
1986 1 : libspdm_session_info_init(spdm_context, spdm_context->session_info, INVALID_SESSION_ID, false);
1987 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1988 : m_libspdm_use_asym_algo, &data1,
1989 : &data_size1, NULL, NULL);
1990 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1991 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1992 :
1993 1 : libspdm_reset_message_a(spdm_context);
1994 1 : spdm_context->local_context.mut_auth_requested = 0;
1995 :
1996 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1997 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1998 1 : m_libspdm_key_exchange_request10.reserved = 0;
1999 1 : m_libspdm_key_exchange_request10.session_policy =
2000 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_EVENT_ALL_POLICY;
2001 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2002 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2003 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2004 : false);
2005 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2006 1 : ptr += dhe_key_size;
2007 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2008 1 : opaque_key_exchange_req_size =
2009 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2010 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2011 1 : ptr += sizeof(uint16_t);
2012 1 : libspdm_build_opaque_data_supported_version_data(
2013 : spdm_context, &opaque_key_exchange_req_size, ptr);
2014 1 : ptr += opaque_key_exchange_req_size;
2015 1 : response_size = sizeof(response);
2016 :
2017 1 : status = libspdm_get_response_key_exchange(
2018 : spdm_context, m_libspdm_key_exchange_request10_size,
2019 : &m_libspdm_key_exchange_request10, &response_size, response);
2020 :
2021 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
2022 : m_libspdm_key_exchange_request10.session_policy);
2023 1 : spdm_response = (void *)response;
2024 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_13);
2025 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2026 1 : assert_int_equal(
2027 : libspdm_secured_message_get_session_state(
2028 : spdm_context->session_info[0].secured_message_context),
2029 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2030 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
2031 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
2032 1 : assert_true(g_event_all_subscribe && !g_event_all_unsubscribe);
2033 1 : free(data1);
2034 : #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */
2035 1 : }
2036 :
2037 1 : void libspdm_test_responder_key_exchange_case23(void **state)
2038 : {
2039 : libspdm_return_t status;
2040 : libspdm_test_context_t *spdm_test_context;
2041 : libspdm_context_t *spdm_context;
2042 : size_t response_size;
2043 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2044 : spdm_key_exchange_response_t *spdm_response;
2045 : void *data1;
2046 : size_t data_size1;
2047 : uint8_t *ptr;
2048 : size_t dhe_key_size;
2049 : void *dhe_context;
2050 : size_t opaque_key_exchange_req_size;
2051 :
2052 1 : spdm_test_context = *state;
2053 1 : spdm_context = spdm_test_context->spdm_context;
2054 1 : spdm_test_context->case_id = 0x17;
2055 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2056 1 : spdm_context->connection_info.capability.flags |=
2057 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2058 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2059 1 : spdm_context->local_context.capability.flags |=
2060 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2061 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2062 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2063 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2064 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2065 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2066 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2067 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2068 : m_libspdm_use_measurement_hash_algo;
2069 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2070 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2071 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2072 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2073 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2074 : m_libspdm_use_asym_algo, &data1,
2075 : &data_size1, NULL, NULL);
2076 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2077 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2078 :
2079 1 : libspdm_reset_message_a(spdm_context);
2080 1 : spdm_context->local_context.mut_auth_requested = 0;
2081 1 : spdm_context->local_context.mandatory_mut_auth = true;
2082 :
2083 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
2084 :
2085 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2086 : m_libspdm_key_exchange_request1.random_data);
2087 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
2088 1 : m_libspdm_key_exchange_request1.reserved = 0;
2089 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
2090 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2091 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2092 : false);
2093 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2094 1 : ptr += dhe_key_size;
2095 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2096 1 : opaque_key_exchange_req_size =
2097 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2098 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2099 1 : ptr += sizeof(uint16_t);
2100 1 : libspdm_build_opaque_data_supported_version_data(
2101 : spdm_context, &opaque_key_exchange_req_size, ptr);
2102 1 : ptr += opaque_key_exchange_req_size;
2103 1 : response_size = sizeof(response);
2104 1 : status = libspdm_get_response_key_exchange(
2105 : spdm_context, m_libspdm_key_exchange_request1_size,
2106 : &m_libspdm_key_exchange_request1, &response_size, response);
2107 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2108 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2109 1 : spdm_response = (void *)response;
2110 1 : assert_int_equal(spdm_response->header.request_response_code,
2111 : SPDM_ERROR);
2112 1 : assert_int_equal(spdm_response->header.param1,
2113 : SPDM_ERROR_CODE_UNSPECIFIED);
2114 1 : assert_int_equal(spdm_response->header.param2, 0);
2115 1 : free(data1);
2116 1 : }
2117 :
2118 :
2119 1 : void libspdm_test_responder_key_exchange_case24(void **state)
2120 : {
2121 : libspdm_return_t status;
2122 : libspdm_test_context_t *spdm_test_context;
2123 : libspdm_context_t *spdm_context;
2124 : size_t response_size;
2125 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2126 : spdm_key_exchange_response_t *spdm_response;
2127 : void *data1;
2128 : size_t data_size1;
2129 : uint8_t *ptr;
2130 : size_t dhe_key_size;
2131 : void *dhe_context;
2132 : size_t opaque_key_exchange_req_size;
2133 :
2134 1 : spdm_test_context = *state;
2135 1 : spdm_context = spdm_test_context->spdm_context;
2136 1 : spdm_test_context->case_id = 0x18;
2137 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2138 1 : spdm_context->connection_info.capability.flags |=
2139 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2140 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2141 1 : spdm_context->local_context.capability.flags |=
2142 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2143 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2144 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2145 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2146 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2147 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2148 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2149 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2150 : m_libspdm_use_measurement_hash_algo;
2151 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2152 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2153 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
2154 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2155 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2156 : m_libspdm_use_asym_algo, &data1,
2157 : &data_size1, NULL, NULL);
2158 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2159 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2160 :
2161 1 : libspdm_reset_message_a(spdm_context);
2162 1 : spdm_context->local_context.mut_auth_requested = 0;
2163 1 : spdm_context->local_context.mandatory_mut_auth = true;
2164 :
2165 1 : spdm_context->local_context.secured_message_version.spdm_version_count = 1;
2166 :
2167 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2168 : m_libspdm_key_exchange_request10.random_data);
2169 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
2170 1 : m_libspdm_key_exchange_request10.reserved = 0;
2171 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2172 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2173 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2174 : false);
2175 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2176 1 : ptr += dhe_key_size;
2177 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2178 1 : opaque_key_exchange_req_size =
2179 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2180 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2181 1 : ptr += sizeof(uint16_t);
2182 1 : libspdm_build_opaque_data_supported_version_data(
2183 : spdm_context, &opaque_key_exchange_req_size, ptr);
2184 1 : ptr += opaque_key_exchange_req_size;
2185 1 : response_size = sizeof(response);
2186 1 : status = libspdm_get_response_key_exchange(
2187 : spdm_context, m_libspdm_key_exchange_request10_size,
2188 : &m_libspdm_key_exchange_request10, &response_size, response);
2189 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2190 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2191 1 : spdm_response = (void *)response;
2192 1 : assert_int_equal(spdm_response->header.request_response_code,
2193 : SPDM_ERROR);
2194 1 : assert_int_equal(spdm_response->header.param1,
2195 : SPDM_ERROR_CODE_INVALID_POLICY);
2196 1 : assert_int_equal(spdm_response->header.param2, 0);
2197 1 : free(data1);
2198 1 : }
2199 :
2200 1 : int libspdm_responder_key_exchange_test_main(void)
2201 : {
2202 1 : const struct CMUnitTest spdm_responder_key_exchange_tests[] = {
2203 : /* Success Case*/
2204 : cmocka_unit_test(libspdm_test_responder_key_exchange_case1),
2205 : /* Bad request size*/
2206 : cmocka_unit_test(libspdm_test_responder_key_exchange_case2),
2207 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
2208 : cmocka_unit_test(libspdm_test_responder_key_exchange_case3),
2209 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
2210 : cmocka_unit_test(libspdm_test_responder_key_exchange_case4),
2211 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2212 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
2213 : cmocka_unit_test(libspdm_test_responder_key_exchange_case5),
2214 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
2215 : /* connection_state Check*/
2216 : cmocka_unit_test(libspdm_test_responder_key_exchange_case6),
2217 : /* Buffer reset*/
2218 : cmocka_unit_test(libspdm_test_responder_key_exchange_case7),
2219 : /* TCB measurement hash requested */
2220 : cmocka_unit_test(libspdm_test_responder_key_exchange_case8),
2221 : /* All measurement hash requested */
2222 : cmocka_unit_test(libspdm_test_responder_key_exchange_case9),
2223 : /* Reserved value in Measurement summary. Error + Invalid */
2224 : cmocka_unit_test(libspdm_test_responder_key_exchange_case10),
2225 : /* TCB measurement hash requested, measurement flag not set */
2226 : cmocka_unit_test(libspdm_test_responder_key_exchange_case11),
2227 : /* Request previously provisioned public key, slot 0xFF */
2228 : cmocka_unit_test(libspdm_test_responder_key_exchange_case14),
2229 : /* HANDSHAKE_IN_THE_CLEAR set for requester and responder */
2230 : cmocka_unit_test(libspdm_test_responder_key_exchange_case15),
2231 : /* Buffer verification*/
2232 : cmocka_unit_test(libspdm_test_responder_key_exchange_case16),
2233 : /* Successful response V1.2*/
2234 : cmocka_unit_test(libspdm_test_responder_key_exchange_case17),
2235 : /* Invalid SlotID in KEY_EXCHANGE request message*/
2236 : cmocka_unit_test(libspdm_test_responder_key_exchange_case18),
2237 : /* Only OpaqueDataFmt1 is supported, Bytes not aligned*/
2238 : cmocka_unit_test(libspdm_test_responder_key_exchange_case19),
2239 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
2240 : cmocka_unit_test(libspdm_test_responder_key_exchange_case20),
2241 : /* The key usage bit mask is not set, failed Case*/
2242 : cmocka_unit_test(libspdm_test_responder_key_exchange_case21),
2243 : cmocka_unit_test(libspdm_test_responder_key_exchange_case22),
2244 : /* The Responder requires mutual authentication, but the Requester does not support it */
2245 : cmocka_unit_test(libspdm_test_responder_key_exchange_case23),
2246 : cmocka_unit_test(libspdm_test_responder_key_exchange_case24),
2247 : };
2248 :
2249 1 : libspdm_test_context_t test_context = {
2250 : LIBSPDM_TEST_CONTEXT_VERSION,
2251 : false,
2252 : };
2253 :
2254 1 : libspdm_setup_test_context(&test_context);
2255 :
2256 1 : return cmocka_run_group_tests(spdm_responder_key_exchange_tests,
2257 : libspdm_unit_test_group_setup,
2258 : libspdm_unit_test_group_teardown);
2259 : }
2260 :
2261 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
