Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : #pragma pack(1)
14 : typedef struct {
15 : spdm_message_header_t header;
16 : uint16_t req_session_id;
17 : uint8_t session_policy;
18 : uint8_t reserved;
19 : uint8_t random_data[SPDM_RANDOM_DATA_SIZE];
20 : uint8_t exchange_data[LIBSPDM_MAX_DHE_KEY_SIZE];
21 : uint16_t opaque_length;
22 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
23 : } libspdm_key_exchange_request_mine_t;
24 : #pragma pack()
25 :
26 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request1 = {
27 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
28 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
29 : };
30 : size_t m_libspdm_key_exchange_request1_size = sizeof(m_libspdm_key_exchange_request1);
31 :
32 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request2 = {
33 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
34 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
35 : };
36 : size_t m_libspdm_key_exchange_request2_size = sizeof(spdm_key_exchange_request_t);
37 :
38 : /* Request TCB measurement hash */
39 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request3 = {
40 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
41 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0 },
42 : };
43 : size_t m_libspdm_key_exchange_request3_size = sizeof(m_libspdm_key_exchange_request3);
44 :
45 : /* Request all measurement hash */
46 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request4 = {
47 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
48 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0 },
49 : };
50 : size_t m_libspdm_key_exchange_request4_size = sizeof(m_libspdm_key_exchange_request4);
51 :
52 : /* Uses a reserved value in measurement hash */
53 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request5 = {
54 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
55 : 0x50, 0 },
56 : };
57 : size_t m_libspdm_key_exchange_request5_size = sizeof(m_libspdm_key_exchange_request5);
58 :
59 : /* Asks for certificate in slot 1 */
60 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request6 = {
61 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
62 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 1 },
63 : };
64 : size_t m_libspdm_key_exchange_request6_size = sizeof(m_libspdm_key_exchange_request6);
65 :
66 : /* Asks for previously provisioned raw public key */
67 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request7 = {
68 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
69 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF },
70 : };
71 : size_t m_libspdm_key_exchange_request7_size = sizeof(m_libspdm_key_exchange_request7);
72 :
73 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request8 = {
74 : { SPDM_MESSAGE_VERSION_12, SPDM_KEY_EXCHANGE,
75 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
76 : };
77 : size_t m_libspdm_key_exchange_request8_size = sizeof(m_libspdm_key_exchange_request8);
78 :
79 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request9 = {
80 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
81 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 9 },
82 : };
83 : size_t m_libspdm_key_exchange_request9_size = sizeof(m_libspdm_key_exchange_request9);
84 :
85 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request10 = {
86 : { SPDM_MESSAGE_VERSION_13, SPDM_KEY_EXCHANGE,
87 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
88 : };
89 : size_t m_libspdm_key_exchange_request10_size = sizeof(m_libspdm_key_exchange_request10);
90 :
91 : extern uint8_t g_key_exchange_start_mut_auth;
92 : extern bool g_mandatory_mut_auth;
93 : extern bool g_generate_key_exchange_opaque_data;
94 :
95 : extern bool g_event_all_subscribe;
96 : extern bool g_event_all_unsubscribe;
97 :
98 1 : static void rsp_key_exchange_rsp_case1(void **state)
99 : {
100 : libspdm_return_t status;
101 : libspdm_test_context_t *spdm_test_context;
102 : libspdm_context_t *spdm_context;
103 : size_t response_size;
104 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
105 : spdm_key_exchange_response_t *spdm_response;
106 : void *data1;
107 : size_t data_size1;
108 : uint8_t *ptr;
109 : size_t dhe_key_size;
110 : void *dhe_context;
111 : size_t opaque_key_exchange_req_size;
112 : uint32_t session_id;
113 :
114 1 : spdm_test_context = *state;
115 1 : spdm_context = spdm_test_context->spdm_context;
116 1 : spdm_test_context->case_id = 0x1;
117 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
118 1 : spdm_context->connection_info.capability.flags |=
119 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
120 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
121 1 : spdm_context->local_context.capability.flags |=
122 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
123 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
124 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
125 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
126 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
127 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
128 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
129 : m_libspdm_use_measurement_hash_algo;
130 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
131 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
132 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
133 : SPDM_VERSION_NUMBER_SHIFT_BIT;
134 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
135 : m_libspdm_use_asym_algo, &data1,
136 : &data_size1, NULL, NULL);
137 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
138 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
139 :
140 1 : libspdm_reset_message_a(spdm_context);
141 :
142 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
143 :
144 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
145 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
146 1 : m_libspdm_key_exchange_request1.reserved = 0;
147 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
148 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
149 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
150 : false);
151 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
152 1 : ptr += dhe_key_size;
153 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
154 1 : opaque_key_exchange_req_size =
155 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
156 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
157 1 : ptr += sizeof(uint16_t);
158 1 : libspdm_build_opaque_data_supported_version_data(
159 : spdm_context, &opaque_key_exchange_req_size, ptr);
160 1 : ptr += opaque_key_exchange_req_size;
161 1 : response_size = sizeof(response);
162 1 : status = libspdm_get_response_key_exchange(
163 : spdm_context, m_libspdm_key_exchange_request1_size,
164 : &m_libspdm_key_exchange_request1, &response_size, response);
165 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
166 1 : assert_int_equal(
167 : libspdm_secured_message_get_session_state(
168 : spdm_context->session_info[0].secured_message_context),
169 : LIBSPDM_SESSION_STATE_HANDSHAKING);
170 1 : spdm_response = (void *)response;
171 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
172 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
173 :
174 1 : session_id = (m_libspdm_key_exchange_request1.req_session_id << 16) |
175 1 : spdm_response->rsp_session_id;
176 1 : libspdm_free_session_id(spdm_context, session_id);
177 1 : free(data1);
178 1 : }
179 :
180 1 : static void rsp_key_exchange_rsp_case2(void **state)
181 : {
182 : libspdm_return_t status;
183 : libspdm_test_context_t *spdm_test_context;
184 : libspdm_context_t *spdm_context;
185 : size_t response_size;
186 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
187 : spdm_key_exchange_response_t *spdm_response;
188 : void *data1;
189 : size_t data_size1;
190 : uint8_t *ptr;
191 : size_t dhe_key_size;
192 : void *dhe_context;
193 : size_t opaque_key_exchange_req_size;
194 :
195 1 : spdm_test_context = *state;
196 1 : spdm_context = spdm_test_context->spdm_context;
197 1 : spdm_test_context->case_id = 0x2;
198 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
199 1 : spdm_context->connection_info.capability.flags |=
200 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
201 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
202 1 : spdm_context->local_context.capability.flags |=
203 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
204 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
205 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
206 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
207 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
208 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
209 : m_libspdm_use_measurement_hash_algo;
210 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
211 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
212 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
213 : SPDM_VERSION_NUMBER_SHIFT_BIT;
214 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
215 : m_libspdm_use_asym_algo, &data1,
216 : &data_size1, NULL, NULL);
217 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
218 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
219 :
220 1 : libspdm_reset_message_a(spdm_context);
221 :
222 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request2.random_data);
223 1 : m_libspdm_key_exchange_request2.req_session_id = 0xFFFF;
224 1 : m_libspdm_key_exchange_request2.reserved = 0;
225 1 : ptr = m_libspdm_key_exchange_request2.exchange_data;
226 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
227 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
228 : false);
229 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
230 1 : ptr += dhe_key_size;
231 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
232 1 : opaque_key_exchange_req_size =
233 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
234 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
235 1 : ptr += sizeof(uint16_t);
236 1 : libspdm_build_opaque_data_supported_version_data(
237 : spdm_context, &opaque_key_exchange_req_size, ptr);
238 1 : ptr += opaque_key_exchange_req_size;
239 1 : response_size = sizeof(response);
240 1 : status = libspdm_get_response_key_exchange(
241 : spdm_context, m_libspdm_key_exchange_request2_size,
242 : &m_libspdm_key_exchange_request2, &response_size, response);
243 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
244 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
245 1 : spdm_response = (void *)response;
246 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
247 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
248 1 : assert_int_equal(spdm_response->header.param2, 0);
249 1 : free(data1);
250 1 : }
251 :
252 1 : static void rsp_key_exchange_rsp_case3(void **state)
253 : {
254 : libspdm_return_t status;
255 : libspdm_test_context_t *spdm_test_context;
256 : libspdm_context_t *spdm_context;
257 : size_t response_size;
258 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
259 : spdm_key_exchange_response_t *spdm_response;
260 : void *data1;
261 : size_t data_size1;
262 : uint8_t *ptr;
263 : size_t dhe_key_size;
264 : void *dhe_context;
265 : size_t opaque_key_exchange_req_size;
266 :
267 1 : spdm_test_context = *state;
268 1 : spdm_context = spdm_test_context->spdm_context;
269 1 : spdm_test_context->case_id = 0x3;
270 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
271 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
272 1 : spdm_context->connection_info.capability.flags |=
273 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
274 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
275 1 : spdm_context->local_context.capability.flags |=
276 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
277 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
278 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
279 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
280 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
281 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
282 : m_libspdm_use_measurement_hash_algo;
283 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
284 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
285 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
286 : SPDM_VERSION_NUMBER_SHIFT_BIT;
287 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
288 : m_libspdm_use_asym_algo, &data1,
289 : &data_size1, NULL, NULL);
290 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
291 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
292 :
293 1 : libspdm_reset_message_a(spdm_context);
294 :
295 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
296 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
297 1 : m_libspdm_key_exchange_request1.reserved = 0;
298 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
299 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
300 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
301 : false);
302 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
303 1 : ptr += dhe_key_size;
304 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
305 1 : opaque_key_exchange_req_size =
306 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
307 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
308 1 : ptr += sizeof(uint16_t);
309 1 : libspdm_build_opaque_data_supported_version_data(
310 : spdm_context, &opaque_key_exchange_req_size, ptr);
311 1 : ptr += opaque_key_exchange_req_size;
312 1 : response_size = sizeof(response);
313 1 : status = libspdm_get_response_key_exchange(
314 : spdm_context, m_libspdm_key_exchange_request1_size,
315 : &m_libspdm_key_exchange_request1, &response_size, response);
316 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
317 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
318 1 : spdm_response = (void *)response;
319 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
320 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
321 1 : assert_int_equal(spdm_response->header.param2, 0);
322 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_BUSY);
323 1 : free(data1);
324 1 : }
325 :
326 1 : static void rsp_key_exchange_rsp_case4(void **state)
327 : {
328 : libspdm_return_t status;
329 : libspdm_test_context_t *spdm_test_context;
330 : libspdm_context_t *spdm_context;
331 : size_t response_size;
332 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
333 : spdm_key_exchange_response_t *spdm_response;
334 : void *data1;
335 : size_t data_size1;
336 : uint8_t *ptr;
337 : size_t dhe_key_size;
338 : void *dhe_context;
339 : size_t opaque_key_exchange_req_size;
340 :
341 1 : spdm_test_context = *state;
342 1 : spdm_context = spdm_test_context->spdm_context;
343 1 : spdm_test_context->case_id = 0x4;
344 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
345 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
346 1 : spdm_context->connection_info.capability.flags |=
347 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
348 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
349 1 : spdm_context->local_context.capability.flags |=
350 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
351 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
352 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
353 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
354 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
355 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
356 : m_libspdm_use_measurement_hash_algo;
357 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
358 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
359 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
360 : SPDM_VERSION_NUMBER_SHIFT_BIT;
361 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
362 : m_libspdm_use_asym_algo, &data1,
363 : &data_size1, NULL, NULL);
364 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
365 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
366 :
367 1 : libspdm_reset_message_a(spdm_context);
368 :
369 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
370 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
371 1 : m_libspdm_key_exchange_request1.reserved = 0;
372 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
373 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
374 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
375 : false);
376 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
377 1 : ptr += dhe_key_size;
378 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
379 1 : opaque_key_exchange_req_size =
380 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
381 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
382 1 : ptr += sizeof(uint16_t);
383 1 : libspdm_build_opaque_data_supported_version_data(
384 : spdm_context, &opaque_key_exchange_req_size, ptr);
385 1 : ptr += opaque_key_exchange_req_size;
386 1 : response_size = sizeof(response);
387 1 : status = libspdm_get_response_key_exchange(
388 : spdm_context, m_libspdm_key_exchange_request1_size,
389 : &m_libspdm_key_exchange_request1, &response_size, response);
390 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
391 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
392 1 : spdm_response = (void *)response;
393 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
394 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_REQUEST_RESYNCH);
395 1 : assert_int_equal(spdm_response->header.param2, 0);
396 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
397 1 : free(data1);
398 1 : }
399 :
400 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
401 1 : static void rsp_key_exchange_rsp_case5(void **state)
402 : {
403 : libspdm_return_t status;
404 : libspdm_test_context_t *spdm_test_context;
405 : libspdm_context_t *spdm_context;
406 : size_t response_size;
407 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
408 : spdm_key_exchange_response_t *spdm_response;
409 : void *data1;
410 : size_t data_size1;
411 : spdm_error_data_response_not_ready_t *error_data;
412 : uint8_t *ptr;
413 : size_t dhe_key_size;
414 : void *dhe_context;
415 : size_t opaque_key_exchange_req_size;
416 :
417 1 : spdm_test_context = *state;
418 1 : spdm_context = spdm_test_context->spdm_context;
419 1 : spdm_test_context->case_id = 0x5;
420 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
421 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
422 1 : spdm_context->connection_info.capability.flags |=
423 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
424 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
425 1 : spdm_context->local_context.capability.flags |=
426 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
427 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
428 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
429 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
430 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
431 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
432 : m_libspdm_use_measurement_hash_algo;
433 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
434 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
435 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
436 : SPDM_VERSION_NUMBER_SHIFT_BIT;
437 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
438 : m_libspdm_use_asym_algo, &data1,
439 : &data_size1, NULL, NULL);
440 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
441 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
442 :
443 1 : libspdm_reset_message_a(spdm_context);
444 :
445 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
446 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
447 1 : m_libspdm_key_exchange_request1.reserved = 0;
448 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
449 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
450 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
451 : false);
452 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
453 1 : ptr += dhe_key_size;
454 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
455 1 : opaque_key_exchange_req_size =
456 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
457 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
458 1 : ptr += sizeof(uint16_t);
459 1 : libspdm_build_opaque_data_supported_version_data(
460 : spdm_context, &opaque_key_exchange_req_size, ptr);
461 1 : ptr += opaque_key_exchange_req_size;
462 1 : response_size = sizeof(response);
463 1 : status = libspdm_get_response_key_exchange(
464 : spdm_context, m_libspdm_key_exchange_request1_size,
465 : &m_libspdm_key_exchange_request1, &response_size, response);
466 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
467 1 : assert_int_equal(response_size,
468 : sizeof(spdm_error_response_t) +
469 : sizeof(spdm_error_data_response_not_ready_t));
470 1 : spdm_response = (void *)response;
471 1 : error_data = (spdm_error_data_response_not_ready_t
472 : *)(&spdm_response->rsp_session_id);
473 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
474 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_RESPONSE_NOT_READY);
475 1 : assert_int_equal(spdm_response->header.param2, 0);
476 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_NOT_READY);
477 1 : assert_int_equal(error_data->request_code, SPDM_KEY_EXCHANGE);
478 1 : free(data1);
479 1 : }
480 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
481 :
482 1 : static void rsp_key_exchange_rsp_case6(void **state)
483 : {
484 : libspdm_return_t status;
485 : libspdm_test_context_t *spdm_test_context;
486 : libspdm_context_t *spdm_context;
487 : size_t response_size;
488 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
489 : spdm_key_exchange_response_t *spdm_response;
490 : void *data1;
491 : size_t data_size1;
492 : uint8_t *ptr;
493 : size_t dhe_key_size;
494 : void *dhe_context;
495 : size_t opaque_key_exchange_req_size;
496 :
497 1 : spdm_test_context = *state;
498 1 : spdm_context = spdm_test_context->spdm_context;
499 1 : spdm_test_context->case_id = 0x6;
500 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
501 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
502 1 : spdm_context->connection_info.capability.flags |=
503 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
504 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
505 1 : spdm_context->local_context.capability.flags |=
506 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
507 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
508 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
509 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
510 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
511 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
512 : m_libspdm_use_measurement_hash_algo;
513 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
514 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
515 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
516 : SPDM_VERSION_NUMBER_SHIFT_BIT;
517 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
518 : m_libspdm_use_asym_algo, &data1,
519 : &data_size1, NULL, NULL);
520 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
521 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
522 :
523 1 : libspdm_reset_message_a(spdm_context);
524 :
525 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
526 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
527 1 : m_libspdm_key_exchange_request1.reserved = 0;
528 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
529 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
530 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
531 : false);
532 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
533 1 : ptr += dhe_key_size;
534 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
535 1 : opaque_key_exchange_req_size =
536 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
537 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
538 1 : ptr += sizeof(uint16_t);
539 1 : libspdm_build_opaque_data_supported_version_data(
540 : spdm_context, &opaque_key_exchange_req_size, ptr);
541 1 : ptr += opaque_key_exchange_req_size;
542 1 : response_size = sizeof(response);
543 1 : status = libspdm_get_response_key_exchange(
544 : spdm_context, m_libspdm_key_exchange_request1_size,
545 : &m_libspdm_key_exchange_request1, &response_size, response);
546 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
547 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
548 1 : spdm_response = (void *)response;
549 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
550 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
551 1 : assert_int_equal(spdm_response->header.param2, 0);
552 1 : free(data1);
553 1 : }
554 :
555 1 : static void rsp_key_exchange_rsp_case7(void **state)
556 : {
557 : libspdm_return_t status;
558 : libspdm_test_context_t *spdm_test_context;
559 : libspdm_context_t *spdm_context;
560 : size_t response_size;
561 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
562 : spdm_key_exchange_response_t *spdm_response;
563 : void *data1;
564 : size_t data_size1;
565 : uint8_t *ptr;
566 : size_t dhe_key_size;
567 : void *dhe_context;
568 : size_t opaque_key_exchange_req_size;
569 :
570 1 : spdm_test_context = *state;
571 1 : spdm_context = spdm_test_context->spdm_context;
572 1 : spdm_test_context->case_id = 0x1;
573 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
574 1 : spdm_context->connection_info.capability.flags |=
575 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
576 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
577 1 : spdm_context->local_context.capability.flags |=
578 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
579 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
580 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
581 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
582 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
583 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
584 : m_libspdm_use_measurement_hash_algo;
585 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
586 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
587 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
588 : SPDM_VERSION_NUMBER_SHIFT_BIT;
589 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
590 : m_libspdm_use_asym_algo, &data1,
591 : &data_size1, NULL, NULL);
592 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
593 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
594 :
595 1 : libspdm_reset_message_a(spdm_context);
596 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
597 : spdm_context->transcript.message_m.buffer_size =
598 : spdm_context->transcript.message_m.max_buffer_size;
599 : spdm_context->transcript.message_b.buffer_size =
600 : spdm_context->transcript.message_b.max_buffer_size;
601 : spdm_context->transcript.message_c.buffer_size =
602 : spdm_context->transcript.message_c.max_buffer_size;
603 : spdm_context->transcript.message_mut_b.buffer_size =
604 : spdm_context->transcript.message_mut_b.max_buffer_size;
605 : spdm_context->transcript.message_mut_c.buffer_size =
606 : spdm_context->transcript.message_mut_c.max_buffer_size;
607 : #endif
608 :
609 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
610 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
611 1 : m_libspdm_key_exchange_request1.reserved = 0;
612 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
613 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
614 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
615 : false);
616 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
617 1 : ptr += dhe_key_size;
618 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
619 1 : opaque_key_exchange_req_size =
620 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
621 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
622 1 : ptr += sizeof(uint16_t);
623 1 : libspdm_build_opaque_data_supported_version_data(
624 : spdm_context, &opaque_key_exchange_req_size, ptr);
625 1 : ptr += opaque_key_exchange_req_size;
626 1 : response_size = sizeof(response);
627 1 : status = libspdm_get_response_key_exchange(
628 : spdm_context, m_libspdm_key_exchange_request1_size,
629 : &m_libspdm_key_exchange_request1, &response_size, response);
630 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
631 1 : assert_int_equal(
632 : libspdm_secured_message_get_session_state(
633 : spdm_context->session_info[0].secured_message_context),
634 : LIBSPDM_SESSION_STATE_HANDSHAKING);
635 1 : spdm_response = (void *)response;
636 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
637 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
638 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
639 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
640 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
641 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
642 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
643 : #endif
644 :
645 1 : free(data1);
646 1 : }
647 :
648 1 : static void rsp_key_exchange_rsp_case8(void **state)
649 : {
650 : libspdm_return_t status;
651 : libspdm_test_context_t *spdm_test_context;
652 : libspdm_context_t *spdm_context;
653 : size_t response_size;
654 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
655 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
656 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
657 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
658 : uint32_t measurement_summary_hash_size;
659 : spdm_key_exchange_response_t *spdm_response;
660 : void *data1;
661 : size_t data_size1;
662 : uint8_t *ptr;
663 : size_t dhe_key_size;
664 : void *dhe_context;
665 : size_t opaque_key_exchange_req_size;
666 : bool result;
667 :
668 1 : spdm_test_context = *state;
669 1 : spdm_context = spdm_test_context->spdm_context;
670 1 : spdm_test_context->case_id = 0x8;
671 :
672 : /* Clear previous sessions */
673 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
674 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
675 : }
676 :
677 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
678 1 : spdm_context->connection_info.capability.flags |=
679 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
680 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
681 1 : spdm_context->local_context.capability.flags |=
682 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
683 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
684 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
685 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
686 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
687 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
688 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
689 : m_libspdm_use_measurement_hash_algo;
690 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
691 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
692 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
693 : SPDM_VERSION_NUMBER_SHIFT_BIT;
694 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
695 : m_libspdm_use_asym_algo, &data1,
696 : &data_size1, NULL, NULL);
697 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
698 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
699 :
700 1 : libspdm_reset_message_a(spdm_context);
701 :
702 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request3.random_data);
703 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
704 1 : m_libspdm_key_exchange_request3.reserved = 0;
705 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
706 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
707 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
708 : false);
709 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
710 1 : ptr += dhe_key_size;
711 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
712 1 : opaque_key_exchange_req_size =
713 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
714 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
715 1 : ptr += sizeof(uint16_t);
716 1 : libspdm_build_opaque_data_supported_version_data(
717 : spdm_context, &opaque_key_exchange_req_size, ptr);
718 1 : ptr += opaque_key_exchange_req_size;
719 1 : response_size = sizeof(response);
720 1 : status = libspdm_get_response_key_exchange(
721 : spdm_context, m_libspdm_key_exchange_request3_size,
722 : &m_libspdm_key_exchange_request3, &response_size, response);
723 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
724 1 : assert_int_equal(
725 : libspdm_secured_message_get_session_state(
726 : spdm_context->session_info[0].secured_message_context),
727 : LIBSPDM_SESSION_STATE_HANDSHAKING);
728 1 : spdm_response = (void *)response;
729 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
730 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
731 :
732 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
733 1 : spdm_context, false, m_libspdm_key_exchange_request3.header.param1);
734 :
735 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
736 1 : result = libspdm_generate_measurement_summary_hash(
737 : spdm_context,
738 1 : spdm_context->connection_info.version,
739 : spdm_context->connection_info.algorithm.base_hash_algo,
740 1 : spdm_context->connection_info.algorithm.measurement_spec,
741 : spdm_context->connection_info.algorithm.measurement_hash_algo,
742 1 : m_libspdm_key_exchange_request3.header.param1,
743 : measurement_hash,
744 : measurement_summary_hash_size);
745 :
746 1 : assert_true(result);
747 :
748 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
749 : measurement_hash, measurement_summary_hash_size);
750 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
751 1 : free(data1);
752 1 : }
753 :
754 1 : static void rsp_key_exchange_rsp_case9(void **state)
755 : {
756 : libspdm_return_t status;
757 : libspdm_test_context_t *spdm_test_context;
758 : libspdm_context_t *spdm_context;
759 : size_t response_size;
760 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
761 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
762 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
763 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
764 : uint32_t measurement_summary_hash_size;
765 : spdm_key_exchange_response_t *spdm_response;
766 : void *data1;
767 : size_t data_size1;
768 : uint8_t *ptr;
769 : size_t dhe_key_size;
770 : void *dhe_context;
771 : size_t opaque_key_exchange_req_size;
772 : uint32_t session_id;
773 : bool result;
774 :
775 1 : spdm_test_context = *state;
776 1 : spdm_context = spdm_test_context->spdm_context;
777 1 : spdm_test_context->case_id = 0x9;
778 :
779 : /* Clear previous sessions */
780 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
781 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
782 : }
783 :
784 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
785 1 : spdm_context->connection_info.capability.flags |=
786 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
787 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
788 1 : spdm_context->local_context.capability.flags |=
789 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
790 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
791 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
792 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
793 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
794 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
795 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
796 : m_libspdm_use_measurement_hash_algo;
797 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
798 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
799 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
800 : SPDM_VERSION_NUMBER_SHIFT_BIT;
801 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
802 : m_libspdm_use_asym_algo, &data1,
803 : &data_size1, NULL, NULL);
804 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
805 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
806 :
807 1 : libspdm_reset_message_a(spdm_context);
808 :
809 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request4.random_data);
810 1 : m_libspdm_key_exchange_request4.req_session_id = 0xFFFF;
811 1 : m_libspdm_key_exchange_request4.reserved = 0;
812 1 : ptr = m_libspdm_key_exchange_request4.exchange_data;
813 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
814 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
815 : false);
816 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
817 1 : ptr += dhe_key_size;
818 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
819 1 : opaque_key_exchange_req_size =
820 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
821 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
822 1 : ptr += sizeof(uint16_t);
823 1 : libspdm_build_opaque_data_supported_version_data(
824 : spdm_context, &opaque_key_exchange_req_size, ptr);
825 1 : ptr += opaque_key_exchange_req_size;
826 1 : response_size = sizeof(response);
827 1 : status = libspdm_get_response_key_exchange(
828 : spdm_context, m_libspdm_key_exchange_request4_size,
829 : &m_libspdm_key_exchange_request4, &response_size, response);
830 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
831 1 : assert_int_equal(
832 : libspdm_secured_message_get_session_state(
833 : spdm_context->session_info[0].secured_message_context),
834 : LIBSPDM_SESSION_STATE_HANDSHAKING);
835 1 : spdm_response = (void *)response;
836 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
837 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
838 :
839 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
840 1 : spdm_context, false, m_libspdm_key_exchange_request4.header.param1);
841 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
842 1 : result = libspdm_generate_measurement_summary_hash(
843 : spdm_context,
844 1 : spdm_context->connection_info.version,
845 : spdm_context->connection_info.algorithm.base_hash_algo,
846 1 : spdm_context->connection_info.algorithm.measurement_spec,
847 : spdm_context->connection_info.algorithm.measurement_hash_algo,
848 1 : m_libspdm_key_exchange_request4.header.param1,
849 : measurement_hash,
850 : measurement_summary_hash_size);
851 :
852 1 : assert_true(result);
853 :
854 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
855 : measurement_hash, measurement_summary_hash_size);
856 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
857 :
858 1 : session_id = (m_libspdm_key_exchange_request4.req_session_id << 16) |
859 1 : spdm_response->rsp_session_id;
860 1 : libspdm_free_session_id(spdm_context, session_id);
861 :
862 1 : free(data1);
863 1 : }
864 :
865 1 : static void rsp_key_exchange_rsp_case10(void **state)
866 : {
867 : libspdm_return_t status;
868 : libspdm_test_context_t *spdm_test_context;
869 : libspdm_context_t *spdm_context;
870 : size_t response_size;
871 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
872 : spdm_key_exchange_response_t *spdm_response;
873 : void *data1;
874 : size_t data_size1;
875 : uint8_t *ptr;
876 : size_t dhe_key_size;
877 : void *dhe_context;
878 : size_t opaque_key_exchange_req_size;
879 :
880 1 : spdm_test_context = *state;
881 1 : spdm_context = spdm_test_context->spdm_context;
882 1 : spdm_test_context->case_id = 0xA;
883 :
884 : /* Clear previous sessions */
885 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
886 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
887 : }
888 :
889 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
890 1 : spdm_context->connection_info.capability.flags |=
891 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
892 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
893 1 : spdm_context->local_context.capability.flags |=
894 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
895 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
896 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
897 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
898 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
899 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
900 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
901 : m_libspdm_use_measurement_hash_algo;
902 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
903 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
904 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
905 : SPDM_VERSION_NUMBER_SHIFT_BIT;
906 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
907 : m_libspdm_use_asym_algo, &data1,
908 : &data_size1, NULL, NULL);
909 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
910 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
911 :
912 1 : libspdm_reset_message_a(spdm_context);
913 :
914 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request5.random_data);
915 1 : m_libspdm_key_exchange_request5.req_session_id = 0xFFFF;
916 1 : m_libspdm_key_exchange_request5.reserved = 0;
917 1 : ptr = m_libspdm_key_exchange_request5.exchange_data;
918 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
919 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
920 : false);
921 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
922 1 : ptr += dhe_key_size;
923 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
924 1 : opaque_key_exchange_req_size =
925 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
926 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
927 1 : ptr += sizeof(uint16_t);
928 1 : libspdm_build_opaque_data_supported_version_data(
929 : spdm_context, &opaque_key_exchange_req_size, ptr);
930 1 : ptr += opaque_key_exchange_req_size;
931 1 : response_size = sizeof(response);
932 1 : status = libspdm_get_response_key_exchange(
933 : spdm_context, m_libspdm_key_exchange_request5_size,
934 : &m_libspdm_key_exchange_request5, &response_size, response);
935 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
936 :
937 1 : spdm_response = (void *)response;
938 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
939 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
940 :
941 1 : free(data1);
942 1 : }
943 :
944 1 : static void rsp_key_exchange_rsp_case11(void **state)
945 : {
946 : libspdm_return_t status;
947 : libspdm_test_context_t *spdm_test_context;
948 : libspdm_context_t *spdm_context;
949 : size_t response_size;
950 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
951 : spdm_key_exchange_response_t *spdm_response;
952 : void *data1;
953 : size_t data_size1;
954 : uint8_t *ptr;
955 : size_t dhe_key_size;
956 : void *dhe_context;
957 : size_t opaque_key_exchange_req_size;
958 :
959 1 : spdm_test_context = *state;
960 1 : spdm_context = spdm_test_context->spdm_context;
961 1 : spdm_test_context->case_id = 0xB;
962 :
963 : /* Clear previous sessions */
964 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
965 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
966 : }
967 :
968 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
969 :
970 : /* Clear capabilities flag */
971 1 : spdm_context->local_context.capability.flags &= ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
972 :
973 : /*set capabilities flags */
974 1 : spdm_context->connection_info.capability.flags |=
975 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
976 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
977 1 : spdm_context->local_context.capability.flags |=
978 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
979 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
980 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
981 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
982 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
983 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
984 : m_libspdm_use_measurement_hash_algo;
985 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
986 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
987 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
988 : SPDM_VERSION_NUMBER_SHIFT_BIT;
989 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
990 : m_libspdm_use_asym_algo, &data1,
991 : &data_size1, NULL, NULL);
992 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
993 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
994 :
995 1 : libspdm_reset_message_a(spdm_context);
996 :
997 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request3.random_data);
998 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
999 1 : m_libspdm_key_exchange_request3.reserved = 0;
1000 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
1001 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1002 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1003 : false);
1004 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1005 1 : ptr += dhe_key_size;
1006 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1007 1 : opaque_key_exchange_req_size =
1008 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1009 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1010 1 : ptr += sizeof(uint16_t);
1011 1 : libspdm_build_opaque_data_supported_version_data(
1012 : spdm_context, &opaque_key_exchange_req_size, ptr);
1013 1 : ptr += opaque_key_exchange_req_size;
1014 1 : response_size = sizeof(response);
1015 1 : status = libspdm_get_response_key_exchange(
1016 : spdm_context, m_libspdm_key_exchange_request3_size,
1017 : &m_libspdm_key_exchange_request3, &response_size, response);
1018 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1019 :
1020 1 : spdm_response = (void *)response;
1021 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1022 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1023 :
1024 1 : free(data1);
1025 1 : }
1026 :
1027 1 : static void rsp_key_exchange_rsp_case14(void **state)
1028 : {
1029 : libspdm_return_t status;
1030 : libspdm_test_context_t *spdm_test_context;
1031 : libspdm_context_t *spdm_context;
1032 : size_t response_size;
1033 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1034 : spdm_key_exchange_response_t *spdm_response;
1035 : void *data1;
1036 : size_t data_size1;
1037 : void *data2;
1038 : size_t data_size2;
1039 : uint8_t *ptr;
1040 : size_t dhe_key_size;
1041 : void *dhe_context;
1042 : size_t opaque_key_exchange_req_size;
1043 :
1044 1 : spdm_test_context = *state;
1045 1 : spdm_context = spdm_test_context->spdm_context;
1046 1 : spdm_test_context->case_id = 0xE;
1047 :
1048 : /* Clear previous sessions */
1049 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1050 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1051 : }
1052 :
1053 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1054 1 : spdm_context->connection_info.capability.flags =
1055 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1056 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1057 1 : spdm_context->local_context.capability.flags =
1058 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1059 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1060 1 : spdm_context->connection_info.capability.flags |=
1061 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
1062 1 : spdm_context->local_context.capability.flags |=
1063 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
1064 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1065 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1066 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1067 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1068 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1069 : m_libspdm_use_measurement_hash_algo;
1070 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1071 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1072 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1073 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1074 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1);
1075 1 : spdm_context->local_context.local_public_key_provision = data1;
1076 1 : spdm_context->local_context.local_public_key_provision_size = data_size1;
1077 1 : libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2);
1078 1 : spdm_context->local_context.peer_public_key_provision = data2;
1079 1 : spdm_context->local_context.peer_public_key_provision_size = data_size2;
1080 :
1081 1 : libspdm_reset_message_a(spdm_context);
1082 :
1083 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request7.random_data);
1084 1 : m_libspdm_key_exchange_request7.req_session_id = 0xFFFF;
1085 1 : m_libspdm_key_exchange_request7.reserved = 0;
1086 1 : ptr = m_libspdm_key_exchange_request7.exchange_data;
1087 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1088 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1089 : false);
1090 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1091 1 : ptr += dhe_key_size;
1092 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1093 1 : opaque_key_exchange_req_size =
1094 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1095 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1096 1 : ptr += sizeof(uint16_t);
1097 1 : libspdm_build_opaque_data_supported_version_data(
1098 : spdm_context, &opaque_key_exchange_req_size, ptr);
1099 1 : ptr += opaque_key_exchange_req_size;
1100 1 : response_size = sizeof(response);
1101 1 : status = libspdm_get_response_key_exchange(
1102 : spdm_context, m_libspdm_key_exchange_request7_size,
1103 : &m_libspdm_key_exchange_request7, &response_size, response);
1104 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1105 1 : assert_int_equal(
1106 : libspdm_secured_message_get_session_state(
1107 : spdm_context->session_info[0].secured_message_context),
1108 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1109 1 : spdm_response = (void *)response;
1110 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1111 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1112 1 : free(data1);
1113 1 : free(data2);
1114 1 : }
1115 :
1116 1 : static void rsp_key_exchange_rsp_case15(void **state)
1117 : {
1118 : libspdm_return_t status;
1119 : libspdm_test_context_t *spdm_test_context;
1120 : libspdm_context_t *spdm_context;
1121 : size_t response_size;
1122 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1123 : spdm_key_exchange_response_t *spdm_response;
1124 : void *data1;
1125 : size_t data_size1;
1126 : uint8_t *ptr;
1127 : size_t dhe_key_size;
1128 : void *dhe_context;
1129 : size_t opaque_key_exchange_req_size;
1130 : size_t opaque_key_exchange_rsp_size;
1131 :
1132 1 : spdm_test_context = *state;
1133 1 : spdm_context = spdm_test_context->spdm_context;
1134 1 : spdm_test_context->case_id = 0xF;
1135 :
1136 : /* Clear previous sessions */
1137 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1138 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1139 : }
1140 :
1141 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1142 1 : spdm_context->connection_info.capability.flags =
1143 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1144 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1145 1 : spdm_context->local_context.capability.flags =
1146 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1147 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1148 1 : spdm_context->connection_info.capability.flags |=
1149 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1150 1 : spdm_context->local_context.capability.flags |=
1151 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP |
1152 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1153 :
1154 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1155 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1156 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1157 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1158 : m_libspdm_use_measurement_hash_algo;
1159 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1160 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1161 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1162 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1163 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1164 : m_libspdm_use_asym_algo, &data1,
1165 : &data_size1, NULL, NULL);
1166 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1167 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1168 :
1169 1 : libspdm_reset_message_a(spdm_context);
1170 :
1171 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1172 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1173 1 : m_libspdm_key_exchange_request1.reserved = 0;
1174 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1175 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1176 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1177 : false);
1178 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1179 1 : ptr += dhe_key_size;
1180 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1181 1 : opaque_key_exchange_req_size =
1182 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1183 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1184 1 : ptr += sizeof(uint16_t);
1185 1 : libspdm_build_opaque_data_supported_version_data(
1186 : spdm_context, &opaque_key_exchange_req_size, ptr);
1187 1 : ptr += opaque_key_exchange_req_size;
1188 1 : response_size = sizeof(response);
1189 :
1190 : /* Required to compute response size independently */
1191 : opaque_key_exchange_rsp_size =
1192 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
1193 :
1194 1 : status = libspdm_get_response_key_exchange(
1195 : spdm_context, m_libspdm_key_exchange_request1_size,
1196 : &m_libspdm_key_exchange_request1, &response_size, response);
1197 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1198 1 : assert_int_equal(
1199 : libspdm_secured_message_get_session_state(
1200 : spdm_context->session_info[0].secured_message_context),
1201 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1202 1 : spdm_response = (void *)response;
1203 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1204 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1205 1 : assert_int_equal(response_size,
1206 : sizeof(spdm_key_exchange_response_t) +
1207 : dhe_key_size +
1208 : sizeof(uint16_t) +
1209 : opaque_key_exchange_rsp_size +
1210 : libspdm_get_asym_signature_size(
1211 : spdm_context->connection_info.algorithm.base_asym_algo)
1212 : );
1213 :
1214 1 : free(data1);
1215 1 : }
1216 :
1217 1 : static void rsp_key_exchange_rsp_case16(void **state)
1218 : {
1219 : libspdm_return_t status;
1220 : libspdm_test_context_t *spdm_test_context;
1221 : libspdm_context_t *spdm_context;
1222 : size_t current_request_size;
1223 : size_t response_size;
1224 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1225 : spdm_key_exchange_response_t *spdm_response;
1226 : void *data1;
1227 : size_t data_size1;
1228 : uint8_t *ptr;
1229 : size_t dhe_key_size;
1230 : void *dhe_context;
1231 : size_t opaque_key_exchange_req_size;
1232 :
1233 1 : spdm_test_context = *state;
1234 1 : spdm_context = spdm_test_context->spdm_context;
1235 1 : spdm_test_context->case_id = 0x10;
1236 :
1237 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1238 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1239 : }
1240 :
1241 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1242 1 : spdm_context->connection_info.capability.flags |=
1243 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1244 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1245 1 : spdm_context->local_context.capability.flags |=
1246 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1247 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1248 :
1249 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1250 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1251 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1252 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1253 : m_libspdm_use_measurement_hash_algo;
1254 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1255 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1256 :
1257 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1258 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1259 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1260 : m_libspdm_use_asym_algo, &data1,
1261 : &data_size1, NULL, NULL);
1262 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1263 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1264 :
1265 1 : libspdm_reset_message_a(spdm_context);
1266 :
1267 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1268 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1269 1 : m_libspdm_key_exchange_request1.reserved = 0;
1270 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1271 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1272 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1273 : false);
1274 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1275 1 : ptr += dhe_key_size;
1276 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1277 1 : opaque_key_exchange_req_size =
1278 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1279 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1280 1 : ptr += sizeof(uint16_t);
1281 1 : libspdm_build_opaque_data_supported_version_data(
1282 : spdm_context, &opaque_key_exchange_req_size, ptr);
1283 1 : ptr += opaque_key_exchange_req_size;
1284 :
1285 1 : current_request_size = sizeof(spdm_key_exchange_request_t) + dhe_key_size +
1286 1 : sizeof(uint16_t) + opaque_key_exchange_req_size;
1287 1 : response_size = sizeof(response);
1288 1 : status = libspdm_get_response_key_exchange(
1289 : spdm_context, current_request_size, &m_libspdm_key_exchange_request1,
1290 : &response_size, response);
1291 :
1292 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1293 1 : assert_int_equal(
1294 : libspdm_secured_message_get_session_state(
1295 : spdm_context->session_info[0].secured_message_context),
1296 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1297 1 : spdm_response = (void *)response;
1298 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1299 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1300 :
1301 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1302 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
1303 : current_request_size + response_size);
1304 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
1305 : &m_libspdm_key_exchange_request1, current_request_size);
1306 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer +
1307 : current_request_size,
1308 : response, response_size);
1309 : #endif
1310 1 : free(data1);
1311 1 : }
1312 :
1313 1 : static void rsp_key_exchange_rsp_case17(void **state)
1314 : {
1315 : libspdm_return_t status;
1316 : libspdm_test_context_t *spdm_test_context;
1317 : libspdm_context_t *spdm_context;
1318 : size_t response_size;
1319 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1320 : spdm_key_exchange_response_t *spdm_response;
1321 : void *data1;
1322 : size_t data_size1;
1323 : uint8_t *ptr;
1324 : size_t dhe_key_size;
1325 : void *dhe_context;
1326 : size_t opaque_key_exchange_req_size;
1327 :
1328 1 : spdm_test_context = *state;
1329 1 : spdm_context = spdm_test_context->spdm_context;
1330 1 : spdm_test_context->case_id = 0x11;
1331 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1332 1 : spdm_context->connection_info.capability.flags |=
1333 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1334 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1335 1 : spdm_context->local_context.capability.flags |=
1336 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1337 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1338 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1339 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1340 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1341 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1342 : m_libspdm_use_measurement_hash_algo;
1343 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1344 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1345 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1346 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1347 1 : spdm_context->connection_info.algorithm.other_params_support =
1348 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1349 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1350 :
1351 1 : libspdm_session_info_init(spdm_context,
1352 1 : spdm_context->session_info,
1353 : 0,
1354 : INVALID_SESSION_ID, false);
1355 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1356 : m_libspdm_use_asym_algo, &data1,
1357 : &data_size1, NULL, NULL);
1358 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1359 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1360 :
1361 1 : libspdm_reset_message_a(spdm_context);
1362 :
1363 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1364 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1365 1 : m_libspdm_key_exchange_request8.reserved = 0;
1366 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1367 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1368 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1369 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1370 : false);
1371 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1372 1 : ptr += dhe_key_size;
1373 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1374 1 : opaque_key_exchange_req_size =
1375 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1376 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1377 1 : ptr += sizeof(uint16_t);
1378 1 : libspdm_build_opaque_data_supported_version_data(
1379 : spdm_context, &opaque_key_exchange_req_size, ptr);
1380 1 : ptr += opaque_key_exchange_req_size;
1381 1 : response_size = sizeof(response);
1382 1 : status = libspdm_get_response_key_exchange(
1383 : spdm_context, m_libspdm_key_exchange_request8_size,
1384 : &m_libspdm_key_exchange_request8, &response_size, response);
1385 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1386 : m_libspdm_key_exchange_request8.session_policy);
1387 1 : spdm_response = (void *)response;
1388 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1389 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1390 1 : assert_int_equal(
1391 : libspdm_secured_message_get_session_state(
1392 : spdm_context->session_info[0].secured_message_context),
1393 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1394 1 : spdm_response = (void *)response;
1395 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1396 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1397 1 : free(data1);
1398 1 : }
1399 :
1400 : /**
1401 : * Test 18: SlotID in KEY_EXCHANGE request message is 9, but it should be 0xFF or between 0 and 7 inclusive.
1402 : * Expected Behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
1403 : **/
1404 1 : static void rsp_key_exchange_rsp_case18(void **state)
1405 : {
1406 : libspdm_return_t status;
1407 : libspdm_test_context_t *spdm_test_context;
1408 : libspdm_context_t *spdm_context;
1409 : size_t response_size;
1410 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1411 : spdm_key_exchange_response_t *spdm_response;
1412 : void *data1;
1413 : size_t data_size1;
1414 : uint8_t *ptr;
1415 : size_t dhe_key_size;
1416 : void *dhe_context;
1417 : size_t opaque_key_exchange_req_size;
1418 :
1419 1 : spdm_test_context = *state;
1420 1 : spdm_context = spdm_test_context->spdm_context;
1421 1 : spdm_test_context->case_id = 0x12;
1422 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1423 1 : spdm_context->connection_info.capability.flags |=
1424 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1425 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1426 1 : spdm_context->local_context.capability.flags |=
1427 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1428 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1429 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1430 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1431 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1432 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1433 : m_libspdm_use_measurement_hash_algo;
1434 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1435 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1436 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1437 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1438 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1439 : m_libspdm_use_asym_algo, &data1,
1440 : &data_size1, NULL, NULL);
1441 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1442 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1443 :
1444 1 : libspdm_reset_message_a(spdm_context);
1445 :
1446 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1447 :
1448 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request9.random_data);
1449 1 : m_libspdm_key_exchange_request9.req_session_id = 0xFFFF;
1450 1 : m_libspdm_key_exchange_request9.reserved = 0;
1451 1 : ptr = m_libspdm_key_exchange_request9.exchange_data;
1452 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1453 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1454 : false);
1455 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1456 1 : ptr += dhe_key_size;
1457 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1458 1 : opaque_key_exchange_req_size =
1459 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1460 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1461 1 : ptr += sizeof(uint16_t);
1462 1 : libspdm_build_opaque_data_supported_version_data(
1463 : spdm_context, &opaque_key_exchange_req_size, ptr);
1464 1 : ptr += opaque_key_exchange_req_size;
1465 1 : response_size = sizeof(response);
1466 1 : status = libspdm_get_response_key_exchange(
1467 : spdm_context, m_libspdm_key_exchange_request9_size,
1468 : &m_libspdm_key_exchange_request9, &response_size, response);
1469 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1470 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1471 1 : spdm_response = (void *)response;
1472 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1473 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1474 1 : assert_int_equal(spdm_response->header.param2, 0);
1475 1 : free(data1);
1476 1 : }
1477 :
1478 1 : static void rsp_key_exchange_rsp_case19(void **state)
1479 : {
1480 : libspdm_return_t status;
1481 : libspdm_test_context_t *spdm_test_context;
1482 : libspdm_context_t *spdm_context;
1483 : size_t response_size;
1484 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1485 : spdm_key_exchange_response_t *spdm_response;
1486 : void *data1;
1487 : size_t data_size1;
1488 : uint8_t *ptr;
1489 : size_t dhe_key_size;
1490 : void *dhe_context;
1491 :
1492 1 : spdm_test_context = *state;
1493 1 : spdm_context = spdm_test_context->spdm_context;
1494 1 : spdm_test_context->case_id = 0x13;
1495 1 : spdm_context->response_state = 0;
1496 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1497 1 : spdm_context->connection_info.capability.flags = 0;
1498 1 : spdm_context->connection_info.capability.flags |=
1499 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1500 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1501 1 : spdm_context->local_context.capability.flags = 0;
1502 1 : spdm_context->local_context.capability.flags |=
1503 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1504 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1505 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1506 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1507 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1508 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1509 : m_libspdm_use_measurement_hash_algo;
1510 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1511 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1512 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1513 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1514 1 : spdm_context->connection_info.algorithm.other_params_support =
1515 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1516 :
1517 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1518 : m_libspdm_use_asym_algo, &data1,
1519 : &data_size1, NULL, NULL);
1520 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1521 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1522 :
1523 1 : libspdm_reset_message_a(spdm_context);
1524 :
1525 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1526 :
1527 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1528 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1529 1 : m_libspdm_key_exchange_request8.reserved = 0;
1530 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1531 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1532 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1533 : false);
1534 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1535 1 : ptr += dhe_key_size;
1536 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1537 :
1538 : size_t opaque_data_size;
1539 : spdm_general_opaque_data_table_header_t
1540 : *spdm_general_opaque_data_table_header;
1541 : secured_message_opaque_element_table_header_t
1542 : *opaque_element_table_header;
1543 : secured_message_opaque_element_header_t
1544 : * secured_message_element_header;
1545 : uint8_t element_num;
1546 : uint8_t element_index;
1547 : size_t current_element_len;
1548 :
1549 1 : spdm_general_opaque_data_table_header =
1550 : (spdm_general_opaque_data_table_header_t *)(ptr + sizeof(uint16_t));
1551 1 : spdm_general_opaque_data_table_header->total_elements = 2;
1552 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1553 :
1554 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1555 1 : opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1556 :
1557 3 : for (element_index = 0; element_index < element_num; element_index++) {
1558 2 : opaque_element_table_header->id = SPDM_REGISTRY_ID_DMTF;
1559 2 : opaque_element_table_header->vendor_len = 0;
1560 : /* When opaque_element_data_len is not four byte aligned*/
1561 2 : opaque_element_table_header->opaque_element_data_len = 0xF;
1562 :
1563 2 : secured_message_element_header = (void *)(opaque_element_table_header + 1);
1564 2 : secured_message_element_header->sm_data_id =
1565 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_ID_SUPPORTED_VERSION;
1566 2 : secured_message_element_header->sm_data_version =
1567 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_DATA_VERSION;
1568 :
1569 2 : current_element_len = sizeof(secured_message_opaque_element_table_header_t) +
1570 2 : opaque_element_table_header->vendor_len +
1571 2 : sizeof(opaque_element_table_header->opaque_element_data_len) +
1572 2 : opaque_element_table_header->opaque_element_data_len;
1573 :
1574 : /*move to next element*/
1575 2 : opaque_element_table_header =
1576 : (secured_message_opaque_element_table_header_t *)
1577 : ((uint8_t *)opaque_element_table_header + current_element_len);
1578 :
1579 2 : opaque_data_size += current_element_len;
1580 : }
1581 :
1582 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_data_size);
1583 :
1584 1 : response_size = sizeof(response);
1585 1 : status = libspdm_get_response_key_exchange(
1586 : spdm_context, m_libspdm_key_exchange_request8_size,
1587 : &m_libspdm_key_exchange_request8, &response_size, response);
1588 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1589 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1590 1 : spdm_response = (void *)response;
1591 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1592 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1593 1 : assert_int_equal(spdm_response->header.param2, 0);
1594 1 : free(data1);
1595 1 : }
1596 :
1597 1 : static void rsp_key_exchange_rsp_case20(void **state)
1598 : {
1599 : libspdm_return_t status;
1600 : libspdm_test_context_t *spdm_test_context;
1601 : libspdm_context_t *spdm_context;
1602 : size_t response_size;
1603 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1604 : spdm_key_exchange_response_t *spdm_response;
1605 : void *data1;
1606 : size_t data_size1;
1607 : uint8_t *ptr;
1608 : size_t dhe_key_size;
1609 : void *dhe_context;
1610 : size_t opaque_key_exchange_req_size;
1611 :
1612 1 : spdm_test_context = *state;
1613 1 : spdm_context = spdm_test_context->spdm_context;
1614 1 : spdm_test_context->case_id = 0x14;
1615 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1616 1 : spdm_context->connection_info.capability.flags =
1617 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1618 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1619 1 : spdm_context->local_context.capability.flags =
1620 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1621 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1622 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1623 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1624 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1625 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1626 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1627 : m_libspdm_use_measurement_hash_algo;
1628 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1629 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1630 1 : spdm_context->connection_info.algorithm.other_params_support =
1631 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1632 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1633 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1634 :
1635 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1636 :
1637 1 : libspdm_session_info_init(spdm_context,
1638 1 : spdm_context->session_info,
1639 : 0,
1640 : INVALID_SESSION_ID, false);
1641 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1642 : m_libspdm_use_asym_algo, &data1,
1643 : &data_size1, NULL, NULL);
1644 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1645 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1646 :
1647 1 : libspdm_reset_message_a(spdm_context);
1648 :
1649 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1650 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1651 1 : m_libspdm_key_exchange_request8.reserved = 0;
1652 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1653 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1654 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1655 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1656 : false);
1657 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1658 1 : ptr += dhe_key_size;
1659 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1660 1 : opaque_key_exchange_req_size =
1661 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1662 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1663 1 : ptr += sizeof(uint16_t);
1664 1 : libspdm_build_opaque_data_supported_version_data(
1665 : spdm_context, &opaque_key_exchange_req_size, ptr);
1666 1 : ptr += opaque_key_exchange_req_size;
1667 1 : response_size = sizeof(response);
1668 1 : status = libspdm_get_response_key_exchange(
1669 : spdm_context, m_libspdm_key_exchange_request8_size,
1670 : &m_libspdm_key_exchange_request8, &response_size, response);
1671 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1672 : m_libspdm_key_exchange_request8.session_policy);
1673 1 : spdm_response = (void *)response;
1674 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1675 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1676 1 : assert_int_equal(
1677 : libspdm_secured_message_get_session_state(
1678 : spdm_context->session_info[0].secured_message_context),
1679 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1680 1 : spdm_response = (void *)response;
1681 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1682 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1683 1 : free(data1);
1684 1 : }
1685 :
1686 : /**
1687 : * Test 21: The key usage bit mask is not set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot
1688 : * Expected Behavior: get a SPDM_ERROR_CODE_INVALID_REQUEST return code
1689 : **/
1690 1 : static void rsp_key_exchange_rsp_case21(void **state)
1691 : {
1692 : libspdm_return_t status;
1693 : libspdm_test_context_t *spdm_test_context;
1694 : libspdm_context_t *spdm_context;
1695 : size_t response_size;
1696 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1697 : spdm_key_exchange_response_t *spdm_response;
1698 : void *data1;
1699 : size_t data_size1;
1700 : uint8_t *ptr;
1701 : size_t dhe_key_size;
1702 : void *dhe_context;
1703 : size_t opaque_key_exchange_req_size;
1704 : uint8_t slot_id;
1705 :
1706 1 : spdm_test_context = *state;
1707 1 : spdm_context = spdm_test_context->spdm_context;
1708 1 : spdm_test_context->case_id = 0x15;
1709 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1710 1 : spdm_context->connection_info.capability.flags |=
1711 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1712 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1713 1 : spdm_context->local_context.capability.flags |=
1714 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1715 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1716 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1717 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1718 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1719 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1720 : m_libspdm_use_measurement_hash_algo;
1721 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1722 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1723 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1724 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1725 1 : spdm_context->connection_info.algorithm.other_params_support =
1726 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1727 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1728 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
1729 :
1730 1 : libspdm_session_info_init(spdm_context,
1731 1 : spdm_context->session_info,
1732 : 0,
1733 : INVALID_SESSION_ID, false);
1734 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1735 : m_libspdm_use_asym_algo, &data1,
1736 : &data_size1, NULL, NULL);
1737 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1738 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1739 :
1740 1 : libspdm_reset_message_a(spdm_context);
1741 :
1742 : /* If set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP can specify this certificate slot. If not set,
1743 : * the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot */
1744 1 : slot_id = 0;
1745 1 : m_libspdm_key_exchange_request10.header.param2 = slot_id;
1746 1 : spdm_context->local_context.local_key_usage_bit_mask[slot_id] =
1747 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
1748 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE;
1749 :
1750 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1751 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1752 1 : m_libspdm_key_exchange_request10.reserved = 0;
1753 1 : m_libspdm_key_exchange_request10.session_policy = 0xFF;
1754 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1755 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1756 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1757 : false);
1758 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1759 1 : ptr += dhe_key_size;
1760 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1761 1 : opaque_key_exchange_req_size =
1762 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1763 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1764 1 : ptr += sizeof(uint16_t);
1765 1 : libspdm_build_opaque_data_supported_version_data(
1766 : spdm_context, &opaque_key_exchange_req_size, ptr);
1767 1 : ptr += opaque_key_exchange_req_size;
1768 1 : response_size = sizeof(response);
1769 1 : status = libspdm_get_response_key_exchange(
1770 : spdm_context, m_libspdm_key_exchange_request10_size,
1771 : &m_libspdm_key_exchange_request10, &response_size, response);
1772 :
1773 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1774 1 : assert_int_equal (response_size, sizeof(spdm_error_response_t));
1775 1 : spdm_response = (void *)response;
1776 1 : assert_int_equal (spdm_response->header.request_response_code, SPDM_ERROR);
1777 1 : assert_int_equal (spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1778 1 : assert_int_equal (spdm_response->header.param2, 0);
1779 :
1780 1 : free(data1);
1781 1 : }
1782 :
1783 : /**
1784 : * Test 21: The Requester subscribes to all events supported by the Responder.
1785 : * Expected Behavior: Responder successfully subscribes the Requester to all events.
1786 : **/
1787 1 : static void rsp_key_exchange_rsp_case22(void **state)
1788 : {
1789 : #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP
1790 : libspdm_return_t status;
1791 : libspdm_test_context_t *spdm_test_context;
1792 : libspdm_context_t *spdm_context;
1793 : size_t response_size;
1794 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1795 : spdm_key_exchange_response_t *spdm_response;
1796 : void *data1;
1797 : size_t data_size1;
1798 : uint8_t *ptr;
1799 : size_t dhe_key_size;
1800 : void *dhe_context;
1801 : size_t opaque_key_exchange_req_size;
1802 :
1803 1 : spdm_test_context = *state;
1804 1 : spdm_context = spdm_test_context->spdm_context;
1805 1 : spdm_test_context->case_id = 0x16;
1806 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1807 1 : spdm_context->connection_info.capability.flags |=
1808 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1809 1 : spdm_context->local_context.capability.flags |=
1810 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1811 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP;
1812 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1813 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1814 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1815 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1816 : m_libspdm_use_measurement_hash_algo;
1817 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1818 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1819 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1820 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1821 1 : spdm_context->connection_info.algorithm.other_params_support =
1822 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1823 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1824 1 : spdm_context->connection_info.multi_key_conn_rsp = false;
1825 :
1826 1 : libspdm_session_info_init(spdm_context, spdm_context->session_info, INVALID_SESSION_ID,
1827 : 0, false);
1828 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1829 : m_libspdm_use_asym_algo, &data1,
1830 : &data_size1, NULL, NULL);
1831 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1832 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1833 :
1834 1 : libspdm_reset_message_a(spdm_context);
1835 :
1836 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1837 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1838 1 : m_libspdm_key_exchange_request10.reserved = 0;
1839 1 : m_libspdm_key_exchange_request10.session_policy =
1840 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_EVENT_ALL_POLICY;
1841 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1842 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1843 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1844 : false);
1845 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1846 1 : ptr += dhe_key_size;
1847 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1848 1 : opaque_key_exchange_req_size =
1849 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1850 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1851 1 : ptr += sizeof(uint16_t);
1852 1 : libspdm_build_opaque_data_supported_version_data(
1853 : spdm_context, &opaque_key_exchange_req_size, ptr);
1854 1 : ptr += opaque_key_exchange_req_size;
1855 1 : response_size = sizeof(response);
1856 :
1857 1 : status = libspdm_get_response_key_exchange(
1858 : spdm_context, m_libspdm_key_exchange_request10_size,
1859 : &m_libspdm_key_exchange_request10, &response_size, response);
1860 :
1861 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1862 : m_libspdm_key_exchange_request10.session_policy);
1863 1 : spdm_response = (void *)response;
1864 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_13);
1865 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1866 1 : assert_int_equal(
1867 : libspdm_secured_message_get_session_state(
1868 : spdm_context->session_info[0].secured_message_context),
1869 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1870 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1871 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1872 1 : assert_true(g_event_all_subscribe && !g_event_all_unsubscribe);
1873 1 : free(data1);
1874 : #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */
1875 1 : }
1876 :
1877 1 : static void rsp_key_exchange_rsp_case23(void **state)
1878 : {
1879 : libspdm_return_t status;
1880 : libspdm_test_context_t *spdm_test_context;
1881 : libspdm_context_t *spdm_context;
1882 : size_t response_size;
1883 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1884 : spdm_key_exchange_response_t *spdm_response;
1885 : void *data1;
1886 : size_t data_size1;
1887 : uint8_t *ptr;
1888 : size_t dhe_key_size;
1889 : void *dhe_context;
1890 : size_t opaque_key_exchange_req_size;
1891 :
1892 1 : spdm_test_context = *state;
1893 1 : spdm_context = spdm_test_context->spdm_context;
1894 1 : spdm_test_context->case_id = 0x17;
1895 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1896 1 : spdm_context->connection_info.capability.flags |=
1897 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1898 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1899 1 : spdm_context->local_context.capability.flags |=
1900 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1901 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1902 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
1903 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1904 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1905 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1906 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1907 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1908 : m_libspdm_use_measurement_hash_algo;
1909 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1910 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1911 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1912 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1913 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1914 : m_libspdm_use_asym_algo, &data1,
1915 : &data_size1, NULL, NULL);
1916 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1917 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1918 :
1919 1 : libspdm_reset_message_a(spdm_context);
1920 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
1921 1 : g_mandatory_mut_auth = true;
1922 :
1923 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1924 :
1925 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1926 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1927 1 : m_libspdm_key_exchange_request1.reserved = 0;
1928 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1929 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1930 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1931 : false);
1932 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1933 1 : ptr += dhe_key_size;
1934 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1935 1 : opaque_key_exchange_req_size =
1936 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1937 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1938 1 : ptr += sizeof(uint16_t);
1939 1 : libspdm_build_opaque_data_supported_version_data(
1940 : spdm_context, &opaque_key_exchange_req_size, ptr);
1941 1 : ptr += opaque_key_exchange_req_size;
1942 1 : response_size = sizeof(response);
1943 1 : status = libspdm_get_response_key_exchange(
1944 : spdm_context, m_libspdm_key_exchange_request1_size,
1945 : &m_libspdm_key_exchange_request1, &response_size, response);
1946 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1947 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1948 1 : spdm_response = (void *)response;
1949 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1950 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_UNSPECIFIED);
1951 1 : assert_int_equal(spdm_response->header.param2, 0);
1952 :
1953 1 : g_key_exchange_start_mut_auth = 0;
1954 1 : g_mandatory_mut_auth = false;
1955 1 : free(data1);
1956 1 : }
1957 :
1958 :
1959 1 : static void rsp_key_exchange_rsp_case24(void **state)
1960 : {
1961 : libspdm_return_t status;
1962 : libspdm_test_context_t *spdm_test_context;
1963 : libspdm_context_t *spdm_context;
1964 : size_t response_size;
1965 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1966 : spdm_key_exchange_response_t *spdm_response;
1967 : void *data1;
1968 : size_t data_size1;
1969 : uint8_t *ptr;
1970 : size_t dhe_key_size;
1971 : void *dhe_context;
1972 : size_t opaque_key_exchange_req_size;
1973 :
1974 1 : spdm_test_context = *state;
1975 1 : spdm_context = spdm_test_context->spdm_context;
1976 1 : spdm_test_context->case_id = 0x18;
1977 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1978 1 : spdm_context->connection_info.capability.flags |=
1979 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1980 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1981 1 : spdm_context->local_context.capability.flags |=
1982 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1983 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1984 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
1985 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1986 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1987 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1988 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1989 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1990 : m_libspdm_use_measurement_hash_algo;
1991 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1992 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1993 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1994 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1995 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1996 : m_libspdm_use_asym_algo, &data1,
1997 : &data_size1, NULL, NULL);
1998 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1999 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2000 :
2001 1 : libspdm_reset_message_a(spdm_context);
2002 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
2003 1 : g_mandatory_mut_auth = true;
2004 :
2005 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
2006 :
2007 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
2008 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
2009 1 : m_libspdm_key_exchange_request10.reserved = 0;
2010 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2011 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2012 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2013 : false);
2014 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2015 1 : ptr += dhe_key_size;
2016 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2017 1 : opaque_key_exchange_req_size =
2018 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2019 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
2020 1 : ptr += sizeof(uint16_t);
2021 1 : libspdm_build_opaque_data_supported_version_data(
2022 : spdm_context, &opaque_key_exchange_req_size, ptr);
2023 1 : ptr += opaque_key_exchange_req_size;
2024 1 : response_size = sizeof(response);
2025 1 : status = libspdm_get_response_key_exchange(
2026 : spdm_context, m_libspdm_key_exchange_request10_size,
2027 : &m_libspdm_key_exchange_request10, &response_size, response);
2028 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2029 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2030 1 : spdm_response = (void *)response;
2031 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
2032 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_POLICY);
2033 1 : assert_int_equal(spdm_response->header.param2, 0);
2034 :
2035 1 : g_mandatory_mut_auth = false;
2036 1 : g_key_exchange_start_mut_auth = 0;
2037 1 : free(data1);
2038 1 : }
2039 :
2040 : /**
2041 : * Test 25: Successful response to a valid KEY_EXCHANGE request.
2042 : * Expected Behavior: get a valid KEY_EXCHANGE_RSP message
2043 : * with integrator defined opaque data in the response
2044 : **/
2045 1 : static void rsp_key_exchange_rsp_case25(void **state)
2046 : {
2047 : libspdm_return_t status;
2048 : libspdm_test_context_t *spdm_test_context;
2049 : libspdm_context_t *spdm_context;
2050 : size_t response_size;
2051 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2052 : spdm_key_exchange_response_t *spdm_response;
2053 : void *data1;
2054 : size_t data_size1;
2055 : uint8_t *ptr;
2056 : size_t dhe_key_size;
2057 : void *dhe_context;
2058 : size_t opaque_key_exchange_req_size;
2059 : uint16_t opaque_length;
2060 :
2061 1 : spdm_test_context = *state;
2062 1 : spdm_context = spdm_test_context->spdm_context;
2063 1 : spdm_test_context->case_id = 0x19;
2064 1 : spdm_context->connection_info.connection_state =
2065 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2066 1 : spdm_context->connection_info.capability.flags |=
2067 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2068 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2069 1 : spdm_context->local_context.capability.flags |=
2070 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2071 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2072 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2073 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2074 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2075 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2076 : m_libspdm_use_measurement_hash_algo;
2077 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2078 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2079 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
2080 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2081 1 : spdm_context->connection_info.algorithm.other_params_support =
2082 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
2083 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 2;
2084 1 : g_generate_key_exchange_opaque_data = true;
2085 :
2086 1 : libspdm_session_info_init(spdm_context,
2087 1 : spdm_context->session_info,
2088 : 0,
2089 : INVALID_SESSION_ID, false);
2090 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2091 : m_libspdm_use_asym_algo, &data1,
2092 : &data_size1, NULL, NULL);
2093 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2094 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2095 :
2096 1 : libspdm_reset_message_a(spdm_context);
2097 :
2098 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
2099 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
2100 1 : m_libspdm_key_exchange_request8.reserved = 0;
2101 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
2102 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
2103 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2104 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2105 : false);
2106 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2107 1 : ptr += dhe_key_size;
2108 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2109 1 : opaque_key_exchange_req_size =
2110 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2111 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2112 1 : ptr += sizeof(uint16_t);
2113 1 : libspdm_build_opaque_data_supported_version_data(
2114 : spdm_context, &opaque_key_exchange_req_size, ptr);
2115 1 : ptr += opaque_key_exchange_req_size;
2116 1 : response_size = sizeof(response);
2117 1 : status = libspdm_get_response_key_exchange(
2118 : spdm_context, m_libspdm_key_exchange_request8_size,
2119 : &m_libspdm_key_exchange_request8, &response_size, response);
2120 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
2121 : m_libspdm_key_exchange_request8.session_policy);
2122 1 : spdm_response = (void *)response;
2123 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
2124 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2125 1 : assert_int_equal(
2126 : libspdm_secured_message_get_session_state(
2127 : spdm_context->session_info[0].secured_message_context),
2128 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2129 1 : spdm_response = (void *)response;
2130 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
2131 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
2132 1 : ptr = (uint8_t *)(spdm_response + 1);
2133 1 : ptr += dhe_key_size;
2134 1 : opaque_length = *(uint16_t *)ptr;
2135 1 : assert_int_equal(opaque_length,
2136 : libspdm_get_opaque_data_version_selection_data_size(spdm_context));
2137 :
2138 1 : g_generate_key_exchange_opaque_data = false;
2139 1 : free(data1);
2140 1 : }
2141 :
2142 1 : int libspdm_rsp_key_exchange_rsp_test(void)
2143 : {
2144 1 : const struct CMUnitTest test_cases[] = {
2145 : /* Success Case*/
2146 : cmocka_unit_test(rsp_key_exchange_rsp_case1),
2147 : /* Bad request size*/
2148 : cmocka_unit_test(rsp_key_exchange_rsp_case2),
2149 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
2150 : cmocka_unit_test(rsp_key_exchange_rsp_case3),
2151 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
2152 : cmocka_unit_test(rsp_key_exchange_rsp_case4),
2153 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2154 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
2155 : cmocka_unit_test(rsp_key_exchange_rsp_case5),
2156 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
2157 : /* connection_state Check*/
2158 : cmocka_unit_test(rsp_key_exchange_rsp_case6),
2159 : /* Buffer reset*/
2160 : cmocka_unit_test(rsp_key_exchange_rsp_case7),
2161 : /* TCB measurement hash requested */
2162 : cmocka_unit_test(rsp_key_exchange_rsp_case8),
2163 : /* All measurement hash requested */
2164 : cmocka_unit_test(rsp_key_exchange_rsp_case9),
2165 : /* Reserved value in Measurement summary. Error + Invalid */
2166 : cmocka_unit_test(rsp_key_exchange_rsp_case10),
2167 : /* TCB measurement hash requested, measurement flag not set */
2168 : cmocka_unit_test(rsp_key_exchange_rsp_case11),
2169 : /* Request previously provisioned public key, slot 0xFF */
2170 : cmocka_unit_test(rsp_key_exchange_rsp_case14),
2171 : /* HANDSHAKE_IN_THE_CLEAR set for requester and responder */
2172 : cmocka_unit_test(rsp_key_exchange_rsp_case15),
2173 : /* Buffer verification*/
2174 : cmocka_unit_test(rsp_key_exchange_rsp_case16),
2175 : /* Successful response V1.2*/
2176 : cmocka_unit_test(rsp_key_exchange_rsp_case17),
2177 : /* Invalid SlotID in KEY_EXCHANGE request message*/
2178 : cmocka_unit_test(rsp_key_exchange_rsp_case18),
2179 : /* Only OpaqueDataFmt1 is supported, Bytes not aligned*/
2180 : cmocka_unit_test(rsp_key_exchange_rsp_case19),
2181 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
2182 : cmocka_unit_test(rsp_key_exchange_rsp_case20),
2183 : /* The key usage bit mask is not set, failed Case*/
2184 : cmocka_unit_test(rsp_key_exchange_rsp_case21),
2185 : cmocka_unit_test(rsp_key_exchange_rsp_case22),
2186 : /* The Responder requires mutual authentication, but the Requester does not support it */
2187 : cmocka_unit_test(rsp_key_exchange_rsp_case23),
2188 : cmocka_unit_test(rsp_key_exchange_rsp_case24),
2189 : /* The Responder using integrator defined opaque data */
2190 : cmocka_unit_test(rsp_key_exchange_rsp_case25),
2191 : };
2192 :
2193 1 : libspdm_test_context_t test_context = {
2194 : LIBSPDM_TEST_CONTEXT_VERSION,
2195 : false,
2196 : };
2197 :
2198 1 : libspdm_setup_test_context(&test_context);
2199 :
2200 1 : return cmocka_run_group_tests(test_cases,
2201 : libspdm_unit_test_group_setup,
2202 : libspdm_unit_test_group_teardown);
2203 : }
2204 :
2205 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
