Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : #pragma pack(1)
14 : typedef struct {
15 : spdm_message_header_t header;
16 : uint16_t req_session_id;
17 : uint8_t session_policy;
18 : uint8_t reserved;
19 : uint8_t random_data[SPDM_RANDOM_DATA_SIZE];
20 : uint8_t exchange_data[LIBSPDM_MAX_DHE_KEY_SIZE];
21 : uint16_t opaque_length;
22 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
23 : } libspdm_key_exchange_request_mine_t;
24 : #pragma pack()
25 :
26 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request1 = {
27 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
28 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
29 : };
30 : size_t m_libspdm_key_exchange_request1_size = sizeof(m_libspdm_key_exchange_request1);
31 :
32 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request2 = {
33 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
34 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
35 : };
36 : size_t m_libspdm_key_exchange_request2_size = sizeof(spdm_key_exchange_request_t);
37 :
38 : /* Request TCB measurement hash */
39 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request3 = {
40 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
41 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0 },
42 : };
43 : size_t m_libspdm_key_exchange_request3_size = sizeof(m_libspdm_key_exchange_request3);
44 :
45 : /* Request all measurement hash */
46 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request4 = {
47 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
48 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0 },
49 : };
50 : size_t m_libspdm_key_exchange_request4_size = sizeof(m_libspdm_key_exchange_request4);
51 :
52 : /* Uses a reserved value in measurement hash */
53 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request5 = {
54 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
55 : 0x50, 0 },
56 : };
57 : size_t m_libspdm_key_exchange_request5_size = sizeof(m_libspdm_key_exchange_request5);
58 :
59 : /* Asks for certificate in slot 1 */
60 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request6 = {
61 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
62 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 1 },
63 : };
64 : size_t m_libspdm_key_exchange_request6_size = sizeof(m_libspdm_key_exchange_request6);
65 :
66 : /* Asks for previously provisioned raw public key */
67 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request7 = {
68 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
69 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF },
70 : };
71 : size_t m_libspdm_key_exchange_request7_size = sizeof(m_libspdm_key_exchange_request7);
72 :
73 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request8 = {
74 : { SPDM_MESSAGE_VERSION_12, SPDM_KEY_EXCHANGE,
75 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
76 : };
77 : size_t m_libspdm_key_exchange_request8_size = sizeof(m_libspdm_key_exchange_request8);
78 :
79 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request9 = {
80 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
81 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 9 },
82 : };
83 : size_t m_libspdm_key_exchange_request9_size = sizeof(m_libspdm_key_exchange_request9);
84 :
85 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request10 = {
86 : { SPDM_MESSAGE_VERSION_13, SPDM_KEY_EXCHANGE,
87 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
88 : };
89 : size_t m_libspdm_key_exchange_request10_size = sizeof(m_libspdm_key_exchange_request10);
90 :
91 : extern uint8_t g_key_exchange_start_mut_auth;
92 : extern bool g_mandatory_mut_auth;
93 : extern bool g_generate_key_exchange_opaque_data;
94 :
95 : extern bool g_event_all_subscribe;
96 : extern bool g_event_all_unsubscribe;
97 :
98 1 : static void rsp_key_exchange_rsp_case1(void **state)
99 : {
100 : libspdm_return_t status;
101 : libspdm_test_context_t *spdm_test_context;
102 : libspdm_context_t *spdm_context;
103 : size_t response_size;
104 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
105 : spdm_key_exchange_response_t *spdm_response;
106 : void *data1;
107 : size_t data_size1;
108 : uint8_t *ptr;
109 : size_t dhe_key_size;
110 : void *dhe_context;
111 : size_t opaque_key_exchange_req_size;
112 : uint32_t session_id;
113 :
114 1 : spdm_test_context = *state;
115 1 : spdm_context = spdm_test_context->spdm_context;
116 1 : spdm_test_context->case_id = 0x1;
117 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
118 1 : spdm_context->connection_info.capability.flags |=
119 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
120 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
121 1 : spdm_context->local_context.capability.flags |=
122 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
123 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
124 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
125 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
126 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
127 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
128 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
129 : m_libspdm_use_measurement_hash_algo;
130 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
131 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
132 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
133 : SPDM_VERSION_NUMBER_SHIFT_BIT;
134 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
135 : m_libspdm_use_asym_algo, &data1,
136 : &data_size1, NULL, NULL)) {
137 0 : return;
138 : }
139 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
140 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
141 :
142 1 : libspdm_reset_message_a(spdm_context);
143 :
144 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
145 :
146 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
147 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
148 1 : m_libspdm_key_exchange_request1.reserved = 0;
149 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
150 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
151 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
152 : false);
153 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
154 1 : ptr += dhe_key_size;
155 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
156 1 : opaque_key_exchange_req_size =
157 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
158 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
159 1 : ptr += sizeof(uint16_t);
160 1 : libspdm_build_opaque_data_supported_version_data(
161 : spdm_context, &opaque_key_exchange_req_size, ptr);
162 1 : ptr += opaque_key_exchange_req_size;
163 1 : response_size = sizeof(response);
164 1 : status = libspdm_get_response_key_exchange(
165 : spdm_context, m_libspdm_key_exchange_request1_size,
166 : &m_libspdm_key_exchange_request1, &response_size, response);
167 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
168 1 : assert_int_equal(
169 : libspdm_secured_message_get_session_state(
170 : spdm_context->session_info[0].secured_message_context),
171 : LIBSPDM_SESSION_STATE_HANDSHAKING);
172 1 : spdm_response = (void *)response;
173 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
174 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
175 :
176 1 : session_id = (m_libspdm_key_exchange_request1.req_session_id << 16) |
177 1 : spdm_response->rsp_session_id;
178 1 : libspdm_free_session_id(spdm_context, session_id);
179 1 : free(data1);
180 : }
181 :
182 1 : static void rsp_key_exchange_rsp_case2(void **state)
183 : {
184 : libspdm_return_t status;
185 : libspdm_test_context_t *spdm_test_context;
186 : libspdm_context_t *spdm_context;
187 : size_t response_size;
188 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
189 : spdm_key_exchange_response_t *spdm_response;
190 : void *data1;
191 : size_t data_size1;
192 : uint8_t *ptr;
193 : size_t dhe_key_size;
194 : void *dhe_context;
195 : size_t opaque_key_exchange_req_size;
196 :
197 1 : spdm_test_context = *state;
198 1 : spdm_context = spdm_test_context->spdm_context;
199 1 : spdm_test_context->case_id = 0x2;
200 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
201 1 : spdm_context->connection_info.capability.flags |=
202 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
203 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
204 1 : spdm_context->local_context.capability.flags |=
205 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
206 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
207 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
208 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
209 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
210 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
211 : m_libspdm_use_measurement_hash_algo;
212 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
213 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
214 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
215 : SPDM_VERSION_NUMBER_SHIFT_BIT;
216 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
217 : m_libspdm_use_asym_algo, &data1,
218 : &data_size1, NULL, NULL)) {
219 0 : return;
220 : }
221 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
222 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
223 :
224 1 : libspdm_reset_message_a(spdm_context);
225 :
226 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request2.random_data);
227 1 : m_libspdm_key_exchange_request2.req_session_id = 0xFFFF;
228 1 : m_libspdm_key_exchange_request2.reserved = 0;
229 1 : ptr = m_libspdm_key_exchange_request2.exchange_data;
230 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
231 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
232 : false);
233 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
234 1 : ptr += dhe_key_size;
235 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
236 1 : opaque_key_exchange_req_size =
237 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
238 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
239 1 : ptr += sizeof(uint16_t);
240 1 : libspdm_build_opaque_data_supported_version_data(
241 : spdm_context, &opaque_key_exchange_req_size, ptr);
242 1 : ptr += opaque_key_exchange_req_size;
243 1 : response_size = sizeof(response);
244 1 : status = libspdm_get_response_key_exchange(
245 : spdm_context, m_libspdm_key_exchange_request2_size,
246 : &m_libspdm_key_exchange_request2, &response_size, response);
247 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
248 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
249 1 : spdm_response = (void *)response;
250 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
251 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
252 1 : assert_int_equal(spdm_response->header.param2, 0);
253 1 : free(data1);
254 : }
255 :
256 1 : static void rsp_key_exchange_rsp_case3(void **state)
257 : {
258 : libspdm_return_t status;
259 : libspdm_test_context_t *spdm_test_context;
260 : libspdm_context_t *spdm_context;
261 : size_t response_size;
262 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
263 : spdm_key_exchange_response_t *spdm_response;
264 : void *data1;
265 : size_t data_size1;
266 : uint8_t *ptr;
267 : size_t dhe_key_size;
268 : void *dhe_context;
269 : size_t opaque_key_exchange_req_size;
270 :
271 1 : spdm_test_context = *state;
272 1 : spdm_context = spdm_test_context->spdm_context;
273 1 : spdm_test_context->case_id = 0x3;
274 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
275 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
276 1 : spdm_context->connection_info.capability.flags |=
277 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
278 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
279 1 : spdm_context->local_context.capability.flags |=
280 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
281 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
282 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
283 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
284 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
285 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
286 : m_libspdm_use_measurement_hash_algo;
287 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
288 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
289 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
290 : SPDM_VERSION_NUMBER_SHIFT_BIT;
291 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
292 : m_libspdm_use_asym_algo, &data1,
293 : &data_size1, NULL, NULL)) {
294 0 : return;
295 : }
296 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
297 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
298 :
299 1 : libspdm_reset_message_a(spdm_context);
300 :
301 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
302 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
303 1 : m_libspdm_key_exchange_request1.reserved = 0;
304 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
305 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
306 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
307 : false);
308 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
309 1 : ptr += dhe_key_size;
310 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
311 1 : opaque_key_exchange_req_size =
312 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
313 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
314 1 : ptr += sizeof(uint16_t);
315 1 : libspdm_build_opaque_data_supported_version_data(
316 : spdm_context, &opaque_key_exchange_req_size, ptr);
317 1 : ptr += opaque_key_exchange_req_size;
318 1 : response_size = sizeof(response);
319 1 : status = libspdm_get_response_key_exchange(
320 : spdm_context, m_libspdm_key_exchange_request1_size,
321 : &m_libspdm_key_exchange_request1, &response_size, response);
322 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
323 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
324 1 : spdm_response = (void *)response;
325 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
326 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
327 1 : assert_int_equal(spdm_response->header.param2, 0);
328 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_BUSY);
329 1 : free(data1);
330 : }
331 :
332 1 : static void rsp_key_exchange_rsp_case4(void **state)
333 : {
334 : libspdm_return_t status;
335 : libspdm_test_context_t *spdm_test_context;
336 : libspdm_context_t *spdm_context;
337 : size_t response_size;
338 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
339 : spdm_key_exchange_response_t *spdm_response;
340 : void *data1;
341 : size_t data_size1;
342 : uint8_t *ptr;
343 : size_t dhe_key_size;
344 : void *dhe_context;
345 : size_t opaque_key_exchange_req_size;
346 :
347 1 : spdm_test_context = *state;
348 1 : spdm_context = spdm_test_context->spdm_context;
349 1 : spdm_test_context->case_id = 0x4;
350 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
351 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
352 1 : spdm_context->connection_info.capability.flags |=
353 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
354 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
355 1 : spdm_context->local_context.capability.flags |=
356 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
357 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
358 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
359 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
360 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
361 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
362 : m_libspdm_use_measurement_hash_algo;
363 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
364 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
365 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
366 : SPDM_VERSION_NUMBER_SHIFT_BIT;
367 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
368 : m_libspdm_use_asym_algo, &data1,
369 : &data_size1, NULL, NULL)) {
370 0 : return;
371 : }
372 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
373 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
374 :
375 1 : libspdm_reset_message_a(spdm_context);
376 :
377 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
378 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
379 1 : m_libspdm_key_exchange_request1.reserved = 0;
380 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
381 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
382 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
383 : false);
384 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
385 1 : ptr += dhe_key_size;
386 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
387 1 : opaque_key_exchange_req_size =
388 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
389 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
390 1 : ptr += sizeof(uint16_t);
391 1 : libspdm_build_opaque_data_supported_version_data(
392 : spdm_context, &opaque_key_exchange_req_size, ptr);
393 1 : ptr += opaque_key_exchange_req_size;
394 1 : response_size = sizeof(response);
395 1 : status = libspdm_get_response_key_exchange(
396 : spdm_context, m_libspdm_key_exchange_request1_size,
397 : &m_libspdm_key_exchange_request1, &response_size, response);
398 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
399 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
400 1 : spdm_response = (void *)response;
401 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
402 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_REQUEST_RESYNCH);
403 1 : assert_int_equal(spdm_response->header.param2, 0);
404 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
405 1 : free(data1);
406 : }
407 :
408 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
409 1 : static void rsp_key_exchange_rsp_case5(void **state)
410 : {
411 : libspdm_return_t status;
412 : libspdm_test_context_t *spdm_test_context;
413 : libspdm_context_t *spdm_context;
414 : size_t response_size;
415 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
416 : spdm_key_exchange_response_t *spdm_response;
417 : void *data1;
418 : size_t data_size1;
419 : spdm_error_data_response_not_ready_t *error_data;
420 : uint8_t *ptr;
421 : size_t dhe_key_size;
422 : void *dhe_context;
423 : size_t opaque_key_exchange_req_size;
424 :
425 1 : spdm_test_context = *state;
426 1 : spdm_context = spdm_test_context->spdm_context;
427 1 : spdm_test_context->case_id = 0x5;
428 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
429 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
430 1 : spdm_context->connection_info.capability.flags |=
431 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
432 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
433 1 : spdm_context->local_context.capability.flags |=
434 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
435 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
436 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
437 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
438 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
439 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
440 : m_libspdm_use_measurement_hash_algo;
441 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
442 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
443 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
444 : SPDM_VERSION_NUMBER_SHIFT_BIT;
445 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
446 : m_libspdm_use_asym_algo, &data1,
447 : &data_size1, NULL, NULL)) {
448 0 : return;
449 : }
450 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
451 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
452 :
453 1 : libspdm_reset_message_a(spdm_context);
454 :
455 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
456 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
457 1 : m_libspdm_key_exchange_request1.reserved = 0;
458 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
459 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
460 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
461 : false);
462 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
463 1 : ptr += dhe_key_size;
464 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
465 1 : opaque_key_exchange_req_size =
466 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
467 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
468 1 : ptr += sizeof(uint16_t);
469 1 : libspdm_build_opaque_data_supported_version_data(
470 : spdm_context, &opaque_key_exchange_req_size, ptr);
471 1 : ptr += opaque_key_exchange_req_size;
472 1 : response_size = sizeof(response);
473 1 : status = libspdm_get_response_key_exchange(
474 : spdm_context, m_libspdm_key_exchange_request1_size,
475 : &m_libspdm_key_exchange_request1, &response_size, response);
476 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
477 1 : assert_int_equal(response_size,
478 : sizeof(spdm_error_response_t) +
479 : sizeof(spdm_error_data_response_not_ready_t));
480 1 : spdm_response = (void *)response;
481 1 : error_data = (spdm_error_data_response_not_ready_t
482 : *)(&spdm_response->rsp_session_id);
483 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
484 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_RESPONSE_NOT_READY);
485 1 : assert_int_equal(spdm_response->header.param2, 0);
486 1 : assert_int_equal(spdm_context->response_state, LIBSPDM_RESPONSE_STATE_NOT_READY);
487 1 : assert_int_equal(error_data->request_code, SPDM_KEY_EXCHANGE);
488 1 : free(data1);
489 : }
490 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
491 :
492 1 : static void rsp_key_exchange_rsp_case6(void **state)
493 : {
494 : libspdm_return_t status;
495 : libspdm_test_context_t *spdm_test_context;
496 : libspdm_context_t *spdm_context;
497 : size_t response_size;
498 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
499 : spdm_key_exchange_response_t *spdm_response;
500 : void *data1;
501 : size_t data_size1;
502 : uint8_t *ptr;
503 : size_t dhe_key_size;
504 : void *dhe_context;
505 : size_t opaque_key_exchange_req_size;
506 :
507 1 : spdm_test_context = *state;
508 1 : spdm_context = spdm_test_context->spdm_context;
509 1 : spdm_test_context->case_id = 0x6;
510 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
511 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
512 1 : spdm_context->connection_info.capability.flags |=
513 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
514 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
515 1 : spdm_context->local_context.capability.flags |=
516 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
517 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
518 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
519 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
520 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
521 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
522 : m_libspdm_use_measurement_hash_algo;
523 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
524 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
525 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
526 : SPDM_VERSION_NUMBER_SHIFT_BIT;
527 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
528 : m_libspdm_use_asym_algo, &data1,
529 : &data_size1, NULL, NULL)) {
530 0 : return;
531 : }
532 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
533 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
534 :
535 1 : libspdm_reset_message_a(spdm_context);
536 :
537 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
538 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
539 1 : m_libspdm_key_exchange_request1.reserved = 0;
540 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
541 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
542 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
543 : false);
544 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
545 1 : ptr += dhe_key_size;
546 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
547 1 : opaque_key_exchange_req_size =
548 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
549 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
550 1 : ptr += sizeof(uint16_t);
551 1 : libspdm_build_opaque_data_supported_version_data(
552 : spdm_context, &opaque_key_exchange_req_size, ptr);
553 1 : ptr += opaque_key_exchange_req_size;
554 1 : response_size = sizeof(response);
555 1 : status = libspdm_get_response_key_exchange(
556 : spdm_context, m_libspdm_key_exchange_request1_size,
557 : &m_libspdm_key_exchange_request1, &response_size, response);
558 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
559 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
560 1 : spdm_response = (void *)response;
561 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
562 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
563 1 : assert_int_equal(spdm_response->header.param2, 0);
564 1 : free(data1);
565 : }
566 :
567 1 : static void rsp_key_exchange_rsp_case7(void **state)
568 : {
569 : libspdm_return_t status;
570 : libspdm_test_context_t *spdm_test_context;
571 : libspdm_context_t *spdm_context;
572 : size_t response_size;
573 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
574 : spdm_key_exchange_response_t *spdm_response;
575 : void *data1;
576 : size_t data_size1;
577 : uint8_t *ptr;
578 : size_t dhe_key_size;
579 : void *dhe_context;
580 : size_t opaque_key_exchange_req_size;
581 :
582 1 : spdm_test_context = *state;
583 1 : spdm_context = spdm_test_context->spdm_context;
584 1 : spdm_test_context->case_id = 0x1;
585 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
586 1 : spdm_context->connection_info.capability.flags |=
587 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
588 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
589 1 : spdm_context->local_context.capability.flags |=
590 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
591 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
592 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
593 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
594 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
595 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
596 : m_libspdm_use_measurement_hash_algo;
597 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
598 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
599 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
600 : SPDM_VERSION_NUMBER_SHIFT_BIT;
601 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
602 : m_libspdm_use_asym_algo, &data1,
603 : &data_size1, NULL, NULL)) {
604 0 : return;
605 : }
606 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
607 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
608 :
609 1 : libspdm_reset_message_a(spdm_context);
610 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
611 : spdm_context->transcript.message_m.buffer_size =
612 : spdm_context->transcript.message_m.max_buffer_size;
613 : spdm_context->transcript.message_b.buffer_size =
614 : spdm_context->transcript.message_b.max_buffer_size;
615 : spdm_context->transcript.message_c.buffer_size =
616 : spdm_context->transcript.message_c.max_buffer_size;
617 : spdm_context->transcript.message_mut_b.buffer_size =
618 : spdm_context->transcript.message_mut_b.max_buffer_size;
619 : spdm_context->transcript.message_mut_c.buffer_size =
620 : spdm_context->transcript.message_mut_c.max_buffer_size;
621 : #endif
622 :
623 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
624 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
625 1 : m_libspdm_key_exchange_request1.reserved = 0;
626 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
627 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
628 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
629 : false);
630 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
631 1 : ptr += dhe_key_size;
632 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
633 1 : opaque_key_exchange_req_size =
634 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
635 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
636 1 : ptr += sizeof(uint16_t);
637 1 : libspdm_build_opaque_data_supported_version_data(
638 : spdm_context, &opaque_key_exchange_req_size, ptr);
639 1 : ptr += opaque_key_exchange_req_size;
640 1 : response_size = sizeof(response);
641 1 : status = libspdm_get_response_key_exchange(
642 : spdm_context, m_libspdm_key_exchange_request1_size,
643 : &m_libspdm_key_exchange_request1, &response_size, response);
644 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
645 1 : assert_int_equal(
646 : libspdm_secured_message_get_session_state(
647 : spdm_context->session_info[0].secured_message_context),
648 : LIBSPDM_SESSION_STATE_HANDSHAKING);
649 1 : spdm_response = (void *)response;
650 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
651 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
652 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
653 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
654 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
655 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
656 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
657 : #endif
658 :
659 1 : free(data1);
660 : }
661 :
662 1 : static void rsp_key_exchange_rsp_case8(void **state)
663 : {
664 : libspdm_return_t status;
665 : libspdm_test_context_t *spdm_test_context;
666 : libspdm_context_t *spdm_context;
667 : size_t response_size;
668 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
669 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
670 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
671 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
672 : uint32_t measurement_summary_hash_size;
673 : spdm_key_exchange_response_t *spdm_response;
674 : void *data1;
675 : size_t data_size1;
676 : uint8_t *ptr;
677 : size_t dhe_key_size;
678 : void *dhe_context;
679 : size_t opaque_key_exchange_req_size;
680 : bool result;
681 :
682 1 : spdm_test_context = *state;
683 1 : spdm_context = spdm_test_context->spdm_context;
684 1 : spdm_test_context->case_id = 0x8;
685 :
686 : /* Clear previous sessions */
687 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
688 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
689 : }
690 :
691 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
692 1 : spdm_context->connection_info.capability.flags |=
693 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
694 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
695 1 : spdm_context->local_context.capability.flags |=
696 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
697 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
698 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
699 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
700 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
701 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
702 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
703 : m_libspdm_use_measurement_hash_algo;
704 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
705 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
706 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
707 : SPDM_VERSION_NUMBER_SHIFT_BIT;
708 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
709 : m_libspdm_use_asym_algo, &data1,
710 : &data_size1, NULL, NULL)) {
711 0 : return;
712 : }
713 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
714 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
715 :
716 1 : libspdm_reset_message_a(spdm_context);
717 :
718 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request3.random_data);
719 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
720 1 : m_libspdm_key_exchange_request3.reserved = 0;
721 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
722 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
723 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
724 : false);
725 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
726 1 : ptr += dhe_key_size;
727 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
728 1 : opaque_key_exchange_req_size =
729 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
730 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
731 1 : ptr += sizeof(uint16_t);
732 1 : libspdm_build_opaque_data_supported_version_data(
733 : spdm_context, &opaque_key_exchange_req_size, ptr);
734 1 : ptr += opaque_key_exchange_req_size;
735 1 : response_size = sizeof(response);
736 1 : status = libspdm_get_response_key_exchange(
737 : spdm_context, m_libspdm_key_exchange_request3_size,
738 : &m_libspdm_key_exchange_request3, &response_size, response);
739 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
740 1 : assert_int_equal(
741 : libspdm_secured_message_get_session_state(
742 : spdm_context->session_info[0].secured_message_context),
743 : LIBSPDM_SESSION_STATE_HANDSHAKING);
744 1 : spdm_response = (void *)response;
745 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
746 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
747 :
748 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
749 1 : spdm_context, false, m_libspdm_key_exchange_request3.header.param1);
750 :
751 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
752 1 : result = libspdm_generate_measurement_summary_hash(
753 : spdm_context,
754 1 : spdm_context->connection_info.version,
755 : spdm_context->connection_info.algorithm.base_hash_algo,
756 1 : spdm_context->connection_info.algorithm.measurement_spec,
757 : spdm_context->connection_info.algorithm.measurement_hash_algo,
758 1 : m_libspdm_key_exchange_request3.header.param1,
759 : measurement_hash,
760 : measurement_summary_hash_size);
761 :
762 1 : assert_true(result);
763 :
764 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
765 : measurement_hash, measurement_summary_hash_size);
766 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
767 1 : free(data1);
768 : }
769 :
770 1 : static void rsp_key_exchange_rsp_case9(void **state)
771 : {
772 : libspdm_return_t status;
773 : libspdm_test_context_t *spdm_test_context;
774 : libspdm_context_t *spdm_context;
775 : size_t response_size;
776 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
777 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
778 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
779 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
780 : uint32_t measurement_summary_hash_size;
781 : spdm_key_exchange_response_t *spdm_response;
782 : void *data1;
783 : size_t data_size1;
784 : uint8_t *ptr;
785 : size_t dhe_key_size;
786 : void *dhe_context;
787 : size_t opaque_key_exchange_req_size;
788 : uint32_t session_id;
789 : bool result;
790 :
791 1 : spdm_test_context = *state;
792 1 : spdm_context = spdm_test_context->spdm_context;
793 1 : spdm_test_context->case_id = 0x9;
794 :
795 : /* Clear previous sessions */
796 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
797 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
798 : }
799 :
800 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
801 1 : spdm_context->connection_info.capability.flags |=
802 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
803 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
804 1 : spdm_context->local_context.capability.flags |=
805 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
806 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
807 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
808 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
809 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
810 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
811 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
812 : m_libspdm_use_measurement_hash_algo;
813 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
814 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
815 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
816 : SPDM_VERSION_NUMBER_SHIFT_BIT;
817 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
818 : m_libspdm_use_asym_algo, &data1,
819 : &data_size1, NULL, NULL)) {
820 0 : return;
821 : }
822 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
823 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
824 :
825 1 : libspdm_reset_message_a(spdm_context);
826 :
827 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request4.random_data);
828 1 : m_libspdm_key_exchange_request4.req_session_id = 0xFFFF;
829 1 : m_libspdm_key_exchange_request4.reserved = 0;
830 1 : ptr = m_libspdm_key_exchange_request4.exchange_data;
831 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
832 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
833 : false);
834 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
835 1 : ptr += dhe_key_size;
836 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
837 1 : opaque_key_exchange_req_size =
838 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
839 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
840 1 : ptr += sizeof(uint16_t);
841 1 : libspdm_build_opaque_data_supported_version_data(
842 : spdm_context, &opaque_key_exchange_req_size, ptr);
843 1 : ptr += opaque_key_exchange_req_size;
844 1 : response_size = sizeof(response);
845 1 : status = libspdm_get_response_key_exchange(
846 : spdm_context, m_libspdm_key_exchange_request4_size,
847 : &m_libspdm_key_exchange_request4, &response_size, response);
848 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
849 1 : assert_int_equal(
850 : libspdm_secured_message_get_session_state(
851 : spdm_context->session_info[0].secured_message_context),
852 : LIBSPDM_SESSION_STATE_HANDSHAKING);
853 1 : spdm_response = (void *)response;
854 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
855 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
856 :
857 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
858 1 : spdm_context, false, m_libspdm_key_exchange_request4.header.param1);
859 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
860 1 : result = libspdm_generate_measurement_summary_hash(
861 : spdm_context,
862 1 : spdm_context->connection_info.version,
863 : spdm_context->connection_info.algorithm.base_hash_algo,
864 1 : spdm_context->connection_info.algorithm.measurement_spec,
865 : spdm_context->connection_info.algorithm.measurement_hash_algo,
866 1 : m_libspdm_key_exchange_request4.header.param1,
867 : measurement_hash,
868 : measurement_summary_hash_size);
869 :
870 1 : assert_true(result);
871 :
872 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
873 : measurement_hash, measurement_summary_hash_size);
874 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
875 :
876 1 : session_id = (m_libspdm_key_exchange_request4.req_session_id << 16) |
877 1 : spdm_response->rsp_session_id;
878 1 : libspdm_free_session_id(spdm_context, session_id);
879 :
880 1 : free(data1);
881 : }
882 :
883 1 : static void rsp_key_exchange_rsp_case10(void **state)
884 : {
885 : libspdm_return_t status;
886 : libspdm_test_context_t *spdm_test_context;
887 : libspdm_context_t *spdm_context;
888 : size_t response_size;
889 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
890 : spdm_key_exchange_response_t *spdm_response;
891 : void *data1;
892 : size_t data_size1;
893 : uint8_t *ptr;
894 : size_t dhe_key_size;
895 : void *dhe_context;
896 : size_t opaque_key_exchange_req_size;
897 :
898 1 : spdm_test_context = *state;
899 1 : spdm_context = spdm_test_context->spdm_context;
900 1 : spdm_test_context->case_id = 0xA;
901 :
902 : /* Clear previous sessions */
903 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
904 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
905 : }
906 :
907 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
908 1 : spdm_context->connection_info.capability.flags |=
909 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
910 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
911 1 : spdm_context->local_context.capability.flags |=
912 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
913 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
914 1 : spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
915 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
916 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
917 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
918 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
919 : m_libspdm_use_measurement_hash_algo;
920 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
921 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
922 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
923 : SPDM_VERSION_NUMBER_SHIFT_BIT;
924 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
925 : m_libspdm_use_asym_algo, &data1,
926 : &data_size1, NULL, NULL)) {
927 0 : return;
928 : }
929 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
930 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
931 :
932 1 : libspdm_reset_message_a(spdm_context);
933 :
934 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request5.random_data);
935 1 : m_libspdm_key_exchange_request5.req_session_id = 0xFFFF;
936 1 : m_libspdm_key_exchange_request5.reserved = 0;
937 1 : ptr = m_libspdm_key_exchange_request5.exchange_data;
938 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
939 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
940 : false);
941 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
942 1 : ptr += dhe_key_size;
943 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
944 1 : opaque_key_exchange_req_size =
945 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
946 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
947 1 : ptr += sizeof(uint16_t);
948 1 : libspdm_build_opaque_data_supported_version_data(
949 : spdm_context, &opaque_key_exchange_req_size, ptr);
950 1 : ptr += opaque_key_exchange_req_size;
951 1 : response_size = sizeof(response);
952 1 : status = libspdm_get_response_key_exchange(
953 : spdm_context, m_libspdm_key_exchange_request5_size,
954 : &m_libspdm_key_exchange_request5, &response_size, response);
955 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
956 :
957 1 : spdm_response = (void *)response;
958 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
959 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
960 :
961 1 : free(data1);
962 : }
963 :
964 1 : static void rsp_key_exchange_rsp_case11(void **state)
965 : {
966 : libspdm_return_t status;
967 : libspdm_test_context_t *spdm_test_context;
968 : libspdm_context_t *spdm_context;
969 : size_t response_size;
970 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
971 : spdm_key_exchange_response_t *spdm_response;
972 : void *data1;
973 : size_t data_size1;
974 : uint8_t *ptr;
975 : size_t dhe_key_size;
976 : void *dhe_context;
977 : size_t opaque_key_exchange_req_size;
978 :
979 1 : spdm_test_context = *state;
980 1 : spdm_context = spdm_test_context->spdm_context;
981 1 : spdm_test_context->case_id = 0xB;
982 :
983 : /* Clear previous sessions */
984 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
985 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
986 : }
987 :
988 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
989 :
990 : /* Clear capabilities flag */
991 1 : spdm_context->local_context.capability.flags &= ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
992 :
993 : /*set capabilities flags */
994 1 : spdm_context->connection_info.capability.flags |=
995 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
996 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
997 1 : spdm_context->local_context.capability.flags |=
998 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
999 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1000 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1001 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1002 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1003 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1004 : m_libspdm_use_measurement_hash_algo;
1005 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1006 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1007 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1008 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1009 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1010 : m_libspdm_use_asym_algo, &data1,
1011 : &data_size1, NULL, NULL)) {
1012 0 : return;
1013 : }
1014 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1015 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1016 :
1017 1 : libspdm_reset_message_a(spdm_context);
1018 :
1019 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request3.random_data);
1020 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
1021 1 : m_libspdm_key_exchange_request3.reserved = 0;
1022 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
1023 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1024 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1025 : false);
1026 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1027 1 : ptr += dhe_key_size;
1028 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1029 1 : opaque_key_exchange_req_size =
1030 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1031 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1032 1 : ptr += sizeof(uint16_t);
1033 1 : libspdm_build_opaque_data_supported_version_data(
1034 : spdm_context, &opaque_key_exchange_req_size, ptr);
1035 1 : ptr += opaque_key_exchange_req_size;
1036 1 : response_size = sizeof(response);
1037 1 : status = libspdm_get_response_key_exchange(
1038 : spdm_context, m_libspdm_key_exchange_request3_size,
1039 : &m_libspdm_key_exchange_request3, &response_size, response);
1040 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1041 :
1042 1 : spdm_response = (void *)response;
1043 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1044 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1045 :
1046 1 : free(data1);
1047 : }
1048 :
1049 1 : static void rsp_key_exchange_rsp_case14(void **state)
1050 : {
1051 : libspdm_return_t status;
1052 : libspdm_test_context_t *spdm_test_context;
1053 : libspdm_context_t *spdm_context;
1054 : size_t response_size;
1055 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1056 : spdm_key_exchange_response_t *spdm_response;
1057 : void *data1;
1058 : size_t data_size1;
1059 : void *data2;
1060 : size_t data_size2;
1061 : uint8_t *ptr;
1062 : size_t dhe_key_size;
1063 : void *dhe_context;
1064 : size_t opaque_key_exchange_req_size;
1065 :
1066 1 : spdm_test_context = *state;
1067 1 : spdm_context = spdm_test_context->spdm_context;
1068 1 : spdm_test_context->case_id = 0xE;
1069 :
1070 : /* Clear previous sessions */
1071 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1072 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1073 : }
1074 :
1075 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1076 1 : spdm_context->connection_info.capability.flags =
1077 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1078 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1079 1 : spdm_context->local_context.capability.flags =
1080 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1081 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1082 1 : spdm_context->connection_info.capability.flags |=
1083 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
1084 1 : spdm_context->local_context.capability.flags |=
1085 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
1086 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1087 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1088 1 : spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo;
1089 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1090 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1091 : m_libspdm_use_measurement_hash_algo;
1092 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1093 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1094 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1095 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1096 1 : if (!libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1)) {
1097 0 : return;
1098 : }
1099 1 : spdm_context->local_context.local_public_key_provision = data1;
1100 1 : spdm_context->local_context.local_public_key_provision_size = data_size1;
1101 1 : if (!libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2)) {
1102 0 : return;
1103 : }
1104 1 : spdm_context->local_context.peer_public_key_provision = data2;
1105 1 : spdm_context->local_context.peer_public_key_provision_size = data_size2;
1106 :
1107 1 : libspdm_reset_message_a(spdm_context);
1108 :
1109 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request7.random_data);
1110 1 : m_libspdm_key_exchange_request7.req_session_id = 0xFFFF;
1111 1 : m_libspdm_key_exchange_request7.reserved = 0;
1112 1 : ptr = m_libspdm_key_exchange_request7.exchange_data;
1113 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1114 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1115 : false);
1116 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1117 1 : ptr += dhe_key_size;
1118 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1119 1 : opaque_key_exchange_req_size =
1120 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1121 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1122 1 : ptr += sizeof(uint16_t);
1123 1 : libspdm_build_opaque_data_supported_version_data(
1124 : spdm_context, &opaque_key_exchange_req_size, ptr);
1125 1 : ptr += opaque_key_exchange_req_size;
1126 1 : response_size = sizeof(response);
1127 1 : status = libspdm_get_response_key_exchange(
1128 : spdm_context, m_libspdm_key_exchange_request7_size,
1129 : &m_libspdm_key_exchange_request7, &response_size, response);
1130 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1131 1 : assert_int_equal(
1132 : libspdm_secured_message_get_session_state(
1133 : spdm_context->session_info[0].secured_message_context),
1134 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1135 1 : spdm_response = (void *)response;
1136 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1137 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1138 1 : free(data1);
1139 1 : free(data2);
1140 : }
1141 :
1142 1 : static void rsp_key_exchange_rsp_case15(void **state)
1143 : {
1144 : libspdm_return_t status;
1145 : libspdm_test_context_t *spdm_test_context;
1146 : libspdm_context_t *spdm_context;
1147 : size_t response_size;
1148 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1149 : spdm_key_exchange_response_t *spdm_response;
1150 : void *data1;
1151 : size_t data_size1;
1152 : uint8_t *ptr;
1153 : size_t dhe_key_size;
1154 : void *dhe_context;
1155 : size_t opaque_key_exchange_req_size;
1156 : size_t opaque_key_exchange_rsp_size;
1157 :
1158 1 : spdm_test_context = *state;
1159 1 : spdm_context = spdm_test_context->spdm_context;
1160 1 : spdm_test_context->case_id = 0xF;
1161 :
1162 : /* Clear previous sessions */
1163 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1164 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1165 : }
1166 :
1167 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1168 1 : spdm_context->connection_info.capability.flags =
1169 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1170 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1171 1 : spdm_context->local_context.capability.flags =
1172 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1173 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1174 1 : spdm_context->connection_info.capability.flags |=
1175 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1176 1 : spdm_context->local_context.capability.flags |=
1177 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP |
1178 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1179 :
1180 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1181 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1182 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1183 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1184 : m_libspdm_use_measurement_hash_algo;
1185 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1186 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1187 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1188 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1189 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1190 : m_libspdm_use_asym_algo, &data1,
1191 : &data_size1, NULL, NULL)) {
1192 0 : return;
1193 : }
1194 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1195 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1196 :
1197 1 : libspdm_reset_message_a(spdm_context);
1198 :
1199 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1200 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1201 1 : m_libspdm_key_exchange_request1.reserved = 0;
1202 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1203 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1204 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1205 : false);
1206 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1207 1 : ptr += dhe_key_size;
1208 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1209 1 : opaque_key_exchange_req_size =
1210 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1211 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1212 1 : ptr += sizeof(uint16_t);
1213 1 : libspdm_build_opaque_data_supported_version_data(
1214 : spdm_context, &opaque_key_exchange_req_size, ptr);
1215 1 : ptr += opaque_key_exchange_req_size;
1216 1 : response_size = sizeof(response);
1217 :
1218 : /* Required to compute response size independently */
1219 : opaque_key_exchange_rsp_size =
1220 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
1221 :
1222 1 : status = libspdm_get_response_key_exchange(
1223 : spdm_context, m_libspdm_key_exchange_request1_size,
1224 : &m_libspdm_key_exchange_request1, &response_size, response);
1225 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1226 1 : assert_int_equal(
1227 : libspdm_secured_message_get_session_state(
1228 : spdm_context->session_info[0].secured_message_context),
1229 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1230 1 : spdm_response = (void *)response;
1231 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1232 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1233 1 : assert_int_equal(response_size,
1234 : sizeof(spdm_key_exchange_response_t) +
1235 : dhe_key_size +
1236 : sizeof(uint16_t) +
1237 : opaque_key_exchange_rsp_size +
1238 : libspdm_get_asym_signature_size(
1239 : spdm_context->connection_info.algorithm.base_asym_algo)
1240 : );
1241 :
1242 1 : free(data1);
1243 : }
1244 :
1245 1 : static void rsp_key_exchange_rsp_case16(void **state)
1246 : {
1247 : libspdm_return_t status;
1248 : libspdm_test_context_t *spdm_test_context;
1249 : libspdm_context_t *spdm_context;
1250 : size_t current_request_size;
1251 : size_t response_size;
1252 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1253 : spdm_key_exchange_response_t *spdm_response;
1254 : void *data1;
1255 : size_t data_size1;
1256 : uint8_t *ptr;
1257 : size_t dhe_key_size;
1258 : void *dhe_context;
1259 : size_t opaque_key_exchange_req_size;
1260 :
1261 1 : spdm_test_context = *state;
1262 1 : spdm_context = spdm_test_context->spdm_context;
1263 1 : spdm_test_context->case_id = 0x10;
1264 :
1265 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1266 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1267 : }
1268 :
1269 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1270 1 : spdm_context->connection_info.capability.flags |=
1271 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1272 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1273 1 : spdm_context->local_context.capability.flags |=
1274 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1275 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1276 :
1277 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1278 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1279 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1280 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1281 : m_libspdm_use_measurement_hash_algo;
1282 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1283 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1284 :
1285 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1286 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1287 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1288 : m_libspdm_use_asym_algo, &data1,
1289 : &data_size1, NULL, NULL)) {
1290 0 : return;
1291 : }
1292 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1293 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1294 :
1295 1 : libspdm_reset_message_a(spdm_context);
1296 :
1297 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1298 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1299 1 : m_libspdm_key_exchange_request1.reserved = 0;
1300 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1301 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1302 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1303 : false);
1304 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1305 1 : ptr += dhe_key_size;
1306 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1307 1 : opaque_key_exchange_req_size =
1308 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1309 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1310 1 : ptr += sizeof(uint16_t);
1311 1 : libspdm_build_opaque_data_supported_version_data(
1312 : spdm_context, &opaque_key_exchange_req_size, ptr);
1313 1 : ptr += opaque_key_exchange_req_size;
1314 :
1315 1 : current_request_size = sizeof(spdm_key_exchange_request_t) + dhe_key_size +
1316 1 : sizeof(uint16_t) + opaque_key_exchange_req_size;
1317 1 : response_size = sizeof(response);
1318 1 : status = libspdm_get_response_key_exchange(
1319 : spdm_context, current_request_size, &m_libspdm_key_exchange_request1,
1320 : &response_size, response);
1321 :
1322 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1323 1 : assert_int_equal(
1324 : libspdm_secured_message_get_session_state(
1325 : spdm_context->session_info[0].secured_message_context),
1326 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1327 1 : spdm_response = (void *)response;
1328 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1329 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1330 :
1331 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1332 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
1333 : current_request_size + response_size);
1334 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
1335 : &m_libspdm_key_exchange_request1, current_request_size);
1336 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer +
1337 : current_request_size,
1338 : response, response_size);
1339 : #endif
1340 1 : free(data1);
1341 : }
1342 :
1343 1 : static void rsp_key_exchange_rsp_case17(void **state)
1344 : {
1345 : libspdm_return_t status;
1346 : libspdm_test_context_t *spdm_test_context;
1347 : libspdm_context_t *spdm_context;
1348 : size_t response_size;
1349 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1350 : spdm_key_exchange_response_t *spdm_response;
1351 : void *data1;
1352 : size_t data_size1;
1353 : uint8_t *ptr;
1354 : size_t dhe_key_size;
1355 : void *dhe_context;
1356 : size_t opaque_key_exchange_req_size;
1357 :
1358 1 : spdm_test_context = *state;
1359 1 : spdm_context = spdm_test_context->spdm_context;
1360 1 : spdm_test_context->case_id = 0x11;
1361 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1362 1 : spdm_context->connection_info.capability.flags |=
1363 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1364 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1365 1 : spdm_context->local_context.capability.flags |=
1366 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1367 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1368 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1369 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1370 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1371 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1372 : m_libspdm_use_measurement_hash_algo;
1373 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1374 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1375 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1376 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1377 1 : spdm_context->connection_info.algorithm.other_params_support =
1378 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1379 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1380 :
1381 1 : libspdm_session_info_init(spdm_context,
1382 1 : spdm_context->session_info,
1383 : 0,
1384 : INVALID_SESSION_ID, false);
1385 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1386 : m_libspdm_use_asym_algo, &data1,
1387 : &data_size1, NULL, NULL)) {
1388 0 : return;
1389 : }
1390 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1391 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1392 :
1393 1 : libspdm_reset_message_a(spdm_context);
1394 :
1395 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1396 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1397 1 : m_libspdm_key_exchange_request8.reserved = 0;
1398 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1399 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1400 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1401 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1402 : false);
1403 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1404 1 : ptr += dhe_key_size;
1405 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1406 1 : opaque_key_exchange_req_size =
1407 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1408 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1409 1 : ptr += sizeof(uint16_t);
1410 1 : libspdm_build_opaque_data_supported_version_data(
1411 : spdm_context, &opaque_key_exchange_req_size, ptr);
1412 1 : ptr += opaque_key_exchange_req_size;
1413 1 : response_size = sizeof(response);
1414 1 : status = libspdm_get_response_key_exchange(
1415 : spdm_context, m_libspdm_key_exchange_request8_size,
1416 : &m_libspdm_key_exchange_request8, &response_size, response);
1417 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1418 : m_libspdm_key_exchange_request8.session_policy);
1419 1 : spdm_response = (void *)response;
1420 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1421 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1422 1 : assert_int_equal(
1423 : libspdm_secured_message_get_session_state(
1424 : spdm_context->session_info[0].secured_message_context),
1425 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1426 1 : spdm_response = (void *)response;
1427 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1428 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1429 1 : free(data1);
1430 : }
1431 :
1432 : /**
1433 : * Test 18: SlotID in KEY_EXCHANGE request message is 9, but it should be 0xFF or between 0 and 7 inclusive.
1434 : * Expected Behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
1435 : **/
1436 1 : static void rsp_key_exchange_rsp_case18(void **state)
1437 : {
1438 : libspdm_return_t status;
1439 : libspdm_test_context_t *spdm_test_context;
1440 : libspdm_context_t *spdm_context;
1441 : size_t response_size;
1442 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1443 : spdm_key_exchange_response_t *spdm_response;
1444 : void *data1;
1445 : size_t data_size1;
1446 : uint8_t *ptr;
1447 : size_t dhe_key_size;
1448 : void *dhe_context;
1449 : size_t opaque_key_exchange_req_size;
1450 :
1451 1 : spdm_test_context = *state;
1452 1 : spdm_context = spdm_test_context->spdm_context;
1453 1 : spdm_test_context->case_id = 0x12;
1454 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1455 1 : spdm_context->connection_info.capability.flags |=
1456 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1457 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1458 1 : spdm_context->local_context.capability.flags |=
1459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1460 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1461 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1462 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1463 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1464 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1465 : m_libspdm_use_measurement_hash_algo;
1466 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1467 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1468 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1469 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1470 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1471 : m_libspdm_use_asym_algo, &data1,
1472 : &data_size1, NULL, NULL)) {
1473 0 : return;
1474 : }
1475 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1476 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1477 :
1478 1 : libspdm_reset_message_a(spdm_context);
1479 :
1480 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1481 :
1482 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request9.random_data);
1483 1 : m_libspdm_key_exchange_request9.req_session_id = 0xFFFF;
1484 1 : m_libspdm_key_exchange_request9.reserved = 0;
1485 1 : ptr = m_libspdm_key_exchange_request9.exchange_data;
1486 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1487 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1488 : false);
1489 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1490 1 : ptr += dhe_key_size;
1491 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1492 1 : opaque_key_exchange_req_size =
1493 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1494 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1495 1 : ptr += sizeof(uint16_t);
1496 1 : libspdm_build_opaque_data_supported_version_data(
1497 : spdm_context, &opaque_key_exchange_req_size, ptr);
1498 1 : ptr += opaque_key_exchange_req_size;
1499 1 : response_size = sizeof(response);
1500 1 : status = libspdm_get_response_key_exchange(
1501 : spdm_context, m_libspdm_key_exchange_request9_size,
1502 : &m_libspdm_key_exchange_request9, &response_size, response);
1503 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1504 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1505 1 : spdm_response = (void *)response;
1506 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1507 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1508 1 : assert_int_equal(spdm_response->header.param2, 0);
1509 1 : free(data1);
1510 : }
1511 :
1512 1 : static void rsp_key_exchange_rsp_case19(void **state)
1513 : {
1514 : libspdm_return_t status;
1515 : libspdm_test_context_t *spdm_test_context;
1516 : libspdm_context_t *spdm_context;
1517 : size_t response_size;
1518 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1519 : spdm_key_exchange_response_t *spdm_response;
1520 : void *data1;
1521 : size_t data_size1;
1522 : uint8_t *ptr;
1523 : size_t dhe_key_size;
1524 : void *dhe_context;
1525 :
1526 1 : spdm_test_context = *state;
1527 1 : spdm_context = spdm_test_context->spdm_context;
1528 1 : spdm_test_context->case_id = 0x13;
1529 1 : spdm_context->response_state = 0;
1530 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1531 1 : spdm_context->connection_info.capability.flags = 0;
1532 1 : spdm_context->connection_info.capability.flags |=
1533 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1534 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1535 1 : spdm_context->local_context.capability.flags = 0;
1536 1 : spdm_context->local_context.capability.flags |=
1537 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1538 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1539 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1540 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1541 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1542 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1543 : m_libspdm_use_measurement_hash_algo;
1544 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1545 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1546 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1547 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1548 1 : spdm_context->connection_info.algorithm.other_params_support =
1549 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1550 :
1551 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1552 : m_libspdm_use_asym_algo, &data1,
1553 : &data_size1, NULL, NULL)) {
1554 0 : return;
1555 : }
1556 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1557 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1558 :
1559 1 : libspdm_reset_message_a(spdm_context);
1560 :
1561 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1562 :
1563 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1564 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1565 1 : m_libspdm_key_exchange_request8.reserved = 0;
1566 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1567 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1568 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1569 : false);
1570 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1571 1 : ptr += dhe_key_size;
1572 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1573 :
1574 : size_t opaque_data_size;
1575 : spdm_general_opaque_data_table_header_t
1576 : *spdm_general_opaque_data_table_header;
1577 : secured_message_opaque_element_table_header_t
1578 : *opaque_element_table_header;
1579 : secured_message_opaque_element_header_t
1580 : * secured_message_element_header;
1581 : uint8_t element_num;
1582 : uint8_t element_index;
1583 : size_t current_element_len;
1584 :
1585 1 : spdm_general_opaque_data_table_header =
1586 : (spdm_general_opaque_data_table_header_t *)(ptr + sizeof(uint16_t));
1587 1 : spdm_general_opaque_data_table_header->total_elements = 2;
1588 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1589 :
1590 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1591 1 : opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1592 :
1593 3 : for (element_index = 0; element_index < element_num; element_index++) {
1594 2 : opaque_element_table_header->id = SPDM_REGISTRY_ID_DMTF;
1595 2 : opaque_element_table_header->vendor_len = 0;
1596 : /* When opaque_element_data_len is not four byte aligned*/
1597 2 : opaque_element_table_header->opaque_element_data_len = 0xF;
1598 :
1599 2 : secured_message_element_header = (void *)(opaque_element_table_header + 1);
1600 2 : secured_message_element_header->sm_data_id =
1601 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_ID_SUPPORTED_VERSION;
1602 2 : secured_message_element_header->sm_data_version =
1603 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_DATA_VERSION;
1604 :
1605 2 : current_element_len = sizeof(secured_message_opaque_element_table_header_t) +
1606 2 : opaque_element_table_header->vendor_len +
1607 2 : sizeof(opaque_element_table_header->opaque_element_data_len) +
1608 2 : opaque_element_table_header->opaque_element_data_len;
1609 :
1610 : /*move to next element*/
1611 2 : opaque_element_table_header =
1612 : (secured_message_opaque_element_table_header_t *)
1613 : ((uint8_t *)opaque_element_table_header + current_element_len);
1614 :
1615 2 : opaque_data_size += current_element_len;
1616 : }
1617 :
1618 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_data_size);
1619 :
1620 1 : response_size = sizeof(response);
1621 1 : status = libspdm_get_response_key_exchange(
1622 : spdm_context, m_libspdm_key_exchange_request8_size,
1623 : &m_libspdm_key_exchange_request8, &response_size, response);
1624 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1625 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1626 1 : spdm_response = (void *)response;
1627 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1628 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1629 1 : assert_int_equal(spdm_response->header.param2, 0);
1630 1 : free(data1);
1631 : }
1632 :
1633 1 : static void rsp_key_exchange_rsp_case20(void **state)
1634 : {
1635 : libspdm_return_t status;
1636 : libspdm_test_context_t *spdm_test_context;
1637 : libspdm_context_t *spdm_context;
1638 : size_t response_size;
1639 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1640 : spdm_key_exchange_response_t *spdm_response;
1641 : void *data1;
1642 : size_t data_size1;
1643 : uint8_t *ptr;
1644 : size_t dhe_key_size;
1645 : void *dhe_context;
1646 : size_t opaque_key_exchange_req_size;
1647 :
1648 1 : spdm_test_context = *state;
1649 1 : spdm_context = spdm_test_context->spdm_context;
1650 1 : spdm_test_context->case_id = 0x14;
1651 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1652 1 : spdm_context->connection_info.capability.flags =
1653 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1654 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1655 1 : spdm_context->local_context.capability.flags =
1656 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1657 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1658 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1659 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1660 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1661 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1662 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1663 : m_libspdm_use_measurement_hash_algo;
1664 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1665 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1666 1 : spdm_context->connection_info.algorithm.other_params_support =
1667 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1668 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1669 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1670 :
1671 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1672 :
1673 1 : libspdm_session_info_init(spdm_context,
1674 1 : spdm_context->session_info,
1675 : 0,
1676 : INVALID_SESSION_ID, false);
1677 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1678 : m_libspdm_use_asym_algo, &data1,
1679 : &data_size1, NULL, NULL)) {
1680 0 : return;
1681 : }
1682 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1683 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1684 :
1685 1 : libspdm_reset_message_a(spdm_context);
1686 :
1687 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1688 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1689 1 : m_libspdm_key_exchange_request8.reserved = 0;
1690 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1691 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1692 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1693 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1694 : false);
1695 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1696 1 : ptr += dhe_key_size;
1697 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1698 1 : opaque_key_exchange_req_size =
1699 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1700 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1701 1 : ptr += sizeof(uint16_t);
1702 1 : libspdm_build_opaque_data_supported_version_data(
1703 : spdm_context, &opaque_key_exchange_req_size, ptr);
1704 1 : ptr += opaque_key_exchange_req_size;
1705 1 : response_size = sizeof(response);
1706 1 : status = libspdm_get_response_key_exchange(
1707 : spdm_context, m_libspdm_key_exchange_request8_size,
1708 : &m_libspdm_key_exchange_request8, &response_size, response);
1709 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1710 : m_libspdm_key_exchange_request8.session_policy);
1711 1 : spdm_response = (void *)response;
1712 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1713 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1714 1 : assert_int_equal(
1715 : libspdm_secured_message_get_session_state(
1716 : spdm_context->session_info[0].secured_message_context),
1717 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1718 1 : spdm_response = (void *)response;
1719 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1720 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1721 1 : free(data1);
1722 : }
1723 :
1724 : /**
1725 : * Test 21: The key usage bit mask is not set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot
1726 : * Expected Behavior: get a SPDM_ERROR_CODE_INVALID_REQUEST return code
1727 : **/
1728 1 : static void rsp_key_exchange_rsp_case21(void **state)
1729 : {
1730 : libspdm_return_t status;
1731 : libspdm_test_context_t *spdm_test_context;
1732 : libspdm_context_t *spdm_context;
1733 : size_t response_size;
1734 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1735 : spdm_key_exchange_response_t *spdm_response;
1736 : void *data1;
1737 : size_t data_size1;
1738 : uint8_t *ptr;
1739 : size_t dhe_key_size;
1740 : void *dhe_context;
1741 : size_t opaque_key_exchange_req_size;
1742 : uint8_t slot_id;
1743 :
1744 1 : spdm_test_context = *state;
1745 1 : spdm_context = spdm_test_context->spdm_context;
1746 1 : spdm_test_context->case_id = 0x15;
1747 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1748 1 : spdm_context->connection_info.capability.flags |=
1749 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1750 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1751 1 : spdm_context->local_context.capability.flags |=
1752 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1753 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1754 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1755 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1756 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1757 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1758 : m_libspdm_use_measurement_hash_algo;
1759 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1760 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1761 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1762 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1763 1 : spdm_context->connection_info.algorithm.other_params_support =
1764 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1765 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1766 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
1767 :
1768 1 : libspdm_session_info_init(spdm_context,
1769 1 : spdm_context->session_info,
1770 : 0,
1771 : INVALID_SESSION_ID, false);
1772 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1773 : m_libspdm_use_asym_algo, &data1,
1774 : &data_size1, NULL, NULL)) {
1775 0 : return;
1776 : }
1777 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1778 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1779 :
1780 1 : libspdm_reset_message_a(spdm_context);
1781 :
1782 : /* If set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP can specify this certificate slot. If not set,
1783 : * the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot */
1784 1 : slot_id = 0;
1785 1 : m_libspdm_key_exchange_request10.header.param2 = slot_id;
1786 1 : spdm_context->local_context.local_key_usage_bit_mask[slot_id] =
1787 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
1788 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE;
1789 :
1790 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1791 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1792 1 : m_libspdm_key_exchange_request10.reserved = 0;
1793 1 : m_libspdm_key_exchange_request10.session_policy = 0xFF;
1794 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1795 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1796 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1797 : false);
1798 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1799 1 : ptr += dhe_key_size;
1800 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1801 1 : opaque_key_exchange_req_size =
1802 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1803 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1804 1 : ptr += sizeof(uint16_t);
1805 1 : libspdm_build_opaque_data_supported_version_data(
1806 : spdm_context, &opaque_key_exchange_req_size, ptr);
1807 1 : ptr += opaque_key_exchange_req_size;
1808 1 : response_size = sizeof(response);
1809 1 : status = libspdm_get_response_key_exchange(
1810 : spdm_context, m_libspdm_key_exchange_request10_size,
1811 : &m_libspdm_key_exchange_request10, &response_size, response);
1812 :
1813 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1814 1 : assert_int_equal (response_size, sizeof(spdm_error_response_t));
1815 1 : spdm_response = (void *)response;
1816 1 : assert_int_equal (spdm_response->header.request_response_code, SPDM_ERROR);
1817 1 : assert_int_equal (spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1818 1 : assert_int_equal (spdm_response->header.param2, 0);
1819 :
1820 1 : free(data1);
1821 : }
1822 :
1823 : /**
1824 : * Test 21: The Requester subscribes to all events supported by the Responder.
1825 : * Expected Behavior: Responder successfully subscribes the Requester to all events.
1826 : **/
1827 1 : static void rsp_key_exchange_rsp_case22(void **state)
1828 : {
1829 : #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP
1830 : libspdm_return_t status;
1831 : libspdm_test_context_t *spdm_test_context;
1832 : libspdm_context_t *spdm_context;
1833 : size_t response_size;
1834 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1835 : spdm_key_exchange_response_t *spdm_response;
1836 : void *data1;
1837 : size_t data_size1;
1838 : uint8_t *ptr;
1839 : size_t dhe_key_size;
1840 : void *dhe_context;
1841 : size_t opaque_key_exchange_req_size;
1842 :
1843 1 : spdm_test_context = *state;
1844 1 : spdm_context = spdm_test_context->spdm_context;
1845 1 : spdm_test_context->case_id = 0x16;
1846 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1847 1 : spdm_context->connection_info.capability.flags |=
1848 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1849 1 : spdm_context->local_context.capability.flags |=
1850 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1851 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP;
1852 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1853 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1854 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1855 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1856 : m_libspdm_use_measurement_hash_algo;
1857 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1858 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1859 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1860 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1861 1 : spdm_context->connection_info.algorithm.other_params_support =
1862 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1863 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1864 1 : spdm_context->connection_info.multi_key_conn_rsp = false;
1865 :
1866 1 : libspdm_session_info_init(spdm_context, spdm_context->session_info, INVALID_SESSION_ID,
1867 : 0, false);
1868 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1869 : m_libspdm_use_asym_algo, &data1,
1870 : &data_size1, NULL, NULL)) {
1871 0 : return;
1872 : }
1873 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1874 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1875 :
1876 1 : libspdm_reset_message_a(spdm_context);
1877 :
1878 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1879 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1880 1 : m_libspdm_key_exchange_request10.reserved = 0;
1881 1 : m_libspdm_key_exchange_request10.session_policy =
1882 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_EVENT_ALL_POLICY;
1883 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1884 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1885 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1886 : false);
1887 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1888 1 : ptr += dhe_key_size;
1889 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1890 1 : opaque_key_exchange_req_size =
1891 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1892 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1893 1 : ptr += sizeof(uint16_t);
1894 1 : libspdm_build_opaque_data_supported_version_data(
1895 : spdm_context, &opaque_key_exchange_req_size, ptr);
1896 1 : ptr += opaque_key_exchange_req_size;
1897 1 : response_size = sizeof(response);
1898 :
1899 1 : status = libspdm_get_response_key_exchange(
1900 : spdm_context, m_libspdm_key_exchange_request10_size,
1901 : &m_libspdm_key_exchange_request10, &response_size, response);
1902 :
1903 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1904 : m_libspdm_key_exchange_request10.session_policy);
1905 1 : spdm_response = (void *)response;
1906 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_13);
1907 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1908 1 : assert_int_equal(
1909 : libspdm_secured_message_get_session_state(
1910 : spdm_context->session_info[0].secured_message_context),
1911 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1912 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1913 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1914 1 : assert_true(g_event_all_subscribe && !g_event_all_unsubscribe);
1915 1 : free(data1);
1916 : #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */
1917 : }
1918 :
1919 1 : static void rsp_key_exchange_rsp_case23(void **state)
1920 : {
1921 : libspdm_return_t status;
1922 : libspdm_test_context_t *spdm_test_context;
1923 : libspdm_context_t *spdm_context;
1924 : size_t response_size;
1925 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1926 : spdm_key_exchange_response_t *spdm_response;
1927 : void *data1;
1928 : size_t data_size1;
1929 : uint8_t *ptr;
1930 : size_t dhe_key_size;
1931 : void *dhe_context;
1932 : size_t opaque_key_exchange_req_size;
1933 :
1934 1 : spdm_test_context = *state;
1935 1 : spdm_context = spdm_test_context->spdm_context;
1936 1 : spdm_test_context->case_id = 0x17;
1937 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1938 1 : spdm_context->connection_info.capability.flags |=
1939 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1940 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1941 1 : spdm_context->local_context.capability.flags |=
1942 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1943 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1944 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
1945 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1946 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1947 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1948 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1949 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1950 : m_libspdm_use_measurement_hash_algo;
1951 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1952 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1953 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1954 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1955 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1956 : m_libspdm_use_asym_algo, &data1,
1957 : &data_size1, NULL, NULL)) {
1958 0 : return;
1959 : }
1960 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1961 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1962 :
1963 1 : libspdm_reset_message_a(spdm_context);
1964 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
1965 1 : g_mandatory_mut_auth = true;
1966 :
1967 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1968 :
1969 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1970 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1971 1 : m_libspdm_key_exchange_request1.reserved = 0;
1972 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1973 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1974 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1975 : false);
1976 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1977 1 : ptr += dhe_key_size;
1978 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1979 1 : opaque_key_exchange_req_size =
1980 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1981 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
1982 1 : ptr += sizeof(uint16_t);
1983 1 : libspdm_build_opaque_data_supported_version_data(
1984 : spdm_context, &opaque_key_exchange_req_size, ptr);
1985 1 : ptr += opaque_key_exchange_req_size;
1986 1 : response_size = sizeof(response);
1987 1 : status = libspdm_get_response_key_exchange(
1988 : spdm_context, m_libspdm_key_exchange_request1_size,
1989 : &m_libspdm_key_exchange_request1, &response_size, response);
1990 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1991 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1992 1 : spdm_response = (void *)response;
1993 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
1994 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_UNSPECIFIED);
1995 1 : assert_int_equal(spdm_response->header.param2, 0);
1996 :
1997 1 : g_key_exchange_start_mut_auth = 0;
1998 1 : g_mandatory_mut_auth = false;
1999 1 : free(data1);
2000 : }
2001 :
2002 :
2003 1 : static void rsp_key_exchange_rsp_case24(void **state)
2004 : {
2005 : libspdm_return_t status;
2006 : libspdm_test_context_t *spdm_test_context;
2007 : libspdm_context_t *spdm_context;
2008 : size_t response_size;
2009 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2010 : spdm_key_exchange_response_t *spdm_response;
2011 : void *data1;
2012 : size_t data_size1;
2013 : uint8_t *ptr;
2014 : size_t dhe_key_size;
2015 : void *dhe_context;
2016 : size_t opaque_key_exchange_req_size;
2017 :
2018 1 : spdm_test_context = *state;
2019 1 : spdm_context = spdm_test_context->spdm_context;
2020 1 : spdm_test_context->case_id = 0x18;
2021 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2022 1 : spdm_context->connection_info.capability.flags |=
2023 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2024 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2025 1 : spdm_context->local_context.capability.flags |=
2026 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2027 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2028 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2029 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2030 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2031 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2032 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2033 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2034 : m_libspdm_use_measurement_hash_algo;
2035 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2036 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2037 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
2038 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2039 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2040 : m_libspdm_use_asym_algo, &data1,
2041 : &data_size1, NULL, NULL)) {
2042 0 : return;
2043 : }
2044 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2045 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2046 :
2047 1 : libspdm_reset_message_a(spdm_context);
2048 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
2049 1 : g_mandatory_mut_auth = true;
2050 :
2051 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
2052 :
2053 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
2054 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
2055 1 : m_libspdm_key_exchange_request10.reserved = 0;
2056 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2057 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2058 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2059 : false);
2060 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2061 1 : ptr += dhe_key_size;
2062 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2063 1 : opaque_key_exchange_req_size =
2064 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2065 1 : libspdm_write_uint16(ptr, (uint16_t)opaque_key_exchange_req_size);
2066 1 : ptr += sizeof(uint16_t);
2067 1 : libspdm_build_opaque_data_supported_version_data(
2068 : spdm_context, &opaque_key_exchange_req_size, ptr);
2069 1 : ptr += opaque_key_exchange_req_size;
2070 1 : response_size = sizeof(response);
2071 1 : status = libspdm_get_response_key_exchange(
2072 : spdm_context, m_libspdm_key_exchange_request10_size,
2073 : &m_libspdm_key_exchange_request10, &response_size, response);
2074 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2075 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2076 1 : spdm_response = (void *)response;
2077 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
2078 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_POLICY);
2079 1 : assert_int_equal(spdm_response->header.param2, 0);
2080 :
2081 1 : g_mandatory_mut_auth = false;
2082 1 : g_key_exchange_start_mut_auth = 0;
2083 1 : free(data1);
2084 : }
2085 :
2086 : /**
2087 : * Test 25: Successful response to a valid KEY_EXCHANGE request.
2088 : * Expected Behavior: get a valid KEY_EXCHANGE_RSP message
2089 : * with integrator defined opaque data in the response
2090 : **/
2091 1 : static void rsp_key_exchange_rsp_case25(void **state)
2092 : {
2093 : libspdm_return_t status;
2094 : libspdm_test_context_t *spdm_test_context;
2095 : libspdm_context_t *spdm_context;
2096 : size_t response_size;
2097 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2098 : spdm_key_exchange_response_t *spdm_response;
2099 : void *data1;
2100 : size_t data_size1;
2101 : uint8_t *ptr;
2102 : size_t dhe_key_size;
2103 : void *dhe_context;
2104 : size_t opaque_key_exchange_req_size;
2105 : uint16_t opaque_length;
2106 :
2107 1 : spdm_test_context = *state;
2108 1 : spdm_context = spdm_test_context->spdm_context;
2109 1 : spdm_test_context->case_id = 0x19;
2110 1 : spdm_context->connection_info.connection_state =
2111 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2112 1 : spdm_context->connection_info.capability.flags |=
2113 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2114 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2115 1 : spdm_context->local_context.capability.flags |=
2116 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2117 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
2118 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2119 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2120 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2121 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2122 : m_libspdm_use_measurement_hash_algo;
2123 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2124 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2125 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
2126 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2127 1 : spdm_context->connection_info.algorithm.other_params_support =
2128 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
2129 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 2;
2130 1 : g_generate_key_exchange_opaque_data = true;
2131 :
2132 1 : libspdm_session_info_init(spdm_context,
2133 1 : spdm_context->session_info,
2134 : 0,
2135 : INVALID_SESSION_ID, false);
2136 1 : if (!libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2137 : m_libspdm_use_asym_algo, &data1,
2138 : &data_size1, NULL, NULL)) {
2139 0 : return;
2140 : }
2141 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2142 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2143 :
2144 1 : libspdm_reset_message_a(spdm_context);
2145 :
2146 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
2147 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
2148 1 : m_libspdm_key_exchange_request8.reserved = 0;
2149 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
2150 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
2151 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2152 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2153 : false);
2154 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2155 1 : ptr += dhe_key_size;
2156 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2157 1 : opaque_key_exchange_req_size =
2158 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2159 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2160 1 : ptr += sizeof(uint16_t);
2161 1 : libspdm_build_opaque_data_supported_version_data(
2162 : spdm_context, &opaque_key_exchange_req_size, ptr);
2163 1 : ptr += opaque_key_exchange_req_size;
2164 1 : response_size = sizeof(response);
2165 1 : status = libspdm_get_response_key_exchange(
2166 : spdm_context, m_libspdm_key_exchange_request8_size,
2167 : &m_libspdm_key_exchange_request8, &response_size, response);
2168 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
2169 : m_libspdm_key_exchange_request8.session_policy);
2170 1 : spdm_response = (void *)response;
2171 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
2172 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2173 1 : assert_int_equal(
2174 : libspdm_secured_message_get_session_state(
2175 : spdm_context->session_info[0].secured_message_context),
2176 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2177 1 : spdm_response = (void *)response;
2178 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
2179 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
2180 1 : ptr = (uint8_t *)(spdm_response + 1);
2181 1 : ptr += dhe_key_size;
2182 1 : opaque_length = *(uint16_t *)ptr;
2183 1 : assert_int_equal(opaque_length,
2184 : libspdm_get_opaque_data_version_selection_data_size(spdm_context));
2185 :
2186 1 : g_generate_key_exchange_opaque_data = false;
2187 1 : free(data1);
2188 : }
2189 :
2190 1 : int libspdm_rsp_key_exchange_rsp_test(void)
2191 : {
2192 1 : const struct CMUnitTest test_cases[] = {
2193 : /* Success Case*/
2194 : cmocka_unit_test(rsp_key_exchange_rsp_case1),
2195 : /* Bad request size*/
2196 : cmocka_unit_test(rsp_key_exchange_rsp_case2),
2197 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
2198 : cmocka_unit_test(rsp_key_exchange_rsp_case3),
2199 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
2200 : cmocka_unit_test(rsp_key_exchange_rsp_case4),
2201 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2202 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
2203 : cmocka_unit_test(rsp_key_exchange_rsp_case5),
2204 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
2205 : /* connection_state Check*/
2206 : cmocka_unit_test(rsp_key_exchange_rsp_case6),
2207 : /* Buffer reset*/
2208 : cmocka_unit_test(rsp_key_exchange_rsp_case7),
2209 : /* TCB measurement hash requested */
2210 : cmocka_unit_test(rsp_key_exchange_rsp_case8),
2211 : /* All measurement hash requested */
2212 : cmocka_unit_test(rsp_key_exchange_rsp_case9),
2213 : /* Reserved value in Measurement summary. Error + Invalid */
2214 : cmocka_unit_test(rsp_key_exchange_rsp_case10),
2215 : /* TCB measurement hash requested, measurement flag not set */
2216 : cmocka_unit_test(rsp_key_exchange_rsp_case11),
2217 : /* Request previously provisioned public key, slot 0xFF */
2218 : cmocka_unit_test(rsp_key_exchange_rsp_case14),
2219 : /* HANDSHAKE_IN_THE_CLEAR set for requester and responder */
2220 : cmocka_unit_test(rsp_key_exchange_rsp_case15),
2221 : /* Buffer verification*/
2222 : cmocka_unit_test(rsp_key_exchange_rsp_case16),
2223 : /* Successful response V1.2*/
2224 : cmocka_unit_test(rsp_key_exchange_rsp_case17),
2225 : /* Invalid SlotID in KEY_EXCHANGE request message*/
2226 : cmocka_unit_test(rsp_key_exchange_rsp_case18),
2227 : /* Only OpaqueDataFmt1 is supported, Bytes not aligned*/
2228 : cmocka_unit_test(rsp_key_exchange_rsp_case19),
2229 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
2230 : cmocka_unit_test(rsp_key_exchange_rsp_case20),
2231 : /* The key usage bit mask is not set, failed Case*/
2232 : cmocka_unit_test(rsp_key_exchange_rsp_case21),
2233 : cmocka_unit_test(rsp_key_exchange_rsp_case22),
2234 : /* The Responder requires mutual authentication, but the Requester does not support it */
2235 : cmocka_unit_test(rsp_key_exchange_rsp_case23),
2236 : cmocka_unit_test(rsp_key_exchange_rsp_case24),
2237 : /* The Responder using integrator defined opaque data */
2238 : cmocka_unit_test(rsp_key_exchange_rsp_case25),
2239 : };
2240 :
2241 1 : libspdm_test_context_t test_context = {
2242 : LIBSPDM_TEST_CONTEXT_VERSION,
2243 : false,
2244 : };
2245 :
2246 1 : libspdm_setup_test_context(&test_context);
2247 :
2248 1 : return cmocka_run_group_tests(test_cases,
2249 : libspdm_unit_test_group_setup,
2250 : libspdm_unit_test_group_teardown);
2251 : }
2252 :
2253 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
