Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_requester_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
12 :
13 : #pragma pack(1)
14 : typedef struct {
15 : spdm_message_header_t header;
16 : uint16_t req_session_id;
17 : uint8_t session_policy;
18 : uint8_t reserved;
19 : uint8_t random_data[SPDM_RANDOM_DATA_SIZE];
20 : uint8_t exchange_data[LIBSPDM_MAX_DHE_KEY_SIZE];
21 : uint16_t opaque_length;
22 : uint8_t opaque_data[SPDM_MAX_OPAQUE_DATA_SIZE];
23 : } libspdm_key_exchange_request_mine_t;
24 : #pragma pack()
25 :
26 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request1 = {
27 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
28 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
29 : };
30 : size_t m_libspdm_key_exchange_request1_size = sizeof(m_libspdm_key_exchange_request1);
31 :
32 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request2 = {
33 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
34 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
35 : };
36 : size_t m_libspdm_key_exchange_request2_size = sizeof(spdm_key_exchange_request_t);
37 :
38 : /* Request TCB measurement hash */
39 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request3 = {
40 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
41 : SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH, 0 },
42 : };
43 : size_t m_libspdm_key_exchange_request3_size = sizeof(m_libspdm_key_exchange_request3);
44 :
45 : /* Request all measurement hash */
46 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request4 = {
47 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
48 : SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH, 0 },
49 : };
50 : size_t m_libspdm_key_exchange_request4_size = sizeof(m_libspdm_key_exchange_request4);
51 :
52 : /* Uses a reserved value in measurement hash */
53 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request5 = {
54 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
55 : 0x50, 0 },
56 : };
57 : size_t m_libspdm_key_exchange_request5_size = sizeof(m_libspdm_key_exchange_request5);
58 :
59 : /* Asks for certificate in slot 1 */
60 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request6 = {
61 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
62 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 1 },
63 : };
64 : size_t m_libspdm_key_exchange_request6_size = sizeof(m_libspdm_key_exchange_request6);
65 :
66 : /* Asks for previously provisioned raw public key */
67 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request7 = {
68 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
69 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0xFF },
70 : };
71 : size_t m_libspdm_key_exchange_request7_size = sizeof(m_libspdm_key_exchange_request7);
72 :
73 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request8 = {
74 : { SPDM_MESSAGE_VERSION_12, SPDM_KEY_EXCHANGE,
75 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
76 : };
77 : size_t m_libspdm_key_exchange_request8_size = sizeof(m_libspdm_key_exchange_request8);
78 :
79 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request9 = {
80 : { SPDM_MESSAGE_VERSION_11, SPDM_KEY_EXCHANGE,
81 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 9 },
82 : };
83 : size_t m_libspdm_key_exchange_request9_size = sizeof(m_libspdm_key_exchange_request9);
84 :
85 : libspdm_key_exchange_request_mine_t m_libspdm_key_exchange_request10 = {
86 : { SPDM_MESSAGE_VERSION_13, SPDM_KEY_EXCHANGE,
87 : SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0 },
88 : };
89 : size_t m_libspdm_key_exchange_request10_size = sizeof(m_libspdm_key_exchange_request10);
90 :
91 : extern uint8_t g_key_exchange_start_mut_auth;
92 : extern bool g_mandatory_mut_auth;
93 :
94 : extern bool g_event_all_subscribe;
95 : extern bool g_event_all_unsubscribe;
96 :
97 1 : static void rsp_key_exchange_rsp_case1(void **state)
98 : {
99 : libspdm_return_t status;
100 : libspdm_test_context_t *spdm_test_context;
101 : libspdm_context_t *spdm_context;
102 : size_t response_size;
103 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
104 : spdm_key_exchange_response_t *spdm_response;
105 : void *data1;
106 : size_t data_size1;
107 : uint8_t *ptr;
108 : size_t dhe_key_size;
109 : void *dhe_context;
110 : size_t opaque_key_exchange_req_size;
111 : uint32_t session_id;
112 :
113 1 : spdm_test_context = *state;
114 1 : spdm_context = spdm_test_context->spdm_context;
115 1 : spdm_test_context->case_id = 0x1;
116 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
117 1 : spdm_context->connection_info.capability.flags |=
118 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
119 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
120 1 : spdm_context->local_context.capability.flags |=
121 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
122 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
123 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
124 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
125 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
126 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
127 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
128 : m_libspdm_use_measurement_hash_algo;
129 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
130 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
131 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
132 : SPDM_VERSION_NUMBER_SHIFT_BIT;
133 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
134 : m_libspdm_use_asym_algo, &data1,
135 : &data_size1, NULL, NULL);
136 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
137 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
138 :
139 1 : libspdm_reset_message_a(spdm_context);
140 :
141 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
142 :
143 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
144 : m_libspdm_key_exchange_request1.random_data);
145 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
146 1 : m_libspdm_key_exchange_request1.reserved = 0;
147 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
148 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
149 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
150 : false);
151 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
152 1 : ptr += dhe_key_size;
153 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
154 1 : opaque_key_exchange_req_size =
155 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
156 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
157 1 : ptr += sizeof(uint16_t);
158 1 : libspdm_build_opaque_data_supported_version_data(
159 : spdm_context, &opaque_key_exchange_req_size, ptr);
160 1 : ptr += opaque_key_exchange_req_size;
161 1 : response_size = sizeof(response);
162 1 : status = libspdm_get_response_key_exchange(
163 : spdm_context, m_libspdm_key_exchange_request1_size,
164 : &m_libspdm_key_exchange_request1, &response_size, response);
165 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
166 1 : assert_int_equal(
167 : libspdm_secured_message_get_session_state(
168 : spdm_context->session_info[0].secured_message_context),
169 : LIBSPDM_SESSION_STATE_HANDSHAKING);
170 1 : spdm_response = (void *)response;
171 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
172 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
173 :
174 1 : session_id = (m_libspdm_key_exchange_request1.req_session_id << 16) |
175 1 : spdm_response->rsp_session_id;
176 1 : libspdm_free_session_id(spdm_context, session_id);
177 1 : free(data1);
178 1 : }
179 :
180 1 : static void rsp_key_exchange_rsp_case2(void **state)
181 : {
182 : libspdm_return_t status;
183 : libspdm_test_context_t *spdm_test_context;
184 : libspdm_context_t *spdm_context;
185 : size_t response_size;
186 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
187 : spdm_key_exchange_response_t *spdm_response;
188 : void *data1;
189 : size_t data_size1;
190 : uint8_t *ptr;
191 : size_t dhe_key_size;
192 : void *dhe_context;
193 : size_t opaque_key_exchange_req_size;
194 :
195 1 : spdm_test_context = *state;
196 1 : spdm_context = spdm_test_context->spdm_context;
197 1 : spdm_test_context->case_id = 0x2;
198 1 : spdm_context->connection_info.connection_state =
199 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
200 1 : spdm_context->connection_info.capability.flags |=
201 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
202 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
203 1 : spdm_context->local_context.capability.flags |=
204 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
205 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
206 1 : spdm_context->connection_info.algorithm.base_hash_algo =
207 : m_libspdm_use_hash_algo;
208 1 : spdm_context->connection_info.algorithm.base_asym_algo =
209 : m_libspdm_use_asym_algo;
210 1 : spdm_context->connection_info.algorithm.measurement_spec =
211 : m_libspdm_use_measurement_spec;
212 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
213 : m_libspdm_use_measurement_hash_algo;
214 1 : spdm_context->connection_info.algorithm.dhe_named_group =
215 : m_libspdm_use_dhe_algo;
216 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
217 : m_libspdm_use_aead_algo;
218 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
219 : SPDM_VERSION_NUMBER_SHIFT_BIT;
220 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
221 : m_libspdm_use_asym_algo, &data1,
222 : &data_size1, NULL, NULL);
223 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
224 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
225 : data_size1;
226 :
227 1 : libspdm_reset_message_a(spdm_context);
228 :
229 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
230 : m_libspdm_key_exchange_request2.random_data);
231 1 : m_libspdm_key_exchange_request2.req_session_id = 0xFFFF;
232 1 : m_libspdm_key_exchange_request2.reserved = 0;
233 1 : ptr = m_libspdm_key_exchange_request2.exchange_data;
234 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
235 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
236 : false);
237 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
238 1 : ptr += dhe_key_size;
239 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
240 1 : opaque_key_exchange_req_size =
241 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
242 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
243 1 : ptr += sizeof(uint16_t);
244 1 : libspdm_build_opaque_data_supported_version_data(
245 : spdm_context, &opaque_key_exchange_req_size, ptr);
246 1 : ptr += opaque_key_exchange_req_size;
247 1 : response_size = sizeof(response);
248 1 : status = libspdm_get_response_key_exchange(
249 : spdm_context, m_libspdm_key_exchange_request2_size,
250 : &m_libspdm_key_exchange_request2, &response_size, response);
251 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
252 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
253 1 : spdm_response = (void *)response;
254 1 : assert_int_equal(spdm_response->header.request_response_code,
255 : SPDM_ERROR);
256 1 : assert_int_equal(spdm_response->header.param1,
257 : SPDM_ERROR_CODE_INVALID_REQUEST);
258 1 : assert_int_equal(spdm_response->header.param2, 0);
259 1 : free(data1);
260 1 : }
261 :
262 1 : static void rsp_key_exchange_rsp_case3(void **state)
263 : {
264 : libspdm_return_t status;
265 : libspdm_test_context_t *spdm_test_context;
266 : libspdm_context_t *spdm_context;
267 : size_t response_size;
268 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
269 : spdm_key_exchange_response_t *spdm_response;
270 : void *data1;
271 : size_t data_size1;
272 : uint8_t *ptr;
273 : size_t dhe_key_size;
274 : void *dhe_context;
275 : size_t opaque_key_exchange_req_size;
276 :
277 1 : spdm_test_context = *state;
278 1 : spdm_context = spdm_test_context->spdm_context;
279 1 : spdm_test_context->case_id = 0x3;
280 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
281 1 : spdm_context->connection_info.connection_state =
282 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
283 1 : spdm_context->connection_info.capability.flags |=
284 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
285 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
286 1 : spdm_context->local_context.capability.flags |=
287 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
288 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
289 1 : spdm_context->connection_info.algorithm.base_hash_algo =
290 : m_libspdm_use_hash_algo;
291 1 : spdm_context->connection_info.algorithm.base_asym_algo =
292 : m_libspdm_use_asym_algo;
293 1 : spdm_context->connection_info.algorithm.measurement_spec =
294 : m_libspdm_use_measurement_spec;
295 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
296 : m_libspdm_use_measurement_hash_algo;
297 1 : spdm_context->connection_info.algorithm.dhe_named_group =
298 : m_libspdm_use_dhe_algo;
299 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
300 : m_libspdm_use_aead_algo;
301 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
302 : SPDM_VERSION_NUMBER_SHIFT_BIT;
303 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
304 : m_libspdm_use_asym_algo, &data1,
305 : &data_size1, NULL, NULL);
306 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
307 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
308 : data_size1;
309 :
310 1 : libspdm_reset_message_a(spdm_context);
311 :
312 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
313 : m_libspdm_key_exchange_request1.random_data);
314 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
315 1 : m_libspdm_key_exchange_request1.reserved = 0;
316 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
317 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
318 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
319 : false);
320 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
321 1 : ptr += dhe_key_size;
322 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
323 1 : opaque_key_exchange_req_size =
324 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
325 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
326 1 : ptr += sizeof(uint16_t);
327 1 : libspdm_build_opaque_data_supported_version_data(
328 : spdm_context, &opaque_key_exchange_req_size, ptr);
329 1 : ptr += opaque_key_exchange_req_size;
330 1 : response_size = sizeof(response);
331 1 : status = libspdm_get_response_key_exchange(
332 : spdm_context, m_libspdm_key_exchange_request1_size,
333 : &m_libspdm_key_exchange_request1, &response_size, response);
334 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
335 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
336 1 : spdm_response = (void *)response;
337 1 : assert_int_equal(spdm_response->header.request_response_code,
338 : SPDM_ERROR);
339 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
340 1 : assert_int_equal(spdm_response->header.param2, 0);
341 1 : assert_int_equal(spdm_context->response_state,
342 : LIBSPDM_RESPONSE_STATE_BUSY);
343 1 : free(data1);
344 1 : }
345 :
346 1 : static void rsp_key_exchange_rsp_case4(void **state)
347 : {
348 : libspdm_return_t status;
349 : libspdm_test_context_t *spdm_test_context;
350 : libspdm_context_t *spdm_context;
351 : size_t response_size;
352 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
353 : spdm_key_exchange_response_t *spdm_response;
354 : void *data1;
355 : size_t data_size1;
356 : uint8_t *ptr;
357 : size_t dhe_key_size;
358 : void *dhe_context;
359 : size_t opaque_key_exchange_req_size;
360 :
361 1 : spdm_test_context = *state;
362 1 : spdm_context = spdm_test_context->spdm_context;
363 1 : spdm_test_context->case_id = 0x4;
364 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
365 1 : spdm_context->connection_info.connection_state =
366 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
367 1 : spdm_context->connection_info.capability.flags |=
368 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
369 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
370 1 : spdm_context->local_context.capability.flags |=
371 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
372 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
373 1 : spdm_context->connection_info.algorithm.base_hash_algo =
374 : m_libspdm_use_hash_algo;
375 1 : spdm_context->connection_info.algorithm.base_asym_algo =
376 : m_libspdm_use_asym_algo;
377 1 : spdm_context->connection_info.algorithm.measurement_spec =
378 : m_libspdm_use_measurement_spec;
379 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
380 : m_libspdm_use_measurement_hash_algo;
381 1 : spdm_context->connection_info.algorithm.dhe_named_group =
382 : m_libspdm_use_dhe_algo;
383 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
384 : m_libspdm_use_aead_algo;
385 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
386 : SPDM_VERSION_NUMBER_SHIFT_BIT;
387 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
388 : m_libspdm_use_asym_algo, &data1,
389 : &data_size1, NULL, NULL);
390 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
391 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
392 : data_size1;
393 :
394 1 : libspdm_reset_message_a(spdm_context);
395 :
396 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
397 : m_libspdm_key_exchange_request1.random_data);
398 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
399 1 : m_libspdm_key_exchange_request1.reserved = 0;
400 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
401 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
402 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
403 : false);
404 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
405 1 : ptr += dhe_key_size;
406 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
407 1 : opaque_key_exchange_req_size =
408 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
409 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
410 1 : ptr += sizeof(uint16_t);
411 1 : libspdm_build_opaque_data_supported_version_data(
412 : spdm_context, &opaque_key_exchange_req_size, ptr);
413 1 : ptr += opaque_key_exchange_req_size;
414 1 : response_size = sizeof(response);
415 1 : status = libspdm_get_response_key_exchange(
416 : spdm_context, m_libspdm_key_exchange_request1_size,
417 : &m_libspdm_key_exchange_request1, &response_size, response);
418 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
419 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
420 1 : spdm_response = (void *)response;
421 1 : assert_int_equal(spdm_response->header.request_response_code,
422 : SPDM_ERROR);
423 1 : assert_int_equal(spdm_response->header.param1,
424 : SPDM_ERROR_CODE_REQUEST_RESYNCH);
425 1 : assert_int_equal(spdm_response->header.param2, 0);
426 1 : assert_int_equal(spdm_context->response_state,
427 : LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
428 1 : free(data1);
429 1 : }
430 :
431 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
432 1 : static void rsp_key_exchange_rsp_case5(void **state)
433 : {
434 : libspdm_return_t status;
435 : libspdm_test_context_t *spdm_test_context;
436 : libspdm_context_t *spdm_context;
437 : size_t response_size;
438 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
439 : spdm_key_exchange_response_t *spdm_response;
440 : void *data1;
441 : size_t data_size1;
442 : spdm_error_data_response_not_ready_t *error_data;
443 : uint8_t *ptr;
444 : size_t dhe_key_size;
445 : void *dhe_context;
446 : size_t opaque_key_exchange_req_size;
447 :
448 1 : spdm_test_context = *state;
449 1 : spdm_context = spdm_test_context->spdm_context;
450 1 : spdm_test_context->case_id = 0x5;
451 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
452 1 : spdm_context->connection_info.connection_state =
453 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
454 1 : spdm_context->connection_info.capability.flags |=
455 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
456 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
457 1 : spdm_context->local_context.capability.flags |=
458 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
459 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
460 1 : spdm_context->connection_info.algorithm.base_hash_algo =
461 : m_libspdm_use_hash_algo;
462 1 : spdm_context->connection_info.algorithm.base_asym_algo =
463 : m_libspdm_use_asym_algo;
464 1 : spdm_context->connection_info.algorithm.measurement_spec =
465 : m_libspdm_use_measurement_spec;
466 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
467 : m_libspdm_use_measurement_hash_algo;
468 1 : spdm_context->connection_info.algorithm.dhe_named_group =
469 : m_libspdm_use_dhe_algo;
470 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
471 : m_libspdm_use_aead_algo;
472 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
473 : SPDM_VERSION_NUMBER_SHIFT_BIT;
474 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
475 : m_libspdm_use_asym_algo, &data1,
476 : &data_size1, NULL, NULL);
477 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
478 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
479 : data_size1;
480 :
481 1 : libspdm_reset_message_a(spdm_context);
482 :
483 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
484 : m_libspdm_key_exchange_request1.random_data);
485 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
486 1 : m_libspdm_key_exchange_request1.reserved = 0;
487 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
488 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
489 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
490 : false);
491 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
492 1 : ptr += dhe_key_size;
493 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
494 1 : opaque_key_exchange_req_size =
495 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
496 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
497 1 : ptr += sizeof(uint16_t);
498 1 : libspdm_build_opaque_data_supported_version_data(
499 : spdm_context, &opaque_key_exchange_req_size, ptr);
500 1 : ptr += opaque_key_exchange_req_size;
501 1 : response_size = sizeof(response);
502 1 : status = libspdm_get_response_key_exchange(
503 : spdm_context, m_libspdm_key_exchange_request1_size,
504 : &m_libspdm_key_exchange_request1, &response_size, response);
505 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
506 1 : assert_int_equal(response_size,
507 : sizeof(spdm_error_response_t) +
508 : sizeof(spdm_error_data_response_not_ready_t));
509 1 : spdm_response = (void *)response;
510 1 : error_data = (spdm_error_data_response_not_ready_t
511 : *)(&spdm_response->rsp_session_id);
512 1 : assert_int_equal(spdm_response->header.request_response_code,
513 : SPDM_ERROR);
514 1 : assert_int_equal(spdm_response->header.param1,
515 : SPDM_ERROR_CODE_RESPONSE_NOT_READY);
516 1 : assert_int_equal(spdm_response->header.param2, 0);
517 1 : assert_int_equal(spdm_context->response_state,
518 : LIBSPDM_RESPONSE_STATE_NOT_READY);
519 1 : assert_int_equal(error_data->request_code, SPDM_KEY_EXCHANGE);
520 1 : free(data1);
521 1 : }
522 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
523 :
524 1 : static void rsp_key_exchange_rsp_case6(void **state)
525 : {
526 : libspdm_return_t status;
527 : libspdm_test_context_t *spdm_test_context;
528 : libspdm_context_t *spdm_context;
529 : size_t response_size;
530 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
531 : spdm_key_exchange_response_t *spdm_response;
532 : void *data1;
533 : size_t data_size1;
534 : uint8_t *ptr;
535 : size_t dhe_key_size;
536 : void *dhe_context;
537 : size_t opaque_key_exchange_req_size;
538 :
539 1 : spdm_test_context = *state;
540 1 : spdm_context = spdm_test_context->spdm_context;
541 1 : spdm_test_context->case_id = 0x6;
542 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
543 1 : spdm_context->connection_info.connection_state =
544 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
545 1 : spdm_context->connection_info.capability.flags |=
546 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
547 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
548 1 : spdm_context->local_context.capability.flags |=
549 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
550 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
551 1 : spdm_context->connection_info.algorithm.base_hash_algo =
552 : m_libspdm_use_hash_algo;
553 1 : spdm_context->connection_info.algorithm.base_asym_algo =
554 : m_libspdm_use_asym_algo;
555 1 : spdm_context->connection_info.algorithm.measurement_spec =
556 : m_libspdm_use_measurement_spec;
557 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
558 : m_libspdm_use_measurement_hash_algo;
559 1 : spdm_context->connection_info.algorithm.dhe_named_group =
560 : m_libspdm_use_dhe_algo;
561 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
562 : m_libspdm_use_aead_algo;
563 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
564 : SPDM_VERSION_NUMBER_SHIFT_BIT;
565 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
566 : m_libspdm_use_asym_algo, &data1,
567 : &data_size1, NULL, NULL);
568 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
569 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
570 : data_size1;
571 :
572 1 : libspdm_reset_message_a(spdm_context);
573 :
574 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
575 : m_libspdm_key_exchange_request1.random_data);
576 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
577 1 : m_libspdm_key_exchange_request1.reserved = 0;
578 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
579 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
580 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
581 : false);
582 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
583 1 : ptr += dhe_key_size;
584 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
585 1 : opaque_key_exchange_req_size =
586 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
587 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
588 1 : ptr += sizeof(uint16_t);
589 1 : libspdm_build_opaque_data_supported_version_data(
590 : spdm_context, &opaque_key_exchange_req_size, ptr);
591 1 : ptr += opaque_key_exchange_req_size;
592 1 : response_size = sizeof(response);
593 1 : status = libspdm_get_response_key_exchange(
594 : spdm_context, m_libspdm_key_exchange_request1_size,
595 : &m_libspdm_key_exchange_request1, &response_size, response);
596 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
597 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
598 1 : spdm_response = (void *)response;
599 1 : assert_int_equal(spdm_response->header.request_response_code,
600 : SPDM_ERROR);
601 1 : assert_int_equal(spdm_response->header.param1,
602 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
603 1 : assert_int_equal(spdm_response->header.param2, 0);
604 1 : free(data1);
605 1 : }
606 :
607 1 : static void rsp_key_exchange_rsp_case7(void **state)
608 : {
609 : libspdm_return_t status;
610 : libspdm_test_context_t *spdm_test_context;
611 : libspdm_context_t *spdm_context;
612 : size_t response_size;
613 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
614 : spdm_key_exchange_response_t *spdm_response;
615 : void *data1;
616 : size_t data_size1;
617 : uint8_t *ptr;
618 : size_t dhe_key_size;
619 : void *dhe_context;
620 : size_t opaque_key_exchange_req_size;
621 :
622 1 : spdm_test_context = *state;
623 1 : spdm_context = spdm_test_context->spdm_context;
624 1 : spdm_test_context->case_id = 0x1;
625 1 : spdm_context->connection_info.connection_state =
626 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
627 1 : spdm_context->connection_info.capability.flags |=
628 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
629 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
630 1 : spdm_context->local_context.capability.flags |=
631 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
632 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
633 1 : spdm_context->connection_info.algorithm.base_hash_algo =
634 : m_libspdm_use_hash_algo;
635 1 : spdm_context->connection_info.algorithm.base_asym_algo =
636 : m_libspdm_use_asym_algo;
637 1 : spdm_context->connection_info.algorithm.measurement_spec =
638 : m_libspdm_use_measurement_spec;
639 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
640 : m_libspdm_use_measurement_hash_algo;
641 1 : spdm_context->connection_info.algorithm.dhe_named_group =
642 : m_libspdm_use_dhe_algo;
643 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
644 : m_libspdm_use_aead_algo;
645 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
646 : SPDM_VERSION_NUMBER_SHIFT_BIT;
647 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
648 : m_libspdm_use_asym_algo, &data1,
649 : &data_size1, NULL, NULL);
650 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
651 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
652 : data_size1;
653 :
654 1 : libspdm_reset_message_a(spdm_context);
655 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
656 : spdm_context->transcript.message_m.buffer_size =
657 : spdm_context->transcript.message_m.max_buffer_size;
658 : spdm_context->transcript.message_b.buffer_size =
659 : spdm_context->transcript.message_b.max_buffer_size;
660 : spdm_context->transcript.message_c.buffer_size =
661 : spdm_context->transcript.message_c.max_buffer_size;
662 : spdm_context->transcript.message_mut_b.buffer_size =
663 : spdm_context->transcript.message_mut_b.max_buffer_size;
664 : spdm_context->transcript.message_mut_c.buffer_size =
665 : spdm_context->transcript.message_mut_c.max_buffer_size;
666 : #endif
667 :
668 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
669 : m_libspdm_key_exchange_request1.random_data);
670 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
671 1 : m_libspdm_key_exchange_request1.reserved = 0;
672 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
673 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
674 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
675 : false);
676 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
677 1 : ptr += dhe_key_size;
678 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
679 1 : opaque_key_exchange_req_size =
680 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
681 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
682 1 : ptr += sizeof(uint16_t);
683 1 : libspdm_build_opaque_data_supported_version_data(
684 : spdm_context, &opaque_key_exchange_req_size, ptr);
685 1 : ptr += opaque_key_exchange_req_size;
686 1 : response_size = sizeof(response);
687 1 : status = libspdm_get_response_key_exchange(
688 : spdm_context, m_libspdm_key_exchange_request1_size,
689 : &m_libspdm_key_exchange_request1, &response_size, response);
690 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
691 1 : assert_int_equal(
692 : libspdm_secured_message_get_session_state(
693 : spdm_context->session_info[0].secured_message_context),
694 : LIBSPDM_SESSION_STATE_HANDSHAKING);
695 1 : spdm_response = (void *)response;
696 1 : assert_int_equal(spdm_response->header.request_response_code,
697 : SPDM_KEY_EXCHANGE_RSP);
698 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
699 : assert_int_equal(spdm_context->transcript.message_m.buffer_size, 0);
700 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
701 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
702 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
703 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
704 : #endif
705 :
706 1 : free(data1);
707 1 : }
708 :
709 1 : static void rsp_key_exchange_rsp_case8(void **state)
710 : {
711 : libspdm_return_t status;
712 : libspdm_test_context_t *spdm_test_context;
713 : libspdm_context_t *spdm_context;
714 : size_t response_size;
715 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
716 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
717 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
718 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
719 : uint32_t measurement_summary_hash_size;
720 : spdm_key_exchange_response_t *spdm_response;
721 : void *data1;
722 : size_t data_size1;
723 : uint8_t *ptr;
724 : size_t dhe_key_size;
725 : void *dhe_context;
726 : size_t opaque_key_exchange_req_size;
727 : bool result;
728 :
729 1 : spdm_test_context = *state;
730 1 : spdm_context = spdm_test_context->spdm_context;
731 1 : spdm_test_context->case_id = 0x8;
732 :
733 : /* Clear previous sessions */
734 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
735 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
736 : }
737 :
738 1 : spdm_context->connection_info.connection_state =
739 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
740 1 : spdm_context->connection_info.capability.flags |=
741 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
742 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
743 1 : spdm_context->local_context.capability.flags |=
744 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
745 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
746 1 : spdm_context->local_context.capability.flags |=
747 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
748 1 : spdm_context->connection_info.algorithm.base_hash_algo =
749 : m_libspdm_use_hash_algo;
750 1 : spdm_context->connection_info.algorithm.base_asym_algo =
751 : m_libspdm_use_asym_algo;
752 1 : spdm_context->connection_info.algorithm.measurement_spec =
753 : m_libspdm_use_measurement_spec;
754 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
755 : m_libspdm_use_measurement_hash_algo;
756 1 : spdm_context->connection_info.algorithm.dhe_named_group =
757 : m_libspdm_use_dhe_algo;
758 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
759 : m_libspdm_use_aead_algo;
760 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
761 : SPDM_VERSION_NUMBER_SHIFT_BIT;
762 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
763 : m_libspdm_use_asym_algo, &data1,
764 : &data_size1, NULL, NULL);
765 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
766 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
767 : data_size1;
768 :
769 1 : libspdm_reset_message_a(spdm_context);
770 :
771 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
772 : m_libspdm_key_exchange_request3.random_data);
773 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
774 1 : m_libspdm_key_exchange_request3.reserved = 0;
775 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
776 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
777 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
778 : false);
779 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
780 1 : ptr += dhe_key_size;
781 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
782 1 : opaque_key_exchange_req_size =
783 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
784 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
785 1 : ptr += sizeof(uint16_t);
786 1 : libspdm_build_opaque_data_supported_version_data(
787 : spdm_context, &opaque_key_exchange_req_size, ptr);
788 1 : ptr += opaque_key_exchange_req_size;
789 1 : response_size = sizeof(response);
790 1 : status = libspdm_get_response_key_exchange(
791 : spdm_context, m_libspdm_key_exchange_request3_size,
792 : &m_libspdm_key_exchange_request3, &response_size, response);
793 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
794 1 : assert_int_equal(
795 : libspdm_secured_message_get_session_state(
796 : spdm_context->session_info[0].secured_message_context),
797 : LIBSPDM_SESSION_STATE_HANDSHAKING);
798 1 : spdm_response = (void *)response;
799 1 : assert_int_equal(spdm_response->header.request_response_code,
800 : SPDM_KEY_EXCHANGE_RSP);
801 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
802 :
803 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
804 1 : spdm_context, false, m_libspdm_key_exchange_request3.header.param1);
805 :
806 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
807 1 : result = libspdm_generate_measurement_summary_hash(
808 : spdm_context,
809 1 : spdm_context->connection_info.version,
810 : spdm_context->connection_info.algorithm.base_hash_algo,
811 1 : spdm_context->connection_info.algorithm.measurement_spec,
812 : spdm_context->connection_info.algorithm.measurement_hash_algo,
813 1 : m_libspdm_key_exchange_request3.header.param1,
814 : measurement_hash,
815 : measurement_summary_hash_size);
816 :
817 1 : assert_true(result);
818 :
819 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
820 : measurement_hash, measurement_summary_hash_size);
821 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
822 1 : free(data1);
823 1 : }
824 :
825 1 : static void rsp_key_exchange_rsp_case9(void **state)
826 : {
827 : libspdm_return_t status;
828 : libspdm_test_context_t *spdm_test_context;
829 : libspdm_context_t *spdm_context;
830 : size_t response_size;
831 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
832 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
833 : uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE];
834 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
835 : uint32_t measurement_summary_hash_size;
836 : spdm_key_exchange_response_t *spdm_response;
837 : void *data1;
838 : size_t data_size1;
839 : uint8_t *ptr;
840 : size_t dhe_key_size;
841 : void *dhe_context;
842 : size_t opaque_key_exchange_req_size;
843 : uint32_t session_id;
844 : bool result;
845 :
846 1 : spdm_test_context = *state;
847 1 : spdm_context = spdm_test_context->spdm_context;
848 1 : spdm_test_context->case_id = 0x9;
849 :
850 : /* Clear previous sessions */
851 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
852 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
853 : }
854 :
855 1 : spdm_context->connection_info.connection_state =
856 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
857 1 : spdm_context->connection_info.capability.flags |=
858 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
859 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
860 1 : spdm_context->local_context.capability.flags |=
861 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
862 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
863 1 : spdm_context->local_context.capability.flags |=
864 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
865 1 : spdm_context->connection_info.algorithm.base_hash_algo =
866 : m_libspdm_use_hash_algo;
867 1 : spdm_context->connection_info.algorithm.base_asym_algo =
868 : m_libspdm_use_asym_algo;
869 1 : spdm_context->connection_info.algorithm.measurement_spec =
870 : m_libspdm_use_measurement_spec;
871 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
872 : m_libspdm_use_measurement_hash_algo;
873 1 : spdm_context->connection_info.algorithm.dhe_named_group =
874 : m_libspdm_use_dhe_algo;
875 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
876 : m_libspdm_use_aead_algo;
877 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
878 : SPDM_VERSION_NUMBER_SHIFT_BIT;
879 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
880 : m_libspdm_use_asym_algo, &data1,
881 : &data_size1, NULL, NULL);
882 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
883 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
884 : data_size1;
885 :
886 1 : libspdm_reset_message_a(spdm_context);
887 :
888 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
889 : m_libspdm_key_exchange_request4.random_data);
890 1 : m_libspdm_key_exchange_request4.req_session_id = 0xFFFF;
891 1 : m_libspdm_key_exchange_request4.reserved = 0;
892 1 : ptr = m_libspdm_key_exchange_request4.exchange_data;
893 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
894 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
895 : false);
896 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
897 1 : ptr += dhe_key_size;
898 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
899 1 : opaque_key_exchange_req_size =
900 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
901 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
902 1 : ptr += sizeof(uint16_t);
903 1 : libspdm_build_opaque_data_supported_version_data(
904 : spdm_context, &opaque_key_exchange_req_size, ptr);
905 1 : ptr += opaque_key_exchange_req_size;
906 1 : response_size = sizeof(response);
907 1 : status = libspdm_get_response_key_exchange(
908 : spdm_context, m_libspdm_key_exchange_request4_size,
909 : &m_libspdm_key_exchange_request4, &response_size, response);
910 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
911 1 : assert_int_equal(
912 : libspdm_secured_message_get_session_state(
913 : spdm_context->session_info[0].secured_message_context),
914 : LIBSPDM_SESSION_STATE_HANDSHAKING);
915 1 : spdm_response = (void *)response;
916 1 : assert_int_equal(spdm_response->header.request_response_code,
917 : SPDM_KEY_EXCHANGE_RSP);
918 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
919 :
920 1 : measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size(
921 1 : spdm_context, false, m_libspdm_key_exchange_request4.header.param1);
922 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
923 1 : result = libspdm_generate_measurement_summary_hash(
924 : spdm_context,
925 1 : spdm_context->connection_info.version,
926 : spdm_context->connection_info.algorithm.base_hash_algo,
927 1 : spdm_context->connection_info.algorithm.measurement_spec,
928 : spdm_context->connection_info.algorithm.measurement_hash_algo,
929 1 : m_libspdm_key_exchange_request4.header.param1,
930 : measurement_hash,
931 : measurement_summary_hash_size);
932 :
933 1 : assert_true(result);
934 :
935 1 : assert_memory_equal((uint8_t *)response + sizeof(spdm_key_exchange_response_t) + dhe_key_size,
936 : measurement_hash, measurement_summary_hash_size);
937 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
938 :
939 1 : session_id = (m_libspdm_key_exchange_request4.req_session_id << 16) |
940 1 : spdm_response->rsp_session_id;
941 1 : libspdm_free_session_id(spdm_context, session_id);
942 :
943 1 : free(data1);
944 1 : }
945 :
946 1 : static void rsp_key_exchange_rsp_case10(void **state)
947 : {
948 : libspdm_return_t status;
949 : libspdm_test_context_t *spdm_test_context;
950 : libspdm_context_t *spdm_context;
951 : size_t response_size;
952 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
953 : spdm_key_exchange_response_t *spdm_response;
954 : void *data1;
955 : size_t data_size1;
956 : uint8_t *ptr;
957 : size_t dhe_key_size;
958 : void *dhe_context;
959 : size_t opaque_key_exchange_req_size;
960 :
961 1 : spdm_test_context = *state;
962 1 : spdm_context = spdm_test_context->spdm_context;
963 1 : spdm_test_context->case_id = 0xA;
964 :
965 : /* Clear previous sessions */
966 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
967 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
968 : }
969 :
970 1 : spdm_context->connection_info.connection_state =
971 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
972 1 : spdm_context->connection_info.capability.flags |=
973 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
974 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
975 1 : spdm_context->local_context.capability.flags |=
976 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
977 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
978 1 : spdm_context->local_context.capability.flags |=
979 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
980 1 : spdm_context->connection_info.algorithm.base_hash_algo =
981 : m_libspdm_use_hash_algo;
982 1 : spdm_context->connection_info.algorithm.base_asym_algo =
983 : m_libspdm_use_asym_algo;
984 1 : spdm_context->connection_info.algorithm.measurement_spec =
985 : m_libspdm_use_measurement_spec;
986 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
987 : m_libspdm_use_measurement_hash_algo;
988 1 : spdm_context->connection_info.algorithm.dhe_named_group =
989 : m_libspdm_use_dhe_algo;
990 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
991 : m_libspdm_use_aead_algo;
992 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
993 : SPDM_VERSION_NUMBER_SHIFT_BIT;
994 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
995 : m_libspdm_use_asym_algo, &data1,
996 : &data_size1, NULL, NULL);
997 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
998 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
999 : data_size1;
1000 :
1001 1 : libspdm_reset_message_a(spdm_context);
1002 :
1003 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1004 : m_libspdm_key_exchange_request5.random_data);
1005 1 : m_libspdm_key_exchange_request5.req_session_id = 0xFFFF;
1006 1 : m_libspdm_key_exchange_request5.reserved = 0;
1007 1 : ptr = m_libspdm_key_exchange_request5.exchange_data;
1008 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1009 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1010 : false);
1011 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1012 1 : ptr += dhe_key_size;
1013 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1014 1 : opaque_key_exchange_req_size =
1015 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1016 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1017 1 : ptr += sizeof(uint16_t);
1018 1 : libspdm_build_opaque_data_supported_version_data(
1019 : spdm_context, &opaque_key_exchange_req_size, ptr);
1020 1 : ptr += opaque_key_exchange_req_size;
1021 1 : response_size = sizeof(response);
1022 1 : status = libspdm_get_response_key_exchange(
1023 : spdm_context, m_libspdm_key_exchange_request5_size,
1024 : &m_libspdm_key_exchange_request5, &response_size, response);
1025 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1026 :
1027 1 : spdm_response = (void *)response;
1028 1 : assert_int_equal(spdm_response->header.request_response_code,
1029 : SPDM_ERROR);
1030 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1031 :
1032 1 : free(data1);
1033 1 : }
1034 :
1035 1 : static void rsp_key_exchange_rsp_case11(void **state)
1036 : {
1037 : libspdm_return_t status;
1038 : libspdm_test_context_t *spdm_test_context;
1039 : libspdm_context_t *spdm_context;
1040 : size_t response_size;
1041 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1042 : spdm_key_exchange_response_t *spdm_response;
1043 : void *data1;
1044 : size_t data_size1;
1045 : uint8_t *ptr;
1046 : size_t dhe_key_size;
1047 : void *dhe_context;
1048 : size_t opaque_key_exchange_req_size;
1049 :
1050 1 : spdm_test_context = *state;
1051 1 : spdm_context = spdm_test_context->spdm_context;
1052 1 : spdm_test_context->case_id = 0xB;
1053 :
1054 : /* Clear previous sessions */
1055 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1056 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1057 : }
1058 :
1059 1 : spdm_context->connection_info.connection_state =
1060 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1061 :
1062 : /* Clear capabilities flag */
1063 1 : spdm_context->local_context.capability.flags &=
1064 : ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP;
1065 :
1066 : /*set capabilities flags */
1067 1 : spdm_context->connection_info.capability.flags |=
1068 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1069 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1070 1 : spdm_context->local_context.capability.flags |=
1071 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1072 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1073 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1074 : m_libspdm_use_hash_algo;
1075 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1076 : m_libspdm_use_asym_algo;
1077 1 : spdm_context->connection_info.algorithm.measurement_spec =
1078 : m_libspdm_use_measurement_spec;
1079 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1080 : m_libspdm_use_measurement_hash_algo;
1081 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1082 : m_libspdm_use_dhe_algo;
1083 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1084 : m_libspdm_use_aead_algo;
1085 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1086 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1087 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1088 : m_libspdm_use_asym_algo, &data1,
1089 : &data_size1, NULL, NULL);
1090 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1091 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1092 : data_size1;
1093 :
1094 1 : libspdm_reset_message_a(spdm_context);
1095 :
1096 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1097 : m_libspdm_key_exchange_request3.random_data);
1098 1 : m_libspdm_key_exchange_request3.req_session_id = 0xFFFF;
1099 1 : m_libspdm_key_exchange_request3.reserved = 0;
1100 1 : ptr = m_libspdm_key_exchange_request3.exchange_data;
1101 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1102 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1103 : false);
1104 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1105 1 : ptr += dhe_key_size;
1106 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1107 1 : opaque_key_exchange_req_size =
1108 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1109 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1110 1 : ptr += sizeof(uint16_t);
1111 1 : libspdm_build_opaque_data_supported_version_data(
1112 : spdm_context, &opaque_key_exchange_req_size, ptr);
1113 1 : ptr += opaque_key_exchange_req_size;
1114 1 : response_size = sizeof(response);
1115 1 : status = libspdm_get_response_key_exchange(
1116 : spdm_context, m_libspdm_key_exchange_request3_size,
1117 : &m_libspdm_key_exchange_request3, &response_size, response);
1118 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1119 :
1120 1 : spdm_response = (void *)response;
1121 1 : assert_int_equal(spdm_response->header.request_response_code,
1122 : SPDM_ERROR);
1123 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1124 :
1125 1 : free(data1);
1126 1 : }
1127 :
1128 1 : static void rsp_key_exchange_rsp_case14(void **state)
1129 : {
1130 : libspdm_return_t status;
1131 : libspdm_test_context_t *spdm_test_context;
1132 : libspdm_context_t *spdm_context;
1133 : size_t response_size;
1134 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1135 : spdm_key_exchange_response_t *spdm_response;
1136 : void *data1;
1137 : size_t data_size1;
1138 : void *data2;
1139 : size_t data_size2;
1140 : uint8_t *ptr;
1141 : size_t dhe_key_size;
1142 : void *dhe_context;
1143 : size_t opaque_key_exchange_req_size;
1144 :
1145 1 : spdm_test_context = *state;
1146 1 : spdm_context = spdm_test_context->spdm_context;
1147 1 : spdm_test_context->case_id = 0xE;
1148 :
1149 : /* Clear previous sessions */
1150 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1151 0 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1152 : }
1153 :
1154 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1155 1 : spdm_context->connection_info.capability.flags =
1156 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1157 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1158 1 : spdm_context->local_context.capability.flags =
1159 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1160 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1161 1 : spdm_context->connection_info.capability.flags |=
1162 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
1163 1 : spdm_context->local_context.capability.flags |=
1164 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
1165 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1166 : m_libspdm_use_hash_algo;
1167 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1168 : m_libspdm_use_asym_algo;
1169 1 : spdm_context->connection_info.algorithm.req_base_asym_alg =
1170 : m_libspdm_use_req_asym_algo;
1171 1 : spdm_context->connection_info.algorithm.measurement_spec =
1172 : m_libspdm_use_measurement_spec;
1173 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1174 : m_libspdm_use_measurement_hash_algo;
1175 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1176 : m_libspdm_use_dhe_algo;
1177 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1178 : m_libspdm_use_aead_algo;
1179 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1180 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1181 1 : libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1);
1182 1 : spdm_context->local_context.local_public_key_provision = data1;
1183 1 : spdm_context->local_context.local_public_key_provision_size = data_size1;
1184 1 : libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2);
1185 1 : spdm_context->local_context.peer_public_key_provision = data2;
1186 1 : spdm_context->local_context.peer_public_key_provision_size = data_size2;
1187 :
1188 1 : libspdm_reset_message_a(spdm_context);
1189 :
1190 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1191 : m_libspdm_key_exchange_request7.random_data);
1192 1 : m_libspdm_key_exchange_request7.req_session_id = 0xFFFF;
1193 1 : m_libspdm_key_exchange_request7.reserved = 0;
1194 1 : ptr = m_libspdm_key_exchange_request7.exchange_data;
1195 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1196 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1197 : false);
1198 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1199 1 : ptr += dhe_key_size;
1200 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1201 1 : opaque_key_exchange_req_size =
1202 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1203 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1204 1 : ptr += sizeof(uint16_t);
1205 1 : libspdm_build_opaque_data_supported_version_data(
1206 : spdm_context, &opaque_key_exchange_req_size, ptr);
1207 1 : ptr += opaque_key_exchange_req_size;
1208 1 : response_size = sizeof(response);
1209 1 : status = libspdm_get_response_key_exchange(
1210 : spdm_context, m_libspdm_key_exchange_request7_size,
1211 : &m_libspdm_key_exchange_request7, &response_size, response);
1212 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1213 1 : assert_int_equal(
1214 : libspdm_secured_message_get_session_state(
1215 : spdm_context->session_info[0].secured_message_context),
1216 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1217 1 : spdm_response = (void *)response;
1218 1 : assert_int_equal(spdm_response->header.request_response_code,
1219 : SPDM_KEY_EXCHANGE_RSP);
1220 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1221 1 : free(data1);
1222 1 : free(data2);
1223 1 : }
1224 :
1225 1 : static void rsp_key_exchange_rsp_case15(void **state)
1226 : {
1227 : libspdm_return_t status;
1228 : libspdm_test_context_t *spdm_test_context;
1229 : libspdm_context_t *spdm_context;
1230 : size_t response_size;
1231 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1232 : spdm_key_exchange_response_t *spdm_response;
1233 : void *data1;
1234 : size_t data_size1;
1235 : uint8_t *ptr;
1236 : size_t dhe_key_size;
1237 : void *dhe_context;
1238 : size_t opaque_key_exchange_req_size;
1239 : size_t opaque_key_exchange_rsp_size;
1240 :
1241 1 : spdm_test_context = *state;
1242 1 : spdm_context = spdm_test_context->spdm_context;
1243 1 : spdm_test_context->case_id = 0xF;
1244 :
1245 : /* Clear previous sessions */
1246 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1247 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1248 : }
1249 :
1250 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1251 1 : spdm_context->connection_info.capability.flags =
1252 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1253 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1254 1 : spdm_context->local_context.capability.flags =
1255 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1256 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1257 1 : spdm_context->connection_info.capability.flags |=
1258 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
1259 1 : spdm_context->local_context.capability.flags |=
1260 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP |
1261 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1262 :
1263 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1264 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1265 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1266 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1267 : m_libspdm_use_measurement_hash_algo;
1268 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1269 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1270 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1271 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1272 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1273 : m_libspdm_use_asym_algo, &data1,
1274 : &data_size1, NULL, NULL);
1275 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1276 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1277 :
1278 1 : libspdm_reset_message_a(spdm_context);
1279 :
1280 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1281 : m_libspdm_key_exchange_request1.random_data);
1282 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1283 1 : m_libspdm_key_exchange_request1.reserved = 0;
1284 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1285 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1286 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1287 : false);
1288 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1289 1 : ptr += dhe_key_size;
1290 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1291 1 : opaque_key_exchange_req_size =
1292 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1293 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1294 1 : ptr += sizeof(uint16_t);
1295 1 : libspdm_build_opaque_data_supported_version_data(
1296 : spdm_context, &opaque_key_exchange_req_size, ptr);
1297 1 : ptr += opaque_key_exchange_req_size;
1298 1 : response_size = sizeof(response);
1299 :
1300 : /* Required to compute response size independently */
1301 : opaque_key_exchange_rsp_size =
1302 1 : libspdm_get_opaque_data_version_selection_data_size(spdm_context);
1303 :
1304 1 : status = libspdm_get_response_key_exchange(
1305 : spdm_context, m_libspdm_key_exchange_request1_size,
1306 : &m_libspdm_key_exchange_request1, &response_size, response);
1307 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1308 1 : assert_int_equal(
1309 : libspdm_secured_message_get_session_state(
1310 : spdm_context->session_info[0].secured_message_context),
1311 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1312 1 : spdm_response = (void *)response;
1313 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1314 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1315 1 : assert_int_equal(response_size,
1316 : sizeof(spdm_key_exchange_response_t) +
1317 : dhe_key_size +
1318 : sizeof(uint16_t) +
1319 : opaque_key_exchange_rsp_size +
1320 : libspdm_get_asym_signature_size(
1321 : spdm_context->connection_info.algorithm.base_asym_algo)
1322 : );
1323 :
1324 1 : free(data1);
1325 1 : }
1326 :
1327 1 : static void rsp_key_exchange_rsp_case16(void **state)
1328 : {
1329 : libspdm_return_t status;
1330 : libspdm_test_context_t *spdm_test_context;
1331 : libspdm_context_t *spdm_context;
1332 : size_t current_request_size;
1333 : size_t response_size;
1334 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1335 : spdm_key_exchange_response_t *spdm_response;
1336 : void *data1;
1337 : size_t data_size1;
1338 : uint8_t *ptr;
1339 : size_t dhe_key_size;
1340 : void *dhe_context;
1341 : size_t opaque_key_exchange_req_size;
1342 :
1343 1 : spdm_test_context = *state;
1344 1 : spdm_context = spdm_test_context->spdm_context;
1345 1 : spdm_test_context->case_id = 0x10;
1346 :
1347 1 : if(spdm_context->session_info[0].session_id != INVALID_SESSION_ID) {
1348 1 : libspdm_free_session_id(spdm_context,0xFFFFFFFF);
1349 : }
1350 :
1351 1 : spdm_context->connection_info.connection_state =
1352 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1353 1 : spdm_context->connection_info.capability.flags |=
1354 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1355 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1356 1 : spdm_context->local_context.capability.flags |=
1357 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1358 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1359 :
1360 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1361 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1362 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1363 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1364 : m_libspdm_use_measurement_hash_algo;
1365 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1366 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1367 :
1368 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1369 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1370 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1371 : m_libspdm_use_asym_algo, &data1,
1372 : &data_size1, NULL, NULL);
1373 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1374 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1375 :
1376 1 : libspdm_reset_message_a(spdm_context);
1377 :
1378 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request1.random_data);
1379 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
1380 1 : m_libspdm_key_exchange_request1.reserved = 0;
1381 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
1382 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1383 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1384 : false);
1385 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1386 1 : ptr += dhe_key_size;
1387 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1388 1 : opaque_key_exchange_req_size =
1389 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1390 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1391 1 : ptr += sizeof(uint16_t);
1392 1 : libspdm_build_opaque_data_supported_version_data(
1393 : spdm_context, &opaque_key_exchange_req_size, ptr);
1394 1 : ptr += opaque_key_exchange_req_size;
1395 :
1396 1 : current_request_size = sizeof(spdm_key_exchange_request_t) + dhe_key_size +
1397 1 : sizeof(uint16_t) + opaque_key_exchange_req_size;
1398 1 : response_size = sizeof(response);
1399 1 : status = libspdm_get_response_key_exchange(
1400 : spdm_context, current_request_size, &m_libspdm_key_exchange_request1,
1401 : &response_size, response);
1402 :
1403 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1404 1 : assert_int_equal(
1405 : libspdm_secured_message_get_session_state(
1406 : spdm_context->session_info[0].secured_message_context),
1407 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1408 1 : spdm_response = (void *)response;
1409 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1410 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1411 :
1412 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1413 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_k.buffer_size,
1414 : current_request_size + response_size);
1415 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer,
1416 : &m_libspdm_key_exchange_request1, current_request_size);
1417 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_k.buffer +
1418 : current_request_size,
1419 : response, response_size);
1420 : #endif
1421 1 : free(data1);
1422 1 : }
1423 :
1424 1 : static void rsp_key_exchange_rsp_case17(void **state)
1425 : {
1426 : libspdm_return_t status;
1427 : libspdm_test_context_t *spdm_test_context;
1428 : libspdm_context_t *spdm_context;
1429 : size_t response_size;
1430 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1431 : spdm_key_exchange_response_t *spdm_response;
1432 : void *data1;
1433 : size_t data_size1;
1434 : uint8_t *ptr;
1435 : size_t dhe_key_size;
1436 : void *dhe_context;
1437 : size_t opaque_key_exchange_req_size;
1438 :
1439 1 : spdm_test_context = *state;
1440 1 : spdm_context = spdm_test_context->spdm_context;
1441 1 : spdm_test_context->case_id = 0x11;
1442 1 : spdm_context->connection_info.connection_state =
1443 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1444 1 : spdm_context->connection_info.capability.flags |=
1445 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1446 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1447 1 : spdm_context->local_context.capability.flags |=
1448 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1449 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1450 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1451 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1452 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1453 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1454 : m_libspdm_use_measurement_hash_algo;
1455 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1456 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1457 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1458 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1459 1 : spdm_context->connection_info.algorithm.other_params_support =
1460 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1461 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1462 :
1463 1 : libspdm_session_info_init(spdm_context,
1464 1 : spdm_context->session_info,
1465 : 0,
1466 : INVALID_SESSION_ID, false);
1467 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1468 : m_libspdm_use_asym_algo, &data1,
1469 : &data_size1, NULL, NULL);
1470 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1471 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1472 :
1473 1 : libspdm_reset_message_a(spdm_context);
1474 :
1475 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request8.random_data);
1476 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1477 1 : m_libspdm_key_exchange_request8.reserved = 0;
1478 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1479 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1480 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1481 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1482 : false);
1483 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1484 1 : ptr += dhe_key_size;
1485 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1486 1 : opaque_key_exchange_req_size =
1487 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1488 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1489 1 : ptr += sizeof(uint16_t);
1490 1 : libspdm_build_opaque_data_supported_version_data(
1491 : spdm_context, &opaque_key_exchange_req_size, ptr);
1492 1 : ptr += opaque_key_exchange_req_size;
1493 1 : response_size = sizeof(response);
1494 1 : status = libspdm_get_response_key_exchange(
1495 : spdm_context, m_libspdm_key_exchange_request8_size,
1496 : &m_libspdm_key_exchange_request8, &response_size, response);
1497 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1498 : m_libspdm_key_exchange_request8.session_policy);
1499 1 : spdm_response = (void *)response;
1500 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_12);
1501 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1502 1 : assert_int_equal(
1503 : libspdm_secured_message_get_session_state(
1504 : spdm_context->session_info[0].secured_message_context),
1505 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1506 1 : spdm_response = (void *)response;
1507 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
1508 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1509 1 : free(data1);
1510 1 : }
1511 :
1512 : /**
1513 : * Test 18: SlotID in KEY_EXCHANGE request message is 9, but it should be 0xFF or between 0 and 7 inclusive.
1514 : * Expected Behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
1515 : **/
1516 1 : static void rsp_key_exchange_rsp_case18(void **state)
1517 : {
1518 : libspdm_return_t status;
1519 : libspdm_test_context_t *spdm_test_context;
1520 : libspdm_context_t *spdm_context;
1521 : size_t response_size;
1522 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1523 : spdm_key_exchange_response_t *spdm_response;
1524 : void *data1;
1525 : size_t data_size1;
1526 : uint8_t *ptr;
1527 : size_t dhe_key_size;
1528 : void *dhe_context;
1529 : size_t opaque_key_exchange_req_size;
1530 :
1531 1 : spdm_test_context = *state;
1532 1 : spdm_context = spdm_test_context->spdm_context;
1533 1 : spdm_test_context->case_id = 0x12;
1534 1 : spdm_context->connection_info.connection_state =
1535 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1536 1 : spdm_context->connection_info.capability.flags |=
1537 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1538 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1539 1 : spdm_context->local_context.capability.flags |=
1540 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1541 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1542 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1543 : m_libspdm_use_hash_algo;
1544 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1545 : m_libspdm_use_asym_algo;
1546 1 : spdm_context->connection_info.algorithm.measurement_spec =
1547 : m_libspdm_use_measurement_spec;
1548 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1549 : m_libspdm_use_measurement_hash_algo;
1550 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1551 : m_libspdm_use_dhe_algo;
1552 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1553 : m_libspdm_use_aead_algo;
1554 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1555 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1556 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1557 : m_libspdm_use_asym_algo, &data1,
1558 : &data_size1, NULL, NULL);
1559 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1560 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1561 : data_size1;
1562 :
1563 1 : libspdm_reset_message_a(spdm_context);
1564 :
1565 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1566 :
1567 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1568 : m_libspdm_key_exchange_request9.random_data);
1569 1 : m_libspdm_key_exchange_request9.req_session_id = 0xFFFF;
1570 1 : m_libspdm_key_exchange_request9.reserved = 0;
1571 1 : ptr = m_libspdm_key_exchange_request9.exchange_data;
1572 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1573 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1574 : false);
1575 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1576 1 : ptr += dhe_key_size;
1577 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1578 1 : opaque_key_exchange_req_size =
1579 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1580 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1581 1 : ptr += sizeof(uint16_t);
1582 1 : libspdm_build_opaque_data_supported_version_data(
1583 : spdm_context, &opaque_key_exchange_req_size, ptr);
1584 1 : ptr += opaque_key_exchange_req_size;
1585 1 : response_size = sizeof(response);
1586 1 : status = libspdm_get_response_key_exchange(
1587 : spdm_context, m_libspdm_key_exchange_request9_size,
1588 : &m_libspdm_key_exchange_request9, &response_size, response);
1589 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1590 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1591 1 : spdm_response = (void *)response;
1592 1 : assert_int_equal(spdm_response->header.request_response_code,
1593 : SPDM_ERROR);
1594 1 : assert_int_equal(spdm_response->header.param1,
1595 : SPDM_ERROR_CODE_INVALID_REQUEST);
1596 1 : assert_int_equal(spdm_response->header.param2, 0);
1597 1 : free(data1);
1598 1 : }
1599 :
1600 1 : static void rsp_key_exchange_rsp_case19(void **state)
1601 : {
1602 : libspdm_return_t status;
1603 : libspdm_test_context_t *spdm_test_context;
1604 : libspdm_context_t *spdm_context;
1605 : size_t response_size;
1606 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1607 : spdm_key_exchange_response_t *spdm_response;
1608 : void *data1;
1609 : size_t data_size1;
1610 : uint8_t *ptr;
1611 : size_t dhe_key_size;
1612 : void *dhe_context;
1613 :
1614 1 : spdm_test_context = *state;
1615 1 : spdm_context = spdm_test_context->spdm_context;
1616 1 : spdm_test_context->case_id = 0x13;
1617 1 : spdm_context->response_state = 0;
1618 1 : spdm_context->connection_info.connection_state =
1619 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1620 1 : spdm_context->connection_info.capability.flags = 0;
1621 1 : spdm_context->connection_info.capability.flags |=
1622 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1623 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1624 1 : spdm_context->local_context.capability.flags = 0;
1625 1 : spdm_context->local_context.capability.flags |=
1626 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1627 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1628 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1629 : m_libspdm_use_hash_algo;
1630 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1631 : m_libspdm_use_asym_algo;
1632 1 : spdm_context->connection_info.algorithm.measurement_spec =
1633 : m_libspdm_use_measurement_spec;
1634 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1635 : m_libspdm_use_measurement_hash_algo;
1636 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1637 : m_libspdm_use_dhe_algo;
1638 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1639 : m_libspdm_use_aead_algo;
1640 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1641 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1642 1 : spdm_context->connection_info.algorithm.other_params_support =
1643 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1644 :
1645 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1646 : m_libspdm_use_asym_algo, &data1,
1647 : &data_size1, NULL, NULL);
1648 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1649 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1650 : data_size1;
1651 :
1652 1 : libspdm_reset_message_a(spdm_context);
1653 :
1654 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1655 :
1656 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1657 : m_libspdm_key_exchange_request8.random_data);
1658 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1659 1 : m_libspdm_key_exchange_request8.reserved = 0;
1660 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1661 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1662 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1663 : false);
1664 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1665 1 : ptr += dhe_key_size;
1666 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1667 :
1668 : size_t opaque_data_size;
1669 : spdm_general_opaque_data_table_header_t
1670 : *spdm_general_opaque_data_table_header;
1671 : secured_message_opaque_element_table_header_t
1672 : *opaque_element_table_header;
1673 : secured_message_opaque_element_header_t
1674 : * secured_message_element_header;
1675 : uint8_t element_num;
1676 : uint8_t element_index;
1677 : size_t current_element_len;
1678 :
1679 1 : spdm_general_opaque_data_table_header =
1680 : (spdm_general_opaque_data_table_header_t *)(ptr + sizeof(uint16_t));
1681 1 : spdm_general_opaque_data_table_header->total_elements = 2;
1682 1 : opaque_element_table_header = (void *)(spdm_general_opaque_data_table_header + 1);
1683 :
1684 1 : element_num = spdm_general_opaque_data_table_header->total_elements;
1685 1 : opaque_data_size = sizeof(spdm_general_opaque_data_table_header_t);
1686 :
1687 3 : for (element_index = 0; element_index < element_num; element_index++) {
1688 2 : opaque_element_table_header->id = SPDM_REGISTRY_ID_DMTF;
1689 2 : opaque_element_table_header->vendor_len = 0;
1690 : /* When opaque_element_data_len is not four byte aligned*/
1691 2 : opaque_element_table_header->opaque_element_data_len = 0xF;
1692 :
1693 2 : secured_message_element_header = (void *)(opaque_element_table_header + 1);
1694 2 : secured_message_element_header->sm_data_id =
1695 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_ID_SUPPORTED_VERSION;
1696 2 : secured_message_element_header->sm_data_version =
1697 : SECURED_MESSAGE_OPAQUE_ELEMENT_SMDATA_DATA_VERSION;
1698 :
1699 2 : current_element_len = sizeof(secured_message_opaque_element_table_header_t) +
1700 2 : opaque_element_table_header->vendor_len +
1701 2 : sizeof(opaque_element_table_header->opaque_element_data_len) +
1702 2 : opaque_element_table_header->opaque_element_data_len;
1703 :
1704 : /*move to next element*/
1705 2 : opaque_element_table_header =
1706 : (secured_message_opaque_element_table_header_t *)
1707 : ((uint8_t *)opaque_element_table_header +
1708 : current_element_len);
1709 :
1710 2 : opaque_data_size += current_element_len;
1711 : }
1712 :
1713 1 : *(uint16_t *)ptr = (uint16_t)opaque_data_size;
1714 :
1715 1 : response_size = sizeof(response);
1716 1 : status = libspdm_get_response_key_exchange(
1717 : spdm_context, m_libspdm_key_exchange_request8_size,
1718 : &m_libspdm_key_exchange_request8, &response_size, response);
1719 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1720 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1721 1 : spdm_response = (void *)response;
1722 1 : assert_int_equal(spdm_response->header.request_response_code,
1723 : SPDM_ERROR);
1724 1 : assert_int_equal(spdm_response->header.param1,
1725 : SPDM_ERROR_CODE_INVALID_REQUEST);
1726 1 : assert_int_equal(spdm_response->header.param2, 0);
1727 1 : free(data1);
1728 1 : }
1729 :
1730 1 : static void rsp_key_exchange_rsp_case20(void **state)
1731 : {
1732 : libspdm_return_t status;
1733 : libspdm_test_context_t *spdm_test_context;
1734 : libspdm_context_t *spdm_context;
1735 : size_t response_size;
1736 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1737 : spdm_key_exchange_response_t *spdm_response;
1738 : void *data1;
1739 : size_t data_size1;
1740 : uint8_t *ptr;
1741 : size_t dhe_key_size;
1742 : void *dhe_context;
1743 : size_t opaque_key_exchange_req_size;
1744 :
1745 1 : spdm_test_context = *state;
1746 1 : spdm_context = spdm_test_context->spdm_context;
1747 1 : spdm_test_context->case_id = 0x14;
1748 1 : spdm_context->connection_info.connection_state =
1749 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1750 1 : spdm_context->connection_info.capability.flags =
1751 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1752 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1753 1 : spdm_context->local_context.capability.flags =
1754 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1755 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
1756 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
1757 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1758 : m_libspdm_use_hash_algo;
1759 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1760 : m_libspdm_use_asym_algo;
1761 1 : spdm_context->connection_info.algorithm.measurement_spec =
1762 : m_libspdm_use_measurement_spec;
1763 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1764 : m_libspdm_use_measurement_hash_algo;
1765 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1766 : m_libspdm_use_dhe_algo;
1767 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1768 : m_libspdm_use_aead_algo;
1769 1 : spdm_context->connection_info.algorithm.other_params_support =
1770 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1771 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_12 <<
1772 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1773 :
1774 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1775 :
1776 1 : libspdm_session_info_init(spdm_context,
1777 1 : spdm_context->session_info,
1778 : 0,
1779 : INVALID_SESSION_ID, false);
1780 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1781 : m_libspdm_use_asym_algo, &data1,
1782 : &data_size1, NULL, NULL);
1783 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1784 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1785 :
1786 1 : libspdm_reset_message_a(spdm_context);
1787 :
1788 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
1789 : m_libspdm_key_exchange_request8.random_data);
1790 1 : m_libspdm_key_exchange_request8.req_session_id = 0xFFFF;
1791 1 : m_libspdm_key_exchange_request8.reserved = 0;
1792 1 : m_libspdm_key_exchange_request8.session_policy = 0xFF;
1793 1 : ptr = m_libspdm_key_exchange_request8.exchange_data;
1794 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1795 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1796 : false);
1797 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1798 1 : ptr += dhe_key_size;
1799 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1800 1 : opaque_key_exchange_req_size =
1801 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1802 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1803 1 : ptr += sizeof(uint16_t);
1804 1 : libspdm_build_opaque_data_supported_version_data(
1805 : spdm_context, &opaque_key_exchange_req_size, ptr);
1806 1 : ptr += opaque_key_exchange_req_size;
1807 1 : response_size = sizeof(response);
1808 1 : status = libspdm_get_response_key_exchange(
1809 : spdm_context, m_libspdm_key_exchange_request8_size,
1810 : &m_libspdm_key_exchange_request8, &response_size, response);
1811 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
1812 : m_libspdm_key_exchange_request8.session_policy);
1813 1 : spdm_response = (void *)response;
1814 1 : assert_int_equal(spdm_response->header.spdm_version,
1815 : SPDM_MESSAGE_VERSION_12);
1816 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1817 1 : assert_int_equal(
1818 : libspdm_secured_message_get_session_state(
1819 : spdm_context->session_info[0].secured_message_context),
1820 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1821 1 : spdm_response = (void *)response;
1822 1 : assert_int_equal(spdm_response->header.request_response_code,
1823 : SPDM_KEY_EXCHANGE_RSP);
1824 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
1825 1 : free(data1);
1826 1 : }
1827 :
1828 : /**
1829 : * Test 21: The key usage bit mask is not set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot
1830 : * Expected Behavior: get a SPDM_ERROR_CODE_INVALID_REQUEST return code
1831 : **/
1832 1 : static void rsp_key_exchange_rsp_case21(void **state)
1833 : {
1834 : libspdm_return_t status;
1835 : libspdm_test_context_t *spdm_test_context;
1836 : libspdm_context_t *spdm_context;
1837 : size_t response_size;
1838 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1839 : spdm_key_exchange_response_t *spdm_response;
1840 : void *data1;
1841 : size_t data_size1;
1842 : uint8_t *ptr;
1843 : size_t dhe_key_size;
1844 : void *dhe_context;
1845 : size_t opaque_key_exchange_req_size;
1846 : uint8_t slot_id;
1847 :
1848 1 : spdm_test_context = *state;
1849 1 : spdm_context = spdm_test_context->spdm_context;
1850 1 : spdm_test_context->case_id = 0x15;
1851 1 : spdm_context->connection_info.connection_state =
1852 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1853 1 : spdm_context->connection_info.capability.flags |=
1854 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
1855 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
1856 1 : spdm_context->local_context.capability.flags |=
1857 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1858 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP;
1859 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1860 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1861 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1862 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1863 : m_libspdm_use_measurement_hash_algo;
1864 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1865 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1866 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1867 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1868 1 : spdm_context->connection_info.algorithm.other_params_support =
1869 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1870 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1871 1 : spdm_context->connection_info.multi_key_conn_rsp = true;
1872 :
1873 1 : libspdm_session_info_init(spdm_context,
1874 1 : spdm_context->session_info,
1875 : 0,
1876 : INVALID_SESSION_ID, false);
1877 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1878 : m_libspdm_use_asym_algo, &data1,
1879 : &data_size1, NULL, NULL);
1880 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1881 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1882 :
1883 1 : libspdm_reset_message_a(spdm_context);
1884 :
1885 : /* If set, the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP can specify this certificate slot. If not set,
1886 : * the SlotID fields in KEY_EXCHANGE and KEY_EXCHANGE_RSP shall not specify this certificate slot */
1887 1 : slot_id = 0;
1888 1 : m_libspdm_key_exchange_request10.header.param2 = slot_id;
1889 1 : spdm_context->local_context.local_key_usage_bit_mask[slot_id] =
1890 : SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE |
1891 : SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE;
1892 :
1893 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1894 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1895 1 : m_libspdm_key_exchange_request10.reserved = 0;
1896 1 : m_libspdm_key_exchange_request10.session_policy = 0xFF;
1897 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1898 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1899 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1900 : false);
1901 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1902 1 : ptr += dhe_key_size;
1903 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1904 1 : opaque_key_exchange_req_size =
1905 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1906 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1907 1 : ptr += sizeof(uint16_t);
1908 1 : libspdm_build_opaque_data_supported_version_data(
1909 : spdm_context, &opaque_key_exchange_req_size, ptr);
1910 1 : ptr += opaque_key_exchange_req_size;
1911 1 : response_size = sizeof(response);
1912 1 : status = libspdm_get_response_key_exchange(
1913 : spdm_context, m_libspdm_key_exchange_request10_size,
1914 : &m_libspdm_key_exchange_request10, &response_size, response);
1915 :
1916 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1917 1 : assert_int_equal (response_size, sizeof(spdm_error_response_t));
1918 1 : spdm_response = (void *)response;
1919 1 : assert_int_equal (spdm_response->header.request_response_code, SPDM_ERROR);
1920 1 : assert_int_equal (spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST);
1921 1 : assert_int_equal (spdm_response->header.param2, 0);
1922 :
1923 1 : free(data1);
1924 1 : }
1925 :
1926 : /**
1927 : * Test 21: The Requester subscribes to all events supported by the Responder.
1928 : * Expected Behavior: Responder successfully subscribes the Requester to all events.
1929 : **/
1930 1 : static void rsp_key_exchange_rsp_case22(void **state)
1931 : {
1932 : #if LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP
1933 : libspdm_return_t status;
1934 : libspdm_test_context_t *spdm_test_context;
1935 : libspdm_context_t *spdm_context;
1936 : size_t response_size;
1937 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1938 : spdm_key_exchange_response_t *spdm_response;
1939 : void *data1;
1940 : size_t data_size1;
1941 : uint8_t *ptr;
1942 : size_t dhe_key_size;
1943 : void *dhe_context;
1944 : size_t opaque_key_exchange_req_size;
1945 :
1946 1 : spdm_test_context = *state;
1947 1 : spdm_context = spdm_test_context->spdm_context;
1948 1 : spdm_test_context->case_id = 0x16;
1949 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1950 1 : spdm_context->connection_info.capability.flags |=
1951 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
1952 1 : spdm_context->local_context.capability.flags |=
1953 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
1954 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EVENT_CAP;
1955 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1956 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1957 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1958 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1959 : m_libspdm_use_measurement_hash_algo;
1960 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1961 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1962 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
1963 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1964 1 : spdm_context->connection_info.algorithm.other_params_support =
1965 : SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1;
1966 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
1967 1 : spdm_context->connection_info.multi_key_conn_rsp = false;
1968 :
1969 1 : libspdm_session_info_init(spdm_context, spdm_context->session_info, INVALID_SESSION_ID,
1970 : 0, false);
1971 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1972 : m_libspdm_use_asym_algo, &data1,
1973 : &data_size1, NULL, NULL);
1974 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1975 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1976 :
1977 1 : libspdm_reset_message_a(spdm_context);
1978 :
1979 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE, m_libspdm_key_exchange_request10.random_data);
1980 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
1981 1 : m_libspdm_key_exchange_request10.reserved = 0;
1982 1 : m_libspdm_key_exchange_request10.session_policy =
1983 : SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_EVENT_ALL_POLICY;
1984 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
1985 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
1986 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
1987 : false);
1988 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
1989 1 : ptr += dhe_key_size;
1990 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
1991 1 : opaque_key_exchange_req_size =
1992 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
1993 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
1994 1 : ptr += sizeof(uint16_t);
1995 1 : libspdm_build_opaque_data_supported_version_data(
1996 : spdm_context, &opaque_key_exchange_req_size, ptr);
1997 1 : ptr += opaque_key_exchange_req_size;
1998 1 : response_size = sizeof(response);
1999 :
2000 1 : status = libspdm_get_response_key_exchange(
2001 : spdm_context, m_libspdm_key_exchange_request10_size,
2002 : &m_libspdm_key_exchange_request10, &response_size, response);
2003 :
2004 1 : assert_int_equal(spdm_context->session_info[0].session_policy,
2005 : m_libspdm_key_exchange_request10.session_policy);
2006 1 : spdm_response = (void *)response;
2007 1 : assert_int_equal(spdm_response->header.spdm_version, SPDM_MESSAGE_VERSION_13);
2008 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2009 1 : assert_int_equal(
2010 : libspdm_secured_message_get_session_state(
2011 : spdm_context->session_info[0].secured_message_context),
2012 : LIBSPDM_SESSION_STATE_HANDSHAKING);
2013 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_KEY_EXCHANGE_RSP);
2014 1 : assert_int_equal(spdm_response->rsp_session_id, 0xFFFF);
2015 1 : assert_true(g_event_all_subscribe && !g_event_all_unsubscribe);
2016 1 : free(data1);
2017 : #endif /* LIBSPDM_ENABLE_CAPABILITY_EVENT_CAP */
2018 1 : }
2019 :
2020 1 : static void rsp_key_exchange_rsp_case23(void **state)
2021 : {
2022 : libspdm_return_t status;
2023 : libspdm_test_context_t *spdm_test_context;
2024 : libspdm_context_t *spdm_context;
2025 : size_t response_size;
2026 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2027 : spdm_key_exchange_response_t *spdm_response;
2028 : void *data1;
2029 : size_t data_size1;
2030 : uint8_t *ptr;
2031 : size_t dhe_key_size;
2032 : void *dhe_context;
2033 : size_t opaque_key_exchange_req_size;
2034 :
2035 1 : spdm_test_context = *state;
2036 1 : spdm_context = spdm_test_context->spdm_context;
2037 1 : spdm_test_context->case_id = 0x17;
2038 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2039 1 : spdm_context->connection_info.capability.flags |=
2040 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2041 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2042 1 : spdm_context->local_context.capability.flags |=
2043 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2044 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2045 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2046 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2047 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2048 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2049 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2050 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2051 : m_libspdm_use_measurement_hash_algo;
2052 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2053 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2054 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
2055 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2056 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2057 : m_libspdm_use_asym_algo, &data1,
2058 : &data_size1, NULL, NULL);
2059 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2060 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2061 :
2062 1 : libspdm_reset_message_a(spdm_context);
2063 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
2064 1 : g_mandatory_mut_auth = true;
2065 :
2066 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
2067 :
2068 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2069 : m_libspdm_key_exchange_request1.random_data);
2070 1 : m_libspdm_key_exchange_request1.req_session_id = 0xFFFF;
2071 1 : m_libspdm_key_exchange_request1.reserved = 0;
2072 1 : ptr = m_libspdm_key_exchange_request1.exchange_data;
2073 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2074 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2075 : false);
2076 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2077 1 : ptr += dhe_key_size;
2078 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2079 1 : opaque_key_exchange_req_size =
2080 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2081 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2082 1 : ptr += sizeof(uint16_t);
2083 1 : libspdm_build_opaque_data_supported_version_data(
2084 : spdm_context, &opaque_key_exchange_req_size, ptr);
2085 1 : ptr += opaque_key_exchange_req_size;
2086 1 : response_size = sizeof(response);
2087 1 : status = libspdm_get_response_key_exchange(
2088 : spdm_context, m_libspdm_key_exchange_request1_size,
2089 : &m_libspdm_key_exchange_request1, &response_size, response);
2090 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2091 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2092 1 : spdm_response = (void *)response;
2093 1 : assert_int_equal(spdm_response->header.request_response_code,
2094 : SPDM_ERROR);
2095 1 : assert_int_equal(spdm_response->header.param1,
2096 : SPDM_ERROR_CODE_UNSPECIFIED);
2097 1 : assert_int_equal(spdm_response->header.param2, 0);
2098 :
2099 1 : g_key_exchange_start_mut_auth = 0;
2100 1 : g_mandatory_mut_auth = false;
2101 1 : free(data1);
2102 1 : }
2103 :
2104 :
2105 1 : static void rsp_key_exchange_rsp_case24(void **state)
2106 : {
2107 : libspdm_return_t status;
2108 : libspdm_test_context_t *spdm_test_context;
2109 : libspdm_context_t *spdm_context;
2110 : size_t response_size;
2111 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
2112 : spdm_key_exchange_response_t *spdm_response;
2113 : void *data1;
2114 : size_t data_size1;
2115 : uint8_t *ptr;
2116 : size_t dhe_key_size;
2117 : void *dhe_context;
2118 : size_t opaque_key_exchange_req_size;
2119 :
2120 1 : spdm_test_context = *state;
2121 1 : spdm_context = spdm_test_context->spdm_context;
2122 1 : spdm_test_context->case_id = 0x18;
2123 1 : spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED;
2124 1 : spdm_context->connection_info.capability.flags |=
2125 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP |
2126 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP;
2127 1 : spdm_context->local_context.capability.flags |=
2128 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP |
2129 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP |
2130 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP |
2131 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP;
2132 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
2133 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
2134 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
2135 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
2136 : m_libspdm_use_measurement_hash_algo;
2137 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
2138 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
2139 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
2140 : SPDM_VERSION_NUMBER_SHIFT_BIT;
2141 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
2142 : m_libspdm_use_asym_algo, &data1,
2143 : &data_size1, NULL, NULL);
2144 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
2145 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
2146 :
2147 1 : libspdm_reset_message_a(spdm_context);
2148 1 : g_key_exchange_start_mut_auth = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
2149 1 : g_mandatory_mut_auth = true;
2150 :
2151 1 : spdm_context->local_context.secured_message_version.secured_message_version_count = 1;
2152 :
2153 1 : libspdm_get_random_number(SPDM_RANDOM_DATA_SIZE,
2154 : m_libspdm_key_exchange_request10.random_data);
2155 1 : m_libspdm_key_exchange_request10.req_session_id = 0xFFFF;
2156 1 : m_libspdm_key_exchange_request10.reserved = 0;
2157 1 : ptr = m_libspdm_key_exchange_request10.exchange_data;
2158 1 : dhe_key_size = libspdm_get_dhe_pub_key_size(m_libspdm_use_dhe_algo);
2159 1 : dhe_context = libspdm_dhe_new(spdm_context->connection_info.version, m_libspdm_use_dhe_algo,
2160 : false);
2161 1 : libspdm_dhe_generate_key(m_libspdm_use_dhe_algo, dhe_context, ptr, &dhe_key_size);
2162 1 : ptr += dhe_key_size;
2163 1 : libspdm_dhe_free(m_libspdm_use_dhe_algo, dhe_context);
2164 1 : opaque_key_exchange_req_size =
2165 1 : libspdm_get_opaque_data_supported_version_data_size(spdm_context);
2166 1 : *(uint16_t *)ptr = (uint16_t)opaque_key_exchange_req_size;
2167 1 : ptr += sizeof(uint16_t);
2168 1 : libspdm_build_opaque_data_supported_version_data(
2169 : spdm_context, &opaque_key_exchange_req_size, ptr);
2170 1 : ptr += opaque_key_exchange_req_size;
2171 1 : response_size = sizeof(response);
2172 1 : status = libspdm_get_response_key_exchange(
2173 : spdm_context, m_libspdm_key_exchange_request10_size,
2174 : &m_libspdm_key_exchange_request10, &response_size, response);
2175 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
2176 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
2177 1 : spdm_response = (void *)response;
2178 1 : assert_int_equal(spdm_response->header.request_response_code,
2179 : SPDM_ERROR);
2180 1 : assert_int_equal(spdm_response->header.param1,
2181 : SPDM_ERROR_CODE_INVALID_POLICY);
2182 1 : assert_int_equal(spdm_response->header.param2, 0);
2183 :
2184 1 : g_mandatory_mut_auth = false;
2185 1 : g_key_exchange_start_mut_auth = 0;
2186 1 : free(data1);
2187 1 : }
2188 :
2189 1 : int libspdm_rsp_key_exchange_rsp_test(void)
2190 : {
2191 1 : const struct CMUnitTest test_cases[] = {
2192 : /* Success Case*/
2193 : cmocka_unit_test(rsp_key_exchange_rsp_case1),
2194 : /* Bad request size*/
2195 : cmocka_unit_test(rsp_key_exchange_rsp_case2),
2196 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
2197 : cmocka_unit_test(rsp_key_exchange_rsp_case3),
2198 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
2199 : cmocka_unit_test(rsp_key_exchange_rsp_case4),
2200 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2201 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
2202 : cmocka_unit_test(rsp_key_exchange_rsp_case5),
2203 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
2204 : /* connection_state Check*/
2205 : cmocka_unit_test(rsp_key_exchange_rsp_case6),
2206 : /* Buffer reset*/
2207 : cmocka_unit_test(rsp_key_exchange_rsp_case7),
2208 : /* TCB measurement hash requested */
2209 : cmocka_unit_test(rsp_key_exchange_rsp_case8),
2210 : /* All measurement hash requested */
2211 : cmocka_unit_test(rsp_key_exchange_rsp_case9),
2212 : /* Reserved value in Measurement summary. Error + Invalid */
2213 : cmocka_unit_test(rsp_key_exchange_rsp_case10),
2214 : /* TCB measurement hash requested, measurement flag not set */
2215 : cmocka_unit_test(rsp_key_exchange_rsp_case11),
2216 : /* Request previously provisioned public key, slot 0xFF */
2217 : cmocka_unit_test(rsp_key_exchange_rsp_case14),
2218 : /* HANDSHAKE_IN_THE_CLEAR set for requester and responder */
2219 : cmocka_unit_test(rsp_key_exchange_rsp_case15),
2220 : /* Buffer verification*/
2221 : cmocka_unit_test(rsp_key_exchange_rsp_case16),
2222 : /* Successful response V1.2*/
2223 : cmocka_unit_test(rsp_key_exchange_rsp_case17),
2224 : /* Invalid SlotID in KEY_EXCHANGE request message*/
2225 : cmocka_unit_test(rsp_key_exchange_rsp_case18),
2226 : /* Only OpaqueDataFmt1 is supported, Bytes not aligned*/
2227 : cmocka_unit_test(rsp_key_exchange_rsp_case19),
2228 : /* OpaqueData only supports OpaqueDataFmt1, Success Case */
2229 : cmocka_unit_test(rsp_key_exchange_rsp_case20),
2230 : /* The key usage bit mask is not set, failed Case*/
2231 : cmocka_unit_test(rsp_key_exchange_rsp_case21),
2232 : cmocka_unit_test(rsp_key_exchange_rsp_case22),
2233 : /* The Responder requires mutual authentication, but the Requester does not support it */
2234 : cmocka_unit_test(rsp_key_exchange_rsp_case23),
2235 : cmocka_unit_test(rsp_key_exchange_rsp_case24),
2236 : };
2237 :
2238 1 : libspdm_test_context_t test_context = {
2239 : LIBSPDM_TEST_CONTEXT_VERSION,
2240 : false,
2241 : };
2242 :
2243 1 : libspdm_setup_test_context(&test_context);
2244 :
2245 1 : return cmocka_run_group_tests(test_cases,
2246 : libspdm_unit_test_group_setup,
2247 : libspdm_unit_test_group_teardown);
2248 : }
2249 :
2250 : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
|
