Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "spdm_unit_test.h"
8 : #include "internal/libspdm_responder_lib.h"
9 : #include "internal/libspdm_secured_message_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
12 : #pragma pack(1)
13 : typedef struct {
14 : spdm_message_header_t header;
15 : uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
16 : } libspdm_psk_finish_request_mine_t;
17 :
18 : typedef struct {
19 : spdm_message_header_t header;
20 : uint16_t opaque_data_size;
21 : uint8_t opaque_data[8];
22 : uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
23 : } libspdm_psk_finish_request_mine_14_t;
24 : #pragma pack()
25 :
26 : static libspdm_th_managed_buffer_t th_curr;
27 :
28 : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request1 = {
29 : { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
30 : };
31 : size_t m_libspdm_psk_finish_request1_size = sizeof(m_libspdm_psk_finish_request1);
32 :
33 : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request2 = {
34 : { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
35 : };
36 : size_t m_libspdm_psk_finish_request2_size = LIBSPDM_MAX_SPDM_MSG_SIZE;
37 :
38 : libspdm_psk_finish_request_mine_14_t m_libspdm_psk_finish_request3 = {
39 : { SPDM_MESSAGE_VERSION_14, SPDM_PSK_FINISH, 0, 0 },
40 : };
41 : size_t m_libspdm_psk_finish_request3_size = sizeof(m_libspdm_psk_finish_request3);
42 :
43 : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
44 :
45 15 : static void libspdm_secured_message_set_request_finished_key(
46 : void *spdm_secured_message_context, const void *key, size_t key_size)
47 : {
48 : libspdm_secured_message_context_t *secured_message_context;
49 :
50 15 : secured_message_context = spdm_secured_message_context;
51 15 : LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
52 15 : libspdm_copy_mem(secured_message_context->handshake_secret.request_finished_key,
53 : sizeof(secured_message_context->handshake_secret.request_finished_key),
54 : key, secured_message_context->hash_size);
55 15 : }
56 :
57 : /**
58 : * Test 1: receiving a correct PSK_FINISH message from the requester with a
59 : * correct MAC.
60 : * Expected behavior: the responder accepts the request and produces a valid
61 : * PSK_FINISH_RSP response message.
62 : **/
63 1 : static void rsp_psk_finish_rsp_case1(void **state)
64 : {
65 : libspdm_return_t status;
66 : libspdm_test_context_t *spdm_test_context;
67 : libspdm_context_t *spdm_context;
68 : size_t response_size;
69 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
70 : spdm_psk_finish_response_t *spdm_response;
71 : void *data1;
72 : size_t data_size1;
73 : uint8_t *ptr;
74 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
75 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
76 : libspdm_session_info_t *session_info;
77 : uint32_t session_id;
78 : uint32_t hash_size;
79 : uint32_t hmac_size;
80 :
81 1 : spdm_test_context = *state;
82 1 : spdm_context = spdm_test_context->spdm_context;
83 1 : spdm_test_context->case_id = 0x1;
84 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
85 : SPDM_VERSION_NUMBER_SHIFT_BIT;
86 1 : spdm_context->connection_info.connection_state =
87 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
88 1 : spdm_context->connection_info.capability.flags |=
89 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
90 1 : spdm_context->local_context.capability.flags |=
91 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
92 1 : spdm_context->connection_info.algorithm.base_hash_algo =
93 : m_libspdm_use_hash_algo;
94 1 : spdm_context->connection_info.algorithm.base_asym_algo =
95 : m_libspdm_use_asym_algo;
96 1 : spdm_context->connection_info.algorithm.measurement_spec =
97 : m_libspdm_use_measurement_spec;
98 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
99 : m_libspdm_use_measurement_hash_algo;
100 1 : spdm_context->connection_info.algorithm.dhe_named_group =
101 : m_libspdm_use_dhe_algo;
102 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
103 : m_libspdm_use_aead_algo;
104 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
105 : m_libspdm_use_asym_algo, &data1,
106 : &data_size1, NULL, NULL);
107 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
108 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
109 : data_size1;
110 :
111 1 : libspdm_reset_message_a(spdm_context);
112 :
113 1 : session_id = 0xFFFFFFFF;
114 1 : spdm_context->latest_session_id = session_id;
115 1 : spdm_context->last_spdm_request_session_id_valid = true;
116 1 : spdm_context->last_spdm_request_session_id = session_id;
117 1 : session_info = &spdm_context->session_info[0];
118 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
119 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
120 1 : libspdm_session_info_set_psk_hint(session_info,
121 : LIBSPDM_TEST_PSK_HINT_STRING,
122 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
123 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
124 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
125 1 : libspdm_secured_message_set_request_finished_key(
126 : session_info->secured_message_context, m_libspdm_dummy_buffer,
127 : hash_size);
128 1 : libspdm_secured_message_set_session_state(
129 : session_info->secured_message_context,
130 : LIBSPDM_SESSION_STATE_HANDSHAKING);
131 :
132 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
133 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
134 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
135 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
136 : /* transcript.message_a size is 0
137 : * session_transcript.message_k is 0*/
138 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
139 : sizeof(spdm_psk_finish_request_t));
140 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
141 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
142 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
143 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
144 : request_finished_key, hash_size, ptr);
145 1 : m_libspdm_psk_finish_request1_size =
146 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
147 1 : response_size = sizeof(response);
148 1 : status = libspdm_get_response_psk_finish(spdm_context,
149 : m_libspdm_psk_finish_request1_size,
150 : &m_libspdm_psk_finish_request1,
151 : &response_size, response);
152 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
153 1 : assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
154 1 : spdm_response = (void *)response;
155 1 : assert_int_equal(spdm_response->header.request_response_code,
156 : SPDM_PSK_FINISH_RSP);
157 1 : free(data1);
158 1 : }
159 :
160 : /**
161 : * Test 2: receiving a PSK_FINISH message larger than specified.
162 : * Expected behavior: the responder refuses the PSK_FINISH message and
163 : * produces an ERROR message indicating the InvalidRequest.
164 : **/
165 1 : static void rsp_psk_finish_rsp_case2(void **state)
166 : {
167 : libspdm_return_t status;
168 : libspdm_test_context_t *spdm_test_context;
169 : libspdm_context_t *spdm_context;
170 : size_t response_size;
171 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
172 : spdm_psk_finish_response_t *spdm_response;
173 : void *data1;
174 : size_t data_size1;
175 : uint8_t *ptr;
176 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
177 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
178 : libspdm_session_info_t *session_info;
179 : uint32_t session_id;
180 : uint32_t hash_size;
181 :
182 1 : spdm_test_context = *state;
183 1 : spdm_context = spdm_test_context->spdm_context;
184 1 : spdm_test_context->case_id = 0x2;
185 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
186 : SPDM_VERSION_NUMBER_SHIFT_BIT;
187 1 : spdm_context->connection_info.connection_state =
188 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
189 1 : spdm_context->connection_info.capability.flags |=
190 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
191 1 : spdm_context->local_context.capability.flags |=
192 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
193 1 : spdm_context->connection_info.algorithm.base_hash_algo =
194 : m_libspdm_use_hash_algo;
195 1 : spdm_context->connection_info.algorithm.base_asym_algo =
196 : m_libspdm_use_asym_algo;
197 1 : spdm_context->connection_info.algorithm.measurement_spec =
198 : m_libspdm_use_measurement_spec;
199 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
200 : m_libspdm_use_measurement_hash_algo;
201 1 : spdm_context->connection_info.algorithm.dhe_named_group =
202 : m_libspdm_use_dhe_algo;
203 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
204 : m_libspdm_use_aead_algo;
205 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
206 : m_libspdm_use_asym_algo, &data1,
207 : &data_size1, NULL, NULL);
208 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
209 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
210 : data_size1;
211 :
212 1 : libspdm_reset_message_a(spdm_context);
213 :
214 1 : session_id = 0xFFFFFFFF;
215 1 : spdm_context->latest_session_id = session_id;
216 1 : spdm_context->last_spdm_request_session_id_valid = true;
217 1 : spdm_context->last_spdm_request_session_id = session_id;
218 1 : session_info = &spdm_context->session_info[0];
219 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
220 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
221 1 : libspdm_session_info_set_psk_hint(session_info,
222 : LIBSPDM_TEST_PSK_HINT_STRING,
223 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
224 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
225 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
226 1 : libspdm_secured_message_set_request_finished_key(
227 : session_info->secured_message_context, m_libspdm_dummy_buffer,
228 : hash_size);
229 1 : libspdm_secured_message_set_session_state(
230 : session_info->secured_message_context,
231 : LIBSPDM_SESSION_STATE_HANDSHAKING);
232 :
233 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
234 1 : ptr = m_libspdm_psk_finish_request2.verify_data;
235 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
236 : /* transcript.message_a size is 0
237 : * session_transcript.message_k is 0*/
238 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request2,
239 : sizeof(spdm_psk_finish_request_t));
240 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
241 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
242 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
243 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
244 : request_finished_key, hash_size, ptr);
245 1 : response_size = sizeof(response);
246 1 : status = libspdm_get_response_psk_finish(spdm_context,
247 : m_libspdm_psk_finish_request2_size,
248 : &m_libspdm_psk_finish_request2,
249 : &response_size, response);
250 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
251 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
252 1 : spdm_response = (void *)response;
253 1 : assert_int_equal(spdm_response->header.request_response_code,
254 : SPDM_ERROR);
255 1 : assert_int_equal(spdm_response->header.param1,
256 : SPDM_ERROR_CODE_INVALID_REQUEST);
257 1 : assert_int_equal(spdm_response->header.param2, 0);
258 1 : free(data1);
259 1 : }
260 :
261 : /**
262 : * Test 3: receiving a correct PSK_FINISH from the requester, but the
263 : * responder is in a Busy state.
264 : * Expected behavior: the responder accepts the request, but produces an
265 : * ERROR message indicating the Busy state.
266 : **/
267 1 : static void rsp_psk_finish_rsp_case3(void **state)
268 : {
269 : libspdm_return_t status;
270 : libspdm_test_context_t *spdm_test_context;
271 : libspdm_context_t *spdm_context;
272 : size_t response_size;
273 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
274 : spdm_psk_finish_response_t *spdm_response;
275 : void *data1;
276 : size_t data_size1;
277 : uint8_t *ptr;
278 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
279 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
280 : libspdm_session_info_t *session_info;
281 : uint32_t session_id;
282 : uint32_t hash_size;
283 : uint32_t hmac_size;
284 :
285 1 : spdm_test_context = *state;
286 1 : spdm_context = spdm_test_context->spdm_context;
287 1 : spdm_test_context->case_id = 0x3;
288 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
289 : SPDM_VERSION_NUMBER_SHIFT_BIT;
290 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
291 1 : spdm_context->connection_info.connection_state =
292 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
293 1 : spdm_context->connection_info.capability.flags |=
294 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
295 1 : spdm_context->local_context.capability.flags |=
296 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
297 1 : spdm_context->connection_info.algorithm.base_hash_algo =
298 : m_libspdm_use_hash_algo;
299 1 : spdm_context->connection_info.algorithm.base_asym_algo =
300 : m_libspdm_use_asym_algo;
301 1 : spdm_context->connection_info.algorithm.measurement_spec =
302 : m_libspdm_use_measurement_spec;
303 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
304 : m_libspdm_use_measurement_hash_algo;
305 1 : spdm_context->connection_info.algorithm.dhe_named_group =
306 : m_libspdm_use_dhe_algo;
307 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
308 : m_libspdm_use_aead_algo;
309 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
310 : m_libspdm_use_asym_algo, &data1,
311 : &data_size1, NULL, NULL);
312 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
313 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
314 : data_size1;
315 :
316 1 : libspdm_reset_message_a(spdm_context);
317 :
318 1 : session_id = 0xFFFFFFFF;
319 1 : spdm_context->latest_session_id = session_id;
320 1 : spdm_context->last_spdm_request_session_id_valid = true;
321 1 : spdm_context->last_spdm_request_session_id = session_id;
322 1 : session_info = &spdm_context->session_info[0];
323 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
324 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
325 1 : libspdm_session_info_set_psk_hint(session_info,
326 : LIBSPDM_TEST_PSK_HINT_STRING,
327 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
328 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
329 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
330 1 : libspdm_secured_message_set_request_finished_key(
331 : session_info->secured_message_context, m_libspdm_dummy_buffer,
332 : hash_size);
333 1 : libspdm_secured_message_set_session_state(
334 : session_info->secured_message_context,
335 : LIBSPDM_SESSION_STATE_HANDSHAKING);
336 :
337 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
338 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
339 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
340 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
341 : /* transcript.message_a size is 0
342 : * session_transcript.message_k is 0*/
343 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
344 : sizeof(spdm_psk_finish_request_t));
345 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
346 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
347 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
348 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
349 : request_finished_key, hash_size, ptr);
350 1 : m_libspdm_psk_finish_request1_size =
351 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
352 1 : response_size = sizeof(response);
353 1 : status = libspdm_get_response_psk_finish(spdm_context,
354 : m_libspdm_psk_finish_request1_size,
355 : &m_libspdm_psk_finish_request1,
356 : &response_size, response);
357 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
358 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
359 1 : spdm_response = (void *)response;
360 1 : assert_int_equal(spdm_response->header.request_response_code,
361 : SPDM_ERROR);
362 1 : assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
363 1 : assert_int_equal(spdm_response->header.param2, 0);
364 1 : assert_int_equal(spdm_context->response_state,
365 : LIBSPDM_RESPONSE_STATE_BUSY);
366 1 : free(data1);
367 1 : }
368 :
369 : /**
370 : * Test 4: receiving a correct PSK_FINISH from the requester, but the
371 : * responder requires resynchronization with the requester.
372 : * Expected behavior: the responder accepts the request, but produces an
373 : * ERROR message indicating the NeedResynch state.
374 : **/
375 1 : static void rsp_psk_finish_rsp_case4(void **state)
376 : {
377 : libspdm_return_t status;
378 : libspdm_test_context_t *spdm_test_context;
379 : libspdm_context_t *spdm_context;
380 : size_t response_size;
381 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
382 : spdm_psk_finish_response_t *spdm_response;
383 : void *data1;
384 : size_t data_size1;
385 : uint8_t *ptr;
386 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
387 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
388 : libspdm_session_info_t *session_info;
389 : uint32_t session_id;
390 : uint32_t hash_size;
391 : uint32_t hmac_size;
392 :
393 1 : spdm_test_context = *state;
394 1 : spdm_context = spdm_test_context->spdm_context;
395 1 : spdm_test_context->case_id = 0x4;
396 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
397 : SPDM_VERSION_NUMBER_SHIFT_BIT;
398 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
399 1 : spdm_context->connection_info.connection_state =
400 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
401 1 : spdm_context->connection_info.capability.flags |=
402 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
403 1 : spdm_context->local_context.capability.flags |=
404 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
405 1 : spdm_context->connection_info.algorithm.base_hash_algo =
406 : m_libspdm_use_hash_algo;
407 1 : spdm_context->connection_info.algorithm.base_asym_algo =
408 : m_libspdm_use_asym_algo;
409 1 : spdm_context->connection_info.algorithm.measurement_spec =
410 : m_libspdm_use_measurement_spec;
411 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
412 : m_libspdm_use_measurement_hash_algo;
413 1 : spdm_context->connection_info.algorithm.dhe_named_group =
414 : m_libspdm_use_dhe_algo;
415 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
416 : m_libspdm_use_aead_algo;
417 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
418 : m_libspdm_use_asym_algo, &data1,
419 : &data_size1, NULL, NULL);
420 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
421 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
422 : data_size1;
423 :
424 1 : libspdm_reset_message_a(spdm_context);
425 :
426 1 : session_id = 0xFFFFFFFF;
427 1 : spdm_context->latest_session_id = session_id;
428 1 : spdm_context->last_spdm_request_session_id_valid = true;
429 1 : spdm_context->last_spdm_request_session_id = session_id;
430 1 : session_info = &spdm_context->session_info[0];
431 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
432 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
433 1 : libspdm_session_info_set_psk_hint(session_info,
434 : LIBSPDM_TEST_PSK_HINT_STRING,
435 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
436 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
437 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
438 1 : libspdm_secured_message_set_request_finished_key(
439 : session_info->secured_message_context, m_libspdm_dummy_buffer,
440 : hash_size);
441 1 : libspdm_secured_message_set_session_state(
442 : session_info->secured_message_context,
443 : LIBSPDM_SESSION_STATE_HANDSHAKING);
444 :
445 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
446 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
447 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
448 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
449 : /* transcript.message_a size is 0
450 : * session_transcript.message_k is 0*/
451 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
452 : sizeof(spdm_psk_finish_request_t));
453 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
454 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
455 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
456 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
457 : request_finished_key, hash_size, ptr);
458 1 : m_libspdm_psk_finish_request1_size =
459 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
460 1 : response_size = sizeof(response);
461 1 : status = libspdm_get_response_psk_finish(spdm_context,
462 : m_libspdm_psk_finish_request1_size,
463 : &m_libspdm_psk_finish_request1,
464 : &response_size, response);
465 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
466 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
467 1 : spdm_response = (void *)response;
468 1 : assert_int_equal(spdm_response->header.request_response_code,
469 : SPDM_ERROR);
470 1 : assert_int_equal(spdm_response->header.param1,
471 : SPDM_ERROR_CODE_REQUEST_RESYNCH);
472 1 : assert_int_equal(spdm_response->header.param2, 0);
473 1 : assert_int_equal(spdm_context->response_state,
474 : LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
475 1 : free(data1);
476 1 : }
477 :
478 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
479 : /**
480 : * Test 5: receiving a correct PSK_FINISH from the requester, but the
481 : * responder could not produce the response in time.
482 : * Expected behavior: the responder accepts the request, but produces an
483 : * ERROR message indicating the ResponseNotReady state.
484 : **/
485 1 : static void rsp_psk_finish_rsp_case5(void **state)
486 : {
487 : libspdm_return_t status;
488 : libspdm_test_context_t *spdm_test_context;
489 : libspdm_context_t *spdm_context;
490 : size_t response_size;
491 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
492 : spdm_psk_finish_response_t *spdm_response;
493 : void *data1;
494 : size_t data_size1;
495 : uint8_t *ptr;
496 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
497 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
498 : libspdm_session_info_t *session_info;
499 : uint32_t session_id;
500 : uint32_t hash_size;
501 : uint32_t hmac_size;
502 : spdm_error_data_response_not_ready_t *error_data;
503 :
504 1 : spdm_test_context = *state;
505 1 : spdm_context = spdm_test_context->spdm_context;
506 1 : spdm_test_context->case_id = 0x5;
507 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
508 : SPDM_VERSION_NUMBER_SHIFT_BIT;
509 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
510 1 : spdm_context->connection_info.connection_state =
511 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
512 1 : spdm_context->connection_info.capability.flags |=
513 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
514 1 : spdm_context->local_context.capability.flags |=
515 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
516 1 : spdm_context->connection_info.algorithm.base_hash_algo =
517 : m_libspdm_use_hash_algo;
518 1 : spdm_context->connection_info.algorithm.base_asym_algo =
519 : m_libspdm_use_asym_algo;
520 1 : spdm_context->connection_info.algorithm.measurement_spec =
521 : m_libspdm_use_measurement_spec;
522 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
523 : m_libspdm_use_measurement_hash_algo;
524 1 : spdm_context->connection_info.algorithm.dhe_named_group =
525 : m_libspdm_use_dhe_algo;
526 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
527 : m_libspdm_use_aead_algo;
528 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
529 : m_libspdm_use_asym_algo, &data1,
530 : &data_size1, NULL, NULL);
531 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
532 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
533 : data_size1;
534 :
535 1 : libspdm_reset_message_a(spdm_context);
536 :
537 1 : session_id = 0xFFFFFFFF;
538 1 : spdm_context->latest_session_id = session_id;
539 1 : spdm_context->last_spdm_request_session_id_valid = true;
540 1 : spdm_context->last_spdm_request_session_id = session_id;
541 1 : session_info = &spdm_context->session_info[0];
542 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
543 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
544 1 : libspdm_session_info_set_psk_hint(session_info,
545 : LIBSPDM_TEST_PSK_HINT_STRING,
546 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
547 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
548 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
549 1 : libspdm_secured_message_set_request_finished_key(
550 : session_info->secured_message_context, m_libspdm_dummy_buffer,
551 : hash_size);
552 1 : libspdm_secured_message_set_session_state(
553 : session_info->secured_message_context,
554 : LIBSPDM_SESSION_STATE_HANDSHAKING);
555 :
556 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
557 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
558 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
559 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
560 : /* transcript.message_a size is 0
561 : * session_transcript.message_k is 0*/
562 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
563 : sizeof(spdm_psk_finish_request_t));
564 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
565 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
566 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
567 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
568 : request_finished_key, hash_size, ptr);
569 1 : m_libspdm_psk_finish_request1_size =
570 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
571 1 : response_size = sizeof(response);
572 1 : status = libspdm_get_response_psk_finish(spdm_context,
573 : m_libspdm_psk_finish_request1_size,
574 : &m_libspdm_psk_finish_request1,
575 : &response_size, response);
576 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
577 1 : assert_int_equal(response_size,
578 : sizeof(spdm_error_response_t) +
579 : sizeof(spdm_error_data_response_not_ready_t));
580 1 : spdm_response = (void *)response;
581 1 : error_data =
582 : (spdm_error_data_response_not_ready_t *)(spdm_response + 1);
583 1 : assert_int_equal(spdm_response->header.request_response_code,
584 : SPDM_ERROR);
585 1 : assert_int_equal(spdm_response->header.param1,
586 : SPDM_ERROR_CODE_RESPONSE_NOT_READY);
587 1 : assert_int_equal(spdm_response->header.param2, 0);
588 1 : assert_int_equal(spdm_context->response_state,
589 : LIBSPDM_RESPONSE_STATE_NOT_READY);
590 1 : assert_int_equal(error_data->request_code, SPDM_PSK_FINISH);
591 1 : free(data1);
592 1 : }
593 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
594 :
595 : /**
596 : * Test 6: receiving a correct PSK_FINISH from the requester, but the
597 : * responder is not set no receive a PSK-FINISH message because previous
598 : * messages (namely, GET_CAPABILITIES, NEGOTIATE_ALGORITHMS or
599 : * GET_DIGESTS) have not been received.
600 : * Expected behavior: the responder rejects the request, and produces an
601 : * ERROR message indicating the UnexpectedRequest.
602 : **/
603 1 : static void rsp_psk_finish_rsp_case6(void **state)
604 : {
605 : libspdm_return_t status;
606 : libspdm_test_context_t *spdm_test_context;
607 : libspdm_context_t *spdm_context;
608 : size_t response_size;
609 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
610 : spdm_psk_finish_response_t *spdm_response;
611 : void *data1;
612 : size_t data_size1;
613 : uint8_t *ptr;
614 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
615 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
616 : libspdm_session_info_t *session_info;
617 : uint32_t session_id;
618 : uint32_t hash_size;
619 : uint32_t hmac_size;
620 :
621 1 : spdm_test_context = *state;
622 1 : spdm_context = spdm_test_context->spdm_context;
623 1 : spdm_test_context->case_id = 0x6;
624 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
625 : SPDM_VERSION_NUMBER_SHIFT_BIT;
626 1 : spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
627 1 : spdm_context->connection_info.connection_state =
628 : LIBSPDM_CONNECTION_STATE_NOT_STARTED;
629 1 : spdm_context->connection_info.capability.flags |=
630 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
631 1 : spdm_context->local_context.capability.flags |=
632 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
633 1 : spdm_context->connection_info.algorithm.base_hash_algo =
634 : m_libspdm_use_hash_algo;
635 1 : spdm_context->connection_info.algorithm.base_asym_algo =
636 : m_libspdm_use_asym_algo;
637 1 : spdm_context->connection_info.algorithm.measurement_spec =
638 : m_libspdm_use_measurement_spec;
639 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
640 : m_libspdm_use_measurement_hash_algo;
641 1 : spdm_context->connection_info.algorithm.dhe_named_group =
642 : m_libspdm_use_dhe_algo;
643 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
644 : m_libspdm_use_aead_algo;
645 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
646 : m_libspdm_use_asym_algo, &data1,
647 : &data_size1, NULL, NULL);
648 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
649 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
650 : data_size1;
651 :
652 1 : libspdm_reset_message_a(spdm_context);
653 :
654 1 : session_id = 0xFFFFFFFF;
655 1 : spdm_context->latest_session_id = session_id;
656 1 : spdm_context->last_spdm_request_session_id_valid = true;
657 1 : spdm_context->last_spdm_request_session_id = session_id;
658 1 : session_info = &spdm_context->session_info[0];
659 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
660 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
661 1 : libspdm_session_info_set_psk_hint(session_info,
662 : LIBSPDM_TEST_PSK_HINT_STRING,
663 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
664 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
665 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
666 1 : libspdm_secured_message_set_request_finished_key(
667 : session_info->secured_message_context, m_libspdm_dummy_buffer,
668 : hash_size);
669 1 : libspdm_secured_message_set_session_state(
670 : session_info->secured_message_context,
671 : LIBSPDM_SESSION_STATE_HANDSHAKING);
672 :
673 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
674 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
675 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
676 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
677 : /* transcript.message_a size is 0
678 : * session_transcript.message_k is 0*/
679 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
680 : sizeof(spdm_psk_finish_request_t));
681 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
682 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
683 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
684 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
685 : request_finished_key, hash_size, ptr);
686 1 : m_libspdm_psk_finish_request1_size =
687 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
688 1 : response_size = sizeof(response);
689 1 : status = libspdm_get_response_psk_finish(spdm_context,
690 : m_libspdm_psk_finish_request1_size,
691 : &m_libspdm_psk_finish_request1,
692 : &response_size, response);
693 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
694 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
695 1 : spdm_response = (void *)response;
696 1 : assert_int_equal(spdm_response->header.request_response_code,
697 : SPDM_ERROR);
698 1 : assert_int_equal(spdm_response->header.param1,
699 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
700 1 : assert_int_equal(spdm_response->header.param2, 0);
701 1 : free(data1);
702 1 : }
703 :
704 1 : static void rsp_psk_finish_rsp_case7(void **state)
705 : {
706 : libspdm_return_t status;
707 : libspdm_test_context_t *spdm_test_context;
708 : libspdm_context_t *spdm_context;
709 : size_t response_size;
710 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
711 : spdm_psk_finish_response_t *spdm_response;
712 : void *data1;
713 : size_t data_size1;
714 : uint8_t *ptr;
715 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
716 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
717 : libspdm_session_info_t *session_info;
718 : uint32_t session_id;
719 : uint32_t hash_size;
720 : uint32_t hmac_size;
721 :
722 1 : spdm_test_context = *state;
723 1 : spdm_context = spdm_test_context->spdm_context;
724 1 : spdm_test_context->case_id = 0x7;
725 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
726 : SPDM_VERSION_NUMBER_SHIFT_BIT;
727 1 : spdm_context->connection_info.connection_state =
728 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
729 1 : spdm_context->connection_info.capability.flags |=
730 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
731 1 : spdm_context->local_context.capability.flags |=
732 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
733 1 : spdm_context->connection_info.algorithm.base_hash_algo =
734 : m_libspdm_use_hash_algo;
735 1 : spdm_context->connection_info.algorithm.base_asym_algo =
736 : m_libspdm_use_asym_algo;
737 1 : spdm_context->connection_info.algorithm.measurement_spec =
738 : m_libspdm_use_measurement_spec;
739 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
740 : m_libspdm_use_measurement_hash_algo;
741 1 : spdm_context->connection_info.algorithm.dhe_named_group =
742 : m_libspdm_use_dhe_algo;
743 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
744 : m_libspdm_use_aead_algo;
745 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
746 : m_libspdm_use_asym_algo, &data1,
747 : &data_size1, NULL, NULL);
748 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
749 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
750 : data_size1;
751 :
752 1 : libspdm_reset_message_a(spdm_context);
753 :
754 1 : session_id = 0xFFFFFFFF;
755 1 : spdm_context->latest_session_id = session_id;
756 1 : spdm_context->last_spdm_request_session_id_valid = true;
757 1 : spdm_context->last_spdm_request_session_id = session_id;
758 1 : session_info = &spdm_context->session_info[0];
759 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
760 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
761 1 : libspdm_session_info_set_psk_hint(session_info,
762 : LIBSPDM_TEST_PSK_HINT_STRING,
763 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
764 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
765 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
766 1 : libspdm_secured_message_set_request_finished_key(
767 : session_info->secured_message_context, m_libspdm_dummy_buffer,
768 : hash_size);
769 1 : libspdm_secured_message_set_session_state(
770 : session_info->secured_message_context,
771 : LIBSPDM_SESSION_STATE_HANDSHAKING);
772 :
773 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
774 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
775 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
776 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
777 : /* transcript.message_a size is 0
778 : * session_transcript.message_k is 0*/
779 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
780 : sizeof(spdm_psk_finish_request_t));
781 :
782 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
783 : session_info->session_transcript.message_m.buffer_size =
784 : session_info->session_transcript.message_m.max_buffer_size;
785 : spdm_context->transcript.message_b.buffer_size =
786 : spdm_context->transcript.message_b.max_buffer_size;
787 : spdm_context->transcript.message_c.buffer_size =
788 : spdm_context->transcript.message_c.max_buffer_size;
789 : spdm_context->transcript.message_mut_b.buffer_size =
790 : spdm_context->transcript.message_mut_b.max_buffer_size;
791 : spdm_context->transcript.message_mut_c.buffer_size =
792 : spdm_context->transcript.message_mut_c.max_buffer_size;
793 : #endif
794 :
795 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
796 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
797 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
798 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
799 : request_finished_key, hash_size, ptr);
800 1 : m_libspdm_psk_finish_request1_size =
801 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
802 1 : response_size = sizeof(response);
803 1 : status = libspdm_get_response_psk_finish(spdm_context,
804 : m_libspdm_psk_finish_request1_size,
805 : &m_libspdm_psk_finish_request1,
806 : &response_size, response);
807 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
808 1 : assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
809 1 : spdm_response = (void *)response;
810 1 : assert_int_equal(spdm_response->header.request_response_code,
811 : SPDM_PSK_FINISH_RSP);
812 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
813 : assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
814 : assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
815 : assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
816 : assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
817 : assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
818 : #endif
819 :
820 1 : free(data1);
821 1 : }
822 :
823 : /**
824 : * Test 8: receiving a correct PSK_FINISH message from the requester, but
825 : * the responder has no capabilities for pre-shared keys.
826 : * Expected behavior: the responder refuses the PSK_FINISH message and
827 : * produces an ERROR message indicating the UnsupportedRequest.
828 : **/
829 1 : static void rsp_psk_finish_rsp_case8(void **state)
830 : {
831 : libspdm_return_t status;
832 : libspdm_test_context_t *spdm_test_context;
833 : libspdm_context_t *spdm_context;
834 : size_t response_size;
835 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
836 : spdm_psk_finish_response_t *spdm_response;
837 : void *data1;
838 : size_t data_size1;
839 : uint8_t *ptr;
840 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
841 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
842 : libspdm_session_info_t *session_info;
843 : uint32_t session_id;
844 : uint32_t hash_size;
845 : uint32_t hmac_size;
846 :
847 1 : spdm_test_context = *state;
848 1 : spdm_context = spdm_test_context->spdm_context;
849 1 : spdm_test_context->case_id = 0x8;
850 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
851 : SPDM_VERSION_NUMBER_SHIFT_BIT;
852 1 : spdm_context->connection_info.connection_state =
853 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
854 1 : spdm_context->connection_info.capability.flags &=
855 : ~(SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP);
856 1 : spdm_context->local_context.capability.flags &=
857 : ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP);
858 1 : spdm_context->connection_info.algorithm.base_hash_algo =
859 : m_libspdm_use_hash_algo;
860 1 : spdm_context->connection_info.algorithm.base_asym_algo =
861 : m_libspdm_use_asym_algo;
862 1 : spdm_context->connection_info.algorithm.measurement_spec =
863 : m_libspdm_use_measurement_spec;
864 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
865 : m_libspdm_use_measurement_hash_algo;
866 1 : spdm_context->connection_info.algorithm.dhe_named_group =
867 : m_libspdm_use_dhe_algo;
868 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
869 : m_libspdm_use_aead_algo;
870 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
871 : m_libspdm_use_asym_algo, &data1,
872 : &data_size1, NULL, NULL);
873 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
874 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
875 : data_size1;
876 :
877 1 : spdm_context->transcript.message_a.buffer_size = 0;
878 :
879 1 : session_id = 0xFFFFFFFF;
880 1 : spdm_context->latest_session_id = session_id;
881 1 : spdm_context->last_spdm_request_session_id_valid = true;
882 1 : spdm_context->last_spdm_request_session_id = session_id;
883 1 : session_info = &spdm_context->session_info[0];
884 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
885 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
886 1 : libspdm_session_info_set_psk_hint(session_info,
887 : LIBSPDM_TEST_PSK_HINT_STRING,
888 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
889 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
890 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
891 1 : libspdm_secured_message_set_request_finished_key(
892 : session_info->secured_message_context, m_libspdm_dummy_buffer,
893 : hash_size);
894 1 : libspdm_secured_message_set_session_state(
895 : session_info->secured_message_context,
896 : LIBSPDM_SESSION_STATE_HANDSHAKING);
897 :
898 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
899 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
900 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
901 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
902 : /* transcript.message_a size is 0
903 : * session_transcript.message_k is 0*/
904 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
905 : sizeof(spdm_psk_finish_request_t));
906 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
907 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
908 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
909 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
910 : request_finished_key, hash_size, ptr);
911 1 : m_libspdm_psk_finish_request1_size =
912 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
913 1 : response_size = sizeof(response);
914 1 : status = libspdm_get_response_psk_finish(spdm_context,
915 : m_libspdm_psk_finish_request1_size,
916 : &m_libspdm_psk_finish_request1,
917 : &response_size, response);
918 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
919 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
920 1 : spdm_response = (void *)response;
921 1 : assert_int_equal(spdm_response->header.request_response_code,
922 : SPDM_ERROR);
923 1 : assert_int_equal(spdm_response->header.param1,
924 : SPDM_ERROR_CODE_UNSUPPORTED_REQUEST);
925 1 : assert_int_equal(spdm_response->header.param2, SPDM_PSK_FINISH);
926 1 : free(data1);
927 1 : }
928 :
929 : /**
930 : * Test 9: receiving a correct PSK_FINISH message from the requester, but
931 : * the responder is not correctly setup by not initializing a session during
932 : * PSK_EXCHANGE.
933 : * Expected behavior: the responder refuses the PSK_FINISH message and
934 : * produces an ERROR message indicating the InvalidRequest.
935 : **/
936 1 : static void rsp_psk_finish_rsp_case9(void **state)
937 : {
938 : libspdm_return_t status;
939 : libspdm_test_context_t *spdm_test_context;
940 : libspdm_context_t *spdm_context;
941 : size_t response_size;
942 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
943 : spdm_psk_finish_response_t *spdm_response;
944 : void *data1;
945 : size_t data_size1;
946 : uint8_t *ptr;
947 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
948 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
949 : libspdm_session_info_t *session_info;
950 : uint32_t session_id;
951 : uint32_t hash_size;
952 : uint32_t hmac_size;
953 :
954 1 : spdm_test_context = *state;
955 1 : spdm_context = spdm_test_context->spdm_context;
956 1 : spdm_test_context->case_id = 0x9;
957 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
958 : SPDM_VERSION_NUMBER_SHIFT_BIT;
959 1 : spdm_context->connection_info.connection_state =
960 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
961 1 : spdm_context->connection_info.capability.flags |=
962 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
963 1 : spdm_context->local_context.capability.flags |=
964 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
965 1 : spdm_context->connection_info.algorithm.base_hash_algo =
966 : m_libspdm_use_hash_algo;
967 1 : spdm_context->connection_info.algorithm.base_asym_algo =
968 : m_libspdm_use_asym_algo;
969 1 : spdm_context->connection_info.algorithm.measurement_spec =
970 : m_libspdm_use_measurement_spec;
971 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
972 : m_libspdm_use_measurement_hash_algo;
973 1 : spdm_context->connection_info.algorithm.dhe_named_group =
974 : m_libspdm_use_dhe_algo;
975 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
976 : m_libspdm_use_aead_algo;
977 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
978 : m_libspdm_use_asym_algo, &data1,
979 : &data_size1, NULL, NULL);
980 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
981 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
982 : data_size1;
983 :
984 1 : spdm_context->transcript.message_a.buffer_size = 0;
985 :
986 1 : session_id = 0xFFFFFFFF;
987 1 : spdm_context->latest_session_id = session_id;
988 1 : spdm_context->last_spdm_request_session_id_valid = true;
989 1 : spdm_context->last_spdm_request_session_id = session_id;
990 1 : session_info = &spdm_context->session_info[0];
991 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
992 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
993 1 : libspdm_session_info_set_psk_hint(session_info,
994 : LIBSPDM_TEST_PSK_HINT_STRING,
995 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
996 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
997 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
998 1 : libspdm_secured_message_set_request_finished_key(
999 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1000 : hash_size);
1001 1 : libspdm_secured_message_set_session_state(
1002 : session_info->secured_message_context,
1003 : LIBSPDM_SESSION_STATE_NOT_STARTED);
1004 :
1005 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1006 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1007 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1008 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1009 : /* transcript.message_a size is 0
1010 : * session_transcript.message_k is 0*/
1011 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
1012 : sizeof(spdm_psk_finish_request_t));
1013 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1014 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1015 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1016 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1017 : request_finished_key, hash_size, ptr);
1018 1 : m_libspdm_psk_finish_request1_size =
1019 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
1020 1 : response_size = sizeof(response);
1021 1 : status = libspdm_get_response_psk_finish(spdm_context,
1022 : m_libspdm_psk_finish_request1_size,
1023 : &m_libspdm_psk_finish_request1,
1024 : &response_size, response);
1025 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1026 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1027 1 : spdm_response = (void *)response;
1028 1 : assert_int_equal(spdm_response->header.request_response_code,
1029 : SPDM_ERROR);
1030 1 : assert_int_equal(spdm_response->header.param1,
1031 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
1032 1 : assert_int_equal(spdm_response->header.param2, 0);
1033 1 : free(data1);
1034 1 : }
1035 :
1036 : /**
1037 : * Test 10: receiving a PSK_FINISH message from the requester with an
1038 : * incorrect MAC (all-zero).
1039 : * Expected behavior: the responder refuses the PSK_FINISH message and
1040 : * produces an ERROR message indicating the DecryptError.
1041 : **/
1042 1 : static void rsp_psk_finish_rsp_case10(void **state)
1043 : {
1044 : libspdm_return_t status;
1045 : libspdm_test_context_t *spdm_test_context;
1046 : libspdm_context_t *spdm_context;
1047 : size_t response_size;
1048 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1049 : spdm_psk_finish_response_t *spdm_response;
1050 : void *data1;
1051 : size_t data_size1;
1052 : uint8_t *ptr;
1053 : libspdm_session_info_t *session_info;
1054 : uint32_t session_id;
1055 : uint32_t hash_size;
1056 : uint32_t hmac_size;
1057 :
1058 1 : spdm_test_context = *state;
1059 1 : spdm_context = spdm_test_context->spdm_context;
1060 1 : spdm_test_context->case_id = 0xA;
1061 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1062 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1063 1 : spdm_context->connection_info.connection_state =
1064 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1065 1 : spdm_context->connection_info.capability.flags |=
1066 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1067 1 : spdm_context->local_context.capability.flags |=
1068 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1069 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1070 : m_libspdm_use_hash_algo;
1071 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1072 : m_libspdm_use_asym_algo;
1073 1 : spdm_context->connection_info.algorithm.measurement_spec =
1074 : m_libspdm_use_measurement_spec;
1075 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1076 : m_libspdm_use_measurement_hash_algo;
1077 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1078 : m_libspdm_use_dhe_algo;
1079 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1080 : m_libspdm_use_aead_algo;
1081 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1082 : m_libspdm_use_asym_algo, &data1,
1083 : &data_size1, NULL, NULL);
1084 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1085 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1086 : data_size1;
1087 :
1088 1 : spdm_context->transcript.message_a.buffer_size = 0;
1089 :
1090 1 : session_id = 0xFFFFFFFF;
1091 1 : spdm_context->latest_session_id = session_id;
1092 1 : spdm_context->last_spdm_request_session_id_valid = true;
1093 1 : spdm_context->last_spdm_request_session_id = session_id;
1094 1 : session_info = &spdm_context->session_info[0];
1095 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1096 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1097 1 : libspdm_session_info_set_psk_hint(session_info,
1098 : LIBSPDM_TEST_PSK_HINT_STRING,
1099 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1100 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1101 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1102 1 : libspdm_secured_message_set_request_finished_key(
1103 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1104 : hash_size);
1105 1 : libspdm_secured_message_set_session_state(
1106 : session_info->secured_message_context,
1107 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1108 :
1109 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1110 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1111 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1112 1 : libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
1113 1 : m_libspdm_psk_finish_request1_size =
1114 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
1115 1 : response_size = sizeof(response);
1116 1 : status = libspdm_get_response_psk_finish(spdm_context,
1117 : m_libspdm_psk_finish_request1_size,
1118 : &m_libspdm_psk_finish_request1,
1119 : &response_size, response);
1120 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1121 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1122 1 : spdm_response = (void *)response;
1123 1 : assert_int_equal(spdm_response->header.request_response_code,
1124 : SPDM_ERROR);
1125 1 : assert_int_equal(spdm_response->header.param1,
1126 : SPDM_ERROR_CODE_DECRYPT_ERROR);
1127 1 : assert_int_equal(spdm_response->header.param2, 0);
1128 1 : free(data1);
1129 1 : }
1130 :
1131 : /**
1132 : * Test 11: receiving a PSK_FINISH message from the requester with an
1133 : * incorrect MAC (arbitrary).
1134 : * Expected behavior: the responder refuses the PSK_FINISH message and
1135 : * produces an ERROR message indicating the DecryptError.
1136 : **/
1137 1 : static void rsp_psk_finish_rsp_case11(void **state)
1138 : {
1139 : libspdm_return_t status;
1140 : libspdm_test_context_t *spdm_test_context;
1141 : libspdm_context_t *spdm_context;
1142 : size_t response_size;
1143 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1144 : spdm_psk_finish_response_t *spdm_response;
1145 : void *data1;
1146 : size_t data_size1;
1147 : uint8_t *ptr;
1148 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
1149 : uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
1150 : libspdm_session_info_t *session_info;
1151 : uint32_t session_id;
1152 : uint32_t hash_size;
1153 : uint32_t hmac_size;
1154 :
1155 1 : spdm_test_context = *state;
1156 1 : spdm_context = spdm_test_context->spdm_context;
1157 1 : spdm_test_context->case_id = 0xB;
1158 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1159 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1160 1 : spdm_context->connection_info.connection_state =
1161 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1162 1 : spdm_context->connection_info.capability.flags |=
1163 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1164 1 : spdm_context->local_context.capability.flags |=
1165 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1166 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1167 : m_libspdm_use_hash_algo;
1168 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1169 : m_libspdm_use_asym_algo;
1170 1 : spdm_context->connection_info.algorithm.measurement_spec =
1171 : m_libspdm_use_measurement_spec;
1172 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1173 : m_libspdm_use_measurement_hash_algo;
1174 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1175 : m_libspdm_use_dhe_algo;
1176 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1177 : m_libspdm_use_aead_algo;
1178 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1179 : m_libspdm_use_asym_algo, &data1,
1180 : &data_size1, NULL, NULL);
1181 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1182 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1183 : data_size1;
1184 :
1185 1 : spdm_context->transcript.message_a.buffer_size = 0;
1186 :
1187 1 : session_id = 0xFFFFFFFF;
1188 1 : spdm_context->latest_session_id = session_id;
1189 1 : spdm_context->last_spdm_request_session_id_valid = true;
1190 1 : spdm_context->last_spdm_request_session_id = session_id;
1191 1 : session_info = &spdm_context->session_info[0];
1192 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1193 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1194 1 : libspdm_session_info_set_psk_hint(session_info,
1195 : LIBSPDM_TEST_PSK_HINT_STRING,
1196 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1197 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1198 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1199 1 : libspdm_secured_message_set_request_finished_key(
1200 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1201 : hash_size);
1202 1 : libspdm_secured_message_set_session_state(
1203 : session_info->secured_message_context,
1204 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1205 :
1206 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1207 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1208 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1209 : /*arbitrary MAC*/
1210 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1211 1 : libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
1212 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
1213 : request_finished_key, hash_size, ptr);
1214 1 : m_libspdm_psk_finish_request1_size =
1215 1 : sizeof(spdm_psk_finish_request_t) + hmac_size;
1216 1 : response_size = sizeof(response);
1217 1 : status = libspdm_get_response_psk_finish(spdm_context,
1218 : m_libspdm_psk_finish_request1_size,
1219 : &m_libspdm_psk_finish_request1,
1220 : &response_size, response);
1221 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1222 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1223 1 : spdm_response = (void *)response;
1224 1 : assert_int_equal(spdm_response->header.request_response_code,
1225 : SPDM_ERROR);
1226 1 : assert_int_equal(spdm_response->header.param1,
1227 : SPDM_ERROR_CODE_DECRYPT_ERROR);
1228 1 : assert_int_equal(spdm_response->header.param2, 0);
1229 1 : free(data1);
1230 1 : }
1231 :
1232 : /**
1233 : * Test 12: receiving a PSK_FINISH message from the requester with an
1234 : * incorrect MAC size (a correct MAC repeated twice).
1235 : * Expected behavior: the responder refuses the PSK_FINISH message and
1236 : * produces an ERROR message indicating the InvalidRequest.
1237 : **/
1238 1 : static void rsp_psk_finish_rsp_case12(void **state)
1239 : {
1240 : libspdm_return_t status;
1241 : libspdm_test_context_t *spdm_test_context;
1242 : libspdm_context_t *spdm_context;
1243 : size_t response_size;
1244 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1245 : spdm_psk_finish_response_t *spdm_response;
1246 : void *data1;
1247 : size_t data_size1;
1248 : uint8_t *ptr;
1249 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1250 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
1251 : libspdm_session_info_t *session_info;
1252 : uint32_t session_id;
1253 : uint32_t hash_size;
1254 : uint32_t hmac_size;
1255 :
1256 1 : spdm_test_context = *state;
1257 1 : spdm_context = spdm_test_context->spdm_context;
1258 1 : spdm_test_context->case_id = 0xC;
1259 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1260 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1261 1 : spdm_context->connection_info.connection_state =
1262 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1263 1 : spdm_context->connection_info.capability.flags |=
1264 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1265 1 : spdm_context->local_context.capability.flags |=
1266 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1267 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1268 : m_libspdm_use_hash_algo;
1269 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1270 : m_libspdm_use_asym_algo;
1271 1 : spdm_context->connection_info.algorithm.measurement_spec =
1272 : m_libspdm_use_measurement_spec;
1273 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1274 : m_libspdm_use_measurement_hash_algo;
1275 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1276 : m_libspdm_use_dhe_algo;
1277 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1278 : m_libspdm_use_aead_algo;
1279 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1280 : m_libspdm_use_asym_algo, &data1,
1281 : &data_size1, NULL, NULL);
1282 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1283 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1284 : data_size1;
1285 :
1286 1 : spdm_context->transcript.message_a.buffer_size = 0;
1287 :
1288 1 : session_id = 0xFFFFFFFF;
1289 1 : spdm_context->latest_session_id = session_id;
1290 1 : spdm_context->last_spdm_request_session_id_valid = true;
1291 1 : spdm_context->last_spdm_request_session_id = session_id;
1292 1 : session_info = &spdm_context->session_info[0];
1293 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1294 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1295 1 : libspdm_session_info_set_psk_hint(session_info,
1296 : LIBSPDM_TEST_PSK_HINT_STRING,
1297 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1298 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1299 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1300 1 : libspdm_secured_message_set_request_finished_key(
1301 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1302 : hash_size);
1303 1 : libspdm_secured_message_set_session_state(
1304 : session_info->secured_message_context,
1305 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1306 :
1307 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1308 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1309 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1310 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1311 : /* transcript.message_a size is 0
1312 : * session_transcript.message_k is 0*/
1313 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
1314 : sizeof(spdm_psk_finish_request_t));
1315 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1316 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1317 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1318 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1319 : request_finished_key, hash_size, ptr);
1320 1 : libspdm_copy_mem(ptr, sizeof(m_libspdm_psk_finish_request1.verify_data),
1321 1 : ptr + hmac_size, hmac_size); /* 2x HMAC size*/
1322 1 : m_libspdm_psk_finish_request1_size =
1323 1 : sizeof(spdm_psk_finish_request_t) + 2*hmac_size;
1324 1 : response_size = sizeof(response);
1325 1 : status = libspdm_get_response_psk_finish(spdm_context,
1326 : m_libspdm_psk_finish_request1_size,
1327 : &m_libspdm_psk_finish_request1,
1328 : &response_size, response);
1329 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1330 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1331 1 : spdm_response = (void *)response;
1332 1 : assert_int_equal(spdm_response->header.request_response_code,
1333 : SPDM_ERROR);
1334 1 : assert_int_equal(spdm_response->header.param1,
1335 : SPDM_ERROR_CODE_INVALID_REQUEST);
1336 1 : assert_int_equal(spdm_response->header.param2, 0);
1337 1 : free(data1);
1338 1 : }
1339 :
1340 : /**
1341 : * Test 13: receiving a PSK_FINISH message from the requester with an
1342 : * incorrect MAC size (only the correct first half of the MAC).
1343 : * Expected behavior: the responder refuses the PSK_FINISH message and
1344 : * produces an ERROR message indicating the InvalidRequest.
1345 : **/
1346 1 : static void rsp_psk_finish_rsp_case13(void **state)
1347 : {
1348 : libspdm_return_t status;
1349 : libspdm_test_context_t *spdm_test_context;
1350 : libspdm_context_t *spdm_context;
1351 : size_t response_size;
1352 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1353 : spdm_psk_finish_response_t *spdm_response;
1354 : void *data1;
1355 : size_t data_size1;
1356 : uint8_t *ptr;
1357 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1358 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
1359 : libspdm_session_info_t *session_info;
1360 : uint32_t session_id;
1361 : uint32_t hash_size;
1362 : uint32_t hmac_size;
1363 :
1364 1 : spdm_test_context = *state;
1365 1 : spdm_context = spdm_test_context->spdm_context;
1366 1 : spdm_test_context->case_id = 0xD;
1367 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1368 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1369 1 : spdm_context->connection_info.connection_state =
1370 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1371 1 : spdm_context->connection_info.capability.flags |=
1372 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1373 1 : spdm_context->local_context.capability.flags |=
1374 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1375 1 : spdm_context->connection_info.algorithm.base_hash_algo =
1376 : m_libspdm_use_hash_algo;
1377 1 : spdm_context->connection_info.algorithm.base_asym_algo =
1378 : m_libspdm_use_asym_algo;
1379 1 : spdm_context->connection_info.algorithm.measurement_spec =
1380 : m_libspdm_use_measurement_spec;
1381 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1382 : m_libspdm_use_measurement_hash_algo;
1383 1 : spdm_context->connection_info.algorithm.dhe_named_group =
1384 : m_libspdm_use_dhe_algo;
1385 1 : spdm_context->connection_info.algorithm.aead_cipher_suite =
1386 : m_libspdm_use_aead_algo;
1387 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1388 : m_libspdm_use_asym_algo, &data1,
1389 : &data_size1, NULL, NULL);
1390 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1391 1 : spdm_context->local_context.local_cert_chain_provision_size[0] =
1392 : data_size1;
1393 :
1394 1 : spdm_context->transcript.message_a.buffer_size = 0;
1395 :
1396 1 : session_id = 0xFFFFFFFF;
1397 1 : spdm_context->latest_session_id = session_id;
1398 1 : spdm_context->last_spdm_request_session_id_valid = true;
1399 1 : spdm_context->last_spdm_request_session_id = session_id;
1400 1 : session_info = &spdm_context->session_info[0];
1401 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1402 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1403 1 : libspdm_session_info_set_psk_hint(session_info,
1404 : LIBSPDM_TEST_PSK_HINT_STRING,
1405 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1406 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1407 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1408 1 : libspdm_secured_message_set_request_finished_key(
1409 : session_info->secured_message_context, m_libspdm_dummy_buffer,
1410 : hash_size);
1411 1 : libspdm_secured_message_set_session_state(
1412 : session_info->secured_message_context,
1413 : LIBSPDM_SESSION_STATE_HANDSHAKING);
1414 :
1415 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1416 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1417 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1418 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1419 : /* transcript.message_a size is 0
1420 : * session_transcript.message_k is 0*/
1421 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
1422 : sizeof(spdm_psk_finish_request_t));
1423 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1424 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1425 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1426 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1427 : request_finished_key, hash_size, ptr);
1428 1 : libspdm_set_mem(ptr + hmac_size/2, hmac_size/2, (uint8_t) 0x00); /* half HMAC size*/
1429 1 : m_libspdm_psk_finish_request1_size =
1430 1 : sizeof(spdm_psk_finish_request_t) + hmac_size/2;
1431 1 : response_size = sizeof(response);
1432 1 : status = libspdm_get_response_psk_finish(spdm_context,
1433 : m_libspdm_psk_finish_request1_size,
1434 : &m_libspdm_psk_finish_request1,
1435 : &response_size, response);
1436 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1437 1 : assert_int_equal(response_size, sizeof(spdm_error_response_t));
1438 1 : spdm_response = (void *)response;
1439 1 : assert_int_equal(spdm_response->header.request_response_code,
1440 : SPDM_ERROR);
1441 1 : assert_int_equal(spdm_response->header.param1,
1442 : SPDM_ERROR_CODE_INVALID_REQUEST);
1443 1 : assert_int_equal(spdm_response->header.param2, 0);
1444 1 : free(data1);
1445 1 : }
1446 :
1447 : /**
1448 : * Test 14: receiving a correct PSK_FINISH from the requester.
1449 : * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
1450 : * response message, and buffer F receives the exchanged PSK_FINISH and PSK_FINISH_RSP messages.
1451 : **/
1452 1 : static void rsp_psk_finish_rsp_case14(void **state)
1453 : {
1454 : libspdm_return_t status;
1455 : libspdm_test_context_t *spdm_test_context;
1456 : libspdm_context_t *spdm_context;
1457 : size_t response_size;
1458 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1459 : spdm_psk_finish_response_t *spdm_response;
1460 : void *data1;
1461 : size_t data_size1;
1462 : uint8_t *ptr;
1463 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1464 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
1465 : libspdm_session_info_t *session_info;
1466 : uint32_t session_id;
1467 : uint32_t hash_size;
1468 : uint32_t hmac_size;
1469 :
1470 1 : spdm_test_context = *state;
1471 1 : spdm_context = spdm_test_context->spdm_context;
1472 1 : spdm_test_context->case_id = 0xE;
1473 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
1474 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1475 1 : spdm_context->connection_info.connection_state =
1476 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1477 1 : spdm_context->connection_info.capability.flags |=
1478 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1479 1 : spdm_context->local_context.capability.flags |=
1480 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1481 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1482 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1483 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1484 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1485 : m_libspdm_use_measurement_hash_algo;
1486 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1487 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1488 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1489 : m_libspdm_use_asym_algo, &data1,
1490 : &data_size1, NULL, NULL);
1491 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1492 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1493 :
1494 1 : libspdm_reset_message_a(spdm_context);
1495 :
1496 1 : session_id = 0xFFFFFFFF;
1497 1 : spdm_context->latest_session_id = session_id;
1498 1 : spdm_context->last_spdm_request_session_id_valid = true;
1499 1 : spdm_context->last_spdm_request_session_id = session_id;
1500 1 : session_info = &spdm_context->session_info[0];
1501 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1502 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1503 1 : libspdm_session_info_set_psk_hint(session_info,
1504 : LIBSPDM_TEST_PSK_HINT_STRING,
1505 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1506 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1507 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1508 1 : libspdm_secured_message_set_request_finished_key(
1509 : session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
1510 1 : libspdm_secured_message_set_session_state(
1511 : session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
1512 :
1513 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1514 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1515 1 : ptr = m_libspdm_psk_finish_request1.verify_data;
1516 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1517 : /* transcript.message_a size is 0
1518 : * session_transcript.message_k is 0*/
1519 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
1520 : sizeof(spdm_psk_finish_request_t));
1521 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1522 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1523 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1524 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1525 : request_finished_key, hash_size, ptr);
1526 1 : m_libspdm_psk_finish_request1_size = sizeof(spdm_psk_finish_request_t) + hmac_size;
1527 1 : response_size = sizeof(response);
1528 1 : status = libspdm_get_response_psk_finish(
1529 : spdm_context, m_libspdm_psk_finish_request1_size, &m_libspdm_psk_finish_request1,
1530 : &response_size, response);
1531 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1532 1 : assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
1533 1 : spdm_response = (void *)response;
1534 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
1535 :
1536 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1537 : assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
1538 : m_libspdm_psk_finish_request1_size + response_size);
1539 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
1540 : &m_libspdm_psk_finish_request1, m_libspdm_psk_finish_request1_size);
1541 : assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer +
1542 : m_libspdm_psk_finish_request1_size, response, response_size);
1543 : #endif
1544 :
1545 1 : free(data1);
1546 1 : }
1547 :
1548 : /**
1549 : * Test 15: SPDM version 1.4, with OpaqueData.
1550 : * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
1551 : * response message.
1552 : **/
1553 1 : static void rsp_psk_finish_rsp_case15(void **state)
1554 : {
1555 : libspdm_return_t status;
1556 : libspdm_test_context_t *spdm_test_context;
1557 : libspdm_context_t *spdm_context;
1558 : size_t response_size;
1559 : uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
1560 : spdm_psk_finish_response_t *spdm_response;
1561 : void *data1;
1562 : size_t data_size1;
1563 : uint8_t *ptr;
1564 : uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
1565 : uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
1566 : libspdm_session_info_t *session_info;
1567 : uint32_t session_id;
1568 : uint32_t hash_size;
1569 : uint32_t hmac_size;
1570 :
1571 1 : spdm_test_context = *state;
1572 1 : spdm_context = spdm_test_context->spdm_context;
1573 1 : spdm_test_context->case_id = 0xF;
1574 1 : spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
1575 : SPDM_VERSION_NUMBER_SHIFT_BIT;
1576 1 : spdm_context->connection_info.connection_state =
1577 : LIBSPDM_CONNECTION_STATE_NEGOTIATED;
1578 1 : spdm_context->connection_info.capability.flags |=
1579 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
1580 1 : spdm_context->local_context.capability.flags |=
1581 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
1582 1 : spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
1583 1 : spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
1584 1 : spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
1585 1 : spdm_context->connection_info.algorithm.measurement_hash_algo =
1586 : m_libspdm_use_measurement_hash_algo;
1587 1 : spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
1588 1 : spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
1589 1 : libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
1590 : m_libspdm_use_asym_algo, &data1,
1591 : &data_size1, NULL, NULL);
1592 1 : spdm_context->local_context.local_cert_chain_provision[0] = data1;
1593 1 : spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
1594 :
1595 1 : libspdm_reset_message_a(spdm_context);
1596 :
1597 1 : session_id = 0xFFFFFFFF;
1598 1 : spdm_context->latest_session_id = session_id;
1599 1 : spdm_context->last_spdm_request_session_id_valid = true;
1600 1 : spdm_context->last_spdm_request_session_id = session_id;
1601 1 : session_info = &spdm_context->session_info[0];
1602 1 : libspdm_session_info_init(spdm_context, session_info, session_id,
1603 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
1604 1 : libspdm_session_info_set_psk_hint(session_info,
1605 : LIBSPDM_TEST_PSK_HINT_STRING,
1606 : sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
1607 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1608 1 : libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
1609 1 : libspdm_secured_message_set_request_finished_key(
1610 : session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
1611 1 : libspdm_secured_message_set_session_state(
1612 : session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
1613 :
1614 1 : m_libspdm_psk_finish_request3.opaque_data_size =
1615 : sizeof(m_libspdm_psk_finish_request3.opaque_data);
1616 1 : hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1617 1 : hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
1618 1 : ptr = m_libspdm_psk_finish_request3.verify_data;
1619 1 : libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
1620 : /* transcript.message_a size is 0
1621 : * session_transcript.message_k is 0*/
1622 1 : libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request3,
1623 : sizeof(spdm_psk_finish_request_t) + sizeof(uint16_t) +
1624 1 : m_libspdm_psk_finish_request3.opaque_data_size);
1625 1 : libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
1626 1 : libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
1627 : libspdm_get_managed_buffer_size(&th_curr), hash_data);
1628 1 : libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
1629 : request_finished_key, hash_size, ptr);
1630 1 : m_libspdm_psk_finish_request3_size = sizeof(spdm_psk_finish_request_t) + hmac_size +
1631 1 : sizeof(uint16_t) +
1632 1 : m_libspdm_psk_finish_request3.opaque_data_size;
1633 1 : response_size = sizeof(response);
1634 1 : status = libspdm_get_response_psk_finish(
1635 : spdm_context, m_libspdm_psk_finish_request3_size, &m_libspdm_psk_finish_request3,
1636 : &response_size, response);
1637 1 : assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
1638 1 : ptr = (uint8_t *)response + sizeof(spdm_psk_finish_response_t);
1639 1 : assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t) +
1640 : sizeof(uint16_t) + libspdm_read_uint16(ptr));
1641 1 : spdm_response = (void *)response;
1642 1 : assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
1643 :
1644 1 : free(data1);
1645 1 : }
1646 :
1647 1 : int libspdm_rsp_psk_finish_rsp_test(void)
1648 : {
1649 1 : const struct CMUnitTest test_cases[] = {
1650 : /* Success Case*/
1651 : cmocka_unit_test(rsp_psk_finish_rsp_case1),
1652 : /* Bad request size*/
1653 : cmocka_unit_test(rsp_psk_finish_rsp_case2),
1654 : /* response_state: SPDM_RESPONSE_STATE_BUSY*/
1655 : cmocka_unit_test(rsp_psk_finish_rsp_case3),
1656 : /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
1657 : cmocka_unit_test(rsp_psk_finish_rsp_case4),
1658 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
1659 : /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
1660 : cmocka_unit_test(rsp_psk_finish_rsp_case5),
1661 : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
1662 : /* connection_state Check*/
1663 : cmocka_unit_test(rsp_psk_finish_rsp_case6),
1664 : /* Buffer reset*/
1665 : cmocka_unit_test(rsp_psk_finish_rsp_case7),
1666 : /* Unsupported PSK capabilities*/
1667 : cmocka_unit_test(rsp_psk_finish_rsp_case8),
1668 : /* Uninitialized session*/
1669 : cmocka_unit_test(rsp_psk_finish_rsp_case9),
1670 : /* Incorrect MAC*/
1671 : cmocka_unit_test(rsp_psk_finish_rsp_case10),
1672 : cmocka_unit_test(rsp_psk_finish_rsp_case11),
1673 : /* Incorrect MAC size*/
1674 : cmocka_unit_test(rsp_psk_finish_rsp_case12),
1675 : cmocka_unit_test(rsp_psk_finish_rsp_case13),
1676 : /* Buffer verification*/
1677 : cmocka_unit_test(rsp_psk_finish_rsp_case14),
1678 : /* SPDM 1.4 with OpaqueData */
1679 : cmocka_unit_test(rsp_psk_finish_rsp_case15),
1680 : };
1681 :
1682 1 : libspdm_test_context_t test_context = {
1683 : LIBSPDM_TEST_CONTEXT_VERSION,
1684 : false,
1685 : };
1686 :
1687 1 : libspdm_setup_test_context(&test_context);
1688 :
1689 1 : return cmocka_run_group_tests(test_cases,
1690 : libspdm_unit_test_group_setup,
1691 : libspdm_unit_test_group_teardown);
1692 : }
1693 :
1694 : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
|
