/** * Copyright Notice: * Copyright 2021-2022 DMTF. All rights reserved. * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md **/ #include "spdm_unit_test.h" #include "internal/libspdm_requester_lib.h" #include "internal/libspdm_secured_message_lib.h" #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP static size_t m_libspdm_local_buffer_size; static uint8_t m_libspdm_local_buffer[LIBSPDM_MAX_MESSAGE_TH_BUFFER_SIZE]; static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE]; static const uint8_t m_libspdm_zero_buffer[LIBSPDM_MAX_HASH_SIZE] = {0}; static libspdm_th_managed_buffer_t th_curr; void libspdm_secured_message_set_response_finished_key( void *spdm_secured_message_context, const void *key, size_t key_size) { libspdm_secured_message_context_t *secured_message_context; secured_message_context = spdm_secured_message_context; LIBSPDM_ASSERT(key_size == secured_message_context->hash_size); libspdm_copy_mem(secured_message_context->handshake_secret.response_finished_key, sizeof(secured_message_context->handshake_secret.response_finished_key), key, secured_message_context->hash_size); } libspdm_return_t libspdm_requester_finish_test_send_message(void *spdm_context, size_t request_size, const void *request, uint64_t timeout) { libspdm_test_context_t *spdm_test_context; const uint8_t *ptr; spdm_test_context = libspdm_get_test_context(); ptr = (const uint8_t *)request; switch (spdm_test_context->case_id) { case 0x1: return LIBSPDM_STATUS_SEND_FAIL; case 0x2: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x3: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x4: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x5: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x6: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x7: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x8: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x9: { static size_t sub_index = 0; if (sub_index == 0) { m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); sub_index++; } } return LIBSPDM_STATUS_SUCCESS; case 0xA: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0xB: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0xC: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0xD: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0xE: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0xF: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x10: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x11: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x12: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x13: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x14: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x15: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x16: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; case 0x17: m_libspdm_local_buffer_size = 0; libspdm_copy_mem(m_libspdm_local_buffer, sizeof(m_libspdm_local_buffer), &ptr[1], request_size - 1); m_libspdm_local_buffer_size += (request_size - 1); return LIBSPDM_STATUS_SUCCESS; default: return LIBSPDM_STATUS_SEND_FAIL; } } libspdm_return_t libspdm_requester_finish_test_receive_message( void *spdm_context, size_t *response_size, void **response, uint64_t timeout) { libspdm_test_context_t *spdm_test_context; spdm_test_context = libspdm_get_test_context(); switch (spdm_test_context->case_id) { case 0x1: return LIBSPDM_STATUS_RECEIVE_FAIL; case 0x2: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x3: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x4: { spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_INVALID_REQUEST; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x5: { spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x6: { static size_t sub_index1 = 0; if (sub_index1 == 0) { spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_BUSY; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message( spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); sub_index1++; } else if (sub_index1 == 1) { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm .measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain( m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message( spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } } return LIBSPDM_STATUS_SUCCESS; case 0x7: { spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_REQUEST_RESYNCH; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x8: { spdm_error_response_data_response_not_ready_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY; spdm_response->header.param2 = 0; spdm_response->extend_error_data.rd_exponent = 1; spdm_response->extend_error_data.rd_tm = 2; spdm_response->extend_error_data.request_code = SPDM_FINISH; spdm_response->extend_error_data.token = 0; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x9: { static size_t sub_index2 = 0; if (sub_index2 == 0) { spdm_error_response_data_response_not_ready_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_data_response_not_ready_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_RESPONSE_NOT_READY; spdm_response->header.param2 = 0; spdm_response->extend_error_data.rd_exponent = 1; spdm_response->extend_error_data.rd_tm = 2; spdm_response->extend_error_data.request_code = SPDM_FINISH; spdm_response->extend_error_data.token = 1; libspdm_transport_test_encode_message( spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); sub_index2++; } else if (sub_index2 == 1) { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm .measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain( m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message( spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } } return LIBSPDM_STATUS_SUCCESS; case 0xA: { static uint16_t error_code = LIBSPDM_ERROR_CODE_RESERVED_00; spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); if(error_code <= 0xff) { libspdm_zero_mem (spdm_response, spdm_response_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = (uint8_t) error_code; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message (spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } error_code++; if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/ error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST; } if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/ error_code = LIBSPDM_ERROR_CODE_RESERVED_3F; } if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/ error_code = LIBSPDM_ERROR_CODE_RESERVED_FD; } } return LIBSPDM_STATUS_SUCCESS; case 0xB: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0xC: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0xD: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0xE: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; /*wrong response code*/ spdm_response->header.request_response_code = SPDM_FINISH; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0xF: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x10: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, NULL, NULL); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, req_cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size); libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x11: { spdm_finish_response_t *spdm_response; uint32_t hmac_size; uint8_t *ptr; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/ ptr += hmac_size; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x12: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00)); libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x13: { } return LIBSPDM_STATUS_SUCCESS; case 0x14: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size/2;/* half HMAC size*/ transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, NULL, NULL); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, req_cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size); libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size/2; /* half HMAC size*/ libspdm_set_mem(ptr, hmac_size/2, (uint8_t) 0x00); free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x15: { spdm_error_response_t *spdm_response; size_t spdm_response_size; size_t transport_header_size; spdm_response_size = sizeof(spdm_error_response_t); transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_ERROR; spdm_response->header.param1 = SPDM_ERROR_CODE_DECRYPT_ERROR; spdm_response->header.param2 = 0; libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x16: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context)->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; ((libspdm_context_t *)spdm_context)->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context)->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context)->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size, spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, NULL, NULL); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, NULL, NULL); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, req_cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size); libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - m_libspdm_local_buffer_size, ptr, hmac_size); m_libspdm_local_buffer_size += hmac_size; ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; case 0x17: { spdm_finish_response_t *spdm_response; uint32_t hash_size; uint32_t hmac_size; uint8_t *ptr; void *data; size_t data_size; uint8_t *cert_buffer; size_t cert_buffer_size; uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE]; uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE]; uint8_t response_finished_key[LIBSPDM_MAX_HASH_SIZE]; size_t spdm_response_size; size_t transport_header_size; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; ((libspdm_context_t *)spdm_context) ->connection_info.algorithm.measurement_hash_algo = m_libspdm_use_measurement_hash_algo; hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); spdm_response_size = sizeof(spdm_finish_response_t) + hmac_size; transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; spdm_response = (void *)((uint8_t *)*response + transport_header_size); spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; spdm_response->header.request_response_code = SPDM_FINISH_RSP; spdm_response->header.param1 = 0; spdm_response->header.param2 = 0; ptr = (void *)(spdm_response + 1); libspdm_copy_mem(&m_libspdm_local_buffer[m_libspdm_local_buffer_size], sizeof(m_libspdm_local_buffer) - (&m_libspdm_local_buffer[m_libspdm_local_buffer_size] - m_libspdm_local_buffer), spdm_response, sizeof(spdm_finish_response_t)); m_libspdm_local_buffer_size += sizeof(spdm_finish_response_t); libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size); libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer)); cert_buffer = (uint8_t *)data; cert_buffer_size = data_size; libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash); /* transcript.message_a size is 0*/ libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size); /* session_transcript.message_k is 0*/ libspdm_append_managed_buffer(&th_curr, m_libspdm_local_buffer, m_libspdm_local_buffer_size); libspdm_set_mem(response_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF)); libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr), libspdm_get_managed_buffer_size(&th_curr), hash_data); libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size, response_finished_key, hash_size, ptr); ptr += hmac_size; free(data); libspdm_transport_test_encode_message(spdm_context, NULL, false, false, spdm_response_size, spdm_response, response_size, response); } return LIBSPDM_STATUS_SUCCESS; default: return LIBSPDM_STATUS_RECEIVE_FAIL; } } /** * Test 1: when no FINISH_RSP message is received, and the client returns a * device error. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case1(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x1; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SEND_FAIL); free(data); } /** * Test 2: receiving a correct FINISH_RSP message with only MAC (no * mutual authentication) and 'handshake in the clear'. * Expected behavior: client returns a Status of RETURN_SUCCESS and * session is established. **/ void libspdm_test_requester_finish_case2(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; libspdm_secured_message_context_t *secured_message_context; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x2; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); secured_message_context = session_info->secured_message_context; assert_memory_equal((const void *)secured_message_context->master_secret.master_secret, (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer)); free(data); } /** * Test 3: requester state has not been negotiated, as if GET_VERSION, GET_CAPABILITIES and * NEGOTIATE_ALGORITHMS had not been exchanged. * Expected behavior: client returns a Status of RETURN_UNSUPPORTED. **/ void libspdm_test_requester_finish_case3(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x3; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL); free(data); } /** * Test 4: the requester is setup correctly (see Test 2), but receives an ERROR * message indicating InvalidParameters. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case4(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x4; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_ERROR_PEER); assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID); free(data); } /** * Test 5: the requester is setup correctly (see Test 2), but receives an ERROR * message indicating the Busy status of the responder. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case5(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x5; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_BUSY_PEER); free(data); } /** * Test 6: the requester is setup correctly (see Test 2), but, on the first try, * receiving a Busy ERROR message, and on retry, receiving a correct FINISH_RSP * message with only MAC (no mutual authentication). * Expected behavior: client returns a Status of RETURN_SUCCESS. **/ void libspdm_test_requester_finish_case6(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x6; spdm_context->retry_times = 3; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); free(data); } /** * Test 7: the requester is setup correctly (see Test 2), but receives an ERROR * message indicating the RequestResynch status of the responder. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR, and the * communication is reset to expect a new GET_VERSION message. **/ void libspdm_test_requester_finish_case7(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x7; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_RESYNCH_PEER); assert_int_equal(spdm_context->connection_info.connection_state, LIBSPDM_CONNECTION_STATE_NOT_STARTED); free(data); } /** * Test 8: the requester is setup correctly (see Test 2), but receives an ERROR * message indicating the ResponseNotReady status of the responder. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR,. **/ void libspdm_test_requester_finish_case8(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x8; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER); free(data); } /** * Test 9: the requester is setup correctly (see Test 2), but, on the first try, * receiving a ResponseNotReady ERROR message, and on retry, receiving a correct * FINISH_RSP message with only MAC (no mutual authentication). * Expected behavior: client returns a Status of RETURN_SUCCESS. **/ void libspdm_test_requester_finish_case9(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x9; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); if (LIBSPDM_RESPOND_IF_READY_SUPPORT) { assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); } else { assert_int_equal(status, LIBSPDM_STATUS_NOT_READY_PEER); } free(data); } /** * Test 10: receiving an unexpected ERROR message from the responder. * There are tests for all named codes, including some reserved ones * (namely, 0x00, 0x0b, 0x0c, 0x3f, 0xfd, 0xfe). * However, for having specific test cases, it is excluded from this case: * Busy (0x03), ResponseNotReady (0x42), and RequestResync (0x43). * Expected behavior: client returns a status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case10(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; uint16_t error_code; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xA; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain (m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; error_code = LIBSPDM_ERROR_CODE_RESERVED_00; while(error_code <= 0xff) { spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; libspdm_reset_message_a(spdm_context); session_info = &spdm_context->session_info[0]; libspdm_session_info_init (spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size (m_libspdm_use_hash_algo); libspdm_set_mem (m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key (session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state (session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); status = libspdm_send_receive_finish (spdm_context, session_id, req_slot_id_param); if(error_code != SPDM_ERROR_CODE_DECRYPT_ERROR) { LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_ERROR_PEER, error_code); } else { LIBSPDM_ASSERT_INT_EQUAL_CASE (status, LIBSPDM_STATUS_SESSION_MSG_ERROR, error_code); } error_code++; if(error_code == SPDM_ERROR_CODE_BUSY) { /*busy is treated in cases 5 and 6*/ error_code = SPDM_ERROR_CODE_UNEXPECTED_REQUEST; } if(error_code == LIBSPDM_ERROR_CODE_RESERVED_0D) { /*skip some reserved error codes (0d to 3e)*/ error_code = LIBSPDM_ERROR_CODE_RESERVED_3F; } if(error_code == SPDM_ERROR_CODE_RESPONSE_NOT_READY) { /*skip response not ready, request resync, and some reserved codes (44 to fc)*/ error_code = LIBSPDM_ERROR_CODE_RESERVED_FD; } } free(data); } void libspdm_test_requester_finish_case11(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xB; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT session_info->session_transcript.message_m.buffer_size = session_info->session_transcript.message_m.max_buffer_size; spdm_context->transcript.message_b.buffer_size = spdm_context->transcript.message_b.max_buffer_size; spdm_context->transcript.message_c.buffer_size = spdm_context->transcript.message_c.max_buffer_size; spdm_context->transcript.message_mut_b.buffer_size = spdm_context->transcript.message_mut_b.max_buffer_size; spdm_context->transcript.message_mut_c.buffer_size = spdm_context->transcript.message_mut_c.max_buffer_size; #endif status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0); assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0); assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0); assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0); assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0); #endif free(data); } /** * Test 12: requester is not setup correctly to support key exchange * (no capabilities). The responder would attempt to return a correct * FINISH_RSP message. * Expected behavior: client returns a Status of RETURN_UNSUPPORTED. **/ void libspdm_test_requester_finish_case12(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xC; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = 0; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags = 0; /* no key exchange capabilities (requester)*/ spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_UNSUPPORTED_CAP); free(data); } /** * Test 13: requester is not setup correctly to accept key exchange and * finish at this point (at least NEGOTIATE_ALGORITHMS is required, if * the public key was provisioned before the key exchange). The * responder would attempt to return a correct FINISH_RSP message. * Expected behavior: client returns a Status of RETURN_UNSUPPORTED. **/ void libspdm_test_requester_finish_case13(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xD; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_CAPABILITIES; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL); free(data); } /** * Test 14: receiving an incorrect FINISH_RSP message, with wrong response * code, but all other field correct. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case14(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xE; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); free(data); } /** * Test 15: requester is not setup correctly by not initializing a * session during KEY_EXCHANGE. The responder would attempt to * return a correct FINISH_RSP message. * Expected behavior: client returns a Status of RETURN_UNSUPPORTED. **/ void libspdm_test_requester_finish_case15(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0xF; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_NOT_STARTED); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_INVALID_STATE_LOCAL); free(data); } /** * Test 16: receiving a correct FINISH_RSP message with a correct MAC, * mutual authentication and 'handshake in the clear'. * Expected behavior: client returns a Status of RETURN_SUCCESS and * session is established. **/ void libspdm_test_requester_finish_case16(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x10; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; req_slot_id_param = 0; libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->local_context. local_cert_chain_provision_size[req_slot_id_param] = data_size; spdm_context->local_context. local_cert_chain_provision[req_slot_id_param] = data; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); session_info->mut_auth_requested = 1; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); free(data); } /** * Test 17: receiving a FINISH_RSP message with an incorrect MAC * (all-zero), mutual authentication, and 'handshake in the clear'. * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION. **/ void libspdm_test_requester_finish_case17(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x11; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; req_slot_id_param = 0; libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->local_context. local_cert_chain_provision_size[req_slot_id_param] = data_size; spdm_context->local_context. local_cert_chain_provision[req_slot_id_param] = data; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); session_info->mut_auth_requested = 1; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL); free(data); } /** * Test 18: receiving a FINISH_RSP message with an incorrect MAC * (arbitrary), mutual authentication, and 'handshake in the clear'. * Expected behavior: client returns a Status of RETURN_SECURITY_VIOLATION. **/ void libspdm_test_requester_finish_case18(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x12; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; req_slot_id_param = 0; libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->local_context. local_cert_chain_provision_size[req_slot_id_param] = data_size; spdm_context->local_context. local_cert_chain_provision[req_slot_id_param] = data; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); session_info->mut_auth_requested = 1; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_VERIF_FAIL); free(data); } /** * Test 19: * Expected behavior: **/ void libspdm_test_requester_finish_case19(void **state) { } /** * Test 20: receiving a FINISH_RSP message an incorrect MAC size (only the * correct first half of the MAC), mutual authentication, and 'handshake * in the clear'. * Expected behavior: client returns a Status of RETURN_DEVICE_ERROR. **/ void libspdm_test_requester_finish_case20(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x14; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; req_slot_id_param = 0; libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->local_context. local_cert_chain_provision_size[req_slot_id_param] = data_size; spdm_context->local_context. local_cert_chain_provision[req_slot_id_param] = data; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); session_info->mut_auth_requested = 1; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_SIZE); free(data); } /** * Test 21: the requester is setup correctly, but receives an ERROR with SPDM_ERROR_CODE_DECRYPT_ERROR. * Expected behavior: client returns a Status of INVALID_SESSION_ID and free the session ID. **/ void libspdm_test_requester_finish_case21(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x15; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SESSION_MSG_ERROR); assert_int_equal(spdm_context->session_info->session_id, INVALID_SESSION_ID); free(data); } /** * Test 22: a FINISH request message is successfully sent and a FINISH_RSP response message is * successfully received. * Expected Behavior: requester returns the status RETURN_SUCCESS and a FINISH_RSP message is * received, buffer F appends the exchanged FINISH and FINISH_RSP **/ void libspdm_test_requester_finish_case22(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; void *hash; size_t hash_size; libspdm_session_info_t *session_info; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x16; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.req_base_asym_alg = m_libspdm_use_req_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT spdm_context->connection_info.peer_used_cert_chain[0].buffer_size = data_size; libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer, sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer), data, data_size); #else libspdm_hash_all( spdm_context->connection_info.algorithm.base_hash_algo, data, data_size, spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash); spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); libspdm_get_leaf_cert_public_key_from_cert_chain( spdm_context->connection_info.algorithm.base_hash_algo, spdm_context->connection_info.algorithm.base_asym_algo, data, data_size, &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key); #endif spdm_context->connection_info.peer_used_cert_chain_slot_id = 0; req_slot_id_param = 0; libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_req_asym_algo, &data, &data_size, &hash, &hash_size); spdm_context->local_context. local_cert_chain_provision_size[req_slot_id_param] = data_size; spdm_context->local_context. local_cert_chain_provision[req_slot_id_param] = data; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); session_info->mut_auth_requested = 1; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size, m_libspdm_local_buffer_size); LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "m_libspdm_local_buffer (0x%x):\n", m_libspdm_local_buffer_size)); libspdm_dump_hex(m_libspdm_local_buffer, m_libspdm_local_buffer_size); assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer, m_libspdm_local_buffer, m_libspdm_local_buffer_size); #endif free(data); } /** * Test 23: receiving a correct FINISH_RSP message using slot_id 0xFF * Expected behavior: client returns a Status of RETURN_SUCCESS and * session is established. **/ void libspdm_test_requester_finish_case23(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; uint32_t session_id; uint8_t req_slot_id_param; void *data; size_t data_size; size_t hash_size; libspdm_session_info_t *session_info; libspdm_secured_message_context_t *secured_message_context; spdm_test_context = *state; spdm_context = spdm_test_context->spdm_context; spdm_test_context->case_id = 0x17; spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP; libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data, &data_size); spdm_context->local_context.peer_public_key_provision = data; spdm_context->local_context.peer_public_key_provision_size = data_size; libspdm_reset_message_a(spdm_context); spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo; spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo; spdm_context->connection_info.peer_used_cert_chain_slot_id = 0xFF; session_id = 0xFFFFFFFF; session_info = &spdm_context->session_info[0]; libspdm_session_info_init(spdm_context, session_info, session_id, false); hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo); libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF)); libspdm_secured_message_set_response_finished_key( session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size); libspdm_secured_message_set_session_state( session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING); spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; req_slot_id_param = 0; status = libspdm_send_receive_finish(spdm_context, session_id, req_slot_id_param); assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); assert_int_equal( libspdm_secured_message_get_session_state( spdm_context->session_info[0].secured_message_context), LIBSPDM_SESSION_STATE_ESTABLISHED); secured_message_context = session_info->secured_message_context; assert_memory_equal((const void *)secured_message_context->master_secret.master_secret, (const void *)m_libspdm_zero_buffer, sizeof(m_libspdm_zero_buffer)); free(data); } libspdm_test_context_t m_libspdm_requester_finish_test_context = { LIBSPDM_TEST_CONTEXT_VERSION, true, libspdm_requester_finish_test_send_message, libspdm_requester_finish_test_receive_message, }; int libspdm_requester_finish_test_main(void) { const struct CMUnitTest spdm_requester_finish_tests[] = { /* SendRequest failed*/ cmocka_unit_test(libspdm_test_requester_finish_case1), /* Successful response*/ cmocka_unit_test(libspdm_test_requester_finish_case2), /* connection_state check failed*/ cmocka_unit_test(libspdm_test_requester_finish_case3), /* Error response: SPDM_ERROR_CODE_INVALID_REQUEST*/ cmocka_unit_test(libspdm_test_requester_finish_case4), /* Always SPDM_ERROR_CODE_BUSY*/ cmocka_unit_test(libspdm_test_requester_finish_case5), /* SPDM_ERROR_CODE_BUSY + Successful response*/ cmocka_unit_test(libspdm_test_requester_finish_case6), /* Error response: SPDM_ERROR_CODE_REQUEST_RESYNCH*/ cmocka_unit_test(libspdm_test_requester_finish_case7), /* Always SPDM_ERROR_CODE_RESPONSE_NOT_READY*/ cmocka_unit_test(libspdm_test_requester_finish_case8), /* SPDM_ERROR_CODE_RESPONSE_NOT_READY + Successful response*/ cmocka_unit_test(libspdm_test_requester_finish_case9), /* Unexpected errors*/ cmocka_unit_test(libspdm_test_requester_finish_case10), /* Buffer reset*/ cmocka_unit_test(libspdm_test_requester_finish_case11), /* No correct setup*/ cmocka_unit_test(libspdm_test_requester_finish_case12), cmocka_unit_test(libspdm_test_requester_finish_case13), cmocka_unit_test(libspdm_test_requester_finish_case14), cmocka_unit_test(libspdm_test_requester_finish_case15), /* Successful response*/ cmocka_unit_test(libspdm_test_requester_finish_case16), /* Response with invalid MAC*/ cmocka_unit_test(libspdm_test_requester_finish_case17), cmocka_unit_test(libspdm_test_requester_finish_case18), /* Can be populated with new test.*/ cmocka_unit_test(libspdm_test_requester_finish_case19), cmocka_unit_test(libspdm_test_requester_finish_case20), /* Error response: SPDM_ERROR_CODE_DECRYPT_ERROR*/ cmocka_unit_test(libspdm_test_requester_finish_case21), /* Buffer verification*/ cmocka_unit_test(libspdm_test_requester_finish_case22), /* Successful response using provisioned public key (slot_id 0xFF) */ cmocka_unit_test(libspdm_test_requester_finish_case23), }; libspdm_setup_test_context(&m_libspdm_requester_finish_test_context); return cmocka_run_group_tests(spdm_requester_finish_tests, libspdm_unit_test_group_setup, libspdm_unit_test_group_teardown); } #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/