diff --git a/unit_test/test_spdm_requester/encap_digests.c b/unit_test/test_spdm_requester/encap_digests.c index a01b939b5ae..710e37cfc98 100644 --- a/unit_test/test_spdm_requester/encap_digests.c +++ b/unit_test/test_spdm_requester/encap_digests.c @@ -17,13 +17,22 @@ spdm_get_digest_request_t m_spdm_get_digests_request1 = { }; size_t m_spdm_get_digests_request1_size = sizeof(m_spdm_get_digests_request1); + +spdm_get_digest_request_t m_spdm_get_digests_request2 = { + { + SPDM_MESSAGE_VERSION_13, + SPDM_GET_DIGESTS, + }, +}; +size_t m_spdm_get_digests_request2_size = sizeof(m_spdm_get_digests_request2); + static uint8_t m_local_certificate_chain[LIBSPDM_MAX_CERT_CHAIN_SIZE]; /** * Test 1: receives a valid GET_DIGESTS request message from Requester * Expected Behavior: produces a valid DIGESTS response message **/ -void test_spdm_requester_challenge_auth_case1(void **state) +void test_spdm_requester_encap_get_digests_case1(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; @@ -79,7 +88,7 @@ void test_spdm_requester_challenge_auth_case1(void **state) * Test 2: * Expected Behavior: **/ -void test_spdm_requester_challenge_auth_case2(void **state) +void test_spdm_requester_encap_get_digests_case2(void **state) { } @@ -87,7 +96,7 @@ void test_spdm_requester_challenge_auth_case2(void **state) * Test 3: receives a valid GET_DIGESTS request message from Requester, but the request message cannot be appended to the internal cache since the internal cache is full * Expected Behavior: produces an ERROR response message with error code = Unspecified **/ -void test_spdm_requester_challenge_auth_case3(void **state) +void test_spdm_requester_encap_get_digests_case3(void **state) { libspdm_return_t status; libspdm_test_context_t *spdm_test_context; @@ -145,7 +154,7 @@ void test_spdm_requester_challenge_auth_case3(void **state) * Test 4: receives a valid GET_DIGESTS request message from Requester, but the response message cannot be appended to the internal cache since the internal cache is full * Expected Behavior: produces an ERROR response message with error code = Unspecified **/ -void test_spdm_requester_challenge_auth_case4(void **state) +void test_spdm_requester_encap_get_digests_case4(void **state) { libspdm_test_context_t *spdm_test_context; libspdm_context_t *spdm_context; @@ -198,6 +207,101 @@ void test_spdm_requester_challenge_auth_case4(void **state) #endif } +/** + * Test 5: receives a valid GET_DIGESTS request message from Requester , + * Set multi_key_conn_req to check if it responds correctly + * Expected Behavior: produces a valid DIGESTS response message + **/ +void test_spdm_requester_encap_get_digests_case5(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + size_t response_size; + uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; + spdm_digest_response_t *spdm_response; + libspdm_session_info_t *session_info; + uint32_t session_id; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x5; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 + << SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->local_context.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; + spdm_context->connection_info.algorithm.base_hash_algo = + m_libspdm_use_hash_algo; + spdm_context->local_context.local_cert_chain_provision[0] = + m_local_certificate_chain; + spdm_context->local_context.local_cert_chain_provision_size[0] = + sizeof(m_local_certificate_chain); + libspdm_set_mem(m_local_certificate_chain, sizeof(m_local_certificate_chain), + (uint8_t)(0xFF)); + + session_id = 0xFFFFFFFF; + spdm_context->latest_session_id = session_id; + spdm_context->last_spdm_request_session_id_valid = true; + spdm_context->last_spdm_request_session_id = session_id; + session_info = &spdm_context->session_info[0]; + libspdm_session_info_init(spdm_context, session_info, session_id, true); + libspdm_secured_message_set_session_state( + session_info->secured_message_context, + LIBSPDM_SESSION_STATE_ESTABLISHED); + +#if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT + spdm_context->transcript.message_m.buffer_size = + spdm_context->transcript.message_m.max_buffer_size; +#endif + /* Sub Case 1: Set multi_key_conn_req to true*/ + spdm_context->connection_info.multi_key_conn_req = true; + libspdm_reset_message_encap_d(spdm_context, session_info); + + response_size = sizeof(response); + status = libspdm_get_encap_response_digest(spdm_context, + m_spdm_get_digests_request2_size, + &m_spdm_get_digests_request2, + &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal( + response_size, + sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(spdm_context->connection_info + .algorithm.base_hash_algo)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_DIGESTS); + assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size, + sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo)); + + /* Sub Case 2: Set multi_key_conn_req to false*/ + spdm_context->connection_info.multi_key_conn_req = false; + libspdm_reset_message_encap_d(spdm_context, session_info); + + response_size = sizeof(response); + status = libspdm_get_encap_response_digest(spdm_context, + m_spdm_get_digests_request2_size, + &m_spdm_get_digests_request2, + &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal( + response_size, + sizeof(spdm_digest_response_t) + + libspdm_get_hash_size(spdm_context->connection_info + .algorithm.base_hash_algo)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_DIGESTS); + assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size, 0); +} + libspdm_test_context_t m_spdm_requester_digests_test_context = { LIBSPDM_TEST_CONTEXT_VERSION, false, @@ -207,13 +311,15 @@ int libspdm_requester_encap_digests_test_main(void) { const struct CMUnitTest spdm_requester_digests_tests[] = { /* Success Case*/ - cmocka_unit_test(test_spdm_requester_challenge_auth_case1), + cmocka_unit_test(test_spdm_requester_encap_get_digests_case1), /* Can be populated with new test.*/ - cmocka_unit_test(test_spdm_requester_challenge_auth_case2), + cmocka_unit_test(test_spdm_requester_encap_get_digests_case2), /* Internal cache full (request message)*/ - cmocka_unit_test(test_spdm_requester_challenge_auth_case3), + cmocka_unit_test(test_spdm_requester_encap_get_digests_case3), /* Internal cache full (response message)*/ - cmocka_unit_test(test_spdm_requester_challenge_auth_case4), + cmocka_unit_test(test_spdm_requester_encap_get_digests_case4), + /* Set multi_key_conn_req to check if it responds correctly */ + cmocka_unit_test(test_spdm_requester_encap_get_digests_case5), }; libspdm_setup_test_context(&m_spdm_requester_digests_test_context); diff --git a/unit_test/test_spdm_requester/get_digests.c b/unit_test/test_spdm_requester/get_digests.c index 40bf438b929..f33532c291f 100644 --- a/unit_test/test_spdm_requester/get_digests.c +++ b/unit_test/test_spdm_requester/get_digests.c @@ -84,6 +84,7 @@ static libspdm_return_t libspdm_requester_get_digests_test_send_message( case 0x18: return LIBSPDM_STATUS_SUCCESS; case 0x19: + case 0x1A: return LIBSPDM_STATUS_SUCCESS; default: return LIBSPDM_STATUS_SEND_FAIL; @@ -945,6 +946,43 @@ static libspdm_return_t libspdm_requester_get_digests_test_receive_message( } return LIBSPDM_STATUS_SUCCESS; + case 0x1A: { + spdm_digest_response_t *spdm_response; + uint8_t *digest; + size_t spdm_response_size; + size_t transport_header_size; + + ((libspdm_context_t *)spdm_context) + ->connection_info.algorithm.base_hash_algo = + m_libspdm_use_hash_algo; + spdm_response_size = sizeof(spdm_digest_response_t) + + libspdm_get_hash_size(m_libspdm_use_hash_algo) * SPDM_MAX_SLOT_COUNT; + transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; + spdm_response = (void *)((uint8_t *)*response + transport_header_size); + + spdm_response->header.request_response_code = SPDM_DIGESTS; + spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13; + spdm_response->header.param1 = (0x01 << 0); + spdm_response->header.param2 = 0; + spdm_response->header.param2 |= (0x01 << 0); + + libspdm_set_mem(m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), + (uint8_t)(0xFF)); + + digest = (void *)(spdm_response + 1); + libspdm_zero_mem (digest, + libspdm_get_hash_size(m_libspdm_use_hash_algo) * SPDM_MAX_SLOT_COUNT); + libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), &digest[0]); + + libspdm_transport_test_encode_message(spdm_context, NULL, false, + false, spdm_response_size, + spdm_response, response_size, + response); + } + return LIBSPDM_STATUS_SUCCESS; + default: return LIBSPDM_STATUS_RECEIVE_FAIL; } @@ -1484,6 +1522,61 @@ static void libspdm_test_requester_get_digests_case25(void **state) #endif } + +/** + * Test 26: a response message is successfully sent , + * Set multi_key_conn_rsp to check if it responds correctly + * Expected Behavior: requester returns the status LIBSPDM_STATUS_SUCCESS + **/ +static void libspdm_test_requester_get_digests_case26(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + uint8_t slot_mask; + uint8_t total_digest_buffer[LIBSPDM_MAX_HASH_SIZE * SPDM_MAX_SLOT_COUNT]; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x1A; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; + spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; + libspdm_set_mem(m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), + (uint8_t)(0xFF)); + libspdm_reset_message_b(spdm_context); + +#if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT + spdm_context->transcript.message_m.buffer_size = + spdm_context->transcript.message_m.max_buffer_size; +#endif + /* Sub Case 1: Set multi_key_conn_rsp to true*/ + spdm_context->connection_info.multi_key_conn_rsp = true; + libspdm_reset_message_d(spdm_context); + + libspdm_zero_mem(total_digest_buffer, sizeof(total_digest_buffer)); + status = libspdm_get_digest(spdm_context, NULL, &slot_mask, &total_digest_buffer); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal( + spdm_context->transcript.message_d.buffer_size, + sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size( + spdm_context->connection_info.algorithm.base_hash_algo)); + + /* Sub Case 2: Set multi_key_conn_rsp to false*/ + spdm_context->connection_info.multi_key_conn_rsp = false; + libspdm_reset_message_d(spdm_context); + + libspdm_zero_mem(total_digest_buffer, sizeof(total_digest_buffer)); + status = libspdm_get_digest(spdm_context, NULL, &slot_mask, &total_digest_buffer); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(spdm_context->transcript.message_d.buffer_size,0); +} + static libspdm_test_context_t m_libspdm_requester_get_digests_test_context = { LIBSPDM_TEST_CONTEXT_VERSION, true, @@ -1519,6 +1612,7 @@ int libspdm_requester_get_digests_test_main(void) cmocka_unit_test(libspdm_test_requester_get_digests_case23), cmocka_unit_test(libspdm_test_requester_get_digests_case24), cmocka_unit_test(libspdm_test_requester_get_digests_case25), + cmocka_unit_test(libspdm_test_requester_get_digests_case26), }; libspdm_setup_test_context(&m_libspdm_requester_get_digests_test_context); diff --git a/unit_test/test_spdm_responder/digests.c b/unit_test/test_spdm_responder/digests.c index 449469de306..b0d1bb8bee4 100644 --- a/unit_test/test_spdm_responder/digests.c +++ b/unit_test/test_spdm_responder/digests.c @@ -17,6 +17,14 @@ spdm_get_digest_request_t m_libspdm_get_digests_request1 = { }; size_t m_libspdm_get_digests_request1_size = sizeof(m_libspdm_get_digests_request1); +spdm_get_digest_request_t m_libspdm_get_digests_request2 = { + { + SPDM_MESSAGE_VERSION_13, + SPDM_GET_DIGESTS, + }, +}; +size_t m_libspdm_get_digests_request2_size = sizeof(m_libspdm_get_digests_request2); + static uint8_t m_libspdm_local_certificate_chain[LIBSPDM_MAX_CERT_CHAIN_SIZE]; /** @@ -406,6 +414,92 @@ void libspdm_test_responder_digests_case8(void **state) #endif } +/** + * Test 9: receives a valid GET_DIGESTS request message from Requester , set multi_key_conn_rsp to check if it responds correctly + * Expected Behavior: produces a valid DIGESTS response message + **/ +void libspdm_test_responder_digests_case9(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + size_t response_size; + uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; + spdm_digest_response_t *spdm_response; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x9; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->local_context.capability.flags = 0; + spdm_context->last_spdm_request_session_id_valid = false; + spdm_context->local_context.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; + spdm_context->connection_info.algorithm.base_hash_algo = + m_libspdm_use_hash_algo; + spdm_context->local_context.local_cert_chain_provision[0] = + m_libspdm_local_certificate_chain; + spdm_context->local_context.local_cert_chain_provision_size[0] = + sizeof(m_libspdm_local_certificate_chain); + libspdm_set_mem(m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), + (uint8_t)(0xFF)); + +#if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT + spdm_context->transcript.message_m.buffer_size = + spdm_context->transcript.message_m.max_buffer_size; +#endif + /* Sub Case 1: Set multi_key_conn_rsp to true*/ + spdm_context->connection_info.multi_key_conn_rsp = true; + libspdm_reset_message_d(spdm_context); + + response_size = sizeof(response); + status = libspdm_get_response_digests(spdm_context, + m_libspdm_get_digests_request2_size, + &m_libspdm_get_digests_request2, + &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal( + response_size, + sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(spdm_context->connection_info + .algorithm.base_hash_algo)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_DIGESTS); + assert_int_equal(spdm_context->transcript.message_d.buffer_size, + sizeof(spdm_digest_response_t) + + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo)); + + /* Sub Case 2: Set multi_key_conn_rsp to false*/ + spdm_context->connection_info.multi_key_conn_rsp = false; + libspdm_reset_message_d(spdm_context); + + response_size = sizeof(response); + status = libspdm_get_response_digests(spdm_context, + m_libspdm_get_digests_request2_size, + &m_libspdm_get_digests_request2, + &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal( + response_size, + sizeof(spdm_digest_response_t) + + libspdm_get_hash_size(spdm_context->connection_info + .algorithm.base_hash_algo)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_DIGESTS); + assert_int_equal(spdm_context->transcript.message_d.buffer_size, 0); +} + libspdm_test_context_t m_libspdm_responder_digests_test_context = { LIBSPDM_TEST_CONTEXT_VERSION, false, @@ -432,6 +526,8 @@ int libspdm_responder_digests_test_main(void) cmocka_unit_test(libspdm_test_responder_digests_case7), /* Success Case in a session*/ cmocka_unit_test(libspdm_test_responder_digests_case8), + /* Set multi_key_conn_rsp to check if it responds correctly */ + cmocka_unit_test(libspdm_test_responder_digests_case9), }; libspdm_setup_test_context(&m_libspdm_responder_digests_test_context); diff --git a/unit_test/test_spdm_responder/encap_get_digests.c b/unit_test/test_spdm_responder/encap_get_digests.c index 1071a8dec4a..77b112b6962 100644 --- a/unit_test/test_spdm_responder/encap_get_digests.c +++ b/unit_test/test_spdm_responder/encap_get_digests.c @@ -235,6 +235,91 @@ void test_spdm_responder_encap_get_digests_case5(void **state) assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); } +/** + * Test 6: a response message is successfully sent , Set multi_key_conn_req to check if it responds correctly + * Expected Behavior: requester returns the status RETURN_SUCCESS + **/ +void test_spdm_responder_encap_get_digests_case6(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + spdm_digest_response_t *spdm_response; + uint8_t *digest; + uint8_t temp_buf[LIBSPDM_MAX_SPDM_MSG_SIZE]; + size_t spdm_response_size; + bool need_continue; + uint32_t session_id; + libspdm_session_info_t *session_info; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x6; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->connection_info.capability.flags |= + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CERT_CAP; + spdm_context->connection_info.algorithm.base_hash_algo = + m_libspdm_use_hash_algo; + + libspdm_reset_message_b(spdm_context); + + spdm_response = (void *)temp_buf; + libspdm_zero_mem(temp_buf, sizeof(temp_buf)); + spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13; + spdm_response->header.request_response_code = SPDM_DIGESTS; + spdm_response->header.param1 = (0x01 << 0); + spdm_response->header.param2 = 0; + spdm_response->header.param2 |= (0x01 << 0); + libspdm_set_mem(m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), + (uint8_t)(0xFF)); + + digest = (void *)(spdm_response + 1); + libspdm_hash_all(m_libspdm_use_hash_algo, m_libspdm_local_certificate_chain, + sizeof(m_libspdm_local_certificate_chain), &digest[0]); + + session_id = 0xFFFFFFFF; + spdm_context->latest_session_id = session_id; + spdm_context->last_spdm_request_session_id_valid = true; + spdm_context->last_spdm_request_session_id = session_id; + session_info = &spdm_context->session_info[0]; + libspdm_session_info_init(spdm_context, session_info, session_id, true); + libspdm_secured_message_set_session_state( + session_info->secured_message_context, + LIBSPDM_SESSION_STATE_ESTABLISHED); + + /* Sub Case 1: Set multi_key_conn_req to true*/ + spdm_context->connection_info.multi_key_conn_req = true; + libspdm_reset_message_encap_d(spdm_context, session_info); + + spdm_response_size = sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(m_libspdm_use_hash_algo); + + status = libspdm_process_encap_response_digest(spdm_context, spdm_response_size, + spdm_response, &need_continue); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size, + spdm_response_size); + + /* Sub Case 2: Set multi_key_conn_req to false*/ + spdm_context->connection_info.multi_key_conn_req = false; + libspdm_reset_message_encap_d(spdm_context, session_info); + + spdm_response_size = sizeof(spdm_digest_response_t) + sizeof(spdm_key_pair_id_t) + + sizeof(spdm_certificate_info_t) + + sizeof(spdm_key_usage_bit_mask_t) + + libspdm_get_hash_size(m_libspdm_use_hash_algo); + status = libspdm_process_encap_response_digest(spdm_context, spdm_response_size, + spdm_response, &need_continue); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(session_info->session_transcript.message_encap_d.buffer_size, 0); +} + libspdm_test_context_t m_spdm_responder_encap_get_digests_test_context = { LIBSPDM_TEST_CONTEXT_VERSION, false, @@ -253,6 +338,8 @@ int spdm_responder_encap_get_digests_test_main(void) cmocka_unit_test(test_spdm_responder_encap_get_digests_case4), /* capability flags check failed*/ cmocka_unit_test(test_spdm_responder_encap_get_digests_case5), + /* Set multi_key_conn_req to check if it responds correctly */ + cmocka_unit_test(test_spdm_responder_encap_get_digests_case6), }; libspdm_setup_test_context(&m_spdm_responder_encap_get_digests_test_context);