From 245d7004bde9ad8d5892b4be93835a77ece63c13 Mon Sep 17 00:00:00 2001 From: Steven Bellock Date: Tue, 17 Dec 2024 13:51:20 -0800 Subject: [PATCH] Check key exchange MAC_CAP when message is sent Fix #2921. Signed-off-by: Steven Bellock --- .../libspdm_req_get_capabilities.c | 16 +- .../libspdm_req_key_exchange.c | 12 ++ .../libspdm_req_psk_exchange.c | 11 ++ .../libspdm_rsp_capabilities.c | 16 +- .../libspdm_rsp_key_exchange.c | 13 ++ .../libspdm_rsp_psk_exchange.c | 13 ++ .../error_test/get_capabilities_err.c | 186 +----------------- .../error_test/key_exchange_err.c | 80 +++++--- unit_test/test_spdm_requester/key_exchange.c | 96 ++++++--- unit_test/test_spdm_requester/psk_exchange.c | 6 +- unit_test/test_spdm_responder/capabilities.c | 87 +------- unit_test/test_spdm_responder/key_exchange.c | 111 +++++++---- unit_test/test_spdm_responder/psk_exchange.c | 6 +- .../test_spdm_responder/respond_if_ready.c | 17 +- 14 files changed, 284 insertions(+), 386 deletions(-) diff --git a/library/spdm_requester_lib/libspdm_req_get_capabilities.c b/library/spdm_requester_lib/libspdm_req_get_capabilities.c index 27ddfd641ec..fd5728adde4 100644 --- a/library/spdm_requester_lib/libspdm_req_get_capabilities.c +++ b/library/spdm_requester_lib/libspdm_req_get_capabilities.c @@ -79,14 +79,7 @@ static bool validate_responder_capability(uint32_t capabilities_flag, uint8_t ve } /* Checks that originate from key exchange capabilities. */ - if ((key_ex_cap == 1) || (psk_cap != 0)) { - /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm - * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. - */ - if (mac_cap == 0) { - return false; - } - } else { + if ((key_ex_cap == 0) && (psk_cap == 0)) { if ((mac_cap == 1) || (encrypt_cap == 1) || (handshake_in_the_clear_cap == 1) || (hbeat_cap == 1) || (key_upd_cap == 1)) { return false; @@ -172,6 +165,13 @@ static bool validate_responder_capability(uint32_t capabilities_flag, uint8_t ve } } + /* Checks that are deferred to when a message is sent. + * + * If the Responder supports key exchange then MAC_CAP must be set. In addition, if the + * negotiated SPDM version is greater than 1.1 then the negotiated opaque data format must be + * OpaqueDataFmt1. + */ + return true; } diff --git a/library/spdm_requester_lib/libspdm_req_key_exchange.c b/library/spdm_requester_lib/libspdm_req_key_exchange.c index 90bb734d5f5..cb19e8a7317 100644 --- a/library/spdm_requester_lib/libspdm_req_key_exchange.c +++ b/library/spdm_requester_lib/libspdm_req_key_exchange.c @@ -322,9 +322,21 @@ static libspdm_return_t libspdm_try_send_receive_key_exchange( SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP)) { return LIBSPDM_STATUS_UNSUPPORTED_CAP; } + + /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm + * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. + */ + if (!libspdm_is_capabilities_flag_supported( + spdm_context, true, + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP, + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP)) { + return LIBSPDM_STATUS_UNSUPPORTED_CAP; + } + if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) { return LIBSPDM_STATUS_INVALID_STATE_LOCAL; } + if (libspdm_get_connection_version(spdm_context) >= SPDM_MESSAGE_VERSION_12) { if ((spdm_context->connection_info.algorithm.other_params_support & SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_MASK) != SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1) { diff --git a/library/spdm_requester_lib/libspdm_req_psk_exchange.c b/library/spdm_requester_lib/libspdm_req_psk_exchange.c index 7c4cd5565f8..452ec82e5e9 100644 --- a/library/spdm_requester_lib/libspdm_req_psk_exchange.c +++ b/library/spdm_requester_lib/libspdm_req_psk_exchange.c @@ -174,6 +174,17 @@ static libspdm_return_t libspdm_try_send_receive_psk_exchange( SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP)) { return LIBSPDM_STATUS_UNSUPPORTED_CAP; } + + /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm + * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. + */ + if (!libspdm_is_capabilities_flag_supported( + spdm_context, true, + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP, + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP)) { + return LIBSPDM_STATUS_UNSUPPORTED_CAP; + } + if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) { return LIBSPDM_STATUS_INVALID_STATE_LOCAL; } diff --git a/library/spdm_responder_lib/libspdm_rsp_capabilities.c b/library/spdm_responder_lib/libspdm_rsp_capabilities.c index fb1a9587283..a54ef6b021a 100644 --- a/library/spdm_responder_lib/libspdm_rsp_capabilities.c +++ b/library/spdm_responder_lib/libspdm_rsp_capabilities.c @@ -71,14 +71,7 @@ static bool libspdm_check_request_flag_compatibility(uint32_t capabilities_flag, } /* Checks that originate from key exchange capabilities. */ - if ((key_ex_cap == 1) || (psk_cap == 1)) { - /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm - * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. - */ - if (mac_cap == 0) { - return false; - } - } else { + if ((key_ex_cap == 0) && (psk_cap == 0)) { if ((mac_cap == 1) || (encrypt_cap == 1) || (handshake_in_the_clear_cap == 1) || (hbeat_cap == 1) || (key_upd_cap == 1)) { return false; @@ -144,6 +137,13 @@ static bool libspdm_check_request_flag_compatibility(uint32_t capabilities_flag, } } + /* Checks that are deferred to when a message is received. + * + * If the Requester supports key exchange then MAC_CAP must be set. In addition, if the + * negotiated SPDM version is greater than 1.1 then the negotiated opaque data format must be + * OpaqueDataFmt1. + */ + return true; } diff --git a/library/spdm_responder_lib/libspdm_rsp_key_exchange.c b/library/spdm_responder_lib/libspdm_rsp_key_exchange.c index 43347bd8ece..21111707692 100644 --- a/library/spdm_responder_lib/libspdm_rsp_key_exchange.c +++ b/library/spdm_responder_lib/libspdm_rsp_key_exchange.c @@ -232,6 +232,19 @@ libspdm_return_t libspdm_get_response_key_exchange(libspdm_context_t *spdm_conte spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST, SPDM_KEY_EXCHANGE, response_size, response); } + + /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm + * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. + */ + if (!libspdm_is_capabilities_flag_supported( + spdm_context, false, + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP, + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP)) { + return libspdm_generate_error_response( + spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST, + SPDM_KEY_EXCHANGE, response_size, response); + } + if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) { return libspdm_generate_error_response(spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST, diff --git a/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c b/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c index 8e7968c8501..d7dcc77367f 100644 --- a/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c +++ b/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c @@ -132,6 +132,19 @@ libspdm_return_t libspdm_get_response_psk_exchange(libspdm_context_t *spdm_conte spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST, SPDM_PSK_EXCHANGE, response_size, response); } + + /* While clearing MAC_CAP and setting ENCRYPT_CAP is legal according to DSP0274, libspdm + * also implements DSP0277 secure messages, which requires at least MAC_CAP to be set. + */ + if (!libspdm_is_capabilities_flag_supported( + spdm_context, false, + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP, + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP)) { + return libspdm_generate_error_response( + spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST, + SPDM_KEY_EXCHANGE, response_size, response); + } + if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) { return libspdm_generate_error_response(spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST, diff --git a/unit_test/test_spdm_requester/error_test/get_capabilities_err.c b/unit_test/test_spdm_requester/error_test/get_capabilities_err.c index e7870166b62..46a94ecee56 100644 --- a/unit_test/test_spdm_requester/error_test/get_capabilities_err.c +++ b/unit_test/test_spdm_requester/error_test/get_capabilities_err.c @@ -592,93 +592,13 @@ static libspdm_return_t libspdm_requester_get_capabilities_test_receive_message( } return LIBSPDM_STATUS_SUCCESS; - case 0x14: { - spdm_capabilities_response_t *spdm_response; - size_t spdm_response_size; - size_t transport_header_size; - - spdm_response_size = sizeof(spdm_capabilities_response_t); - transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; - spdm_response = (void *)((uint8_t *)*response + transport_header_size); - - libspdm_zero_mem(spdm_response, spdm_response_size); - spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; - spdm_response->header.request_response_code = SPDM_CAPABILITIES; - spdm_response->header.param1 = 0; - spdm_response->header.param2 = 0; - spdm_response->ct_exponent = 0; - spdm_response->flags = - LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & - (0xFFFFFFFF ^ - (SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)); - - libspdm_transport_test_encode_message(spdm_context, NULL, false, - false, spdm_response_size, - spdm_response, - response_size, response); - } + case 0x14: return LIBSPDM_STATUS_SUCCESS; - case 0x15: { - spdm_capabilities_response_t *spdm_response; - size_t spdm_response_size; - size_t transport_header_size; - - spdm_response_size = sizeof(spdm_capabilities_response_t); - transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; - spdm_response = (void *)((uint8_t *)*response + transport_header_size); - - libspdm_zero_mem(spdm_response, spdm_response_size); - spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; - spdm_response->header.request_response_code = SPDM_CAPABILITIES; - spdm_response->header.param1 = 0; - spdm_response->header.param2 = 0; - spdm_response->ct_exponent = 0; - spdm_response->flags = - LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & - (0xFFFFFFFF ^ - (SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)); - - libspdm_transport_test_encode_message(spdm_context, NULL, false, - false, spdm_response_size, - spdm_response, - response_size, response); - } + case 0x15: return LIBSPDM_STATUS_SUCCESS; - case 0x16: { - spdm_capabilities_response_t *spdm_response; - size_t spdm_response_size; - size_t transport_header_size; - - spdm_response_size = sizeof(spdm_capabilities_response_t); - transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; - spdm_response = (void *)((uint8_t *)*response + transport_header_size); - - libspdm_zero_mem(spdm_response, spdm_response_size); - spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; - spdm_response->header.request_response_code = SPDM_CAPABILITIES; - spdm_response->header.param1 = 0; - spdm_response->header.param2 = 0; - spdm_response->ct_exponent = 0; - spdm_response->flags = - LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & - (0xFFFFFFFF ^ - (SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)); - - libspdm_transport_test_encode_message(spdm_context, NULL, false, - false, spdm_response_size, - spdm_response, - response_size, response); - } + case 0x16: return LIBSPDM_STATUS_SUCCESS; case 0x17: { @@ -735,33 +655,7 @@ static libspdm_return_t libspdm_requester_get_capabilities_test_receive_message( } return LIBSPDM_STATUS_SUCCESS; - case 0x19: { - spdm_capabilities_response_t *spdm_response; - size_t spdm_response_size; - size_t transport_header_size; - - spdm_response_size = sizeof(spdm_capabilities_response_t); - transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; - spdm_response = (void *)((uint8_t *)*response + transport_header_size); - - libspdm_zero_mem(spdm_response, spdm_response_size); - spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_11; - spdm_response->header.request_response_code = SPDM_CAPABILITIES; - spdm_response->header.param1 = 0; - spdm_response->header.param2 = 0; - spdm_response->ct_exponent = 0; - spdm_response->flags = - LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & - (0xFFFFFFFF ^ - (SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP)); - - libspdm_transport_test_encode_message(spdm_context, NULL, false, - false, spdm_response_size, - spdm_response, - response_size, response); - } + case 0x19: return LIBSPDM_STATUS_SUCCESS; case 0x1a: { @@ -1500,68 +1394,14 @@ static void libspdm_test_requester_get_capabilities_err_case19(void **state) static void libspdm_test_requester_get_capabilities_err_case20(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x14; - spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << - SPDM_VERSION_NUMBER_SHIFT_BIT; - spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - libspdm_reset_message_a(spdm_context); - - spdm_context->local_context.capability.ct_exponent = 0; - spdm_context->local_context.capability.flags = LIBSPDM_DEFAULT_CAPABILITY_FLAG_VERSION_11; - status = libspdm_get_capabilities(spdm_context); - assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); - /*assert_int_equal (spdm_context->connection_info.capability.ct_exponent, 0); - * assert_int_equal (spdm_context->connection_info.capability.flags, LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & (0xFFFFFFFF^(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)));*/ } static void libspdm_test_requester_get_capabilities_err_case21(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x15; - spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << - SPDM_VERSION_NUMBER_SHIFT_BIT; - spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - libspdm_reset_message_a(spdm_context); - - spdm_context->local_context.capability.ct_exponent = 0; - spdm_context->local_context.capability.flags = LIBSPDM_DEFAULT_CAPABILITY_FLAG_VERSION_11; - status = libspdm_get_capabilities(spdm_context); - assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); - /*assert_int_equal (spdm_context->connection_info.capability.ct_exponent, 0); - * assert_int_equal (spdm_context->connection_info.capability.flags, LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & (0xFFFFFFFF^(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)));*/ } static void libspdm_test_requester_get_capabilities_err_case22(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x16; - spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << - SPDM_VERSION_NUMBER_SHIFT_BIT; - spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - libspdm_reset_message_a(spdm_context); - - spdm_context->local_context.capability.ct_exponent = 0; - spdm_context->local_context.capability.flags = LIBSPDM_DEFAULT_CAPABILITY_FLAG_VERSION_11; - status = libspdm_get_capabilities(spdm_context); - assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); - /*assert_int_equal (spdm_context->connection_info.capability.ct_exponent, 0); - * assert_int_equal (spdm_context->connection_info.capability.flags, LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & (0xFFFFFFFF^(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP)));*/ } static void libspdm_test_requester_get_capabilities_err_case23(void **state) @@ -1610,24 +1450,6 @@ static void libspdm_test_requester_get_capabilities_err_case24(void **state) static void libspdm_test_requester_get_capabilities_err_case25(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x19; - spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 << - SPDM_VERSION_NUMBER_SHIFT_BIT; - spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - libspdm_reset_message_a(spdm_context); - - spdm_context->local_context.capability.ct_exponent = 0; - spdm_context->local_context.capability.flags = LIBSPDM_DEFAULT_CAPABILITY_FLAG_VERSION_11; - status = libspdm_get_capabilities(spdm_context); - assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); - /*assert_int_equal (spdm_context->connection_info.capability.ct_exponent, 0); - * assert_int_equal (spdm_context->connection_info.capability.flags, LIBSPDM_DEFAULT_CAPABILITY_RESPONSE_FLAG_VERSION_11 & (0xFFFFFFFF^(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP)));*/ } static void libspdm_test_requester_get_capabilities_err_case26(void **state) diff --git a/unit_test/test_spdm_requester/error_test/key_exchange_err.c b/unit_test/test_spdm_requester/error_test/key_exchange_err.c index cb7c8508bb9..4815e479cc8 100644 --- a/unit_test/test_spdm_requester/error_test/key_exchange_err.c +++ b/unit_test/test_spdm_requester/error_test/key_exchange_err.c @@ -4684,9 +4684,11 @@ static void libspdm_test_requester_key_exchange_err_case1(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -4753,9 +4755,11 @@ static void libspdm_test_requester_key_exchange_err_case2(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; @@ -4830,9 +4834,11 @@ static void libspdm_test_requester_key_exchange_err_case3(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -4899,9 +4905,11 @@ static void libspdm_test_requester_key_exchange_err_case4(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -4968,9 +4976,11 @@ static void libspdm_test_requester_key_exchange_err_case5(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5064,9 +5074,11 @@ static void libspdm_test_requester_key_exchange_err_case7(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5135,9 +5147,11 @@ static void libspdm_test_requester_key_exchange_err_case8(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5201,9 +5215,11 @@ static void libspdm_test_requester_key_exchange_err_case9(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_force_error (LIBSPDM_ERR_ACQUIRE_SENDER_BUFFER); status = libspdm_send_receive_key_exchange( @@ -5312,9 +5328,11 @@ static void libspdm_test_requester_key_exchange_err_case11(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_force_error (LIBSPDM_ERR_ACQUIRE_RECEIVER_BUFFER); status = libspdm_send_receive_key_exchange( @@ -5344,9 +5362,11 @@ static void libspdm_test_requester_key_exchange_err_case12(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; status = libspdm_send_receive_key_exchange( spdm_context, SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0, @@ -5374,9 +5394,11 @@ static void libspdm_test_requester_key_exchange_err_case13(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; status = libspdm_send_receive_key_exchange( spdm_context, SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0, @@ -5404,9 +5426,11 @@ static void libspdm_test_requester_key_exchange_err_case14(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; status = libspdm_send_receive_key_exchange( spdm_context, SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0, @@ -5838,9 +5862,11 @@ static void libspdm_test_requester_key_exchange_err_case21(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; status = libspdm_send_receive_key_exchange( spdm_context, SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH, 0, 0, @@ -5904,9 +5930,11 @@ static void libspdm_test_requester_key_exchange_err_case23(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP; spdm_context->local_context.capability.flags = SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP | SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CERT_CAP; diff --git a/unit_test/test_spdm_requester/key_exchange.c b/unit_test/test_spdm_requester/key_exchange.c index 198d9f0c04c..62c54ae7d52 100644 --- a/unit_test/test_spdm_requester/key_exchange.c +++ b/unit_test/test_spdm_requester/key_exchange.c @@ -5326,9 +5326,11 @@ static void libspdm_test_requester_key_exchange_case1(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5395,9 +5397,11 @@ static void libspdm_test_requester_key_exchange_case2(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; @@ -5472,9 +5476,11 @@ static void libspdm_test_requester_key_exchange_case3(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5541,9 +5547,11 @@ static void libspdm_test_requester_key_exchange_case4(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5610,9 +5618,11 @@ static void libspdm_test_requester_key_exchange_case5(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5680,9 +5690,11 @@ static void libspdm_test_requester_key_exchange_case6(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5754,9 +5766,11 @@ static void libspdm_test_requester_key_exchange_case7(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5825,9 +5839,11 @@ static void libspdm_test_requester_key_exchange_case8(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -5895,9 +5911,11 @@ static void libspdm_test_requester_key_exchange_case9(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -6052,9 +6070,11 @@ static void libspdm_test_requester_key_exchange_case11(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -7660,9 +7680,11 @@ static void libspdm_test_requester_key_exchange_case29(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); @@ -7740,9 +7762,11 @@ static void libspdm_test_requester_key_exchange_case30(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; @@ -7832,9 +7856,11 @@ static void libspdm_test_requester_key_exchange_case31(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; @@ -7926,9 +7952,11 @@ void libspdm_test_requester_key_exchange_case32(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP; spdm_context->local_context.capability.flags |= @@ -7992,9 +8020,11 @@ static void libspdm_test_requester_key_exchange_case33(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT; @@ -8086,9 +8116,11 @@ static void libspdm_test_requester_key_exchange_case34(void **state) SPDM_VERSION_NUMBER_SHIFT_BIT; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.secured_message_version.spdm_version_count = 1; spdm_context->local_context.secured_message_version.spdm_version[0] = SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT; diff --git a/unit_test/test_spdm_requester/psk_exchange.c b/unit_test/test_spdm_requester/psk_exchange.c index 4e9792e8c76..2d73cff3cd2 100644 --- a/unit_test/test_spdm_requester/psk_exchange.c +++ b/unit_test/test_spdm_requester/psk_exchange.c @@ -3132,9 +3132,11 @@ void libspdm_test_requester_psk_exchange_case1(void **state) spdm_context->connection_info.capability.flags &= ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP); spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP_RESPONDER_WITH_CONTEXT; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP_RESPONDER_WITH_CONTEXT | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP_REQUESTER; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP_REQUESTER | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo, m_libspdm_use_asym_algo, &data, &data_size, &hash, &hash_size); diff --git a/unit_test/test_spdm_responder/capabilities.c b/unit_test/test_spdm_responder/capabilities.c index 7b5f854b4d0..d0129d44ac6 100644 --- a/unit_test/test_spdm_responder/capabilities.c +++ b/unit_test/test_spdm_responder/capabilities.c @@ -837,64 +837,10 @@ void libspdm_test_responder_capabilities_case15(void **state) void libspdm_test_responder_capabilities_case16(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - size_t response_size; - uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; - spdm_capabilities_response_t *spdm_response; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x10; - spdm_context->connection_info.connection_state = - LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - - response_size = sizeof(response); - status = libspdm_get_response_capabilities( - spdm_context, m_libspdm_get_capabilities_request12_size, - &m_libspdm_get_capabilities_request12, &response_size, response); - assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); - assert_int_equal(response_size, sizeof(spdm_error_response_t)); - spdm_response = (void *)response; - assert_int_equal(m_libspdm_get_capabilities_request12.header.spdm_version, - spdm_response->header.spdm_version); - assert_int_equal(spdm_response->header.request_response_code, - SPDM_ERROR); - assert_int_equal(spdm_response->header.param1, - SPDM_ERROR_CODE_INVALID_REQUEST); - assert_int_equal(spdm_response->header.param2, 0); } void libspdm_test_responder_capabilities_case17(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - size_t response_size; - uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; - spdm_capabilities_response_t *spdm_response; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x11; - spdm_context->connection_info.connection_state = - LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - - response_size = sizeof(response); - status = libspdm_get_response_capabilities( - spdm_context, m_libspdm_get_capabilities_request13_size, - &m_libspdm_get_capabilities_request13, &response_size, response); - assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); - assert_int_equal(response_size, sizeof(spdm_error_response_t)); - spdm_response = (void *)response; - assert_int_equal(m_libspdm_get_capabilities_request13.header.spdm_version, - spdm_response->header.spdm_version); - assert_int_equal(spdm_response->header.request_response_code, - SPDM_ERROR); - assert_int_equal(spdm_response->header.param1, - SPDM_ERROR_CODE_INVALID_REQUEST); - assert_int_equal(spdm_response->header.param2, 0); } void libspdm_test_responder_capabilities_case18(void **state) @@ -994,33 +940,6 @@ void libspdm_test_responder_capabilities_case20(void **state) void libspdm_test_responder_capabilities_case21(void **state) { - libspdm_return_t status; - libspdm_test_context_t *spdm_test_context; - libspdm_context_t *spdm_context; - size_t response_size; - uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; - spdm_capabilities_response_t *spdm_response; - - spdm_test_context = *state; - spdm_context = spdm_test_context->spdm_context; - spdm_test_context->case_id = 0x15; - spdm_context->connection_info.connection_state = - LIBSPDM_CONNECTION_STATE_AFTER_VERSION; - - response_size = sizeof(response); - status = libspdm_get_response_capabilities( - spdm_context, m_libspdm_get_capabilities_request17_size, - &m_libspdm_get_capabilities_request17, &response_size, response); - assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); - assert_int_equal(response_size, sizeof(spdm_error_response_t)); - spdm_response = (void *)response; - assert_int_equal(m_libspdm_get_capabilities_request17.header.spdm_version, - spdm_response->header.spdm_version); - assert_int_equal(spdm_response->header.request_response_code, - SPDM_ERROR); - assert_int_equal(spdm_response->header.param1, - SPDM_ERROR_CODE_INVALID_REQUEST); - assert_int_equal(spdm_response->header.param2, 0); } void libspdm_test_responder_capabilities_case22(void **state) @@ -1254,9 +1173,9 @@ int libspdm_responder_capabilities_test_main(void) cmocka_unit_test(libspdm_test_responder_capabilities_case14), /* mac_cap set and key_ex_cap and psk_cap cleared (mac_cap demands key_ex_cap or psk_cap to be set)*/ cmocka_unit_test(libspdm_test_responder_capabilities_case15), - /* key_ex_cap set and encrypt_cap and mac_cap cleared (key_ex_cap demands encrypt_cap or mac_cap to be set)*/ + /* Open test case */ cmocka_unit_test(libspdm_test_responder_capabilities_case16), - /* psk_cap set and encrypt_cap and mac_cap cleared (psk_cap demands encrypt_cap or mac_cap to be set)*/ + /* Open test case */ cmocka_unit_test(libspdm_test_responder_capabilities_case17), /* encap_cap cleared and MUT_AUTH set (MUT_AUTH demands encap_cap to be set)*/ cmocka_unit_test(libspdm_test_responder_capabilities_case18), @@ -1264,7 +1183,7 @@ int libspdm_responder_capabilities_test_main(void) cmocka_unit_test(libspdm_test_responder_capabilities_case19), /* key_ex_cap cleared and handshake_in_the_clear_cap set (handshake_in_the_clear_cap demands key_ex_cap to be set)*/ cmocka_unit_test(libspdm_test_responder_capabilities_case20), - /* encrypt_cap and mac_cap cleared and handshake_in_the_clear_cap set (handshake_in_the_clear_cap shall be cleared if encrypt_cap and mac_cap are cleared)*/ + /* Open test case */ cmocka_unit_test(libspdm_test_responder_capabilities_case21), /* cert_cap cleared and pub_key_id_cap set (pub_key_id_cap demands cert_cap to be cleared)*/ cmocka_unit_test(libspdm_test_responder_capabilities_case22), diff --git a/unit_test/test_spdm_responder/key_exchange.c b/unit_test/test_spdm_responder/key_exchange.c index 50c418209e6..52b35acbaa2 100644 --- a/unit_test/test_spdm_responder/key_exchange.c +++ b/unit_test/test_spdm_responder/key_exchange.c @@ -112,9 +112,11 @@ void libspdm_test_responder_key_exchange_case1(void **state) spdm_test_context->case_id = 0x1; spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; @@ -194,9 +196,11 @@ void libspdm_test_responder_key_exchange_case2(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -276,9 +280,11 @@ void libspdm_test_responder_key_exchange_case3(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -359,9 +365,11 @@ void libspdm_test_responder_key_exchange_case4(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -445,9 +453,11 @@ void libspdm_test_responder_key_exchange_case5(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -535,9 +545,11 @@ void libspdm_test_responder_key_exchange_case6(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -616,9 +628,11 @@ void libspdm_test_responder_key_exchange_case7(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -727,9 +741,11 @@ void libspdm_test_responder_key_exchange_case8(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; spdm_context->connection_info.algorithm.base_hash_algo = @@ -845,9 +861,11 @@ void libspdm_test_responder_key_exchange_case9(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; spdm_context->connection_info.algorithm.base_hash_algo = @@ -963,9 +981,11 @@ void libspdm_test_responder_key_exchange_case10(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP; spdm_context->connection_info.algorithm.base_hash_algo = @@ -1057,9 +1077,11 @@ void libspdm_test_responder_key_exchange_case11(void **state) /*set capabilities flags */ spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -1144,9 +1166,11 @@ void libspdm_test_responder_key_exchange_case14(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags = - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP; spdm_context->local_context.capability.flags |= @@ -1239,10 +1263,11 @@ void libspdm_test_responder_key_exchange_case15(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags = - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; - + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP; spdm_context->local_context.capability.flags |= @@ -1341,9 +1366,11 @@ void libspdm_test_responder_key_exchange_case16(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; @@ -1431,9 +1458,11 @@ void libspdm_test_responder_key_exchange_case17(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec; @@ -1521,9 +1550,11 @@ void libspdm_test_responder_key_exchange_case18(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -1605,10 +1636,12 @@ void libspdm_test_responder_key_exchange_case19(void **state) LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = 0; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags = 0; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = @@ -1733,9 +1766,11 @@ void libspdm_test_responder_key_exchange_case20(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags = - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags = SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; @@ -1834,9 +1869,11 @@ void libspdm_test_responder_key_exchange_case21(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec; diff --git a/unit_test/test_spdm_responder/psk_exchange.c b/unit_test/test_spdm_responder/psk_exchange.c index 55d5809b093..7a3b736f7ee 100644 --- a/unit_test/test_spdm_responder/psk_exchange.c +++ b/unit_test/test_spdm_responder/psk_exchange.c @@ -133,9 +133,11 @@ void libspdm_test_responder_psk_exchange_case1(void **state) spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NEGOTIATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->local_context.capability.flags |= - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP; + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.measurement_spec = diff --git a/unit_test/test_spdm_responder/respond_if_ready.c b/unit_test/test_spdm_responder/respond_if_ready.c index 2639f49e98c..9ae2f4d2716 100644 --- a/unit_test/test_spdm_responder/respond_if_ready.c +++ b/unit_test/test_spdm_responder/respond_if_ready.c @@ -601,9 +601,12 @@ void libspdm_test_responder_respond_if_ready_case5(void **state) { /*state for the the original request (KEY_EXCHANGE)*/ spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AUTHENTICATED; spdm_context->connection_info.capability.flags |= - SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP; - spdm_context->local_context.capability.flags = SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | - SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; + spdm_context->local_context.capability.flags = + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec; @@ -834,8 +837,12 @@ void libspdm_test_responder_respond_if_ready_case7(void **state) { /*state for the the original request (PSK_EXCHANGE)*/ spdm_context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_AUTHENTICATED; spdm_context->local_context.capability.flags = 0; - spdm_context->connection_info.capability.flags |= SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP; - spdm_context->local_context.capability.flags |= SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP; + spdm_context->connection_info.capability.flags |= + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; + spdm_context->local_context.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP | + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP; spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo; spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo; spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;