From f4ff7a2fc3882d2c4873deb69e1cc76607a67d22 Mon Sep 17 00:00:00 2001 From: Xiao Date: Thu, 12 Sep 2024 13:22:16 +0800 Subject: [PATCH] Add unit tests and fuzz tests for set_key_pair_info Signed-off-by: Xiao --- CMakeLists.txt | 2 + unit_test/fuzzing/fuzzing_AFL.sh | 2 + unit_test/fuzzing/fuzzing_AFLTurbo.sh | 2 + unit_test/fuzzing/fuzzing_AFLplusplus.sh | 2 + unit_test/fuzzing/fuzzing_LibFuzzer.sh | 2 + unit_test/fuzzing/oss_fuzz.sh | 2 + unit_test/fuzzing/run_initial_seed.sh | 2 + .../set_key_pair_info_response.raw | Bin 0 -> 23 bytes .../set_key_pair_info_request.raw | Bin 0 -> 13 bytes .../CMakeLists.txt | 65 +++++ .../set_key_pair_info.c | 142 ++++++++++ .../CMakeLists.txt | 66 +++++ .../set_key_pair_info_ack.c | 80 ++++++ .../test_spdm_requester/set_key_pair_info.c | 141 +++++++++- .../set_key_pair_info_ack.c | 250 +++++++++++++++++- 15 files changed, 745 insertions(+), 13 deletions(-) create mode 100644 unit_test/fuzzing/seeds/test_spdm_requester_set_key_pair_info/set_key_pair_info_response.raw create mode 100644 unit_test/fuzzing/seeds/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_request.raw create mode 100644 unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info/CMakeLists.txt create mode 100644 unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info/set_key_pair_info.c create mode 100644 unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/CMakeLists.txt create mode 100644 unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_ack.c diff --git a/CMakeLists.txt b/CMakeLists.txt index ec6519b617f..12c70a92cb2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1021,6 +1021,8 @@ else() add_subdirectory(unit_test/fuzzing/test_responder/test_spdm_responder_measurement_extension_log) add_subdirectory(unit_test/fuzzing/test_requester/test_spdm_requester_get_key_pair_info) add_subdirectory(unit_test/fuzzing/test_responder/test_spdm_responder_key_pair_info) + add_subdirectory(unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info) + add_subdirectory(unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack) endif() add_subdirectory(os_stub/cryptlib_null) diff --git a/unit_test/fuzzing/fuzzing_AFL.sh b/unit_test/fuzzing/fuzzing_AFL.sh index 86b30cc2dde..5e08fa75926 100755 --- a/unit_test/fuzzing/fuzzing_AFL.sh +++ b/unit_test/fuzzing/fuzzing_AFL.sh @@ -163,6 +163,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) for ((i=0;i<${#cmds[*]};i++)) do diff --git a/unit_test/fuzzing/fuzzing_AFLTurbo.sh b/unit_test/fuzzing/fuzzing_AFLTurbo.sh index 19a02d6e662..55540a45c23 100755 --- a/unit_test/fuzzing/fuzzing_AFLTurbo.sh +++ b/unit_test/fuzzing/fuzzing_AFLTurbo.sh @@ -164,6 +164,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) export FUZZ_START_TIME=`date +%Y-%m-%d_%H:%M:%S` diff --git a/unit_test/fuzzing/fuzzing_AFLplusplus.sh b/unit_test/fuzzing/fuzzing_AFLplusplus.sh index f48f1493d7b..6d60449bfcc 100644 --- a/unit_test/fuzzing/fuzzing_AFLplusplus.sh +++ b/unit_test/fuzzing/fuzzing_AFLplusplus.sh @@ -172,6 +172,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) export FUZZ_START_TIME=`date +%Y-%m-%d_%H:%M:%S` diff --git a/unit_test/fuzzing/fuzzing_LibFuzzer.sh b/unit_test/fuzzing/fuzzing_LibFuzzer.sh index 1be6e30c3b3..56c19d4f75f 100755 --- a/unit_test/fuzzing/fuzzing_LibFuzzer.sh +++ b/unit_test/fuzzing/fuzzing_LibFuzzer.sh @@ -134,6 +134,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) object_parameters=() cp -r $fuzzing_seeds ./ diff --git a/unit_test/fuzzing/oss_fuzz.sh b/unit_test/fuzzing/oss_fuzz.sh index 3ace18548b9..70068bf30df 100755 --- a/unit_test/fuzzing/oss_fuzz.sh +++ b/unit_test/fuzzing/oss_fuzz.sh @@ -118,6 +118,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) for ((i=0;i<${#cmds[*]};i++)) diff --git a/unit_test/fuzzing/run_initial_seed.sh b/unit_test/fuzzing/run_initial_seed.sh index 8c69b5497ac..e3081835b1e 100755 --- a/unit_test/fuzzing/run_initial_seed.sh +++ b/unit_test/fuzzing/run_initial_seed.sh @@ -55,6 +55,8 @@ test_spdm_responder_measurement_extension_log test_spdm_requester_get_measurement_extension_log test_spdm_requester_get_key_pair_info test_spdm_responder_key_pair_info +test_spdm_requester_set_key_pair_info +test_spdm_responder_set_key_pair_info_ack ) flag=0 diff --git a/unit_test/fuzzing/seeds/test_spdm_requester_set_key_pair_info/set_key_pair_info_response.raw b/unit_test/fuzzing/seeds/test_spdm_requester_set_key_pair_info/set_key_pair_info_response.raw new file mode 100644 index 0000000000000000000000000000000000000000..4ca2caf55242ab462f3e387c08c2c9449e9bfcdc GIT binary patch literal 23 OcmWfxWnf@rzyJUYodA*m literal 0 HcmV?d00001 diff --git a/unit_test/fuzzing/seeds/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_request.raw b/unit_test/fuzzing/seeds/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_request.raw new file mode 100644 index 0000000000000000000000000000000000000000..784e00af25ac40e2a5ba43beff4b31ff2168d192 GIT binary patch literal 13 UcmWgs%fP_Gz{tSCz`(!(01Z0 + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + ) +else() + target_link_libraries(test_spdm_requester_set_key_pair_info + PRIVATE + memlib + debuglib + spdm_requester_lib + spdm_common_lib + ${CRYPTO_LIB_PATHS} + rnglib + platform_lib_null + cryptlib_${CRYPTO} + malloclib + spdm_crypt_lib + spdm_crypt_ext_lib + spdm_secured_message_lib + spdm_transport_test_lib + spdm_device_secret_lib_null + ) +endif() diff --git a/unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info/set_key_pair_info.c b/unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info/set_key_pair_info.c new file mode 100644 index 00000000000..574ef5553ff --- /dev/null +++ b/unit_test/fuzzing/test_requester/test_spdm_requester_set_key_pair_info/set_key_pair_info.c @@ -0,0 +1,142 @@ +/** + * Copyright Notice: + * Copyright 2024 DMTF. All rights reserved. + * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md + **/ + +#include "spdm_unit_fuzzing.h" +#include "toolchain_harness.h" +#include "internal/libspdm_requester_lib.h" + +#if LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP + +#define LIBSPDM_MAX_key_pair_info_SIZE 0x1000 + +uint8_t temp_buf[LIBSPDM_MAX_key_pair_info_SIZE]; + +size_t libspdm_get_max_buffer_size(void) +{ + return LIBSPDM_MAX_SPDM_MSG_SIZE; +} + +libspdm_return_t libspdm_device_send_message(void *spdm_context, + size_t request_size, const void *request, + uint64_t timeout) +{ + return LIBSPDM_STATUS_SUCCESS; +} + +libspdm_return_t libspdm_device_receive_message(void *spdm_context, + size_t *response_size, + void **response, + uint64_t timeout) +{ + libspdm_test_context_t *spdm_test_context; + uint8_t *spdm_response; + size_t spdm_response_size; + size_t test_message_header_size; + + spdm_test_context = libspdm_get_test_context(); + test_message_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; + libspdm_zero_mem(temp_buf, sizeof(temp_buf)); + spdm_response = (void *)((uint8_t *)temp_buf + test_message_header_size); + spdm_response_size = spdm_test_context->test_buffer_size; + if (spdm_response_size > sizeof(temp_buf) - test_message_header_size - LIBSPDM_TEST_ALIGNMENT) { + spdm_response_size = sizeof(temp_buf) - test_message_header_size - LIBSPDM_TEST_ALIGNMENT; + } + libspdm_copy_mem((uint8_t *)temp_buf + test_message_header_size, + sizeof(temp_buf) - test_message_header_size, + spdm_test_context->test_buffer, + spdm_response_size); + + libspdm_transport_test_encode_message(spdm_context, NULL, false, false, + spdm_response_size, + spdm_response, response_size, response); + + return LIBSPDM_STATUS_SUCCESS; +} + +void libspdm_test_requester_set_key_pair_info(void **State) +{ + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + + uint8_t key_pair_id; + uint8_t operation; + uint16_t desired_key_usage; + uint32_t desired_asym_algo; + uint8_t desired_assoc_cert_slot_mask; + + + spdm_test_context = *State; + spdm_context = spdm_test_context->spdm_context; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->connection_info.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP; + + key_pair_id = 1; + operation = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION; + desired_key_usage = 0; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0; + libspdm_set_key_pair_info(spdm_context, NULL, key_pair_id, + operation, desired_key_usage, desired_asym_algo, + desired_assoc_cert_slot_mask); + + key_pair_id = 1; + operation = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION; + desired_key_usage = 0; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0; + libspdm_set_key_pair_info(spdm_context, NULL, key_pair_id, + operation, desired_key_usage, desired_asym_algo, + desired_assoc_cert_slot_mask); + + + key_pair_id = 1; + operation = SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION; + desired_key_usage = 0; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0; + libspdm_set_key_pair_info(spdm_context, NULL, key_pair_id, + operation, desired_key_usage, desired_asym_algo, + desired_assoc_cert_slot_mask); + +} + +libspdm_test_context_t m_libspdm_requester_set_key_pair_info_test_context = { + LIBSPDM_TEST_CONTEXT_VERSION, + true, + libspdm_device_send_message, + libspdm_device_receive_message, +}; + + +void libspdm_run_test_harness(void *test_buffer, size_t test_buffer_size) +{ + void *State; + + libspdm_setup_test_context(&m_libspdm_requester_set_key_pair_info_test_context); + + m_libspdm_requester_set_key_pair_info_test_context.test_buffer = test_buffer; + m_libspdm_requester_set_key_pair_info_test_context.test_buffer_size = + test_buffer_size; + + libspdm_unit_test_group_setup(&State); + libspdm_test_requester_set_key_pair_info(&State); + libspdm_unit_test_group_teardown(&State); +} +#else +size_t libspdm_get_max_buffer_size(void) +{ + return 0; +} + +void libspdm_run_test_harness(void *test_buffer, size_t test_buffer_size){ + +} +#endif /* LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP*/ diff --git a/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/CMakeLists.txt b/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/CMakeLists.txt new file mode 100644 index 00000000000..a6b05d614c1 --- /dev/null +++ b/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/CMakeLists.txt @@ -0,0 +1,66 @@ +cmake_minimum_required(VERSION 3.5) + +add_executable(test_spdm_responder_set_key_pair_info_ack) + +target_include_directories(test_spdm_responder_set_key_pair_info_ack + PRIVATE + ${LIBSPDM_DIR}/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack + ${LIBSPDM_DIR}/include + ${LIBSPDM_DIR}/unit_test/include + ${LIBSPDM_DIR}/unit_test/fuzzing/spdm_unit_fuzzing_common + ${LIBSPDM_DIR}/os_stub/spdm_device_secret_lib_sample + ${LIBSPDM_DIR}/os_stub/include + ${LIBSPDM_DIR}/os_stub +) + +if(TOOLCHAIN STREQUAL "KLEE") + target_include_directories(test_spdm_responder_set_key_pair_info_ack + PRIVATE + $ENV{KLEE_SRC_PATH}/include + ) +endif() + +target_sources(test_spdm_responder_set_key_pair_info_ack + PRIVATE + set_key_pair_info_ack.c + ${PROJECT_SOURCE_DIR}/unit_test/fuzzing/spdm_unit_fuzzing_common/common.c + ${PROJECT_SOURCE_DIR}/unit_test/fuzzing/spdm_unit_fuzzing_common/toolchain_harness.c + ${PROJECT_SOURCE_DIR}/unit_test/fuzzing/spdm_unit_fuzzing_common/algo.c + ) + +if((TOOLCHAIN STREQUAL "KLEE") OR (TOOLCHAIN STREQUAL "CBMC")) + target_link_libraries(test_spdm_responder_set_key_pair_info_ack + PRIVATE + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + $ + ) +else() + target_link_libraries(test_spdm_responder_set_key_pair_info_ack + PRIVATE + memlib + debuglib + spdm_responder_lib + spdm_common_lib + ${CRYPTO_LIB_PATHS} + rnglib + cryptlib_${CRYPTO} + malloclib + spdm_crypt_lib + spdm_crypt_ext_lib + spdm_secured_message_lib + spdm_transport_test_lib + platform_lib_null + spdm_device_secret_lib_sample + ) +endif() diff --git a/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_ack.c b/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_ack.c new file mode 100644 index 00000000000..a5478488345 --- /dev/null +++ b/unit_test/fuzzing/test_responder/test_spdm_responder_set_key_pair_info_ack/set_key_pair_info_ack.c @@ -0,0 +1,80 @@ +/** + * Copyright Notice: + * Copyright 2024 DMTF. All rights reserved. + * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md + **/ + +#include "spdm_unit_fuzzing.h" +#include "toolchain_harness.h" +#include "internal/libspdm_responder_lib.h" + +#if LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP + +size_t libspdm_get_max_buffer_size(void) +{ + return LIBSPDM_MAX_SPDM_MSG_SIZE; +} + +void libspdm_test_responder_set_key_pair_info_ack(void **State) +{ + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + size_t response_size; + uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; + + spdm_test_context = *State; + spdm_context = spdm_test_context->spdm_context; + + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_AUTHENTICATED; + spdm_context->connection_info.algorithm.base_asym_algo = + m_libspdm_use_asym_algo; + spdm_context->local_context.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP; + spdm_context->local_context.total_key_pairs = 16; + + response_size = sizeof(response); + libspdm_get_response_set_key_pair_info_ack(spdm_context, + spdm_test_context->test_buffer_size, + spdm_test_context->test_buffer, + &response_size, response); +} + +libspdm_test_context_t m_libspdm_responder_set_key_pair_info_ack_test_context = { + LIBSPDM_TEST_CONTEXT_VERSION, + false, +}; + +void libspdm_run_test_harness(void *test_buffer, size_t test_buffer_size) +{ + void *State; + spdm_message_header_t *spdm_request_header; + libspdm_setup_test_context(&m_libspdm_responder_set_key_pair_info_ack_test_context); + + spdm_request_header = (spdm_message_header_t*)test_buffer; + + if (spdm_request_header->request_response_code != SPDM_SET_KEY_PAIR_INFO) { + spdm_request_header->request_response_code = SPDM_SET_KEY_PAIR_INFO; + } + + m_libspdm_responder_set_key_pair_info_ack_test_context.test_buffer = test_buffer; + m_libspdm_responder_set_key_pair_info_ack_test_context.test_buffer_size = + test_buffer_size; + + /* Success Case*/ + libspdm_unit_test_group_setup(&State); + libspdm_test_responder_set_key_pair_info_ack(&State); + libspdm_unit_test_group_teardown(&State); +} +#else +size_t libspdm_get_max_buffer_size(void) +{ + return 0; +} + +void libspdm_run_test_harness(void *test_buffer, size_t test_buffer_size){ + +} +#endif /* LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP*/ diff --git a/unit_test/test_spdm_requester/set_key_pair_info.c b/unit_test/test_spdm_requester/set_key_pair_info.c index b101bdb2ed5..cb3a6e367f7 100644 --- a/unit_test/test_spdm_requester/set_key_pair_info.c +++ b/unit_test/test_spdm_requester/set_key_pair_info.c @@ -19,6 +19,8 @@ libspdm_return_t libspdm_requester_set_key_pair_info_test_send_message( spdm_test_context = libspdm_get_test_context(); switch (spdm_test_context->case_id) { case 0x1: + case 0x2: + case 0x3: return LIBSPDM_STATUS_SUCCESS; default: return LIBSPDM_STATUS_SEND_FAIL; @@ -54,6 +56,48 @@ libspdm_return_t libspdm_requester_set_key_pair_info_test_receive_message( response); } return LIBSPDM_STATUS_SUCCESS; + case 0x2: { + spdm_key_pair_info_response_t *spdm_response; + size_t spdm_response_size; + size_t transport_header_size; + + transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; + spdm_response = (void *)((uint8_t *)*response + transport_header_size); + spdm_response_size = sizeof(spdm_key_pair_info_response_t); + + spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_12; + spdm_response->header.request_response_code = SPDM_SET_KEY_PAIR_INFO_ACK; + spdm_response->header.param1 = 0; + spdm_response->header.param2 = 0; + + libspdm_transport_test_encode_message(spdm_context, NULL, false, + false, spdm_response_size, + spdm_response, response_size, + response); + } + return LIBSPDM_STATUS_SUCCESS; + + case 0x3: { + spdm_key_pair_info_response_t *spdm_response; + size_t spdm_response_size; + size_t transport_header_size; + + transport_header_size = LIBSPDM_TEST_TRANSPORT_HEADER_SIZE; + spdm_response = (void *)((uint8_t *)*response + transport_header_size); + spdm_response_size = sizeof(spdm_key_pair_info_response_t); + + spdm_response->header.spdm_version = SPDM_MESSAGE_VERSION_13; + spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO; + spdm_response->header.param1 = 0; + spdm_response->header.param2 = 0; + + libspdm_transport_test_encode_message(spdm_context, NULL, false, + false, spdm_response_size, + spdm_response, response_size, + response); + } + return LIBSPDM_STATUS_SUCCESS; + default: return LIBSPDM_STATUS_RECEIVE_FAIL; } @@ -106,22 +150,103 @@ void libspdm_test_requester_set_key_pair_info_case1(void **state) assert_int_equal(status, LIBSPDM_STATUS_INVALID_PARAMETER); } -libspdm_test_context_t m_libspdm_requester_set_key_pair_info_test_context = { - LIBSPDM_TEST_CONTEXT_VERSION, - true, - libspdm_requester_set_key_pair_info_test_send_message, - libspdm_requester_set_key_pair_info_test_receive_message, -}; +/** + * Test 2: Fail case, The response version is incorrect . + * Expected Behavior: returns a status of LIBSPDM_STATUS_INVALID_MSG_FIELD. + **/ +void libspdm_test_requester_set_key_pair_info_case2(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + + uint8_t key_pair_id; + uint8_t operation; + uint16_t desired_key_usage; + uint32_t desired_asym_algo; + uint8_t desired_assoc_cert_slot_mask; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x2; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->connection_info.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP; + + key_pair_id = 1; + operation = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION; + desired_key_usage = 0; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0; + status = libspdm_set_key_pair_info(spdm_context, NULL, key_pair_id, + operation, desired_key_usage, desired_asym_algo, + desired_assoc_cert_slot_mask); + + assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); +} + +/** + * Test 3: Fail case, The response code is incorrect + * Expected Behavior: returns a status of LIBSPDM_STATUS_INVALID_MSG_FIELD. + **/ +void libspdm_test_requester_set_key_pair_info_case3(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + + uint8_t key_pair_id; + uint8_t operation; + uint16_t desired_key_usage; + uint32_t desired_asym_algo; + uint8_t desired_assoc_cert_slot_mask; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x3; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_NEGOTIATED; + spdm_context->connection_info.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP; + + key_pair_id = 1; + operation = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION; + desired_key_usage = 0; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0; + status = libspdm_set_key_pair_info(spdm_context, NULL, key_pair_id, + operation, desired_key_usage, desired_asym_algo, + desired_assoc_cert_slot_mask); + + assert_int_equal(status, LIBSPDM_STATUS_INVALID_MSG_FIELD); +} int libspdm_requester_set_key_pair_info_test_main(void) { const struct CMUnitTest spdm_requester_set_key_pair_info_tests[] = { /* Successful response to set key pair info, key_pair_id is 1*/ cmocka_unit_test(libspdm_test_requester_set_key_pair_info_case1), + /* The response version is incorrect */ + cmocka_unit_test(libspdm_test_requester_set_key_pair_info_case2), + /* The response code is incorrect */ + cmocka_unit_test(libspdm_test_requester_set_key_pair_info_case3), + }; + + libspdm_test_context_t test_context = { + LIBSPDM_TEST_CONTEXT_VERSION, + true, + libspdm_requester_set_key_pair_info_test_send_message, + libspdm_requester_set_key_pair_info_test_receive_message, }; - libspdm_setup_test_context( - &m_libspdm_requester_set_key_pair_info_test_context); + libspdm_setup_test_context(&test_context); return cmocka_run_group_tests(spdm_requester_set_key_pair_info_tests, libspdm_unit_test_group_setup, diff --git a/unit_test/test_spdm_responder/set_key_pair_info_ack.c b/unit_test/test_spdm_responder/set_key_pair_info_ack.c index e3b9fc0c80f..c69b513557d 100644 --- a/unit_test/test_spdm_responder/set_key_pair_info_ack.c +++ b/unit_test/test_spdm_responder/set_key_pair_info_ack.c @@ -284,10 +284,244 @@ void libspdm_test_responder_set_key_pair_info_ack_case2(void **state) free(set_key_pair_info_request); } -libspdm_test_context_t m_libspdm_responder_set_key_pair_info_ack_test_context = { - LIBSPDM_TEST_CONTEXT_VERSION, - false, -}; +/** + * Test 2: The collection of multiple sub-cases. + **/ +void libspdm_test_responder_set_key_pair_info_ack_case3(void **state) +{ + libspdm_return_t status; + libspdm_test_context_t *spdm_test_context; + libspdm_context_t *spdm_context; + size_t response_size; + uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE]; + spdm_set_key_pair_info_ack_response_t *spdm_response; + + uint8_t key_pair_id; + size_t set_key_pair_info_request_size; + spdm_set_key_pair_info_request_t *set_key_pair_info_request; + uint8_t *ptr; + uint16_t desired_key_usage; + uint32_t desired_asym_algo; + uint8_t desired_assoc_cert_slot_mask; + + uint8_t temp_buf[LIBSPDM_RECEIVER_BUFFER_SIZE]; + set_key_pair_info_request = (spdm_set_key_pair_info_request_t *)temp_buf; + + spdm_test_context = *state; + spdm_context = spdm_test_context->spdm_context; + spdm_test_context->case_id = 0x3; + spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 << + SPDM_VERSION_NUMBER_SHIFT_BIT; + spdm_context->connection_info.connection_state = + LIBSPDM_CONNECTION_STATE_AUTHENTICATED; + spdm_context->connection_info.algorithm.base_asym_algo = + m_libspdm_use_asym_algo; + spdm_context->local_context.capability.flags |= + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP; + spdm_context->local_context.total_key_pairs = 16; + key_pair_id = 4; + + response_size = sizeof(response); + + /* Sub Case 1: If KeyPairErase is set, all fields after the KeyPairID field in this request should not exist. */ + desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE; + desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256; + desired_assoc_cert_slot_mask = 0x08; + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t) + + sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t); + + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = key_pair_id; + + ptr = (uint8_t*)(set_key_pair_info_request + 1); + ptr += sizeof(uint8_t); + + libspdm_write_uint16(ptr, desired_key_usage); + ptr += sizeof(uint16_t); + + libspdm_write_uint32(ptr, desired_asym_algo); + ptr += sizeof(uint32_t); + + *ptr = desired_assoc_cert_slot_mask; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_OPERATION_FAILED); + assert_int_equal(spdm_response->header.param2, 0); + + + /*Sub Case 2: When GenerateKeyPair is set, the fields of DesiredKeyUsage, DesiredAsymAlgo and DesiredAssocCertSlotMask should exist. */ + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t); + + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = key_pair_id; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_INVALID_REQUEST); + assert_int_equal(spdm_response->header.param2, 0); + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t); + + /*Sub Case 3: key_pair_id = 0 */ + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = 0; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_INVALID_REQUEST); + assert_int_equal(spdm_response->header.param2, 0); + + /* Sub Case 4: If no bits of DesiredKeyUsage are set, the responder should not change the current key usage. */ + desired_key_usage = 0; + desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256; + desired_assoc_cert_slot_mask = 0x08; + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t) + + sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t); + + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = key_pair_id; + + ptr = (uint8_t*)(set_key_pair_info_request + 1); + ptr += sizeof(uint8_t); + + libspdm_write_uint16(ptr, desired_key_usage); + ptr += sizeof(uint16_t); + + libspdm_write_uint32(ptr, desired_asym_algo); + ptr += sizeof(uint32_t); + + *ptr = desired_assoc_cert_slot_mask; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_INVALID_REQUEST); + assert_int_equal(spdm_response->header.param2, 0); + + /* Sub Case 5: DesiredAsymAlgo must not have multiple bits set. */ + desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE; + desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256 | + SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC384; + desired_assoc_cert_slot_mask = 0x08; + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t) + + sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t); + + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = key_pair_id; + + ptr = (uint8_t*)(set_key_pair_info_request + 1); + ptr += sizeof(uint8_t); + + libspdm_write_uint16(ptr, desired_key_usage); + ptr += sizeof(uint16_t); + + libspdm_write_uint32(ptr, desired_asym_algo); + ptr += sizeof(uint32_t); + + *ptr = desired_assoc_cert_slot_mask; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_INVALID_REQUEST); + assert_int_equal(spdm_response->header.param2, 0); + + /* Sub Case 6: If no bits of DesiredAsymAlgo are set, the responder should not change the current configuration of the asymmetric algorithm. */ + desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE; + desired_asym_algo = 0; + desired_assoc_cert_slot_mask = 0x08; + set_key_pair_info_request_size = + sizeof(spdm_set_key_pair_info_request_t) + + sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t); + + libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size); + set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13; + set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO; + set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION; + set_key_pair_info_request->header.param2 = 0; + set_key_pair_info_request->key_pair_id = key_pair_id; + + ptr = (uint8_t*)(set_key_pair_info_request + 1); + ptr += sizeof(uint8_t); + + libspdm_write_uint16(ptr, desired_key_usage); + ptr += sizeof(uint16_t); + + libspdm_write_uint32(ptr, desired_asym_algo); + ptr += sizeof(uint32_t); + + *ptr = desired_assoc_cert_slot_mask; + + status = libspdm_get_response_set_key_pair_info_ack( + spdm_context, set_key_pair_info_request_size, + set_key_pair_info_request, &response_size, response); + assert_int_equal(status, LIBSPDM_STATUS_SUCCESS); + assert_int_equal(response_size, sizeof(spdm_error_response_t)); + spdm_response = (void *)response; + assert_int_equal(spdm_response->header.request_response_code, + SPDM_ERROR); + assert_int_equal(spdm_response->header.param1, + SPDM_ERROR_CODE_INVALID_REQUEST); + assert_int_equal(spdm_response->header.param2, 0); +} int libspdm_responder_set_key_pair_info_ack_test_main(void) { @@ -296,9 +530,15 @@ int libspdm_responder_set_key_pair_info_ack_test_main(void) cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case1), /* Success Case to set key pair info with reset*/ cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case2), + /* The collection of multiple sub-cases.*/ + cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case3), }; - libspdm_setup_test_context(&m_libspdm_responder_set_key_pair_info_ack_test_context); + libspdm_test_context_t test_context = { + LIBSPDM_TEST_CONTEXT_VERSION, + false, + }; + libspdm_setup_test_context(&test_context); return cmocka_run_group_tests(spdm_responder_set_key_pair_info_ack_tests, libspdm_unit_test_group_setup,