Skip to content

Latest commit

 

History

History
468 lines (350 loc) · 17.3 KB

9.FinishRsp.md

File metadata and controls

468 lines (350 loc) · 17.3 KB
Raw

9. Test Case for FINISH_RSP

Case 9.1

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.1.

SPDM Version: 1.1

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.1.1: sizeof(SpdmMessage) >= sizeof(FINISH_RSP) - HMAC size

Assertion 9.1.2: SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.1.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Case 9.2

Description: SPDM responder shall return valid FINISH_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.1.

SPDM Version: 1.1

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData}
  2. SpdmMessage <- Responder

Assertion 9.2.1: sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.2.2: SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.2.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.2.4: HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.FINISH_RSP) version 1.1 success

Case 9.3

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a FINISH with non negotiated version.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion+1), Param1=0, Param2=0, RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.3.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.3.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.3.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.3.4: SpdmMessage.Param1 == VersionMismatch.

Assertion 9.3.5: SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion-1), Param1=0, Param2=0}
  2. SpdmMessage <- Responder

Assertion 9.3.*.

Case 9.4

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0, then skip this case.

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData}
  2. SpdmMessage <- Responder

Assertion 9.4.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.4.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.4.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.4.4: SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.4.5: SpdmMessage.Param2 == 0.

Case 9.5

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH in a session application.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
  15. KEY_EXCHANGE_RSP <- Responder
  16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, ...} in session-X
  17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.5.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.5.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.5.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.5.4: SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.5.5: SpdmMessage.Param2 == 0.

Case 9.6

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a FINISH with invalid field.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder
  16. UnsupportedReqSlotID[] = {0x1 ~ 0x7}
  17. InvalidReqSlotID[] = {0x8 ~ 0xF, 0xFF}

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=UnsupportedReqSlotID[i], RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.6.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.6.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.6.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.6.4: SpdmMessage.Param1 == InvalidRequest.

Assertion 9.6.5: SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=InvalidReqSlotID[i], RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, no RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

Case 9.7

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.7.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.7.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.7.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.7.4: SpdmMessage.Param1 == DecryptError.

Case 9.8

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData}
  2. SpdmMessage <- Responder

Assertion 9.8.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.8.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.8.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.8.4: SpdmMessage.Param1 == DecryptError.

Case 9.9

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.2.

SPDM Version: 1.2

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X
  2. SpdmMessage <- Responder in session-X

Assertion 9.9.1: sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.9.2: SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.9.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Case 9.17

Description: SPDM responder shall return valid FINISH_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.2.

SPDM Version: 1.2

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData}
  2. SpdmMessage <- Responder

Assertion 9.10.1: sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.10.2: SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.10.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.10.4: HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.FINISH_RSP) version 1.2 success

Case 9.11

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a FINISH in non-session.

SPDM Version: 1.2

TestSetup:

  1. Requester -> GET_VERSION {SPDMVersion=0x10}
  2. VERSION <- Responder
  3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.
  4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, ...}
  5. CAPABILITIES <- Responder
  6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case.
  7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
  8. ALGORITHMS <- Responder
  9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
  10. DIGESTS <- Responder
  11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
  12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
  13. CERTIFICATE <- Responder
  14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ...}
  15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps:

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} (not in session-X)
  2. SpdmMessage <- Responder (not in session-X)

Assertion 9.11.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.11.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 9.11.3: SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.11.4: SpdmMessage.Param1 == SessionRequired.