Add key update test.

Signed-off-by: Jiewen Yao <[email protected]>

Author: jyao1

doc/12.HeartbeatAck.md

@@ -43,49 +43,6 @@ Assertion 12.1.3:
 
 ### Case 12.2
 
-Description: SPDM responder shall return ERROR or ignore, if it receives a HEARTBEAT after session is terminated in DHE session.
-
-SPDM Version: 1.1+
-
-TestSetup:
-1. Requester -> GET_VERSION {SPDMVersion=0x10}
-2. VERSION <- Responder
-3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
-4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
-5. CAPABILITIES <- Responder
-6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case.
-7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
-8. ALGORITHMS <- Responder
-9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
-10. DIGESTS <- Responder
-11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
-12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
-13. CERTIFICATE <- Responder
-14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
-15. KEY_EXCHANGE_RSP <- Responder
-16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case.
-17. Requester -> FINISH {SPDMVersion=NegotiatedVersion, ...} in session-X
-18. FINISH_RSP <- Responder in session-X
-19. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, ...} in session-X
-20. END_SESSION_ACK <- Responder in session-X
-
-TestTeardown: None
-
-Steps:
-1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, ...} in session-X
-2. SpdmMessage <- Responder in session-X
-
-Assertion 12.2.1:
-    SpdmMessage == NUL || sizeof(SpdmMessage) >= sizeof(ERROR)
-
-Assertion 12.2.2:
-    SpdmMessage.RequestResponseCode == ERROR, if SpdmMessage != NUL
-
-Assertion 12.2.3:
-    SpdmMessage.SPDMVersion == NegotiatedVersion, if SpdmMessage != NUL
-
-### Case 12.3
-
 Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a HEARTBEAT with non negotiated version in DHE session.
 
 SPDM Version: 1.1+
@@ -116,27 +73,27 @@ Steps:
 1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion+1), ...} in session-X
 2. SpdmMessage <- Responder in session-X
 
-Assertion 12.3.1:
+Assertion 12.2.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 12.3.2:
+Assertion 12.2.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 12.3.3:
+Assertion 12.2.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 12.3.4:
+Assertion 12.2.4:
     SpdmMessage.Param1 == VersionMismatch.
 
-Assertion 12.3.5:
+Assertion 12.2.5:
     SpdmMessage.Param2 == 0.
 
 3. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion-1), ...} in session-X
 4. SpdmMessage <- Responder in session-X
 
-Assertion 12.3.*.
+Assertion 12.2.*.
 
-### Case 12.4
+### Case 12.3
 
 Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a HEARTBEAT in DHE session handshake.
 
@@ -166,22 +123,22 @@ Steps:
 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} in session-X
 2. SpdmMessage <- Responder in session-X
 
-Assertion 12.4.1:
+Assertion 12.3.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 12.4.2:
+Assertion 12.3.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 12.4.3:
+Assertion 12.3.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 12.4.4:
+Assertion 12.3.4:
     SpdmMessage.Param1 == UnexpectedRequest.
 
-Assertion 12.4.5:
+Assertion 12.3.5:
     SpdmMessage.Param2 == 0.
 
-### Case 12.5
+### Case 12.4
 
 Description: SPDM responder shall return ERROR(SessionRequired), if it receives a HEARTBEAT in non-session.
 
@@ -203,14 +160,14 @@ Steps:
 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0}
 2. SpdmMessage <- Responder
 
-Assertion 12.5.1:
+Assertion 12.4.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 12.5.2:
+Assertion 12.4.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 12.5.3:
+Assertion 12.4.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 12.5.4:
+Assertion 12.4.4:
     SpdmMessage.Param1 == SessionRequired.

doc/16.EndSessionAck.md

@@ -42,48 +42,6 @@ Assertion 16.1.3:
 
 ### Case 16.2
 
-Description: SPDM responder shall return ERROR or ignore, if it receives a END_SESSION after session is terminated in DHE session.
-
-SPDM Version: 1.1+
-
-TestSetup:
-1. Requester -> GET_VERSION {SPDMVersion=0x10}
-2. VERSION <- Responder
-3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
-4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
-5. CAPABILITIES <- Responder
-6. If Flags.KEY_EX_CAP == 0, then skip this case.
-7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
-8. ALGORITHMS <- Responder
-9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
-10. DIGESTS <- Responder
-11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
-12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
-13. CERTIFICATE <- Responder
-14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
-15. KEY_EXCHANGE_RSP <- Responder
-16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, ...}
-17. FINISH_RSP <- Responder
-18. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, ...} in session-X
-19. END_SESSION_ACK <- Responder in session-X
-
-TestTeardown: None
-
-Steps:
-1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, ...} in session-X
-2. SpdmMessage <- Responder in session-X
-
-Assertion 16.2.1:
-    SpdmMessage == NUL || sizeof(SpdmMessage) >= sizeof(ERROR)
-
-Assertion 16.2.2:
-    SpdmMessage.RequestResponseCode == ERROR, if SpdmMessage != NUL
-
-Assertion 16.2.3:
-    SpdmMessage.SPDMVersion == NegotiatedVersion, if SpdmMessage != NUL
-
-### Case 16.3
-
 Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a END_SESSION with non negotiated version in DHE session.
 
 SPDM Version: 1.1+
@@ -113,27 +71,27 @@ Steps:
 1. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion+1), ...} in session-X
 2. SpdmMessage <- Responder in session-X
 
-Assertion 16.3.1:
+Assertion 16.2.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 16.3.2:
+Assertion 16.2.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 16.3.3:
+Assertion 16.2.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 16.3.4:
+Assertion 16.2.4:
     SpdmMessage.Param1 == VersionMismatch.
 
-Assertion 16.3.5:
+Assertion 16.2.5:
     SpdmMessage.Param2 == 0.
 
 3. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion-1), ...} in session-X
 4. SpdmMessage <- Responder in session-X
 
-Assertion 16.3.*.
+Assertion 16.2.*.
 
-### Case 16.4
+### Case 16.3
 
 Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a END_SESSION in DHE session handshake.
 
@@ -162,22 +120,22 @@ Steps:
 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X
 2. SpdmMessage <- Responder in session-X
 
-Assertion 16.4.1:
+Assertion 16.3.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 16.4.2:
+Assertion 16.3.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 16.4.3:
+Assertion 16.3.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 16.4.4:
+Assertion 16.3.4:
     SpdmMessage.Param1 == UnexpectedRequest.
 
-Assertion 16.4.5:
+Assertion 16.3.5:
     SpdmMessage.Param2 == 0.
 
-### Case 16.9
+### Case 16.4
 
 Description: SPDM responder shall return ERROR(SessionRequired), if it receives a END_SESSION in non-session.
 
@@ -199,14 +157,14 @@ Steps:
 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0}
 2. SpdmMessage <- Responder
 
-Assertion 16.5.1:
+Assertion 16.4.1:
     sizeof(SpdmMessage) >= sizeof(ERROR)
 
-Assertion 16.5.2:
+Assertion 16.4.2:
     SpdmMessage.RequestResponseCode == ERROR
 
-Assertion 16.5.3:
+Assertion 16.4.3:
     SpdmMessage.SPDMVersion == NegotiatedVersion
 
-Assertion 16.5.4:
+Assertion 16.4.4:
     SpdmMessage.Param1 == SessionRequired.

include/library/spdm_responder_conformance_test_lib.h

@@ -113,10 +113,9 @@ void spdm_responder_conformance_test (void *spdm_context, const common_test_suit
 
 #define SPDM_RESPONDER_TEST_GROUP_HEARTBEAT_ACK    12
 #define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_SUCCESS_11_IN_DHE_SESSION             1
-#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_SESSION_CLOSE_IN_DHE_SESSION          2
-#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_VERSION_MISMATCH_IN_DHE_SESSION       3
-#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_UNEXPECTED_REQUEST_IN_DHE_SESSION_HS  4
-#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_SESSION_REQUIRED                      5
+#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_VERSION_MISMATCH_IN_DHE_SESSION       2
+#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_UNEXPECTED_REQUEST_IN_DHE_SESSION_HS  3
+#define   SPDM_RESPONDER_TEST_CASE_HEARTBEAT_ACK_SESSION_REQUIRED                      4
 
 #define SPDM_RESPONDER_TEST_GROUP_KEY_UPDATE_ACK    13
 #define   SPDM_RESPONDER_TEST_CASE_KEY_UPDATE_ACK_SUCCESS_11_IN_DHE_SESSION             1
@@ -127,9 +126,8 @@ void spdm_responder_conformance_test (void *spdm_context, const common_test_suit
 
 #define SPDM_RESPONDER_TEST_GROUP_END_SESSION_ACK    16
 #define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_SUCCESS_11_IN_DHE_SESSION             1
-#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_SESSION_CLOSE_IN_DHE_SESSION          2
-#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_VERSION_MISMATCH_IN_DHE_SESSION       3
-#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_UNEXPECTED_REQUEST_IN_DHE_SESSION_HS  4
-#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_SESSION_REQUIRED                      5
+#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_VERSION_MISMATCH_IN_DHE_SESSION       2
+#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_UNEXPECTED_REQUEST_IN_DHE_SESSION_HS  3
+#define   SPDM_RESPONDER_TEST_CASE_END_SESSION_ACK_SESSION_REQUIRED                      4
 
 #endif

library/spdm_responder_conformance_test_lib/CMakeLists.txt

@@ -16,6 +16,7 @@ SET(src_spdm_responder_conformance_test_lib
     spdm_responder_test_6_challenge_auth.c
     spdm_responder_test_7_measurements.c
     spdm_responder_test_12_heartbeat_ack.c
+    spdm_responder_test_13_key_update_ack.c
     spdm_responder_test_16_end_session_ack.c
     spdm_responder_test_support.c
 )

library/spdm_responder_conformance_test_lib/spdm_responder_test.c

@@ -15,6 +15,7 @@ common_test_group_t m_spdm_test_groups[] = {
     {SPDM_RESPONDER_TEST_GROUP_CHALLENGE_AUTH, "spdm_test_group_challenge_auth", m_spdm_test_group_challenge_auth},
     {SPDM_RESPONDER_TEST_GROUP_MEASUREMENTS,   "spdm_test_group_measurements",   m_spdm_test_group_measurements},
     {SPDM_RESPONDER_TEST_GROUP_HEARTBEAT_ACK,  "spdm_test_group_heartbeat_ack",  m_spdm_test_group_heartbeat_ack},
+    {SPDM_RESPONDER_TEST_GROUP_KEY_UPDATE_ACK, "spdm_test_group_key_update_ack", m_spdm_test_group_key_update_ack},
     {SPDM_RESPONDER_TEST_GROUP_END_SESSION_ACK,"spdm_test_group_end_session_ack",m_spdm_test_group_end_session_ack},
     {COMMON_TEST_ID_END, NULL, NULL},
 };

library/spdm_responder_conformance_test_lib/spdm_responder_test.h

@@ -46,6 +46,7 @@ extern common_test_case_t m_spdm_test_group_certificate[];
 extern common_test_case_t m_spdm_test_group_challenge_auth[];
 extern common_test_case_t m_spdm_test_group_measurements[];
 extern common_test_case_t m_spdm_test_group_heartbeat_ack[];
+extern common_test_case_t m_spdm_test_group_key_update_ack[];
 extern common_test_case_t m_spdm_test_group_end_session_ack[];
 
 #endif