SPDM_V1_0

SPDM_SMBUS_V1_0_Test_001_001.py

Description: SPDM responder shall return valid VERSION, if it receives a GET_VERSION with version 1.0.

SPDM Version: 1.0+

TestSetup: None

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 1.1.1:

sizeof(SpdmMessage) >= offset(VERSION, VersionNumberEntry)

Assertion 1.1.2:

SpdmMessage.RequestResponseCode == VERSION

Assertion 1.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 1.1.4:

SpdmMessage.VersionNumberEntryCount > 0 && SpdmMessage.VersionNumberEntryCount <= (sizeof(SpdmMessage) - offset(VERSION, VersionNumberEntry)) / sizeof(uint16_t)

Assertion 1.1.5:

((SpdmMessage.VersionNumberEntry[i].MajorVersion << 4) + SpdmMessage.VersionNumberEntry[i].MinorVersion) is in {0x10, 0x11, 0x12}.

SPDM_SMBUS_V1_0_Test_001_002.py

SPDM_SMBUS_V1_0_Test_002_001.py

Description: SPDM responder shall return valid CAPABILITIES(0x10), if it receives a GET_CAPABILITIES with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 2.1.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.0)

Assertion 2.1.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 2.1.4:

Flags.MEAS_CAP != 3

###

SPDM_SMBUS_V1_0_Test_002_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_CAPABILITIES with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. HighestVersion = Max{SpdmMessage.VersionNumberEntry[0..(n-1)]} 4. LowestVersion = Min{SpdmMessage.VersionNumberEntry[0..(n-1)]}

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=(HighestVersion+1), Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 2.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.2.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 2.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 2.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=(LowestVersion-1), Param1=0, Param2=0}

  2. SpdmMessage <- Responder

Assertion 2.2.*.

###

SPDM_SMBUS_V1_0_Test_002_003.py

Description: SPDM responder shall return valid CAPABILITIES(0x11), if it receives a GET_CAPABILITIES with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x11, Param1=0, Param2=0, CTExponent, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} 2. SpdmMessage <- Responder

Assertion 2.3.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.1)

Assertion 2.3.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.3.3:

SpdmMessage.SPDMVersion == 0x11

Assertion 2.3.4:

Flags.MEAS_CAP != 3

Assertion 2.3.5:

if (Flags.ENCRYPT_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.3.6:

if (Flags.MAC_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.3.7:

if (Flags.KEY_EX_CAP == 1), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.3.8:

Flags.PSK_CAP != 3

Assertion 2.3.9:

if (Flags.PSK_CAP != 0), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.3.10:

if (Flags.MUT_AUTH_CAP == 1), then (Flags.ENCAP_CAP == 1)

Assertion 2.3.11:

if (Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 1), then (Flags.KEY_EX_CAP == 1)

Assertion 2.3.12:

if (Flags.PUB_KEY_ID_CAP == 1), then (Flags.CERT_CAP == 0)

Assertion 2.3.13:

if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (CERT_CAP == 1 || PUB_KEY_ID_CAP == 1)

###

SPDM_SMBUS_V1_0_Test_002_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_CAPABILITIES with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1+ 2. SpdmMessage <- Responder

Assertion 2.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 2.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 2.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1 only

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize=41, MaxSPDMmsgSize} – if NegotiatedVersion=1.2+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize=MaxSPDMmsgSize+1, MaxSPDMmsgSize} – if NegotiatedVersion=1.2+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

###

SPDM_SMBUS_V1_0_Test_002_005.py

Description: SPDM responder shall return valid CAPABILITIES(0x12), if it receives a GET_CAPABILITIES with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x12, Param1=0, Param2=0, CTExponent, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP|CHUNK_CAP, DataTransferSize, MaxSPDMmsgSize} 2. SpdmMessage <- Responder

Assertion 2.5.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.2)

Assertion 2.5.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.5.3:

SpdmMessage.SPDMVersion == 0x12

Assertion 2.5.4:

Flags.MEAS_CAP != 3

Assertion 2.5.5:

if (Flags.ENCRYPT_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.5.6:

if (Flags.MAC_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.5.7:

if (Flags.KEY_EX_CAP == 1), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.5.8:

Flags.PSK_CAP != 3

Assertion 2.5.9:

if (Flags.PSK_CAP != 0), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.5.10:

if (Flags.MUT_AUTH_CAP == 1), then (Flags.ENCAP_CAP == 1)

Assertion 2.5.11:

if (Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 1), then (Flags.KEY_EX_CAP == 1)

Assertion 2.5.12:

if (Flags.PUB_KEY_ID_CAP == 1), then (Flags.CERT_CAP == 0)

Assertion 2.5.13:

SpdmMessage.DataTransferSize >= MinDataTransferSize

Assertion 2.5.14:

SpdmMessage.MaxSPDMmsgSize >= SpdmMessage.DataTransferSize

Assertion 2.5.15:

if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (CERT_CAP == 1 || PUB_KEY_ID_CAP == 1)

###

SPDM_SMBUS_V1_0_Test_002_006.py

Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical GET_CAPABILITIES.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 2.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 2.6.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 2.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, CTExponent+1, Flags-HBEAT_CAP, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 2.6.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize+1, MaxSPDMmsgSize+1, …} – if NegotiatedVersion=1.2

  2. SpdmMessage <- Responder

Assertion 2.6.*.

SPDM_SMBUS_V1_0_Test_003_001.py

Description: SPDM responder shall return valid ALGORITHMS(0x10), if it receives a GET_ALGORITHMS with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x10, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x10, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 2. SpdmMessage <- Responder

Assertion 3.1.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.0)

Assertion 3.1.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 3.1.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.0, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount

Assertion 3.1.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.1.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.1.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.1.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.1.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521}) if (CHAL_CAP == 0 && MEAS_CAP != 2) then (BaseAsymSel == 0)

Assertion 3.1.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (CHAL_CAP == 0 && MEAS_CAP != 2) then (BaseHashSel == 0)

###

SPDM_SMBUS_V1_0_Test_003_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a NEGOTIATE_ALGORITHMS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 3.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 3.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 3.2.*.

###

SPDM_SMBUS_V1_0_Test_003_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a NEGOTIATE_ALGORITHMS before GET_CAPABILITIES.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 3.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.3.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 3.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 3.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_003_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a NEGOTIATE_ALGORITHMS with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length-1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 3.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 3.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length+1, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtAsymCount=21, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtHashCount=21, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=1, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=3, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=2, ExtAlgCount=0xF, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

###

SPDM_SMBUS_V1_0_Test_003_005.py

Description: SPDM responder shall return valid ALGORITHMS(0x11), if it receives a GET_ALGORITHMS with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x11, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x11, Param1.NumOfAlgoStruct=4, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0, ReqAlgStruct[0]{AlgType=DHE, AlgSupported=ffdhe2048|ffdhe3072|ffdhe4096|secp256r1|secp384r1|secp521r1}, ReqAlgStruct[1]{AlgType=AEAD, AlgSupported=AES-128-GCM|AES-256-GCM|CHACHA20_POLY1305}, ReqAlgStruct[2]{AlgType=ReqBaseAsymAlg, AlgSupported=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521}, ReqAlgStruct[3]{AlgType=KeySchedule, AlgSupported=SPDM} } 2. SpdmMessage <- Responder

Assertion 3.5.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.1)

Assertion 3.5.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.5.3:

SpdmMessage.SPDMVersion == 0x11

Assertion 3.5.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.1, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)

Assertion 3.5.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.5.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.5.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.5.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.5.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0) then (BaseAsymSel == 0)

Assertion 3.5.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0) then (BaseHashSel == 0)

Assertion 3.5.11:

SpdmMessage.Param1 <= 4 SpdmMessage.AlgStructure[i].AlgType is in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule} and no duplication.

Assertion 3.5.12:

SpdmMessage.AlgStructure[i].AlgCount == 0x20

Assertion 3.5.13:

DHE only has one bit at most. if (KEY_EX_CAP == 1) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1} if (KEY_EX_CAP == 0) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent

Assertion 3.5.14:

AEAD only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305} if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0, or it is absent

Assertion 3.5.15:

ReqBaseAsymAlg only has one bit at most. if (MUT_AUTH_CAP == 1) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521} if (MUT_AUTH_CAP == 0) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0, or it is absent

Assertion 3.5.16:

KeySchedule only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0, or it is absent

###

SPDM_SMBUS_V1_0_Test_003_006.py

Description: SPDM responder shall return valid ALGORITHMS(0x12), if it receives a GET_ALGORITHMS with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x12, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x12, Param1.NumOfAlgoStruct=4, Param2=0, MeasurementSpecification=DMTF, OtherParamsSupport=OpaqueDataFmt1, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521|TPM_ALG_SM2_ECC_SM2_P256|EdDSA_ed25519|EdDSA_ed448, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512|TPM_ALG_SM3_256, ExtAsymCount=0, ExtHashCount=0, ReqAlgStruct[0]{AlgType=DHE, AlgSupported=ffdhe2048|ffdhe3072|ffdhe4096|secp256r1|secp384r1|secp521r1|SM2_P256}, ReqAlgStruct[1]{AlgType=AEAD, AlgSupported=AES-128-GCM|AES-256-GCM|CHACHA20_POLY1305|AEAD_SM4_GCM}, ReqAlgStruct[2]{AlgType=ReqBaseAsymAlg, AlgSupported=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521|TPM_ALG_SM2_ECC_SM2_P256|EdDSA_ed25519|EdDSA_ed448}, ReqAlgStruct[3]{AlgType=KeySchedule, AlgSupported=SPDM} } 2. SpdmMessage <- Responder

Assertion 3.6.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.2)

Assertion 3.6.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.6.3:

SpdmMessage.SPDMVersion == 0x12

Assertion 3.6.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.1, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)

Assertion 3.6.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.6.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.6.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.6.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.6.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0) then (BaseAsymSel == 0)

Assertion 3.6.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0) then (BaseHashSel == 0)

Assertion 3.6.11:

SpdmMessage.Param1 <= 4 SpdmMessage.AlgStructure[i].AlgType is in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule} and no duplication.

Assertion 3.6.12:

SpdmMessage.AlgStructure[i].AlgCount == 0x20

Assertion 3.6.13:

SpdmMessage.AlgStructure[DHE_index] only has one bit at most. if (KEY_EX_CAP == 1) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1, SM2_P256} if (KEY_EX_CAP == 0) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent

Assertion 3.6.14:

SpdmMessage.AlgStructure[AEAD_index] only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305, AEAD_SM4_GCM} if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0, or it is absent

Assertion 3.6.15:

SpdmMessage.AlgStructure[ReqBaseAsymAlg_index] only has one bit at most. if (MUT_AUTH_CAP == 1) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448} if (MUT_AUTH_CAP == 0) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0, or it is absent

Assertion 3.6.16:

SpdmMessage.AlgStructure[KeySchedule_index] only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0, or it is absent

Assertion 3.6.17:

SpdmMessage.OpaqueDataFmt only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then OtherParamsSupport.OpaqueDataFmt == OpaqueDataFmt1

###

SPDM_SMBUS_V1_0_Test_003_007.py

Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 6. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 3.7.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.7.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.7.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 3.7.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, MeasurementSpecification=DMTF, BaseAsymAlgo=BaseAsymSel, BaseHashAlgo=BaseHashSel, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.7.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Dhe=DheSel, Aead=AeadSel, BaseReqAsymAlg=BaseReqAsymSel, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.7.*.

SPDM_SMBUS_V1_0_Test_004_001.py

Description: SPDM responder shall return valid DIGESTS, if it receives a GET_DIGESTS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 4.1.1:

sizeof(SpdmMessage) >= offset(DIGESTS, Digest[0])

Assertion 4.1.2:

SpdmMessage.RequestResponseCode == DIGESTS

Assertion 4.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.1.4:

SpdmMessage.Param2.SlotMask.bit_0 == 1

Assertion 4.1.5:

SlotCount = bit number of SpdmMessage.Param2.SlotMask sizeof(SpdmMessage) >= offset(DIGESTS, Digest[0]) + HashSize * SlotCount

###

SPDM_SMBUS_V1_0_Test_004_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_DIGESTS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 4.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 4.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 4.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 4.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_DIGESTS {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 4.2.*.

###

SPDM_SMBUS_V1_0_Test_004_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_DIGESTS before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 4.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 4.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 4.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 4.3.5:

SpdmMessage.Param2 == 0.

SPDM_SMBUS_V1_0_Test_005_001.py

Description: SPDM responder shall return valid CERTIFICATE, if it receives a GET_CERTIFICATE.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Digests[] = array of DIGESTS.Digest

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=0, Length=0x400} 2. SpdmMessage <- Responder

Assertion 5.1.1:

sizeof(SpdmMessage) >= sizeof(CERTIFICATE, CertChain)

Assertion 5.1.2:

SpdmMessage.RequestResponseCode == CERTIFICATE

Assertion 5.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.1.4:

SpdmMessage.PortionLength > 0 SpdmMessage.PortionLength <= GET_CERTIFICATE.Length

  1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=NextOffset, Length=0x400}, while SpdmMessage.RemainderLength != 0

  2. SpdmMessage <- Responder

Assertion 5.1.*.

Assertion 5.1.5:

CertChain.Length == sizeof(CertChain)

Assertion 5.1.6:

Hash(CertChain) == Digests[i]

###

SPDM_SMBUS_V1_0_Test_005_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_CERTIFICATE with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 5.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 5.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 5.2.*.

###

SPDM_SMBUS_V1_0_Test_005_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_CERTIFICATE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 5.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 5.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_005_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_CERTIFICATE with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xE, 0xF}

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=InvalidSlotID[i], Param2=0, Offset=0, Length=0x400} 2. SpdmMessage <- Responder

Assertion 5.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 5.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=0, Invalid_Offset=0xFFFF, Length=0x400}

  2. SpdmMessage <- Responder

Assertion 5.4.*.

###

SPDM_SMBUS_V1_0_Test_005_005.py

Description: The CERTIFICATE from device shall follow X.509 and SPDM specification.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 12. CERTIFICATE <- Responder

TestTeardown: None

Steps:

Assertion 5.5.1:

if (CertChain.Certificates[0] is self-signed) then (CertChain.RootHash == Hash(Certificates[0]))

Assertion 5.5.2:

Each CertChain.Certificates[i] is signed by CertChain.Certificates[i-1].

Assertion 5.5.3:

LeafCertificate.SigningAlgorithm == Negotiated Algorithm

Assertion 5.5.4:

CertChain.Certificates[i].Version == 2 (X.509 v3).

Assertion 5.5.5:

CertChain.Certificates[i].SerialNumber is present.

Assertion 5.5.6:

CertChain.Certificates[i].SignatureAlgorithm is present.

Assertion 5.5.7:

CertChain.Certificates[i].Issuer is present.

Assertion 5.5.8:

CertChain.Certificates[i].SubjectName is present.

Assertion 5.5.9:

CertChain.Certificates[i].Validity is present.

Assertion 5.5.10:

CertChain.Certificates[i].SubjectPublicKeyInfo is present.

Assertion 5.5.11:

CertChain.Certificates[i].KeyUsage is present.

Assertion 5.5.12:

if CertChain.Certificates[i].BasicConstraints is present, then CA == FALSE in leaf certificate.

Assertion 5.5.13:

if CertChain.Certificates[i].OID(id-DMTF-device-info) is present, it follows UTF8String({DMTF-manufacturer”:”DMTF-product”:”DMTF-serialNumber}).

Assertion 5.5.14:

if CertChain.Certificates[i].OID(id-DMTF-hardwareidentity) is present, then it is in leaf certificate in SPDM 1.0/1.1 or SPDM 1.2 with Flags.ALIAS_CERT_CAP == 0. or it is in non-leaf certificate in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.

Assertion 5.5.15:

if CertChain.Certificates[i].OID(id-DMTF-ekuresponder-auth) is present, it is in leaf certificate.

Assertion 5.5.16:

if CertChain.Certificates[i].OID(id-DMTF-ekurequester-auth) is absent, it is in leaf certificate.

Assertion 5.5.17:

if CertChain.Certificates[i].OID(id-DMTF-mutablecertificate) is present, then it is in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.

SPDM_SMBUS_V1_0_Test_006_001.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B1, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 8. DIGESTS <- Responder 9. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 10. CERTIFICATE <- Responder 11. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 12. SpdmMessage <- Responder

Assertion 6.1.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.1.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.1.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.1.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.1.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.1.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~12) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.1.*.

  1. Repeat (1~12) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.1.*.

###

SPDM_SMBUS_V1_0_Test_006_002.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B2, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 8. SpdmMessage <- Responder

Assertion 6.2.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.2.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.2.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.2.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.2.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.2.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~8) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.2.*.

  1. Repeat (1~8) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.2.*.

###

SPDM_SMBUS_V1_0_Test_006_003.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B3, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 8. DIGESTS <- Responder 9. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 10. SpdmMessage <- Responder

Assertion 6.3.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.3.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.3.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.3.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.3.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.3.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~10) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.3.*.

  1. Repeat (1~10) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.3.*.

###

SPDM_SMBUS_V1_0_Test_006_004.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a CHALLENGE with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Digests[] = array of DIGESTS.Digest 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 6.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.4.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 6.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> CHALLENGE {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 6.4.*.

###

SPDM_SMBUS_V1_0_Test_006_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_CERTIFICATE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 6.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 6.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_006_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a CHALLENGE with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xF, 0xFF}

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=InvalidSlotID[i], Param2=NoMeasurement} 2. SpdmMessage <- Responder

Assertion 6.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 6.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=(TcbMeasurements+1)}

  2. SpdmMessage <- Responder

Assertion 6.6.*.

  1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=(AllMeasurements-1)}

  2. SpdmMessage <- Responder

Assertion 6.6.*.

###

SPDM_SMBUS_V1_0_Test_006_011.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B1, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. DIGESTS <- Responder 3. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 4. CERTIFICATE <- Responder 5. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 6. SpdmMessage <- Responder

Assertion 6.11.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.11.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.11.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.11.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.11.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.11.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.11.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~6) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.11.*.

  1. Repeat (1~6) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.11.*.

###

SPDM_SMBUS_V1_0_Test_006_012.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B2, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 2. SpdmMessage <- Responder

Assertion 6.12.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.12.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.12.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.12.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.12.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.12.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.12.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~2) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.12.*.

  1. Repeat (1~2) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.12.*.

###

SPDM_SMBUS_V1_0_Test_006_013.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B3, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. DIGESTS <- Responder 3. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 4. SpdmMessage <- Responder

Assertion 6.13.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.13.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.13.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.13.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.13.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.13.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.13.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~4) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.13.*.

  1. Repeat (1~4) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.13.*.

###

SPDM_SMBUS_V1_0_Test_006_014.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B4, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 2. CERTIFICATE <- Responder 3. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 4. SpdmMessage <- Responder

Assertion 6.14.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.14.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.14.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.14.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.14.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.14.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.14.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~4) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.14.*.

  1. Repeat (1~4) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.14.*.

SPDM_SMBUS_V1_0_Test_006_015.py

SPDM_SMBUS_V1_0_Test_006_016.py

SPDM_SMBUS_V1_0_Test_006_017.py

SPDM_SMBUS_V1_0_Test_006_018.py

SPDM_SMBUS_V1_0_Test_007_001.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.1.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.1.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.1.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.1.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements}

  2. SpdmMessage <- Responder

Assertion 7.1.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.1.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.1.14:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.1.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.1.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.1.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1]}

  2. SpdmMessage <- Responder

Assertion 7.1.{15~20}

Assertion 7.1.21:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

###

SPDM_SMBUS_V1_0_Test_007_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_MEASUREMENTS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 12. CERTIFICATE <- Responder 13. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 14. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=(NegotiatedVersion+1), Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 7.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=(NegotiatedVersion-1), Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements}

  2. SpdmMessage <- Responder

Assertion 7.2.*.

###

SPDM_SMBUS_V1_0_Test_007_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_MEASUREMENTS before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion+1, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 7.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_007_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_MEASUREMENTS with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xE, 0xF} 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder 16. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements} 17. MEASUREMENTS <- Responder 18. ValidMeasurementIndex[] = array of index in valid MeasurementBlock 10. InvalidMeasurementIndex[] = array of index not in valid MeasurementBlock, excluding 0 and 0xff

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=InvalidMeasurementIndex[i]} 2. SpdmMessage <- Responder

Assertion 7.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 7.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=1, Param2=ValidMeasurementIndex[i], SlotID=InvalidSlotID[i]} – if NegotiatedVersion=1.1+ && MEAS_CAP == 2

  2. SpdmMessage <- Responder

Assertion 7.4.*.

###

SPDM_SMBUS_V1_0_Test_007_005.py

Description: The SPDM Measurement Block from device shall follow SPDM specification.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 12. CERTIFICATE <- Responder 13. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 14. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements} 2. SpdmMessage <- Responder

Assertion 7.5.1:

SpdmMeasurementBlock[i].MeasurementSpecification == DMTF

Assertion 7.5.2:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 = 0) then (SpdmMeasurementBlock[i].MeasurementSize == 3 + HashSize)

Assertion 7.5.3:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 = 0) then (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueSize == HashSize)

Assertion 7.5.4:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_[6:0] == 0x5) && (SPDMVersion >= SPDM_MESSAGE_VERSION_12) then (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 == 1)

###

SPDM_SMBUS_V1_0_Test_007_006.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} 2. SpdmMessage <- Responder

Assertion 7.6.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.6.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.6.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.6.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.6.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.6.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.6.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.6.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.6.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.6.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.6.{15~20}

Assertion 7.6.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

###

SPDM_SMBUS_V1_0_Test_007_007.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS in a DHE session with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.7.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.7.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.7.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.7.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.7.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.7.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]} in session-X, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.7.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.7.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.{15~20}

Assertion 7.7.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

###

SPDM_SMBUS_V1_0_Test_007_008.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_MEASUREMENTS in a DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.8.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.8.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.8.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 7.8.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_007_009.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} 2. SpdmMessage <- Responder

Assertion 7.9.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.9.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.9.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.9.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.9.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.9.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.9.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.9.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.9.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.9.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.9.{15~20}

Assertion 7.9.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

###

SPDM_SMBUS_V1_0_Test_007_010.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS in a DHE session with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.10.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.10.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.10.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.10.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.10.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.10.14:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]} in session-X, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.10.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.10.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.{15~20}

Assertion 7.10.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

SPDM_SMBUS_V1_0_Test_008_001.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP, if it receives a KEY_EXCHANGE with negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.1.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength

Assertion 8.1.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.1.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.1.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.1 success

Assertion 8.1.6:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.KEY_EXCHANGE_RSP) version 1.1 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.1.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.1.*.

###

SPDM_SMBUS_V1_0_Test_008_002.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a KEY_EXCHANGE with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.2.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength - HMAC size

Assertion 8.2.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.2.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.2.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.1 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.2.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.2.*.

###

SPDM_SMBUS_V1_0_Test_008_003.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a KEY_EXCHANGE with non negotiated version.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=(NegotiatedVersion+1), Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.3.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 8.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=(NegotiatedVersion-1), Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.3.*.

###

SPDM_SMBUS_V1_0_Test_008_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_EXCHANGE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 8.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_008_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_EXCHANGE in a session application.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 8.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 8.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_008_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a KEY_EXCHANGE with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xF, 0xFF} 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=InvalidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 8.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=(TcbMeasurements+1), Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=(AllMeasurements-1), Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueDataLength=0xFFFF}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

###

SPDM_SMBUS_V1_0_Test_008_007.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP, if it receives a KEY_EXCHANGE with negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, SessionPolicy.TerminationPolicy=1, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.7.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength

Assertion 8.7.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.7.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.7.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.2 success

Assertion 8.7.6:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.KEY_EXCHANGE_RSP) version 1.2 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.7.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.7.*.

###

SPDM_SMBUS_V1_0_Test_008_008.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a KEY_EXCHANGE with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, SessionPolicy.TerminationPolicy=1, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.8.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength - HMAC size

Assertion 8.8.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.8.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.8.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.2 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.8.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.8.*.

SPDM_SMBUS_V1_0_Test_009_001.py

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.1.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP) - HMAC size

Assertion 9.1.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_SMBUS_V1_0_Test_009_002.py

Description: SPDM responder shall return valid FINISH_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.2.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.2.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.2.4:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.FINISH_RSP) version 1.1 success

###

SPDM_SMBUS_V1_0_Test_009_003.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a FINISH with non negotiated version.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion+1), Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.3.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 9.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion-1), Param1=0, Param2=0}

  2. SpdmMessage <- Responder

Assertion 9.3.*.

###

SPDM_SMBUS_V1_0_Test_009_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_009_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH in a session application.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_009_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a FINISH with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. UnsupportedReqSlotID[] = {0x1 ~ 0x7} 17. InvalidReqSlotID[] = {0x8 ~ 0xF, 0xFF}

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=UnsupportedReqSlotID[i], RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 9.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=InvalidReqSlotID[i], RequesterVerifyData} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, no RequesterVerifyData} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

###

SPDM_SMBUS_V1_0_Test_009_007.py

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.7.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.7.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.7.4:

SpdmMessage.Param1 == DecryptError.

###

SPDM_SMBUS_V1_0_Test_009_008.py

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.8.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.8.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.8.4:

SpdmMessage.Param1 == DecryptError.

###

SPDM_SMBUS_V1_0_Test_009_009.py

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.9.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.9.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.9.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_SMBUS_V1_0_Test_009_010.py

SPDM_SMBUS_V1_0_Test_009_011.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a FINISH in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} (not in session-X) 2. SpdmMessage <- Responder (not in session-X)

Assertion 9.11.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.11.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.11.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.11.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_SMBUS_V1_0_Test_012_001.py

Description: SPDM responder shall return valid HEARTBEAT_ACK, if it receives a HEARTBEAT in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case. 17. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 18. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.1.1:

sizeof(SpdmMessage) >= sizeof(HEARTBEAT_ACK)

Assertion 12.1.2:

SpdmMessage.RequestResponseCode == HEARTBEAT_ACK

Assertion 12.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_SMBUS_V1_0_Test_012_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a HEARTBEAT with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case. 17. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 18. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 12.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 12.2.*.

###

SPDM_SMBUS_V1_0_Test_012_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a HEARTBEAT in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 12.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_012_004.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a HEARTBEAT in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 12.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.4.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_SMBUS_V1_0_Test_013_001.py

Description: SPDM responder shall return valid KEY_UPDATE_ACK, if it receives a KEY_UPDATE in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag1} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.1.1:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.2:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.4:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.5:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=VerifyNewKey, Param2=Tag2} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.6:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.7:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.8:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.9:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.10:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateAllKeys, Param2=Tag3} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.11:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.12:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.13:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.14:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.15:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=VerifyNewKey, Param2=Tag4} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.16:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.17:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.18:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.19:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.20:

SpdmMessage.Param2 == KEY_UPDATE.Param2

###

SPDM_SMBUS_V1_0_Test_013_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a KEY_UPDATE with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 13.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.2.*.

###

SPDM_SMBUS_V1_0_Test_013_003.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a KEY_UPDATE with invalid field in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=(UpdateKey-1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.3.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 13.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=(VerifyNewKey+1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.3.*.

###

SPDM_SMBUS_V1_0_Test_013_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_UPDATE in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 13.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_013_005.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a KEY_UPDATE in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag} 2. SpdmMessage <- Responder

Assertion 13.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.5.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_SMBUS_V1_0_Test_016_001.py

Description: SPDM responder shall return valid END_SESSION_ACK, if it receives a END_SESSION in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.1.1:

sizeof(SpdmMessage) >= sizeof(END_SESSION_ACK)

Assertion 16.1.2:

SpdmMessage.RequestResponseCode == END_SESSION_ACK

Assertion 16.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_SMBUS_V1_0_Test_016_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a END_SESSION with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 16.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 16.2.*.

###

SPDM_SMBUS_V1_0_Test_016_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a END_SESSION in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 16.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_SMBUS_V1_0_Test_016_004.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a END_SESSION in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 && Flags.PSK_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 16.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.4.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_VDM_V1_0_Test_001_001.py

Description: SPDM responder shall return valid VERSION, if it receives a GET_VERSION with version 1.0.

SPDM Version: 1.0+

TestSetup: None

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 1.1.1:

sizeof(SpdmMessage) >= offset(VERSION, VersionNumberEntry)

Assertion 1.1.2:

SpdmMessage.RequestResponseCode == VERSION

Assertion 1.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 1.1.4:

SpdmMessage.VersionNumberEntryCount > 0 && SpdmMessage.VersionNumberEntryCount <= (sizeof(SpdmMessage) - offset(VERSION, VersionNumberEntry)) / sizeof(uint16_t)

Assertion 1.1.5:

((SpdmMessage.VersionNumberEntry[i].MajorVersion << 4) + SpdmMessage.VersionNumberEntry[i].MinorVersion) is in {0x10, 0x11, 0x12}.

SPDM_VDM_V1_0_Test_001_002.py

SPDM_VDM_V1_0_Test_002_001.py

Description: SPDM responder shall return valid CAPABILITIES(0x10), if it receives a GET_CAPABILITIES with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 2.1.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.0)

Assertion 2.1.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 2.1.4:

Flags.MEAS_CAP != 3

###

SPDM_VDM_V1_0_Test_002_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_CAPABILITIES with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. HighestVersion = Max{SpdmMessage.VersionNumberEntry[0..(n-1)]} 4. LowestVersion = Min{SpdmMessage.VersionNumberEntry[0..(n-1)]}

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=(HighestVersion+1), Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 2.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.2.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 2.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 2.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=(LowestVersion-1), Param1=0, Param2=0}

  2. SpdmMessage <- Responder

Assertion 2.2.*.

###

SPDM_VDM_V1_0_Test_002_003.py

Description: SPDM responder shall return valid CAPABILITIES(0x11), if it receives a GET_CAPABILITIES with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x11, Param1=0, Param2=0, CTExponent, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} 2. SpdmMessage <- Responder

Assertion 2.3.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.1)

Assertion 2.3.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.3.3:

SpdmMessage.SPDMVersion == 0x11

Assertion 2.3.4:

Flags.MEAS_CAP != 3

Assertion 2.3.5:

if (Flags.ENCRYPT_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.3.6:

if (Flags.MAC_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.3.7:

if (Flags.KEY_EX_CAP == 1), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.3.8:

Flags.PSK_CAP != 3

Assertion 2.3.9:

if (Flags.PSK_CAP != 0), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.3.10:

if (Flags.MUT_AUTH_CAP == 1), then (Flags.ENCAP_CAP == 1)

Assertion 2.3.11:

if (Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 1), then (Flags.KEY_EX_CAP == 1)

Assertion 2.3.12:

if (Flags.PUB_KEY_ID_CAP == 1), then (Flags.CERT_CAP == 0)

Assertion 2.3.13:

if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (CERT_CAP == 1 || PUB_KEY_ID_CAP == 1)

###

SPDM_VDM_V1_0_Test_002_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_CAPABILITIES with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1+ 2. SpdmMessage <- Responder

Assertion 2.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 2.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 2.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|HBEAT_CAP|KEY_UPD_CAP} – if NegotiatedVersion=1.1 only

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize=41, MaxSPDMmsgSize} – if NegotiatedVersion=1.2+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize=MaxSPDMmsgSize+1, MaxSPDMmsgSize} – if NegotiatedVersion=1.2+

  2. SpdmMessage <- Responder

Assertion 2.4.*.

###

SPDM_VDM_V1_0_Test_002_005.py

Description: SPDM responder shall return valid CAPABILITIES(0x12), if it receives a GET_CAPABILITIES with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=0x12, Param1=0, Param2=0, CTExponent, Flags=CERT_CAP|CHAL_CAP|ENCRYPT_CAP|MAC_CAP|MUT_AUTH_CAP|KEY_EX_CAP|PSK_CAP=1|ENCAP_CAP|HBEAT_CAP|KEY_UPD_CAP|CHUNK_CAP, DataTransferSize, MaxSPDMmsgSize} 2. SpdmMessage <- Responder

Assertion 2.5.1:

sizeof(SpdmMessage) >= sizeof(CAPABILITIES_1.2)

Assertion 2.5.2:

SpdmMessage.RequestResponseCode == CAPABILITIES

Assertion 2.5.3:

SpdmMessage.SPDMVersion == 0x12

Assertion 2.5.4:

Flags.MEAS_CAP != 3

Assertion 2.5.5:

if (Flags.ENCRYPT_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.5.6:

if (Flags.MAC_CAP == 1), then (Flags.KEY_EX_CAP == 1 || Flags.PSK_CAP == 1 || Flags.PSK_CAP == 2)

Assertion 2.5.7:

if (Flags.KEY_EX_CAP == 1), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.5.8:

Flags.PSK_CAP != 3

Assertion 2.5.9:

if (Flags.PSK_CAP != 0), then (Flags.ENCRYPT_CAP == 1 || Flags.MAC_CAP == 1)

Assertion 2.5.10:

if (Flags.MUT_AUTH_CAP == 1), then (Flags.ENCAP_CAP == 1)

Assertion 2.5.11:

if (Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 1), then (Flags.KEY_EX_CAP == 1)

Assertion 2.5.12:

if (Flags.PUB_KEY_ID_CAP == 1), then (Flags.CERT_CAP == 0)

Assertion 2.5.13:

SpdmMessage.DataTransferSize >= MinDataTransferSize

Assertion 2.5.14:

SpdmMessage.MaxSPDMmsgSize >= SpdmMessage.DataTransferSize

Assertion 2.5.15:

if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (CERT_CAP == 1 || PUB_KEY_ID_CAP == 1)

###

SPDM_VDM_V1_0_Test_002_006.py

Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical GET_CAPABILITIES.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 2.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 2.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 2.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 2.6.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 2.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, CTExponent+1, Flags-HBEAT_CAP, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 2.6.*.

  1. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, DataTransferSize+1, MaxSPDMmsgSize+1, …} – if NegotiatedVersion=1.2

  2. SpdmMessage <- Responder

Assertion 2.6.*.

SPDM_VDM_V1_0_Test_003_001.py

Description: SPDM responder shall return valid ALGORITHMS(0x10), if it receives a GET_ALGORITHMS with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x10, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x10, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 2. SpdmMessage <- Responder

Assertion 3.1.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.0)

Assertion 3.1.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.1.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 3.1.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.0, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount

Assertion 3.1.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.1.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.1.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.1.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.1.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521}) if (CHAL_CAP == 0 && MEAS_CAP != 2) then (BaseAsymSel == 0)

Assertion 3.1.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (CHAL_CAP == 0 && MEAS_CAP != 2) then (BaseHashSel == 0)

###

SPDM_VDM_V1_0_Test_003_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a NEGOTIATE_ALGORITHMS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 3.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 3.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 3.2.*.

###

SPDM_VDM_V1_0_Test_003_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a NEGOTIATE_ALGORITHMS before GET_CAPABILITIES.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 3.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.3.3:

SpdmMessage.SPDMVersion == 0x10

Assertion 3.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 3.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_003_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a NEGOTIATE_ALGORITHMS with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length-1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 3.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 3.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length+1, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtAsymCount=21, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtHashCount=21, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=1, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=3, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=2, ExtAlgCount=0xF, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.4.*.

###

SPDM_VDM_V1_0_Test_003_005.py

Description: SPDM responder shall return valid ALGORITHMS(0x11), if it receives a GET_ALGORITHMS with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x11, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x11, Param1.NumOfAlgoStruct=4, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0, ReqAlgStruct[0]{AlgType=DHE, AlgSupported=ffdhe2048|ffdhe3072|ffdhe4096|secp256r1|secp384r1|secp521r1}, ReqAlgStruct[1]{AlgType=AEAD, AlgSupported=AES-128-GCM|AES-256-GCM|CHACHA20_POLY1305}, ReqAlgStruct[2]{AlgType=ReqBaseAsymAlg, AlgSupported=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521}, ReqAlgStruct[3]{AlgType=KeySchedule, AlgSupported=SPDM} } 2. SpdmMessage <- Responder

Assertion 3.5.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.1)

Assertion 3.5.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.5.3:

SpdmMessage.SPDMVersion == 0x11

Assertion 3.5.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.1, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)

Assertion 3.5.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.5.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.5.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.5.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.5.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0) then (BaseAsymSel == 0)

Assertion 3.5.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0) then (BaseHashSel == 0)

Assertion 3.5.11:

SpdmMessage.Param1 <= 4 SpdmMessage.AlgStructure[i].AlgType is in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule} and no duplication.

Assertion 3.5.12:

SpdmMessage.AlgStructure[i].AlgCount == 0x20

Assertion 3.5.13:

DHE only has one bit at most. if (KEY_EX_CAP == 1) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1} if (KEY_EX_CAP == 0) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent

Assertion 3.5.14:

AEAD only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305} if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0, or it is absent

Assertion 3.5.15:

ReqBaseAsymAlg only has one bit at most. if (MUT_AUTH_CAP == 1) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521} if (MUT_AUTH_CAP == 0) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0, or it is absent

Assertion 3.5.16:

KeySchedule only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0, or it is absent

###

SPDM_VDM_V1_0_Test_003_006.py

Description: SPDM responder shall return valid ALGORITHMS(0x12), if it receives a GET_ALGORITHMS with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x12, …} 5. CAPABILITIES <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=0x12, Param1.NumOfAlgoStruct=4, Param2=0, MeasurementSpecification=DMTF, OtherParamsSupport=OpaqueDataFmt1, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521|TPM_ALG_SM2_ECC_SM2_P256|EdDSA_ed25519|EdDSA_ed448, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512|TPM_ALG_SM3_256, ExtAsymCount=0, ExtHashCount=0, ReqAlgStruct[0]{AlgType=DHE, AlgSupported=ffdhe2048|ffdhe3072|ffdhe4096|secp256r1|secp384r1|secp521r1|SM2_P256}, ReqAlgStruct[1]{AlgType=AEAD, AlgSupported=AES-128-GCM|AES-256-GCM|CHACHA20_POLY1305|AEAD_SM4_GCM}, ReqAlgStruct[2]{AlgType=ReqBaseAsymAlg, AlgSupported=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521|TPM_ALG_SM2_ECC_SM2_P256|EdDSA_ed25519|EdDSA_ed448}, ReqAlgStruct[3]{AlgType=KeySchedule, AlgSupported=SPDM} } 2. SpdmMessage <- Responder

Assertion 3.6.1:

sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.2)

Assertion 3.6.2:

SpdmMessage.RequestResponseCode == ALGORITHMS

Assertion 3.6.3:

SpdmMessage.SPDMVersion == 0x12

Assertion 3.6.4:

SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.1, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)

Assertion 3.6.5:

SpdmMessage.ExtAsymSelCount == 0

Assertion 3.6.6:

SpdmMessage.ExtHashSelCount == 0

Assertion 3.6.7:

SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || MeasurementSpecificationSel == 0

Assertion 3.6.8:

SpdmMessage.MeasurementHashAlgo only has one bit at most. if (MEAS_CAP != 0) then (MeasurementHashAlgo == one of {Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256}) if (MEAS_CAP == 0) then (MeasurementHashAlgo == 0)

Assertion 3.6.9:

SpdmMessage.BaseAsymSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) then (BaseAsymSel == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0) then (BaseAsymSel == 0)

Assertion 3.6.10:

SpdmMessage.BaseHashSel only has one bit at most. if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0) then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256}) if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0) then (BaseHashSel == 0)

Assertion 3.6.11:

SpdmMessage.Param1 <= 4 SpdmMessage.AlgStructure[i].AlgType is in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule} and no duplication.

Assertion 3.6.12:

SpdmMessage.AlgStructure[i].AlgCount == 0x20

Assertion 3.6.13:

SpdmMessage.AlgStructure[DHE_index] only has one bit at most. if (KEY_EX_CAP == 1) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1, SM2_P256} if (KEY_EX_CAP == 0) then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent

Assertion 3.6.14:

SpdmMessage.AlgStructure[AEAD_index] only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305, AEAD_SM4_GCM} if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0, or it is absent

Assertion 3.6.15:

SpdmMessage.AlgStructure[ReqBaseAsymAlg_index] only has one bit at most. if (MUT_AUTH_CAP == 1) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448} if (MUT_AUTH_CAP == 0) then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0, or it is absent

Assertion 3.6.16:

SpdmMessage.AlgStructure[KeySchedule_index] only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM if (KEY_EX_CAP == 0 && PSK_CAP == 0) then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0, or it is absent

Assertion 3.6.17:

SpdmMessage.OpaqueDataFmt only has one bit at most. if (KEY_EX_CAP == 1 || PSK_CAP != 0) then OtherParamsSupport.OpaqueDataFmt == OpaqueDataFmt1

###

SPDM_VDM_V1_0_Test_003_007.py

Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 6. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder

Assertion 3.7.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 3.7.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 3.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 3.7.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 3.7.5:

SpdmMessage.Param2 == 0.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, MeasurementSpecification=DMTF, BaseAsymAlgo=BaseAsymSel, BaseHashAlgo=BaseHashSel, …} – if NegotiatedVersion=1.0+

  2. SpdmMessage <- Responder

Assertion 3.7.*.

  1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Dhe=DheSel, Aead=AeadSel, BaseReqAsymAlg=BaseReqAsymSel, …} – if NegotiatedVersion=1.1+

  2. SpdmMessage <- Responder

Assertion 3.7.*.

SPDM_VDM_V1_0_Test_004_001.py

Description: SPDM responder shall return valid DIGESTS, if it receives a GET_DIGESTS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 4.1.1:

sizeof(SpdmMessage) >= offset(DIGESTS, Digest[0])

Assertion 4.1.2:

SpdmMessage.RequestResponseCode == DIGESTS

Assertion 4.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.1.4:

SpdmMessage.Param2.SlotMask.bit_0 == 1

Assertion 4.1.5:

SlotCount = bit number of SpdmMessage.Param2.SlotMask sizeof(SpdmMessage) >= offset(DIGESTS, Digest[0]) + HashSize * SlotCount

###

SPDM_VDM_V1_0_Test_004_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_DIGESTS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 4.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 4.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 4.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 4.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_DIGESTS {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 4.2.*.

###

SPDM_VDM_V1_0_Test_004_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_DIGESTS before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 4.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 4.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 4.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 4.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 4.3.5:

SpdmMessage.Param2 == 0.

SPDM_VDM_V1_0_Test_005_001.py

Description: SPDM responder shall return valid CERTIFICATE, if it receives a GET_CERTIFICATE.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Digests[] = array of DIGESTS.Digest

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=0, Length=0x400} 2. SpdmMessage <- Responder

Assertion 5.1.1:

sizeof(SpdmMessage) >= sizeof(CERTIFICATE, CertChain)

Assertion 5.1.2:

SpdmMessage.RequestResponseCode == CERTIFICATE

Assertion 5.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.1.4:

SpdmMessage.PortionLength > 0 SpdmMessage.PortionLength <= GET_CERTIFICATE.Length

  1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=NextOffset, Length=0x400}, while SpdmMessage.RemainderLength != 0

  2. SpdmMessage <- Responder

Assertion 5.1.*.

Assertion 5.1.5:

CertChain.Length == sizeof(CertChain)

Assertion 5.1.6:

Hash(CertChain) == Digests[i]

###

SPDM_VDM_V1_0_Test_005_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_CERTIFICATE with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 5.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 5.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 5.2.*.

###

SPDM_VDM_V1_0_Test_005_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_CERTIFICATE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 5.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 5.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_005_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_CERTIFICATE with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xE, 0xF}

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=InvalidSlotID[i], Param2=0, Offset=0, Length=0x400} 2. SpdmMessage <- Responder

Assertion 5.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 5.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 5.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 5.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 5.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=0, Invalid_Offset=0xFFFF, Length=0x400}

  2. SpdmMessage <- Responder

Assertion 5.4.*.

###

SPDM_VDM_V1_0_Test_005_005.py

Description: The CERTIFICATE from device shall follow X.509 and SPDM specification.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 12. CERTIFICATE <- Responder

TestTeardown: None

Steps:

Assertion 5.5.1:

if (CertChain.Certificates[0] is self-signed) then (CertChain.RootHash == Hash(Certificates[0]))

Assertion 5.5.2:

Each CertChain.Certificates[i] is signed by CertChain.Certificates[i-1].

Assertion 5.5.3:

LeafCertificate.SigningAlgorithm == Negotiated Algorithm

Assertion 5.5.4:

CertChain.Certificates[i].Version == 2 (X.509 v3).

Assertion 5.5.5:

CertChain.Certificates[i].SerialNumber is present.

Assertion 5.5.6:

CertChain.Certificates[i].SignatureAlgorithm is present.

Assertion 5.5.7:

CertChain.Certificates[i].Issuer is present.

Assertion 5.5.8:

CertChain.Certificates[i].SubjectName is present.

Assertion 5.5.9:

CertChain.Certificates[i].Validity is present.

Assertion 5.5.10:

CertChain.Certificates[i].SubjectPublicKeyInfo is present.

Assertion 5.5.11:

CertChain.Certificates[i].KeyUsage is present.

Assertion 5.5.12:

if CertChain.Certificates[i].BasicConstraints is present, then CA == FALSE in leaf certificate.

Assertion 5.5.13:

if CertChain.Certificates[i].OID(id-DMTF-device-info) is present, it follows UTF8String({DMTF-manufacturer”:”DMTF-product”:”DMTF-serialNumber}).

Assertion 5.5.14:

if CertChain.Certificates[i].OID(id-DMTF-hardwareidentity) is present, then it is in leaf certificate in SPDM 1.0/1.1 or SPDM 1.2 with Flags.ALIAS_CERT_CAP == 0. or it is in non-leaf certificate in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.

Assertion 5.5.15:

if CertChain.Certificates[i].OID(id-DMTF-ekuresponder-auth) is present, it is in leaf certificate.

Assertion 5.5.16:

if CertChain.Certificates[i].OID(id-DMTF-ekurequester-auth) is absent, it is in leaf certificate.

Assertion 5.5.17:

if CertChain.Certificates[i].OID(id-DMTF-mutablecertificate) is present, then it is in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.

SPDM_VDM_V1_0_Test_006_001.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B1, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 8. DIGESTS <- Responder 9. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 10. CERTIFICATE <- Responder 11. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 12. SpdmMessage <- Responder

Assertion 6.1.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.1.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.1.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.1.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.1.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.1.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~12) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.1.*.

  1. Repeat (1~12) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.1.*.

###

SPDM_VDM_V1_0_Test_006_002.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B2, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 8. SpdmMessage <- Responder

Assertion 6.2.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.2.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.2.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.2.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.2.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.2.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~8) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.2.*.

  1. Repeat (1~8) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.2.*.

###

SPDM_VDM_V1_0_Test_006_003.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.0 or 1.1 in (A1, B3, C1).

SPDM Version: 1.0 or 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 or 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 6. ALGORITHMS <- Responder 7. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 8. DIGESTS <- Responder 9. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 10. SpdmMessage <- Responder

Assertion 6.3.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.3.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.3.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.3.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.3.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.3.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.0/1.1 success.

  1. Repeat (1~10) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.3.*.

  1. Repeat (1~10) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.3.*.

###

SPDM_VDM_V1_0_Test_006_004.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a CHALLENGE with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Digests[] = array of DIGESTS.Digest 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder

Assertion 6.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.4.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 6.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> CHALLENGE {SPDMVersion=(NegotiatedVersion-1), …}

  2. SpdmMessage <- Responder

Assertion 6.4.*.

###

SPDM_VDM_V1_0_Test_006_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_CERTIFICATE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, …} 2. SpdmMessage <- Responder

Assertion 6.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 6.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_006_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a CHALLENGE with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 9. DIGESTS <- Responder 10. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xF, 0xFF}

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=InvalidSlotID[i], Param2=NoMeasurement} 2. SpdmMessage <- Responder

Assertion 6.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 6.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 6.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 6.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=(TcbMeasurements+1)}

  2. SpdmMessage <- Responder

Assertion 6.6.*.

  1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=(AllMeasurements-1)}

  2. SpdmMessage <- Responder

Assertion 6.6.*.

###

SPDM_VDM_V1_0_Test_006_011.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B1, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. DIGESTS <- Responder 3. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 4. CERTIFICATE <- Responder 5. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 6. SpdmMessage <- Responder

Assertion 6.11.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.11.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.11.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.11.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.11.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.11.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.11.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~6) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.11.*.

  1. Repeat (1~6) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.11.*.

###

SPDM_VDM_V1_0_Test_006_012.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B2, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 2. SpdmMessage <- Responder

Assertion 6.12.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.12.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.12.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.12.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.12.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.12.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.12.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~2) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.12.*.

  1. Repeat (1~2) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.12.*.

###

SPDM_VDM_V1_0_Test_006_013.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B3, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 2. DIGESTS <- Responder 3. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 4. SpdmMessage <- Responder

Assertion 6.13.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.13.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.13.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.13.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.13.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.13.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.13.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~4) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.13.*.

  1. Repeat (1~4) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.13.*.

###

SPDM_VDM_V1_0_Test_006_014.py

Description: SPDM responder shall return valid CHALLENGE_AUTH, if it receives a CHALLENGE with negotiated version 1.2 in (A2, B4, C1).

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.CERT_CAP == 0 || Flags.CHAL_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Digests[] = array of DIGESTS.Digest 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder 15. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, …} 16. SpdmMessage <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 2. CERTIFICATE <- Responder 3. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=NoMeasurement, Nonce} 4. SpdmMessage <- Responder

Assertion 6.14.1:

sizeof(SpdmMessage) >= sizeof(CHALLENGE_AUTH) + SpdmMessage.OpaqueDataLength

Assertion 6.14.2:

SpdmMessage.RequestResponseCode == CHALLENGE_AUTH

Assertion 6.14.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 6.14.4:

(SpdmMessage.Param1.SlotID & 0xF) == SlotID

Assertion 6.14.5:

(SpdmMessage.Param2.SlotMask & bit_[SlotID]) != 0

Assertion 6.14.6:

SpdmMessage.CertChainHash == Hash(CertChain) SpdmMessage.CertChainHash == Digests[SlotID]

Assertion 6.14.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, M1/M2) version 1.2 success.

  1. Repeat (1~4) and use CHALLENGE {Param2=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 6.14.*.

  1. Repeat (1~4) and use CHALLENGE {Param2=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 6.14.*.

SPDM_VDM_V1_0_Test_006_015.py

SPDM_VDM_V1_0_Test_006_016.py

SPDM_VDM_V1_0_Test_006_017.py

SPDM_VDM_V1_0_Test_006_018.py

SPDM_VDM_V1_0_Test_007_001.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.0.

SPDM Version: 1.0 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.0 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.1.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.1.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.1.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.1.7:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements}

  2. SpdmMessage <- Responder

Assertion 7.1.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.1.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.1.14:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.1.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.1.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.1.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.1.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.1.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.1.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1]}

  2. SpdmMessage <- Responder

Assertion 7.1.{15~20}

Assertion 7.1.21:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.0 success, if Flags.MEAS_CAP == 2

###

SPDM_VDM_V1_0_Test_007_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_MEASUREMENTS with non negotiated version.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 12. CERTIFICATE <- Responder 13. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 14. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=(NegotiatedVersion+1), Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 7.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=(NegotiatedVersion-1), Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements}

  2. SpdmMessage <- Responder

Assertion 7.2.*.

###

SPDM_VDM_V1_0_Test_007_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_MEASUREMENTS before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.CERT_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion+1, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements} 2. SpdmMessage <- Responder

Assertion 7.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 7.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_007_004.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_MEASUREMENTS with invalid field.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xE, 0xF} 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder 16. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements} 17. MEASUREMENTS <- Responder 18. ValidMeasurementIndex[] = array of index in valid MeasurementBlock 10. InvalidMeasurementIndex[] = array of index not in valid MeasurementBlock, excluding 0 and 0xff

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=InvalidMeasurementIndex[i]} 2. SpdmMessage <- Responder

Assertion 7.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.4.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 7.4.5:

SpdmMessage.Param2 == 0.

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=1, Param2=ValidMeasurementIndex[i], SlotID=InvalidSlotID[i]} – if NegotiatedVersion=1.1+ && MEAS_CAP == 2

  2. SpdmMessage <- Responder

Assertion 7.4.*.

###

SPDM_VDM_V1_0_Test_007_005.py

Description: The SPDM Measurement Block from device shall follow SPDM specification.

SPDM Version: 1.0+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 6. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 7. ALGORITHMS <- Responder 8. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 9. DIGESTS <- Responder 10. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 11. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 12. CERTIFICATE <- Responder 13. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 14. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements} 2. SpdmMessage <- Responder

Assertion 7.5.1:

SpdmMeasurementBlock[i].MeasurementSpecification == DMTF

Assertion 7.5.2:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 = 0) then (SpdmMeasurementBlock[i].MeasurementSize == 3 + HashSize)

Assertion 7.5.3:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 = 0) then (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueSize == HashSize)

Assertion 7.5.4:

if (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_[6:0] == 0x5) && (SPDMVersion >= SPDM_MESSAGE_VERSION_12) then (SpdmMeasurementBlock[i].Measurement.DMTFSpecMeasurementValueType.bit_7 == 1)

###

SPDM_VDM_V1_0_Test_007_006.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} 2. SpdmMessage <- Responder

Assertion 7.6.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.6.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.6.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.6.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.6.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.6.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.6.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.6.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.6.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.6.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.6.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.6.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.6.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.6.{15~20}

Assertion 7.6.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

###

SPDM_VDM_V1_0_Test_007_007.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS in a DHE session with negotiated version 1.1.

SPDM Version: 1.1 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.7.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.7.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.7.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.7.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.7.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.7.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]} in session-X, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.7.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.7.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.7.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.7.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.7.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.7.{15~20}

Assertion 7.7.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i], if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.1 success, if Flags.MEAS_CAP == 2

###

SPDM_VDM_V1_0_Test_007_008.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_MEASUREMENTS in a DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.8.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 7.8.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 7.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.8.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 7.8.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_007_009.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || (Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 0), then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …}, if Flags.MEAS_CAP == 2 && Flags.CERT_CAP == 1 13. CERTIFICATE <- Responder 14. Requester -> CHALLENGE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=AllMeasurement, …}, if Flags.MEAS_CAP == 2 && Flags.CHAL_CAP == 1 15. CHALLENGE_AUTH <- Responder

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} 2. SpdmMessage <- Responder

Assertion 7.9.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.9.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.9.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.9.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.9.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.9.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.9.14:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]}, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder

Assertion 7.9.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.9.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.9.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.9.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.9.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.9.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]}

  2. SpdmMessage <- Responder

Assertion 7.9.{15~20}

Assertion 7.9.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

###

SPDM_VDM_V1_0_Test_007_010.py

Description: SPDM responder shall return valid MEASUREMENTS, if it receives a GET_MEASUREMENTS in a DHE session with negotiated version 1.2.

SPDM Version: 1.2 only

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.MEAS_CAP == 0 || Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=AllMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=NumberOfMeasurements, SlotID=ValidSlotID[i]} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 7.10.1:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.2:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.4:

SpdmMessage.Param1.NumberOfMeasurements > 0

Assertion 7.10.5:

SpdmMessage.NumberOfBlocks == 0

Assertion 7.10.6:

SpdmMessage.MeasurementRecordLength == 0

Assertion 7.10.7:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=AllMeasurements, SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.8:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.9:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.10:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.11:

SpdmMessage.NumberOfBlocks == NumberOfMeasurements && number of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.NumberOfBlocks (ValidMeasurementIndex[] = array of index of valid MeasurementBlock) (MeasurementBlock[] = array of valid MeasurementBlock)

Assertion 7.10.12:

SpdmMessage.MeasurementRecordLength > 0 && Sum(size of each MeasurementBlock in SpdmMessage.MeasurementRecord) == SpdmMessage.MeasurementRecordLength

Assertion 7.10.14:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=ValidMeasurementIndex[i], SlotID=ValidSlotID[i]} in session-X, if i < NumberOfMeasurements - 1

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.15:

sizeof(SpdmMessage) >= sizeof(MEASUREMENTS) + SpdmMessage.OpaqueDataLength + SpdmMessage.MeasurementRecordLength

Assertion 7.10.16:

SpdmMessage.RequestResponseCode == MEASUREMENTS

Assertion 7.10.17:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 7.10.18:

SpdmMessage.NumberOfBlocks == 1

Assertion 7.10.19:

SpdmMessage.MeasurementRecordLength > 0 && size of MeasurementBlock in SpdmMessage.MeasurementRecord == SpdmMessage.MeasurementRecordLength

Assertion 7.10.20:

SpdmMessage.MeasurementRecord == MeasurementBlock[i]

  1. Requester -> GET_MEASUREMENTS {SPDMVersion=NegotiatedVersion, Param1.Sig=(MEAS_CAP == 2), Param2=ValidMeasurementIndex[NumberOfMeasurements - 1], SlotID=ValidSlotID[i]} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 7.10.{15~20}

Assertion 7.10.21:

SpdmMessage.Param2.SlotID == ValidSlotID[i] && (SpdmMessage.Param2.ContentChanged == NotSupported || SpdmMessage.Param2.ContentChanged == NoChange), if MEAS_CAP == 2 SPDMsignatureVerify (PubKey, SpdmMessage.Signature, L1/L2) version 1.2 success, if Flags.MEAS_CAP == 2

SPDM_VDM_V1_0_Test_008_001.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP, if it receives a KEY_EXCHANGE with negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.1.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength

Assertion 8.1.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.1.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.1.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.1 success

Assertion 8.1.6:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.KEY_EXCHANGE_RSP) version 1.1 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.1.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.1.*.

###

SPDM_VDM_V1_0_Test_008_002.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a KEY_EXCHANGE with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.2.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength - HMAC size

Assertion 8.2.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.2.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.2.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.1 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.2.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.2.*.

###

SPDM_VDM_V1_0_Test_008_003.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a KEY_EXCHANGE with non negotiated version.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=(NegotiatedVersion+1), Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.3.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 8.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=(NegotiatedVersion-1), Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.3.*.

###

SPDM_VDM_V1_0_Test_008_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_EXCHANGE before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 8.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_008_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_EXCHANGE in a session application.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 8.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 8.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_008_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a KEY_EXCHANGE with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xF, 0xFF} 13. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 14. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=InvalidSlotID[i], ReqSessionID, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 8.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 8.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 8.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=(TcbMeasurements+1), Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=(AllMeasurements-1), Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueData}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

  1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=0, ReqSessionID, RandomData, ExchangeData, OpaqueDataLength=0xFFFF}

  2. SpdmMessage <- Responder

Assertion 8.6.*.

###

SPDM_VDM_V1_0_Test_008_007.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP, if it receives a KEY_EXCHANGE with negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, SessionPolicy.TerminationPolicy=1, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.7.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength

Assertion 8.7.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.7.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.7.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.2 success

Assertion 8.7.6:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.KEY_EXCHANGE_RSP) version 1.2 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.7.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.7.*.

###

SPDM_VDM_V1_0_Test_008_008.py

Description: SPDM responder shall return valid KEY_EXCHANGE_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a KEY_EXCHANGE with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], ReqSessionID, SessionPolicy.TerminationPolicy=1, RandomData, ExchangeData, OpaqueData} 2. SpdmMessage <- Responder

Assertion 8.8.1:

sizeof(SpdmMessage) >= sizeof(KEY_EXCHANGE_RSP) + SpdmMessage.OpaqueDataLength - HMAC size

Assertion 8.8.2:

SpdmMessage.RequestResponseCode == KEY_EXCHANGE_RSP

Assertion 8.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 8.8.4:

SpdmMessage.MutAuthRequested == 0 && SpdmMessage.SlotIDParam == 0

Assertion 8.8.5:

SPDMsignatureVerify (PubKey, SpdmMessage.Signature, TH.SIG.KEY_EXCHANGE_RSP) version 1.2 success

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=TcbMeasurements}, if Flags.MEAS_CAP != 0.

Assertion 8.8.*.

  1. Repeat (1~2) and use KEY_EXCHANGE {Param1=AllMeasurement}, if Flags.MEAS_CAP != 0.

Assertion 8.8.*.

SPDM_VDM_V1_0_Test_009_001.py

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.1.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP) - HMAC size

Assertion 9.1.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_VDM_V1_0_Test_009_002.py

Description: SPDM responder shall return valid FINISH_RSP with HANDSHAKE_IN_THE_CLEAR, if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and negotiated version 1.1.

SPDM Version: 1.1

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || Flags.HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.2.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.2.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.2.4:

HMACVerify (finished_key, SpdmMessage.ResponderVerifyData, TH.HMAC.FINISH_RSP) version 1.1 success

###

SPDM_VDM_V1_0_Test_009_003.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a FINISH with non negotiated version.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion+1), Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.3.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 9.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=(NegotiatedVersion-1), Param1=0, Param2=0}

  2. SpdmMessage <- Responder

Assertion 9.3.*.

###

SPDM_VDM_V1_0_Test_009_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH before NEGOTIATE_ALGORITHMS.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_009_005.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a FINISH in a session application.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.5.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 9.5.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_009_006.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a FINISH with invalid field.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder 16. UnsupportedReqSlotID[] = {0x1 ~ 0x7} 17. InvalidReqSlotID[] = {0x8 ~ 0xF, 0xFF}

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=UnsupportedReqSlotID[i], RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.6.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.6.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.6.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.6.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 9.6.5:

SpdmMessage.Param2 == 0.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=1, Param2.ReqSlotID=InvalidReqSlotID[i], RequesterVerifyData} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

  1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, no RequesterVerifyData} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 9.6.*.

###

SPDM_VDM_V1_0_Test_009_007.py

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.7.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.7.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.7.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.7.4:

SpdmMessage.Param1 == DecryptError.

###

SPDM_VDM_V1_0_Test_009_008.py

Description: SPDM responder shall return ERROR(DecryptError), if it receives a FINISH with HANDSHAKE_IN_THE_CLEAR_CAP and invalid RequesterVerifyData.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=1, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0 || HANDSHAKE_IN_THE_CLEAR_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1.Sig=0, Param2.ReqSlotID=0, !RequesterVerifyData} 2. SpdmMessage <- Responder

Assertion 9.8.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.8.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.8.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.8.4:

SpdmMessage.Param1 == DecryptError.

###

SPDM_VDM_V1_0_Test_009_009.py

Description: SPDM responder shall return valid FINISH_RSP, if it receives a FINISH with negotiated version 1.2.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 9.9.1:

sizeof(SpdmMessage) >= sizeof(FINISH_RSP)

Assertion 9.9.2:

SpdmMessage.RequestResponseCode == FINISH_RSP

Assertion 9.9.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_VDM_V1_0_Test_009_010.py

SPDM_VDM_V1_0_Test_009_011.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a FINISH in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, Flags.MUT_AUTH_CAP=0, Flags.HANDSHAKE_IN_THE_CLEAR_CAP=0, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, Param1=NoMeasurement, Param2.SlotID=ValidSlotID[i], …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> FINISH {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, RequesterVerifyData} (not in session-X) 2. SpdmMessage <- Responder (not in session-X)

Assertion 9.11.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 9.11.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 9.11.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 9.11.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_VDM_V1_0_Test_012_001.py

Description: SPDM responder shall return valid HEARTBEAT_ACK, if it receives a HEARTBEAT in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case. 17. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 18. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.1.1:

sizeof(SpdmMessage) >= sizeof(HEARTBEAT_ACK)

Assertion 12.1.2:

SpdmMessage.RequestResponseCode == HEARTBEAT_ACK

Assertion 12.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_VDM_V1_0_Test_012_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a HEARTBEAT with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case. 17. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 18. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 12.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 12.2.*.

###

SPDM_VDM_V1_0_Test_012_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a HEARTBEAT in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. If KEY_EXCHANGE_RSP.Param1.HeartbeatPeriod == 0, then skip this case.

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 12.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 12.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_012_004.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a HEARTBEAT in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> HEARTBEAT {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 12.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 12.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 12.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 12.4.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_VDM_V1_0_Test_013_001.py

Description: SPDM responder shall return valid KEY_UPDATE_ACK, if it receives a KEY_UPDATE in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag1} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.1.1:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.2:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.4:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.5:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=VerifyNewKey, Param2=Tag2} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.6:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.7:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.8:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.9:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.10:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateAllKeys, Param2=Tag3} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.11:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.12:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.13:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.14:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.15:

SpdmMessage.Param2 == KEY_UPDATE.Param2

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=VerifyNewKey, Param2=Tag4} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.1.16:

sizeof(SpdmMessage) >= sizeof(KEY_UPDATE_ACK)

Assertion 13.1.17:

SpdmMessage.RequestResponseCode == KEY_UPDATE_ACK

Assertion 13.1.18:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.1.19:

SpdmMessage.Param1 == KEY_UPDATE.Param1

Assertion 13.1.20:

SpdmMessage.Param2 == KEY_UPDATE.Param2

###

SPDM_VDM_V1_0_Test_013_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a KEY_UPDATE with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 13.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> HEARTBEAT {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.2.*.

###

SPDM_VDM_V1_0_Test_013_003.py

Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a KEY_UPDATE with invalid field in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=(UpdateKey-1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.3.4:

SpdmMessage.Param1 == InvalidRequest.

Assertion 13.3.5:

SpdmMessage.Param2 == 0.

  1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=(VerifyNewKey+1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 13.3.*.

###

SPDM_VDM_V1_0_Test_013_004.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a KEY_UPDATE in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_UPD_CAP == 0 || Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 13.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.4.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 13.4.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_013_005.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a KEY_UPDATE in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.HBEAT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> KEY_UPDATE {SPDMVersion=NegotiatedVersion, Param1=UpdateKey, Param2=Tag} 2. SpdmMessage <- Responder

Assertion 13.5.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 13.5.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 13.5.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 13.5.4:

SpdmMessage.Param1 == SessionRequired.

SPDM_VDM_V1_0_Test_016_001.py

Description: SPDM responder shall return valid END_SESSION_ACK, if it receives a END_SESSION in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.1.1:

sizeof(SpdmMessage) >= sizeof(END_SESSION_ACK)

Assertion 16.1.2:

SpdmMessage.RequestResponseCode == END_SESSION_ACK

Assertion 16.1.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

###

SPDM_VDM_V1_0_Test_016_002.py

Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a END_SESSION with non negotiated version in DHE session.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder 16. Requester -> FINISH {SPDMVersion=NegotiatedVersion, …} in session-X 17. FINISH_RSP <- Responder in session-X

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion+1), …} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.2.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.2.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.2.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.2.4:

SpdmMessage.Param1 == VersionMismatch.

Assertion 16.2.5:

SpdmMessage.Param2 == 0.

  1. Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion-1), …} in session-X

  2. SpdmMessage <- Responder in session-X

Assertion 16.2.*.

###

SPDM_VDM_V1_0_Test_016_003.py

Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a END_SESSION in DHE session handshake.

SPDM Version: 1.1+

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, …} 10. DIGESTS <- Responder 11. ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask 12. Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], …} 13. CERTIFICATE <- Responder 14. Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, …} 15. KEY_EXCHANGE_RSP <- Responder

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X 2. SpdmMessage <- Responder in session-X

Assertion 16.3.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.3.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.3.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.3.4:

SpdmMessage.Param1 == UnexpectedRequest.

Assertion 16.3.5:

SpdmMessage.Param2 == 0.

###

SPDM_VDM_V1_0_Test_016_004.py

Description: SPDM responder shall return ERROR(SessionRequired), if it receives a END_SESSION in non-session.

SPDM Version: 1.2

TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.2 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.KEY_EX_CAP == 0 && Flags.PSK_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder

TestTeardown: None

Steps: 1. Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} 2. SpdmMessage <- Responder

Assertion 16.4.1:

sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 16.4.2:

SpdmMessage.RequestResponseCode == ERROR

Assertion 16.4.3:

SpdmMessage.SPDMVersion == NegotiatedVersion

Assertion 16.4.4:

SpdmMessage.Param1 == SessionRequired.