SPDM_V1_4
SPDM_DOE_V1_4_Test_001_001.py
Description: SPDM responder shall return valid VERSION, if it receives a GET_VERSION with version 1.0.
SPDM Version: 1.0+
TestSetup: None
TestTeardown: None
Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder
- Assertion 1.1.1:
sizeof(SpdmMessage) >= offset(VERSION, VersionNumberEntry)
- Assertion 1.1.2:
SpdmMessage.RequestResponseCode == VERSION
- Assertion 1.1.3:
SpdmMessage.SPDMVersion == 0x10
- Assertion 1.1.4:
SpdmMessage.VersionNumberEntryCount > 0 && SpdmMessage.VersionNumberEntryCount <= (sizeof(SpdmMessage) - offset(VERSION, VersionNumberEntry)) / sizeof(uint16_t)
- Assertion 1.1.5:
((SpdmMessage.VersionNumberEntry[i].MajorVersion << 4) + SpdmMessage.VersionNumberEntry[i].MinorVersion) is in {0x10, 0x11, 0x12, 0x13, 0x14}.
SPDM_DOE_V1_4_Test_003_002.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a NEGOTIATE_ALGORITHMS with non negotiated version.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder
- Assertion 3.2.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.2.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.2.4:
SpdmMessage.Param1 == VersionMismatch.
- Assertion 3.2.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion-1), …}
4. SpdmMessage <- Responder Assertion 3.2.*.
SPDM_DOE_V1_4_Test_003_004.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a NEGOTIATE_ALGORITHMS with invalid field.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length-1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder
- Assertion 3.4.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.4.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.4.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 3.4.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length+1, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtAsymCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtHashCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=1, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=3, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=2, ExtAlgCount=0xF, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
SPDM_DOE_V1_4_Test_003_007.py
Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical NEGOTIATE_ALGORITHMS.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 6. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder Assertion 3.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.7.4:
SpdmMessage.Param1 == UnexpectedRequest.
- Assertion 3.7.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, MeasurementSpecification=DMTF, BaseAsymAlgo=BaseAsymSel, BaseHashAlgo=BaseHashSel, …} – if NegotiatedVersion=1.0+
4. SpdmMessage <- Responder Assertion 3.7.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Dhe=DheSel, Aead=AeadSel, BaseReqAsymAlg=BaseReqAsymSel, …} – if NegotiatedVersion=1.1+
6. SpdmMessage <- Responder Assertion 3.7.*.
SPDM_DOE_V1_4_Test_003_009.py
Description: SPDM responder shall return valid ALGORITHMS(0x14), if it receives a NEGOTIATE_ALGORITHMS with negotiated version 1.4.
SPDM Version: 1.4 only
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x14, …} 5. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {
SPDMVersion=0x14, Param1.NumOfAlgoStruct=6, Param2=0, MeasurementSpecification=DMTF, OtherParamsSupport=OpaqueDataFmt1, BaseAsymAlgo=TPM_ALG_RSASSA_2048 |
TPM_ALG_RSAPSS_2048 | TPM_ALG_RSASSA_3072 | TPM_ALG_RSAPSS_3072 | TPM_ALG_ECDSA_ECC_NIST_P256 | TPM_ALG_RSASSA_4096 | TPM_ALG_RSAPSS_4096 | TPM_ALG_ECDSA_ECC_NIST_P384 | TPM_ALG_ECDSA_ECC_NIST_P521 | TPM_ALG_SM2_ECC_SM2_P256 | EdDSA_ed25519|EdDSA_ed448,
- BaseHashAlgo=TPM_ALG_SHA_256 |
TPM_ALG_SHA_384 | TPM_ALG_SHA_512 | TPM_ALG_SHA3_256 | TPM_ALG_SHA3_384 | TPM_ALG_SHA3_512 | TPM_ALG_SM3_256,
- PqcAsymAlgo=ML-DSA-44|ML-DSA-65 |
ML-DSA-87 | SLH-DSA-SHA2-128s | SLH-DSA-SHAKE-128s | SLH-DSA-SHA2-128f | SLH-DSA-SHAKE-128f | SLH-DSA-SHA2-192s | SLH-DSA-SHAKE-192s | SLH-DSA-SHA2-192f | SLH-DSA-SHAKE-192f | SLH-DSA-SHA2-256s | SLH-DSA-SHAKE-256s | SLH-DSA-SHA2-256f | SLH-DSA-SHAKE-256f,
ExtAsymCount=0, ExtHashCount=0, MELspecification=DMTFmelSpec, ReqAlgStruct[0..5]={DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg}}
SpdmMessage <- Responder
- Assertion 3.9.1:
sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.4)
- Assertion 3.9.2:
SpdmMessage.RequestResponseCode == ALGORITHMS
- Assertion 3.9.3:
SpdmMessage.SPDMVersion == 0x14
- Assertion 3.9.4:
SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.4, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)
- Assertion 3.9.5:
SpdmMessage.ExtAsymSelCount == 0
- Assertion 3.9.6:
SpdmMessage.ExtHashSelCount == 0
- Assertion 3.9.7:
SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || == 0.
- if (MEAS_CAP != 0 || MEL_CAP == 1)
then MeasurementSpecificationSel != 0
- Assertion 3.9.8:
SpdmMessage.MeasurementHashAlgo only has one bit at most.
- if (MEAS_CAP != 0) (MeasurementHashAlgo == one of {
Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
if (MEAS_CAP == 0) then MeasurementHashAlgo == 0.
- Assertion 3.9.9:
SpdmMessage.BaseAsymSel and SpdmMessage.PqcAsymSel only have one bit set at most.
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && BaseAsymSel != 0)
- then (BaseAsymSel == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448})
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && PqcAsymSel != 0)
- then (PqcAsymSel == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0)
then (BaseAsymSel == 0 && PqcAsymSel == 0)
- Assertion 3.9.10:
SpdmMessage.BaseHashSel only has one bit at most.
- if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0)
then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0)
then (BaseHashSel == 0)
- Assertion 3.9.11:
SpdmMessage.Param1 <= 6 AlgStructure[i].AlgType in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg} and no duplication. AlgStructure[i].AlgType monotonically increases.
- Assertion 3.9.12:
SpdmMessage.AlgStructure[i].AlgCount == 0x20
- Assertion 3.9.13:
SpdmMessage.AlgStructure[DHE_index] and SpdmMessage.AlgStructure[KEMAlg_index] only have one bit set at most.
- if (KEY_EX_CAP == 1)
- then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {
ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1, SM2_P256} || KEMAlg.AlgSupported == one of {ML-KEM-512, ML-KEM-768, ML-KEM-1024}
- if (KEY_EX_CAP == 0)
then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent && SpdmMessage.AlgStructure[KEMAlg_index].AlgSupported == 0, or it is absent
- Assertion 3.9.14:
SpdmMessage.AlgStructure[AEAD_index] only has one bit set at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305, AEAD_SM4_GCM}
else SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0 or it is absent
- Assertion 3.9.15:
SpdmMessage.AlgStructure[ReqBaseAsymAlg_index] and SpdmMessage.AlgStructure[ReqPqcAsymAlg_index] only have one bit set at most.
- if (MUT_AUTH_CAP == 1)
- then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448}
- || SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f}.
- if (MUT_AUTH_CAP == 0)
then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0 or it is absent && SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == 0 or it is absent
- Assertion 3.9.16:
SpdmMessage.AlgStructure[KeySchedule_index] only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM
else SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0 or it is absent
- Assertion 3.9.17:
SpdmMessage.OpaqueDataFmt only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then OtherParamsSupport.OpaqueDataFmt == OpaqueDataFmt1
- Assertion 3.9.18:
SpdmMessage.MELspecificationSel only has one bit at most.
- if (MEL_CAP == 1)
then SpdmMessage.MELspecificationSel == DMTFmelSpec.
- if (MEL_CAP == 0)
then SpdmMessage.MELspecificationSel == 0
SPDM_DOE_V1_4_Test_027_001.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with SupportedSubCodes structure, if it receives a SLOT_MANAGEMENT with SubCode=SupportedSubCodes.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=SupportedSubCodes, …} 2. SpdmMessage <- Responder
- Assertion 27.1.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.1.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.1.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.1.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (SupportedSubCodes)
- Assertion 27.1.5:
SpdmMessage.Param2 == 0
- Assertion 27.1.6:
SupportedSubCodes.Reserved == 0
- Assertion 27.1.7:
SupportedSubCodes.RespLength == 36
- Assertion 27.1.8:
SupportedSubCodes.SubCodeBitmap.Bit[SupportedSubCodes] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankInfo] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankDetails] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetCertificateChain] == 1
SPDM_DOE_V1_4_Test_027_002.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankInfo structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankInfo, …} 2. SpdmMessage <- Responder
- Assertion 27.2.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.2.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.2.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetBankInfo)
- Assertion 27.2.5:
BankInfo.RespLength == offset(BankInfo, BankElements) + (BankInfo.NumBankElements * sizeof(BankElement))
- Assertion 27.2.6:
BankInfo.NumBankElements > 0 && BankInfo.NumBankElements <= 240
- Assertion 27.2.7:
- For every BankElement in BankInfo.BankElements[]:
BankElement.ElementLength == 4 && BankElement.BankID <= 239
- Assertion 27.2.8:
- For every pair (i, j), i != j, in BankInfo.BankElements[]:
BankElements[i].BankID != BankElements[j].BankID
- Assertion 27.2.9:
BankInfo.Reserved == 0
SPDM_DOE_V1_4_Test_027_003.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankDetails structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankDetails for each valid BankID.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
ValidBankID[] = array of BankElement.BankID from BankInfo.BankElements[]
- For each BankID in ValidBankID[] and 0xFF:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
SpdmMessage <- Responder
- Assertion 27.3.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.3.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.3.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.3.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT_RESP.Param1 (GetBankDetails)
- Assertion 27.3.5:
BankDetails.BankID == SLOT_MANAGEMENT.SlotAddress.BankID
- Assertion 27.3.6:
BankDetails.RespLength == sizeof(BankDetails)
- Assertion 27.3.7:
BankDetails.NumSlotElements <= 8
- Assertion 27.3.8:
- For SlotElement[i]:
BankDetails.SlotElement[i].ElementLength == 16 + H && SlotElement[i].SlotID <= 7 && BankElements[BankDetails.BankID].SlotMask.Bit[SlotElement[i].SlotID] == 1 && (if MULTI_KEY_CONN_RSP == false => KeyPairID == 0) && (if Provisioned == 0 => Digest == 0)
- Assertion 27.3.9:
popcount(BankDetails.CurrentAsymAlgo) + popcount(BankDetails.CurrentPqcAsymAlgo) <= 1
- Assertion 27.3.10:
(BankDetails.AsymAlgoCapabilities | BankDetails.PqcAsymAlgoCapabilities) != 0
- Assertion 27.3.11:
(BankDetails.AvailableAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.AvailablePqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.12:
(BankDetails.CurrentAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.CurrentPqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.13:
- If BankDetails.BankAttributes.ConfigAlgo == 0, then
BankDetails.AsymAlgoCapabilities == 0 && BankDetails.PqcAsymAlgoCapabilities == 0 && BankDetails.AvailableAsymAlgo == 0 && BankDetails.AvailablePqcAsymAlgo == 0
- Assertion 27.3.14:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0 && every SlotElement.Reserved == 0
- Assertion 27.3.15:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0
- Assertion 27.3.16:
BankDetails.NumSlotElements == popcount(BankElements[BankDetails.BankID].SlotMask)
- Assertion 27.3.17:
- For every pair (m, n), m != n, in BankDetails.SlotElements[]:
SlotElements[m].SlotID != SlotElements[n].SlotID
- Assertion 27.3.18:
If BankAttributes.ConfigAlgo == 1 && CurrentAsymAlgo == 0 && CurrentPqcAsymAlgo == 0, then no SlotElement has SlotAttributes.Bit[0] (Provisioned) == 1
SPDM_DOE_V1_4_Test_027_004.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with GetCertificateChain structure, if it receives a SLOT_MANAGEMENT with SubCode=GetCertificateChain for any provisioned slot in any Bank reported by GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
SelectedBankIDs[] = array of BankID where BankAttributes.Bit[0] (Selected) == 1.
- For each BankID in SelectedBankIDs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
BankDetails <- Responder
ProvisionedPairs[] = array of (BankID, SlotID) for every SlotElement in BankDetails.SlotElements[] where SlotAttributes.Bit[0] (Provisioned) == 1.
- For each (BankID, SlotID) in ProvisionedPairs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetCertificateChain, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=SlotID}}
SpdmMessage <- Responder
- Assertion 27.4.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) + offset(GetCertificateChain, CertChain)
- Assertion 27.4.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.4.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetCertificateChain)
- Assertion 27.4.5:
SpdmMessage.MgmtStructOffset >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) && SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain)
<= sizeof(SpdmMessage)
- Assertion 27.4.6:
GetCertificateChain.CCLength + SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain) <= sizeof(SpdmMessage)
- Assertion 27.4.7:
GetCertificateChain.Reserved == 0
SPDM_DOE_V1_4_Test_027_005.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a SLOT_MANAGEMENT with non negotiated version.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=(NegotiatedVersion+1), Param1.SubCode=SupportedSubCodes, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0} 2. SpdmMessage <- Responder
- Assertion 27.5.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.5.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.5.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.5.4:
SpdmMessage.Param1 == VersionMismatch
- Assertion 27.5.5:
SpdmMessage.Param2 == 0
SPDM_DOE_V1_4_Test_027_006.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a SLOT_MANAGEMENT with a reserved or unknown SubCode value.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=0x05,
Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.6.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.6.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.6.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.6.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 27.6.5:
SpdmMessage.Param2 == 0.
SPDM_DOE_V1_4_Test_027_007.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT with a valid SubCode that is not in SupportedSubCodes.SubCodeBitmap.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, …}
SLOT_MANAGEMENT_RESP <- Responder
UnsupportedSubCode = any SubCode in {GetCSR, ManageBank, ManageSlot, SetCertificate} whose bit is 0 in SupportedSubCodes.SubCodeBitmap. If no such SubCode exists, skip this case.
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=UnsupportedSubCode, MgmtStructOffset=<as required>, SlotMgmtReqStruct=<as required>}
SpdmMessage <- Responder
- Assertion 27.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.7.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.7.5:
SpdmMessage.Param2 == 0.
SPDM_DOE_V1_4_Test_027_008.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT when SLOT_MGMT_CAP=0 in CAPABILITIES.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 1, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.8.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.8.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.8.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.8.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.8.5:
SpdmMessage.Param2 == 0.
SPDM_SMBUS_V1_4_Test_001_001.py
Description: SPDM responder shall return valid VERSION, if it receives a GET_VERSION with version 1.0.
SPDM Version: 1.0+
TestSetup: None
TestTeardown: None
Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder
- Assertion 1.1.1:
sizeof(SpdmMessage) >= offset(VERSION, VersionNumberEntry)
- Assertion 1.1.2:
SpdmMessage.RequestResponseCode == VERSION
- Assertion 1.1.3:
SpdmMessage.SPDMVersion == 0x10
- Assertion 1.1.4:
SpdmMessage.VersionNumberEntryCount > 0 && SpdmMessage.VersionNumberEntryCount <= (sizeof(SpdmMessage) - offset(VERSION, VersionNumberEntry)) / sizeof(uint16_t)
- Assertion 1.1.5:
((SpdmMessage.VersionNumberEntry[i].MajorVersion << 4) + SpdmMessage.VersionNumberEntry[i].MinorVersion) is in {0x10, 0x11, 0x12, 0x13, 0x14}.
SPDM_SMBUS_V1_4_Test_003_002.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a NEGOTIATE_ALGORITHMS with non negotiated version.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder
- Assertion 3.2.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.2.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.2.4:
SpdmMessage.Param1 == VersionMismatch.
- Assertion 3.2.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion-1), …}
4. SpdmMessage <- Responder Assertion 3.2.*.
SPDM_SMBUS_V1_4_Test_003_004.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a NEGOTIATE_ALGORITHMS with invalid field.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length-1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder
- Assertion 3.4.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.4.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.4.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 3.4.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length+1, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtAsymCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtHashCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=1, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=3, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=2, ExtAlgCount=0xF, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
SPDM_SMBUS_V1_4_Test_003_007.py
Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical NEGOTIATE_ALGORITHMS.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 6. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder Assertion 3.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.7.4:
SpdmMessage.Param1 == UnexpectedRequest.
- Assertion 3.7.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, MeasurementSpecification=DMTF, BaseAsymAlgo=BaseAsymSel, BaseHashAlgo=BaseHashSel, …} – if NegotiatedVersion=1.0+
4. SpdmMessage <- Responder Assertion 3.7.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Dhe=DheSel, Aead=AeadSel, BaseReqAsymAlg=BaseReqAsymSel, …} – if NegotiatedVersion=1.1+
6. SpdmMessage <- Responder Assertion 3.7.*.
SPDM_SMBUS_V1_4_Test_003_009.py
Description: SPDM responder shall return valid ALGORITHMS(0x14), if it receives a NEGOTIATE_ALGORITHMS with negotiated version 1.4.
SPDM Version: 1.4 only
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x14, …} 5. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {
SPDMVersion=0x14, Param1.NumOfAlgoStruct=6, Param2=0, MeasurementSpecification=DMTF, OtherParamsSupport=OpaqueDataFmt1, BaseAsymAlgo=TPM_ALG_RSASSA_2048 |
TPM_ALG_RSAPSS_2048 | TPM_ALG_RSASSA_3072 | TPM_ALG_RSAPSS_3072 | TPM_ALG_ECDSA_ECC_NIST_P256 | TPM_ALG_RSASSA_4096 | TPM_ALG_RSAPSS_4096 | TPM_ALG_ECDSA_ECC_NIST_P384 | TPM_ALG_ECDSA_ECC_NIST_P521 | TPM_ALG_SM2_ECC_SM2_P256 | EdDSA_ed25519|EdDSA_ed448,
- BaseHashAlgo=TPM_ALG_SHA_256 |
TPM_ALG_SHA_384 | TPM_ALG_SHA_512 | TPM_ALG_SHA3_256 | TPM_ALG_SHA3_384 | TPM_ALG_SHA3_512 | TPM_ALG_SM3_256,
- PqcAsymAlgo=ML-DSA-44|ML-DSA-65 |
ML-DSA-87 | SLH-DSA-SHA2-128s | SLH-DSA-SHAKE-128s | SLH-DSA-SHA2-128f | SLH-DSA-SHAKE-128f | SLH-DSA-SHA2-192s | SLH-DSA-SHAKE-192s | SLH-DSA-SHA2-192f | SLH-DSA-SHAKE-192f | SLH-DSA-SHA2-256s | SLH-DSA-SHAKE-256s | SLH-DSA-SHA2-256f | SLH-DSA-SHAKE-256f,
ExtAsymCount=0, ExtHashCount=0, MELspecification=DMTFmelSpec, ReqAlgStruct[0..5]={DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg}}
SpdmMessage <- Responder
- Assertion 3.9.1:
sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.4)
- Assertion 3.9.2:
SpdmMessage.RequestResponseCode == ALGORITHMS
- Assertion 3.9.3:
SpdmMessage.SPDMVersion == 0x14
- Assertion 3.9.4:
SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.4, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)
- Assertion 3.9.5:
SpdmMessage.ExtAsymSelCount == 0
- Assertion 3.9.6:
SpdmMessage.ExtHashSelCount == 0
- Assertion 3.9.7:
SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || == 0.
- if (MEAS_CAP != 0 || MEL_CAP == 1)
then MeasurementSpecificationSel != 0
- Assertion 3.9.8:
SpdmMessage.MeasurementHashAlgo only has one bit at most.
- if (MEAS_CAP != 0) (MeasurementHashAlgo == one of {
Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
if (MEAS_CAP == 0) then MeasurementHashAlgo == 0.
- Assertion 3.9.9:
SpdmMessage.BaseAsymSel and SpdmMessage.PqcAsymSel only have one bit set at most.
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && BaseAsymSel != 0)
- then (BaseAsymSel == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448})
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && PqcAsymSel != 0)
- then (PqcAsymSel == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0)
then (BaseAsymSel == 0 && PqcAsymSel == 0)
- Assertion 3.9.10:
SpdmMessage.BaseHashSel only has one bit at most.
- if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0)
then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0)
then (BaseHashSel == 0)
- Assertion 3.9.11:
SpdmMessage.Param1 <= 6 AlgStructure[i].AlgType in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg} and no duplication. AlgStructure[i].AlgType monotonically increases.
- Assertion 3.9.12:
SpdmMessage.AlgStructure[i].AlgCount == 0x20
- Assertion 3.9.13:
SpdmMessage.AlgStructure[DHE_index] and SpdmMessage.AlgStructure[KEMAlg_index] only have one bit set at most.
- if (KEY_EX_CAP == 1)
- then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {
ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1, SM2_P256} || KEMAlg.AlgSupported == one of {ML-KEM-512, ML-KEM-768, ML-KEM-1024}
- if (KEY_EX_CAP == 0)
then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent && SpdmMessage.AlgStructure[KEMAlg_index].AlgSupported == 0, or it is absent
- Assertion 3.9.14:
SpdmMessage.AlgStructure[AEAD_index] only has one bit set at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305, AEAD_SM4_GCM}
else SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0 or it is absent
- Assertion 3.9.15:
SpdmMessage.AlgStructure[ReqBaseAsymAlg_index] and SpdmMessage.AlgStructure[ReqPqcAsymAlg_index] only have one bit set at most.
- if (MUT_AUTH_CAP == 1)
- then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448}
- || SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f}.
- if (MUT_AUTH_CAP == 0)
then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0 or it is absent && SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == 0 or it is absent
- Assertion 3.9.16:
SpdmMessage.AlgStructure[KeySchedule_index] only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM
else SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0 or it is absent
- Assertion 3.9.17:
SpdmMessage.OpaqueDataFmt only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then OtherParamsSupport.OpaqueDataFmt == OpaqueDataFmt1
- Assertion 3.9.18:
SpdmMessage.MELspecificationSel only has one bit at most.
- if (MEL_CAP == 1)
then SpdmMessage.MELspecificationSel == DMTFmelSpec.
- if (MEL_CAP == 0)
then SpdmMessage.MELspecificationSel == 0
SPDM_SMBUS_V1_4_Test_027_001.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with SupportedSubCodes structure, if it receives a SLOT_MANAGEMENT with SubCode=SupportedSubCodes.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=SupportedSubCodes, …} 2. SpdmMessage <- Responder
- Assertion 27.1.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.1.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.1.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.1.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (SupportedSubCodes)
- Assertion 27.1.5:
SpdmMessage.Param2 == 0
- Assertion 27.1.6:
SupportedSubCodes.Reserved == 0
- Assertion 27.1.7:
SupportedSubCodes.RespLength == 36
- Assertion 27.1.8:
SupportedSubCodes.SubCodeBitmap.Bit[SupportedSubCodes] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankInfo] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankDetails] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetCertificateChain] == 1
SPDM_SMBUS_V1_4_Test_027_002.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankInfo structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankInfo, …} 2. SpdmMessage <- Responder
- Assertion 27.2.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.2.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.2.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetBankInfo)
- Assertion 27.2.5:
BankInfo.RespLength == offset(BankInfo, BankElements) + (BankInfo.NumBankElements * sizeof(BankElement))
- Assertion 27.2.6:
BankInfo.NumBankElements > 0 && BankInfo.NumBankElements <= 240
- Assertion 27.2.7:
- For every BankElement in BankInfo.BankElements[]:
BankElement.ElementLength == 4 && BankElement.BankID <= 239
- Assertion 27.2.8:
- For every pair (i, j), i != j, in BankInfo.BankElements[]:
BankElements[i].BankID != BankElements[j].BankID
- Assertion 27.2.9:
BankInfo.Reserved == 0
SPDM_SMBUS_V1_4_Test_027_003.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankDetails structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankDetails for each valid BankID.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
ValidBankID[] = array of BankElement.BankID from BankInfo.BankElements[]
- For each BankID in ValidBankID[] and 0xFF:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
SpdmMessage <- Responder
- Assertion 27.3.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.3.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.3.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.3.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT_RESP.Param1 (GetBankDetails)
- Assertion 27.3.5:
BankDetails.BankID == SLOT_MANAGEMENT.SlotAddress.BankID
- Assertion 27.3.6:
BankDetails.RespLength == sizeof(BankDetails)
- Assertion 27.3.7:
BankDetails.NumSlotElements <= 8
- Assertion 27.3.8:
- For SlotElement[i]:
BankDetails.SlotElement[i].ElementLength == 16 + H && SlotElement[i].SlotID <= 7 && BankElements[BankDetails.BankID].SlotMask.Bit[SlotElement[i].SlotID] == 1 && (if MULTI_KEY_CONN_RSP == false => KeyPairID == 0) && (if Provisioned == 0 => Digest == 0)
- Assertion 27.3.9:
popcount(BankDetails.CurrentAsymAlgo) + popcount(BankDetails.CurrentPqcAsymAlgo) <= 1
- Assertion 27.3.10:
(BankDetails.AsymAlgoCapabilities | BankDetails.PqcAsymAlgoCapabilities) != 0
- Assertion 27.3.11:
(BankDetails.AvailableAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.AvailablePqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.12:
(BankDetails.CurrentAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.CurrentPqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.13:
- If BankDetails.BankAttributes.ConfigAlgo == 0, then
BankDetails.AsymAlgoCapabilities == 0 && BankDetails.PqcAsymAlgoCapabilities == 0 && BankDetails.AvailableAsymAlgo == 0 && BankDetails.AvailablePqcAsymAlgo == 0
- Assertion 27.3.14:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0 && every SlotElement.Reserved == 0
- Assertion 27.3.15:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0
- Assertion 27.3.16:
BankDetails.NumSlotElements == popcount(BankElements[BankDetails.BankID].SlotMask)
- Assertion 27.3.17:
- For every pair (m, n), m != n, in BankDetails.SlotElements[]:
SlotElements[m].SlotID != SlotElements[n].SlotID
- Assertion 27.3.18:
If BankAttributes.ConfigAlgo == 1 && CurrentAsymAlgo == 0 && CurrentPqcAsymAlgo == 0, then no SlotElement has SlotAttributes.Bit[0] (Provisioned) == 1
SPDM_SMBUS_V1_4_Test_027_004.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with GetCertificateChain structure, if it receives a SLOT_MANAGEMENT with SubCode=GetCertificateChain for any provisioned slot in any Bank reported by GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
SelectedBankIDs[] = array of BankID where BankAttributes.Bit[0] (Selected) == 1.
- For each BankID in SelectedBankIDs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
BankDetails <- Responder
ProvisionedPairs[] = array of (BankID, SlotID) for every SlotElement in BankDetails.SlotElements[] where SlotAttributes.Bit[0] (Provisioned) == 1.
- For each (BankID, SlotID) in ProvisionedPairs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetCertificateChain, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=SlotID}}
SpdmMessage <- Responder
- Assertion 27.4.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) + offset(GetCertificateChain, CertChain)
- Assertion 27.4.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.4.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetCertificateChain)
- Assertion 27.4.5:
SpdmMessage.MgmtStructOffset >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) && SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain)
<= sizeof(SpdmMessage)
- Assertion 27.4.6:
GetCertificateChain.CCLength + SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain) <= sizeof(SpdmMessage)
- Assertion 27.4.7:
GetCertificateChain.Reserved == 0
SPDM_SMBUS_V1_4_Test_027_005.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a SLOT_MANAGEMENT with non negotiated version.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=(NegotiatedVersion+1), Param1.SubCode=SupportedSubCodes, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0} 2. SpdmMessage <- Responder
- Assertion 27.5.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.5.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.5.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.5.4:
SpdmMessage.Param1 == VersionMismatch
- Assertion 27.5.5:
SpdmMessage.Param2 == 0
SPDM_SMBUS_V1_4_Test_027_006.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a SLOT_MANAGEMENT with a reserved or unknown SubCode value.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=0x05,
Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.6.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.6.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.6.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.6.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 27.6.5:
SpdmMessage.Param2 == 0.
SPDM_SMBUS_V1_4_Test_027_007.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT with a valid SubCode that is not in SupportedSubCodes.SubCodeBitmap.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, …}
SLOT_MANAGEMENT_RESP <- Responder
UnsupportedSubCode = any SubCode in {GetCSR, ManageBank, ManageSlot, SetCertificate} whose bit is 0 in SupportedSubCodes.SubCodeBitmap. If no such SubCode exists, skip this case.
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=UnsupportedSubCode, MgmtStructOffset=<as required>, SlotMgmtReqStruct=<as required>}
SpdmMessage <- Responder
- Assertion 27.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.7.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.7.5:
SpdmMessage.Param2 == 0.
SPDM_SMBUS_V1_4_Test_027_008.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT when SLOT_MGMT_CAP=0 in CAPABILITIES.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 1, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.8.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.8.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.8.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.8.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.8.5:
SpdmMessage.Param2 == 0.
SPDM_VDM_V1_4_Test_001_001.py
Description: SPDM responder shall return valid VERSION, if it receives a GET_VERSION with version 1.0.
SPDM Version: 1.0+
TestSetup: None
TestTeardown: None
Steps: 1. Requester -> GET_VERSION {SPDMVersion=0x10, Param1=0, Param2=0} 2. SpdmMessage <- Responder
- Assertion 1.1.1:
sizeof(SpdmMessage) >= offset(VERSION, VersionNumberEntry)
- Assertion 1.1.2:
SpdmMessage.RequestResponseCode == VERSION
- Assertion 1.1.3:
SpdmMessage.SPDMVersion == 0x10
- Assertion 1.1.4:
SpdmMessage.VersionNumberEntryCount > 0 && SpdmMessage.VersionNumberEntryCount <= (sizeof(SpdmMessage) - offset(VERSION, VersionNumberEntry)) / sizeof(uint16_t)
- Assertion 1.1.5:
((SpdmMessage.VersionNumberEntry[i].MajorVersion << 4) + SpdmMessage.VersionNumberEntry[i].MinorVersion) is in {0x10, 0x11, 0x12, 0x13, 0x14}.
SPDM_VDM_V1_4_Test_003_002.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a NEGOTIATE_ALGORITHMS with non negotiated version.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion+1), …} 2. SpdmMessage <- Responder
- Assertion 3.2.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.2.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.2.4:
SpdmMessage.Param1 == VersionMismatch.
- Assertion 3.2.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=(NegotiatedVersion-1), …}
4. SpdmMessage <- Responder Assertion 3.2.*.
SPDM_VDM_V1_4_Test_003_004.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a NEGOTIATE_ALGORITHMS with invalid field.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length-1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder
- Assertion 3.4.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.4.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.4.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 3.4.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Length+1, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtAsymCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ExtHashCount=21, …} – if NegotiatedVersion=1.0+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=1, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=3, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, FixedAlgCount=2, ExtAlgCount=0xF, …} – if NegotiatedVersion=1.1+
SpdmMessage <- Responder
Assertion 3.4.*.
SPDM_VDM_V1_4_Test_003_007.py
Description: SPDM responder shall return ERROR(UnexpectedRequest) or silent drop, if it receives two non-identical NEGOTIATE_ALGORITHMS.
SPDM Version: 1.0+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 4. CAPABILITIES <- Responder 5. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=0, MeasurementSpecification=DMTF, BaseAsymAlgo=TPM_ALG_RSASSA_2048|TPM_ALG_RSAPSS_2048|TPM_ALG_RSASSA_3072|TPM_ALG_RSAPSS_3072|TPM_ALG_ECDSA_ECC_NIST_P256|TPM_ALG_RSASSA_4096|TPM_ALG_RSAPSS_4096|TPM_ALG_ECDSA_ECC_NIST_P384|TPM_ALG_ECDSA_ECC_NIST_P521, BaseHashAlgo=TPM_ALG_SHA_256|TPM_ALG_SHA_384|TPM_ALG_SHA_512|TPM_ALG_SHA3_256|TPM_ALG_SHA3_384|TPM_ALG_SHA3_512, ExtAsymCount=0, ExtHashCount=0} 6. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Param1=0, Param2=1, …} – if NegotiatedVersion=1.0+ 2. SpdmMessage <- Responder Assertion 3.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 3.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 3.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 3.7.4:
SpdmMessage.Param1 == UnexpectedRequest.
- Assertion 3.7.5:
SpdmMessage.Param2 == 0.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, MeasurementSpecification=DMTF, BaseAsymAlgo=BaseAsymSel, BaseHashAlgo=BaseHashSel, …} – if NegotiatedVersion=1.0+
4. SpdmMessage <- Responder Assertion 3.7.*.
Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, Dhe=DheSel, Aead=AeadSel, BaseReqAsymAlg=BaseReqAsymSel, …} – if NegotiatedVersion=1.1+
6. SpdmMessage <- Responder Assertion 3.7.*.
SPDM_VDM_V1_4_Test_003_009.py
Description: SPDM responder shall return valid ALGORITHMS(0x14), if it receives a NEGOTIATE_ALGORITHMS with negotiated version 1.4.
SPDM Version: 1.4 only
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=0x14, …} 5. CAPABILITIES <- Responder
TestTeardown: None
Steps: 1. Requester -> NEGOTIATE_ALGORITHMS {
SPDMVersion=0x14, Param1.NumOfAlgoStruct=6, Param2=0, MeasurementSpecification=DMTF, OtherParamsSupport=OpaqueDataFmt1, BaseAsymAlgo=TPM_ALG_RSASSA_2048 |
TPM_ALG_RSAPSS_2048 | TPM_ALG_RSASSA_3072 | TPM_ALG_RSAPSS_3072 | TPM_ALG_ECDSA_ECC_NIST_P256 | TPM_ALG_RSASSA_4096 | TPM_ALG_RSAPSS_4096 | TPM_ALG_ECDSA_ECC_NIST_P384 | TPM_ALG_ECDSA_ECC_NIST_P521 | TPM_ALG_SM2_ECC_SM2_P256 | EdDSA_ed25519|EdDSA_ed448,
- BaseHashAlgo=TPM_ALG_SHA_256 |
TPM_ALG_SHA_384 | TPM_ALG_SHA_512 | TPM_ALG_SHA3_256 | TPM_ALG_SHA3_384 | TPM_ALG_SHA3_512 | TPM_ALG_SM3_256,
- PqcAsymAlgo=ML-DSA-44|ML-DSA-65 |
ML-DSA-87 | SLH-DSA-SHA2-128s | SLH-DSA-SHAKE-128s | SLH-DSA-SHA2-128f | SLH-DSA-SHAKE-128f | SLH-DSA-SHA2-192s | SLH-DSA-SHAKE-192s | SLH-DSA-SHA2-192f | SLH-DSA-SHAKE-192f | SLH-DSA-SHA2-256s | SLH-DSA-SHAKE-256s | SLH-DSA-SHA2-256f | SLH-DSA-SHAKE-256f,
ExtAsymCount=0, ExtHashCount=0, MELspecification=DMTFmelSpec, ReqAlgStruct[0..5]={DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg}}
SpdmMessage <- Responder
- Assertion 3.9.1:
sizeof(SpdmMessage) >= sizeof(ALGORITHMS_1.4)
- Assertion 3.9.2:
SpdmMessage.RequestResponseCode == ALGORITHMS
- Assertion 3.9.3:
SpdmMessage.SPDMVersion == 0x14
- Assertion 3.9.4:
SpdmMessage.Length <= sizeof(SpdmMessage) SpdmMessage.Length == offset(ALGORITHMS_1.4, ExtAsymSel) + 4 * SpdmMessage.ExtAsymSelCount + 4 * SpdmMessage.ExtHashSelCount + SpdmMessage.Param1 * sizeof(AlgStructSize)
- Assertion 3.9.5:
SpdmMessage.ExtAsymSelCount == 0
- Assertion 3.9.6:
SpdmMessage.ExtHashSelCount == 0
- Assertion 3.9.7:
SpdmMessage.MeasurementSpecificationSel only has one bit at most. MeasurementSpecificationSel == DMTF || == 0.
- if (MEAS_CAP != 0 || MEL_CAP == 1)
then MeasurementSpecificationSel != 0
- Assertion 3.9.8:
SpdmMessage.MeasurementHashAlgo only has one bit at most.
- if (MEAS_CAP != 0) (MeasurementHashAlgo == one of {
Raw Bit Stream Only, TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
if (MEAS_CAP == 0) then MeasurementHashAlgo == 0.
- Assertion 3.9.9:
SpdmMessage.BaseAsymSel and SpdmMessage.PqcAsymSel only have one bit set at most.
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && BaseAsymSel != 0)
- then (BaseAsymSel == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448})
- if ((CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1) && PqcAsymSel != 0)
- then (PqcAsymSel == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0)
then (BaseAsymSel == 0 && PqcAsymSel == 0)
- Assertion 3.9.10:
SpdmMessage.BaseHashSel only has one bit at most.
- if (CHAL_CAP == 1 || MEAS_CAP == 2 || KEY_EX_CAP == 1 || PSK_EX_CAP != 0)
then (BaseHashSel == one of {TPM_ALG_SHA_256, TPM_ALG_SHA_384, TPM_ALG_SHA_512, TPM_ALG_SHA3_256, TPM_ALG_SHA3_384, TPM_ALG_SHA3_512, TPM_ALG_SM3_256})
- if (CHAL_CAP == 0 && MEAS_CAP != 2 && KEY_EX_CAP == 0 && PSK_EX_CAP == 0)
then (BaseHashSel == 0)
- Assertion 3.9.11:
SpdmMessage.Param1 <= 6 AlgStructure[i].AlgType in {DHE, AEAD, ReqBaseAsymAlg, KeySchedule, ReqPqcAsymAlg, KEMAlg} and no duplication. AlgStructure[i].AlgType monotonically increases.
- Assertion 3.9.12:
SpdmMessage.AlgStructure[i].AlgCount == 0x20
- Assertion 3.9.13:
SpdmMessage.AlgStructure[DHE_index] and SpdmMessage.AlgStructure[KEMAlg_index] only have one bit set at most.
- if (KEY_EX_CAP == 1)
- then SpdmMessage.AlgStructure[DHE_index].AlgSupported == one of {
ffdhe2048, ffdhe3072, ffdhe4096, secp256r1, secp384r1, secp521r1, SM2_P256} || KEMAlg.AlgSupported == one of {ML-KEM-512, ML-KEM-768, ML-KEM-1024}
- if (KEY_EX_CAP == 0)
then SpdmMessage.AlgStructure[DHE_index].AlgSupported == 0, or it is absent && SpdmMessage.AlgStructure[KEMAlg_index].AlgSupported == 0, or it is absent
- Assertion 3.9.14:
SpdmMessage.AlgStructure[AEAD_index] only has one bit set at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[AEAD_index].AlgSupported == one of {AES-128-GCM, AES-256-GCM, CHACHA20_POLY1305, AEAD_SM4_GCM}
else SpdmMessage.AlgStructure[AEAD_index].AlgSupported == 0 or it is absent
- Assertion 3.9.15:
SpdmMessage.AlgStructure[ReqBaseAsymAlg_index] and SpdmMessage.AlgStructure[ReqPqcAsymAlg_index] only have one bit set at most.
- if (MUT_AUTH_CAP == 1)
- then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == one of {
TPM_ALG_RSASSA_2048, TPM_ALG_RSAPSS_2048, TPM_ALG_RSASSA_3072, TPM_ALG_RSAPSS_3072, TPM_ALG_ECDSA_ECC_NIST_P256, TPM_ALG_RSASSA_4096, TPM_ALG_RSAPSS_4096, TPM_ALG_ECDSA_ECC_NIST_P384, TPM_ALG_ECDSA_ECC_NIST_P521, TPM_ALG_SM2_ECC_SM2_P256, EdDSA_ed25519, EdDSA_ed448}
- || SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == one of {
ML-DSA-44, ML-DSA-65, ML-DSA-87, SLH-DSA-SHA2-128s, SLH-DSA-SHAKE-128s, SLH-DSA-SHA2-128f, SLH-DSA-SHAKE-128f, SLH-DSA-SHA2-192s, SLH-DSA-SHAKE-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHAKE-192f, SLH-DSA-SHA2-256s, SLH-DSA-SHAKE-256s, SLH-DSA-SHA2-256f, SLH-DSA-SHAKE-256f}.
- if (MUT_AUTH_CAP == 0)
then SpdmMessage.AlgStructure[ReqBaseAsymAlg_index].AlgSupported == 0 or it is absent && SpdmMessage.AlgStructure[ReqPqcAsymAlg_index].AlgSupported == 0 or it is absent
- Assertion 3.9.16:
SpdmMessage.AlgStructure[KeySchedule_index] only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == SPDM
else SpdmMessage.AlgStructure[KeySchedule_index].AlgSupported == 0 or it is absent
- Assertion 3.9.17:
SpdmMessage.OpaqueDataFmt only has one bit at most.
- if (KEY_EX_CAP == 1 || PSK_CAP != 0)
then OtherParamsSupport.OpaqueDataFmt == OpaqueDataFmt1
- Assertion 3.9.18:
SpdmMessage.MELspecificationSel only has one bit at most.
- if (MEL_CAP == 1)
then SpdmMessage.MELspecificationSel == DMTFmelSpec.
- if (MEL_CAP == 0)
then SpdmMessage.MELspecificationSel == 0
SPDM_VDM_V1_4_Test_027_001.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with SupportedSubCodes structure, if it receives a SLOT_MANAGEMENT with SubCode=SupportedSubCodes.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=SupportedSubCodes, …} 2. SpdmMessage <- Responder
- Assertion 27.1.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.1.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.1.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.1.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (SupportedSubCodes)
- Assertion 27.1.5:
SpdmMessage.Param2 == 0
- Assertion 27.1.6:
SupportedSubCodes.Reserved == 0
- Assertion 27.1.7:
SupportedSubCodes.RespLength == 36
- Assertion 27.1.8:
SupportedSubCodes.SubCodeBitmap.Bit[SupportedSubCodes] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankInfo] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetBankDetails] == 1 && SupportedSubCodes.SubCodeBitmap.Bit[GetCertificateChain] == 1
SPDM_VDM_V1_4_Test_027_002.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankInfo structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankInfo, …} 2. SpdmMessage <- Responder
- Assertion 27.2.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.2.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.2.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.2.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetBankInfo)
- Assertion 27.2.5:
BankInfo.RespLength == offset(BankInfo, BankElements) + (BankInfo.NumBankElements * sizeof(BankElement))
- Assertion 27.2.6:
BankInfo.NumBankElements > 0 && BankInfo.NumBankElements <= 240
- Assertion 27.2.7:
- For every BankElement in BankInfo.BankElements[]:
BankElement.ElementLength == 4 && BankElement.BankID <= 239
- Assertion 27.2.8:
- For every pair (i, j), i != j, in BankInfo.BankElements[]:
BankElements[i].BankID != BankElements[j].BankID
- Assertion 27.2.9:
BankInfo.Reserved == 0
SPDM_VDM_V1_4_Test_027_003.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with BankDetails structure, if it receives a SLOT_MANAGEMENT with SubCode=GetBankDetails for each valid BankID.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
ValidBankID[] = array of BankElement.BankID from BankInfo.BankElements[]
- For each BankID in ValidBankID[] and 0xFF:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
SpdmMessage <- Responder
- Assertion 27.3.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct)
- Assertion 27.3.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.3.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.3.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT_RESP.Param1 (GetBankDetails)
- Assertion 27.3.5:
BankDetails.BankID == SLOT_MANAGEMENT.SlotAddress.BankID
- Assertion 27.3.6:
BankDetails.RespLength == sizeof(BankDetails)
- Assertion 27.3.7:
BankDetails.NumSlotElements <= 8
- Assertion 27.3.8:
- For SlotElement[i]:
BankDetails.SlotElement[i].ElementLength == 16 + H && SlotElement[i].SlotID <= 7 && BankElements[BankDetails.BankID].SlotMask.Bit[SlotElement[i].SlotID] == 1 && (if MULTI_KEY_CONN_RSP == false => KeyPairID == 0) && (if Provisioned == 0 => Digest == 0)
- Assertion 27.3.9:
popcount(BankDetails.CurrentAsymAlgo) + popcount(BankDetails.CurrentPqcAsymAlgo) <= 1
- Assertion 27.3.10:
(BankDetails.AsymAlgoCapabilities | BankDetails.PqcAsymAlgoCapabilities) != 0
- Assertion 27.3.11:
(BankDetails.AvailableAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.AvailablePqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.12:
(BankDetails.CurrentAsymAlgo & ~BankDetails.AsymAlgoCapabilities) == 0 && (BankDetails.CurrentPqcAsymAlgo & ~BankDetails.PqcAsymAlgoCapabilities) == 0
- Assertion 27.3.13:
- If BankDetails.BankAttributes.ConfigAlgo == 0, then
BankDetails.AsymAlgoCapabilities == 0 && BankDetails.PqcAsymAlgoCapabilities == 0 && BankDetails.AvailableAsymAlgo == 0 && BankDetails.AvailablePqcAsymAlgo == 0
- Assertion 27.3.14:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0 && every SlotElement.Reserved == 0
- Assertion 27.3.15:
BankDetails.BankAttributes.Reserved == 0 && BankDetails.Reserved == 0
- Assertion 27.3.16:
BankDetails.NumSlotElements == popcount(BankElements[BankDetails.BankID].SlotMask)
- Assertion 27.3.17:
- For every pair (m, n), m != n, in BankDetails.SlotElements[]:
SlotElements[m].SlotID != SlotElements[n].SlotID
- Assertion 27.3.18:
If BankAttributes.ConfigAlgo == 1 && CurrentAsymAlgo == 0 && CurrentPqcAsymAlgo == 0, then no SlotElement has SlotAttributes.Bit[0] (Provisioned) == 1
SPDM_VDM_V1_4_Test_027_004.py
Description: SPDM responder shall return valid SLOT_MANAGEMENT_RESP with GetCertificateChain structure, if it receives a SLOT_MANAGEMENT with SubCode=GetCertificateChain for any provisioned slot in any Bank reported by GetBankInfo.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0 || Flags.CERT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankInfo, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SLOT_MANAGEMENT_RESP <- Responder
SelectedBankIDs[] = array of BankID where BankAttributes.Bit[0] (Selected) == 1.
- For each BankID in SelectedBankIDs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=GetBankDetails, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=0}}
BankDetails <- Responder
ProvisionedPairs[] = array of (BankID, SlotID) for every SlotElement in BankDetails.SlotElements[] where SlotAttributes.Bit[0] (Provisioned) == 1.
- For each (BankID, SlotID) in ProvisionedPairs[]:
Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=GetCertificateChain, Param2=0, MgmtStructOffset=8, SlotMgmtReqStruct=SlotAddress{ReqLength=8, BankID=BankID, SlotID=SlotID}}
SpdmMessage <- Responder
- Assertion 27.4.1:
sizeof(SpdmMessage) >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) + offset(GetCertificateChain, CertChain)
- Assertion 27.4.2:
SpdmMessage.RequestResponseCode == SLOT_MANAGEMENT_RESP
- Assertion 27.4.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.4.4:
SpdmMessage.Param1 == SLOT_MANAGEMENT.Param1 (GetCertificateChain)
- Assertion 27.4.5:
SpdmMessage.MgmtStructOffset >= offset(SLOT_MANAGEMENT_RESP, SlotMgmtRespStruct) && SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain)
<= sizeof(SpdmMessage)
- Assertion 27.4.6:
GetCertificateChain.CCLength + SpdmMessage.MgmtStructOffset + offset(GetCertificateChain, CertChain) <= sizeof(SpdmMessage)
- Assertion 27.4.7:
GetCertificateChain.Reserved == 0
SPDM_VDM_V1_4_Test_027_005.py
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a SLOT_MANAGEMENT with non negotiated version.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=(NegotiatedVersion+1), Param1.SubCode=SupportedSubCodes, Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0} 2. SpdmMessage <- Responder
- Assertion 27.5.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.5.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.5.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.5.4:
SpdmMessage.Param1 == VersionMismatch
- Assertion 27.5.5:
SpdmMessage.Param2 == 0
SPDM_VDM_V1_4_Test_027_006.py
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a SLOT_MANAGEMENT with a reserved or unknown SubCode value.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion, Param1.SubCode=0x05,
Param2=0, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.6.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.6.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.6.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.6.4:
SpdmMessage.Param1 == InvalidRequest.
- Assertion 27.6.5:
SpdmMessage.Param2 == 0.
SPDM_VDM_V1_4_Test_027_007.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT with a valid SubCode that is not in SupportedSubCodes.SubCodeBitmap.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 0, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder 9. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, …}
SLOT_MANAGEMENT_RESP <- Responder
UnsupportedSubCode = any SubCode in {GetCSR, ManageBank, ManageSlot, SetCertificate} whose bit is 0 in SupportedSubCodes.SubCodeBitmap. If no such SubCode exists, skip this case.
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=UnsupportedSubCode, MgmtStructOffset=<as required>, SlotMgmtReqStruct=<as required>}
SpdmMessage <- Responder
- Assertion 27.7.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.7.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.7.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.7.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.7.5:
SpdmMessage.Param2 == 0.
SPDM_VDM_V1_4_Test_027_008.py
Description: SPDM responder shall return ERROR(UnsupportedRequest), if it receives a SLOT_MANAGEMENT when SLOT_MGMT_CAP=0 in CAPABILITIES.
SPDM Version: 1.4+
TestSetup: 1. Requester -> GET_VERSION {SPDMVersion=0x10} 2. VERSION <- Responder 3. If 1.4 or above is not in VERSION.VersionNumberEntry, then skip this case. 4. Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, …} 5. CAPABILITIES <- Responder 6. If Flags.SLOT_MGMT_CAP == 1, then skip this case. 7. Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, …} 8. ALGORITHMS <- Responder
TestTeardown: None
Steps: 1. Requester -> SLOT_MANAGEMENT {SPDMVersion=NegotiatedVersion,
Param1.SubCode=SupportedSubCodes, MgmtStructOffset=0, SlotMgmtReqStruct=0}
SpdmMessage <- Responder
- Assertion 27.8.1:
sizeof(SpdmMessage) >= sizeof(ERROR)
- Assertion 27.8.2:
SpdmMessage.RequestResponseCode == ERROR
- Assertion 27.8.3:
SpdmMessage.SPDMVersion == NegotiatedVersion
- Assertion 27.8.4:
SpdmMessage.Param1 == UnsupportedRequest.
- Assertion 27.8.5:
SpdmMessage.Param2 == 0.