Description: SPDM responder shall return valid CERTIFICATE, if it receives a GET_CERTIFICATE.
SPDM Version: 1.0+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.CERT_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
- Digests[] = array of DIGESTS.Digest
TestTeardown: None
Steps:
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=0, Length=0x400}
- SpdmMessage <- Responder
Assertion 5.1.1: sizeof(SpdmMessage) >= sizeof(CERTIFICATE, CertChain)
Assertion 5.1.2: SpdmMessage.RequestResponseCode == CERTIFICATE
Assertion 5.1.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 5.1.4: SpdmMessage.PortionLength > 0 SpdmMessage.PortionLength <= GET_CERTIFICATE.Length
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], Param2=0, Offset=NextOffset, Length=0x400}, while SpdmMessage.RemainderLength != 0
- SpdmMessage <- Responder
Assertion 5.1.*.
Assertion 5.1.5: CertChain.Length == sizeof(CertChain)
Assertion 5.1.6: Hash(CertChain) == Digests[i]
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a GET_CERTIFICATE with non negotiated version.
SPDM Version: 1.0+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.CERT_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
TestTeardown: None
Steps:
- Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion+1), ...}
- SpdmMessage <- Responder
Assertion 5.2.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 5.2.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 5.2.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 5.2.4: SpdmMessage.Param1 == VersionMismatch.
Assertion 5.2.5: SpdmMessage.Param2 == 0.
- Requester -> GET_CERTIFICATE {SPDMVersion=(NegotiatedVersion-1), ...}
- SpdmMessage <- Responder
Assertion 5.2.*.
Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a GET_CERTIFICATE before NEGOTIATE_ALGORITHMS.
SPDM Version: 1.0+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.CERT_CAP == 0, then skip this case.
TestTeardown: None
Steps:
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, ...}
- SpdmMessage <- Responder
Assertion 5.3.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 5.3.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 5.3.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 5.3.4: SpdmMessage.Param1 == UnexpectedRequest.
Assertion 5.3.5: SpdmMessage.Param2 == 0.
Description: SPDM responder shall return ERROR(InvalidRequest), if it receives a GET_CERTIFICATE with invalid field.
SPDM Version: 1.0+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.CERT_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- InvalidSlotID[] = array of bit-index that SlotMask[bit-index]=0 from DIGEST.Param2.SlotMask + {0x8 ~ 0xE, 0xF}
TestTeardown: None
Steps:
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=InvalidSlotID[i], Param2=0, Offset=0, Length=0x400}
- SpdmMessage <- Responder
Assertion 5.4.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 5.4.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 5.4.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 5.4.4: SpdmMessage.Param1 == InvalidRequest.
Assertion 5.4.5: SpdmMessage.Param2 == 0.
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=0, Param2=0, Invalid_Offset=0xFFFF, Length=0x400}
- SpdmMessage <- Responder
Assertion 5.4.*.
Description: The CERTIFICATE from device shall follow X.509 and SPDM specification.
SPDM Version: 1.0+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.CERT_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
- CERTIFICATE <- Responder
TestTeardown: None
Steps:
Assertion 5.5.1: if (CertChain.Certificates[0] is self-signed) then (CertChain.RootHash == Hash(Certificates[0]))
Assertion 5.5.2: Each CertChain.Certificates[i] is signed by CertChain.Certificates[i-1].
Assertion 5.5.3: LeafCertificate.SigningAlgorithm == Negotiated Algorithm
Assertion 5.5.4: CertChain.Certificates[i].Version == 2 (X.509 v3).
Assertion 5.5.5: CertChain.Certificates[i].SerialNumber is present.
Assertion 5.5.6: CertChain.Certificates[i].SignatureAlgorithm is present.
Assertion 5.5.7: CertChain.Certificates[i].Issuer is present.
Assertion 5.5.8: CertChain.Certificates[i].SubjectName is present.
Assertion 5.5.9: CertChain.Certificates[i].Validity is present.
Assertion 5.5.10: CertChain.Certificates[i].SubjectPublicKeyInfo is present.
Assertion 5.5.11: CertChain.Certificates[i].KeyUsage is present.
Assertion 5.5.12: if CertChain.Certificates[i].BasicConstraints is present, then CA == FALSE in leaf certificate.
Assertion 5.5.13: if CertChain.Certificates[i].OID(id-DMTF-device-info) is present, it follows UTF8String({DMTF-manufacturer":"DMTF-product":"DMTF-serialNumber}).
Assertion 5.5.14: if CertChain.Certificates[i].OID(id-DMTF-hardwareidentity) is present, then it is in leaf certificate in SPDM 1.0/1.1 or SPDM 1.2 with Flags.ALIAS_CERT_CAP == 0. or it is in non-leaf certificate in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.
Assertion 5.5.15: if CertChain.Certificates[i].OID(id-DMTF-ekuresponder-auth) is present, it is in leaf certificate.
Assertion 5.5.16: if CertChain.Certificates[i].OID(id-DMTF-ekurequester-auth) is absent, it is in leaf certificate.
Assertion 5.5.17: if CertChain.Certificates[i].OID(id-DMTF-mutablecertificate) is present, then it is in SPDM 1.2 with Flags.ALIAS_CERT_CAP == 1.