Description: SPDM responder shall return valid END_SESSION_ACK, if it receives a END_SESSION in DHE session.
SPDM Version: 1.1+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.KEY_EX_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
- CERTIFICATE <- Responder
- Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
- KEY_EXCHANGE_RSP <- Responder
- Requester -> FINISH {SPDMVersion=NegotiatedVersion, ...} in session-X
- FINISH_RSP <- Responder in session-X
TestTeardown: None
Steps:
- Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X
- SpdmMessage <- Responder in session-X
Assertion 16.1.1: sizeof(SpdmMessage) >= sizeof(END_SESSION_ACK)
Assertion 16.1.2: SpdmMessage.RequestResponseCode == END_SESSION_ACK
Assertion 16.1.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Description: SPDM responder shall return ERROR(VersionMismatch), if it receives a END_SESSION with non negotiated version in DHE session.
SPDM Version: 1.1+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.KEY_EX_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
- CERTIFICATE <- Responder
- Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
- KEY_EXCHANGE_RSP <- Responder
- Requester -> FINISH {SPDMVersion=NegotiatedVersion, ...} in session-X
- FINISH_RSP <- Responder in session-X
TestTeardown: None
Steps:
- Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion+1), ...} in session-X
- SpdmMessage <- Responder in session-X
Assertion 16.2.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 16.2.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 16.2.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 16.2.4: SpdmMessage.Param1 == VersionMismatch.
Assertion 16.2.5: SpdmMessage.Param2 == 0.
- Requester -> END_SESSION {SPDMVersion=(NegotiatedVersion-1), ...} in session-X
- SpdmMessage <- Responder in session-X
Assertion 16.2.*.
Description: SPDM responder shall return ERROR(UnexpectedRequest), if it receives a END_SESSION in DHE session handshake.
SPDM Version: 1.1+
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- If 1.1 or above is not in VERSION.VersionNumberEntry, then skip this case.
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.KEY_EX_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
- Requester -> GET_DIGESTS {SPDMVersion=NegotiatedVersion, ...}
- DIGESTS <- Responder
- ValidSlotID[] = array of bit-index that SlotMask[bit-index]=1 from DIGEST.Param2.SlotMask
- Requester -> GET_CERTIFICATE {SPDMVersion=NegotiatedVersion, Param1.SlotID=ValidSlotID[i], ...}
- CERTIFICATE <- Responder
- Requester -> KEY_EXCHANGE {SPDMVersion=NegotiatedVersion, ...}
- KEY_EXCHANGE_RSP <- Responder
TestTeardown: None
Steps:
- Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0} in session-X
- SpdmMessage <- Responder in session-X
Assertion 16.3.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 16.3.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 16.3.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 16.3.4: SpdmMessage.Param1 == UnexpectedRequest.
Assertion 16.3.5: SpdmMessage.Param2 == 0.
Description: SPDM responder shall return ERROR(SessionRequired), if it receives a END_SESSION in non-session.
SPDM Version: 1.2
TestSetup:
- Requester -> GET_VERSION {SPDMVersion=0x10}
- VERSION <- Responder
- If 1.2 is not in VERSION.VersionNumberEntry, then skip this case.
- Requester -> GET_CAPABILITIES {SPDMVersion=NegotiatedVersion, ...}
- CAPABILITIES <- Responder
- If Flags.KEY_EX_CAP == 0 && Flags.PSK_CAP == 0, then skip this case.
- Requester -> NEGOTIATE_ALGORITHMS {SPDMVersion=NegotiatedVersion, ...}
- ALGORITHMS <- Responder
TestTeardown: None
Steps:
- Requester -> END_SESSION {SPDMVersion=NegotiatedVersion, Param1.StatePreservation=0, Param2=0}
- SpdmMessage <- Responder
Assertion 16.4.1: sizeof(SpdmMessage) >= sizeof(ERROR)
Assertion 16.4.2: SpdmMessage.RequestResponseCode == ERROR
Assertion 16.4.3: SpdmMessage.SPDMVersion == NegotiatedVersion
Assertion 16.4.4: SpdmMessage.Param1 == SessionRequired.