DMTF · Li-Aaron · Sep 30, 2025
@@ -281,9 +281,7 @@ libspdm_return_t libspdm_get_response_set_key_pair_info_ack(libspdm_context_t *s
             spdm_context, false, 0,
             SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_RESET_CAP);
     } else {
-        need_reset = libspdm_is_capabilities_flag_supported(
-            spdm_context, false, 0,
-            SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP);
+        need_reset = false;
     }
     result = libspdm_write_key_pair_info(
         spdm_context,

@@ -126,166 +126,14 @@ void libspdm_test_responder_set_key_pair_info_ack_case1(void **state)
 }
 
 /**
- * Test 2: Successful response to set key pair info with key pair id 4: need reset
- * Expected Behavior: get a RETURN_SUCCESS return code, and correct response message size and fields
+ * Test 2: Can be populated with new test.
  **/
 void libspdm_test_responder_set_key_pair_info_ack_case2(void **state)
 {
-    libspdm_return_t status;
-    libspdm_test_context_t *spdm_test_context;
-    libspdm_context_t *spdm_context;
-    size_t response_size;
-    uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
-    spdm_set_key_pair_info_ack_response_t *spdm_response;
-
-    uint8_t key_pair_id;
-    size_t set_key_pair_info_request_size;
-    spdm_set_key_pair_info_request_t *set_key_pair_info_request;
-    uint8_t *ptr;
-    uint16_t desired_key_usage;
-    uint32_t desired_asym_algo;
-    uint8_t desired_assoc_cert_slot_mask;
-
-    set_key_pair_info_request = malloc(sizeof(spdm_set_key_pair_info_request_t) +
-                                       sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) +
-                                       sizeof(uint8_t));
-
-    spdm_test_context = *state;
-    spdm_context = spdm_test_context->spdm_context;
-    spdm_test_context->case_id = 0x2;
-    spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
-                                            SPDM_VERSION_NUMBER_SHIFT_BIT;
-    spdm_context->connection_info.connection_state =
-        LIBSPDM_CONNECTION_STATE_AUTHENTICATED;
-    spdm_context->connection_info.algorithm.base_asym_algo =
-        m_libspdm_use_asym_algo;
-    spdm_context->local_context.capability.flags |=
-        SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP;
-    spdm_context->local_context.total_key_pairs = libspdm_read_total_key_pairs();
-    key_pair_id = 4;
-
-    /*set responder need reset*/
-    spdm_context->local_context.capability.flags |=
-        SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP;
-
-    response_size = sizeof(response);
-
-    /*Before reset, change: remove an association with slot*/
-    set_key_pair_info_request_size =
-        sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
-
-    libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
-    set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
-    set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION;
-    set_key_pair_info_request->header.param2 = 0;
-    set_key_pair_info_request->key_pair_id = key_pair_id;
-
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size, sizeof(spdm_error_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_ERROR);
-    assert_int_equal(spdm_response->header.param1,
-                     SPDM_ERROR_CODE_RESET_REQUIRED);
-    assert_int_equal(spdm_response->header.param2, 0);
-
-    /*After reset, change: remove an association with slot*/
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size,
-                     sizeof(spdm_set_key_pair_info_ack_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_SET_KEY_PAIR_INFO_ACK);
-
-    /*Before reset, erase: erase the keyusage and asymalgo*/
-    set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION;
-    set_key_pair_info_request_size =
-        sizeof(spdm_set_key_pair_info_request_t);
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size, sizeof(spdm_error_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_ERROR);
-    assert_int_equal(spdm_response->header.param1,
-                     SPDM_ERROR_CODE_RESET_REQUIRED);
-    assert_int_equal(spdm_response->header.param2, 0);
-
-    /*After reset, erase: erase the keyusage and asymalgo*/
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size,
-                     sizeof(spdm_set_key_pair_info_ack_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_SET_KEY_PAIR_INFO_ACK);
-
-
-    /*Before reset, generate: generate a new key pair*/
-    desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
-    desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256;
-    desired_assoc_cert_slot_mask = 0x08;
-    set_key_pair_info_request_size =
-        sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
-
-    libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
-    set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
-    set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION;
-    set_key_pair_info_request->header.param2 = 0;
-    set_key_pair_info_request->key_pair_id = key_pair_id;
-
-    ptr = (uint8_t*)(set_key_pair_info_request + 1);
-    ptr += sizeof(uint8_t);
-
-    libspdm_write_uint16(ptr, desired_key_usage);
-    ptr += sizeof(uint16_t);
-
-    libspdm_write_uint32(ptr, desired_asym_algo);
-    ptr += sizeof(uint32_t);
-
-    *ptr = desired_assoc_cert_slot_mask;
-
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size, sizeof(spdm_error_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_ERROR);
-    assert_int_equal(spdm_response->header.param1,
-                     SPDM_ERROR_CODE_RESET_REQUIRED);
-    assert_int_equal(spdm_response->header.param2, 0);
-
-    /*After reset, generate: generate a new key pair*/
-    status = libspdm_get_response_set_key_pair_info_ack(
-        spdm_context, set_key_pair_info_request_size,
-        set_key_pair_info_request, &response_size, response);
-    assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
-    assert_int_equal(response_size,
-                     sizeof(spdm_set_key_pair_info_ack_response_t));
-    spdm_response = (void *)response;
-    assert_int_equal(spdm_response->header.request_response_code,
-                     SPDM_SET_KEY_PAIR_INFO_ACK);
-    free(set_key_pair_info_request);
 }
 
 /**
- * Test 2: The collection of multiple sub-cases.
+ * Test 3: The collection of multiple sub-cases.
  **/
 void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
 {
@@ -303,14 +151,16 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     uint16_t desired_key_usage;
     uint32_t desired_asym_algo;
     uint8_t desired_assoc_cert_slot_mask;
+    uint8_t desired_pqc_asym_algo_len;
+    uint32_t desired_pqc_asym_algo;
 
     uint8_t temp_buf[LIBSPDM_RECEIVER_BUFFER_SIZE];
     set_key_pair_info_request = (spdm_set_key_pair_info_request_t *)temp_buf;
 
     spdm_test_context = *state;
     spdm_context = spdm_test_context->spdm_context;
     spdm_test_context->case_id = 0x3;
-    spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_13 <<
+    spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     spdm_context->connection_info.connection_state =
         LIBSPDM_CONNECTION_STATE_AUTHENTICATED;
@@ -321,17 +171,18 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     spdm_context->local_context.total_key_pairs = libspdm_read_total_key_pairs();
     key_pair_id = 4;
 
-    /*set responder need reset*/
+    /*set responder need reset, spdm 1.4 */
     spdm_context->local_context.capability.flags |=
-        SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP;
+        SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_RESET_CAP;
 
     /*Before reset, change: remove an association with slot*/
     set_key_pair_info_request_size =
         sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
+        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t) +
+        sizeof(uint8_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -353,13 +204,16 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     /* Sub Case 1: If KeyPairErase is set, all fields after the KeyPairID field in this request should not exist. */
     desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
     desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256;
+    desired_pqc_asym_algo_len = sizeof(desired_pqc_asym_algo);
+    desired_pqc_asym_algo = 0;
     desired_assoc_cert_slot_mask = 0x08;
     set_key_pair_info_request_size =
         sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
+        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t) +
+        sizeof(uint8_t) + sizeof(uint32_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -375,6 +229,12 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     ptr += sizeof(uint32_t);
 
     *ptr = desired_assoc_cert_slot_mask;
+    ptr += sizeof(uint8_t);
+
+    *ptr = desired_pqc_asym_algo_len;
+    ptr += sizeof(uint8_t);
+
+    libspdm_write_uint32(ptr, desired_pqc_asym_algo);
 
     response_size = sizeof(response);
     status = libspdm_get_response_set_key_pair_info_ack(
@@ -394,7 +254,7 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
         sizeof(spdm_set_key_pair_info_request_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -418,7 +278,7 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
         sizeof(spdm_set_key_pair_info_request_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -441,13 +301,16 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     desired_key_usage = SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE;
     desired_asym_algo = SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC256 |
                         SPDM_KEY_PAIR_ASYM_ALGO_CAP_ECC384;
+    desired_pqc_asym_algo_len = sizeof(desired_pqc_asym_algo);
+    desired_pqc_asym_algo = 0;
     desired_assoc_cert_slot_mask = 0x08;
     set_key_pair_info_request_size =
         sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
+        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t) +
+        sizeof(uint8_t) + sizeof(uint32_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -463,6 +326,12 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     ptr += sizeof(uint32_t);
 
     *ptr = desired_assoc_cert_slot_mask;
+    ptr += sizeof(uint8_t);
+
+    *ptr = desired_pqc_asym_algo_len;
+    ptr += sizeof(uint8_t);
+
+    libspdm_write_uint32(ptr, desired_pqc_asym_algo);
 
     response_size = sizeof(response);
     status = libspdm_get_response_set_key_pair_info_ack(
@@ -480,10 +349,11 @@ void libspdm_test_responder_set_key_pair_info_ack_case3(void **state)
     /*Before reset, change: remove an association with slot*/
     set_key_pair_info_request_size =
         sizeof(spdm_set_key_pair_info_request_t) +
-        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t);
+        sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t) +
+        sizeof(uint8_t);
 
     libspdm_zero_mem(set_key_pair_info_request, set_key_pair_info_request_size);
-    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_13;
+    set_key_pair_info_request->header.spdm_version = SPDM_MESSAGE_VERSION_14;
     set_key_pair_info_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
     set_key_pair_info_request->header.param1 = SPDM_SET_KEY_PAIR_INFO_CHANGE_OPERATION;
     set_key_pair_info_request->header.param2 = 0;
@@ -681,7 +551,7 @@ int libspdm_responder_set_key_pair_info_ack_test_main(void)
     const struct CMUnitTest spdm_responder_set_key_pair_info_ack_tests[] = {
         /* Success Case to set key pair info*/
         cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case1),
-        /* Success Case to set key pair info with reset*/
+        /* Can be populated with new test*/
         cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case2),
         /* The collection of multiple sub-cases.*/
         cmocka_unit_test(libspdm_test_responder_set_key_pair_info_ack_case3),