Version.InvalidRequest test expectations are inaccurate

DMTF / SPDM-Responder-Validator

BSD 3-Clause "New" or "Revised" License

9 stars 13 forks source link

Version.InvalidRequest test expectations are inaccurate #124

Closed okt-olgak closed 5 months ago

okt-olgak commented 6 months ago

We have stumbled upon this while running SPDM-Reponder-Validator tests standalone, without the spdm-emu infra.

The current test case is:

Requester -> GET_VERSION {SPDMVersion=0x11, Param1=0, Param2=0} SpdmMessage <- Responder

Assertion 1.2.1: sizeof(SpdmMessage) >= sizeof(ERROR)

Assertion 1.2.2: SpdmMessage.RequestResponseCode == ERROR

Assertion 1.2.3: SpdmMessage.SPDMVersion == 0x10 [...]

Assertion 1.2.3 is inaccurate - this is only guaranteed to happen if this happens pre-VCA (or post-successful GET_VERSION). Post-VCA this error can return the negotiated SPDM version.

steven-bellock commented 6 months ago

The ERROR message resulting from an invalid GET_VERSION request shall have the value of the SPDMVersion field set to 0x10 .

was added in the 1.2 specification and was not backported to 1.0/1.1. For the most part we can just remove this check since the Requester would have a bug and it probably wouldn't care if the response message is correct or not.

steven-bellock commented 6 months ago

I'll ask the SPDM WG if the above text should be back-ported to the 1.0/1.1 specifications.

okt-olgak commented 6 months ago

The ERROR message resulting from an invalid GET_VERSION request shall have the value of the SPDMVersion field set to 0x10

oh, you're right! did not notice this in the specification.

steven-bellock commented 5 months ago

@jyao1 to remove the test. I'll file an issue with the SPDM Working Group to bring visibility.