LCOV - code coverage report
Current view: top level - unit_test/test_spdm_responder - finish.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 100.0 % 1792 1792
Test Date: 2025-08-24 08:11:14 Functions: 100.0 % 32 32

            Line data    Source code
       1              : /**
       2              :  *  Copyright Notice:
       3              :  *  Copyright 2021-2025 DMTF. All rights reserved.
       4              :  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
       5              :  **/
       6              : 
       7              : #include "spdm_unit_test.h"
       8              : #include "internal/libspdm_responder_lib.h"
       9              : #include "internal/libspdm_secured_message_lib.h"
      10              : 
      11              : #pragma pack(1)
      12              : 
      13              : typedef struct {
      14              :     spdm_message_header_t header;
      15              :     uint8_t signature[LIBSPDM_MAX_ASYM_KEY_SIZE];
      16              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      17              : } libspdm_finish_request_mine_t;
      18              : 
      19              : typedef struct {
      20              :     spdm_message_header_t header;
      21              :     uint16_t opaque_data_size;
      22              :     uint8_t opaque_data[8];
      23              :     uint8_t signature[LIBSPDM_MAX_ASYM_KEY_SIZE];
      24              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      25              : } libspdm_finish_request_mine_14_t;
      26              : 
      27              : #pragma pack()
      28              : 
      29              : libspdm_finish_request_mine_t m_libspdm_finish_request1 = {
      30              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 0, 0 },
      31              : };
      32              : size_t m_libspdm_finish_request1_size = sizeof(m_libspdm_finish_request1);
      33              : 
      34              : libspdm_finish_request_mine_t m_libspdm_finish_request3 = {
      35              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 1, 0 },
      36              : };
      37              : size_t m_libspdm_finish_request3_size = sizeof(m_libspdm_finish_request3);
      38              : 
      39              : libspdm_finish_request_mine_t m_libspdm_finish_request4 = {
      40              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 1, 0xFF },
      41              : };
      42              : size_t m_libspdm_finish_request4_size = sizeof(m_libspdm_finish_request4);
      43              : 
      44              : libspdm_finish_request_mine_t m_libspdm_finish_request5 = {
      45              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 1, 10 },
      46              : };
      47              : size_t m_libspdm_finish_request5_size = sizeof(m_libspdm_finish_request5);
      48              : 
      49              : libspdm_finish_request_mine_t m_libspdm_finish_request6 = {
      50              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 6, 10 },
      51              : };
      52              : size_t m_libspdm_finish_request6_size = sizeof(m_libspdm_finish_request6);
      53              : 
      54              : libspdm_finish_request_mine_t m_libspdm_finish_request7 = {
      55              :     { SPDM_MESSAGE_VERSION_11, SPDM_FINISH, 1, 3 },
      56              : };
      57              : size_t m_libspdm_finish_request7_size = sizeof(m_libspdm_finish_request7);
      58              : 
      59              : libspdm_finish_request_mine_14_t m_libspdm_finish_request8 = {
      60              :     { SPDM_MESSAGE_VERSION_14, SPDM_FINISH, 0, 0 },
      61              : };
      62              : size_t m_libspdm_finish_request8_size = sizeof(m_libspdm_finish_request8);
      63              : 
      64              : uint8_t m_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
      65              : 
      66              : #if LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP
      67              : 
      68              : static libspdm_th_managed_buffer_t th_curr;
      69              : 
      70           28 : void libspdm_secured_message_set_request_finished_key(
      71              :     void *spdm_secured_message_context, const void *key, size_t key_size)
      72              : {
      73              :     libspdm_secured_message_context_t *secured_message_context;
      74              : 
      75           28 :     secured_message_context = spdm_secured_message_context;
      76           28 :     LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
      77           28 :     libspdm_copy_mem(secured_message_context->handshake_secret.request_finished_key,
      78              :                      sizeof(secured_message_context->handshake_secret.request_finished_key),
      79              :                      key, secured_message_context->hash_size);
      80           28 : }
      81              : 
      82              : /**
      83              :  * Test 1: receiving a correct FINISH message from the requester with a
      84              :  * correct MAC, no signature (no mutual authentication), and 'handshake in
      85              :  * the clear'.
      86              :  * Expected behavior: the responder accepts the request and produces a valid
      87              :  * FINISH_RSP response message.
      88              :  **/
      89            1 : void libspdm_test_responder_finish_case1(void **state)
      90              : {
      91              :     libspdm_return_t status;
      92              :     libspdm_test_context_t *spdm_test_context;
      93              :     libspdm_context_t *spdm_context;
      94              :     size_t response_size;
      95              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
      96              :     spdm_finish_response_t *spdm_response;
      97              :     void *data1;
      98              :     size_t data_size1;
      99              :     uint8_t *ptr;
     100              :     uint8_t *cert_buffer;
     101              :     size_t cert_buffer_size;
     102              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     103              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     104              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     105              :     libspdm_session_info_t *session_info;
     106              :     uint32_t session_id;
     107              :     uint32_t hash_size;
     108              :     uint32_t hmac_size;
     109              : 
     110            1 :     spdm_test_context = *state;
     111            1 :     spdm_context = spdm_test_context->spdm_context;
     112            1 :     spdm_test_context->case_id = 0x1;
     113            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     114              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     115            1 :     spdm_context->connection_info.connection_state =
     116              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     117            1 :     spdm_context->connection_info.capability.flags |=
     118              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     119            1 :     spdm_context->local_context.capability.flags |=
     120              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     121            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     122              :         m_libspdm_use_hash_algo;
     123            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     124              :         m_libspdm_use_asym_algo;
     125            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     126              :         m_libspdm_use_measurement_spec;
     127            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     128              :         m_libspdm_use_measurement_hash_algo;
     129            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     130              :         m_libspdm_use_dhe_algo;
     131            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     132              :         m_libspdm_use_aead_algo;
     133            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     134              :                                                     m_libspdm_use_asym_algo, &data1,
     135              :                                                     &data_size1, NULL, NULL);
     136            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     137            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     138              :         data_size1;
     139            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     140            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     141              :         data_size1;
     142              : 
     143            1 :     libspdm_reset_message_a(spdm_context);
     144            1 :     spdm_context->local_context.mut_auth_requested = 0;
     145              : 
     146            1 :     session_id = 0xFFFFFFFF;
     147            1 :     spdm_context->latest_session_id = session_id;
     148            1 :     session_info = &spdm_context->session_info[0];
     149            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     150            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     151            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     152            1 :     libspdm_secured_message_set_request_finished_key(
     153              :         session_info->secured_message_context, m_dummy_buffer,
     154              :         hash_size);
     155            1 :     libspdm_secured_message_set_session_state(
     156              :         session_info->secured_message_context,
     157              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     158              : 
     159            1 :     spdm_context->connection_info.capability.flags |=
     160              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     161            1 :     spdm_context->local_context.capability.flags |=
     162              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     163            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     164            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     165            1 :     ptr = m_libspdm_finish_request1.signature;
     166            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     167            1 :     cert_buffer = (uint8_t *)data1;
     168            1 :     cert_buffer_size = data_size1;
     169            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     170              :                      cert_buffer_hash);
     171              :     /* transcript.message_a size is 0*/
     172            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     173              :     /* session_transcript.message_k is 0*/
     174            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     175              :                                   sizeof(spdm_finish_request_t));
     176            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     177            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     178              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     179            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     180              :                      request_finished_key, hash_size, ptr);
     181            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     182            1 :     response_size = sizeof(response);
     183            1 :     status = libspdm_get_response_finish(spdm_context,
     184              :                                          m_libspdm_finish_request1_size,
     185              :                                          &m_libspdm_finish_request1,
     186              :                                          &response_size, response);
     187            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     188            1 :     assert_int_equal(response_size,
     189              :                      sizeof(spdm_finish_response_t) + hmac_size);
     190            1 :     spdm_response = (void *)response;
     191            1 :     assert_int_equal(spdm_response->header.request_response_code,
     192              :                      SPDM_FINISH_RSP);
     193            1 :     free(data1);
     194            1 : }
     195              : 
     196              : /**
     197              :  * Test 2:
     198              :  * Expected behavior:
     199              :  **/
     200            1 : void libspdm_test_responder_finish_case2(void **state)
     201              : {
     202            1 : }
     203              : 
     204              : /**
     205              :  * Test 3: receiving a correct FINISH from the requester, but the
     206              :  * responder is in a Busy state.
     207              :  * Expected behavior: the responder accepts the request, but produces an
     208              :  * ERROR message indicating the Busy state.
     209              :  **/
     210            1 : void libspdm_test_responder_finish_case3(void **state)
     211              : {
     212              :     libspdm_return_t status;
     213              :     libspdm_test_context_t *spdm_test_context;
     214              :     libspdm_context_t *spdm_context;
     215              :     size_t response_size;
     216              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     217              :     spdm_finish_response_t *spdm_response;
     218              :     void *data1;
     219              :     size_t data_size1;
     220              :     uint8_t *ptr;
     221              :     uint8_t *cert_buffer;
     222              :     size_t cert_buffer_size;
     223              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     224              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     225              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     226              :     libspdm_session_info_t *session_info;
     227              :     uint32_t session_id;
     228              :     uint32_t hash_size;
     229              :     uint32_t hmac_size;
     230              : 
     231            1 :     spdm_test_context = *state;
     232            1 :     spdm_context = spdm_test_context->spdm_context;
     233            1 :     spdm_test_context->case_id = 0x3;
     234            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     235              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     236            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
     237            1 :     spdm_context->connection_info.connection_state =
     238              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     239            1 :     spdm_context->connection_info.capability.flags |=
     240              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     241            1 :     spdm_context->local_context.capability.flags |=
     242              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     243            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     244              :         m_libspdm_use_hash_algo;
     245            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     246              :         m_libspdm_use_asym_algo;
     247            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     248              :         m_libspdm_use_measurement_spec;
     249            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     250              :         m_libspdm_use_measurement_hash_algo;
     251            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     252              :         m_libspdm_use_dhe_algo;
     253            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     254              :         m_libspdm_use_aead_algo;
     255            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     256              :                                                     m_libspdm_use_asym_algo, &data1,
     257              :                                                     &data_size1, NULL, NULL);
     258            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     259            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     260              :         data_size1;
     261            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     262            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     263              :         data_size1;
     264              : 
     265            1 :     libspdm_reset_message_a(spdm_context);
     266            1 :     spdm_context->local_context.mut_auth_requested = 0;
     267              : 
     268            1 :     session_id = 0xFFFFFFFF;
     269            1 :     spdm_context->latest_session_id = session_id;
     270            1 :     session_info = &spdm_context->session_info[0];
     271            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     272            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     273            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     274            1 :     libspdm_secured_message_set_request_finished_key(
     275              :         session_info->secured_message_context, m_dummy_buffer,
     276              :         hash_size);
     277            1 :     libspdm_secured_message_set_session_state(
     278              :         session_info->secured_message_context,
     279              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     280              : 
     281            1 :     spdm_context->connection_info.capability.flags |=
     282              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     283            1 :     spdm_context->local_context.capability.flags |=
     284              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     285            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     286            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     287            1 :     ptr = m_libspdm_finish_request1.signature;
     288            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     289            1 :     cert_buffer = (uint8_t *)data1;
     290            1 :     cert_buffer_size = data_size1;
     291            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     292              :                      cert_buffer_hash);
     293              :     /* transcript.message_a size is 0*/
     294            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     295              :     /* session_transcript.message_k is 0*/
     296            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     297              :                                   sizeof(spdm_finish_request_t));
     298            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     299            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     300              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     301            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     302              :                      request_finished_key, hash_size, ptr);
     303            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     304            1 :     response_size = sizeof(response);
     305            1 :     status = libspdm_get_response_finish(spdm_context,
     306              :                                          m_libspdm_finish_request1_size,
     307              :                                          &m_libspdm_finish_request1,
     308              :                                          &response_size, response);
     309            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     310            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     311            1 :     spdm_response = (void *)response;
     312            1 :     assert_int_equal(spdm_response->header.request_response_code,
     313              :                      SPDM_ERROR);
     314            1 :     assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
     315            1 :     assert_int_equal(spdm_response->header.param2, 0);
     316            1 :     assert_int_equal(spdm_context->response_state,
     317              :                      LIBSPDM_RESPONSE_STATE_BUSY);
     318            1 :     free(data1);
     319            1 : }
     320              : 
     321              : /**
     322              :  * Test 4: receiving a correct FINISH from the requester, but the responder
     323              :  * requires resynchronization with the requester.
     324              :  * Expected behavior: the responder accepts the request, but produces an
     325              :  * ERROR message indicating the NeedResynch state.
     326              :  **/
     327            1 : void libspdm_test_responder_finish_case4(void **state)
     328              : {
     329              :     libspdm_return_t status;
     330              :     libspdm_test_context_t *spdm_test_context;
     331              :     libspdm_context_t *spdm_context;
     332              :     size_t response_size;
     333              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     334              :     spdm_finish_response_t *spdm_response;
     335              :     void *data1;
     336              :     size_t data_size1;
     337              :     uint8_t *ptr;
     338              :     uint8_t *cert_buffer;
     339              :     size_t cert_buffer_size;
     340              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     341              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     342              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     343              :     libspdm_session_info_t *session_info;
     344              :     uint32_t session_id;
     345              :     uint32_t hash_size;
     346              :     uint32_t hmac_size;
     347              : 
     348            1 :     spdm_test_context = *state;
     349            1 :     spdm_context = spdm_test_context->spdm_context;
     350            1 :     spdm_test_context->case_id = 0x4;
     351            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     352              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     353            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
     354            1 :     spdm_context->connection_info.connection_state =
     355              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     356            1 :     spdm_context->connection_info.capability.flags |=
     357              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     358            1 :     spdm_context->local_context.capability.flags |=
     359              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     360            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     361              :         m_libspdm_use_hash_algo;
     362            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     363              :         m_libspdm_use_asym_algo;
     364            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     365              :         m_libspdm_use_measurement_spec;
     366            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     367              :         m_libspdm_use_measurement_hash_algo;
     368            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     369              :         m_libspdm_use_dhe_algo;
     370            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     371              :         m_libspdm_use_aead_algo;
     372            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     373              :                                                     m_libspdm_use_asym_algo, &data1,
     374              :                                                     &data_size1, NULL, NULL);
     375            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     376            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     377              :         data_size1;
     378            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     379            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     380              :         data_size1;
     381              : 
     382            1 :     libspdm_reset_message_a(spdm_context);
     383            1 :     spdm_context->local_context.mut_auth_requested = 0;
     384              : 
     385            1 :     session_id = 0xFFFFFFFF;
     386            1 :     spdm_context->latest_session_id = session_id;
     387            1 :     session_info = &spdm_context->session_info[0];
     388            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     389            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     390            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     391            1 :     libspdm_secured_message_set_request_finished_key(
     392              :         session_info->secured_message_context, m_dummy_buffer,
     393              :         hash_size);
     394            1 :     libspdm_secured_message_set_session_state(
     395              :         session_info->secured_message_context,
     396              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     397              : 
     398            1 :     spdm_context->connection_info.capability.flags |=
     399              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     400            1 :     spdm_context->local_context.capability.flags |=
     401              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     402            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     403            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     404            1 :     ptr = m_libspdm_finish_request1.signature;
     405            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     406            1 :     cert_buffer = (uint8_t *)data1;
     407            1 :     cert_buffer_size = data_size1;
     408            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     409              :                      cert_buffer_hash);
     410              :     /* transcript.message_a size is 0*/
     411            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     412              :     /* session_transcript.message_k is 0*/
     413            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     414              :                                   sizeof(spdm_finish_request_t));
     415            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     416            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     417              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     418            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     419              :                      request_finished_key, hash_size, ptr);
     420            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     421            1 :     response_size = sizeof(response);
     422            1 :     status = libspdm_get_response_finish(spdm_context,
     423              :                                          m_libspdm_finish_request1_size,
     424              :                                          &m_libspdm_finish_request1,
     425              :                                          &response_size, response);
     426            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     427            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     428            1 :     spdm_response = (void *)response;
     429            1 :     assert_int_equal(spdm_response->header.request_response_code,
     430              :                      SPDM_ERROR);
     431            1 :     assert_int_equal(spdm_response->header.param1,
     432              :                      SPDM_ERROR_CODE_REQUEST_RESYNCH);
     433            1 :     assert_int_equal(spdm_response->header.param2, 0);
     434            1 :     assert_int_equal(spdm_context->response_state,
     435              :                      LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
     436            1 :     free(data1);
     437            1 : }
     438              : 
     439              : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
     440              : /**
     441              :  * Test 5: receiving a correct FINISH from the requester, but the responder
     442              :  * could not produce the response in time.
     443              :  * Expected behavior: the responder accepts the request, but produces an
     444              :  * ERROR message indicating the ResponseNotReady state.
     445              :  **/
     446            1 : void libspdm_test_responder_finish_case5(void **state)
     447              : {
     448              :     libspdm_return_t status;
     449              :     libspdm_test_context_t *spdm_test_context;
     450              :     libspdm_context_t *spdm_context;
     451              :     size_t response_size;
     452              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     453              :     spdm_finish_response_t *spdm_response;
     454              :     void *data1;
     455              :     size_t data_size1;
     456              :     uint8_t *ptr;
     457              :     uint8_t *cert_buffer;
     458              :     size_t cert_buffer_size;
     459              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     460              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     461              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     462              :     libspdm_session_info_t *session_info;
     463              :     uint32_t session_id;
     464              :     uint32_t hash_size;
     465              :     uint32_t hmac_size;
     466              :     spdm_error_data_response_not_ready_t *error_data;
     467              : 
     468            1 :     spdm_test_context = *state;
     469            1 :     spdm_context = spdm_test_context->spdm_context;
     470            1 :     spdm_test_context->case_id = 0x5;
     471            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     472              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     473            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
     474            1 :     spdm_context->connection_info.connection_state =
     475              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     476            1 :     spdm_context->connection_info.capability.flags |=
     477              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     478            1 :     spdm_context->local_context.capability.flags |=
     479              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     480            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     481              :         m_libspdm_use_hash_algo;
     482            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     483              :         m_libspdm_use_asym_algo;
     484            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     485              :         m_libspdm_use_measurement_spec;
     486            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     487              :         m_libspdm_use_measurement_hash_algo;
     488            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     489              :         m_libspdm_use_dhe_algo;
     490            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     491              :         m_libspdm_use_aead_algo;
     492            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     493              :                                                     m_libspdm_use_asym_algo, &data1,
     494              :                                                     &data_size1, NULL, NULL);
     495            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     496            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     497              :         data_size1;
     498            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     499            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     500              :         data_size1;
     501              : 
     502            1 :     libspdm_reset_message_a(spdm_context);
     503            1 :     spdm_context->local_context.mut_auth_requested = 0;
     504              : 
     505            1 :     session_id = 0xFFFFFFFF;
     506            1 :     spdm_context->latest_session_id = session_id;
     507            1 :     session_info = &spdm_context->session_info[0];
     508            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     509            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     510            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     511            1 :     libspdm_secured_message_set_request_finished_key(
     512              :         session_info->secured_message_context, m_dummy_buffer,
     513              :         hash_size);
     514            1 :     libspdm_secured_message_set_session_state(
     515              :         session_info->secured_message_context,
     516              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     517              : 
     518            1 :     spdm_context->connection_info.capability.flags |=
     519              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     520            1 :     spdm_context->local_context.capability.flags |=
     521              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     522            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     523            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     524            1 :     ptr = m_libspdm_finish_request1.signature;
     525            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     526            1 :     cert_buffer = (uint8_t *)data1;
     527            1 :     cert_buffer_size = data_size1;
     528            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     529              :                      cert_buffer_hash);
     530              :     /* transcript.message_a size is 0*/
     531            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     532              :     /* session_transcript.message_k is 0*/
     533            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     534              :                                   sizeof(spdm_finish_request_t));
     535            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     536            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     537              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     538            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     539              :                      request_finished_key, hash_size, ptr);
     540            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     541            1 :     response_size = sizeof(response);
     542            1 :     status = libspdm_get_response_finish(spdm_context,
     543              :                                          m_libspdm_finish_request1_size,
     544              :                                          &m_libspdm_finish_request1,
     545              :                                          &response_size, response);
     546            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     547            1 :     assert_int_equal(response_size,
     548              :                      sizeof(spdm_error_response_t) +
     549              :                      sizeof(spdm_error_data_response_not_ready_t));
     550            1 :     spdm_response = (void *)response;
     551            1 :     error_data =
     552              :         (spdm_error_data_response_not_ready_t *)(spdm_response + 1);
     553            1 :     assert_int_equal(spdm_response->header.request_response_code,
     554              :                      SPDM_ERROR);
     555            1 :     assert_int_equal(spdm_response->header.param1,
     556              :                      SPDM_ERROR_CODE_RESPONSE_NOT_READY);
     557            1 :     assert_int_equal(spdm_response->header.param2, 0);
     558            1 :     assert_int_equal(spdm_context->response_state,
     559              :                      LIBSPDM_RESPONSE_STATE_NOT_READY);
     560            1 :     assert_int_equal(error_data->request_code, SPDM_FINISH);
     561            1 :     free(data1);
     562            1 : }
     563              : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
     564              : 
     565              : /**
     566              :  * Test 6: receiving a correct FINISH from the requester, but the responder
     567              :  * is not set no receive a FINISH message because previous messages (namely,
     568              :  * GET_CAPABILITIES, NEGOTIATE_ALGORITHMS or GET_DIGESTS) have not been
     569              :  * received.
     570              :  * Expected behavior: the responder rejects the request, and produces an
     571              :  * ERROR message indicating the UnexpectedRequest.
     572              :  **/
     573            1 : void libspdm_test_responder_finish_case6(void **state)
     574              : {
     575              :     libspdm_return_t status;
     576              :     libspdm_test_context_t *spdm_test_context;
     577              :     libspdm_context_t *spdm_context;
     578              :     size_t response_size;
     579              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     580              :     spdm_finish_response_t *spdm_response;
     581              :     void *data1;
     582              :     size_t data_size1;
     583              :     uint8_t *ptr;
     584              :     uint8_t *cert_buffer;
     585              :     size_t cert_buffer_size;
     586              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     587              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     588              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     589              :     libspdm_session_info_t *session_info;
     590              :     uint32_t session_id;
     591              :     uint32_t hash_size;
     592              :     uint32_t hmac_size;
     593              : 
     594            1 :     spdm_test_context = *state;
     595            1 :     spdm_context = spdm_test_context->spdm_context;
     596            1 :     spdm_test_context->case_id = 0x6;
     597            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     598              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     599            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
     600            1 :     spdm_context->connection_info.connection_state =
     601              :         LIBSPDM_CONNECTION_STATE_NOT_STARTED;
     602            1 :     spdm_context->connection_info.capability.flags |=
     603              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     604            1 :     spdm_context->local_context.capability.flags |=
     605              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     606            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     607              :         m_libspdm_use_hash_algo;
     608            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     609              :         m_libspdm_use_asym_algo;
     610            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     611              :         m_libspdm_use_measurement_spec;
     612            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     613              :         m_libspdm_use_measurement_hash_algo;
     614            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     615              :         m_libspdm_use_dhe_algo;
     616            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     617              :         m_libspdm_use_aead_algo;
     618            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     619              :                                                     m_libspdm_use_asym_algo, &data1,
     620              :                                                     &data_size1, NULL, NULL);
     621            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     622            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     623              :         data_size1;
     624            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     625            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     626              :         data_size1;
     627              : 
     628            1 :     libspdm_reset_message_a(spdm_context);
     629            1 :     spdm_context->local_context.mut_auth_requested = 0;
     630              : 
     631            1 :     session_id = 0xFFFFFFFF;
     632            1 :     spdm_context->latest_session_id = session_id;
     633            1 :     session_info = &spdm_context->session_info[0];
     634            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     635            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     636            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     637            1 :     libspdm_secured_message_set_request_finished_key(
     638              :         session_info->secured_message_context, m_dummy_buffer,
     639              :         hash_size);
     640            1 :     libspdm_secured_message_set_session_state(
     641              :         session_info->secured_message_context,
     642              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     643              : 
     644            1 :     spdm_context->connection_info.capability.flags |=
     645              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     646            1 :     spdm_context->local_context.capability.flags |=
     647              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     648            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     649            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     650            1 :     ptr = m_libspdm_finish_request1.signature;
     651            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     652            1 :     cert_buffer = (uint8_t *)data1;
     653            1 :     cert_buffer_size = data_size1;
     654            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     655              :                      cert_buffer_hash);
     656              :     /* transcript.message_a size is 0*/
     657            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     658              :     /* session_transcript.message_k is 0*/
     659            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     660              :                                   sizeof(spdm_finish_request_t));
     661            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     662            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     663              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     664            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     665              :                      request_finished_key, hash_size, ptr);
     666            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     667            1 :     response_size = sizeof(response);
     668            1 :     status = libspdm_get_response_finish(spdm_context,
     669              :                                          m_libspdm_finish_request1_size,
     670              :                                          &m_libspdm_finish_request1,
     671              :                                          &response_size, response);
     672            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     673            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     674            1 :     spdm_response = (void *)response;
     675            1 :     assert_int_equal(spdm_response->header.request_response_code,
     676              :                      SPDM_ERROR);
     677            1 :     assert_int_equal(spdm_response->header.param1,
     678              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
     679            1 :     assert_int_equal(spdm_response->header.param2, 0);
     680            1 :     free(data1);
     681            1 : }
     682              : 
     683            1 : void libspdm_test_responder_finish_case7(void **state)
     684              : {
     685              :     libspdm_return_t status;
     686              :     libspdm_test_context_t *spdm_test_context;
     687              :     libspdm_context_t *spdm_context;
     688              :     size_t response_size;
     689              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     690              :     spdm_finish_response_t *spdm_response;
     691              :     void *data1;
     692              :     size_t data_size1;
     693              :     uint8_t *ptr;
     694              :     uint8_t *cert_buffer;
     695              :     size_t cert_buffer_size;
     696              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     697              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     698              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     699              :     libspdm_session_info_t *session_info;
     700              :     uint32_t session_id;
     701              :     uint32_t hash_size;
     702              :     uint32_t hmac_size;
     703              : 
     704            1 :     spdm_test_context = *state;
     705            1 :     spdm_context = spdm_test_context->spdm_context;
     706            1 :     spdm_test_context->case_id = 0x7;
     707            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     708              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     709            1 :     spdm_context->connection_info.connection_state =
     710              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     711            1 :     spdm_context->connection_info.capability.flags |=
     712              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     713            1 :     spdm_context->local_context.capability.flags |=
     714              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     715            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     716              :         m_libspdm_use_hash_algo;
     717            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     718              :         m_libspdm_use_asym_algo;
     719            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     720              :         m_libspdm_use_measurement_spec;
     721            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     722              :         m_libspdm_use_measurement_hash_algo;
     723            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     724              :         m_libspdm_use_dhe_algo;
     725            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     726              :         m_libspdm_use_aead_algo;
     727            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     728              :                                                     m_libspdm_use_asym_algo, &data1,
     729              :                                                     &data_size1, NULL, NULL);
     730            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     731            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     732              :         data_size1;
     733            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     734            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     735              :         data_size1;
     736              : 
     737            1 :     libspdm_reset_message_a(spdm_context);
     738            1 :     spdm_context->local_context.mut_auth_requested = 0;
     739              : 
     740            1 :     session_id = 0xFFFFFFFF;
     741            1 :     spdm_context->latest_session_id = session_id;
     742            1 :     session_info = &spdm_context->session_info[0];
     743            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     744            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     745            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     746            1 :     libspdm_secured_message_set_request_finished_key(
     747              :         session_info->secured_message_context, m_dummy_buffer,
     748              :         hash_size);
     749            1 :     libspdm_secured_message_set_session_state(
     750              :         session_info->secured_message_context,
     751              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     752              : 
     753            1 :     spdm_context->connection_info.capability.flags |=
     754              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     755            1 :     spdm_context->local_context.capability.flags |=
     756              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     757            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     758            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     759            1 :     ptr = m_libspdm_finish_request1.signature;
     760            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     761            1 :     cert_buffer = (uint8_t *)data1;
     762            1 :     cert_buffer_size = data_size1;
     763              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     764              :     session_info->session_transcript.message_m.buffer_size =
     765              :         session_info->session_transcript.message_m.max_buffer_size;
     766              :     spdm_context->transcript.message_b.buffer_size =
     767              :         spdm_context->transcript.message_b.max_buffer_size;
     768              :     spdm_context->transcript.message_c.buffer_size =
     769              :         spdm_context->transcript.message_c.max_buffer_size;
     770              :     spdm_context->transcript.message_mut_b.buffer_size =
     771              :         spdm_context->transcript.message_mut_b.max_buffer_size;
     772              :     spdm_context->transcript.message_mut_c.buffer_size =
     773              :         spdm_context->transcript.message_mut_c.max_buffer_size;
     774              : #endif
     775              : 
     776            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     777              :                      cert_buffer_hash);
     778              :     /* transcript.message_a size is 0*/
     779            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     780              :     /* session_transcript.message_k is 0*/
     781            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
     782              :                                   sizeof(spdm_finish_request_t));
     783            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     784            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     785              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     786            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     787              :                      request_finished_key, hash_size, ptr);
     788            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
     789            1 :     response_size = sizeof(response);
     790            1 :     status = libspdm_get_response_finish(spdm_context,
     791              :                                          m_libspdm_finish_request1_size,
     792              :                                          &m_libspdm_finish_request1,
     793              :                                          &response_size, response);
     794            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     795            1 :     assert_int_equal(response_size,
     796              :                      sizeof(spdm_finish_response_t) + hmac_size);
     797            1 :     spdm_response = (void *)response;
     798            1 :     assert_int_equal(spdm_response->header.request_response_code,
     799              :                      SPDM_FINISH_RSP);
     800              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     801              :     assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
     802              :     assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
     803              :     assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
     804              :     assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
     805              :     assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
     806              : #endif
     807              : 
     808            1 :     free(data1);
     809            1 : }
     810              : 
     811              : /**
     812              :  * Test 8: receiving a correct FINISH message from the requester with
     813              :  * correct MAC and signature (with mutual authentication), and 'handshake in
     814              :  * the clear'.
     815              :  * Expected behavior: the responder accepts the request and produces a valid
     816              :  * FINISH_RSP response message.
     817              :  **/
     818            1 : void libspdm_test_responder_finish_case8(void **state)
     819              : {
     820              :     libspdm_return_t status;
     821              :     libspdm_test_context_t *spdm_test_context;
     822              :     libspdm_context_t *spdm_context;
     823              :     size_t response_size;
     824              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     825              :     spdm_finish_response_t *spdm_response;
     826              :     void *data1;
     827              :     size_t data_size1;
     828              :     void *data2;
     829              :     size_t data_size2;
     830              :     uint8_t *ptr;
     831              :     uint8_t *cert_buffer;
     832              :     size_t cert_buffer_size;
     833              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     834              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     835              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     836              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     837              :     libspdm_session_info_t *session_info;
     838              :     uint32_t session_id;
     839              :     uint32_t hash_size;
     840              :     uint32_t hmac_size;
     841              :     size_t req_asym_signature_size;
     842              : 
     843            1 :     spdm_test_context = *state;
     844            1 :     spdm_context = spdm_test_context->spdm_context;
     845            1 :     spdm_test_context->case_id = 0x8;
     846            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     847              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     848            1 :     spdm_context->connection_info.connection_state =
     849              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     850            1 :     spdm_context->connection_info.capability.flags |=
     851              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
     852            1 :     spdm_context->local_context.capability.flags |=
     853              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
     854            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     855              :         m_libspdm_use_hash_algo;
     856            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     857              :         m_libspdm_use_asym_algo;
     858            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
     859              :         m_libspdm_use_req_asym_algo;
     860            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     861              :         m_libspdm_use_measurement_spec;
     862            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     863              :         m_libspdm_use_measurement_hash_algo;
     864            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     865              :         m_libspdm_use_dhe_algo;
     866            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     867              :         m_libspdm_use_aead_algo;
     868            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     869              :                                                     m_libspdm_use_asym_algo, &data1,
     870              :                                                     &data_size1, NULL, NULL);
     871            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     872            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     873              :         data_size1;
     874            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     875            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     876              :         data_size1;
     877              : 
     878            1 :     libspdm_reset_message_a(spdm_context);
     879            1 :     spdm_context->local_context.mut_auth_requested = 1;
     880            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
     881              :                                                     m_libspdm_use_req_asym_algo, &data2,
     882              :                                                     &data_size2, NULL, NULL);
     883              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     884              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
     885              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
     886              :                      data2, data_size2);
     887              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
     888              :         data_size2;
     889              : #else
     890            1 :     libspdm_hash_all(
     891              :         spdm_context->connection_info.algorithm.base_hash_algo,
     892              :         data2, data_size2,
     893            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
     894            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
     895            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
     896            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
     897              :         spdm_context->connection_info.algorithm.base_hash_algo,
     898            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
     899              :         data2,
     900              :         data_size2,
     901              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
     902              : #endif
     903            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
     904              : 
     905            1 :     session_id = 0xFFFFFFFF;
     906            1 :     spdm_context->latest_session_id = session_id;
     907            1 :     session_info = &spdm_context->session_info[0];
     908            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
     909            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     910            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
     911            1 :     libspdm_secured_message_set_request_finished_key(
     912              :         session_info->secured_message_context, m_dummy_buffer,
     913              :         hash_size);
     914            1 :     libspdm_secured_message_set_session_state(
     915              :         session_info->secured_message_context,
     916              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     917            1 :     session_info->mut_auth_requested = 1;
     918              : 
     919            1 :     spdm_context->connection_info.capability.flags |=
     920              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     921            1 :     spdm_context->local_context.capability.flags |=
     922              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
     923            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     924            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     925            1 :     req_asym_signature_size =
     926            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
     927            1 :     ptr = m_libspdm_finish_request3.signature;
     928            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     929            1 :     cert_buffer = (uint8_t *)data1;
     930            1 :     cert_buffer_size = data_size1;
     931            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     932              :                      cert_buffer_hash);
     933            1 :     cert_buffer = (uint8_t *)data2;
     934            1 :     cert_buffer_size = data_size2;
     935            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
     936              :                      req_cert_buffer_hash);
     937              :     /* transcript.message_a size is 0*/
     938            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
     939              :     /* session_transcript.message_k is 0*/
     940            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
     941            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request3,
     942              :                                   sizeof(spdm_finish_request_t));
     943              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
     944            1 :     libspdm_requester_data_sign(
     945              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
     946              :         spdm_context,
     947              : #endif
     948            1 :         m_libspdm_finish_request3.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
     949              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
     950            1 :             false, libspdm_get_managed_buffer(&th_curr),
     951              :             libspdm_get_managed_buffer_size(&th_curr),
     952              :             ptr, &req_asym_signature_size);
     953              : #endif
     954            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
     955            1 :     ptr += req_asym_signature_size;
     956            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     957            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     958              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     959            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     960              :                      request_finished_key, hash_size, ptr);
     961            1 :     m_libspdm_finish_request3_size = sizeof(spdm_finish_request_t) +
     962            1 :                                      req_asym_signature_size + hmac_size;
     963            1 :     response_size = sizeof(response);
     964            1 :     status = libspdm_get_response_finish(spdm_context,
     965              :                                          m_libspdm_finish_request3_size,
     966              :                                          &m_libspdm_finish_request3,
     967              :                                          &response_size, response);
     968            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     969            1 :     assert_int_equal(response_size,
     970              :                      sizeof(spdm_finish_response_t) + hmac_size);
     971            1 :     spdm_response = (void *)response;
     972            1 :     assert_int_equal(spdm_response->header.request_response_code,
     973              :                      SPDM_FINISH_RSP);
     974            1 :     free(data1);
     975            1 :     free(data2);
     976            1 : }
     977              : 
     978              : /**
     979              :  * Test 9: receiving a correct FINISH message from the requester, but the
     980              :  * responder has no capabilities for key exchange.
     981              :  * Expected behavior: the responder refuses the FINISH message and produces
     982              :  * an ERROR message indicating the UnsupportedRequest.
     983              :  **/
     984            1 : void libspdm_test_responder_finish_case9(void **state)
     985              : {
     986              :     libspdm_return_t status;
     987              :     libspdm_test_context_t *spdm_test_context;
     988              :     libspdm_context_t *spdm_context;
     989              :     size_t response_size;
     990              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     991              :     spdm_finish_response_t *spdm_response;
     992              :     void *data1;
     993              :     size_t data_size1;
     994              :     uint8_t *ptr;
     995              :     uint8_t *cert_buffer;
     996              :     size_t cert_buffer_size;
     997              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
     998              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     999              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1000              :     libspdm_session_info_t *session_info;
    1001              :     uint32_t session_id;
    1002              :     uint32_t hash_size;
    1003              :     uint32_t hmac_size;
    1004              : 
    1005            1 :     spdm_test_context = *state;
    1006            1 :     spdm_context = spdm_test_context->spdm_context;
    1007            1 :     spdm_test_context->case_id = 0x9;
    1008            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1009              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1010            1 :     spdm_context->connection_info.connection_state =
    1011              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1012            1 :     spdm_context->connection_info.capability.flags = 0;
    1013            1 :     spdm_context->local_context.capability.flags = 0;
    1014            1 :     spdm_context->connection_info.capability.flags |=
    1015              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1016              :     /* no key exchange capabilities (responder)*/
    1017            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1018              :         m_libspdm_use_hash_algo;
    1019            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1020              :         m_libspdm_use_asym_algo;
    1021            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1022              :         m_libspdm_use_measurement_spec;
    1023            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1024              :         m_libspdm_use_measurement_hash_algo;
    1025            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1026              :         m_libspdm_use_dhe_algo;
    1027            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1028              :         m_libspdm_use_aead_algo;
    1029            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1030              :                                                     m_libspdm_use_asym_algo, &data1,
    1031              :                                                     &data_size1, NULL, NULL);
    1032            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1033            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1034              :         data_size1;
    1035            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1036            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1037              :         data_size1;
    1038              : 
    1039            1 :     libspdm_reset_message_a(spdm_context);
    1040            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1041              : 
    1042            1 :     session_id = 0xFFFFFFFF;
    1043            1 :     spdm_context->latest_session_id = session_id;
    1044            1 :     session_info = &spdm_context->session_info[0];
    1045            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1046            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1047            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1048            1 :     libspdm_secured_message_set_request_finished_key(
    1049              :         session_info->secured_message_context, m_dummy_buffer,
    1050              :         hash_size);
    1051            1 :     libspdm_secured_message_set_session_state(
    1052              :         session_info->secured_message_context,
    1053              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1054              : 
    1055            1 :     spdm_context->connection_info.capability.flags |=
    1056              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1057            1 :     spdm_context->local_context.capability.flags |=
    1058              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1059            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1060            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1061            1 :     ptr = m_libspdm_finish_request1.signature;
    1062            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1063            1 :     cert_buffer = (uint8_t *)data1;
    1064            1 :     cert_buffer_size = data_size1;
    1065            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1066              :                      cert_buffer_hash);
    1067              :     /* transcript.message_a size is 0*/
    1068            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1069              :     /* session_transcript.message_k is 0*/
    1070            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
    1071              :                                   sizeof(spdm_finish_request_t));
    1072            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1073            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1074              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1075            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1076              :                      request_finished_key, hash_size, ptr);
    1077            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    1078            1 :     response_size = sizeof(response);
    1079            1 :     status = libspdm_get_response_finish(spdm_context,
    1080              :                                          m_libspdm_finish_request1_size,
    1081              :                                          &m_libspdm_finish_request1,
    1082              :                                          &response_size, response);
    1083            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1084            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1085            1 :     spdm_response = (void *)response;
    1086            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1087              :                      SPDM_ERROR);
    1088            1 :     assert_int_equal(spdm_response->header.param1,
    1089              :                      SPDM_ERROR_CODE_UNSUPPORTED_REQUEST);
    1090            1 :     assert_int_equal(spdm_response->header.param2, SPDM_FINISH);
    1091            1 :     free(data1);
    1092            1 : }
    1093              : 
    1094              : /**
    1095              :  * Test 10: receiving a correct FINISH message from the requester, but the
    1096              :  * responder is not correctly setup by not initializing a session during
    1097              :  * KEY_EXCHANGE.
    1098              :  * Expected behavior: the responder refuses the FINISH message and produces
    1099              :  * an ERROR message indicating the UnsupportedRequest.
    1100              :  **/
    1101            1 : void libspdm_test_responder_finish_case10(void **state)
    1102              : {
    1103              :     libspdm_return_t status;
    1104              :     libspdm_test_context_t *spdm_test_context;
    1105              :     libspdm_context_t *spdm_context;
    1106              :     size_t response_size;
    1107              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1108              :     spdm_finish_response_t *spdm_response;
    1109              :     void *data1;
    1110              :     size_t data_size1;
    1111              :     uint8_t *ptr;
    1112              :     uint8_t *cert_buffer;
    1113              :     size_t cert_buffer_size;
    1114              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1115              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1116              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1117              :     libspdm_session_info_t *session_info;
    1118              :     uint32_t session_id;
    1119              :     uint32_t hash_size;
    1120              :     uint32_t hmac_size;
    1121              : 
    1122            1 :     spdm_test_context = *state;
    1123            1 :     spdm_context = spdm_test_context->spdm_context;
    1124            1 :     spdm_test_context->case_id = 0xA;
    1125            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1126              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1127            1 :     spdm_context->connection_info.connection_state =
    1128              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1129            1 :     spdm_context->connection_info.capability.flags |=
    1130              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1131            1 :     spdm_context->local_context.capability.flags |=
    1132              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1133            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1134              :         m_libspdm_use_hash_algo;
    1135            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1136              :         m_libspdm_use_asym_algo;
    1137            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1138              :         m_libspdm_use_measurement_spec;
    1139            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1140              :         m_libspdm_use_measurement_hash_algo;
    1141            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1142              :         m_libspdm_use_dhe_algo;
    1143            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1144              :         m_libspdm_use_aead_algo;
    1145            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1146              :                                                     m_libspdm_use_asym_algo, &data1,
    1147              :                                                     &data_size1, NULL, NULL);
    1148            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1149            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1150              :         data_size1;
    1151            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1152            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1153              :         data_size1;
    1154              : 
    1155            1 :     libspdm_reset_message_a(spdm_context);
    1156            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1157              : 
    1158            1 :     session_id = 0xFFFFFFFF;
    1159            1 :     spdm_context->latest_session_id = session_id;
    1160            1 :     session_info = &spdm_context->session_info[0];
    1161            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1162            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1163            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1164            1 :     libspdm_secured_message_set_request_finished_key(
    1165              :         session_info->secured_message_context, m_dummy_buffer,
    1166              :         hash_size);
    1167            1 :     libspdm_secured_message_set_session_state(
    1168              :         session_info->secured_message_context,
    1169              :         LIBSPDM_SESSION_STATE_NOT_STARTED);
    1170              : 
    1171            1 :     spdm_context->connection_info.capability.flags |=
    1172              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1173            1 :     spdm_context->local_context.capability.flags |=
    1174              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1175            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1176            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1177            1 :     ptr = m_libspdm_finish_request1.signature;
    1178            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1179            1 :     cert_buffer = (uint8_t *)data1;
    1180            1 :     cert_buffer_size = data_size1;
    1181            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1182              :                      cert_buffer_hash);
    1183              :     /* transcript.message_a size is 0*/
    1184            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1185              :     /* session_transcript.message_k is 0*/
    1186            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
    1187              :                                   sizeof(spdm_finish_request_t));
    1188            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1189            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1190              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1191            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1192              :                      request_finished_key, hash_size, ptr);
    1193            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    1194            1 :     response_size = sizeof(response);
    1195            1 :     status = libspdm_get_response_finish(spdm_context,
    1196              :                                          m_libspdm_finish_request1_size,
    1197              :                                          &m_libspdm_finish_request1,
    1198              :                                          &response_size, response);
    1199            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1200            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1201            1 :     spdm_response = (void *)response;
    1202            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1203              :                      SPDM_ERROR);
    1204            1 :     assert_int_equal(spdm_response->header.param1,
    1205              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
    1206            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1207            1 :     free(data1);
    1208            1 : }
    1209              : 
    1210              : /**
    1211              :  * Test 11: receiving a FINISH message from the requester with an incorrect
    1212              :  * MAC (all-zero).
    1213              :  * Expected behavior: the responder refuses the FINISH message and produces
    1214              :  * an ERROR message indicating the DecryptError.
    1215              :  **/
    1216            1 : void libspdm_test_responder_finish_case11(void **state)
    1217              : {
    1218              :     libspdm_return_t status;
    1219              :     libspdm_test_context_t *spdm_test_context;
    1220              :     libspdm_context_t *spdm_context;
    1221              :     size_t response_size;
    1222              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1223              :     spdm_finish_response_t *spdm_response;
    1224              :     void *data1;
    1225              :     size_t data_size1;
    1226              :     uint8_t *ptr;
    1227              :     libspdm_session_info_t *session_info;
    1228              :     uint32_t session_id;
    1229              :     uint32_t hash_size;
    1230              :     uint32_t hmac_size;
    1231              : 
    1232            1 :     spdm_test_context = *state;
    1233            1 :     spdm_context = spdm_test_context->spdm_context;
    1234            1 :     spdm_test_context->case_id = 0xB;
    1235            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1236              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1237            1 :     spdm_context->connection_info.connection_state =
    1238              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1239            1 :     spdm_context->connection_info.capability.flags |=
    1240              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1241            1 :     spdm_context->local_context.capability.flags |=
    1242              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1243            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1244              :         m_libspdm_use_hash_algo;
    1245            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1246              :         m_libspdm_use_asym_algo;
    1247            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1248              :         m_libspdm_use_measurement_spec;
    1249            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1250              :         m_libspdm_use_measurement_hash_algo;
    1251            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1252              :         m_libspdm_use_dhe_algo;
    1253            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1254              :         m_libspdm_use_aead_algo;
    1255            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1256              :                                                     m_libspdm_use_asym_algo, &data1,
    1257              :                                                     &data_size1, NULL, NULL);
    1258            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1259            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1260              :         data_size1;
    1261            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1262            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1263              :         data_size1;
    1264              : 
    1265            1 :     libspdm_reset_message_a(spdm_context);
    1266            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1267              : 
    1268            1 :     session_id = 0xFFFFFFFF;
    1269            1 :     spdm_context->latest_session_id = session_id;
    1270            1 :     session_info = &spdm_context->session_info[0];
    1271            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1272            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1273            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1274            1 :     libspdm_secured_message_set_request_finished_key(
    1275              :         session_info->secured_message_context, m_dummy_buffer,
    1276              :         hash_size);
    1277            1 :     libspdm_secured_message_set_session_state(
    1278              :         session_info->secured_message_context,
    1279              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1280              : 
    1281            1 :     spdm_context->connection_info.capability.flags |=
    1282              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1283            1 :     spdm_context->local_context.capability.flags |=
    1284              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1285            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1286            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1287            1 :     ptr = m_libspdm_finish_request1.signature;
    1288            1 :     libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
    1289            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    1290            1 :     response_size = sizeof(response);
    1291            1 :     status = libspdm_get_response_finish(spdm_context,
    1292              :                                          m_libspdm_finish_request1_size,
    1293              :                                          &m_libspdm_finish_request1,
    1294              :                                          &response_size, response);
    1295            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1296            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1297            1 :     spdm_response = (void *)response;
    1298            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1299              :                      SPDM_ERROR);
    1300            1 :     assert_int_equal(spdm_response->header.param1,
    1301              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1302            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1303            1 :     free(data1);
    1304            1 : }
    1305              : 
    1306              : /**
    1307              :  * Test 12: receiving a FINISH message from the requester with an incorrect
    1308              :  * MAC (arbitrary).
    1309              :  * Expected behavior: the responder refuses the FINISH message and produces
    1310              :  * an ERROR message indicating the DecryptError.
    1311              :  **/
    1312            1 : void libspdm_test_responder_finish_case12(void **state)
    1313              : {
    1314              :     libspdm_return_t status;
    1315              :     libspdm_test_context_t *spdm_test_context;
    1316              :     libspdm_context_t *spdm_context;
    1317              :     size_t response_size;
    1318              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1319              :     spdm_finish_response_t *spdm_response;
    1320              :     void *data1;
    1321              :     size_t data_size1;
    1322              :     uint8_t *ptr;
    1323              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1324              :     uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
    1325              :     libspdm_session_info_t *session_info;
    1326              :     uint32_t session_id;
    1327              :     uint32_t hash_size;
    1328              :     uint32_t hmac_size;
    1329              : 
    1330            1 :     spdm_test_context = *state;
    1331            1 :     spdm_context = spdm_test_context->spdm_context;
    1332            1 :     spdm_test_context->case_id = 0xC;
    1333            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1334              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1335            1 :     spdm_context->connection_info.connection_state =
    1336              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1337            1 :     spdm_context->connection_info.capability.flags |=
    1338              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1339            1 :     spdm_context->local_context.capability.flags |=
    1340              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1341            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1342              :         m_libspdm_use_hash_algo;
    1343            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1344              :         m_libspdm_use_asym_algo;
    1345            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1346              :         m_libspdm_use_measurement_spec;
    1347            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1348              :         m_libspdm_use_measurement_hash_algo;
    1349            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1350              :         m_libspdm_use_dhe_algo;
    1351            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1352              :         m_libspdm_use_aead_algo;
    1353            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1354              :                                                     m_libspdm_use_asym_algo, &data1,
    1355              :                                                     &data_size1, NULL, NULL);
    1356            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1357            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1358              :         data_size1;
    1359            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1360            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1361              :         data_size1;
    1362              : 
    1363            1 :     libspdm_reset_message_a(spdm_context);
    1364            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1365              : 
    1366            1 :     session_id = 0xFFFFFFFF;
    1367            1 :     spdm_context->latest_session_id = session_id;
    1368            1 :     session_info = &spdm_context->session_info[0];
    1369            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1370            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1371            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1372            1 :     libspdm_secured_message_set_request_finished_key(
    1373              :         session_info->secured_message_context, m_dummy_buffer,
    1374              :         hash_size);
    1375            1 :     libspdm_secured_message_set_session_state(
    1376              :         session_info->secured_message_context,
    1377              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1378              : 
    1379            1 :     spdm_context->connection_info.capability.flags |=
    1380              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1381            1 :     spdm_context->local_context.capability.flags |=
    1382              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1383            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1384            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1385            1 :     ptr = m_libspdm_finish_request1.signature;
    1386              :     /*arbitrary MAC*/
    1387            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1388            1 :     libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
    1389            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
    1390              :                      request_finished_key, hash_size, ptr);
    1391            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    1392            1 :     response_size = sizeof(response);
    1393            1 :     status = libspdm_get_response_finish(spdm_context,
    1394              :                                          m_libspdm_finish_request1_size,
    1395              :                                          &m_libspdm_finish_request1,
    1396              :                                          &response_size, response);
    1397            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1398            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1399            1 :     spdm_response = (void *)response;
    1400            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1401              :                      SPDM_ERROR);
    1402            1 :     assert_int_equal(spdm_response->header.param1,
    1403              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1404            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1405            1 :     free(data1);
    1406            1 : }
    1407              : 
    1408              : /**
    1409              :  * Test 13:
    1410              :  * Expected behavior:
    1411              :  **/
    1412            1 : void libspdm_test_responder_finish_case13(void **state)
    1413              : {
    1414            1 : }
    1415              : 
    1416              : /**
    1417              :  * Test 14: receiving a FINISH message from the requester with an incorrect
    1418              :  * MAC size (only the correct first half of the MAC).
    1419              :  * Expected behavior: the responder refuses the FINISH message and produces
    1420              :  * an ERROR message indicating the InvalidRequest.
    1421              :  **/
    1422            1 : void libspdm_test_responder_finish_case14(void **state)
    1423              : {
    1424              :     libspdm_return_t status;
    1425              :     libspdm_test_context_t *spdm_test_context;
    1426              :     libspdm_context_t *spdm_context;
    1427              :     size_t response_size;
    1428              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1429              :     spdm_finish_response_t *spdm_response;
    1430              :     void *data1;
    1431              :     size_t data_size1;
    1432              :     uint8_t *ptr;
    1433              :     uint8_t *cert_buffer;
    1434              :     size_t cert_buffer_size;
    1435              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1436              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1437              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1438              :     libspdm_session_info_t *session_info;
    1439              :     uint32_t session_id;
    1440              :     uint32_t hash_size;
    1441              :     uint32_t hmac_size;
    1442              : 
    1443            1 :     spdm_test_context = *state;
    1444            1 :     spdm_context = spdm_test_context->spdm_context;
    1445            1 :     spdm_test_context->case_id = 0xE;
    1446            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1447              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1448            1 :     spdm_context->connection_info.connection_state =
    1449              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1450            1 :     spdm_context->connection_info.capability.flags |=
    1451              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1452            1 :     spdm_context->local_context.capability.flags |=
    1453              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1454            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1455              :         m_libspdm_use_hash_algo;
    1456            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1457              :         m_libspdm_use_asym_algo;
    1458            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1459              :         m_libspdm_use_measurement_spec;
    1460            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1461              :         m_libspdm_use_measurement_hash_algo;
    1462            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1463              :         m_libspdm_use_dhe_algo;
    1464            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1465              :         m_libspdm_use_aead_algo;
    1466            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1467              :                                                     m_libspdm_use_asym_algo, &data1,
    1468              :                                                     &data_size1, NULL, NULL);
    1469            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1470            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1471              :         data_size1;
    1472            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1473            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1474              :         data_size1;
    1475              : 
    1476            1 :     libspdm_reset_message_a(spdm_context);
    1477            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1478              : 
    1479            1 :     session_id = 0xFFFFFFFF;
    1480            1 :     spdm_context->latest_session_id = session_id;
    1481            1 :     session_info = &spdm_context->session_info[0];
    1482            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1483            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1484            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1485            1 :     libspdm_secured_message_set_request_finished_key(
    1486              :         session_info->secured_message_context, m_dummy_buffer,
    1487              :         hash_size);
    1488            1 :     libspdm_secured_message_set_session_state(
    1489              :         session_info->secured_message_context,
    1490              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1491              : 
    1492            1 :     spdm_context->connection_info.capability.flags |=
    1493              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1494            1 :     spdm_context->local_context.capability.flags |=
    1495              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1496            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1497            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1498            1 :     ptr = m_libspdm_finish_request1.signature;
    1499            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1500            1 :     cert_buffer = (uint8_t *)data1;
    1501            1 :     cert_buffer_size = data_size1;
    1502            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1503              :                      cert_buffer_hash);
    1504              :     /* transcript.message_a size is 0*/
    1505            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1506              :     /* session_transcript.message_k is 0*/
    1507            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
    1508              :                                   sizeof(spdm_finish_request_t));
    1509            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1510            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1511              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1512            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1513              :                      request_finished_key, hash_size, ptr);
    1514            1 :     libspdm_set_mem(ptr + hmac_size/2, hmac_size/2, (uint8_t) 0x00); /* half HMAC size*/
    1515            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size/2;
    1516            1 :     response_size = sizeof(response);
    1517            1 :     status = libspdm_get_response_finish(spdm_context,
    1518              :                                          m_libspdm_finish_request1_size,
    1519              :                                          &m_libspdm_finish_request1,
    1520              :                                          &response_size, response);
    1521            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1522            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1523            1 :     spdm_response = (void *)response;
    1524            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1525              :                      SPDM_ERROR);
    1526            1 :     assert_int_equal(spdm_response->header.param1,
    1527              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    1528            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1529            1 :     free(data1);
    1530            1 : }
    1531              : 
    1532              : /**
    1533              :  * Test 15: receiving a FINISH message from the requester with an incorrect
    1534              :  * signature (all-zero), but a correct MAC.
    1535              :  * Expected behavior: the responder refuses the FINISH message and produces
    1536              :  * an ERROR message indicating the DecryptError.
    1537              :  **/
    1538            1 : void libspdm_test_responder_finish_case15(void **state)
    1539              : {
    1540              :     libspdm_return_t status;
    1541              :     libspdm_test_context_t *spdm_test_context;
    1542              :     libspdm_context_t *spdm_context;
    1543              :     size_t response_size;
    1544              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1545              :     spdm_finish_response_t *spdm_response;
    1546              :     void *data1;
    1547              :     size_t data_size1;
    1548              :     void *data2;
    1549              :     size_t data_size2;
    1550              :     uint8_t *ptr;
    1551              :     uint8_t *cert_buffer;
    1552              :     size_t cert_buffer_size;
    1553              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1554              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1555              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1556              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1557              :     libspdm_session_info_t *session_info;
    1558              :     uint32_t session_id;
    1559              :     uint32_t hash_size;
    1560              :     uint32_t hmac_size;
    1561              :     size_t req_asym_signature_size;
    1562              : 
    1563            1 :     spdm_test_context = *state;
    1564            1 :     spdm_context = spdm_test_context->spdm_context;
    1565            1 :     spdm_test_context->case_id = 0xF;
    1566            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1567              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1568            1 :     spdm_context->connection_info.connection_state =
    1569              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1570            1 :     spdm_context->connection_info.capability.flags |=
    1571              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1572            1 :     spdm_context->local_context.capability.flags |=
    1573              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1574            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1575              :         m_libspdm_use_hash_algo;
    1576            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1577              :         m_libspdm_use_asym_algo;
    1578            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    1579              :         m_libspdm_use_req_asym_algo;
    1580            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1581              :         m_libspdm_use_measurement_spec;
    1582            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1583              :         m_libspdm_use_measurement_hash_algo;
    1584            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1585              :         m_libspdm_use_dhe_algo;
    1586            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1587              :         m_libspdm_use_aead_algo;
    1588            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1589              :                                                     m_libspdm_use_asym_algo, &data1,
    1590              :                                                     &data_size1, NULL, NULL);
    1591            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1592            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1593              :         data_size1;
    1594            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1595            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1596              :         data_size1;
    1597              : 
    1598            1 :     libspdm_reset_message_a(spdm_context);
    1599            1 :     spdm_context->local_context.mut_auth_requested = 1;
    1600            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    1601              :                                                     m_libspdm_use_req_asym_algo, &data2,
    1602              :                                                     &data_size2, NULL, NULL);
    1603              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    1604              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    1605              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    1606              :                      data2, data_size2);
    1607              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    1608              :         data_size2;
    1609              : #endif
    1610              : 
    1611            1 :     session_id = 0xFFFFFFFF;
    1612            1 :     spdm_context->latest_session_id = session_id;
    1613            1 :     session_info = &spdm_context->session_info[0];
    1614            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1615            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1616            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1617            1 :     libspdm_secured_message_set_request_finished_key(
    1618              :         session_info->secured_message_context, m_dummy_buffer,
    1619              :         hash_size);
    1620            1 :     libspdm_secured_message_set_session_state(
    1621              :         session_info->secured_message_context,
    1622              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1623            1 :     session_info->mut_auth_requested = 1;
    1624              : 
    1625            1 :     spdm_context->connection_info.capability.flags |=
    1626              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1627            1 :     spdm_context->local_context.capability.flags |=
    1628              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1629            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1630            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1631            1 :     req_asym_signature_size =
    1632            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    1633            1 :     ptr = m_libspdm_finish_request3.signature;
    1634            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1635            1 :     cert_buffer = (uint8_t *)data1;
    1636            1 :     cert_buffer_size = data_size1;
    1637            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1638              :                      cert_buffer_hash);
    1639            1 :     cert_buffer = (uint8_t *)data2;
    1640            1 :     cert_buffer_size = data_size2;
    1641            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1642              :                      req_cert_buffer_hash);
    1643              :     /* transcript.message_a size is 0*/
    1644            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1645              :     /* session_transcript.message_k is 0*/
    1646            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    1647            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request3,
    1648              :                                   sizeof(spdm_finish_request_t));
    1649              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    1650            1 :     libspdm_requester_data_sign(
    1651              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    1652              :         spdm_context,
    1653              : #endif
    1654            1 :         m_libspdm_finish_request3.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    1655              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    1656            1 :             false, libspdm_get_managed_buffer(&th_curr),
    1657              :             libspdm_get_managed_buffer_size(&th_curr),
    1658              :             ptr, &req_asym_signature_size);
    1659              : #endif
    1660            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    1661            1 :     ptr += req_asym_signature_size;
    1662            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1663            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1664              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1665            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1666              :                      request_finished_key, hash_size, ptr);
    1667            1 :     libspdm_set_mem(m_libspdm_finish_request3.signature,
    1668              :                     req_asym_signature_size, (uint8_t) 0x00); /*zero signature*/
    1669            1 :     m_libspdm_finish_request3_size = sizeof(spdm_finish_request_t) +
    1670            1 :                                      req_asym_signature_size + hmac_size;
    1671            1 :     response_size = sizeof(response);
    1672            1 :     status = libspdm_get_response_finish(spdm_context,
    1673              :                                          m_libspdm_finish_request3_size,
    1674              :                                          &m_libspdm_finish_request3,
    1675              :                                          &response_size, response);
    1676            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1677            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1678            1 :     spdm_response = (void *)response;
    1679            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1680              :                      SPDM_ERROR);
    1681            1 :     assert_int_equal(spdm_response->header.param1,
    1682              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1683            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1684            1 :     free(data1);
    1685            1 :     free(data2);
    1686            1 : }
    1687              : 
    1688              : /**
    1689              :  * Test 16: receiving a FINISH message from the requester with an incorrect
    1690              :  * signature (arbitrary), but a correct MAC.
    1691              :  * Expected behavior: the responder refuses the FINISH message and produces
    1692              :  * an ERROR message indicating the DecryptError.
    1693              :  **/
    1694            1 : void libspdm_test_responder_finish_case16(void **state)
    1695              : {
    1696              :     libspdm_return_t status;
    1697              :     libspdm_test_context_t *spdm_test_context;
    1698              :     libspdm_context_t *spdm_context;
    1699              :     size_t response_size;
    1700              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1701              :     spdm_finish_response_t *spdm_response;
    1702              :     void *data1;
    1703              :     size_t data_size1;
    1704              :     void *data2;
    1705              :     size_t data_size2;
    1706              :     uint8_t *ptr;
    1707              :     uint8_t *cert_buffer;
    1708              :     size_t cert_buffer_size;
    1709              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1710              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1711              :     uint8_t random_buffer[LIBSPDM_MAX_HASH_SIZE];
    1712              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1713              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1714              :     libspdm_session_info_t *session_info;
    1715              :     uint32_t session_id;
    1716              :     uint32_t hash_size;
    1717              :     uint32_t hmac_size;
    1718              :     size_t req_asym_signature_size;
    1719              : 
    1720            1 :     spdm_test_context = *state;
    1721            1 :     spdm_context = spdm_test_context->spdm_context;
    1722            1 :     spdm_test_context->case_id = 0x10;
    1723            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1724              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1725            1 :     spdm_context->connection_info.connection_state =
    1726              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1727            1 :     spdm_context->connection_info.capability.flags |=
    1728              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1729            1 :     spdm_context->local_context.capability.flags |=
    1730              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1731            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1732              :         m_libspdm_use_hash_algo;
    1733            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1734              :         m_libspdm_use_asym_algo;
    1735            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    1736              :         m_libspdm_use_req_asym_algo;
    1737            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1738              :         m_libspdm_use_measurement_spec;
    1739            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1740              :         m_libspdm_use_measurement_hash_algo;
    1741            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1742              :         m_libspdm_use_dhe_algo;
    1743            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1744              :         m_libspdm_use_aead_algo;
    1745            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1746              :                                                     m_libspdm_use_asym_algo, &data1,
    1747              :                                                     &data_size1, NULL, NULL);
    1748            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1749            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1750              :         data_size1;
    1751            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1752            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1753              :         data_size1;
    1754              : 
    1755            1 :     libspdm_reset_message_a(spdm_context);
    1756            1 :     spdm_context->local_context.mut_auth_requested = 1;
    1757            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    1758              :                                                     m_libspdm_use_req_asym_algo, &data2,
    1759              :                                                     &data_size2, NULL, NULL);
    1760              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    1761              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    1762              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    1763              :                      data2, data_size2);
    1764              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    1765              :         data_size2;
    1766              : #endif
    1767              : 
    1768            1 :     session_id = 0xFFFFFFFF;
    1769            1 :     spdm_context->latest_session_id = session_id;
    1770            1 :     session_info = &spdm_context->session_info[0];
    1771            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1772            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1773            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1774            1 :     libspdm_secured_message_set_request_finished_key(
    1775              :         session_info->secured_message_context, m_dummy_buffer,
    1776              :         hash_size);
    1777            1 :     libspdm_secured_message_set_session_state(
    1778              :         session_info->secured_message_context,
    1779              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1780            1 :     session_info->mut_auth_requested = 1;
    1781              : 
    1782            1 :     spdm_context->connection_info.capability.flags |=
    1783              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1784            1 :     spdm_context->local_context.capability.flags |=
    1785              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1786            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1787            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1788            1 :     req_asym_signature_size =
    1789            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    1790            1 :     ptr = m_libspdm_finish_request3.signature;
    1791            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1792            1 :     cert_buffer = (uint8_t *)data1;
    1793            1 :     cert_buffer_size = data_size1;
    1794            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1795              :                      cert_buffer_hash);
    1796            1 :     cert_buffer = (uint8_t *)data2;
    1797            1 :     cert_buffer_size = data_size2;
    1798            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    1799              :                      req_cert_buffer_hash);
    1800              :     /* transcript.message_a size is 0*/
    1801            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1802              :     /* session_transcript.message_k is 0*/
    1803            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    1804            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request3,
    1805              :                                   sizeof(spdm_finish_request_t));
    1806              :     /*randomize signature*/
    1807            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1808              :                      libspdm_get_managed_buffer_size(&th_curr), random_buffer);
    1809              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    1810            1 :     libspdm_requester_data_sign(
    1811              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    1812              :         spdm_context,
    1813              : #endif
    1814            1 :         m_libspdm_finish_request3.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    1815              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    1816              :             false, random_buffer, hash_size, ptr, &req_asym_signature_size);
    1817              : #endif
    1818            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    1819            1 :     ptr += req_asym_signature_size;
    1820            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1821            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1822              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1823            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1824              :                      request_finished_key, hash_size, ptr);
    1825            1 :     m_libspdm_finish_request3_size = sizeof(spdm_finish_request_t) +
    1826            1 :                                      req_asym_signature_size + hmac_size;
    1827            1 :     response_size = sizeof(response);
    1828            1 :     status = libspdm_get_response_finish(spdm_context,
    1829              :                                          m_libspdm_finish_request3_size,
    1830              :                                          &m_libspdm_finish_request3,
    1831              :                                          &response_size, response);
    1832            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1833            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1834            1 :     spdm_response = (void *)response;
    1835            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1836              :                      SPDM_ERROR);
    1837            1 :     assert_int_equal(spdm_response->header.param1,
    1838              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1839            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1840            1 :     free(data1);
    1841            1 :     free(data2);
    1842            1 : }
    1843              : 
    1844              : /**
    1845              :  * Test 17: receiving a correct FINISH from the requester.
    1846              :  * Expected behavior: the responder accepts the request and produces a valid FINISH
    1847              :  * response message, and buffer F receives the exchanged FINISH and FINISH_RSP messages.
    1848              :  **/
    1849            1 : void libspdm_test_responder_finish_case17(void **state)
    1850              : {
    1851              :     libspdm_return_t status;
    1852              :     libspdm_test_context_t *spdm_test_context;
    1853              :     libspdm_context_t *spdm_context;
    1854              :     size_t response_size;
    1855              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1856              :     spdm_finish_response_t *spdm_response;
    1857              :     void *data1;
    1858              :     size_t data_size1;
    1859              :     uint8_t *ptr;
    1860              :     uint8_t *cert_buffer;
    1861              :     size_t cert_buffer_size;
    1862              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1863              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1864              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1865              :     libspdm_session_info_t *session_info;
    1866              :     uint32_t session_id;
    1867              :     uint32_t hash_size;
    1868              :     uint32_t hmac_size;
    1869              : 
    1870            1 :     spdm_test_context = *state;
    1871            1 :     spdm_context = spdm_test_context->spdm_context;
    1872            1 :     spdm_test_context->case_id = 0x11;
    1873            1 :     spdm_context->connection_info.connection_state =
    1874              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1875            1 :     spdm_context->connection_info.capability.flags |=
    1876              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1877            1 :     spdm_context->local_context.capability.flags |=
    1878              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1879            1 :     spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
    1880            1 :     spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
    1881            1 :     spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
    1882            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1883              :         m_libspdm_use_measurement_hash_algo;
    1884            1 :     spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
    1885            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
    1886            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1887              :                                                     m_libspdm_use_asym_algo, &data1,
    1888              :                                                     &data_size1, NULL, NULL);
    1889            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1890            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
    1891            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1892            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size = data_size1;
    1893              : 
    1894            1 :     libspdm_reset_message_a(spdm_context);
    1895            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1896              : 
    1897            1 :     session_id = 0xFFFFFFFF;
    1898            1 :     spdm_context->latest_session_id = session_id;
    1899            1 :     session_info = &spdm_context->session_info[0];
    1900            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    1901            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1902            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1903            1 :     libspdm_secured_message_set_request_finished_key(
    1904              :         session_info->secured_message_context, m_dummy_buffer, hash_size);
    1905            1 :     libspdm_secured_message_set_session_state(
    1906              :         session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
    1907              : 
    1908            1 :     spdm_context->connection_info.capability.flags |=
    1909              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1910            1 :     spdm_context->local_context.capability.flags |=
    1911              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    1912            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1913            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1914            1 :     ptr = m_libspdm_finish_request1.signature;
    1915            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1916            1 :     cert_buffer = (uint8_t *)data1;
    1917            1 :     cert_buffer_size = data_size1;
    1918            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size, cert_buffer_hash);
    1919              :     /* transcript.message_a size is 0*/
    1920            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    1921              :     /* session_transcript.message_k is 0*/
    1922            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
    1923              :                                   sizeof(spdm_finish_request_t));
    1924            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1925            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1926              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1927            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1928              :                      request_finished_key, hash_size, ptr);
    1929            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    1930            1 :     response_size = sizeof(response);
    1931            1 :     status = libspdm_get_response_finish(
    1932              :         spdm_context, m_libspdm_finish_request1_size, &m_libspdm_finish_request1,
    1933              :         &response_size, response);
    1934            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1935            1 :     assert_int_equal(response_size, sizeof(spdm_finish_response_t) + hmac_size);
    1936            1 :     spdm_response = (void *)response;
    1937            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_FINISH_RSP);
    1938              : 
    1939              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    1940              :     assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
    1941              :                      m_libspdm_finish_request1_size + response_size);
    1942              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
    1943              :                         &m_libspdm_finish_request1, m_libspdm_finish_request1_size);
    1944              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer +
    1945              :                         m_libspdm_finish_request1_size,
    1946              :                         response, response_size);
    1947              : #endif
    1948              : 
    1949            1 :     free(data1);
    1950            1 : }
    1951              : 
    1952              : /**
    1953              :  * Test 18: receiving a correct FINISH message from the requester with
    1954              :  * correct MAC and signature (with mutual authentication), and 'handshake in
    1955              :  * the clear'. The slot_id for requester mutual authentication is 0xFF.
    1956              :  * Expected behavior: the responder accepts the request and produces a valid
    1957              :  * FINISH_RSP response message.
    1958              :  **/
    1959            1 : void libspdm_test_responder_finish_case18(void **state)
    1960              : {
    1961              :     libspdm_return_t status;
    1962              :     libspdm_test_context_t *spdm_test_context;
    1963              :     libspdm_context_t *spdm_context;
    1964              :     size_t response_size;
    1965              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1966              :     spdm_finish_response_t *spdm_response;
    1967              :     void *data1;
    1968              :     size_t data_size1;
    1969              :     void *data2;
    1970              :     size_t data_size2;
    1971              :     uint8_t *ptr;
    1972              :     uint8_t *cert_buffer;
    1973              :     size_t cert_buffer_size;
    1974              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1975              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    1976              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1977              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1978              :     libspdm_session_info_t *session_info;
    1979              :     uint32_t session_id;
    1980              :     uint32_t hash_size;
    1981              :     uint32_t hmac_size;
    1982              :     size_t req_asym_signature_size;
    1983              : 
    1984            1 :     spdm_test_context = *state;
    1985            1 :     spdm_context = spdm_test_context->spdm_context;
    1986            1 :     spdm_test_context->case_id = 0x12;
    1987            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1988              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1989            1 :     spdm_context->connection_info.connection_state =
    1990              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1991            1 :     spdm_context->connection_info.capability.flags |=
    1992              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    1993            1 :     spdm_context->local_context.capability.flags |=
    1994              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    1995            1 :     spdm_context->connection_info.capability.flags |=
    1996              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP;
    1997            1 :     spdm_context->local_context.capability.flags |=
    1998              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP;
    1999            1 :     spdm_context->connection_info.capability.flags |=
    2000              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2001            1 :     spdm_context->local_context.capability.flags |=
    2002              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2003            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2004              :         m_libspdm_use_hash_algo;
    2005            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2006              :         m_libspdm_use_asym_algo;
    2007            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2008              :         m_libspdm_use_req_asym_algo;
    2009            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2010              :         m_libspdm_use_dhe_algo;
    2011            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2012              :         m_libspdm_use_aead_algo;
    2013            1 :     libspdm_read_responder_public_key(m_libspdm_use_asym_algo, &data1, &data_size1);
    2014            1 :     spdm_context->local_context.local_public_key_provision = data1;
    2015            1 :     spdm_context->local_context.local_public_key_provision_size = data_size1;
    2016            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2017            1 :     libspdm_read_requester_public_key(m_libspdm_use_req_asym_algo, &data2, &data_size2);
    2018            1 :     spdm_context->local_context.peer_public_key_provision = data2;
    2019            1 :     spdm_context->local_context.peer_public_key_provision_size = data_size2;
    2020              : 
    2021            1 :     spdm_context->encap_context.req_slot_id = 0xFF;
    2022            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0xFF;
    2023            1 :     spdm_context->connection_info.local_used_cert_chain_slot_id = 0xFF;
    2024              : 
    2025            1 :     libspdm_reset_message_a(spdm_context);
    2026              : 
    2027            1 :     session_id = 0xFFFFFFFF;
    2028            1 :     spdm_context->latest_session_id = session_id;
    2029            1 :     session_info = &spdm_context->session_info[0];
    2030            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2031            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2032            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2033            1 :     libspdm_secured_message_set_request_finished_key(
    2034              :         session_info->secured_message_context, m_dummy_buffer,
    2035              :         hash_size);
    2036            1 :     libspdm_secured_message_set_session_state(
    2037              :         session_info->secured_message_context,
    2038              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2039            1 :     session_info->mut_auth_requested = 1;
    2040              : 
    2041            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2042            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2043            1 :     req_asym_signature_size =
    2044            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    2045            1 :     ptr = m_libspdm_finish_request4.signature;
    2046            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2047            1 :     cert_buffer = (uint8_t *)data1;
    2048            1 :     cert_buffer_size = data_size1;
    2049            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2050              :                      cert_buffer_hash);
    2051            1 :     cert_buffer = (uint8_t *)data2;
    2052            1 :     cert_buffer_size = data_size2;
    2053            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2054              :                      req_cert_buffer_hash);
    2055              :     /* transcript.message_a size is 0*/
    2056            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2057              :     /* session_transcript.message_k is 0*/
    2058            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    2059            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request4,
    2060              :                                   sizeof(spdm_finish_request_t));
    2061              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    2062            1 :     libspdm_requester_data_sign(
    2063              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    2064              :         spdm_context,
    2065              : #endif
    2066            1 :         m_libspdm_finish_request4.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT,
    2067              :             SPDM_FINISH,
    2068              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    2069            1 :             false, libspdm_get_managed_buffer(&th_curr),
    2070              :             libspdm_get_managed_buffer_size(&th_curr),
    2071              :             ptr, &req_asym_signature_size);
    2072              : #endif
    2073            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    2074            1 :     ptr += req_asym_signature_size;
    2075              : 
    2076            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2077            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2078              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2079            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2080              :                      request_finished_key, hash_size, ptr);
    2081            1 :     m_libspdm_finish_request4_size = sizeof(spdm_finish_request_t) +
    2082            1 :                                      req_asym_signature_size + hmac_size;
    2083            1 :     response_size = sizeof(response);
    2084            1 :     status = libspdm_get_response_finish(spdm_context,
    2085              :                                          m_libspdm_finish_request4_size,
    2086              :                                          &m_libspdm_finish_request4,
    2087              :                                          &response_size, response);
    2088            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2089            1 :     assert_int_equal(response_size,
    2090              :                      sizeof(spdm_finish_response_t) + hmac_size);
    2091            1 :     spdm_response = (void *)response;
    2092            1 :     assert_int_equal(spdm_response->header.request_response_code,
    2093              :                      SPDM_FINISH_RSP);
    2094            1 :     free(data1);
    2095            1 :     free(data2);
    2096            1 : }
    2097              : 
    2098              : /**
    2099              :  * Test 19: receiving a invalid FINISH request message, enable mutual authentication without using the encapsulated request flow,
    2100              :  * that is KEY_EXCHANGE_RSP.MutAuthRequested equals 0x01.
    2101              :  * SlotID in FINISH request message is 10, but it shall be 0xFF or between 0 and 7 inclusive.
    2102              :  * Expected behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
    2103              :  **/
    2104            1 : void libspdm_test_responder_finish_case19(void **state)
    2105              : {
    2106              :     libspdm_return_t status;
    2107              :     libspdm_test_context_t *spdm_test_context;
    2108              :     libspdm_context_t *spdm_context;
    2109              :     size_t response_size;
    2110              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2111              :     spdm_finish_response_t *spdm_response;
    2112              :     void *data1;
    2113              :     size_t data_size1;
    2114              :     void *data2;
    2115              :     size_t data_size2;
    2116              :     uint8_t *ptr;
    2117              :     uint8_t *cert_buffer;
    2118              :     size_t cert_buffer_size;
    2119              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2120              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2121              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2122              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2123              :     libspdm_session_info_t *session_info;
    2124              :     uint32_t session_id;
    2125              :     uint32_t hash_size;
    2126              :     uint32_t hmac_size;
    2127              :     size_t req_asym_signature_size;
    2128              : 
    2129            1 :     spdm_test_context = *state;
    2130            1 :     spdm_context = spdm_test_context->spdm_context;
    2131            1 :     spdm_test_context->case_id = 0x13;
    2132            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2133              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2134            1 :     spdm_context->connection_info.connection_state =
    2135              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2136            1 :     spdm_context->connection_info.capability.flags |=
    2137              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2138            1 :     spdm_context->local_context.capability.flags |=
    2139              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2140            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2141              :         m_libspdm_use_hash_algo;
    2142            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2143              :         m_libspdm_use_asym_algo;
    2144            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2145              :         m_libspdm_use_req_asym_algo;
    2146            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2147              :         m_libspdm_use_measurement_spec;
    2148            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2149              :         m_libspdm_use_measurement_hash_algo;
    2150            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2151              :         m_libspdm_use_dhe_algo;
    2152            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2153              :         m_libspdm_use_aead_algo;
    2154            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2155              :                                                     m_libspdm_use_asym_algo, &data1,
    2156              :                                                     &data_size1, NULL, NULL);
    2157            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2158            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2159              :         data_size1;
    2160            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2161            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2162              :         data_size1;
    2163              : 
    2164            1 :     libspdm_reset_message_a(spdm_context);
    2165            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2166            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    2167              :                                                     m_libspdm_use_req_asym_algo, &data2,
    2168              :                                                     &data_size2, NULL, NULL);
    2169              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    2170              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    2171              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    2172              :                      data2, data_size2);
    2173              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    2174              :         data_size2;
    2175              : #else
    2176            1 :     libspdm_hash_all(
    2177              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2178              :         data2, data_size2,
    2179            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    2180            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    2181            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    2182            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    2183              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2184            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    2185              :         data2,
    2186              :         data_size2,
    2187              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    2188              : #endif
    2189            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    2190              : 
    2191            1 :     session_id = 0xFFFFFFFF;
    2192            1 :     spdm_context->latest_session_id = session_id;
    2193            1 :     session_info = &spdm_context->session_info[0];
    2194            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2195            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2196            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2197            1 :     libspdm_secured_message_set_request_finished_key(
    2198              :         session_info->secured_message_context, m_dummy_buffer,
    2199              :         hash_size);
    2200            1 :     libspdm_secured_message_set_session_state(
    2201              :         session_info->secured_message_context,
    2202              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2203            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2204              : 
    2205            1 :     spdm_context->connection_info.capability.flags |=
    2206              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2207            1 :     spdm_context->local_context.capability.flags |=
    2208              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2209            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2210            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2211            1 :     req_asym_signature_size =
    2212            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    2213            1 :     ptr = m_libspdm_finish_request5.signature;
    2214            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2215            1 :     cert_buffer = (uint8_t *)data1;
    2216            1 :     cert_buffer_size = data_size1;
    2217            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2218              :                      cert_buffer_hash);
    2219            1 :     cert_buffer = (uint8_t *)data2;
    2220            1 :     cert_buffer_size = data_size2;
    2221            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2222              :                      req_cert_buffer_hash);
    2223              :     /* transcript.message_a size is 0*/
    2224            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2225              :     /* session_transcript.message_k is 0*/
    2226            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    2227            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request5,
    2228              :                                   sizeof(spdm_finish_request_t));
    2229              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    2230            1 :     libspdm_requester_data_sign(
    2231              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    2232              :         spdm_context,
    2233              : #endif
    2234            1 :         m_libspdm_finish_request5.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    2235              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    2236            1 :             false, libspdm_get_managed_buffer(&th_curr),
    2237              :             libspdm_get_managed_buffer_size(&th_curr),
    2238              :             ptr, &req_asym_signature_size);
    2239              : #endif
    2240            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    2241            1 :     ptr += req_asym_signature_size;
    2242            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2243            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2244              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2245            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2246              :                      request_finished_key, hash_size, ptr);
    2247            1 :     m_libspdm_finish_request5_size = sizeof(spdm_finish_request_t) +
    2248            1 :                                      req_asym_signature_size + hmac_size;
    2249            1 :     response_size = sizeof(response);
    2250            1 :     status = libspdm_get_response_finish(spdm_context,
    2251              :                                          m_libspdm_finish_request5_size,
    2252              :                                          &m_libspdm_finish_request5,
    2253              :                                          &response_size, response);
    2254            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2255            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    2256            1 :     spdm_response = (void *)response;
    2257            1 :     assert_int_equal(spdm_response->header.request_response_code,
    2258              :                      SPDM_ERROR);
    2259            1 :     assert_int_equal(spdm_response->header.param1,
    2260              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    2261            1 :     assert_int_equal(spdm_response->header.param2, 0);
    2262            1 :     free(data1);
    2263            1 :     free(data2);
    2264            1 : }
    2265              : 
    2266              : /**
    2267              :  * Test 20: receiving a invalid FINISH request message, enable mutual authentication with using the encapsulated request flow,
    2268              :  * that is KEY_EXCHANGE_RSP.MutAuthRequested equals 0x02.
    2269              :  * SlotID in FINISH request message is 3, but it shall match the value 0 in final ENCAPSULATED_RESPONSE_ACK.EncapsulatedRequest.
    2270              :  * Expected behavior: generate an ERROR_RESPONSE with code SPDM_ERROR_CODE_INVALID_REQUEST.
    2271              :  **/
    2272            1 : void libspdm_test_responder_finish_case20(void **state)
    2273              : {
    2274              :     libspdm_return_t status;
    2275              :     libspdm_test_context_t *spdm_test_context;
    2276              :     libspdm_context_t *spdm_context;
    2277              :     size_t response_size;
    2278              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2279              :     spdm_finish_response_t *spdm_response;
    2280              :     void *data1;
    2281              :     size_t data_size1;
    2282              :     void *data2;
    2283              :     size_t data_size2;
    2284              :     uint8_t *ptr;
    2285              :     uint8_t *cert_buffer;
    2286              :     size_t cert_buffer_size;
    2287              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2288              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2289              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2290              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2291              :     libspdm_session_info_t *session_info;
    2292              :     uint32_t session_id;
    2293              :     uint32_t hash_size;
    2294              :     uint32_t hmac_size;
    2295              :     size_t req_asym_signature_size;
    2296              : 
    2297            1 :     spdm_test_context = *state;
    2298            1 :     spdm_context = spdm_test_context->spdm_context;
    2299            1 :     spdm_test_context->case_id = 0x14;
    2300            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2301              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2302            1 :     spdm_context->connection_info.connection_state =
    2303              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2304            1 :     spdm_context->connection_info.capability.flags |=
    2305              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2306            1 :     spdm_context->local_context.capability.flags |=
    2307              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2308            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2309              :         m_libspdm_use_hash_algo;
    2310            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2311              :         m_libspdm_use_asym_algo;
    2312            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2313              :         m_libspdm_use_req_asym_algo;
    2314            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2315              :         m_libspdm_use_measurement_spec;
    2316            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2317              :         m_libspdm_use_measurement_hash_algo;
    2318            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2319              :         m_libspdm_use_dhe_algo;
    2320            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2321              :         m_libspdm_use_aead_algo;
    2322            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2323              :                                                     m_libspdm_use_asym_algo, &data1,
    2324              :                                                     &data_size1, NULL, NULL);
    2325            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2326            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2327              :         data_size1;
    2328            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2329            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2330              :         data_size1;
    2331              : 
    2332            1 :     libspdm_reset_message_a(spdm_context);
    2333            1 :     spdm_context->local_context.mut_auth_requested =
    2334              :         SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST;
    2335            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    2336              :                                                     m_libspdm_use_req_asym_algo, &data2,
    2337              :                                                     &data_size2, NULL, NULL);
    2338              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    2339              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    2340              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    2341              :                      data2, data_size2);
    2342              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    2343              :         data_size2;
    2344              : #else
    2345            1 :     libspdm_hash_all(
    2346              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2347              :         data2, data_size2,
    2348            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    2349            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    2350            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    2351            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    2352              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2353            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    2354              :         data2,
    2355              :         data_size2,
    2356              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    2357              : #endif
    2358            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    2359              : 
    2360            1 :     session_id = 0xFFFFFFFF;
    2361            1 :     spdm_context->latest_session_id = session_id;
    2362            1 :     session_info = &spdm_context->session_info[0];
    2363            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2364            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2365            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2366            1 :     libspdm_secured_message_set_request_finished_key(
    2367              :         session_info->secured_message_context, m_dummy_buffer,
    2368              :         hash_size);
    2369            1 :     libspdm_secured_message_set_session_state(
    2370              :         session_info->secured_message_context,
    2371              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2372            1 :     session_info->mut_auth_requested =
    2373              :         SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST;
    2374              : 
    2375            1 :     spdm_context->connection_info.capability.flags |=
    2376              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2377            1 :     spdm_context->local_context.capability.flags |=
    2378              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2379            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2380            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2381            1 :     req_asym_signature_size =
    2382            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    2383            1 :     ptr = m_libspdm_finish_request7.signature;
    2384            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2385            1 :     cert_buffer = (uint8_t *)data1;
    2386            1 :     cert_buffer_size = data_size1;
    2387            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2388              :                      cert_buffer_hash);
    2389            1 :     cert_buffer = (uint8_t *)data2;
    2390            1 :     cert_buffer_size = data_size2;
    2391            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2392              :                      req_cert_buffer_hash);
    2393              :     /* transcript.message_a size is 0*/
    2394            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2395              :     /* session_transcript.message_k is 0*/
    2396            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    2397            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request7,
    2398              :                                   sizeof(spdm_finish_request_t));
    2399              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    2400            1 :     libspdm_requester_data_sign(
    2401              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    2402              :         spdm_context,
    2403              : #endif
    2404            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    2405              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    2406            1 :             false, libspdm_get_managed_buffer(&th_curr),
    2407              :             libspdm_get_managed_buffer_size(&th_curr),
    2408              :             ptr, &req_asym_signature_size);
    2409              : #endif
    2410            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    2411            1 :     ptr += req_asym_signature_size;
    2412            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2413            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2414              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2415            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2416              :                      request_finished_key, hash_size, ptr);
    2417            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    2418            1 :                                      req_asym_signature_size + hmac_size;
    2419            1 :     response_size = sizeof(response);
    2420            1 :     status = libspdm_get_response_finish(spdm_context,
    2421              :                                          m_libspdm_finish_request7_size,
    2422              :                                          &m_libspdm_finish_request7,
    2423              :                                          &response_size, response);
    2424            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2425            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    2426            1 :     spdm_response = (void *)response;
    2427            1 :     assert_int_equal(spdm_response->header.request_response_code,
    2428              :                      SPDM_ERROR);
    2429            1 :     assert_int_equal(spdm_response->header.param1,
    2430              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    2431            1 :     assert_int_equal(spdm_response->header.param2, 0);
    2432            1 :     free(data1);
    2433            1 :     free(data2);
    2434            1 : }
    2435              : 
    2436              : /**
    2437              :  * Test 21: receiving a valid FINISH request message, due to disable mutual authentication,
    2438              :  * although SlotID in FINISH request message is 10, it shall be ignored when read.
    2439              :  * Expected behavior: the responder accepts the request and produces a valid
    2440              :  * FINISH_RSP response message.
    2441              :  **/
    2442            1 : void libspdm_test_responder_finish_case21(void **state)
    2443              : {
    2444              :     libspdm_return_t status;
    2445              :     libspdm_test_context_t *spdm_test_context;
    2446              :     libspdm_context_t *spdm_context;
    2447              :     size_t response_size;
    2448              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2449              :     spdm_finish_response_t *spdm_response;
    2450              :     void *data1;
    2451              :     size_t data_size1;
    2452              :     uint8_t *ptr;
    2453              :     uint8_t *cert_buffer;
    2454              :     size_t cert_buffer_size;
    2455              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2456              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2457              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2458              :     libspdm_session_info_t *session_info;
    2459              :     uint32_t session_id;
    2460              :     uint32_t hash_size;
    2461              :     uint32_t hmac_size;
    2462              : 
    2463            1 :     spdm_test_context = *state;
    2464            1 :     spdm_context = spdm_test_context->spdm_context;
    2465            1 :     spdm_test_context->case_id = 0x15;
    2466            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2467              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2468            1 :     spdm_context->connection_info.connection_state =
    2469              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2470            1 :     spdm_context->connection_info.capability.flags |=
    2471              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2472            1 :     spdm_context->local_context.capability.flags |=
    2473              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2474            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2475              :         m_libspdm_use_hash_algo;
    2476            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2477              :         m_libspdm_use_asym_algo;
    2478            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2479              :         m_libspdm_use_measurement_spec;
    2480            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2481              :         m_libspdm_use_measurement_hash_algo;
    2482            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2483              :         m_libspdm_use_dhe_algo;
    2484            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2485              :         m_libspdm_use_aead_algo;
    2486            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2487              :                                                     m_libspdm_use_asym_algo, &data1,
    2488              :                                                     &data_size1, NULL, NULL);
    2489            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2490            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2491              :         data_size1;
    2492            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2493            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2494              :         data_size1;
    2495              : 
    2496            1 :     libspdm_reset_message_a(spdm_context);
    2497            1 :     spdm_context->local_context.mut_auth_requested = 0;
    2498              : 
    2499            1 :     session_id = 0xFFFFFFFF;
    2500            1 :     spdm_context->latest_session_id = session_id;
    2501            1 :     session_info = &spdm_context->session_info[0];
    2502            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2503            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2504            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2505            1 :     libspdm_secured_message_set_request_finished_key(
    2506              :         session_info->secured_message_context, m_dummy_buffer,
    2507              :         hash_size);
    2508            1 :     libspdm_secured_message_set_session_state(
    2509              :         session_info->secured_message_context,
    2510              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2511            1 :     session_info->mut_auth_requested = 0;
    2512              : 
    2513            1 :     spdm_context->connection_info.capability.flags |=
    2514              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2515            1 :     spdm_context->local_context.capability.flags |=
    2516              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2517            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2518            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2519            1 :     ptr = m_libspdm_finish_request6.signature;
    2520            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2521            1 :     cert_buffer = (uint8_t *)data1;
    2522            1 :     cert_buffer_size = data_size1;
    2523            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2524              :                      cert_buffer_hash);
    2525              :     /* transcript.message_a size is 0*/
    2526            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2527              :     /* session_transcript.message_k is 0*/
    2528            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request6,
    2529              :                                   sizeof(spdm_finish_request_t));
    2530            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2531            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2532              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2533            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2534              :                      request_finished_key, hash_size, ptr);
    2535            1 :     m_libspdm_finish_request6_size = sizeof(spdm_finish_request_t) + hmac_size;
    2536            1 :     response_size = sizeof(response);
    2537            1 :     status = libspdm_get_response_finish(spdm_context,
    2538              :                                          m_libspdm_finish_request6_size,
    2539              :                                          &m_libspdm_finish_request6,
    2540              :                                          &response_size, response);
    2541            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2542            1 :     spdm_response = (void *)response;
    2543            1 :     assert_int_equal(spdm_response->header.request_response_code,
    2544              :                      SPDM_FINISH_RSP);
    2545            1 :     assert_int_equal(response_size,
    2546              :                      sizeof(spdm_finish_response_t) + hmac_size);
    2547            1 :     free(data1);
    2548            1 : }
    2549              : 
    2550              : /**
    2551              :  * Test 22: receiving a valid FINISH request message, enable mutual authentication without using the encapsulated request flow,
    2552              :  * that is KEY_EXCHANGE_RSP.MutAuthRequested equals 0x01.
    2553              :  * although SlotID in FINISH request message is 3, it no need match the value 0 in final ENCAPSULATED_RESPONSE_ACK.EncapsulatedRequest.
    2554              :  * Expected behavior: the responder accepts the request and produces a valid
    2555              :  * FINISH_RSP response message.
    2556              :  **/
    2557            1 : void libspdm_test_responder_finish_case22(void **state)
    2558              : {
    2559              :     libspdm_return_t status;
    2560              :     libspdm_test_context_t *spdm_test_context;
    2561              :     libspdm_context_t *spdm_context;
    2562              :     size_t response_size;
    2563              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2564              :     spdm_finish_response_t *spdm_response;
    2565              :     void *data1;
    2566              :     size_t data_size1;
    2567              :     void *data2;
    2568              :     size_t data_size2;
    2569              :     uint8_t *ptr;
    2570              :     uint8_t *cert_buffer;
    2571              :     size_t cert_buffer_size;
    2572              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2573              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2574              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2575              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2576              :     libspdm_session_info_t *session_info;
    2577              :     uint32_t session_id;
    2578              :     uint32_t hash_size;
    2579              :     uint32_t hmac_size;
    2580              :     size_t req_asym_signature_size;
    2581              : 
    2582            1 :     spdm_test_context = *state;
    2583            1 :     spdm_context = spdm_test_context->spdm_context;
    2584            1 :     spdm_test_context->case_id = 0x16;
    2585            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2586              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2587            1 :     spdm_context->connection_info.connection_state =
    2588              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2589            1 :     spdm_context->connection_info.capability.flags |=
    2590              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2591            1 :     spdm_context->local_context.capability.flags |=
    2592              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2593            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2594              :         m_libspdm_use_hash_algo;
    2595            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2596              :         m_libspdm_use_asym_algo;
    2597            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2598              :         m_libspdm_use_req_asym_algo;
    2599            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2600              :         m_libspdm_use_measurement_spec;
    2601            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2602              :         m_libspdm_use_measurement_hash_algo;
    2603            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2604              :         m_libspdm_use_dhe_algo;
    2605            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2606              :         m_libspdm_use_aead_algo;
    2607            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2608              :                                                     m_libspdm_use_asym_algo, &data1,
    2609              :                                                     &data_size1, NULL, NULL);
    2610            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2611            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2612              :         data_size1;
    2613            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2614            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2615              :         data_size1;
    2616              : 
    2617            1 :     libspdm_reset_message_a(spdm_context);
    2618            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2619            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    2620              :                                                     m_libspdm_use_req_asym_algo, &data2,
    2621              :                                                     &data_size2, NULL, NULL);
    2622              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    2623              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    2624              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    2625              :                      data2, data_size2);
    2626              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    2627              :         data_size2;
    2628              : #else
    2629            1 :     libspdm_hash_all(
    2630              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2631              :         data2, data_size2,
    2632            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    2633            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    2634            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    2635            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    2636              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2637            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    2638              :         data2,
    2639              :         data_size2,
    2640              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    2641              : #endif
    2642            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    2643              : 
    2644            1 :     session_id = 0xFFFFFFFF;
    2645            1 :     spdm_context->latest_session_id = session_id;
    2646            1 :     session_info = &spdm_context->session_info[0];
    2647            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2648            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2649            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2650            1 :     libspdm_secured_message_set_request_finished_key(
    2651              :         session_info->secured_message_context, m_dummy_buffer,
    2652              :         hash_size);
    2653            1 :     libspdm_secured_message_set_session_state(
    2654              :         session_info->secured_message_context,
    2655              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2656            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2657              : 
    2658            1 :     spdm_context->connection_info.capability.flags |=
    2659              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2660            1 :     spdm_context->local_context.capability.flags |=
    2661              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2662            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2663            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2664            1 :     req_asym_signature_size =
    2665            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    2666            1 :     ptr = m_libspdm_finish_request7.signature;
    2667            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2668            1 :     cert_buffer = (uint8_t *)data1;
    2669            1 :     cert_buffer_size = data_size1;
    2670            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2671              :                      cert_buffer_hash);
    2672            1 :     cert_buffer = (uint8_t *)data2;
    2673            1 :     cert_buffer_size = data_size2;
    2674            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2675              :                      req_cert_buffer_hash);
    2676              :     /* transcript.message_a size is 0*/
    2677            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2678              :     /* session_transcript.message_k is 0*/
    2679            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    2680            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request7,
    2681              :                                   sizeof(spdm_finish_request_t));
    2682              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    2683            1 :     libspdm_requester_data_sign(
    2684              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    2685              :         spdm_context,
    2686              : #endif
    2687            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    2688              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    2689            1 :             false, libspdm_get_managed_buffer(&th_curr),
    2690              :             libspdm_get_managed_buffer_size(&th_curr),
    2691              :             ptr, &req_asym_signature_size);
    2692              : #endif
    2693            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    2694            1 :     ptr += req_asym_signature_size;
    2695            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2696            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2697              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2698            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2699              :                      request_finished_key, hash_size, ptr);
    2700            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    2701            1 :                                      req_asym_signature_size + hmac_size;
    2702            1 :     response_size = sizeof(response);
    2703            1 :     status = libspdm_get_response_finish(spdm_context,
    2704              :                                          m_libspdm_finish_request7_size,
    2705              :                                          &m_libspdm_finish_request7,
    2706              :                                          &response_size, response);
    2707            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2708            1 :     spdm_response = (void *)response;
    2709            1 :     assert_int_equal(spdm_response->header.request_response_code,
    2710              :                      SPDM_FINISH_RSP);
    2711            1 :     assert_int_equal(response_size,
    2712              :                      sizeof(spdm_finish_response_t) + hmac_size);
    2713            1 :     free(data1);
    2714            1 :     free(data2);
    2715            1 : }
    2716              : 
    2717              : /**
    2718              :  * Test 23: Same as test case 22 but test signature endianness.
    2719              :  * Big-Endian Sign. Little-Endian Verify.
    2720              :  * Expecting signature to fail.
    2721              :  **/
    2722            1 : void libspdm_test_responder_finish_case23(void** state)
    2723              : {
    2724              :     libspdm_return_t status;
    2725              :     libspdm_test_context_t* spdm_test_context;
    2726              :     libspdm_context_t* spdm_context;
    2727              :     size_t response_size;
    2728              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2729              :     spdm_finish_response_t* spdm_response;
    2730              :     void* data1;
    2731              :     size_t data_size1;
    2732              :     void* data2;
    2733              :     size_t data_size2;
    2734              :     uint8_t* ptr;
    2735              :     uint8_t* cert_buffer;
    2736              :     size_t cert_buffer_size;
    2737              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2738              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2739              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2740              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2741              :     libspdm_session_info_t* session_info;
    2742              :     uint32_t session_id;
    2743              :     uint32_t hash_size;
    2744              :     uint32_t hmac_size;
    2745              :     size_t req_asym_signature_size;
    2746              : 
    2747            1 :     spdm_test_context = *state;
    2748            1 :     spdm_context = spdm_test_context->spdm_context;
    2749            1 :     spdm_test_context->case_id = 23;
    2750            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2751              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2752            1 :     spdm_context->connection_info.connection_state =
    2753              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2754            1 :     spdm_context->connection_info.capability.flags |=
    2755              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2756            1 :     spdm_context->local_context.capability.flags |=
    2757              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2758            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2759              :         m_libspdm_use_hash_algo;
    2760            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2761              :         m_libspdm_use_asym_algo;
    2762            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2763              :         m_libspdm_use_req_asym_algo;
    2764            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2765              :         m_libspdm_use_measurement_spec;
    2766            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2767              :         m_libspdm_use_measurement_hash_algo;
    2768            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2769              :         m_libspdm_use_dhe_algo;
    2770            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2771              :         m_libspdm_use_aead_algo;
    2772            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2773              :                                                     m_libspdm_use_asym_algo, &data1,
    2774              :                                                     &data_size1, NULL, NULL);
    2775            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2776            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2777              :         data_size1;
    2778            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2779            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2780              :         data_size1;
    2781            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    2782              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
    2783              : 
    2784            1 :     libspdm_reset_message_a(spdm_context);
    2785            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2786            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    2787              :                                                     m_libspdm_use_req_asym_algo, &data2,
    2788              :                                                     &data_size2, NULL, NULL);
    2789              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    2790              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    2791              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    2792              :                      data2, data_size2);
    2793              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    2794              :         data_size2;
    2795              : #else
    2796            1 :     libspdm_hash_all(
    2797              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2798              :         data2, data_size2,
    2799            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    2800            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    2801            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    2802            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    2803              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2804            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    2805              :         data2,
    2806              :         data_size2,
    2807              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    2808              : #endif
    2809            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    2810              : 
    2811            1 :     session_id = 0xFFFFFFFF;
    2812            1 :     spdm_context->latest_session_id = session_id;
    2813            1 :     session_info = &spdm_context->session_info[0];
    2814            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2815            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2816            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2817            1 :     libspdm_secured_message_set_request_finished_key(
    2818              :         session_info->secured_message_context, m_dummy_buffer,
    2819              :         hash_size);
    2820            1 :     libspdm_secured_message_set_session_state(
    2821              :         session_info->secured_message_context,
    2822              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2823            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2824              : 
    2825            1 :     spdm_context->connection_info.capability.flags |=
    2826              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2827            1 :     spdm_context->local_context.capability.flags |=
    2828              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2829            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2830            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2831            1 :     req_asym_signature_size =
    2832            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    2833            1 :     ptr = m_libspdm_finish_request7.signature;
    2834            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    2835            1 :     cert_buffer = (uint8_t*)data1;
    2836            1 :     cert_buffer_size = data_size1;
    2837            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2838              :                      cert_buffer_hash);
    2839            1 :     cert_buffer = (uint8_t*)data2;
    2840            1 :     cert_buffer_size = data_size2;
    2841            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    2842              :                      req_cert_buffer_hash);
    2843              :     /* transcript.message_a size is 0*/
    2844            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    2845              :     /* session_transcript.message_k is 0*/
    2846            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    2847            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    2848              :                                   sizeof(spdm_finish_request_t));
    2849              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    2850            1 :     libspdm_requester_data_sign(
    2851              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    2852              :         spdm_context,
    2853              : #endif
    2854            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    2855              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    2856            1 :             false, libspdm_get_managed_buffer(&th_curr),
    2857              :             libspdm_get_managed_buffer_size(&th_curr),
    2858              :             ptr, &req_asym_signature_size);
    2859              : #endif
    2860            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    2861            1 :     ptr += req_asym_signature_size;
    2862            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    2863            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    2864              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    2865            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    2866              :                      request_finished_key, hash_size, ptr);
    2867            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    2868            1 :                                      req_asym_signature_size + hmac_size;
    2869            1 :     response_size = sizeof(response);
    2870            1 :     status = libspdm_get_response_finish(spdm_context,
    2871              :                                          m_libspdm_finish_request7_size,
    2872              :                                          &m_libspdm_finish_request7,
    2873              :                                          &response_size, response);
    2874            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    2875            1 :     spdm_response = (void*)response;
    2876              : 
    2877              :     /* Expecting failure on little-endian signature */
    2878            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
    2879            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    2880            1 :     free(data1);
    2881            1 :     free(data2);
    2882            1 : }
    2883              : 
    2884              : /**
    2885              :  * Test 24: Same as test case 22 but test signature endianness.
    2886              :  * Big-Endian Sign. Big-Endian Verify.
    2887              :  * Expecting signature to PASS.
    2888              :  **/
    2889            1 : void libspdm_test_responder_finish_case24(void** state)
    2890              : {
    2891              :     libspdm_return_t status;
    2892              :     libspdm_test_context_t* spdm_test_context;
    2893              :     libspdm_context_t* spdm_context;
    2894              :     size_t response_size;
    2895              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    2896              :     spdm_finish_response_t* spdm_response;
    2897              :     void* data1;
    2898              :     size_t data_size1;
    2899              :     void* data2;
    2900              :     size_t data_size2;
    2901              :     uint8_t* ptr;
    2902              :     uint8_t* cert_buffer;
    2903              :     size_t cert_buffer_size;
    2904              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2905              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    2906              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    2907              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    2908              :     libspdm_session_info_t* session_info;
    2909              :     uint32_t session_id;
    2910              :     uint32_t hash_size;
    2911              :     uint32_t hmac_size;
    2912              :     size_t req_asym_signature_size;
    2913              : 
    2914            1 :     spdm_test_context = *state;
    2915            1 :     spdm_context = spdm_test_context->spdm_context;
    2916            1 :     spdm_test_context->case_id = 24;
    2917            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    2918              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    2919            1 :     spdm_context->connection_info.connection_state =
    2920              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    2921            1 :     spdm_context->connection_info.capability.flags |=
    2922              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    2923            1 :     spdm_context->local_context.capability.flags |=
    2924              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    2925            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    2926              :         m_libspdm_use_hash_algo;
    2927            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    2928              :         m_libspdm_use_asym_algo;
    2929            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    2930              :         m_libspdm_use_req_asym_algo;
    2931            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    2932              :         m_libspdm_use_measurement_spec;
    2933            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    2934              :         m_libspdm_use_measurement_hash_algo;
    2935            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    2936              :         m_libspdm_use_dhe_algo;
    2937            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    2938              :         m_libspdm_use_aead_algo;
    2939            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    2940              :                                                     m_libspdm_use_asym_algo, &data1,
    2941              :                                                     &data_size1, NULL, NULL);
    2942            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    2943            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    2944              :         data_size1;
    2945            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    2946            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    2947              :         data_size1;
    2948            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    2949              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
    2950              : 
    2951            1 :     libspdm_reset_message_a(spdm_context);
    2952            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2953            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    2954              :                                                     m_libspdm_use_req_asym_algo, &data2,
    2955              :                                                     &data_size2, NULL, NULL);
    2956              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    2957              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    2958              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    2959              :                      data2, data_size2);
    2960              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    2961              :         data_size2;
    2962              : #else
    2963            1 :     libspdm_hash_all(
    2964              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2965              :         data2, data_size2,
    2966            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    2967            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    2968            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    2969            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    2970              :         spdm_context->connection_info.algorithm.base_hash_algo,
    2971            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    2972              :         data2,
    2973              :         data_size2,
    2974              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    2975              : #endif
    2976            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    2977              : 
    2978            1 :     session_id = 0xFFFFFFFF;
    2979            1 :     spdm_context->latest_session_id = session_id;
    2980            1 :     session_info = &spdm_context->session_info[0];
    2981            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    2982            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2983            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    2984            1 :     libspdm_secured_message_set_request_finished_key(
    2985              :         session_info->secured_message_context, m_dummy_buffer,
    2986              :         hash_size);
    2987            1 :     libspdm_secured_message_set_session_state(
    2988              :         session_info->secured_message_context,
    2989              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    2990            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    2991              : 
    2992            1 :     spdm_context->connection_info.capability.flags |=
    2993              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2994            1 :     spdm_context->local_context.capability.flags |=
    2995              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    2996            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2997            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    2998            1 :     req_asym_signature_size =
    2999            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    3000            1 :     ptr = m_libspdm_finish_request7.signature;
    3001            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3002            1 :     cert_buffer = (uint8_t*)data1;
    3003            1 :     cert_buffer_size = data_size1;
    3004            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3005              :                      cert_buffer_hash);
    3006            1 :     cert_buffer = (uint8_t*)data2;
    3007            1 :     cert_buffer_size = data_size2;
    3008            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3009              :                      req_cert_buffer_hash);
    3010              :     /* transcript.message_a size is 0*/
    3011            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3012              :     /* session_transcript.message_k is 0*/
    3013            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    3014            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    3015              :                                   sizeof(spdm_finish_request_t));
    3016              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    3017            1 :     libspdm_requester_data_sign(
    3018              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    3019              :         spdm_context,
    3020              : #endif
    3021            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    3022              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    3023            1 :             false, libspdm_get_managed_buffer(&th_curr),
    3024              :             libspdm_get_managed_buffer_size(&th_curr),
    3025              :             ptr, &req_asym_signature_size);
    3026              : #endif
    3027            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    3028            1 :     ptr += req_asym_signature_size;
    3029            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3030            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3031              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3032            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3033              :                      request_finished_key, hash_size, ptr);
    3034            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    3035            1 :                                      req_asym_signature_size + hmac_size;
    3036            1 :     response_size = sizeof(response);
    3037            1 :     status = libspdm_get_response_finish(spdm_context,
    3038              :                                          m_libspdm_finish_request7_size,
    3039              :                                          &m_libspdm_finish_request7,
    3040              :                                          &response_size, response);
    3041            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3042            1 :     spdm_response = (void*)response;
    3043              : 
    3044              :     /* Expecting pass on big-endian signature */
    3045            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_FINISH_RSP);
    3046            1 :     assert_int_equal(response_size, sizeof(spdm_finish_response_t) + hmac_size);
    3047            1 :     free(data1);
    3048            1 :     free(data2);
    3049            1 : }
    3050              : 
    3051              : /**
    3052              :  * Test 25: Same as test case 22, but test signature endianness.
    3053              :  * Big Endian Sign. Big or Little Endian Verify.
    3054              :  * Expecting signature to PASS.
    3055              :  **/
    3056            1 : void libspdm_test_responder_finish_case25(void** state)
    3057              : {
    3058              :     libspdm_return_t status;
    3059              :     libspdm_test_context_t* spdm_test_context;
    3060              :     libspdm_context_t* spdm_context;
    3061              :     size_t response_size;
    3062              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3063              :     spdm_finish_response_t* spdm_response;
    3064              :     void* data1;
    3065              :     size_t data_size1;
    3066              :     void* data2;
    3067              :     size_t data_size2;
    3068              :     uint8_t* ptr;
    3069              :     uint8_t* cert_buffer;
    3070              :     size_t cert_buffer_size;
    3071              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3072              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3073              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3074              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3075              :     libspdm_session_info_t* session_info;
    3076              :     uint32_t session_id;
    3077              :     uint32_t hash_size;
    3078              :     uint32_t hmac_size;
    3079              :     size_t req_asym_signature_size;
    3080              : 
    3081            1 :     spdm_test_context = *state;
    3082            1 :     spdm_context = spdm_test_context->spdm_context;
    3083            1 :     spdm_test_context->case_id = 25;
    3084            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    3085              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3086            1 :     spdm_context->connection_info.connection_state =
    3087              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3088            1 :     spdm_context->connection_info.capability.flags |=
    3089              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3090            1 :     spdm_context->local_context.capability.flags |=
    3091              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3092            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3093              :         m_libspdm_use_hash_algo;
    3094            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3095              :         m_libspdm_use_asym_algo;
    3096            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    3097              :         m_libspdm_use_req_asym_algo;
    3098            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3099              :         m_libspdm_use_measurement_spec;
    3100            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3101              :         m_libspdm_use_measurement_hash_algo;
    3102            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3103              :         m_libspdm_use_dhe_algo;
    3104            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3105              :         m_libspdm_use_aead_algo;
    3106            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3107              :                                                     m_libspdm_use_asym_algo, &data1,
    3108              :                                                     &data_size1, NULL, NULL);
    3109            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3110            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3111              :         data_size1;
    3112            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3113            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3114              :         data_size1;
    3115            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    3116              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE;
    3117              : 
    3118            1 :     libspdm_reset_message_a(spdm_context);
    3119            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3120            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    3121              :                                                     m_libspdm_use_req_asym_algo, &data2,
    3122              :                                                     &data_size2, NULL, NULL);
    3123              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    3124              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    3125              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    3126              :                      data2, data_size2);
    3127              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    3128              :         data_size2;
    3129              : #else
    3130            1 :     libspdm_hash_all(
    3131              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3132              :         data2, data_size2,
    3133            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    3134            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    3135            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    3136            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    3137              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3138            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    3139              :         data2,
    3140              :         data_size2,
    3141              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    3142              : #endif
    3143            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    3144              : 
    3145            1 :     session_id = 0xFFFFFFFF;
    3146            1 :     spdm_context->latest_session_id = session_id;
    3147            1 :     session_info = &spdm_context->session_info[0];
    3148            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3149            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3150            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3151            1 :     libspdm_secured_message_set_request_finished_key(
    3152              :         session_info->secured_message_context, m_dummy_buffer,
    3153              :         hash_size);
    3154            1 :     libspdm_secured_message_set_session_state(
    3155              :         session_info->secured_message_context,
    3156              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3157            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3158              : 
    3159            1 :     spdm_context->connection_info.capability.flags |=
    3160              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3161            1 :     spdm_context->local_context.capability.flags |=
    3162              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3163            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3164            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3165            1 :     req_asym_signature_size =
    3166            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    3167            1 :     ptr = m_libspdm_finish_request7.signature;
    3168            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3169            1 :     cert_buffer = (uint8_t*)data1;
    3170            1 :     cert_buffer_size = data_size1;
    3171            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3172              :                      cert_buffer_hash);
    3173            1 :     cert_buffer = (uint8_t*)data2;
    3174            1 :     cert_buffer_size = data_size2;
    3175            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3176              :                      req_cert_buffer_hash);
    3177              :     /* transcript.message_a size is 0*/
    3178            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3179              :     /* session_transcript.message_k is 0*/
    3180            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    3181            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    3182              :                                   sizeof(spdm_finish_request_t));
    3183              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    3184            1 :     libspdm_requester_data_sign(
    3185              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    3186              :         spdm_context,
    3187              : #endif
    3188            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    3189              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    3190            1 :             false, libspdm_get_managed_buffer(&th_curr),
    3191              :             libspdm_get_managed_buffer_size(&th_curr),
    3192              :             ptr, &req_asym_signature_size);
    3193              : #endif
    3194            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    3195            1 :     ptr += req_asym_signature_size;
    3196            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3197            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3198              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3199            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3200              :                      request_finished_key, hash_size, ptr);
    3201            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    3202            1 :                                      req_asym_signature_size + hmac_size;
    3203            1 :     response_size = sizeof(response);
    3204            1 :     status = libspdm_get_response_finish(spdm_context,
    3205              :                                          m_libspdm_finish_request7_size,
    3206              :                                          &m_libspdm_finish_request7,
    3207              :                                          &response_size, response);
    3208            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3209            1 :     spdm_response = (void*)response;
    3210            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_FINISH_RSP);
    3211            1 :     assert_int_equal(response_size, sizeof(spdm_finish_response_t) + hmac_size);
    3212            1 :     free(data1);
    3213            1 :     free(data2);
    3214            1 : }
    3215              : 
    3216              : /**
    3217              :  * Test 26: Same as test case 22, but test endian verification.
    3218              :  * Sign as Little Endian, Verify as Little.
    3219              :  * Expecting signature to PASS.
    3220              :  **/
    3221            1 : void libspdm_test_responder_finish_case26(void** state)
    3222              : {
    3223              :     libspdm_return_t status;
    3224              :     libspdm_test_context_t* spdm_test_context;
    3225              :     libspdm_context_t* spdm_context;
    3226              :     size_t response_size;
    3227              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3228              :     spdm_finish_response_t* spdm_response;
    3229              :     void* data1;
    3230              :     size_t data_size1;
    3231              :     void* data2;
    3232              :     size_t data_size2;
    3233              :     uint8_t* ptr;
    3234              :     uint8_t* cert_buffer;
    3235              :     size_t cert_buffer_size;
    3236              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3237              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3238              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3239              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3240              :     libspdm_session_info_t* session_info;
    3241              :     uint32_t session_id;
    3242              :     uint32_t hash_size;
    3243              :     uint32_t hmac_size;
    3244              :     size_t req_asym_signature_size;
    3245              : 
    3246            1 :     spdm_test_context = *state;
    3247            1 :     spdm_context = spdm_test_context->spdm_context;
    3248            1 :     spdm_test_context->case_id = 26;
    3249            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    3250              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3251            1 :     spdm_context->connection_info.connection_state =
    3252              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3253            1 :     spdm_context->connection_info.capability.flags |=
    3254              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3255            1 :     spdm_context->local_context.capability.flags |=
    3256              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3257            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3258              :         m_libspdm_use_hash_algo;
    3259            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3260              :         m_libspdm_use_asym_algo;
    3261            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    3262              :         m_libspdm_use_req_asym_algo;
    3263            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3264              :         m_libspdm_use_measurement_spec;
    3265            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3266              :         m_libspdm_use_measurement_hash_algo;
    3267            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3268              :         m_libspdm_use_dhe_algo;
    3269            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3270              :         m_libspdm_use_aead_algo;
    3271            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3272              :                                                     m_libspdm_use_asym_algo, &data1,
    3273              :                                                     &data_size1, NULL, NULL);
    3274            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3275            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3276              :         data_size1;
    3277            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3278            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3279              :         data_size1;
    3280            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    3281              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
    3282              : 
    3283            1 :     libspdm_reset_message_a(spdm_context);
    3284            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3285            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    3286              :                                                     m_libspdm_use_req_asym_algo, &data2,
    3287              :                                                     &data_size2, NULL, NULL);
    3288              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    3289              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    3290              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    3291              :                      data2, data_size2);
    3292              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    3293              :         data_size2;
    3294              : #else
    3295            1 :     libspdm_hash_all(
    3296              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3297              :         data2, data_size2,
    3298            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    3299            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    3300            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    3301            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    3302              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3303            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    3304              :         data2,
    3305              :         data_size2,
    3306              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    3307              : #endif
    3308            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    3309              : 
    3310            1 :     session_id = 0xFFFFFFFF;
    3311            1 :     spdm_context->latest_session_id = session_id;
    3312            1 :     session_info = &spdm_context->session_info[0];
    3313            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3314            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3315            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3316            1 :     libspdm_secured_message_set_request_finished_key(
    3317              :         session_info->secured_message_context, m_dummy_buffer,
    3318              :         hash_size);
    3319            1 :     libspdm_secured_message_set_session_state(
    3320              :         session_info->secured_message_context,
    3321              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3322            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3323              : 
    3324            1 :     spdm_context->connection_info.capability.flags |=
    3325              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3326            1 :     spdm_context->local_context.capability.flags |=
    3327              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3328            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3329            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3330            1 :     req_asym_signature_size =
    3331            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    3332            1 :     ptr = m_libspdm_finish_request7.signature;
    3333            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3334            1 :     cert_buffer = (uint8_t*)data1;
    3335            1 :     cert_buffer_size = data_size1;
    3336            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3337              :                      cert_buffer_hash);
    3338            1 :     cert_buffer = (uint8_t*)data2;
    3339            1 :     cert_buffer_size = data_size2;
    3340            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3341              :                      req_cert_buffer_hash);
    3342              :     /* transcript.message_a size is 0*/
    3343            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3344              :     /* session_transcript.message_k is 0*/
    3345            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    3346            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    3347              :                                   sizeof(spdm_finish_request_t));
    3348              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    3349            1 :     libspdm_requester_data_sign(
    3350              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    3351              :         spdm_context,
    3352              : #endif
    3353            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    3354              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    3355            1 :             false, libspdm_get_managed_buffer(&th_curr),
    3356              :             libspdm_get_managed_buffer_size(&th_curr),
    3357              :             ptr, &req_asym_signature_size);
    3358              : 
    3359              :     /* Switch signature to little endian */
    3360            1 :     libspdm_copy_signature_swap_endian(
    3361              :         m_libspdm_use_req_asym_algo,
    3362              :         ptr, req_asym_signature_size,
    3363              :         ptr, req_asym_signature_size);
    3364              : #endif
    3365            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    3366            1 :     ptr += req_asym_signature_size;
    3367            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3368            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3369              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3370            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3371              :                      request_finished_key, hash_size, ptr);
    3372            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    3373            1 :                                      req_asym_signature_size + hmac_size;
    3374            1 :     response_size = sizeof(response);
    3375            1 :     status = libspdm_get_response_finish(spdm_context,
    3376              :                                          m_libspdm_finish_request7_size,
    3377              :                                          &m_libspdm_finish_request7,
    3378              :                                          &response_size, response);
    3379            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3380            1 :     spdm_response = (void*)response;
    3381            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_FINISH_RSP);
    3382            1 :     assert_int_equal(response_size, sizeof(spdm_finish_response_t) + hmac_size);
    3383            1 :     free(data1);
    3384            1 :     free(data2);
    3385            1 : }
    3386              : 
    3387              : /**
    3388              :  * Test 27: Same as test case 22, but test endian verification.
    3389              :  * Sign as Little Endian, Verify as Big.
    3390              :  * Expecting signature to FAIL.
    3391              :  **/
    3392            1 : void libspdm_test_responder_finish_case27(void** state)
    3393              : {
    3394              :     libspdm_return_t status;
    3395              :     libspdm_test_context_t* spdm_test_context;
    3396              :     libspdm_context_t* spdm_context;
    3397              :     size_t response_size;
    3398              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3399              :     spdm_finish_response_t* spdm_response;
    3400              :     void* data1;
    3401              :     size_t data_size1;
    3402              :     void* data2;
    3403              :     size_t data_size2;
    3404              :     uint8_t* ptr;
    3405              :     uint8_t* cert_buffer;
    3406              :     size_t cert_buffer_size;
    3407              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3408              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3409              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3410              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3411              :     libspdm_session_info_t* session_info;
    3412              :     uint32_t session_id;
    3413              :     uint32_t hash_size;
    3414              :     uint32_t hmac_size;
    3415              :     size_t req_asym_signature_size;
    3416              : 
    3417            1 :     spdm_test_context = *state;
    3418            1 :     spdm_context = spdm_test_context->spdm_context;
    3419            1 :     spdm_test_context->case_id = 27;
    3420            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    3421              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3422            1 :     spdm_context->connection_info.connection_state =
    3423              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3424            1 :     spdm_context->connection_info.capability.flags |=
    3425              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3426            1 :     spdm_context->local_context.capability.flags |=
    3427              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3428            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3429              :         m_libspdm_use_hash_algo;
    3430            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3431              :         m_libspdm_use_asym_algo;
    3432            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    3433              :         m_libspdm_use_req_asym_algo;
    3434            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3435              :         m_libspdm_use_measurement_spec;
    3436            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3437              :         m_libspdm_use_measurement_hash_algo;
    3438            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3439              :         m_libspdm_use_dhe_algo;
    3440            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3441              :         m_libspdm_use_aead_algo;
    3442            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3443              :                                                     m_libspdm_use_asym_algo, &data1,
    3444              :                                                     &data_size1, NULL, NULL);
    3445            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3446            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3447              :         data_size1;
    3448            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3449            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3450              :         data_size1;
    3451            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    3452              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY;
    3453              : 
    3454            1 :     libspdm_reset_message_a(spdm_context);
    3455            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3456            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    3457              :                                                     m_libspdm_use_req_asym_algo, &data2,
    3458              :                                                     &data_size2, NULL, NULL);
    3459              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    3460              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    3461              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    3462              :                      data2, data_size2);
    3463              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    3464              :         data_size2;
    3465              : #else
    3466            1 :     libspdm_hash_all(
    3467              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3468              :         data2, data_size2,
    3469            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    3470            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    3471            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    3472            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    3473              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3474            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    3475              :         data2,
    3476              :         data_size2,
    3477              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    3478              : #endif
    3479            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    3480              : 
    3481            1 :     session_id = 0xFFFFFFFF;
    3482            1 :     spdm_context->latest_session_id = session_id;
    3483            1 :     session_info = &spdm_context->session_info[0];
    3484            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3485            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3486            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3487            1 :     libspdm_secured_message_set_request_finished_key(
    3488              :         session_info->secured_message_context, m_dummy_buffer,
    3489              :         hash_size);
    3490            1 :     libspdm_secured_message_set_session_state(
    3491              :         session_info->secured_message_context,
    3492              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3493            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3494              : 
    3495            1 :     spdm_context->connection_info.capability.flags |=
    3496              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3497            1 :     spdm_context->local_context.capability.flags |=
    3498              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3499            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3500            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3501            1 :     req_asym_signature_size =
    3502            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    3503            1 :     ptr = m_libspdm_finish_request7.signature;
    3504            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3505            1 :     cert_buffer = (uint8_t*)data1;
    3506            1 :     cert_buffer_size = data_size1;
    3507            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3508              :                      cert_buffer_hash);
    3509            1 :     cert_buffer = (uint8_t*)data2;
    3510            1 :     cert_buffer_size = data_size2;
    3511            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3512              :                      req_cert_buffer_hash);
    3513              :     /* transcript.message_a size is 0*/
    3514            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3515              :     /* session_transcript.message_k is 0*/
    3516            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    3517            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    3518              :                                   sizeof(spdm_finish_request_t));
    3519              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    3520            1 :     libspdm_requester_data_sign(
    3521              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    3522              :         spdm_context,
    3523              : #endif
    3524            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    3525              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    3526            1 :             false, libspdm_get_managed_buffer(&th_curr),
    3527              :             libspdm_get_managed_buffer_size(&th_curr),
    3528              :             ptr, &req_asym_signature_size);
    3529              : 
    3530              :     /* Switch signature to little endian */
    3531            1 :     libspdm_copy_signature_swap_endian(
    3532              :         m_libspdm_use_req_asym_algo,
    3533              :         ptr, req_asym_signature_size,
    3534              :         ptr, req_asym_signature_size);
    3535              : #endif
    3536            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    3537            1 :     ptr += req_asym_signature_size;
    3538            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3539            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3540              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3541            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3542              :                      request_finished_key, hash_size, ptr);
    3543            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    3544            1 :                                      req_asym_signature_size + hmac_size;
    3545            1 :     response_size = sizeof(response);
    3546            1 :     status = libspdm_get_response_finish(spdm_context,
    3547              :                                          m_libspdm_finish_request7_size,
    3548              :                                          &m_libspdm_finish_request7,
    3549              :                                          &response_size, response);
    3550            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3551            1 :     spdm_response = (void*)response;
    3552            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR);
    3553            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    3554            1 :     free(data1);
    3555            1 :     free(data2);
    3556            1 : }
    3557              : 
    3558              : /**
    3559              :  * Test 28: Same as test case 22, but test endian verification.
    3560              :  * Sign as Little Endian, Verify as Big Or Little.
    3561              :  * Expecting signature to PASS.
    3562              :  **/
    3563            1 : void libspdm_test_responder_finish_case28(void** state)
    3564              : {
    3565              :     libspdm_return_t status;
    3566              :     libspdm_test_context_t* spdm_test_context;
    3567              :     libspdm_context_t* spdm_context;
    3568              :     size_t response_size;
    3569              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3570              :     spdm_finish_response_t* spdm_response;
    3571              :     void* data1;
    3572              :     size_t data_size1;
    3573              :     void* data2;
    3574              :     size_t data_size2;
    3575              :     uint8_t* ptr;
    3576              :     uint8_t* cert_buffer;
    3577              :     size_t cert_buffer_size;
    3578              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3579              :     uint8_t req_cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3580              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3581              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3582              :     libspdm_session_info_t* session_info;
    3583              :     uint32_t session_id;
    3584              :     uint32_t hash_size;
    3585              :     uint32_t hmac_size;
    3586              :     size_t req_asym_signature_size;
    3587              : 
    3588            1 :     spdm_test_context = *state;
    3589            1 :     spdm_context = spdm_test_context->spdm_context;
    3590            1 :     spdm_test_context->case_id = 28;
    3591            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    3592              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3593            1 :     spdm_context->connection_info.connection_state =
    3594              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3595            1 :     spdm_context->connection_info.capability.flags |=
    3596              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3597            1 :     spdm_context->local_context.capability.flags |=
    3598              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3599            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3600              :         m_libspdm_use_hash_algo;
    3601            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3602              :         m_libspdm_use_asym_algo;
    3603            1 :     spdm_context->connection_info.algorithm.req_base_asym_alg =
    3604              :         m_libspdm_use_req_asym_algo;
    3605            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3606              :         m_libspdm_use_measurement_spec;
    3607            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3608              :         m_libspdm_use_measurement_hash_algo;
    3609            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3610              :         m_libspdm_use_dhe_algo;
    3611            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3612              :         m_libspdm_use_aead_algo;
    3613            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3614              :                                                     m_libspdm_use_asym_algo, &data1,
    3615              :                                                     &data_size1, NULL, NULL);
    3616            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3617            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3618              :         data_size1;
    3619            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3620            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3621              :         data_size1;
    3622            1 :     spdm_context->spdm_10_11_verify_signature_endian =
    3623              :         LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY;
    3624              : 
    3625            1 :     libspdm_reset_message_a(spdm_context);
    3626            1 :     spdm_context->local_context.mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3627            1 :     libspdm_read_requester_public_certificate_chain(m_libspdm_use_hash_algo,
    3628              :                                                     m_libspdm_use_req_asym_algo, &data2,
    3629              :                                                     &data_size2, NULL, NULL);
    3630              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    3631              :     libspdm_copy_mem(spdm_context->connection_info.peer_used_cert_chain[0].buffer,
    3632              :                      sizeof(spdm_context->connection_info.peer_used_cert_chain[0].buffer),
    3633              :                      data2, data_size2);
    3634              :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_size =
    3635              :         data_size2;
    3636              : #else
    3637            1 :     libspdm_hash_all(
    3638              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3639              :         data2, data_size2,
    3640            1 :         spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash);
    3641            1 :     spdm_context->connection_info.peer_used_cert_chain[0].buffer_hash_size =
    3642            1 :         libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
    3643            1 :     libspdm_get_leaf_cert_public_key_from_cert_chain(
    3644              :         spdm_context->connection_info.algorithm.base_hash_algo,
    3645            1 :         spdm_context->connection_info.algorithm.req_base_asym_alg,
    3646              :         data2,
    3647              :         data_size2,
    3648              :         &spdm_context->connection_info.peer_used_cert_chain[0].leaf_cert_public_key);
    3649              : #endif
    3650            1 :     spdm_context->connection_info.peer_used_cert_chain_slot_id = 0;
    3651              : 
    3652            1 :     session_id = 0xFFFFFFFF;
    3653            1 :     spdm_context->latest_session_id = session_id;
    3654            1 :     session_info = &spdm_context->session_info[0];
    3655            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3656            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3657            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3658            1 :     libspdm_secured_message_set_request_finished_key(
    3659              :         session_info->secured_message_context, m_dummy_buffer,
    3660              :         hash_size);
    3661            1 :     libspdm_secured_message_set_session_state(
    3662              :         session_info->secured_message_context,
    3663              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3664            1 :     session_info->mut_auth_requested = SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED;
    3665              : 
    3666            1 :     spdm_context->connection_info.capability.flags |=
    3667              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3668            1 :     spdm_context->local_context.capability.flags |=
    3669              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3670            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3671            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3672            1 :     req_asym_signature_size =
    3673            1 :         libspdm_get_req_asym_signature_size(m_libspdm_use_req_asym_algo);
    3674            1 :     ptr = m_libspdm_finish_request7.signature;
    3675            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3676            1 :     cert_buffer = (uint8_t*)data1;
    3677            1 :     cert_buffer_size = data_size1;
    3678            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3679              :                      cert_buffer_hash);
    3680            1 :     cert_buffer = (uint8_t*)data2;
    3681            1 :     cert_buffer_size = data_size2;
    3682            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3683              :                      req_cert_buffer_hash);
    3684              :     /* transcript.message_a size is 0*/
    3685            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3686              :     /* session_transcript.message_k is 0*/
    3687            1 :     libspdm_append_managed_buffer(&th_curr, req_cert_buffer_hash, hash_size);
    3688            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t*)&m_libspdm_finish_request7,
    3689              :                                   sizeof(spdm_finish_request_t));
    3690              : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
    3691            1 :     libspdm_requester_data_sign(
    3692              : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
    3693              :         spdm_context,
    3694              : #endif
    3695            1 :         m_libspdm_finish_request7.header.spdm_version << SPDM_VERSION_NUMBER_SHIFT_BIT, SPDM_FINISH,
    3696              :             m_libspdm_use_req_asym_algo, m_libspdm_use_req_pqc_asym_algo, m_libspdm_use_hash_algo,
    3697            1 :             false, libspdm_get_managed_buffer(&th_curr),
    3698              :             libspdm_get_managed_buffer_size(&th_curr),
    3699              :             ptr, &req_asym_signature_size);
    3700              : 
    3701              :     /* Switch signature to little endian */
    3702            1 :     libspdm_copy_signature_swap_endian(
    3703              :         m_libspdm_use_req_asym_algo,
    3704              :         ptr, req_asym_signature_size,
    3705              :         ptr, req_asym_signature_size);
    3706              : #endif
    3707            1 :     libspdm_append_managed_buffer(&th_curr, ptr, req_asym_signature_size);
    3708            1 :     ptr += req_asym_signature_size;
    3709            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3710            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3711              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3712            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3713              :                      request_finished_key, hash_size, ptr);
    3714            1 :     m_libspdm_finish_request7_size = sizeof(spdm_finish_request_t) +
    3715            1 :                                      req_asym_signature_size + hmac_size;
    3716            1 :     response_size = sizeof(response);
    3717            1 :     status = libspdm_get_response_finish(spdm_context,
    3718              :                                          m_libspdm_finish_request7_size,
    3719              :                                          &m_libspdm_finish_request7,
    3720              :                                          &response_size, response);
    3721            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3722            1 :     spdm_response = (void*)response;
    3723            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_FINISH_RSP);
    3724            1 :     assert_int_equal(response_size, sizeof(spdm_finish_response_t) + hmac_size);
    3725            1 :     free(data1);
    3726            1 :     free(data2);
    3727            1 : }
    3728              : 
    3729              : /**
    3730              :  * Test 29: Receive the correct FINISH from the requester, and
    3731              :  * the requester and responder have not set HANDSHAKE_IN_THE_CLEAR.
    3732              :  * Expected behavior: the responder accepts the request and produces a valid
    3733              :  * FINISH_RSP response message, and The ResponderVerifyData field is absent.
    3734              :  **/
    3735            1 : void libspdm_test_responder_finish_case29(void **state)
    3736              : {
    3737              :     libspdm_return_t status;
    3738              :     libspdm_test_context_t *spdm_test_context;
    3739              :     libspdm_context_t *spdm_context;
    3740              :     size_t response_size;
    3741              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3742              :     spdm_finish_response_t *spdm_response;
    3743              :     void *data1;
    3744              :     size_t data_size1;
    3745              :     uint8_t *ptr;
    3746              :     uint8_t *cert_buffer;
    3747              :     size_t cert_buffer_size;
    3748              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3749              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3750              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3751              :     libspdm_session_info_t *session_info;
    3752              :     uint32_t session_id;
    3753              :     uint32_t hash_size;
    3754              :     uint32_t hmac_size;
    3755              : 
    3756            1 :     spdm_test_context = *state;
    3757            1 :     spdm_context = spdm_test_context->spdm_context;
    3758            1 :     spdm_test_context->case_id = 29;
    3759            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    3760              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3761            1 :     spdm_context->connection_info.connection_state =
    3762              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3763            1 :     spdm_context->connection_info.capability.flags |=
    3764              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3765            1 :     spdm_context->local_context.capability.flags |=
    3766              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3767              : 
    3768            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3769              :         m_libspdm_use_hash_algo;
    3770            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3771              :         m_libspdm_use_asym_algo;
    3772            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3773              :         m_libspdm_use_measurement_spec;
    3774            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3775              :         m_libspdm_use_measurement_hash_algo;
    3776            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3777              :         m_libspdm_use_dhe_algo;
    3778            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3779              :         m_libspdm_use_aead_algo;
    3780            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3781              :                                                     m_libspdm_use_asym_algo, &data1,
    3782              :                                                     &data_size1, NULL, NULL);
    3783            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3784            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3785              :         data_size1;
    3786            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3787            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3788              :         data_size1;
    3789              : 
    3790            1 :     libspdm_reset_message_a(spdm_context);
    3791            1 :     spdm_context->local_context.mut_auth_requested = 0;
    3792              : 
    3793              :     /* The requester and responder have not set HANDSHAKE_IN_THE_CLEAR*/
    3794            1 :     spdm_context->connection_info.capability.flags &=
    3795              :         ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3796            1 :     spdm_context->local_context.capability.flags &=
    3797              :         ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3798              : 
    3799            1 :     session_id = 0xFFFFFFFF;
    3800            1 :     spdm_context->latest_session_id = session_id;
    3801            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    3802            1 :     spdm_context->last_spdm_request_session_id = session_id;
    3803            1 :     session_info = &spdm_context->session_info[0];
    3804            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3805              : 
    3806            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3807            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3808              : 
    3809            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3810            1 :     libspdm_secured_message_set_request_finished_key(
    3811              :         session_info->secured_message_context, m_dummy_buffer,
    3812              :         hash_size);
    3813            1 :     libspdm_secured_message_set_session_state(
    3814              :         session_info->secured_message_context,
    3815              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3816              : 
    3817            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3818            1 :     ptr = m_libspdm_finish_request1.signature;
    3819            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3820            1 :     cert_buffer = (uint8_t *)data1;
    3821            1 :     cert_buffer_size = data_size1;
    3822            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3823              :                      cert_buffer_hash);
    3824              :     /* transcript.message_a size is 0*/
    3825            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3826              :     /* session_transcript.message_k is 0*/
    3827            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request1,
    3828              :                                   sizeof(spdm_finish_request_t));
    3829            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3830            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3831              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3832            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3833              :                      request_finished_key, hash_size, ptr);
    3834            1 :     m_libspdm_finish_request1_size = sizeof(spdm_finish_request_t) + hmac_size;
    3835            1 :     response_size = sizeof(response);
    3836            1 :     status = libspdm_get_response_finish(spdm_context,
    3837              :                                          m_libspdm_finish_request1_size,
    3838              :                                          &m_libspdm_finish_request1,
    3839              :                                          &response_size, response);
    3840            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3841              :     /* The ResponderVerifyData field shall be absent.*/
    3842            1 :     assert_int_equal(response_size,
    3843              :                      sizeof(spdm_finish_response_t));
    3844            1 :     spdm_response = (void *)response;
    3845            1 :     assert_int_equal(spdm_response->header.request_response_code,
    3846              :                      SPDM_FINISH_RSP);
    3847            1 :     free(data1);
    3848            1 : }
    3849              : 
    3850              : /**
    3851              :  * Test 30: SPDM version 1.4, with OpaqueData.
    3852              :  * Expected behavior: the responder accepts the request and produces a valid
    3853              :  * FINISH_RSP response message.
    3854              :  **/
    3855            1 : void libspdm_test_responder_finish_case30(void **state)
    3856              : {
    3857              :     libspdm_return_t status;
    3858              :     libspdm_test_context_t *spdm_test_context;
    3859              :     libspdm_context_t *spdm_context;
    3860              :     size_t response_size;
    3861              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    3862              :     spdm_finish_response_t *spdm_response;
    3863              :     void *data1;
    3864              :     size_t data_size1;
    3865              :     uint8_t *ptr;
    3866              :     uint8_t *cert_buffer;
    3867              :     size_t cert_buffer_size;
    3868              :     uint8_t cert_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
    3869              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    3870              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    3871              :     libspdm_session_info_t *session_info;
    3872              :     uint32_t session_id;
    3873              :     uint32_t hash_size;
    3874              :     uint32_t hmac_size;
    3875              : 
    3876            1 :     spdm_test_context = *state;
    3877            1 :     spdm_context = spdm_test_context->spdm_context;
    3878            1 :     spdm_test_context->case_id = 30;
    3879            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
    3880              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    3881            1 :     spdm_context->connection_info.connection_state =
    3882              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    3883            1 :     spdm_context->connection_info.capability.flags |=
    3884              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP;
    3885            1 :     spdm_context->local_context.capability.flags |=
    3886              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP;
    3887              : 
    3888            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    3889              :         m_libspdm_use_hash_algo;
    3890            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    3891              :         m_libspdm_use_asym_algo;
    3892            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    3893              :         m_libspdm_use_measurement_spec;
    3894            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    3895              :         m_libspdm_use_measurement_hash_algo;
    3896            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    3897              :         m_libspdm_use_dhe_algo;
    3898            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    3899              :         m_libspdm_use_aead_algo;
    3900            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    3901              :                                                     m_libspdm_use_asym_algo, &data1,
    3902              :                                                     &data_size1, NULL, NULL);
    3903            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    3904            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    3905              :         data_size1;
    3906            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    3907            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    3908              :         data_size1;
    3909              : 
    3910            1 :     libspdm_reset_message_a(spdm_context);
    3911            1 :     spdm_context->local_context.mut_auth_requested = 0;
    3912              : 
    3913              :     /* The requester and responder have not set HANDSHAKE_IN_THE_CLEAR*/
    3914            1 :     spdm_context->connection_info.capability.flags &=
    3915              :         ~SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3916            1 :     spdm_context->local_context.capability.flags &=
    3917              :         ~SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP;
    3918              : 
    3919            1 :     session_id = 0xFFFFFFFF;
    3920            1 :     spdm_context->latest_session_id = session_id;
    3921            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    3922            1 :     spdm_context->last_spdm_request_session_id = session_id;
    3923            1 :     session_info = &spdm_context->session_info[0];
    3924            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, false);
    3925              : 
    3926            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3927            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3928              : 
    3929            1 :     libspdm_set_mem(m_dummy_buffer, hash_size, (uint8_t)(0xFF));
    3930            1 :     libspdm_secured_message_set_request_finished_key(
    3931              :         session_info->secured_message_context, m_dummy_buffer,
    3932              :         hash_size);
    3933            1 :     libspdm_secured_message_set_session_state(
    3934              :         session_info->secured_message_context,
    3935              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    3936              : 
    3937            1 :     m_libspdm_finish_request8.opaque_data_size = sizeof(m_libspdm_finish_request8.opaque_data);
    3938              : 
    3939            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    3940            1 :     ptr = m_libspdm_finish_request8.signature;
    3941            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    3942            1 :     cert_buffer = (uint8_t *)data1;
    3943            1 :     cert_buffer_size = data_size1;
    3944            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, cert_buffer, cert_buffer_size,
    3945              :                      cert_buffer_hash);
    3946              :     /* transcript.message_a size is 0*/
    3947            1 :     libspdm_append_managed_buffer(&th_curr, cert_buffer_hash, hash_size);
    3948              :     /* session_transcript.message_k is 0*/
    3949            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_finish_request8,
    3950              :                                   sizeof(spdm_finish_request_t) + sizeof(uint16_t) +
    3951            1 :                                   m_libspdm_finish_request8.opaque_data_size);
    3952            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    3953            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    3954              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    3955            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    3956              :                      request_finished_key, hash_size, ptr);
    3957            1 :     m_libspdm_finish_request8_size = sizeof(spdm_finish_request_t) + hmac_size +
    3958            1 :                                      sizeof(uint16_t) + m_libspdm_finish_request8.opaque_data_size;
    3959            1 :     response_size = sizeof(response);
    3960            1 :     status = libspdm_get_response_finish(spdm_context,
    3961              :                                          m_libspdm_finish_request8_size,
    3962              :                                          &m_libspdm_finish_request8,
    3963              :                                          &response_size, response);
    3964            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    3965              :     /* The ResponderVerifyData field shall be absent.*/
    3966            1 :     ptr = (uint8_t *)response + sizeof(spdm_finish_response_t);
    3967            1 :     assert_int_equal(response_size,
    3968              :                      sizeof(spdm_finish_response_t) + sizeof(uint16_t) +
    3969              :                      libspdm_read_uint16(ptr));
    3970            1 :     spdm_response = (void *)response;
    3971            1 :     assert_int_equal(spdm_response->header.request_response_code,
    3972              :                      SPDM_FINISH_RSP);
    3973            1 :     free(data1);
    3974            1 : }
    3975              : 
    3976            1 : int libspdm_responder_finish_test_main(void)
    3977              : {
    3978            1 :     const struct CMUnitTest spdm_responder_finish_tests[] = {
    3979              :         /* Success Case*/
    3980              :         cmocka_unit_test(libspdm_test_responder_finish_case1),
    3981              :         /* Can be populated with new test.*/
    3982              :         cmocka_unit_test(libspdm_test_responder_finish_case2),
    3983              :         /* response_state: SPDM_RESPONSE_STATE_BUSY*/
    3984              :         cmocka_unit_test(libspdm_test_responder_finish_case3),
    3985              :         /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
    3986              :         cmocka_unit_test(libspdm_test_responder_finish_case4),
    3987              :         #if LIBSPDM_RESPOND_IF_READY_SUPPORT
    3988              :         /* response_state: LIBSPDM_RESPONSE_STATE_NOT_READY*/
    3989              :         cmocka_unit_test(libspdm_test_responder_finish_case5),
    3990              :         #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
    3991              :         /* connection_state Check*/
    3992              :         cmocka_unit_test(libspdm_test_responder_finish_case6),
    3993              :         /* Buffer reset*/
    3994              :         cmocka_unit_test(libspdm_test_responder_finish_case7),
    3995              :         /* Success Case*/
    3996              :         cmocka_unit_test(libspdm_test_responder_finish_case8),
    3997              :         /* Unsupported KEY_EX capabilities*/
    3998              :         cmocka_unit_test(libspdm_test_responder_finish_case9),
    3999              :         /* Uninitialized session*/
    4000              :         cmocka_unit_test(libspdm_test_responder_finish_case10),
    4001              :         /* Incorrect MAC*/
    4002              :         cmocka_unit_test(libspdm_test_responder_finish_case11),
    4003              :         cmocka_unit_test(libspdm_test_responder_finish_case12),
    4004              :         /* Can be populated with new test.*/
    4005              :         cmocka_unit_test(libspdm_test_responder_finish_case13),
    4006              :         cmocka_unit_test(libspdm_test_responder_finish_case14),
    4007              :         /* Incorrect signature*/
    4008              :         cmocka_unit_test(libspdm_test_responder_finish_case15),
    4009              :         cmocka_unit_test(libspdm_test_responder_finish_case16),
    4010              :         /* Buffer verification*/
    4011              :         cmocka_unit_test(libspdm_test_responder_finish_case17),
    4012              :         /* Success Case, enable mutual authentication and use slot_id 0xFF */
    4013              :         cmocka_unit_test(libspdm_test_responder_finish_case18),
    4014              :         /* Invalid SlotID in FINISH request message when mutual authentication */
    4015              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case19, libspdm_unit_test_group_setup),
    4016              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case20, libspdm_unit_test_group_setup),
    4017              :         /* If FINISH.Param1 != 0x01, then FINISH.Param2 is reserved, shall be ignored when read */
    4018              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case21, libspdm_unit_test_group_setup),
    4019              :         /* If KEY_EXCHANGE_RSP.MutAuthRequested equals neither 0x02 nor 0x04, FINISH.Param2 no need match ENCAPSULATED_RESPONSE_ACK.EncapsulatedRequest */
    4020              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case22, libspdm_unit_test_group_setup),
    4021              :         /* Big Endian Sign - Little Endian Verify */
    4022              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case23, libspdm_unit_test_group_setup),
    4023              :         /* Big Endian Sign - Big Endian Verify */
    4024              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case24, libspdm_unit_test_group_setup),
    4025              :         /* Big Endian Sign - Big or Little Endian Verify */
    4026              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case25, libspdm_unit_test_group_setup),
    4027              :         /* Little Endian Sign - Little Endian Verify*/
    4028              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case26, libspdm_unit_test_group_setup),
    4029              :         /* Little Endian Sign - Big Endian Verify */
    4030              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case27, libspdm_unit_test_group_setup),
    4031              :         /* Little Endian Sign - Big or Little Endian Verify */
    4032              :         cmocka_unit_test_setup(libspdm_test_responder_finish_case28, libspdm_unit_test_group_setup),
    4033              :         /* The requester and responder have not set HANDSHAKE_IN_THE_CLEAR*/
    4034              :         cmocka_unit_test(libspdm_test_responder_finish_case29),
    4035              :         /* SPDM 1.4 with OpaqueData */
    4036              :         cmocka_unit_test(libspdm_test_responder_finish_case30),
    4037              :     };
    4038              : 
    4039            1 :     libspdm_test_context_t test_context = {
    4040              :         LIBSPDM_TEST_CONTEXT_VERSION,
    4041              :         false,
    4042              :     };
    4043              : 
    4044            1 :     libspdm_setup_test_context(&test_context);
    4045              : 
    4046            1 :     return cmocka_run_group_tests(spdm_responder_finish_tests,
    4047              :                                   libspdm_unit_test_group_setup,
    4048              :                                   libspdm_unit_test_group_teardown);
    4049              : }
    4050              : 
    4051              : #endif /* LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP*/
        

Generated by: LCOV version 2.0-1