LCOV - code coverage report
Current view: top level - unit_test/test_spdm_responder - psk_finish.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 100.0 % 788 788
Test Date: 2025-08-24 08:11:14 Functions: 100.0 % 17 17

            Line data    Source code
       1              : /**
       2              :  *  Copyright Notice:
       3              :  *  Copyright 2021-2025 DMTF. All rights reserved.
       4              :  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
       5              :  **/
       6              : 
       7              : #include "spdm_unit_test.h"
       8              : #include "internal/libspdm_responder_lib.h"
       9              : #include "internal/libspdm_secured_message_lib.h"
      10              : 
      11              : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
      12              : #pragma pack(1)
      13              : typedef struct {
      14              :     spdm_message_header_t header;
      15              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      16              : } libspdm_psk_finish_request_mine_t;
      17              : 
      18              : typedef struct {
      19              :     spdm_message_header_t header;
      20              :     uint16_t opaque_data_size;
      21              :     uint8_t opaque_data[8];
      22              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      23              : } libspdm_psk_finish_request_mine_14_t;
      24              : #pragma pack()
      25              : 
      26              : static libspdm_th_managed_buffer_t th_curr;
      27              : 
      28              : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request1 = {
      29              :     { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
      30              : };
      31              : size_t m_libspdm_psk_finish_request1_size = sizeof(m_libspdm_psk_finish_request1);
      32              : 
      33              : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request2 = {
      34              :     { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
      35              : };
      36              : size_t m_libspdm_psk_finish_request2_size = LIBSPDM_MAX_SPDM_MSG_SIZE;
      37              : 
      38              : libspdm_psk_finish_request_mine_14_t m_libspdm_psk_finish_request3 = {
      39              :     { SPDM_MESSAGE_VERSION_14, SPDM_PSK_FINISH, 0, 0 },
      40              : };
      41              : size_t m_libspdm_psk_finish_request3_size = sizeof(m_libspdm_psk_finish_request3);
      42              : 
      43              : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
      44              : 
      45           15 : static void libspdm_secured_message_set_request_finished_key(
      46              :     void *spdm_secured_message_context, const void *key, size_t key_size)
      47              : {
      48              :     libspdm_secured_message_context_t *secured_message_context;
      49              : 
      50           15 :     secured_message_context = spdm_secured_message_context;
      51           15 :     LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
      52           15 :     libspdm_copy_mem(secured_message_context->handshake_secret.request_finished_key,
      53              :                      sizeof(secured_message_context->handshake_secret.request_finished_key),
      54              :                      key, secured_message_context->hash_size);
      55           15 : }
      56              : 
      57              : /**
      58              :  * Test 1: receiving a correct PSK_FINISH message from the requester with a
      59              :  * correct MAC.
      60              :  * Expected behavior: the responder accepts the request and produces a valid
      61              :  * PSK_FINISH_RSP response message.
      62              :  **/
      63            1 : void libspdm_test_responder_psk_finish_case1(void **state)
      64              : {
      65              :     libspdm_return_t status;
      66              :     libspdm_test_context_t *spdm_test_context;
      67              :     libspdm_context_t *spdm_context;
      68              :     size_t response_size;
      69              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
      70              :     spdm_psk_finish_response_t *spdm_response;
      71              :     void *data1;
      72              :     size_t data_size1;
      73              :     uint8_t *ptr;
      74              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
      75              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
      76              :     libspdm_session_info_t *session_info;
      77              :     uint32_t session_id;
      78              :     uint32_t hash_size;
      79              :     uint32_t hmac_size;
      80              : 
      81            1 :     spdm_test_context = *state;
      82            1 :     spdm_context = spdm_test_context->spdm_context;
      83            1 :     spdm_test_context->case_id = 0x1;
      84            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
      85              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
      86            1 :     spdm_context->connection_info.connection_state =
      87              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
      88            1 :     spdm_context->connection_info.capability.flags |=
      89              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
      90            1 :     spdm_context->local_context.capability.flags |=
      91              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
      92            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
      93              :         m_libspdm_use_hash_algo;
      94            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
      95              :         m_libspdm_use_asym_algo;
      96            1 :     spdm_context->connection_info.algorithm.measurement_spec =
      97              :         m_libspdm_use_measurement_spec;
      98            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
      99              :         m_libspdm_use_measurement_hash_algo;
     100            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     101              :         m_libspdm_use_dhe_algo;
     102            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     103              :         m_libspdm_use_aead_algo;
     104            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     105              :                                                     m_libspdm_use_asym_algo, &data1,
     106              :                                                     &data_size1, NULL, NULL);
     107            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     108            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     109              :         data_size1;
     110            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     111            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     112              :         data_size1;
     113              : 
     114            1 :     libspdm_reset_message_a(spdm_context);
     115            1 :     spdm_context->local_context.mut_auth_requested = 0;
     116              : 
     117            1 :     session_id = 0xFFFFFFFF;
     118            1 :     spdm_context->latest_session_id = session_id;
     119            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     120            1 :     spdm_context->last_spdm_request_session_id = session_id;
     121            1 :     session_info = &spdm_context->session_info[0];
     122            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     123            1 :     libspdm_session_info_set_psk_hint(session_info,
     124              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     125              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     126            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     127            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     128            1 :     libspdm_secured_message_set_request_finished_key(
     129              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     130              :         hash_size);
     131            1 :     libspdm_secured_message_set_session_state(
     132              :         session_info->secured_message_context,
     133              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     134              : 
     135            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     136            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     137            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     138            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     139              :     /* transcript.message_a size is 0
     140              :      * session_transcript.message_k is 0*/
     141            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     142              :                                   sizeof(spdm_psk_finish_request_t));
     143            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     144            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     145              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     146            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     147              :                      request_finished_key, hash_size, ptr);
     148            1 :     m_libspdm_psk_finish_request1_size =
     149            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     150            1 :     response_size = sizeof(response);
     151            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     152              :                                              m_libspdm_psk_finish_request1_size,
     153              :                                              &m_libspdm_psk_finish_request1,
     154              :                                              &response_size, response);
     155            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     156            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
     157            1 :     spdm_response = (void *)response;
     158            1 :     assert_int_equal(spdm_response->header.request_response_code,
     159              :                      SPDM_PSK_FINISH_RSP);
     160            1 :     free(data1);
     161            1 : }
     162              : 
     163              : /**
     164              :  * Test 2: receiving a PSK_FINISH message larger than specified.
     165              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     166              :  * produces an ERROR message indicating the InvalidRequest.
     167              :  **/
     168            1 : void libspdm_test_responder_psk_finish_case2(void **state)
     169              : {
     170              :     libspdm_return_t status;
     171              :     libspdm_test_context_t *spdm_test_context;
     172              :     libspdm_context_t *spdm_context;
     173              :     size_t response_size;
     174              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     175              :     spdm_psk_finish_response_t *spdm_response;
     176              :     void *data1;
     177              :     size_t data_size1;
     178              :     uint8_t *ptr;
     179              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     180              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     181              :     libspdm_session_info_t *session_info;
     182              :     uint32_t session_id;
     183              :     uint32_t hash_size;
     184              : 
     185            1 :     spdm_test_context = *state;
     186            1 :     spdm_context = spdm_test_context->spdm_context;
     187            1 :     spdm_test_context->case_id = 0x2;
     188            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     189              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     190            1 :     spdm_context->connection_info.connection_state =
     191              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     192            1 :     spdm_context->connection_info.capability.flags |=
     193              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     194            1 :     spdm_context->local_context.capability.flags |=
     195              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     196            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     197              :         m_libspdm_use_hash_algo;
     198            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     199              :         m_libspdm_use_asym_algo;
     200            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     201              :         m_libspdm_use_measurement_spec;
     202            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     203              :         m_libspdm_use_measurement_hash_algo;
     204            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     205              :         m_libspdm_use_dhe_algo;
     206            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     207              :         m_libspdm_use_aead_algo;
     208            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     209              :                                                     m_libspdm_use_asym_algo, &data1,
     210              :                                                     &data_size1, NULL, NULL);
     211            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     212            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     213              :         data_size1;
     214            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     215            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     216              :         data_size1;
     217              : 
     218            1 :     libspdm_reset_message_a(spdm_context);
     219            1 :     spdm_context->local_context.mut_auth_requested = 0;
     220              : 
     221            1 :     session_id = 0xFFFFFFFF;
     222            1 :     spdm_context->latest_session_id = session_id;
     223            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     224            1 :     spdm_context->last_spdm_request_session_id = session_id;
     225            1 :     session_info = &spdm_context->session_info[0];
     226            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     227            1 :     libspdm_session_info_set_psk_hint(session_info,
     228              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     229              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     230            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     231            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     232            1 :     libspdm_secured_message_set_request_finished_key(
     233              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     234              :         hash_size);
     235            1 :     libspdm_secured_message_set_session_state(
     236              :         session_info->secured_message_context,
     237              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     238              : 
     239            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     240            1 :     ptr = m_libspdm_psk_finish_request2.verify_data;
     241            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     242              :     /* transcript.message_a size is 0
     243              :      * session_transcript.message_k is 0*/
     244            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request2,
     245              :                                   sizeof(spdm_psk_finish_request_t));
     246            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     247            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     248              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     249            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     250              :                      request_finished_key, hash_size, ptr);
     251            1 :     response_size = sizeof(response);
     252            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     253              :                                              m_libspdm_psk_finish_request2_size,
     254              :                                              &m_libspdm_psk_finish_request2,
     255              :                                              &response_size, response);
     256            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     257            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     258            1 :     spdm_response = (void *)response;
     259            1 :     assert_int_equal(spdm_response->header.request_response_code,
     260              :                      SPDM_ERROR);
     261            1 :     assert_int_equal(spdm_response->header.param1,
     262              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
     263            1 :     assert_int_equal(spdm_response->header.param2, 0);
     264            1 :     free(data1);
     265            1 : }
     266              : 
     267              : /**
     268              :  * Test 3: receiving a correct PSK_FINISH from the requester, but the
     269              :  * responder is in a Busy state.
     270              :  * Expected behavior: the responder accepts the request, but produces an
     271              :  * ERROR message indicating the Busy state.
     272              :  **/
     273            1 : void libspdm_test_responder_psk_finish_case3(void **state)
     274              : {
     275              :     libspdm_return_t status;
     276              :     libspdm_test_context_t *spdm_test_context;
     277              :     libspdm_context_t *spdm_context;
     278              :     size_t response_size;
     279              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     280              :     spdm_psk_finish_response_t *spdm_response;
     281              :     void *data1;
     282              :     size_t data_size1;
     283              :     uint8_t *ptr;
     284              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     285              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     286              :     libspdm_session_info_t *session_info;
     287              :     uint32_t session_id;
     288              :     uint32_t hash_size;
     289              :     uint32_t hmac_size;
     290              : 
     291            1 :     spdm_test_context = *state;
     292            1 :     spdm_context = spdm_test_context->spdm_context;
     293            1 :     spdm_test_context->case_id = 0x3;
     294            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     295              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     296            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
     297            1 :     spdm_context->connection_info.connection_state =
     298              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     299            1 :     spdm_context->connection_info.capability.flags |=
     300              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     301            1 :     spdm_context->local_context.capability.flags |=
     302              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     303            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     304              :         m_libspdm_use_hash_algo;
     305            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     306              :         m_libspdm_use_asym_algo;
     307            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     308              :         m_libspdm_use_measurement_spec;
     309            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     310              :         m_libspdm_use_measurement_hash_algo;
     311            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     312              :         m_libspdm_use_dhe_algo;
     313            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     314              :         m_libspdm_use_aead_algo;
     315            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     316              :                                                     m_libspdm_use_asym_algo, &data1,
     317              :                                                     &data_size1, NULL, NULL);
     318            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     319            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     320              :         data_size1;
     321            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     322            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     323              :         data_size1;
     324              : 
     325            1 :     libspdm_reset_message_a(spdm_context);
     326            1 :     spdm_context->local_context.mut_auth_requested = 0;
     327              : 
     328            1 :     session_id = 0xFFFFFFFF;
     329            1 :     spdm_context->latest_session_id = session_id;
     330            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     331            1 :     spdm_context->last_spdm_request_session_id = session_id;
     332            1 :     session_info = &spdm_context->session_info[0];
     333            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     334            1 :     libspdm_session_info_set_psk_hint(session_info,
     335              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     336              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     337            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     338            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     339            1 :     libspdm_secured_message_set_request_finished_key(
     340              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     341              :         hash_size);
     342            1 :     libspdm_secured_message_set_session_state(
     343              :         session_info->secured_message_context,
     344              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     345              : 
     346            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     347            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     348            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     349            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     350              :     /* transcript.message_a size is 0
     351              :      * session_transcript.message_k is 0*/
     352            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     353              :                                   sizeof(spdm_psk_finish_request_t));
     354            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     355            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     356              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     357            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     358              :                      request_finished_key, hash_size, ptr);
     359            1 :     m_libspdm_psk_finish_request1_size =
     360            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     361            1 :     response_size = sizeof(response);
     362            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     363              :                                              m_libspdm_psk_finish_request1_size,
     364              :                                              &m_libspdm_psk_finish_request1,
     365              :                                              &response_size, response);
     366            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     367            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     368            1 :     spdm_response = (void *)response;
     369            1 :     assert_int_equal(spdm_response->header.request_response_code,
     370              :                      SPDM_ERROR);
     371            1 :     assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
     372            1 :     assert_int_equal(spdm_response->header.param2, 0);
     373            1 :     assert_int_equal(spdm_context->response_state,
     374              :                      LIBSPDM_RESPONSE_STATE_BUSY);
     375            1 :     free(data1);
     376            1 : }
     377              : 
     378              : /**
     379              :  * Test 4: receiving a correct PSK_FINISH from the requester, but the
     380              :  * responder requires resynchronization with the requester.
     381              :  * Expected behavior: the responder accepts the request, but produces an
     382              :  * ERROR message indicating the NeedResynch state.
     383              :  **/
     384            1 : void libspdm_test_responder_psk_finish_case4(void **state)
     385              : {
     386              :     libspdm_return_t status;
     387              :     libspdm_test_context_t *spdm_test_context;
     388              :     libspdm_context_t *spdm_context;
     389              :     size_t response_size;
     390              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     391              :     spdm_psk_finish_response_t *spdm_response;
     392              :     void *data1;
     393              :     size_t data_size1;
     394              :     uint8_t *ptr;
     395              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     396              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     397              :     libspdm_session_info_t *session_info;
     398              :     uint32_t session_id;
     399              :     uint32_t hash_size;
     400              :     uint32_t hmac_size;
     401              : 
     402            1 :     spdm_test_context = *state;
     403            1 :     spdm_context = spdm_test_context->spdm_context;
     404            1 :     spdm_test_context->case_id = 0x4;
     405            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     406              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     407            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
     408            1 :     spdm_context->connection_info.connection_state =
     409              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     410            1 :     spdm_context->connection_info.capability.flags |=
     411              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     412            1 :     spdm_context->local_context.capability.flags |=
     413              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     414            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     415              :         m_libspdm_use_hash_algo;
     416            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     417              :         m_libspdm_use_asym_algo;
     418            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     419              :         m_libspdm_use_measurement_spec;
     420            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     421              :         m_libspdm_use_measurement_hash_algo;
     422            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     423              :         m_libspdm_use_dhe_algo;
     424            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     425              :         m_libspdm_use_aead_algo;
     426            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     427              :                                                     m_libspdm_use_asym_algo, &data1,
     428              :                                                     &data_size1, NULL, NULL);
     429            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     430            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     431              :         data_size1;
     432            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     433            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     434              :         data_size1;
     435              : 
     436            1 :     libspdm_reset_message_a(spdm_context);
     437            1 :     spdm_context->local_context.mut_auth_requested = 0;
     438              : 
     439            1 :     session_id = 0xFFFFFFFF;
     440            1 :     spdm_context->latest_session_id = session_id;
     441            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     442            1 :     spdm_context->last_spdm_request_session_id = session_id;
     443            1 :     session_info = &spdm_context->session_info[0];
     444            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     445            1 :     libspdm_session_info_set_psk_hint(session_info,
     446              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     447              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     448            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     449            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     450            1 :     libspdm_secured_message_set_request_finished_key(
     451              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     452              :         hash_size);
     453            1 :     libspdm_secured_message_set_session_state(
     454              :         session_info->secured_message_context,
     455              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     456              : 
     457            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     458            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     459            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     460            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     461              :     /* transcript.message_a size is 0
     462              :      * session_transcript.message_k is 0*/
     463            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     464              :                                   sizeof(spdm_psk_finish_request_t));
     465            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     466            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     467              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     468            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     469              :                      request_finished_key, hash_size, ptr);
     470            1 :     m_libspdm_psk_finish_request1_size =
     471            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     472            1 :     response_size = sizeof(response);
     473            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     474              :                                              m_libspdm_psk_finish_request1_size,
     475              :                                              &m_libspdm_psk_finish_request1,
     476              :                                              &response_size, response);
     477            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     478            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     479            1 :     spdm_response = (void *)response;
     480            1 :     assert_int_equal(spdm_response->header.request_response_code,
     481              :                      SPDM_ERROR);
     482            1 :     assert_int_equal(spdm_response->header.param1,
     483              :                      SPDM_ERROR_CODE_REQUEST_RESYNCH);
     484            1 :     assert_int_equal(spdm_response->header.param2, 0);
     485            1 :     assert_int_equal(spdm_context->response_state,
     486              :                      LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
     487            1 :     free(data1);
     488            1 : }
     489              : 
     490              : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
     491              : /**
     492              :  * Test 5: receiving a correct PSK_FINISH from the requester, but the
     493              :  * responder could not produce the response in time.
     494              :  * Expected behavior: the responder accepts the request, but produces an
     495              :  * ERROR message indicating the ResponseNotReady state.
     496              :  **/
     497            1 : void libspdm_test_responder_psk_finish_case5(void **state)
     498              : {
     499              :     libspdm_return_t status;
     500              :     libspdm_test_context_t *spdm_test_context;
     501              :     libspdm_context_t *spdm_context;
     502              :     size_t response_size;
     503              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     504              :     spdm_psk_finish_response_t *spdm_response;
     505              :     void *data1;
     506              :     size_t data_size1;
     507              :     uint8_t *ptr;
     508              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     509              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     510              :     libspdm_session_info_t *session_info;
     511              :     uint32_t session_id;
     512              :     uint32_t hash_size;
     513              :     uint32_t hmac_size;
     514              :     spdm_error_data_response_not_ready_t *error_data;
     515              : 
     516            1 :     spdm_test_context = *state;
     517            1 :     spdm_context = spdm_test_context->spdm_context;
     518            1 :     spdm_test_context->case_id = 0x5;
     519            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     520              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     521            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
     522            1 :     spdm_context->connection_info.connection_state =
     523              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     524            1 :     spdm_context->connection_info.capability.flags |=
     525              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     526            1 :     spdm_context->local_context.capability.flags |=
     527              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     528            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     529              :         m_libspdm_use_hash_algo;
     530            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     531              :         m_libspdm_use_asym_algo;
     532            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     533              :         m_libspdm_use_measurement_spec;
     534            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     535              :         m_libspdm_use_measurement_hash_algo;
     536            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     537              :         m_libspdm_use_dhe_algo;
     538            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     539              :         m_libspdm_use_aead_algo;
     540            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     541              :                                                     m_libspdm_use_asym_algo, &data1,
     542              :                                                     &data_size1, NULL, NULL);
     543            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     544            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     545              :         data_size1;
     546            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     547            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     548              :         data_size1;
     549              : 
     550            1 :     libspdm_reset_message_a(spdm_context);
     551            1 :     spdm_context->local_context.mut_auth_requested = 0;
     552              : 
     553            1 :     session_id = 0xFFFFFFFF;
     554            1 :     spdm_context->latest_session_id = session_id;
     555            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     556            1 :     spdm_context->last_spdm_request_session_id = session_id;
     557            1 :     session_info = &spdm_context->session_info[0];
     558            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     559            1 :     libspdm_session_info_set_psk_hint(session_info,
     560              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     561              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     562            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     563            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     564            1 :     libspdm_secured_message_set_request_finished_key(
     565              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     566              :         hash_size);
     567            1 :     libspdm_secured_message_set_session_state(
     568              :         session_info->secured_message_context,
     569              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     570              : 
     571            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     572            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     573            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     574            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     575              :     /* transcript.message_a size is 0
     576              :      * session_transcript.message_k is 0*/
     577            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     578              :                                   sizeof(spdm_psk_finish_request_t));
     579            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     580            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     581              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     582            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     583              :                      request_finished_key, hash_size, ptr);
     584            1 :     m_libspdm_psk_finish_request1_size =
     585            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     586            1 :     response_size = sizeof(response);
     587            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     588              :                                              m_libspdm_psk_finish_request1_size,
     589              :                                              &m_libspdm_psk_finish_request1,
     590              :                                              &response_size, response);
     591            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     592            1 :     assert_int_equal(response_size,
     593              :                      sizeof(spdm_error_response_t) +
     594              :                      sizeof(spdm_error_data_response_not_ready_t));
     595            1 :     spdm_response = (void *)response;
     596            1 :     error_data =
     597              :         (spdm_error_data_response_not_ready_t *)(spdm_response + 1);
     598            1 :     assert_int_equal(spdm_response->header.request_response_code,
     599              :                      SPDM_ERROR);
     600            1 :     assert_int_equal(spdm_response->header.param1,
     601              :                      SPDM_ERROR_CODE_RESPONSE_NOT_READY);
     602            1 :     assert_int_equal(spdm_response->header.param2, 0);
     603            1 :     assert_int_equal(spdm_context->response_state,
     604              :                      LIBSPDM_RESPONSE_STATE_NOT_READY);
     605            1 :     assert_int_equal(error_data->request_code, SPDM_PSK_FINISH);
     606            1 :     free(data1);
     607            1 : }
     608              : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
     609              : 
     610              : /**
     611              :  * Test 6: receiving a correct PSK_FINISH from the requester, but the
     612              :  * responder is not set no receive a PSK-FINISH message because previous
     613              :  * messages (namely, GET_CAPABILITIES, NEGOTIATE_ALGORITHMS or
     614              :  * GET_DIGESTS) have not been received.
     615              :  * Expected behavior: the responder rejects the request, and produces an
     616              :  * ERROR message indicating the UnexpectedRequest.
     617              :  **/
     618            1 : void libspdm_test_responder_psk_finish_case6(void **state)
     619              : {
     620              :     libspdm_return_t status;
     621              :     libspdm_test_context_t *spdm_test_context;
     622              :     libspdm_context_t *spdm_context;
     623              :     size_t response_size;
     624              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     625              :     spdm_psk_finish_response_t *spdm_response;
     626              :     void *data1;
     627              :     size_t data_size1;
     628              :     uint8_t *ptr;
     629              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     630              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     631              :     libspdm_session_info_t *session_info;
     632              :     uint32_t session_id;
     633              :     uint32_t hash_size;
     634              :     uint32_t hmac_size;
     635              : 
     636            1 :     spdm_test_context = *state;
     637            1 :     spdm_context = spdm_test_context->spdm_context;
     638            1 :     spdm_test_context->case_id = 0x6;
     639            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     640              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     641            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
     642            1 :     spdm_context->connection_info.connection_state =
     643              :         LIBSPDM_CONNECTION_STATE_NOT_STARTED;
     644            1 :     spdm_context->connection_info.capability.flags |=
     645              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     646            1 :     spdm_context->local_context.capability.flags |=
     647              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     648            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     649              :         m_libspdm_use_hash_algo;
     650            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     651              :         m_libspdm_use_asym_algo;
     652            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     653              :         m_libspdm_use_measurement_spec;
     654            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     655              :         m_libspdm_use_measurement_hash_algo;
     656            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     657              :         m_libspdm_use_dhe_algo;
     658            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     659              :         m_libspdm_use_aead_algo;
     660            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     661              :                                                     m_libspdm_use_asym_algo, &data1,
     662              :                                                     &data_size1, NULL, NULL);
     663            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     664            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     665              :         data_size1;
     666            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     667            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     668              :         data_size1;
     669              : 
     670            1 :     libspdm_reset_message_a(spdm_context);
     671            1 :     spdm_context->local_context.mut_auth_requested = 0;
     672              : 
     673            1 :     session_id = 0xFFFFFFFF;
     674            1 :     spdm_context->latest_session_id = session_id;
     675            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     676            1 :     spdm_context->last_spdm_request_session_id = session_id;
     677            1 :     session_info = &spdm_context->session_info[0];
     678            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     679            1 :     libspdm_session_info_set_psk_hint(session_info,
     680              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     681              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     682            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     683            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     684            1 :     libspdm_secured_message_set_request_finished_key(
     685              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     686              :         hash_size);
     687            1 :     libspdm_secured_message_set_session_state(
     688              :         session_info->secured_message_context,
     689              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     690              : 
     691            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     692            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     693            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     694            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     695              :     /* transcript.message_a size is 0
     696              :      * session_transcript.message_k is 0*/
     697            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     698              :                                   sizeof(spdm_psk_finish_request_t));
     699            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     700            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     701              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     702            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     703              :                      request_finished_key, hash_size, ptr);
     704            1 :     m_libspdm_psk_finish_request1_size =
     705            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     706            1 :     response_size = sizeof(response);
     707            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     708              :                                              m_libspdm_psk_finish_request1_size,
     709              :                                              &m_libspdm_psk_finish_request1,
     710              :                                              &response_size, response);
     711            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     712            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     713            1 :     spdm_response = (void *)response;
     714            1 :     assert_int_equal(spdm_response->header.request_response_code,
     715              :                      SPDM_ERROR);
     716            1 :     assert_int_equal(spdm_response->header.param1,
     717              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
     718            1 :     assert_int_equal(spdm_response->header.param2, 0);
     719            1 :     free(data1);
     720            1 : }
     721              : 
     722            1 : void libspdm_test_responder_psk_finish_case7(void **state)
     723              : {
     724              :     libspdm_return_t status;
     725              :     libspdm_test_context_t *spdm_test_context;
     726              :     libspdm_context_t *spdm_context;
     727              :     size_t response_size;
     728              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     729              :     spdm_psk_finish_response_t *spdm_response;
     730              :     void *data1;
     731              :     size_t data_size1;
     732              :     uint8_t *ptr;
     733              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     734              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     735              :     libspdm_session_info_t *session_info;
     736              :     uint32_t session_id;
     737              :     uint32_t hash_size;
     738              :     uint32_t hmac_size;
     739              : 
     740            1 :     spdm_test_context = *state;
     741            1 :     spdm_context = spdm_test_context->spdm_context;
     742            1 :     spdm_test_context->case_id = 0x7;
     743            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     744              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     745            1 :     spdm_context->connection_info.connection_state =
     746              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     747            1 :     spdm_context->connection_info.capability.flags |=
     748              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     749            1 :     spdm_context->local_context.capability.flags |=
     750              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     751            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     752              :         m_libspdm_use_hash_algo;
     753            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     754              :         m_libspdm_use_asym_algo;
     755            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     756              :         m_libspdm_use_measurement_spec;
     757            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     758              :         m_libspdm_use_measurement_hash_algo;
     759            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     760              :         m_libspdm_use_dhe_algo;
     761            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     762              :         m_libspdm_use_aead_algo;
     763            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     764              :                                                     m_libspdm_use_asym_algo, &data1,
     765              :                                                     &data_size1, NULL, NULL);
     766            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     767            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     768              :         data_size1;
     769            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     770            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     771              :         data_size1;
     772              : 
     773            1 :     libspdm_reset_message_a(spdm_context);
     774            1 :     spdm_context->local_context.mut_auth_requested = 0;
     775              : 
     776            1 :     session_id = 0xFFFFFFFF;
     777            1 :     spdm_context->latest_session_id = session_id;
     778            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     779            1 :     spdm_context->last_spdm_request_session_id = session_id;
     780            1 :     session_info = &spdm_context->session_info[0];
     781            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     782            1 :     libspdm_session_info_set_psk_hint(session_info,
     783              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     784              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     785            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     786            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     787            1 :     libspdm_secured_message_set_request_finished_key(
     788              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     789              :         hash_size);
     790            1 :     libspdm_secured_message_set_session_state(
     791              :         session_info->secured_message_context,
     792              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     793              : 
     794            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     795            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     796            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     797            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     798              :     /* transcript.message_a size is 0
     799              :      * session_transcript.message_k is 0*/
     800            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     801              :                                   sizeof(spdm_psk_finish_request_t));
     802              : 
     803              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     804              :     session_info->session_transcript.message_m.buffer_size =
     805              :         session_info->session_transcript.message_m.max_buffer_size;
     806              :     spdm_context->transcript.message_b.buffer_size =
     807              :         spdm_context->transcript.message_b.max_buffer_size;
     808              :     spdm_context->transcript.message_c.buffer_size =
     809              :         spdm_context->transcript.message_c.max_buffer_size;
     810              :     spdm_context->transcript.message_mut_b.buffer_size =
     811              :         spdm_context->transcript.message_mut_b.max_buffer_size;
     812              :     spdm_context->transcript.message_mut_c.buffer_size =
     813              :         spdm_context->transcript.message_mut_c.max_buffer_size;
     814              : #endif
     815              : 
     816            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     817            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     818              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     819            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     820              :                      request_finished_key, hash_size, ptr);
     821            1 :     m_libspdm_psk_finish_request1_size =
     822            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     823            1 :     response_size = sizeof(response);
     824            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     825              :                                              m_libspdm_psk_finish_request1_size,
     826              :                                              &m_libspdm_psk_finish_request1,
     827              :                                              &response_size, response);
     828            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     829            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
     830            1 :     spdm_response = (void *)response;
     831            1 :     assert_int_equal(spdm_response->header.request_response_code,
     832              :                      SPDM_PSK_FINISH_RSP);
     833              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     834              :     assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
     835              :     assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
     836              :     assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
     837              :     assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
     838              :     assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
     839              : #endif
     840              : 
     841            1 :     free(data1);
     842            1 : }
     843              : 
     844              : /**
     845              :  * Test 8: receiving a correct PSK_FINISH message from the requester, but
     846              :  * the responder has no capabilities for pre-shared keys.
     847              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     848              :  * produces an ERROR message indicating the UnsupportedRequest.
     849              :  **/
     850            1 : void libspdm_test_responder_psk_finish_case8(void **state)
     851              : {
     852              :     libspdm_return_t status;
     853              :     libspdm_test_context_t *spdm_test_context;
     854              :     libspdm_context_t *spdm_context;
     855              :     size_t response_size;
     856              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     857              :     spdm_psk_finish_response_t *spdm_response;
     858              :     void *data1;
     859              :     size_t data_size1;
     860              :     uint8_t *ptr;
     861              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     862              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     863              :     libspdm_session_info_t *session_info;
     864              :     uint32_t session_id;
     865              :     uint32_t hash_size;
     866              :     uint32_t hmac_size;
     867              : 
     868            1 :     spdm_test_context = *state;
     869            1 :     spdm_context = spdm_test_context->spdm_context;
     870            1 :     spdm_test_context->case_id = 0x8;
     871            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     872              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     873            1 :     spdm_context->connection_info.connection_state =
     874              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     875            1 :     spdm_context->connection_info.capability.flags &=
     876              :         ~(SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP);
     877            1 :     spdm_context->local_context.capability.flags &=
     878              :         ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP);
     879            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     880              :         m_libspdm_use_hash_algo;
     881            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     882              :         m_libspdm_use_asym_algo;
     883            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     884              :         m_libspdm_use_measurement_spec;
     885            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     886              :         m_libspdm_use_measurement_hash_algo;
     887            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     888              :         m_libspdm_use_dhe_algo;
     889            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     890              :         m_libspdm_use_aead_algo;
     891            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     892              :                                                     m_libspdm_use_asym_algo, &data1,
     893              :                                                     &data_size1, NULL, NULL);
     894            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     895            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     896              :         data_size1;
     897            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     898            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     899              :         data_size1;
     900              : 
     901            1 :     spdm_context->transcript.message_a.buffer_size = 0;
     902            1 :     spdm_context->local_context.mut_auth_requested = 0;
     903              : 
     904            1 :     session_id = 0xFFFFFFFF;
     905            1 :     spdm_context->latest_session_id = session_id;
     906            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     907            1 :     spdm_context->last_spdm_request_session_id = session_id;
     908            1 :     session_info = &spdm_context->session_info[0];
     909            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
     910            1 :     libspdm_session_info_set_psk_hint(session_info,
     911              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     912              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     913            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     914            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     915            1 :     libspdm_secured_message_set_request_finished_key(
     916              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     917              :         hash_size);
     918            1 :     libspdm_secured_message_set_session_state(
     919              :         session_info->secured_message_context,
     920              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     921              : 
     922            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     923            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     924            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     925            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     926              :     /* transcript.message_a size is 0
     927              :      * session_transcript.message_k is 0*/
     928            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     929              :                                   sizeof(spdm_psk_finish_request_t));
     930            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     931            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     932              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     933            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     934              :                      request_finished_key, hash_size, ptr);
     935            1 :     m_libspdm_psk_finish_request1_size =
     936            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     937            1 :     response_size = sizeof(response);
     938            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     939              :                                              m_libspdm_psk_finish_request1_size,
     940              :                                              &m_libspdm_psk_finish_request1,
     941              :                                              &response_size, response);
     942            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     943            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     944            1 :     spdm_response = (void *)response;
     945            1 :     assert_int_equal(spdm_response->header.request_response_code,
     946              :                      SPDM_ERROR);
     947            1 :     assert_int_equal(spdm_response->header.param1,
     948              :                      SPDM_ERROR_CODE_UNSUPPORTED_REQUEST);
     949            1 :     assert_int_equal(spdm_response->header.param2, SPDM_PSK_FINISH);
     950            1 :     free(data1);
     951            1 : }
     952              : 
     953              : /**
     954              :  * Test 9: receiving a correct PSK_FINISH message from the requester, but
     955              :  * the responder is not correctly setup by not initializing a session during
     956              :  * PSK_EXCHANGE.
     957              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     958              :  * produces an ERROR message indicating the InvalidRequest.
     959              :  **/
     960            1 : void libspdm_test_responder_psk_finish_case9(void **state)
     961              : {
     962              :     libspdm_return_t status;
     963              :     libspdm_test_context_t *spdm_test_context;
     964              :     libspdm_context_t *spdm_context;
     965              :     size_t response_size;
     966              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     967              :     spdm_psk_finish_response_t *spdm_response;
     968              :     void *data1;
     969              :     size_t data_size1;
     970              :     uint8_t *ptr;
     971              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     972              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     973              :     libspdm_session_info_t *session_info;
     974              :     uint32_t session_id;
     975              :     uint32_t hash_size;
     976              :     uint32_t hmac_size;
     977              : 
     978            1 :     spdm_test_context = *state;
     979            1 :     spdm_context = spdm_test_context->spdm_context;
     980            1 :     spdm_test_context->case_id = 0x9;
     981            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     982              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     983            1 :     spdm_context->connection_info.connection_state =
     984              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     985            1 :     spdm_context->connection_info.capability.flags |=
     986              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     987            1 :     spdm_context->local_context.capability.flags |=
     988              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     989            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     990              :         m_libspdm_use_hash_algo;
     991            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     992              :         m_libspdm_use_asym_algo;
     993            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     994              :         m_libspdm_use_measurement_spec;
     995            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     996              :         m_libspdm_use_measurement_hash_algo;
     997            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     998              :         m_libspdm_use_dhe_algo;
     999            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1000              :         m_libspdm_use_aead_algo;
    1001            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1002              :                                                     m_libspdm_use_asym_algo, &data1,
    1003              :                                                     &data_size1, NULL, NULL);
    1004            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1005            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1006              :         data_size1;
    1007            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1008            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1009              :         data_size1;
    1010              : 
    1011            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1012            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1013              : 
    1014            1 :     session_id = 0xFFFFFFFF;
    1015            1 :     spdm_context->latest_session_id = session_id;
    1016            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1017            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1018            1 :     session_info = &spdm_context->session_info[0];
    1019            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1020            1 :     libspdm_session_info_set_psk_hint(session_info,
    1021              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1022              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1023            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1024            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1025            1 :     libspdm_secured_message_set_request_finished_key(
    1026              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1027              :         hash_size);
    1028            1 :     libspdm_secured_message_set_session_state(
    1029              :         session_info->secured_message_context,
    1030              :         LIBSPDM_SESSION_STATE_NOT_STARTED);
    1031              : 
    1032            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1033            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1034            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1035            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1036              :     /* transcript.message_a size is 0
    1037              :      * session_transcript.message_k is 0*/
    1038            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1039              :                                   sizeof(spdm_psk_finish_request_t));
    1040            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1041            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1042              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1043            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1044              :                      request_finished_key, hash_size, ptr);
    1045            1 :     m_libspdm_psk_finish_request1_size =
    1046            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1047            1 :     response_size = sizeof(response);
    1048            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1049              :                                              m_libspdm_psk_finish_request1_size,
    1050              :                                              &m_libspdm_psk_finish_request1,
    1051              :                                              &response_size, response);
    1052            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1053            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1054            1 :     spdm_response = (void *)response;
    1055            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1056              :                      SPDM_ERROR);
    1057            1 :     assert_int_equal(spdm_response->header.param1,
    1058              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
    1059            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1060            1 :     free(data1);
    1061            1 : }
    1062              : 
    1063              : /**
    1064              :  * Test 10: receiving a PSK_FINISH message from the requester with an
    1065              :  * incorrect MAC (all-zero).
    1066              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1067              :  * produces an ERROR message indicating the DecryptError.
    1068              :  **/
    1069            1 : void libspdm_test_responder_psk_finish_case10(void **state)
    1070              : {
    1071              :     libspdm_return_t status;
    1072              :     libspdm_test_context_t *spdm_test_context;
    1073              :     libspdm_context_t *spdm_context;
    1074              :     size_t response_size;
    1075              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1076              :     spdm_psk_finish_response_t *spdm_response;
    1077              :     void *data1;
    1078              :     size_t data_size1;
    1079              :     uint8_t *ptr;
    1080              :     libspdm_session_info_t *session_info;
    1081              :     uint32_t session_id;
    1082              :     uint32_t hash_size;
    1083              :     uint32_t hmac_size;
    1084              : 
    1085            1 :     spdm_test_context = *state;
    1086            1 :     spdm_context = spdm_test_context->spdm_context;
    1087            1 :     spdm_test_context->case_id = 0xA;
    1088            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1089              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1090            1 :     spdm_context->connection_info.connection_state =
    1091              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1092            1 :     spdm_context->connection_info.capability.flags |=
    1093              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1094            1 :     spdm_context->local_context.capability.flags |=
    1095              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1096            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1097              :         m_libspdm_use_hash_algo;
    1098            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1099              :         m_libspdm_use_asym_algo;
    1100            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1101              :         m_libspdm_use_measurement_spec;
    1102            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1103              :         m_libspdm_use_measurement_hash_algo;
    1104            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1105              :         m_libspdm_use_dhe_algo;
    1106            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1107              :         m_libspdm_use_aead_algo;
    1108            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1109              :                                                     m_libspdm_use_asym_algo, &data1,
    1110              :                                                     &data_size1, NULL, NULL);
    1111            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1112            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1113              :         data_size1;
    1114            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1115            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1116              :         data_size1;
    1117              : 
    1118            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1119            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1120              : 
    1121            1 :     session_id = 0xFFFFFFFF;
    1122            1 :     spdm_context->latest_session_id = session_id;
    1123            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1124            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1125            1 :     session_info = &spdm_context->session_info[0];
    1126            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1127            1 :     libspdm_session_info_set_psk_hint(session_info,
    1128              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1129              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1130            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1131            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1132            1 :     libspdm_secured_message_set_request_finished_key(
    1133              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1134              :         hash_size);
    1135            1 :     libspdm_secured_message_set_session_state(
    1136              :         session_info->secured_message_context,
    1137              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1138              : 
    1139            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1140            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1141            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1142            1 :     libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
    1143            1 :     m_libspdm_psk_finish_request1_size =
    1144            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1145            1 :     response_size = sizeof(response);
    1146            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1147              :                                              m_libspdm_psk_finish_request1_size,
    1148              :                                              &m_libspdm_psk_finish_request1,
    1149              :                                              &response_size, response);
    1150            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1151            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1152            1 :     spdm_response = (void *)response;
    1153            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1154              :                      SPDM_ERROR);
    1155            1 :     assert_int_equal(spdm_response->header.param1,
    1156              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1157            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1158            1 :     free(data1);
    1159            1 : }
    1160              : 
    1161              : /**
    1162              :  * Test 11: receiving a PSK_FINISH message from the requester with an
    1163              :  * incorrect MAC (arbitrary).
    1164              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1165              :  * produces an ERROR message indicating the DecryptError.
    1166              :  **/
    1167            1 : void libspdm_test_responder_psk_finish_case11(void **state)
    1168              : {
    1169              :     libspdm_return_t status;
    1170              :     libspdm_test_context_t *spdm_test_context;
    1171              :     libspdm_context_t *spdm_context;
    1172              :     size_t response_size;
    1173              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1174              :     spdm_psk_finish_response_t *spdm_response;
    1175              :     void *data1;
    1176              :     size_t data_size1;
    1177              :     uint8_t *ptr;
    1178              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1179              :     uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
    1180              :     libspdm_session_info_t *session_info;
    1181              :     uint32_t session_id;
    1182              :     uint32_t hash_size;
    1183              :     uint32_t hmac_size;
    1184              : 
    1185            1 :     spdm_test_context = *state;
    1186            1 :     spdm_context = spdm_test_context->spdm_context;
    1187            1 :     spdm_test_context->case_id = 0xB;
    1188            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1189              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1190            1 :     spdm_context->connection_info.connection_state =
    1191              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1192            1 :     spdm_context->connection_info.capability.flags |=
    1193              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1194            1 :     spdm_context->local_context.capability.flags |=
    1195              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1196            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1197              :         m_libspdm_use_hash_algo;
    1198            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1199              :         m_libspdm_use_asym_algo;
    1200            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1201              :         m_libspdm_use_measurement_spec;
    1202            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1203              :         m_libspdm_use_measurement_hash_algo;
    1204            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1205              :         m_libspdm_use_dhe_algo;
    1206            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1207              :         m_libspdm_use_aead_algo;
    1208            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1209              :                                                     m_libspdm_use_asym_algo, &data1,
    1210              :                                                     &data_size1, NULL, NULL);
    1211            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1212            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1213              :         data_size1;
    1214            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1215            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1216              :         data_size1;
    1217              : 
    1218            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1219            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1220              : 
    1221            1 :     session_id = 0xFFFFFFFF;
    1222            1 :     spdm_context->latest_session_id = session_id;
    1223            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1224            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1225            1 :     session_info = &spdm_context->session_info[0];
    1226            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1227            1 :     libspdm_session_info_set_psk_hint(session_info,
    1228              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1229              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1230            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1231            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1232            1 :     libspdm_secured_message_set_request_finished_key(
    1233              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1234              :         hash_size);
    1235            1 :     libspdm_secured_message_set_session_state(
    1236              :         session_info->secured_message_context,
    1237              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1238              : 
    1239            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1240            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1241            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1242              :     /*arbitrary MAC*/
    1243            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1244            1 :     libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
    1245            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
    1246              :                      request_finished_key, hash_size, ptr);
    1247            1 :     m_libspdm_psk_finish_request1_size =
    1248            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1249            1 :     response_size = sizeof(response);
    1250            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1251              :                                              m_libspdm_psk_finish_request1_size,
    1252              :                                              &m_libspdm_psk_finish_request1,
    1253              :                                              &response_size, response);
    1254            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1255            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1256            1 :     spdm_response = (void *)response;
    1257            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1258              :                      SPDM_ERROR);
    1259            1 :     assert_int_equal(spdm_response->header.param1,
    1260              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1261            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1262            1 :     free(data1);
    1263            1 : }
    1264              : 
    1265              : /**
    1266              :  * Test 12: receiving a PSK_FINISH message from the requester with an
    1267              :  * incorrect MAC size (a correct MAC repeated twice).
    1268              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1269              :  * produces an ERROR message indicating the InvalidRequest.
    1270              :  **/
    1271            1 : void libspdm_test_responder_psk_finish_case12(void **state)
    1272              : {
    1273              :     libspdm_return_t status;
    1274              :     libspdm_test_context_t *spdm_test_context;
    1275              :     libspdm_context_t *spdm_context;
    1276              :     size_t response_size;
    1277              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1278              :     spdm_psk_finish_response_t *spdm_response;
    1279              :     void *data1;
    1280              :     size_t data_size1;
    1281              :     uint8_t *ptr;
    1282              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1283              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1284              :     libspdm_session_info_t *session_info;
    1285              :     uint32_t session_id;
    1286              :     uint32_t hash_size;
    1287              :     uint32_t hmac_size;
    1288              : 
    1289            1 :     spdm_test_context = *state;
    1290            1 :     spdm_context = spdm_test_context->spdm_context;
    1291            1 :     spdm_test_context->case_id = 0xC;
    1292            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1293              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1294            1 :     spdm_context->connection_info.connection_state =
    1295              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1296            1 :     spdm_context->connection_info.capability.flags |=
    1297              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1298            1 :     spdm_context->local_context.capability.flags |=
    1299              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1300            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1301              :         m_libspdm_use_hash_algo;
    1302            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1303              :         m_libspdm_use_asym_algo;
    1304            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1305              :         m_libspdm_use_measurement_spec;
    1306            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1307              :         m_libspdm_use_measurement_hash_algo;
    1308            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1309              :         m_libspdm_use_dhe_algo;
    1310            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1311              :         m_libspdm_use_aead_algo;
    1312            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1313              :                                                     m_libspdm_use_asym_algo, &data1,
    1314              :                                                     &data_size1, NULL, NULL);
    1315            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1316            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1317              :         data_size1;
    1318            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1319            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1320              :         data_size1;
    1321              : 
    1322            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1323            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1324              : 
    1325            1 :     session_id = 0xFFFFFFFF;
    1326            1 :     spdm_context->latest_session_id = session_id;
    1327            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1328            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1329            1 :     session_info = &spdm_context->session_info[0];
    1330            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1331            1 :     libspdm_session_info_set_psk_hint(session_info,
    1332              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1333              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1334            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1335            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1336            1 :     libspdm_secured_message_set_request_finished_key(
    1337              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1338              :         hash_size);
    1339            1 :     libspdm_secured_message_set_session_state(
    1340              :         session_info->secured_message_context,
    1341              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1342              : 
    1343            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1344            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1345            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1346            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1347              :     /* transcript.message_a size is 0
    1348              :      * session_transcript.message_k is 0*/
    1349            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1350              :                                   sizeof(spdm_psk_finish_request_t));
    1351            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1352            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1353              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1354            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1355              :                      request_finished_key, hash_size, ptr);
    1356            1 :     libspdm_copy_mem(ptr, sizeof(m_libspdm_psk_finish_request1.verify_data),
    1357            1 :                      ptr + hmac_size, hmac_size); /* 2x HMAC size*/
    1358            1 :     m_libspdm_psk_finish_request1_size =
    1359            1 :         sizeof(spdm_psk_finish_request_t) + 2*hmac_size;
    1360            1 :     response_size = sizeof(response);
    1361            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1362              :                                              m_libspdm_psk_finish_request1_size,
    1363              :                                              &m_libspdm_psk_finish_request1,
    1364              :                                              &response_size, response);
    1365            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1366            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1367            1 :     spdm_response = (void *)response;
    1368            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1369              :                      SPDM_ERROR);
    1370            1 :     assert_int_equal(spdm_response->header.param1,
    1371              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    1372            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1373            1 :     free(data1);
    1374            1 : }
    1375              : 
    1376              : /**
    1377              :  * Test 13: receiving a PSK_FINISH message from the requester with an
    1378              :  * incorrect MAC size (only the correct first half of the MAC).
    1379              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1380              :  * produces an ERROR message indicating the InvalidRequest.
    1381              :  **/
    1382            1 : void libspdm_test_responder_psk_finish_case13(void **state)
    1383              : {
    1384              :     libspdm_return_t status;
    1385              :     libspdm_test_context_t *spdm_test_context;
    1386              :     libspdm_context_t *spdm_context;
    1387              :     size_t response_size;
    1388              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1389              :     spdm_psk_finish_response_t *spdm_response;
    1390              :     void *data1;
    1391              :     size_t data_size1;
    1392              :     uint8_t *ptr;
    1393              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1394              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1395              :     libspdm_session_info_t *session_info;
    1396              :     uint32_t session_id;
    1397              :     uint32_t hash_size;
    1398              :     uint32_t hmac_size;
    1399              : 
    1400            1 :     spdm_test_context = *state;
    1401            1 :     spdm_context = spdm_test_context->spdm_context;
    1402            1 :     spdm_test_context->case_id = 0xD;
    1403            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1404              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1405            1 :     spdm_context->connection_info.connection_state =
    1406              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1407            1 :     spdm_context->connection_info.capability.flags |=
    1408              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1409            1 :     spdm_context->local_context.capability.flags |=
    1410              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1411            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1412              :         m_libspdm_use_hash_algo;
    1413            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1414              :         m_libspdm_use_asym_algo;
    1415            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1416              :         m_libspdm_use_measurement_spec;
    1417            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1418              :         m_libspdm_use_measurement_hash_algo;
    1419            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1420              :         m_libspdm_use_dhe_algo;
    1421            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1422              :         m_libspdm_use_aead_algo;
    1423            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1424              :                                                     m_libspdm_use_asym_algo, &data1,
    1425              :                                                     &data_size1, NULL, NULL);
    1426            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1427            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1428              :         data_size1;
    1429            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1430            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1431              :         data_size1;
    1432              : 
    1433            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1434            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1435              : 
    1436            1 :     session_id = 0xFFFFFFFF;
    1437            1 :     spdm_context->latest_session_id = session_id;
    1438            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1439            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1440            1 :     session_info = &spdm_context->session_info[0];
    1441            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1442            1 :     libspdm_session_info_set_psk_hint(session_info,
    1443              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1444              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1445            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1446            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1447            1 :     libspdm_secured_message_set_request_finished_key(
    1448              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1449              :         hash_size);
    1450            1 :     libspdm_secured_message_set_session_state(
    1451              :         session_info->secured_message_context,
    1452              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1453              : 
    1454            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1455            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1456            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1457            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1458              :     /* transcript.message_a size is 0
    1459              :      * session_transcript.message_k is 0*/
    1460            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1461              :                                   sizeof(spdm_psk_finish_request_t));
    1462            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1463            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1464              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1465            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1466              :                      request_finished_key, hash_size, ptr);
    1467            1 :     libspdm_set_mem(ptr + hmac_size/2, hmac_size/2, (uint8_t) 0x00); /* half HMAC size*/
    1468            1 :     m_libspdm_psk_finish_request1_size =
    1469            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size/2;
    1470            1 :     response_size = sizeof(response);
    1471            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1472              :                                              m_libspdm_psk_finish_request1_size,
    1473              :                                              &m_libspdm_psk_finish_request1,
    1474              :                                              &response_size, response);
    1475            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1476            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1477            1 :     spdm_response = (void *)response;
    1478            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1479              :                      SPDM_ERROR);
    1480            1 :     assert_int_equal(spdm_response->header.param1,
    1481              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    1482            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1483            1 :     free(data1);
    1484            1 : }
    1485              : 
    1486              : /**
    1487              :  * Test 14: receiving a correct PSK_FINISH from the requester.
    1488              :  * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
    1489              :  * response message, and buffer F receives the exchanged PSK_FINISH and PSK_FINISH_RSP messages.
    1490              :  **/
    1491            1 : void libspdm_test_responder_psk_finish_case14(void **state)
    1492              : {
    1493              :     libspdm_return_t status;
    1494              :     libspdm_test_context_t *spdm_test_context;
    1495              :     libspdm_context_t *spdm_context;
    1496              :     size_t response_size;
    1497              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1498              :     spdm_psk_finish_response_t *spdm_response;
    1499              :     void *data1;
    1500              :     size_t data_size1;
    1501              :     uint8_t *ptr;
    1502              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1503              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1504              :     libspdm_session_info_t *session_info;
    1505              :     uint32_t session_id;
    1506              :     uint32_t hash_size;
    1507              :     uint32_t hmac_size;
    1508              : 
    1509            1 :     spdm_test_context = *state;
    1510            1 :     spdm_context = spdm_test_context->spdm_context;
    1511            1 :     spdm_test_context->case_id = 0xE;
    1512            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1513              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1514            1 :     spdm_context->connection_info.connection_state =
    1515              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1516            1 :     spdm_context->connection_info.capability.flags |=
    1517              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1518            1 :     spdm_context->local_context.capability.flags |=
    1519              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1520            1 :     spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
    1521            1 :     spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
    1522            1 :     spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
    1523            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1524              :         m_libspdm_use_measurement_hash_algo;
    1525            1 :     spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
    1526            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
    1527            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1528              :                                                     m_libspdm_use_asym_algo, &data1,
    1529              :                                                     &data_size1, NULL, NULL);
    1530            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1531            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
    1532            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1533            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size = data_size1;
    1534              : 
    1535            1 :     libspdm_reset_message_a(spdm_context);
    1536            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1537              : 
    1538            1 :     session_id = 0xFFFFFFFF;
    1539            1 :     spdm_context->latest_session_id = session_id;
    1540            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1541            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1542            1 :     session_info = &spdm_context->session_info[0];
    1543            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1544            1 :     libspdm_session_info_set_psk_hint(session_info,
    1545              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1546              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1547            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1548            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1549            1 :     libspdm_secured_message_set_request_finished_key(
    1550              :         session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
    1551            1 :     libspdm_secured_message_set_session_state(
    1552              :         session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
    1553              : 
    1554            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1555            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1556            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1557            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1558              :     /* transcript.message_a size is 0
    1559              :      * session_transcript.message_k is 0*/
    1560            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1561              :                                   sizeof(spdm_psk_finish_request_t));
    1562            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1563            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1564              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1565            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1566              :                      request_finished_key, hash_size, ptr);
    1567            1 :     m_libspdm_psk_finish_request1_size = sizeof(spdm_psk_finish_request_t) + hmac_size;
    1568            1 :     response_size = sizeof(response);
    1569            1 :     status = libspdm_get_response_psk_finish(
    1570              :         spdm_context, m_libspdm_psk_finish_request1_size, &m_libspdm_psk_finish_request1,
    1571              :         &response_size, response);
    1572            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1573            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
    1574            1 :     spdm_response = (void *)response;
    1575            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
    1576              : 
    1577              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    1578              :     assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
    1579              :                      m_libspdm_psk_finish_request1_size + response_size);
    1580              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
    1581              :                         &m_libspdm_psk_finish_request1, m_libspdm_psk_finish_request1_size);
    1582              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer +
    1583              :                         m_libspdm_psk_finish_request1_size, response, response_size);
    1584              : #endif
    1585              : 
    1586            1 :     free(data1);
    1587            1 : }
    1588              : 
    1589              : /**
    1590              :  * Test 15: SPDM version 1.4, with OpaqueData.
    1591              :  * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
    1592              :  * response message.
    1593              :  **/
    1594            1 : void libspdm_test_responder_psk_finish_case15(void **state)
    1595              : {
    1596              :     libspdm_return_t status;
    1597              :     libspdm_test_context_t *spdm_test_context;
    1598              :     libspdm_context_t *spdm_context;
    1599              :     size_t response_size;
    1600              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1601              :     spdm_psk_finish_response_t *spdm_response;
    1602              :     void *data1;
    1603              :     size_t data_size1;
    1604              :     uint8_t *ptr;
    1605              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1606              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1607              :     libspdm_session_info_t *session_info;
    1608              :     uint32_t session_id;
    1609              :     uint32_t hash_size;
    1610              :     uint32_t hmac_size;
    1611              : 
    1612            1 :     spdm_test_context = *state;
    1613            1 :     spdm_context = spdm_test_context->spdm_context;
    1614            1 :     spdm_test_context->case_id = 0xF;
    1615            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
    1616              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1617            1 :     spdm_context->connection_info.connection_state =
    1618              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1619            1 :     spdm_context->connection_info.capability.flags |=
    1620              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1621            1 :     spdm_context->local_context.capability.flags |=
    1622              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1623            1 :     spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
    1624            1 :     spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
    1625            1 :     spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
    1626            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1627              :         m_libspdm_use_measurement_hash_algo;
    1628            1 :     spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
    1629            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
    1630            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1631              :                                                     m_libspdm_use_asym_algo, &data1,
    1632              :                                                     &data_size1, NULL, NULL);
    1633            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1634            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
    1635            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1636            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size = data_size1;
    1637              : 
    1638            1 :     libspdm_reset_message_a(spdm_context);
    1639            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1640              : 
    1641            1 :     session_id = 0xFFFFFFFF;
    1642            1 :     spdm_context->latest_session_id = session_id;
    1643            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1644            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1645            1 :     session_info = &spdm_context->session_info[0];
    1646            1 :     libspdm_session_info_init(spdm_context, session_info, session_id, true);
    1647            1 :     libspdm_session_info_set_psk_hint(session_info,
    1648              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1649              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1650            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1651            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1652            1 :     libspdm_secured_message_set_request_finished_key(
    1653              :         session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
    1654            1 :     libspdm_secured_message_set_session_state(
    1655              :         session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
    1656              : 
    1657            1 :     m_libspdm_psk_finish_request3.opaque_data_size =
    1658              :         sizeof(m_libspdm_psk_finish_request3.opaque_data);
    1659            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1660            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1661            1 :     ptr = m_libspdm_psk_finish_request3.verify_data;
    1662            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1663              :     /* transcript.message_a size is 0
    1664              :      * session_transcript.message_k is 0*/
    1665            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request3,
    1666              :                                   sizeof(spdm_psk_finish_request_t) + sizeof(uint16_t) +
    1667            1 :                                   m_libspdm_psk_finish_request3.opaque_data_size);
    1668            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1669            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1670              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1671            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1672              :                      request_finished_key, hash_size, ptr);
    1673            1 :     m_libspdm_psk_finish_request3_size = sizeof(spdm_psk_finish_request_t) + hmac_size +
    1674            1 :                                          sizeof(uint16_t) +
    1675            1 :                                          m_libspdm_psk_finish_request3.opaque_data_size;
    1676            1 :     response_size = sizeof(response);
    1677            1 :     status = libspdm_get_response_psk_finish(
    1678              :         spdm_context, m_libspdm_psk_finish_request3_size, &m_libspdm_psk_finish_request3,
    1679              :         &response_size, response);
    1680            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1681            1 :     ptr = (uint8_t *)response + sizeof(spdm_psk_finish_response_t);
    1682            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t) +
    1683              :                      sizeof(uint16_t) + libspdm_read_uint16(ptr));
    1684            1 :     spdm_response = (void *)response;
    1685            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
    1686              : 
    1687            1 :     free(data1);
    1688            1 : }
    1689              : 
    1690            1 : int libspdm_responder_psk_finish_test_main(void)
    1691              : {
    1692            1 :     const struct CMUnitTest spdm_responder_psk_finish_tests[] = {
    1693              :         /* Success Case*/
    1694              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case1),
    1695              :         /* Bad request size*/
    1696              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case2),
    1697              :         /* response_state: SPDM_RESPONSE_STATE_BUSY*/
    1698              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case3),
    1699              :         /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
    1700              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case4),
    1701              :         #if LIBSPDM_RESPOND_IF_READY_SUPPORT
    1702              :         /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
    1703              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case5),
    1704              :         #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
    1705              :         /* connection_state Check*/
    1706              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case6),
    1707              :         /* Buffer reset*/
    1708              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case7),
    1709              :         /* Unsupported PSK capabilities*/
    1710              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case8),
    1711              :         /* Uninitialized session*/
    1712              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case9),
    1713              :         /* Incorrect MAC*/
    1714              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case10),
    1715              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case11),
    1716              :         /* Incorrect MAC size*/
    1717              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case12),
    1718              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case13),
    1719              :         /* Buffer verification*/
    1720              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case14),
    1721              :         /* SPDM 1.4 with OpaqueData */
    1722              :         cmocka_unit_test(libspdm_test_responder_psk_finish_case15),
    1723              :     };
    1724              : 
    1725            1 :     libspdm_test_context_t test_context = {
    1726              :         LIBSPDM_TEST_CONTEXT_VERSION,
    1727              :         false,
    1728              :     };
    1729              : 
    1730            1 :     libspdm_setup_test_context(&test_context);
    1731              : 
    1732            1 :     return cmocka_run_group_tests(spdm_responder_psk_finish_tests,
    1733              :                                   libspdm_unit_test_group_setup,
    1734              :                                   libspdm_unit_test_group_teardown);
    1735              : }
    1736              : 
    1737              : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
        

Generated by: LCOV version 2.0-1