LCOV - code coverage report
Current view: top level - unit_test/test_spdm_responder - psk_finish_rsp.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 100.0 % 788 788
Test Date: 2025-10-12 08:10:56 Functions: 100.0 % 17 17

            Line data    Source code
       1              : /**
       2              :  *  Copyright Notice:
       3              :  *  Copyright 2021-2025 DMTF. All rights reserved.
       4              :  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
       5              :  **/
       6              : 
       7              : #include "spdm_unit_test.h"
       8              : #include "internal/libspdm_responder_lib.h"
       9              : #include "internal/libspdm_secured_message_lib.h"
      10              : 
      11              : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
      12              : #pragma pack(1)
      13              : typedef struct {
      14              :     spdm_message_header_t header;
      15              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      16              : } libspdm_psk_finish_request_mine_t;
      17              : 
      18              : typedef struct {
      19              :     spdm_message_header_t header;
      20              :     uint16_t opaque_data_size;
      21              :     uint8_t opaque_data[8];
      22              :     uint8_t verify_data[LIBSPDM_MAX_HASH_SIZE];
      23              : } libspdm_psk_finish_request_mine_14_t;
      24              : #pragma pack()
      25              : 
      26              : static libspdm_th_managed_buffer_t th_curr;
      27              : 
      28              : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request1 = {
      29              :     { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
      30              : };
      31              : size_t m_libspdm_psk_finish_request1_size = sizeof(m_libspdm_psk_finish_request1);
      32              : 
      33              : libspdm_psk_finish_request_mine_t m_libspdm_psk_finish_request2 = {
      34              :     { SPDM_MESSAGE_VERSION_11, SPDM_PSK_FINISH, 0, 0 },
      35              : };
      36              : size_t m_libspdm_psk_finish_request2_size = LIBSPDM_MAX_SPDM_MSG_SIZE;
      37              : 
      38              : libspdm_psk_finish_request_mine_14_t m_libspdm_psk_finish_request3 = {
      39              :     { SPDM_MESSAGE_VERSION_14, SPDM_PSK_FINISH, 0, 0 },
      40              : };
      41              : size_t m_libspdm_psk_finish_request3_size = sizeof(m_libspdm_psk_finish_request3);
      42              : 
      43              : static uint8_t m_libspdm_dummy_buffer[LIBSPDM_MAX_HASH_SIZE];
      44              : 
      45           15 : static void libspdm_secured_message_set_request_finished_key(
      46              :     void *spdm_secured_message_context, const void *key, size_t key_size)
      47              : {
      48              :     libspdm_secured_message_context_t *secured_message_context;
      49              : 
      50           15 :     secured_message_context = spdm_secured_message_context;
      51           15 :     LIBSPDM_ASSERT(key_size == secured_message_context->hash_size);
      52           15 :     libspdm_copy_mem(secured_message_context->handshake_secret.request_finished_key,
      53              :                      sizeof(secured_message_context->handshake_secret.request_finished_key),
      54              :                      key, secured_message_context->hash_size);
      55           15 : }
      56              : 
      57              : /**
      58              :  * Test 1: receiving a correct PSK_FINISH message from the requester with a
      59              :  * correct MAC.
      60              :  * Expected behavior: the responder accepts the request and produces a valid
      61              :  * PSK_FINISH_RSP response message.
      62              :  **/
      63            1 : static void rsp_psk_finish_rsp_case1(void **state)
      64              : {
      65              :     libspdm_return_t status;
      66              :     libspdm_test_context_t *spdm_test_context;
      67              :     libspdm_context_t *spdm_context;
      68              :     size_t response_size;
      69              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
      70              :     spdm_psk_finish_response_t *spdm_response;
      71              :     void *data1;
      72              :     size_t data_size1;
      73              :     uint8_t *ptr;
      74              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
      75              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
      76              :     libspdm_session_info_t *session_info;
      77              :     uint32_t session_id;
      78              :     uint32_t hash_size;
      79              :     uint32_t hmac_size;
      80              : 
      81            1 :     spdm_test_context = *state;
      82            1 :     spdm_context = spdm_test_context->spdm_context;
      83            1 :     spdm_test_context->case_id = 0x1;
      84            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
      85              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
      86            1 :     spdm_context->connection_info.connection_state =
      87              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
      88            1 :     spdm_context->connection_info.capability.flags |=
      89              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
      90            1 :     spdm_context->local_context.capability.flags |=
      91              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
      92            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
      93              :         m_libspdm_use_hash_algo;
      94            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
      95              :         m_libspdm_use_asym_algo;
      96            1 :     spdm_context->connection_info.algorithm.measurement_spec =
      97              :         m_libspdm_use_measurement_spec;
      98            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
      99              :         m_libspdm_use_measurement_hash_algo;
     100            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     101              :         m_libspdm_use_dhe_algo;
     102            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     103              :         m_libspdm_use_aead_algo;
     104            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     105              :                                                     m_libspdm_use_asym_algo, &data1,
     106              :                                                     &data_size1, NULL, NULL);
     107            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     108            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     109              :         data_size1;
     110            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     111            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     112              :         data_size1;
     113              : 
     114            1 :     libspdm_reset_message_a(spdm_context);
     115            1 :     spdm_context->local_context.mut_auth_requested = 0;
     116              : 
     117            1 :     session_id = 0xFFFFFFFF;
     118            1 :     spdm_context->latest_session_id = session_id;
     119            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     120            1 :     spdm_context->last_spdm_request_session_id = session_id;
     121            1 :     session_info = &spdm_context->session_info[0];
     122            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     123              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     124            1 :     libspdm_session_info_set_psk_hint(session_info,
     125              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     126              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     127            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     128            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     129            1 :     libspdm_secured_message_set_request_finished_key(
     130              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     131              :         hash_size);
     132            1 :     libspdm_secured_message_set_session_state(
     133              :         session_info->secured_message_context,
     134              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     135              : 
     136            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     137            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     138            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     139            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     140              :     /* transcript.message_a size is 0
     141              :      * session_transcript.message_k is 0*/
     142            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     143              :                                   sizeof(spdm_psk_finish_request_t));
     144            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     145            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     146              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     147            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     148              :                      request_finished_key, hash_size, ptr);
     149            1 :     m_libspdm_psk_finish_request1_size =
     150            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     151            1 :     response_size = sizeof(response);
     152            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     153              :                                              m_libspdm_psk_finish_request1_size,
     154              :                                              &m_libspdm_psk_finish_request1,
     155              :                                              &response_size, response);
     156            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     157            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
     158            1 :     spdm_response = (void *)response;
     159            1 :     assert_int_equal(spdm_response->header.request_response_code,
     160              :                      SPDM_PSK_FINISH_RSP);
     161            1 :     free(data1);
     162            1 : }
     163              : 
     164              : /**
     165              :  * Test 2: receiving a PSK_FINISH message larger than specified.
     166              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     167              :  * produces an ERROR message indicating the InvalidRequest.
     168              :  **/
     169            1 : static void rsp_psk_finish_rsp_case2(void **state)
     170              : {
     171              :     libspdm_return_t status;
     172              :     libspdm_test_context_t *spdm_test_context;
     173              :     libspdm_context_t *spdm_context;
     174              :     size_t response_size;
     175              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     176              :     spdm_psk_finish_response_t *spdm_response;
     177              :     void *data1;
     178              :     size_t data_size1;
     179              :     uint8_t *ptr;
     180              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     181              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     182              :     libspdm_session_info_t *session_info;
     183              :     uint32_t session_id;
     184              :     uint32_t hash_size;
     185              : 
     186            1 :     spdm_test_context = *state;
     187            1 :     spdm_context = spdm_test_context->spdm_context;
     188            1 :     spdm_test_context->case_id = 0x2;
     189            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     190              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     191            1 :     spdm_context->connection_info.connection_state =
     192              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     193            1 :     spdm_context->connection_info.capability.flags |=
     194              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     195            1 :     spdm_context->local_context.capability.flags |=
     196              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     197            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     198              :         m_libspdm_use_hash_algo;
     199            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     200              :         m_libspdm_use_asym_algo;
     201            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     202              :         m_libspdm_use_measurement_spec;
     203            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     204              :         m_libspdm_use_measurement_hash_algo;
     205            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     206              :         m_libspdm_use_dhe_algo;
     207            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     208              :         m_libspdm_use_aead_algo;
     209            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     210              :                                                     m_libspdm_use_asym_algo, &data1,
     211              :                                                     &data_size1, NULL, NULL);
     212            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     213            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     214              :         data_size1;
     215            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     216            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     217              :         data_size1;
     218              : 
     219            1 :     libspdm_reset_message_a(spdm_context);
     220            1 :     spdm_context->local_context.mut_auth_requested = 0;
     221              : 
     222            1 :     session_id = 0xFFFFFFFF;
     223            1 :     spdm_context->latest_session_id = session_id;
     224            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     225            1 :     spdm_context->last_spdm_request_session_id = session_id;
     226            1 :     session_info = &spdm_context->session_info[0];
     227            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     228              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     229            1 :     libspdm_session_info_set_psk_hint(session_info,
     230              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     231              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     232            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     233            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     234            1 :     libspdm_secured_message_set_request_finished_key(
     235              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     236              :         hash_size);
     237            1 :     libspdm_secured_message_set_session_state(
     238              :         session_info->secured_message_context,
     239              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     240              : 
     241            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     242            1 :     ptr = m_libspdm_psk_finish_request2.verify_data;
     243            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     244              :     /* transcript.message_a size is 0
     245              :      * session_transcript.message_k is 0*/
     246            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request2,
     247              :                                   sizeof(spdm_psk_finish_request_t));
     248            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     249            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     250              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     251            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     252              :                      request_finished_key, hash_size, ptr);
     253            1 :     response_size = sizeof(response);
     254            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     255              :                                              m_libspdm_psk_finish_request2_size,
     256              :                                              &m_libspdm_psk_finish_request2,
     257              :                                              &response_size, response);
     258            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     259            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     260            1 :     spdm_response = (void *)response;
     261            1 :     assert_int_equal(spdm_response->header.request_response_code,
     262              :                      SPDM_ERROR);
     263            1 :     assert_int_equal(spdm_response->header.param1,
     264              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
     265            1 :     assert_int_equal(spdm_response->header.param2, 0);
     266            1 :     free(data1);
     267            1 : }
     268              : 
     269              : /**
     270              :  * Test 3: receiving a correct PSK_FINISH from the requester, but the
     271              :  * responder is in a Busy state.
     272              :  * Expected behavior: the responder accepts the request, but produces an
     273              :  * ERROR message indicating the Busy state.
     274              :  **/
     275            1 : static void rsp_psk_finish_rsp_case3(void **state)
     276              : {
     277              :     libspdm_return_t status;
     278              :     libspdm_test_context_t *spdm_test_context;
     279              :     libspdm_context_t *spdm_context;
     280              :     size_t response_size;
     281              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     282              :     spdm_psk_finish_response_t *spdm_response;
     283              :     void *data1;
     284              :     size_t data_size1;
     285              :     uint8_t *ptr;
     286              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     287              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     288              :     libspdm_session_info_t *session_info;
     289              :     uint32_t session_id;
     290              :     uint32_t hash_size;
     291              :     uint32_t hmac_size;
     292              : 
     293            1 :     spdm_test_context = *state;
     294            1 :     spdm_context = spdm_test_context->spdm_context;
     295            1 :     spdm_test_context->case_id = 0x3;
     296            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     297              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     298            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_BUSY;
     299            1 :     spdm_context->connection_info.connection_state =
     300              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     301            1 :     spdm_context->connection_info.capability.flags |=
     302              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     303            1 :     spdm_context->local_context.capability.flags |=
     304              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     305            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     306              :         m_libspdm_use_hash_algo;
     307            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     308              :         m_libspdm_use_asym_algo;
     309            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     310              :         m_libspdm_use_measurement_spec;
     311            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     312              :         m_libspdm_use_measurement_hash_algo;
     313            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     314              :         m_libspdm_use_dhe_algo;
     315            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     316              :         m_libspdm_use_aead_algo;
     317            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     318              :                                                     m_libspdm_use_asym_algo, &data1,
     319              :                                                     &data_size1, NULL, NULL);
     320            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     321            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     322              :         data_size1;
     323            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     324            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     325              :         data_size1;
     326              : 
     327            1 :     libspdm_reset_message_a(spdm_context);
     328            1 :     spdm_context->local_context.mut_auth_requested = 0;
     329              : 
     330            1 :     session_id = 0xFFFFFFFF;
     331            1 :     spdm_context->latest_session_id = session_id;
     332            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     333            1 :     spdm_context->last_spdm_request_session_id = session_id;
     334            1 :     session_info = &spdm_context->session_info[0];
     335            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     336              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     337            1 :     libspdm_session_info_set_psk_hint(session_info,
     338              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     339              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     340            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     341            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     342            1 :     libspdm_secured_message_set_request_finished_key(
     343              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     344              :         hash_size);
     345            1 :     libspdm_secured_message_set_session_state(
     346              :         session_info->secured_message_context,
     347              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     348              : 
     349            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     350            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     351            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     352            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     353              :     /* transcript.message_a size is 0
     354              :      * session_transcript.message_k is 0*/
     355            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     356              :                                   sizeof(spdm_psk_finish_request_t));
     357            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     358            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     359              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     360            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     361              :                      request_finished_key, hash_size, ptr);
     362            1 :     m_libspdm_psk_finish_request1_size =
     363            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     364            1 :     response_size = sizeof(response);
     365            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     366              :                                              m_libspdm_psk_finish_request1_size,
     367              :                                              &m_libspdm_psk_finish_request1,
     368              :                                              &response_size, response);
     369            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     370            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     371            1 :     spdm_response = (void *)response;
     372            1 :     assert_int_equal(spdm_response->header.request_response_code,
     373              :                      SPDM_ERROR);
     374            1 :     assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_BUSY);
     375            1 :     assert_int_equal(spdm_response->header.param2, 0);
     376            1 :     assert_int_equal(spdm_context->response_state,
     377              :                      LIBSPDM_RESPONSE_STATE_BUSY);
     378            1 :     free(data1);
     379            1 : }
     380              : 
     381              : /**
     382              :  * Test 4: receiving a correct PSK_FINISH from the requester, but the
     383              :  * responder requires resynchronization with the requester.
     384              :  * Expected behavior: the responder accepts the request, but produces an
     385              :  * ERROR message indicating the NeedResynch state.
     386              :  **/
     387            1 : static void rsp_psk_finish_rsp_case4(void **state)
     388              : {
     389              :     libspdm_return_t status;
     390              :     libspdm_test_context_t *spdm_test_context;
     391              :     libspdm_context_t *spdm_context;
     392              :     size_t response_size;
     393              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     394              :     spdm_psk_finish_response_t *spdm_response;
     395              :     void *data1;
     396              :     size_t data_size1;
     397              :     uint8_t *ptr;
     398              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     399              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     400              :     libspdm_session_info_t *session_info;
     401              :     uint32_t session_id;
     402              :     uint32_t hash_size;
     403              :     uint32_t hmac_size;
     404              : 
     405            1 :     spdm_test_context = *state;
     406            1 :     spdm_context = spdm_test_context->spdm_context;
     407            1 :     spdm_test_context->case_id = 0x4;
     408            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     409              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     410            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NEED_RESYNC;
     411            1 :     spdm_context->connection_info.connection_state =
     412              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     413            1 :     spdm_context->connection_info.capability.flags |=
     414              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     415            1 :     spdm_context->local_context.capability.flags |=
     416              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     417            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     418              :         m_libspdm_use_hash_algo;
     419            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     420              :         m_libspdm_use_asym_algo;
     421            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     422              :         m_libspdm_use_measurement_spec;
     423            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     424              :         m_libspdm_use_measurement_hash_algo;
     425            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     426              :         m_libspdm_use_dhe_algo;
     427            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     428              :         m_libspdm_use_aead_algo;
     429            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     430              :                                                     m_libspdm_use_asym_algo, &data1,
     431              :                                                     &data_size1, NULL, NULL);
     432            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     433            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     434              :         data_size1;
     435            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     436            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     437              :         data_size1;
     438              : 
     439            1 :     libspdm_reset_message_a(spdm_context);
     440            1 :     spdm_context->local_context.mut_auth_requested = 0;
     441              : 
     442            1 :     session_id = 0xFFFFFFFF;
     443            1 :     spdm_context->latest_session_id = session_id;
     444            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     445            1 :     spdm_context->last_spdm_request_session_id = session_id;
     446            1 :     session_info = &spdm_context->session_info[0];
     447            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     448              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     449            1 :     libspdm_session_info_set_psk_hint(session_info,
     450              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     451              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     452            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     453            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     454            1 :     libspdm_secured_message_set_request_finished_key(
     455              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     456              :         hash_size);
     457            1 :     libspdm_secured_message_set_session_state(
     458              :         session_info->secured_message_context,
     459              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     460              : 
     461            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     462            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     463            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     464            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     465              :     /* transcript.message_a size is 0
     466              :      * session_transcript.message_k is 0*/
     467            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     468              :                                   sizeof(spdm_psk_finish_request_t));
     469            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     470            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     471              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     472            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     473              :                      request_finished_key, hash_size, ptr);
     474            1 :     m_libspdm_psk_finish_request1_size =
     475            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     476            1 :     response_size = sizeof(response);
     477            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     478              :                                              m_libspdm_psk_finish_request1_size,
     479              :                                              &m_libspdm_psk_finish_request1,
     480              :                                              &response_size, response);
     481            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     482            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     483            1 :     spdm_response = (void *)response;
     484            1 :     assert_int_equal(spdm_response->header.request_response_code,
     485              :                      SPDM_ERROR);
     486            1 :     assert_int_equal(spdm_response->header.param1,
     487              :                      SPDM_ERROR_CODE_REQUEST_RESYNCH);
     488            1 :     assert_int_equal(spdm_response->header.param2, 0);
     489            1 :     assert_int_equal(spdm_context->response_state,
     490              :                      LIBSPDM_RESPONSE_STATE_NEED_RESYNC);
     491            1 :     free(data1);
     492            1 : }
     493              : 
     494              : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
     495              : /**
     496              :  * Test 5: receiving a correct PSK_FINISH from the requester, but the
     497              :  * responder could not produce the response in time.
     498              :  * Expected behavior: the responder accepts the request, but produces an
     499              :  * ERROR message indicating the ResponseNotReady state.
     500              :  **/
     501            1 : static void rsp_psk_finish_rsp_case5(void **state)
     502              : {
     503              :     libspdm_return_t status;
     504              :     libspdm_test_context_t *spdm_test_context;
     505              :     libspdm_context_t *spdm_context;
     506              :     size_t response_size;
     507              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     508              :     spdm_psk_finish_response_t *spdm_response;
     509              :     void *data1;
     510              :     size_t data_size1;
     511              :     uint8_t *ptr;
     512              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     513              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     514              :     libspdm_session_info_t *session_info;
     515              :     uint32_t session_id;
     516              :     uint32_t hash_size;
     517              :     uint32_t hmac_size;
     518              :     spdm_error_data_response_not_ready_t *error_data;
     519              : 
     520            1 :     spdm_test_context = *state;
     521            1 :     spdm_context = spdm_test_context->spdm_context;
     522            1 :     spdm_test_context->case_id = 0x5;
     523            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     524              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     525            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NOT_READY;
     526            1 :     spdm_context->connection_info.connection_state =
     527              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     528            1 :     spdm_context->connection_info.capability.flags |=
     529              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     530            1 :     spdm_context->local_context.capability.flags |=
     531              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     532            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     533              :         m_libspdm_use_hash_algo;
     534            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     535              :         m_libspdm_use_asym_algo;
     536            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     537              :         m_libspdm_use_measurement_spec;
     538            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     539              :         m_libspdm_use_measurement_hash_algo;
     540            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     541              :         m_libspdm_use_dhe_algo;
     542            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     543              :         m_libspdm_use_aead_algo;
     544            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     545              :                                                     m_libspdm_use_asym_algo, &data1,
     546              :                                                     &data_size1, NULL, NULL);
     547            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     548            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     549              :         data_size1;
     550            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     551            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     552              :         data_size1;
     553              : 
     554            1 :     libspdm_reset_message_a(spdm_context);
     555            1 :     spdm_context->local_context.mut_auth_requested = 0;
     556              : 
     557            1 :     session_id = 0xFFFFFFFF;
     558            1 :     spdm_context->latest_session_id = session_id;
     559            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     560            1 :     spdm_context->last_spdm_request_session_id = session_id;
     561            1 :     session_info = &spdm_context->session_info[0];
     562            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     563              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     564            1 :     libspdm_session_info_set_psk_hint(session_info,
     565              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     566              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     567            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     568            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     569            1 :     libspdm_secured_message_set_request_finished_key(
     570              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     571              :         hash_size);
     572            1 :     libspdm_secured_message_set_session_state(
     573              :         session_info->secured_message_context,
     574              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     575              : 
     576            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     577            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     578            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     579            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     580              :     /* transcript.message_a size is 0
     581              :      * session_transcript.message_k is 0*/
     582            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     583              :                                   sizeof(spdm_psk_finish_request_t));
     584            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     585            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     586              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     587            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     588              :                      request_finished_key, hash_size, ptr);
     589            1 :     m_libspdm_psk_finish_request1_size =
     590            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     591            1 :     response_size = sizeof(response);
     592            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     593              :                                              m_libspdm_psk_finish_request1_size,
     594              :                                              &m_libspdm_psk_finish_request1,
     595              :                                              &response_size, response);
     596            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     597            1 :     assert_int_equal(response_size,
     598              :                      sizeof(spdm_error_response_t) +
     599              :                      sizeof(spdm_error_data_response_not_ready_t));
     600            1 :     spdm_response = (void *)response;
     601            1 :     error_data =
     602              :         (spdm_error_data_response_not_ready_t *)(spdm_response + 1);
     603            1 :     assert_int_equal(spdm_response->header.request_response_code,
     604              :                      SPDM_ERROR);
     605            1 :     assert_int_equal(spdm_response->header.param1,
     606              :                      SPDM_ERROR_CODE_RESPONSE_NOT_READY);
     607            1 :     assert_int_equal(spdm_response->header.param2, 0);
     608            1 :     assert_int_equal(spdm_context->response_state,
     609              :                      LIBSPDM_RESPONSE_STATE_NOT_READY);
     610            1 :     assert_int_equal(error_data->request_code, SPDM_PSK_FINISH);
     611            1 :     free(data1);
     612            1 : }
     613              : #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
     614              : 
     615              : /**
     616              :  * Test 6: receiving a correct PSK_FINISH from the requester, but the
     617              :  * responder is not set no receive a PSK-FINISH message because previous
     618              :  * messages (namely, GET_CAPABILITIES, NEGOTIATE_ALGORITHMS or
     619              :  * GET_DIGESTS) have not been received.
     620              :  * Expected behavior: the responder rejects the request, and produces an
     621              :  * ERROR message indicating the UnexpectedRequest.
     622              :  **/
     623            1 : static void rsp_psk_finish_rsp_case6(void **state)
     624              : {
     625              :     libspdm_return_t status;
     626              :     libspdm_test_context_t *spdm_test_context;
     627              :     libspdm_context_t *spdm_context;
     628              :     size_t response_size;
     629              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     630              :     spdm_psk_finish_response_t *spdm_response;
     631              :     void *data1;
     632              :     size_t data_size1;
     633              :     uint8_t *ptr;
     634              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     635              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     636              :     libspdm_session_info_t *session_info;
     637              :     uint32_t session_id;
     638              :     uint32_t hash_size;
     639              :     uint32_t hmac_size;
     640              : 
     641            1 :     spdm_test_context = *state;
     642            1 :     spdm_context = spdm_test_context->spdm_context;
     643            1 :     spdm_test_context->case_id = 0x6;
     644            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     645              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     646            1 :     spdm_context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
     647            1 :     spdm_context->connection_info.connection_state =
     648              :         LIBSPDM_CONNECTION_STATE_NOT_STARTED;
     649            1 :     spdm_context->connection_info.capability.flags |=
     650              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     651            1 :     spdm_context->local_context.capability.flags |=
     652              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     653            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     654              :         m_libspdm_use_hash_algo;
     655            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     656              :         m_libspdm_use_asym_algo;
     657            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     658              :         m_libspdm_use_measurement_spec;
     659            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     660              :         m_libspdm_use_measurement_hash_algo;
     661            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     662              :         m_libspdm_use_dhe_algo;
     663            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     664              :         m_libspdm_use_aead_algo;
     665            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     666              :                                                     m_libspdm_use_asym_algo, &data1,
     667              :                                                     &data_size1, NULL, NULL);
     668            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     669            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     670              :         data_size1;
     671            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     672            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     673              :         data_size1;
     674              : 
     675            1 :     libspdm_reset_message_a(spdm_context);
     676            1 :     spdm_context->local_context.mut_auth_requested = 0;
     677              : 
     678            1 :     session_id = 0xFFFFFFFF;
     679            1 :     spdm_context->latest_session_id = session_id;
     680            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     681            1 :     spdm_context->last_spdm_request_session_id = session_id;
     682            1 :     session_info = &spdm_context->session_info[0];
     683            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     684              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     685            1 :     libspdm_session_info_set_psk_hint(session_info,
     686              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     687              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     688            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     689            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     690            1 :     libspdm_secured_message_set_request_finished_key(
     691              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     692              :         hash_size);
     693            1 :     libspdm_secured_message_set_session_state(
     694              :         session_info->secured_message_context,
     695              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     696              : 
     697            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     698            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     699            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     700            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     701              :     /* transcript.message_a size is 0
     702              :      * session_transcript.message_k is 0*/
     703            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     704              :                                   sizeof(spdm_psk_finish_request_t));
     705            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     706            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     707              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     708            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     709              :                      request_finished_key, hash_size, ptr);
     710            1 :     m_libspdm_psk_finish_request1_size =
     711            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     712            1 :     response_size = sizeof(response);
     713            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     714              :                                              m_libspdm_psk_finish_request1_size,
     715              :                                              &m_libspdm_psk_finish_request1,
     716              :                                              &response_size, response);
     717            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     718            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     719            1 :     spdm_response = (void *)response;
     720            1 :     assert_int_equal(spdm_response->header.request_response_code,
     721              :                      SPDM_ERROR);
     722            1 :     assert_int_equal(spdm_response->header.param1,
     723              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
     724            1 :     assert_int_equal(spdm_response->header.param2, 0);
     725            1 :     free(data1);
     726            1 : }
     727              : 
     728            1 : static void rsp_psk_finish_rsp_case7(void **state)
     729              : {
     730              :     libspdm_return_t status;
     731              :     libspdm_test_context_t *spdm_test_context;
     732              :     libspdm_context_t *spdm_context;
     733              :     size_t response_size;
     734              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     735              :     spdm_psk_finish_response_t *spdm_response;
     736              :     void *data1;
     737              :     size_t data_size1;
     738              :     uint8_t *ptr;
     739              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     740              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     741              :     libspdm_session_info_t *session_info;
     742              :     uint32_t session_id;
     743              :     uint32_t hash_size;
     744              :     uint32_t hmac_size;
     745              : 
     746            1 :     spdm_test_context = *state;
     747            1 :     spdm_context = spdm_test_context->spdm_context;
     748            1 :     spdm_test_context->case_id = 0x7;
     749            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     750              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     751            1 :     spdm_context->connection_info.connection_state =
     752              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     753            1 :     spdm_context->connection_info.capability.flags |=
     754              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     755            1 :     spdm_context->local_context.capability.flags |=
     756              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     757            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     758              :         m_libspdm_use_hash_algo;
     759            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     760              :         m_libspdm_use_asym_algo;
     761            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     762              :         m_libspdm_use_measurement_spec;
     763            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     764              :         m_libspdm_use_measurement_hash_algo;
     765            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     766              :         m_libspdm_use_dhe_algo;
     767            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     768              :         m_libspdm_use_aead_algo;
     769            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     770              :                                                     m_libspdm_use_asym_algo, &data1,
     771              :                                                     &data_size1, NULL, NULL);
     772            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     773            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     774              :         data_size1;
     775            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     776            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     777              :         data_size1;
     778              : 
     779            1 :     libspdm_reset_message_a(spdm_context);
     780            1 :     spdm_context->local_context.mut_auth_requested = 0;
     781              : 
     782            1 :     session_id = 0xFFFFFFFF;
     783            1 :     spdm_context->latest_session_id = session_id;
     784            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     785            1 :     spdm_context->last_spdm_request_session_id = session_id;
     786            1 :     session_info = &spdm_context->session_info[0];
     787            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     788              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     789            1 :     libspdm_session_info_set_psk_hint(session_info,
     790              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     791              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     792            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     793            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     794            1 :     libspdm_secured_message_set_request_finished_key(
     795              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     796              :         hash_size);
     797            1 :     libspdm_secured_message_set_session_state(
     798              :         session_info->secured_message_context,
     799              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     800              : 
     801            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     802            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     803            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     804            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     805              :     /* transcript.message_a size is 0
     806              :      * session_transcript.message_k is 0*/
     807            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     808              :                                   sizeof(spdm_psk_finish_request_t));
     809              : 
     810              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     811              :     session_info->session_transcript.message_m.buffer_size =
     812              :         session_info->session_transcript.message_m.max_buffer_size;
     813              :     spdm_context->transcript.message_b.buffer_size =
     814              :         spdm_context->transcript.message_b.max_buffer_size;
     815              :     spdm_context->transcript.message_c.buffer_size =
     816              :         spdm_context->transcript.message_c.max_buffer_size;
     817              :     spdm_context->transcript.message_mut_b.buffer_size =
     818              :         spdm_context->transcript.message_mut_b.max_buffer_size;
     819              :     spdm_context->transcript.message_mut_c.buffer_size =
     820              :         spdm_context->transcript.message_mut_c.max_buffer_size;
     821              : #endif
     822              : 
     823            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     824            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     825              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     826            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     827              :                      request_finished_key, hash_size, ptr);
     828            1 :     m_libspdm_psk_finish_request1_size =
     829            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     830            1 :     response_size = sizeof(response);
     831            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     832              :                                              m_libspdm_psk_finish_request1_size,
     833              :                                              &m_libspdm_psk_finish_request1,
     834              :                                              &response_size, response);
     835            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     836            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
     837            1 :     spdm_response = (void *)response;
     838            1 :     assert_int_equal(spdm_response->header.request_response_code,
     839              :                      SPDM_PSK_FINISH_RSP);
     840              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
     841              :     assert_int_equal(session_info->session_transcript.message_m.buffer_size, 0);
     842              :     assert_int_equal(spdm_context->transcript.message_b.buffer_size, 0);
     843              :     assert_int_equal(spdm_context->transcript.message_c.buffer_size, 0);
     844              :     assert_int_equal(spdm_context->transcript.message_mut_b.buffer_size, 0);
     845              :     assert_int_equal(spdm_context->transcript.message_mut_c.buffer_size, 0);
     846              : #endif
     847              : 
     848            1 :     free(data1);
     849            1 : }
     850              : 
     851              : /**
     852              :  * Test 8: receiving a correct PSK_FINISH message from the requester, but
     853              :  * the responder has no capabilities for pre-shared keys.
     854              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     855              :  * produces an ERROR message indicating the UnsupportedRequest.
     856              :  **/
     857            1 : static void rsp_psk_finish_rsp_case8(void **state)
     858              : {
     859              :     libspdm_return_t status;
     860              :     libspdm_test_context_t *spdm_test_context;
     861              :     libspdm_context_t *spdm_context;
     862              :     size_t response_size;
     863              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     864              :     spdm_psk_finish_response_t *spdm_response;
     865              :     void *data1;
     866              :     size_t data_size1;
     867              :     uint8_t *ptr;
     868              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     869              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     870              :     libspdm_session_info_t *session_info;
     871              :     uint32_t session_id;
     872              :     uint32_t hash_size;
     873              :     uint32_t hmac_size;
     874              : 
     875            1 :     spdm_test_context = *state;
     876            1 :     spdm_context = spdm_test_context->spdm_context;
     877            1 :     spdm_test_context->case_id = 0x8;
     878            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     879              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     880            1 :     spdm_context->connection_info.connection_state =
     881              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     882            1 :     spdm_context->connection_info.capability.flags &=
     883              :         ~(SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP);
     884            1 :     spdm_context->local_context.capability.flags &=
     885              :         ~(SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP);
     886            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     887              :         m_libspdm_use_hash_algo;
     888            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
     889              :         m_libspdm_use_asym_algo;
     890            1 :     spdm_context->connection_info.algorithm.measurement_spec =
     891              :         m_libspdm_use_measurement_spec;
     892            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
     893              :         m_libspdm_use_measurement_hash_algo;
     894            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
     895              :         m_libspdm_use_dhe_algo;
     896            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
     897              :         m_libspdm_use_aead_algo;
     898            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
     899              :                                                     m_libspdm_use_asym_algo, &data1,
     900              :                                                     &data_size1, NULL, NULL);
     901            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
     902            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
     903              :         data_size1;
     904            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
     905            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
     906              :         data_size1;
     907              : 
     908            1 :     spdm_context->transcript.message_a.buffer_size = 0;
     909            1 :     spdm_context->local_context.mut_auth_requested = 0;
     910              : 
     911            1 :     session_id = 0xFFFFFFFF;
     912            1 :     spdm_context->latest_session_id = session_id;
     913            1 :     spdm_context->last_spdm_request_session_id_valid = true;
     914            1 :     spdm_context->last_spdm_request_session_id = session_id;
     915            1 :     session_info = &spdm_context->session_info[0];
     916            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
     917              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
     918            1 :     libspdm_session_info_set_psk_hint(session_info,
     919              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
     920              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
     921            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     922            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
     923            1 :     libspdm_secured_message_set_request_finished_key(
     924              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
     925              :         hash_size);
     926            1 :     libspdm_secured_message_set_session_state(
     927              :         session_info->secured_message_context,
     928              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
     929              : 
     930            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     931            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
     932            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
     933            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
     934              :     /* transcript.message_a size is 0
     935              :      * session_transcript.message_k is 0*/
     936            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
     937              :                                   sizeof(spdm_psk_finish_request_t));
     938            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
     939            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
     940              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
     941            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
     942              :                      request_finished_key, hash_size, ptr);
     943            1 :     m_libspdm_psk_finish_request1_size =
     944            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
     945            1 :     response_size = sizeof(response);
     946            1 :     status = libspdm_get_response_psk_finish(spdm_context,
     947              :                                              m_libspdm_psk_finish_request1_size,
     948              :                                              &m_libspdm_psk_finish_request1,
     949              :                                              &response_size, response);
     950            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
     951            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
     952            1 :     spdm_response = (void *)response;
     953            1 :     assert_int_equal(spdm_response->header.request_response_code,
     954              :                      SPDM_ERROR);
     955            1 :     assert_int_equal(spdm_response->header.param1,
     956              :                      SPDM_ERROR_CODE_UNSUPPORTED_REQUEST);
     957            1 :     assert_int_equal(spdm_response->header.param2, SPDM_PSK_FINISH);
     958            1 :     free(data1);
     959            1 : }
     960              : 
     961              : /**
     962              :  * Test 9: receiving a correct PSK_FINISH message from the requester, but
     963              :  * the responder is not correctly setup by not initializing a session during
     964              :  * PSK_EXCHANGE.
     965              :  * Expected behavior: the responder refuses the PSK_FINISH message and
     966              :  * produces an ERROR message indicating the InvalidRequest.
     967              :  **/
     968            1 : static void rsp_psk_finish_rsp_case9(void **state)
     969              : {
     970              :     libspdm_return_t status;
     971              :     libspdm_test_context_t *spdm_test_context;
     972              :     libspdm_context_t *spdm_context;
     973              :     size_t response_size;
     974              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
     975              :     spdm_psk_finish_response_t *spdm_response;
     976              :     void *data1;
     977              :     size_t data_size1;
     978              :     uint8_t *ptr;
     979              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
     980              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
     981              :     libspdm_session_info_t *session_info;
     982              :     uint32_t session_id;
     983              :     uint32_t hash_size;
     984              :     uint32_t hmac_size;
     985              : 
     986            1 :     spdm_test_context = *state;
     987            1 :     spdm_context = spdm_test_context->spdm_context;
     988            1 :     spdm_test_context->case_id = 0x9;
     989            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
     990              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
     991            1 :     spdm_context->connection_info.connection_state =
     992              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
     993            1 :     spdm_context->connection_info.capability.flags |=
     994              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
     995            1 :     spdm_context->local_context.capability.flags |=
     996              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
     997            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
     998              :         m_libspdm_use_hash_algo;
     999            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1000              :         m_libspdm_use_asym_algo;
    1001            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1002              :         m_libspdm_use_measurement_spec;
    1003            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1004              :         m_libspdm_use_measurement_hash_algo;
    1005            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1006              :         m_libspdm_use_dhe_algo;
    1007            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1008              :         m_libspdm_use_aead_algo;
    1009            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1010              :                                                     m_libspdm_use_asym_algo, &data1,
    1011              :                                                     &data_size1, NULL, NULL);
    1012            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1013            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1014              :         data_size1;
    1015            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1016            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1017              :         data_size1;
    1018              : 
    1019            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1020            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1021              : 
    1022            1 :     session_id = 0xFFFFFFFF;
    1023            1 :     spdm_context->latest_session_id = session_id;
    1024            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1025            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1026            1 :     session_info = &spdm_context->session_info[0];
    1027            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1028              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1029            1 :     libspdm_session_info_set_psk_hint(session_info,
    1030              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1031              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1032            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1033            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1034            1 :     libspdm_secured_message_set_request_finished_key(
    1035              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1036              :         hash_size);
    1037            1 :     libspdm_secured_message_set_session_state(
    1038              :         session_info->secured_message_context,
    1039              :         LIBSPDM_SESSION_STATE_NOT_STARTED);
    1040              : 
    1041            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1042            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1043            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1044            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1045              :     /* transcript.message_a size is 0
    1046              :      * session_transcript.message_k is 0*/
    1047            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1048              :                                   sizeof(spdm_psk_finish_request_t));
    1049            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1050            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1051              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1052            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1053              :                      request_finished_key, hash_size, ptr);
    1054            1 :     m_libspdm_psk_finish_request1_size =
    1055            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1056            1 :     response_size = sizeof(response);
    1057            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1058              :                                              m_libspdm_psk_finish_request1_size,
    1059              :                                              &m_libspdm_psk_finish_request1,
    1060              :                                              &response_size, response);
    1061            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1062            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1063            1 :     spdm_response = (void *)response;
    1064            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1065              :                      SPDM_ERROR);
    1066            1 :     assert_int_equal(spdm_response->header.param1,
    1067              :                      SPDM_ERROR_CODE_UNEXPECTED_REQUEST);
    1068            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1069            1 :     free(data1);
    1070            1 : }
    1071              : 
    1072              : /**
    1073              :  * Test 10: receiving a PSK_FINISH message from the requester with an
    1074              :  * incorrect MAC (all-zero).
    1075              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1076              :  * produces an ERROR message indicating the DecryptError.
    1077              :  **/
    1078            1 : static void rsp_psk_finish_rsp_case10(void **state)
    1079              : {
    1080              :     libspdm_return_t status;
    1081              :     libspdm_test_context_t *spdm_test_context;
    1082              :     libspdm_context_t *spdm_context;
    1083              :     size_t response_size;
    1084              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1085              :     spdm_psk_finish_response_t *spdm_response;
    1086              :     void *data1;
    1087              :     size_t data_size1;
    1088              :     uint8_t *ptr;
    1089              :     libspdm_session_info_t *session_info;
    1090              :     uint32_t session_id;
    1091              :     uint32_t hash_size;
    1092              :     uint32_t hmac_size;
    1093              : 
    1094            1 :     spdm_test_context = *state;
    1095            1 :     spdm_context = spdm_test_context->spdm_context;
    1096            1 :     spdm_test_context->case_id = 0xA;
    1097            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1098              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1099            1 :     spdm_context->connection_info.connection_state =
    1100              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1101            1 :     spdm_context->connection_info.capability.flags |=
    1102              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1103            1 :     spdm_context->local_context.capability.flags |=
    1104              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1105            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1106              :         m_libspdm_use_hash_algo;
    1107            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1108              :         m_libspdm_use_asym_algo;
    1109            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1110              :         m_libspdm_use_measurement_spec;
    1111            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1112              :         m_libspdm_use_measurement_hash_algo;
    1113            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1114              :         m_libspdm_use_dhe_algo;
    1115            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1116              :         m_libspdm_use_aead_algo;
    1117            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1118              :                                                     m_libspdm_use_asym_algo, &data1,
    1119              :                                                     &data_size1, NULL, NULL);
    1120            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1121            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1122              :         data_size1;
    1123            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1124            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1125              :         data_size1;
    1126              : 
    1127            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1128            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1129              : 
    1130            1 :     session_id = 0xFFFFFFFF;
    1131            1 :     spdm_context->latest_session_id = session_id;
    1132            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1133            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1134            1 :     session_info = &spdm_context->session_info[0];
    1135            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1136              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1137            1 :     libspdm_session_info_set_psk_hint(session_info,
    1138              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1139              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1140            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1141            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1142            1 :     libspdm_secured_message_set_request_finished_key(
    1143              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1144              :         hash_size);
    1145            1 :     libspdm_secured_message_set_session_state(
    1146              :         session_info->secured_message_context,
    1147              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1148              : 
    1149            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1150            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1151            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1152            1 :     libspdm_set_mem(ptr, hmac_size, (uint8_t)(0x00)); /*all-zero MAC*/
    1153            1 :     m_libspdm_psk_finish_request1_size =
    1154            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1155            1 :     response_size = sizeof(response);
    1156            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1157              :                                              m_libspdm_psk_finish_request1_size,
    1158              :                                              &m_libspdm_psk_finish_request1,
    1159              :                                              &response_size, response);
    1160            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1161            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1162            1 :     spdm_response = (void *)response;
    1163            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1164              :                      SPDM_ERROR);
    1165            1 :     assert_int_equal(spdm_response->header.param1,
    1166              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1167            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1168            1 :     free(data1);
    1169            1 : }
    1170              : 
    1171              : /**
    1172              :  * Test 11: receiving a PSK_FINISH message from the requester with an
    1173              :  * incorrect MAC (arbitrary).
    1174              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1175              :  * produces an ERROR message indicating the DecryptError.
    1176              :  **/
    1177            1 : static void rsp_psk_finish_rsp_case11(void **state)
    1178              : {
    1179              :     libspdm_return_t status;
    1180              :     libspdm_test_context_t *spdm_test_context;
    1181              :     libspdm_context_t *spdm_context;
    1182              :     size_t response_size;
    1183              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1184              :     spdm_psk_finish_response_t *spdm_response;
    1185              :     void *data1;
    1186              :     size_t data_size1;
    1187              :     uint8_t *ptr;
    1188              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1189              :     uint8_t zero_data[LIBSPDM_MAX_HASH_SIZE];
    1190              :     libspdm_session_info_t *session_info;
    1191              :     uint32_t session_id;
    1192              :     uint32_t hash_size;
    1193              :     uint32_t hmac_size;
    1194              : 
    1195            1 :     spdm_test_context = *state;
    1196            1 :     spdm_context = spdm_test_context->spdm_context;
    1197            1 :     spdm_test_context->case_id = 0xB;
    1198            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1199              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1200            1 :     spdm_context->connection_info.connection_state =
    1201              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1202            1 :     spdm_context->connection_info.capability.flags |=
    1203              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1204            1 :     spdm_context->local_context.capability.flags |=
    1205              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1206            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1207              :         m_libspdm_use_hash_algo;
    1208            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1209              :         m_libspdm_use_asym_algo;
    1210            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1211              :         m_libspdm_use_measurement_spec;
    1212            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1213              :         m_libspdm_use_measurement_hash_algo;
    1214            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1215              :         m_libspdm_use_dhe_algo;
    1216            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1217              :         m_libspdm_use_aead_algo;
    1218            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1219              :                                                     m_libspdm_use_asym_algo, &data1,
    1220              :                                                     &data_size1, NULL, NULL);
    1221            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1222            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1223              :         data_size1;
    1224            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1225            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1226              :         data_size1;
    1227              : 
    1228            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1229            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1230              : 
    1231            1 :     session_id = 0xFFFFFFFF;
    1232            1 :     spdm_context->latest_session_id = session_id;
    1233            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1234            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1235            1 :     session_info = &spdm_context->session_info[0];
    1236            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1237              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1238            1 :     libspdm_session_info_set_psk_hint(session_info,
    1239              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1240              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1241            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1242            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1243            1 :     libspdm_secured_message_set_request_finished_key(
    1244              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1245              :         hash_size);
    1246            1 :     libspdm_secured_message_set_session_state(
    1247              :         session_info->secured_message_context,
    1248              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1249              : 
    1250            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1251            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1252            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1253              :     /*arbitrary MAC*/
    1254            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1255            1 :     libspdm_set_mem(zero_data, hash_size, (uint8_t)(0x00));
    1256            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, zero_data, hash_size,
    1257              :                      request_finished_key, hash_size, ptr);
    1258            1 :     m_libspdm_psk_finish_request1_size =
    1259            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size;
    1260            1 :     response_size = sizeof(response);
    1261            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1262              :                                              m_libspdm_psk_finish_request1_size,
    1263              :                                              &m_libspdm_psk_finish_request1,
    1264              :                                              &response_size, response);
    1265            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1266            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1267            1 :     spdm_response = (void *)response;
    1268            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1269              :                      SPDM_ERROR);
    1270            1 :     assert_int_equal(spdm_response->header.param1,
    1271              :                      SPDM_ERROR_CODE_DECRYPT_ERROR);
    1272            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1273            1 :     free(data1);
    1274            1 : }
    1275              : 
    1276              : /**
    1277              :  * Test 12: receiving a PSK_FINISH message from the requester with an
    1278              :  * incorrect MAC size (a correct MAC repeated twice).
    1279              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1280              :  * produces an ERROR message indicating the InvalidRequest.
    1281              :  **/
    1282            1 : static void rsp_psk_finish_rsp_case12(void **state)
    1283              : {
    1284              :     libspdm_return_t status;
    1285              :     libspdm_test_context_t *spdm_test_context;
    1286              :     libspdm_context_t *spdm_context;
    1287              :     size_t response_size;
    1288              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1289              :     spdm_psk_finish_response_t *spdm_response;
    1290              :     void *data1;
    1291              :     size_t data_size1;
    1292              :     uint8_t *ptr;
    1293              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1294              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1295              :     libspdm_session_info_t *session_info;
    1296              :     uint32_t session_id;
    1297              :     uint32_t hash_size;
    1298              :     uint32_t hmac_size;
    1299              : 
    1300            1 :     spdm_test_context = *state;
    1301            1 :     spdm_context = spdm_test_context->spdm_context;
    1302            1 :     spdm_test_context->case_id = 0xC;
    1303            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1304              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1305            1 :     spdm_context->connection_info.connection_state =
    1306              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1307            1 :     spdm_context->connection_info.capability.flags |=
    1308              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1309            1 :     spdm_context->local_context.capability.flags |=
    1310              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1311            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1312              :         m_libspdm_use_hash_algo;
    1313            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1314              :         m_libspdm_use_asym_algo;
    1315            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1316              :         m_libspdm_use_measurement_spec;
    1317            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1318              :         m_libspdm_use_measurement_hash_algo;
    1319            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1320              :         m_libspdm_use_dhe_algo;
    1321            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1322              :         m_libspdm_use_aead_algo;
    1323            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1324              :                                                     m_libspdm_use_asym_algo, &data1,
    1325              :                                                     &data_size1, NULL, NULL);
    1326            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1327            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1328              :         data_size1;
    1329            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1330            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1331              :         data_size1;
    1332              : 
    1333            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1334            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1335              : 
    1336            1 :     session_id = 0xFFFFFFFF;
    1337            1 :     spdm_context->latest_session_id = session_id;
    1338            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1339            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1340            1 :     session_info = &spdm_context->session_info[0];
    1341            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1342              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1343            1 :     libspdm_session_info_set_psk_hint(session_info,
    1344              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1345              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1346            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1347            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1348            1 :     libspdm_secured_message_set_request_finished_key(
    1349              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1350              :         hash_size);
    1351            1 :     libspdm_secured_message_set_session_state(
    1352              :         session_info->secured_message_context,
    1353              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1354              : 
    1355            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1356            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1357            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1358            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1359              :     /* transcript.message_a size is 0
    1360              :      * session_transcript.message_k is 0*/
    1361            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1362              :                                   sizeof(spdm_psk_finish_request_t));
    1363            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1364            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1365              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1366            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1367              :                      request_finished_key, hash_size, ptr);
    1368            1 :     libspdm_copy_mem(ptr, sizeof(m_libspdm_psk_finish_request1.verify_data),
    1369            1 :                      ptr + hmac_size, hmac_size); /* 2x HMAC size*/
    1370            1 :     m_libspdm_psk_finish_request1_size =
    1371            1 :         sizeof(spdm_psk_finish_request_t) + 2*hmac_size;
    1372            1 :     response_size = sizeof(response);
    1373            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1374              :                                              m_libspdm_psk_finish_request1_size,
    1375              :                                              &m_libspdm_psk_finish_request1,
    1376              :                                              &response_size, response);
    1377            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1378            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1379            1 :     spdm_response = (void *)response;
    1380            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1381              :                      SPDM_ERROR);
    1382            1 :     assert_int_equal(spdm_response->header.param1,
    1383              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    1384            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1385            1 :     free(data1);
    1386            1 : }
    1387              : 
    1388              : /**
    1389              :  * Test 13: receiving a PSK_FINISH message from the requester with an
    1390              :  * incorrect MAC size (only the correct first half of the MAC).
    1391              :  * Expected behavior: the responder refuses the PSK_FINISH message and
    1392              :  * produces an ERROR message indicating the InvalidRequest.
    1393              :  **/
    1394            1 : static void rsp_psk_finish_rsp_case13(void **state)
    1395              : {
    1396              :     libspdm_return_t status;
    1397              :     libspdm_test_context_t *spdm_test_context;
    1398              :     libspdm_context_t *spdm_context;
    1399              :     size_t response_size;
    1400              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1401              :     spdm_psk_finish_response_t *spdm_response;
    1402              :     void *data1;
    1403              :     size_t data_size1;
    1404              :     uint8_t *ptr;
    1405              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1406              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1407              :     libspdm_session_info_t *session_info;
    1408              :     uint32_t session_id;
    1409              :     uint32_t hash_size;
    1410              :     uint32_t hmac_size;
    1411              : 
    1412            1 :     spdm_test_context = *state;
    1413            1 :     spdm_context = spdm_test_context->spdm_context;
    1414            1 :     spdm_test_context->case_id = 0xD;
    1415            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1416              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1417            1 :     spdm_context->connection_info.connection_state =
    1418              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1419            1 :     spdm_context->connection_info.capability.flags |=
    1420              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1421            1 :     spdm_context->local_context.capability.flags |=
    1422              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1423            1 :     spdm_context->connection_info.algorithm.base_hash_algo =
    1424              :         m_libspdm_use_hash_algo;
    1425            1 :     spdm_context->connection_info.algorithm.base_asym_algo =
    1426              :         m_libspdm_use_asym_algo;
    1427            1 :     spdm_context->connection_info.algorithm.measurement_spec =
    1428              :         m_libspdm_use_measurement_spec;
    1429            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1430              :         m_libspdm_use_measurement_hash_algo;
    1431            1 :     spdm_context->connection_info.algorithm.dhe_named_group =
    1432              :         m_libspdm_use_dhe_algo;
    1433            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite =
    1434              :         m_libspdm_use_aead_algo;
    1435            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1436              :                                                     m_libspdm_use_asym_algo, &data1,
    1437              :                                                     &data_size1, NULL, NULL);
    1438            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1439            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] =
    1440              :         data_size1;
    1441            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1442            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size =
    1443              :         data_size1;
    1444              : 
    1445            1 :     spdm_context->transcript.message_a.buffer_size = 0;
    1446            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1447              : 
    1448            1 :     session_id = 0xFFFFFFFF;
    1449            1 :     spdm_context->latest_session_id = session_id;
    1450            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1451            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1452            1 :     session_info = &spdm_context->session_info[0];
    1453            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1454              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1455            1 :     libspdm_session_info_set_psk_hint(session_info,
    1456              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1457              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1458            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1459            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1460            1 :     libspdm_secured_message_set_request_finished_key(
    1461              :         session_info->secured_message_context, m_libspdm_dummy_buffer,
    1462              :         hash_size);
    1463            1 :     libspdm_secured_message_set_session_state(
    1464              :         session_info->secured_message_context,
    1465              :         LIBSPDM_SESSION_STATE_HANDSHAKING);
    1466              : 
    1467            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1468            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1469            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1470            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1471              :     /* transcript.message_a size is 0
    1472              :      * session_transcript.message_k is 0*/
    1473            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1474              :                                   sizeof(spdm_psk_finish_request_t));
    1475            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1476            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1477              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1478            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1479              :                      request_finished_key, hash_size, ptr);
    1480            1 :     libspdm_set_mem(ptr + hmac_size/2, hmac_size/2, (uint8_t) 0x00); /* half HMAC size*/
    1481            1 :     m_libspdm_psk_finish_request1_size =
    1482            1 :         sizeof(spdm_psk_finish_request_t) + hmac_size/2;
    1483            1 :     response_size = sizeof(response);
    1484            1 :     status = libspdm_get_response_psk_finish(spdm_context,
    1485              :                                              m_libspdm_psk_finish_request1_size,
    1486              :                                              &m_libspdm_psk_finish_request1,
    1487              :                                              &response_size, response);
    1488            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1489            1 :     assert_int_equal(response_size, sizeof(spdm_error_response_t));
    1490            1 :     spdm_response = (void *)response;
    1491            1 :     assert_int_equal(spdm_response->header.request_response_code,
    1492              :                      SPDM_ERROR);
    1493            1 :     assert_int_equal(spdm_response->header.param1,
    1494              :                      SPDM_ERROR_CODE_INVALID_REQUEST);
    1495            1 :     assert_int_equal(spdm_response->header.param2, 0);
    1496            1 :     free(data1);
    1497            1 : }
    1498              : 
    1499              : /**
    1500              :  * Test 14: receiving a correct PSK_FINISH from the requester.
    1501              :  * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
    1502              :  * response message, and buffer F receives the exchanged PSK_FINISH and PSK_FINISH_RSP messages.
    1503              :  **/
    1504            1 : static void rsp_psk_finish_rsp_case14(void **state)
    1505              : {
    1506              :     libspdm_return_t status;
    1507              :     libspdm_test_context_t *spdm_test_context;
    1508              :     libspdm_context_t *spdm_context;
    1509              :     size_t response_size;
    1510              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1511              :     spdm_psk_finish_response_t *spdm_response;
    1512              :     void *data1;
    1513              :     size_t data_size1;
    1514              :     uint8_t *ptr;
    1515              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1516              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1517              :     libspdm_session_info_t *session_info;
    1518              :     uint32_t session_id;
    1519              :     uint32_t hash_size;
    1520              :     uint32_t hmac_size;
    1521              : 
    1522            1 :     spdm_test_context = *state;
    1523            1 :     spdm_context = spdm_test_context->spdm_context;
    1524            1 :     spdm_test_context->case_id = 0xE;
    1525            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_11 <<
    1526              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1527            1 :     spdm_context->connection_info.connection_state =
    1528              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1529            1 :     spdm_context->connection_info.capability.flags |=
    1530              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1531            1 :     spdm_context->local_context.capability.flags |=
    1532              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1533            1 :     spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
    1534            1 :     spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
    1535            1 :     spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
    1536            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1537              :         m_libspdm_use_measurement_hash_algo;
    1538            1 :     spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
    1539            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
    1540            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1541              :                                                     m_libspdm_use_asym_algo, &data1,
    1542              :                                                     &data_size1, NULL, NULL);
    1543            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1544            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
    1545            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1546            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size = data_size1;
    1547              : 
    1548            1 :     libspdm_reset_message_a(spdm_context);
    1549            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1550              : 
    1551            1 :     session_id = 0xFFFFFFFF;
    1552            1 :     spdm_context->latest_session_id = session_id;
    1553            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1554            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1555            1 :     session_info = &spdm_context->session_info[0];
    1556            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1557              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1558            1 :     libspdm_session_info_set_psk_hint(session_info,
    1559              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1560              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1561            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1562            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1563            1 :     libspdm_secured_message_set_request_finished_key(
    1564              :         session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
    1565            1 :     libspdm_secured_message_set_session_state(
    1566              :         session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
    1567              : 
    1568            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1569            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1570            1 :     ptr = m_libspdm_psk_finish_request1.verify_data;
    1571            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1572              :     /* transcript.message_a size is 0
    1573              :      * session_transcript.message_k is 0*/
    1574            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request1,
    1575              :                                   sizeof(spdm_psk_finish_request_t));
    1576            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1577            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1578              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1579            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1580              :                      request_finished_key, hash_size, ptr);
    1581            1 :     m_libspdm_psk_finish_request1_size = sizeof(spdm_psk_finish_request_t) + hmac_size;
    1582            1 :     response_size = sizeof(response);
    1583            1 :     status = libspdm_get_response_psk_finish(
    1584              :         spdm_context, m_libspdm_psk_finish_request1_size, &m_libspdm_psk_finish_request1,
    1585              :         &response_size, response);
    1586            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1587            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t));
    1588            1 :     spdm_response = (void *)response;
    1589            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
    1590              : 
    1591              : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    1592              :     assert_int_equal(spdm_context->session_info[0].session_transcript.message_f.buffer_size,
    1593              :                      m_libspdm_psk_finish_request1_size + response_size);
    1594              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer,
    1595              :                         &m_libspdm_psk_finish_request1, m_libspdm_psk_finish_request1_size);
    1596              :     assert_memory_equal(spdm_context->session_info[0].session_transcript.message_f.buffer +
    1597              :                         m_libspdm_psk_finish_request1_size, response, response_size);
    1598              : #endif
    1599              : 
    1600            1 :     free(data1);
    1601            1 : }
    1602              : 
    1603              : /**
    1604              :  * Test 15: SPDM version 1.4, with OpaqueData.
    1605              :  * Expected behavior: the responder accepts the request and produces a valid PSK_FINISH
    1606              :  * response message.
    1607              :  **/
    1608            1 : static void rsp_psk_finish_rsp_case15(void **state)
    1609              : {
    1610              :     libspdm_return_t status;
    1611              :     libspdm_test_context_t *spdm_test_context;
    1612              :     libspdm_context_t *spdm_context;
    1613              :     size_t response_size;
    1614              :     uint8_t response[LIBSPDM_MAX_SPDM_MSG_SIZE];
    1615              :     spdm_psk_finish_response_t *spdm_response;
    1616              :     void *data1;
    1617              :     size_t data_size1;
    1618              :     uint8_t *ptr;
    1619              :     uint8_t hash_data[LIBSPDM_MAX_HASH_SIZE];
    1620              :     uint8_t request_finished_key[LIBSPDM_MAX_HASH_SIZE];
    1621              :     libspdm_session_info_t *session_info;
    1622              :     uint32_t session_id;
    1623              :     uint32_t hash_size;
    1624              :     uint32_t hmac_size;
    1625              : 
    1626            1 :     spdm_test_context = *state;
    1627            1 :     spdm_context = spdm_test_context->spdm_context;
    1628            1 :     spdm_test_context->case_id = 0xF;
    1629            1 :     spdm_context->connection_info.version = SPDM_MESSAGE_VERSION_14 <<
    1630              :                                             SPDM_VERSION_NUMBER_SHIFT_BIT;
    1631            1 :     spdm_context->connection_info.connection_state =
    1632              :         LIBSPDM_CONNECTION_STATE_NEGOTIATED;
    1633            1 :     spdm_context->connection_info.capability.flags |=
    1634              :         SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP;
    1635            1 :     spdm_context->local_context.capability.flags |=
    1636              :         SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP;
    1637            1 :     spdm_context->connection_info.algorithm.base_hash_algo = m_libspdm_use_hash_algo;
    1638            1 :     spdm_context->connection_info.algorithm.base_asym_algo = m_libspdm_use_asym_algo;
    1639            1 :     spdm_context->connection_info.algorithm.measurement_spec = m_libspdm_use_measurement_spec;
    1640            1 :     spdm_context->connection_info.algorithm.measurement_hash_algo =
    1641              :         m_libspdm_use_measurement_hash_algo;
    1642            1 :     spdm_context->connection_info.algorithm.dhe_named_group = m_libspdm_use_dhe_algo;
    1643            1 :     spdm_context->connection_info.algorithm.aead_cipher_suite = m_libspdm_use_aead_algo;
    1644            1 :     libspdm_read_responder_public_certificate_chain(m_libspdm_use_hash_algo,
    1645              :                                                     m_libspdm_use_asym_algo, &data1,
    1646              :                                                     &data_size1, NULL, NULL);
    1647            1 :     spdm_context->local_context.local_cert_chain_provision[0] = data1;
    1648            1 :     spdm_context->local_context.local_cert_chain_provision_size[0] = data_size1;
    1649            1 :     spdm_context->connection_info.local_used_cert_chain_buffer = data1;
    1650            1 :     spdm_context->connection_info.local_used_cert_chain_buffer_size = data_size1;
    1651              : 
    1652            1 :     libspdm_reset_message_a(spdm_context);
    1653            1 :     spdm_context->local_context.mut_auth_requested = 0;
    1654              : 
    1655            1 :     session_id = 0xFFFFFFFF;
    1656            1 :     spdm_context->latest_session_id = session_id;
    1657            1 :     spdm_context->last_spdm_request_session_id_valid = true;
    1658            1 :     spdm_context->last_spdm_request_session_id = session_id;
    1659            1 :     session_info = &spdm_context->session_info[0];
    1660            1 :     libspdm_session_info_init(spdm_context, session_info, session_id,
    1661              :                               SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT, true);
    1662            1 :     libspdm_session_info_set_psk_hint(session_info,
    1663              :                                       LIBSPDM_TEST_PSK_HINT_STRING,
    1664              :                                       sizeof(LIBSPDM_TEST_PSK_HINT_STRING));
    1665            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1666            1 :     libspdm_set_mem(m_libspdm_dummy_buffer, hash_size, (uint8_t)(0xFF));
    1667            1 :     libspdm_secured_message_set_request_finished_key(
    1668              :         session_info->secured_message_context, m_libspdm_dummy_buffer, hash_size);
    1669            1 :     libspdm_secured_message_set_session_state(
    1670              :         session_info->secured_message_context, LIBSPDM_SESSION_STATE_HANDSHAKING);
    1671              : 
    1672            1 :     m_libspdm_psk_finish_request3.opaque_data_size =
    1673              :         sizeof(m_libspdm_psk_finish_request3.opaque_data);
    1674            1 :     hash_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1675            1 :     hmac_size = libspdm_get_hash_size(m_libspdm_use_hash_algo);
    1676            1 :     ptr = m_libspdm_psk_finish_request3.verify_data;
    1677            1 :     libspdm_init_managed_buffer(&th_curr, sizeof(th_curr.buffer));
    1678              :     /* transcript.message_a size is 0
    1679              :      * session_transcript.message_k is 0*/
    1680            1 :     libspdm_append_managed_buffer(&th_curr, (uint8_t *)&m_libspdm_psk_finish_request3,
    1681              :                                   sizeof(spdm_psk_finish_request_t) + sizeof(uint16_t) +
    1682            1 :                                   m_libspdm_psk_finish_request3.opaque_data_size);
    1683            1 :     libspdm_set_mem(request_finished_key, LIBSPDM_MAX_HASH_SIZE, (uint8_t)(0xFF));
    1684            1 :     libspdm_hash_all(m_libspdm_use_hash_algo, libspdm_get_managed_buffer(&th_curr),
    1685              :                      libspdm_get_managed_buffer_size(&th_curr), hash_data);
    1686            1 :     libspdm_hmac_all(m_libspdm_use_hash_algo, hash_data, hash_size,
    1687              :                      request_finished_key, hash_size, ptr);
    1688            1 :     m_libspdm_psk_finish_request3_size = sizeof(spdm_psk_finish_request_t) + hmac_size +
    1689            1 :                                          sizeof(uint16_t) +
    1690            1 :                                          m_libspdm_psk_finish_request3.opaque_data_size;
    1691            1 :     response_size = sizeof(response);
    1692            1 :     status = libspdm_get_response_psk_finish(
    1693              :         spdm_context, m_libspdm_psk_finish_request3_size, &m_libspdm_psk_finish_request3,
    1694              :         &response_size, response);
    1695            1 :     assert_int_equal(status, LIBSPDM_STATUS_SUCCESS);
    1696            1 :     ptr = (uint8_t *)response + sizeof(spdm_psk_finish_response_t);
    1697            1 :     assert_int_equal(response_size, sizeof(spdm_psk_finish_response_t) +
    1698              :                      sizeof(uint16_t) + libspdm_read_uint16(ptr));
    1699            1 :     spdm_response = (void *)response;
    1700            1 :     assert_int_equal(spdm_response->header.request_response_code, SPDM_PSK_FINISH_RSP);
    1701              : 
    1702            1 :     free(data1);
    1703            1 : }
    1704              : 
    1705            1 : int libspdm_rsp_psk_finish_rsp_test(void)
    1706              : {
    1707            1 :     const struct CMUnitTest test_cases[] = {
    1708              :         /* Success Case*/
    1709              :         cmocka_unit_test(rsp_psk_finish_rsp_case1),
    1710              :         /* Bad request size*/
    1711              :         cmocka_unit_test(rsp_psk_finish_rsp_case2),
    1712              :         /* response_state: SPDM_RESPONSE_STATE_BUSY*/
    1713              :         cmocka_unit_test(rsp_psk_finish_rsp_case3),
    1714              :         /* response_state: SPDM_RESPONSE_STATE_NEED_RESYNC*/
    1715              :         cmocka_unit_test(rsp_psk_finish_rsp_case4),
    1716              :         #if LIBSPDM_RESPOND_IF_READY_SUPPORT
    1717              :         /* response_state: SPDM_RESPONSE_STATE_NOT_READY*/
    1718              :         cmocka_unit_test(rsp_psk_finish_rsp_case5),
    1719              :         #endif /* LIBSPDM_RESPOND_IF_READY_SUPPORT */
    1720              :         /* connection_state Check*/
    1721              :         cmocka_unit_test(rsp_psk_finish_rsp_case6),
    1722              :         /* Buffer reset*/
    1723              :         cmocka_unit_test(rsp_psk_finish_rsp_case7),
    1724              :         /* Unsupported PSK capabilities*/
    1725              :         cmocka_unit_test(rsp_psk_finish_rsp_case8),
    1726              :         /* Uninitialized session*/
    1727              :         cmocka_unit_test(rsp_psk_finish_rsp_case9),
    1728              :         /* Incorrect MAC*/
    1729              :         cmocka_unit_test(rsp_psk_finish_rsp_case10),
    1730              :         cmocka_unit_test(rsp_psk_finish_rsp_case11),
    1731              :         /* Incorrect MAC size*/
    1732              :         cmocka_unit_test(rsp_psk_finish_rsp_case12),
    1733              :         cmocka_unit_test(rsp_psk_finish_rsp_case13),
    1734              :         /* Buffer verification*/
    1735              :         cmocka_unit_test(rsp_psk_finish_rsp_case14),
    1736              :         /* SPDM 1.4 with OpaqueData */
    1737              :         cmocka_unit_test(rsp_psk_finish_rsp_case15),
    1738              :     };
    1739              : 
    1740            1 :     libspdm_test_context_t test_context = {
    1741              :         LIBSPDM_TEST_CONTEXT_VERSION,
    1742              :         false,
    1743              :     };
    1744              : 
    1745            1 :     libspdm_setup_test_context(&test_context);
    1746              : 
    1747            1 :     return cmocka_run_group_tests(test_cases,
    1748              :                                   libspdm_unit_test_group_setup,
    1749              :                                   libspdm_unit_test_group_teardown);
    1750              : }
    1751              : 
    1752              : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
        

Generated by: LCOV version 2.0-1