From 66d1a0a08956682c79822c3743057d14581586ac Mon Sep 17 00:00:00 2001 From: "Zhao, Zhiqiang" Date: Tue, 25 Jul 2023 16:05:38 +0800 Subject: [PATCH] Fix Param2 of PSK_EXCHANGE request message was mistaken as Param1. Move the check to the front to return error much sooner. Fix: #2268 Signed-off-by: Zhao, Zhiqiang --- .../spdm_responder_lib/libspdm_rsp_psk_exchange.c | 14 +++++++------- unit_test/test_spdm_responder/psk_exchange.c | 7 +++---- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c b/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c index 8eda9846735..34564aeba44 100644 --- a/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c +++ b/library/spdm_responder_lib/libspdm_rsp_psk_exchange.c @@ -204,6 +204,13 @@ libspdm_return_t libspdm_get_response_psk_exchange(libspdm_context_t *spdm_conte measurement_summary_hash_size = libspdm_get_measurement_summary_hash_size( spdm_context, false, spdm_request->header.param1); + if ((measurement_summary_hash_size == 0) && + (spdm_request->header.param1 != SPDM_PSK_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH)) { + return libspdm_generate_error_response(spdm_context, + SPDM_ERROR_CODE_INVALID_REQUEST, + 0, response_size, response); + } + hmac_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo); if (request_size < sizeof(spdm_psk_exchange_request_t)) { @@ -327,13 +334,6 @@ libspdm_return_t libspdm_get_response_psk_exchange(libspdm_context_t *spdm_conte result = true; } - if ((measurement_summary_hash_size == 0) && - (spdm_request->header.param2 != SPDM_PSK_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH)) { - libspdm_free_session_id(spdm_context, session_id); - return libspdm_generate_error_response(spdm_context, - SPDM_ERROR_CODE_INVALID_REQUEST, - 0, response_size, response); - } if (!result) { libspdm_free_session_id(spdm_context, session_id); return libspdm_generate_error_response(spdm_context, diff --git a/unit_test/test_spdm_responder/psk_exchange.c b/unit_test/test_spdm_responder/psk_exchange.c index 72c570cbda8..41305de8408 100644 --- a/unit_test/test_spdm_responder/psk_exchange.c +++ b/unit_test/test_spdm_responder/psk_exchange.c @@ -1227,13 +1227,12 @@ void libspdm_test_responder_psk_exchange_case12(void **state) spdm_response = (void *)response; assert_int_equal(spdm_response->header.request_response_code, SPDM_ERROR); - assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_UNSPECIFIED); - - + assert_int_equal(spdm_response->header.param1, SPDM_ERROR_CODE_INVALID_REQUEST); #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT + /* Error before libspdm_reset_message_buffer_via_request_code, so will not libspdm_reset_message_m */ assert_int_equal(spdm_context->transcript.message_m.buffer_size, - 0); + spdm_context->transcript.message_m.max_buffer_size); #endif free(data1); }