Add handshake mode switch check in FINISH and PSK_FINISH.

jyao1 · jyao1 · commit 3167bcaba6a4 · 2023-05-02T10:42:21.000+08:00
Reference: DMTF-2023-0001 Fix: #2005 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
diff --git a/library/spdm_responder_lib/libspdm_rsp_finish.c b/library/spdm_responder_lib/libspdm_rsp_finish.c
@@ -396,6 +396,11 @@ libspdm_return_t libspdm_get_response_finish(void *context, size_t request_size,
                                                SPDM_ERROR_CODE_SESSION_REQUIRED, 0,
                                                response_size, response);
     }
+    if (session_info->use_psk) {
+        return libspdm_generate_error_response(spdm_context,
+                                               SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
+                                               response_size, response);
+    }
     session_state = libspdm_secured_message_get_session_state(
         session_info->secured_message_context);
     if (session_state != LIBSPDM_SESSION_STATE_HANDSHAKING) {
diff --git a/library/spdm_responder_lib/libspdm_rsp_psk_finish.c b/library/spdm_responder_lib/libspdm_rsp_psk_finish.c
@@ -123,6 +123,11 @@ libspdm_return_t libspdm_get_response_psk_finish(void *context,
                                                SPDM_ERROR_CODE_SESSION_REQUIRED, 0,
                                                response_size, response);
     }
+    if (!session_info->use_psk) {
+        return libspdm_generate_error_response(spdm_context,
+                                               SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
+                                               response_size, response);
+    }
     session_state = libspdm_secured_message_get_session_state(
         session_info->secured_message_context);
     if (session_state != LIBSPDM_SESSION_STATE_HANDSHAKING) {
