Skip to content

Commit 4bba5a4

Browse files
IntelCaisuijyao1
IntelCaisui
authored and
jyao1
committed
Spdm 1.3 change salt 0 for psk exchange to 0xff.
salt 0 for psk_exchange ssession should be a 0xff filed array of hash length since spdm 1.3.
1 parent bc6c8bf commit 4bba5a4

File tree

1 file changed

+15
-2
lines changed

1 file changed

+15
-2
lines changed

test/spdm-emu/src/secret_impl_sample.rs

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -208,6 +208,7 @@ fn generate_measurement_summary_hash_impl(
208208

209209
const MAX_BIN_CONCAT_BUF_SIZE: usize = 2 + 8 + 12 + SPDM_MAX_HASH_SIZE;
210210
const SALT_0: [u8; SPDM_MAX_HASH_SIZE] = [0u8; SPDM_MAX_HASH_SIZE];
211+
const SALT_0_FF: [u8; SPDM_MAX_HASH_SIZE] = [0xFF; SPDM_MAX_HASH_SIZE];
211212
const ZERO_FILLED: [u8; SPDM_MAX_HASH_SIZE] = [0u8; SPDM_MAX_HASH_SIZE];
212213
const BIN_STR0_LABEL: &[u8] = b"derived";
213214

@@ -217,6 +218,12 @@ fn handshake_secret_hkdf_expand_impl(
217218
psk_hint: &SpdmPskHintStruct,
218219
info: &[u8],
219220
) -> Option<SpdmHkdfOutputKeyingMaterial> {
221+
let salt0 = if spdm_version >= SpdmVersion::SpdmVersion13 {
222+
&SALT_0_FF[0..base_hash_algo.get_size() as usize]
223+
} else {
224+
&SALT_0[0..base_hash_algo.get_size() as usize]
225+
};
226+
220227
let mut psk_key: SpdmDheFinalKeyStruct = SpdmDheFinalKeyStruct {
221228
data_size: b"TestPskData\0".len() as u16,
222229
data: Box::new([0; SPDM_MAX_DHE_KEY_SIZE]),
@@ -225,7 +232,7 @@ fn handshake_secret_hkdf_expand_impl(
225232

226233
let hs_sec = crypto::hkdf::hkdf_extract(
227234
base_hash_algo,
228-
&SALT_0[0..base_hash_algo.get_size() as usize],
235+
salt0,
229236
&SpdmHkdfInputKeyingMaterial::SpdmDheFinalKey(&psk_key),
230237
)?;
231238
crypto::hkdf::hkdf_expand(base_hash_algo, &hs_sec, info, base_hash_algo.get_size())
@@ -237,6 +244,12 @@ fn master_secret_hkdf_expand_impl(
237244
psk_hint: &SpdmPskHintStruct,
238245
info: &[u8],
239246
) -> Option<SpdmHkdfOutputKeyingMaterial> {
247+
let salt0 = if spdm_version >= SpdmVersion::SpdmVersion13 {
248+
&SALT_0_FF[0..base_hash_algo.get_size() as usize]
249+
} else {
250+
&SALT_0[0..base_hash_algo.get_size() as usize]
251+
};
252+
240253
let mut psk_key: SpdmDheFinalKeyStruct = SpdmDheFinalKeyStruct {
241254
data_size: b"TestPskData\0".len() as u16,
242255
data: Box::new([0; SPDM_MAX_DHE_KEY_SIZE]),
@@ -255,7 +268,7 @@ fn master_secret_hkdf_expand_impl(
255268

256269
let hs_sec = crypto::hkdf::hkdf_extract(
257270
base_hash_algo,
258-
&SALT_0[0..base_hash_algo.get_size() as usize],
271+
salt0,
259272
&SpdmHkdfInputKeyingMaterial::SpdmDheFinalKey(&psk_key),
260273
)?;
261274
let salt_1 =

0 commit comments

Comments
 (0)