Skip to content

2.1.0
Compare
Choose a tag to compare
@jyao1 jyao1 released this 04 Jul 14:08
· 1334 commits to main since this release
2.1.0
1f7c06f

Tag 2.1.0 fixes an implementation defect present in tags 1.0.0 and 2.0.0. #987. According to the SPDM specification, during secure session establishment the Handshake-Secret is derived as HMAC-Hash(Salt_0, Secret) where Secret is either the DHE Secret or the Pre-shared Key. In tags 1.0.0 and 2.0.0 libspdm swapped these two parameters as HMAC-Hash(Secret, Salt_0). While tag 2.1.0 has corrected this defect it means that a tag 2.1.0 endpoint will not be able to establish a secure session with a tag 1.0.0 or 2.0.0 endpoint.

This is an SPDM specification compliance issue, we suggest the consumers use the tag 2.1.0 for further development.

Major feature:

  1. Align to SPDM 1.2.1 spec https://www.dmtf.org/dsp/DSP0274
  2. Finish all SPDM 1.2.1 new features, including identity provisioning and chunking.
Assets 2
Loading