Open
Conversation
Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
This commit implements SPDM requester EKU OID validator for webpki and starts using it instead of KeyUsage. Now spdm-rs is aligned to libspdm X.509 certificate EKU OID verification. Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
… SPDM Responder EKU OID validator Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
…r EKU OID checks Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
libspdm:3e973c58a594dfa6cf0bc7e53af37cce02cd544a Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Bumps [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/swatinem/rust-cache/releases) - [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md) - [Commits](Swatinem/rust-cache@98c8021...f13886b) --- updated-dependencies: - dependency-name: Swatinem/rust-cache dependency-version: 2.8.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.7.3 to 4.8.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@595b5ae...56339e5) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 4.8.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.2 to 2.4.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@05b42c6...4eaacf0) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Fix the miss of patching signature in key exchange response when key exchange messages are in clear text. Also simplify the patching logic of key exchange response.
Bumps [KyleMayes/install-llvm-action](https://github.com/kylemayes/install-llvm-action) from 2.0.7 to 2.0.8. - [Release notes](https://github.com/kylemayes/install-llvm-action/releases) - [Changelog](https://github.com/KyleMayes/install-llvm-action/blob/master/CHANGELOG.md) - [Commits](KyleMayes/install-llvm-action@a7a1a88...98e68e1) --- updated-dependencies: - dependency-name: KyleMayes/install-llvm-action dependency-version: 2.0.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.8.0 to 4.8.1. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@56339e5...40c09b7) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
If vendor_defined_request_handler return error, the spdmlib will call the extend handler, which has more parameters including responder context and receiving/sending bytes for upper application to do handling upon receiving vdm message.
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
This patch adds the interface to let upper user to overwrite transcripts of hash of specified chain or public key, by user assigned vdm transcripts.
Bypass the slot_id check and transcript for provisioned pub key in key exchange and finish messages. Add apis to provision public key into spdmlib context. This commit provides the key exchange and finish message message part of the provisioned pub key support.
Add mut auth bit 0 setting support, when is is configured, the relative certchain should use pre configured slot id.
When responder returned req slot_id with mut-auth bit 0, requester should refer it to use cert-chain rather than default 0.
Key exchange and finish should use raw public key when slot_id is configured to use provisioned public key.
IntelCaisui
force-pushed
the
251017_SPDM_ADD_RAW_PUB_KEY_VERIFY
branch
from
c606cca to
d810b40
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.