OpaqueData format should be different between SPDM 1.1.2 and SPDM 1.2.1

[Zhiqiang520]

OpaqueData format should be different between SPDM 1.1.2 and SPDM 1.2.1.

1. In DSP0274_1.1.2.pdf.
   1.1 Refer to the paragraph 256 Successful CHALLENGE_AUTH response message format
   
   1.2 Refer to the paragraph 327 Successful MEASUREMENTS response message format
   

2. In DSP0274_1.2.1.pdf.
   2.1 Refer to the paragraph 353 Table 36 — Successful CHALLENGE_AUTH response message format
   
   2.2 Refer to the paragraph 417 Table 43 — Successful MEASUREMENTS response message format
   

3. But the code always generate the OpaqueData Free-form in libspdm_challenge_opaque_data, libspdm_encap_challenge_opaque_data and libspdm_measurement_opaque_data, ignore the SPDM version and the selected opaque data format in OtherParamsSelection.
   

   libspdm/os_stub/spdm_device_secret_lib_sample/lib.c

   Lines 1232 to 1274 in 955350e

   	bool libspdm_challenge_opaque_data(
   	spdm_version_number_t spdm_version,
   	uint8_t slot_id,
   	uint8_t *measurement_summary_hash,
   	size_t measurement_summary_hash_size,
   	void *opaque_data,
   	size_t *opaque_data_size)
   	{
   	size_t index;
   	LIBSPDM_ASSERT(libspdm_secret_lib_challenge_opaque_data_size <= *opaque_data_size);
   	*opaque_data_size = libspdm_secret_lib_challenge_opaque_data_size;
   	for (index = 0; index < *opaque_data_size; index++)
   	{
   	((uint8_t *)opaque_data)[index] = (uint8_t)index;
   	}
   	return true;
   	}
   	bool libspdm_encap_challenge_opaque_data(
   	spdm_version_number_t spdm_version,
   	uint8_t slot_id,
   	uint8_t *measurement_summary_hash,
   	size_t measurement_summary_hash_size,
   	void *opaque_data,
   	size_t *opaque_data_size)
   	{
   	size_t index;
   	LIBSPDM_ASSERT(libspdm_secret_lib_challenge_opaque_data_size <= *opaque_data_size);
   	*opaque_data_size = libspdm_secret_lib_challenge_opaque_data_size;
   	for (index = 0; index < *opaque_data_size; index++)
   	{
   	((uint8_t *)opaque_data)[index] = (uint8_t)index;
   	}
   	return true;
   	}

   
   

   libspdm/os_stub/spdm_device_secret_lib_sample/lib.c

   Lines 1207 to 1228 in 955350e

   	bool libspdm_measurement_opaque_data(
   	spdm_version_number_t spdm_version,
   	uint8_t measurement_specification,
   	uint32_t measurement_hash_algo,
   	uint8_t measurement_index,
   	uint8_t request_attribute,
   	void *opaque_data,
   	size_t *opaque_data_size)
   	{
   	size_t index;
   	LIBSPDM_ASSERT(libspdm_secret_lib_meas_opaque_data_size <= *opaque_data_size);
   	*opaque_data_size = libspdm_secret_lib_meas_opaque_data_size;
   	for (index = 0; index < *opaque_data_size; index++)
   	{
   	((uint8_t *)opaque_data)[index] = (uint8_t)index;
   	}
   	return true;
   	}

[steven-bellock]

277 imposes more structure on SPDM 1.1 opaque data. If an endpoint supports 277 1.0 or 1.1 (ie, key exchange is supported), and if secured messages are enabled, then all OpaqueData fields must conform to the "Secured Message opaque data format".

The Secured Message general opaque data table defines the general format for all opaque data fields. If the selected SPDM protocol version is 1.1, then all opaque data fields in SPDM messages shall utilize the format defined by Secured Message general opaque data.

[steven-bellock]

Filed https://github.com/DMTF/SPDM-WG/issues/3302 for clarification on that.

[steven-bellock]

The resolution to https://github.com/DMTF/SPDM-WG/issues/3302 is that the "Secured Message opaque data format" is only applicable during key exchange.