Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libspdm_decode_secured_message to support out-of-order message decryption #2562

Open
PrithviAPai opened this issue Feb 8, 2024 · 6 comments
Open

libspdm_decode_secured_message to support out-of-order message decryption #2562

PrithviAPai opened this issue Feb 8, 2024 · 6 comments
Labels
enhancement New feature or request

Comments

@PrithviAPai
Copy link

Reference: #2560
@PrithviAPai
Copy link
Author

Spec mentions SPDM EndPoint shall NOT send messages with out of sequence.
image

In case of packet drop/timeout, spec mentions integrator either to END_SESSION or Re-establish NEW Session.
Should there be changes in spec ? Or is there anything integrator can do about this ?

@steven-bellock steven-bellock added the enhancement New feature or request label Feb 8, 2024
@steven-bellock
Copy link
Contributor

Yeah let me file an issue against the specification on what is meant by that. It should be more clear.

@steven-bellock steven-bellock mentioned this issue Feb 8, 2024
Closed
@PrithviAPai
Copy link
Author

Yeah let me file an issue against the specification on what is meant by that. It should be more clear.

Any response from the authors ?
When can libspdm support out-of-order message delivery ?

@steven-bellock
Copy link
Contributor

Any response from the authors ?

Yes. The SPDM Working Group meetings are every Wednesday.

They clarified that 277 itself is not a transport. In particular, if a transport receives messages out-of-order then it is up to the transport layer(s), below 277, to re-arrange things. Individual 277 messages, and their sequence number, cannot be presented to the 277 layer out-of-order, else that is flagged as an error. libspdm is currently consistent with that behavior.

If you'd like to see changes in future specifications let me know and I can get you added to the specification repository where you can file an issue.

@PrithviAPai
Copy link
Author

Thanks for your response @steven-bellock
I was exploring part of NOT having sequence number for my use case. 277 doesn't recommend having sequence numbers.
image

In libspdm, I didnt find any option to send packet without sequence numbers. Is there any provision like that ?

@steven-bellock
Copy link
Contributor

The Integrator needs to register.

libspdm/include/library/spdm_secured_message_lib.h

Lines 182 to 196 in 11a60b3

/**
* Get sequence number in an SPDM secure message.
*
* This value is transport layer specific.
*
* @param sequence_number The current sequence number used to encode or decode message.
* @param sequence_number_buffer A buffer to hold the sequence number output used in the secured message.
* The size in byte of the output buffer shall be 8.
*
* @return size in byte of the sequence_number_buffer.
* It shall be no greater than 8.
* 0 means no sequence number is required.
**/
typedef uint8_t (*libspdm_secured_message_get_sequence_number_func)(
uint64_t sequence_number, uint8_t *sequence_number_buffer);
libspdm will call this function and the Integrator provides the sequence number as it will appear in the 277 message. Different transports define the size of the 277 message sequence number. For example MCTP defines it to be the lower two bytes of the full eight byte sequence number.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@steven-bellock @PrithviAPai