search

jyao1 / openspdm

This openspdm is a sample implementation for the DMTF SPDM specification.
Other
20 stars 22 forks source link

Do we need include Opaque data for MeasurementResponse without signature? #141

Closed jyao1 closed 3 years ago

jyao1 commented 3 years ago

See #137, test case feedback 3.

TestSpdmRequesterGetMeasurement fail due to one of the following reasons: Opaque data is ignored if the measurement response does not include a signature (test cases 23, 24, 29)

Current code purposely ignored Opaque data, because I don't think we should transport Opaque data if no signature is required.

Maybe SPDM spec should clarify it.

xiaoyuruan commented 3 years ago

SPDM does not specify that signature is a pre-requisite of Opaque Data in MEASUREMENT response. So Opaque Data should be included. The Requester should decide whether to use Responder's Opaque Data without a signature or send GET_MEASUREMENT again but require a signature.

t-koulouris commented 3 years ago

agree with @xiaoyuruan

jyao1 commented 3 years ago

Fixed after fdb1467fc9d32504f0d101d77fa7c99be2dec26c. Case 23/24/29 are enabled.