/src/spdm-rs/spdmlib/src/protocol/version.rs

Source
// Copyright (c) 2020 Intel Corporation
//
// SPDX-License-Identifier: Apache-2.0 or MIT

use codec::{Codec, EncodeErr};
use core::convert::TryFrom;

#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Copy, Default)]
pub enum SpdmVersion {
    #[default]
    SpdmVersion10,
    SpdmVersion11,
    SpdmVersion12,
    SpdmVersion13,
    SpdmVersion14,
}

impl TryFrom<u8> for SpdmVersion {
    type Error = ();
    fn try_from(untrusted_spdm_version: u8) -> Result<Self, <Self as TryFrom<u8>>::Error> {
        if untrusted_spdm_version == 0x10 {
            Ok(SpdmVersion::SpdmVersion10)
        } else if untrusted_spdm_version == 0x11 {
            Ok(SpdmVersion::SpdmVersion11)
        } else if untrusted_spdm_version == 0x12 {
            Ok(SpdmVersion::SpdmVersion12)
        } else if untrusted_spdm_version == 0x13 {
            Ok(SpdmVersion::SpdmVersion13)
        } else if untrusted_spdm_version == 0x14 {
            Ok(SpdmVersion::SpdmVersion14)
        } else {
            Err(())
        }
    }
}

impl From<SpdmVersion> for u8 {
    fn from(spdm_version: SpdmVersion) -> Self {
        match spdm_version {
            SpdmVersion::SpdmVersion10 => 0x10,
            SpdmVersion::SpdmVersion11 => 0x11,
            SpdmVersion::SpdmVersion12 => 0x12,
            SpdmVersion::SpdmVersion13 => 0x13,
            SpdmVersion::SpdmVersion14 => 0x14,
        }
    }
}

impl From<&SpdmVersion> for u8 {
    fn from(spdm_version: &SpdmVersion) -> Self {
        u8::from(*spdm_version)
    }
}

impl Codec for SpdmVersion {
    fn encode(&self, bytes: &mut codec::Writer<'_>) -> Result<usize, EncodeErr> {
        u8::from(self).encode(bytes)
    }

    fn read(r: &mut codec::Reader<'_>) -> Option<Self> {
        let spdm_version = u8::read(r)?;
        Self::try_from(spdm_version).ok()
    }
}

pub const MAX_SPDM_VERSION_COUNT: usize = 5;

// SPDM V1.x signing prefix context. It must be patched before generating singature.
//"dmtf-spdm-v1.x.*dmtf-spdm-v1.x.*dmtf-spdm-v1.x.*dmtf-spdm-v1.x.*"
pub const SPDM_VERSION_1_X_SIGNING_PREFIX_CONTEXT: [u8; 64] = [
    0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
    0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
    0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
    0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
];
pub const SPDM_VERSION_SIGNING_PREFIX_LENGTH: usize = 16;
pub const SPDM_VERSION_SIGNING_PREFIX_NUMBER: usize = 4;
pub const SPDM_VERSION_SIGNING_PREFIX_MAJOR_VER_INDEX: usize = 11;
pub const SPDM_VERSION_SIGNING_PREFIX_MINOR_VER_INDEX: usize = 13;

// "responder-challenge_auth signing"
pub const SPDM_CHALLENGE_AUTH_SIGN_CONTEXT: [u8; 32] = [
    0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65,
    0x6e, 0x67, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
];

// "requester-challenge_auth signing"
pub const SPDM_MUT_CHALLENGE_AUTH_SIGN_CONTEXT: [u8; 32] = [
    0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65,
    0x6e, 0x67, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
];

// "responder-measurements signing"
pub const SPDM_MEASUREMENTS_SIGN_CONTEXT: [u8; 30] = [
    0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x6d, 0x65, 0x61, 0x73, 0x75, 0x72,
    0x65, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
];

// "responder-key_exchange_rsp signing"
pub const SPDM_KEY_EXCHANGE_RESPONSE_SIGN_CONTEXT: [u8; 34] = [
    0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x6b, 0x65, 0x79, 0x5f, 0x65, 0x78,
    0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x72, 0x73, 0x70, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69,
    0x6e, 0x67,
];

// "Requester-KEP-dmtf-spdm-v1.2"
pub const SPDM_VERSION_1_2_KEY_EXCHANGE_REQUESTER_CONTEXT: [u8; 28] = [
    0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x4b, 0x45, 0x50, 0x2d, 0x64, 0x6d,
    0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x32,
];

// "Responder-KEP-dmtf-spdm-v1.2"
pub const SPDM_VERSION_1_2_KEY_EXCHANGE_RESPONDER_CONTEXT: [u8; 28] = [
    0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x4b, 0x45, 0x50, 0x2d, 0x64, 0x6d,
    0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x32,
];

// "requester-finish signing"
pub const SPDM_FINISH_SIGN_CONTEXT: [u8; 24] = [
    0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68,
    0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
];

pub const SPDM_VERSION_SIGNING_CONTEXT_SIZE: usize = 100;
pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_2: [u8; 2] = [0x0, 0x0];
pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_4: [u8; 4] = [0x0, 0x0, 0x0, 0x0];
pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_6: [u8; 6] = [0x0, 0x0, 0x0, 0x0, 0x0, 0x0];
pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_8: [u8; 8] =
    [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0];
pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_12: [u8; 12] =
    [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0];

Coverage Report

Created: 2026-02-26 06:14

Line	Count	Source
1		// Copyright (c) 2020 Intel Corporation
2		//
3		// SPDX-License-Identifier: Apache-2.0 or MIT
4
5		use codec::{Codec, EncodeErr};
6		use core::convert::TryFrom;
7
8		#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone, Copy, Default)]
9		pub enum SpdmVersion {
10		#[default]
11		SpdmVersion10,
12		SpdmVersion11,
13		SpdmVersion12,
14		SpdmVersion13,
15		SpdmVersion14,
16		}
17
18		impl TryFrom<u8> for SpdmVersion {
19		type Error = ();
20	0	fn try_from(untrusted_spdm_version: u8) -> Result<Self, <Self as TryFrom<u8>>::Error> {
21	0	if untrusted_spdm_version == 0x10 {
22	0	Ok(SpdmVersion::SpdmVersion10)
23	0	} else if untrusted_spdm_version == 0x11 {
24	0	Ok(SpdmVersion::SpdmVersion11)
25	0	} else if untrusted_spdm_version == 0x12 {
26	0	Ok(SpdmVersion::SpdmVersion12)
27	0	} else if untrusted_spdm_version == 0x13 {
28	0	Ok(SpdmVersion::SpdmVersion13)
29	0	} else if untrusted_spdm_version == 0x14 {
30	0	Ok(SpdmVersion::SpdmVersion14)
31		} else {
32	0	Err(())
33		}
34	0	}
35		}
36
37		impl From<SpdmVersion> for u8 {
38	0	fn from(spdm_version: SpdmVersion) -> Self {
39	0	match spdm_version {
40	0	SpdmVersion::SpdmVersion10 => 0x10,
41	0	SpdmVersion::SpdmVersion11 => 0x11,
42	0	SpdmVersion::SpdmVersion12 => 0x12,
43	0	SpdmVersion::SpdmVersion13 => 0x13,
44	0	SpdmVersion::SpdmVersion14 => 0x14,
45		}
46	0	}
47		}
48
49		impl From<&SpdmVersion> for u8 {
50	0	fn from(spdm_version: &SpdmVersion) -> Self {
51	0	u8::from(*spdm_version)
52	0	}
53		}
54
55		impl Codec for SpdmVersion {
56	0	fn encode(&self, bytes: &mut codec::Writer<'_>) -> Result<usize, EncodeErr> {
57	0	u8::from(self).encode(bytes)
58	0	}
59
60	0	fn read(r: &mut codec::Reader<'_>) -> Option<Self> {
61	0	let spdm_version = u8::read(r)?;
62	0	Self::try_from(spdm_version).ok()
63	0	}
64		}
65
66		pub const MAX_SPDM_VERSION_COUNT: usize = 5;
67
68		// SPDM V1.x signing prefix context. It must be patched before generating singature.
69		//"dmtf-spdm-v1.x.dmtf-spdm-v1.x.dmtf-spdm-v1.x.dmtf-spdm-v1.x."
70		pub const SPDM_VERSION_1_X_SIGNING_PREFIX_CONTEXT: [u8; 64] = [
71		0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
72		0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
73		0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
74		0x64, 0x6d, 0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x78, 0x2e, 0x2a,
75		];
76		pub const SPDM_VERSION_SIGNING_PREFIX_LENGTH: usize = 16;
77		pub const SPDM_VERSION_SIGNING_PREFIX_NUMBER: usize = 4;
78		pub const SPDM_VERSION_SIGNING_PREFIX_MAJOR_VER_INDEX: usize = 11;
79		pub const SPDM_VERSION_SIGNING_PREFIX_MINOR_VER_INDEX: usize = 13;
80
81		// "responder-challenge_auth signing"
82		pub const SPDM_CHALLENGE_AUTH_SIGN_CONTEXT: [u8; 32] = [
83		0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65,
84		0x6e, 0x67, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
85		];
86
87		// "requester-challenge_auth signing"
88		pub const SPDM_MUT_CHALLENGE_AUTH_SIGN_CONTEXT: [u8; 32] = [
89		0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65,
90		0x6e, 0x67, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
91		];
92
93		// "responder-measurements signing"
94		pub const SPDM_MEASUREMENTS_SIGN_CONTEXT: [u8; 30] = [
95		0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x6d, 0x65, 0x61, 0x73, 0x75, 0x72,
96		0x65, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
97		];
98
99		// "responder-key_exchange_rsp signing"
100		pub const SPDM_KEY_EXCHANGE_RESPONSE_SIGN_CONTEXT: [u8; 34] = [
101		0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x6b, 0x65, 0x79, 0x5f, 0x65, 0x78,
102		0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x72, 0x73, 0x70, 0x20, 0x73, 0x69, 0x67, 0x6e, 0x69,
103		0x6e, 0x67,
104		];
105
106		// "Requester-KEP-dmtf-spdm-v1.2"
107		pub const SPDM_VERSION_1_2_KEY_EXCHANGE_REQUESTER_CONTEXT: [u8; 28] = [
108		0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x4b, 0x45, 0x50, 0x2d, 0x64, 0x6d,
109		0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x32,
110		];
111
112		// "Responder-KEP-dmtf-spdm-v1.2"
113		pub const SPDM_VERSION_1_2_KEY_EXCHANGE_RESPONDER_CONTEXT: [u8; 28] = [
114		0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x2d, 0x4b, 0x45, 0x50, 0x2d, 0x64, 0x6d,
115		0x74, 0x66, 0x2d, 0x73, 0x70, 0x64, 0x6d, 0x2d, 0x76, 0x31, 0x2e, 0x32,
116		];
117
118		// "requester-finish signing"
119		pub const SPDM_FINISH_SIGN_CONTEXT: [u8; 24] = [
120		0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68,
121		0x20, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
122		];
123
124		pub const SPDM_VERSION_SIGNING_CONTEXT_SIZE: usize = 100;
125		pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_2: [u8; 2] = [0x0, 0x0];
126		pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_4: [u8; 4] = [0x0, 0x0, 0x0, 0x0];
127		pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_6: [u8; 6] = [0x0, 0x0, 0x0, 0x0, 0x0, 0x0];
128		pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_8: [u8; 8] =
129		[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0];
130		pub const SPDM_VERSION_SIGNING_CONTEXT_ZEROPAD_12: [u8; 12] =
131		[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0];