-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add more check for supported algorithm #1581
Add more check for supported algorithm #1581
Conversation
#define LIBSPDM_FIPS_SIGNATURE_ALGO \ | ||
((LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) || (LIBSPDM_ECDSA_SUPPORT)) | ||
|
||
#define LIBSPDM_FIPS_DHE_ALGO ((LIBSPDM_FFDHE_SUPPORT) || (LIBSPDM_ECDHE_SUPPORT)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some (most) of these algorithms are conditional on the endpoint's capabilities. For example if an endpoint does not support asymmetric key exchange then LIBSPDM_FIPS_DHE_ALGO
can be 0 / false
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I have deleted the LIBSPDM_FIPS_DHE_ALGO
check.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we follow the capability, we should remove LIBSPDM_FIPS_AEAD_ALGO
as well, since it is not required in authentication only use case.
We should remove LIBSPDM_FIPS_SIGNATURE_ALGO
as well, since it is not required in PSK use case.
Then we only need LIBSPDM_FIPS_HASH_ALGO
.
However, that at least one bit set according to capability should be enforced by the logic in https://github.com/DMTF/libspdm/blob/main/include/internal/libspdm_macro_check.h.
I dont think it is related to FIPS.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here is my suggestion:
-
We should improve the algo check with capability in https://github.com/DMTF/libspdm/blob/main/include/internal/libspdm_macro_check.h. E.g LIBSPDM_HASH_ALGO_SUPPORT is missing, LIBSPDM_AEAD_ALGO_SUPPORT is missing.
-
We dont need LIBSPDM_FIPS_xxx_ALGO, because at least one bit rule is already applied.
This should be a generic algo check, not specific FIPS algo check.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I have added the LIBSPDM_HASH_ALGO_SUPPORT
and LIBSPDM_AEAD_ALGO_SUPPORT
.
But for LIBSPDM_AEAD_ALGO_SUPPORT
, I don't know how to add the check.
94534ae
to
963ed0c
Compare
@@ -30,6 +39,10 @@ | |||
#error If KEY_EX_CAP is enabled then at least one DHE algorithm must also be enabled. | |||
#endif | |||
|
|||
#if !LIBSPDM_HASH_ALGO_SUPPORT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is valid use case that if SPDM only supports unsigned measurement with raw bit stream.
It has been a while since we discuss this. I recommend:
NOTE:
|
For FIPS specific check as addition, I think we can do following:
|
Signed-off-by: Wenxing Hou <[email protected]>
1876528
to
82bcabe
Compare
Signed-off-by: Wenxing Hou <[email protected]>
82bcabe
to
04a7dfa
Compare
Signed-off-by: Wenxing Hou [email protected]