mask bitfields with VALID_MASK when read.

When read a bitfield, its reserved field should be ignored. Currently, it is not all the case, this PR rules this out. Signed-off-by: Yang, Longlong <[email protected]>
ccc-spdm-tools · Jan 26, 2024 · 4117eb8 · 4117eb8
1 parent f42eaf4
commit 4117eb8
Show file tree

Hide file tree

Showing 7 changed files with 1,165 additions and 1,136 deletions.
diff --git a/spdmlib/src/common/opaque.rs b/spdmlib/src/common/opaque.rs
@@ -613,7 +613,7 @@ impl Codec for SpdmOpaqueSupport {
     fn read(r: &mut Reader) -> Option<SpdmOpaqueSupport> {
         let bits = u8::read(r)?;
 
-        SpdmOpaqueSupport::from_bits(bits)
+        SpdmOpaqueSupport::from_bits(bits & SpdmOpaqueSupport::VALID_MASK.bits)
     }
 }
 

diff --git a/spdmlib/src/message/challenge.rs b/spdmlib/src/message/challenge.rs
@@ -79,6 +79,7 @@ bitflags! {
     #[derive(Default)]
     pub struct SpdmChallengeAuthAttribute: u8 {
         const BASIC_MUT_AUTH_REQ = 0b10000000;
+        const VALID_MASK = Self::BASIC_MUT_AUTH_REQ.bits;
     }
 }
 
@@ -126,7 +127,9 @@ impl SpdmCodec for SpdmChallengeAuthResponsePayload {
     ) -> Option<SpdmChallengeAuthResponsePayload> {
         let param1 = u8::read(r)?;
         let slot_id = param1 & 0xF;
-        let challenge_auth_attribute = SpdmChallengeAuthAttribute::from_bits(param1 & 0xF0)?;
+        let challenge_auth_attribute = SpdmChallengeAuthAttribute::from_bits(
+            param1 & SpdmChallengeAuthAttribute::VALID_MASK.bits,
+        )?;
         let slot_mask = u8::read(r)?; // param2
         let cert_chain_hash = SpdmDigestStruct::spdm_read(context, r)?;
         let nonce = SpdmNonceStruct::read(r)?;

diff --git a/spdmlib/src/message/end_session.rs b/spdmlib/src/message/end_session.rs
@@ -11,6 +11,7 @@ bitflags! {
     #[derive(Default)]
     pub struct SpdmEndSessionRequestAttributes: u8 {
         const PRESERVE_NEGOTIATED_STATE = 0b00000001;
+        const VALID_MASK = Self::PRESERVE_NEGOTIATED_STATE.bits;
     }
 }
 
@@ -22,7 +23,9 @@ impl Codec for SpdmEndSessionRequestAttributes {
     fn read(r: &mut Reader) -> Option<SpdmEndSessionRequestAttributes> {
         let bits = u8::read(r)?;
 
-        SpdmEndSessionRequestAttributes::from_bits(bits)
+        SpdmEndSessionRequestAttributes::from_bits(
+            bits & SpdmEndSessionRequestAttributes::VALID_MASK.bits,
+        )
     }
 }
 

diff --git a/spdmlib/src/message/finish.rs b/spdmlib/src/message/finish.rs
@@ -14,6 +14,7 @@ bitflags! {
     #[derive(Default)]
     pub struct SpdmFinishRequestAttributes: u8 {
         const SIGNATURE_INCLUDED = 0b00000001;
+        const VALID_MASK = Self::SIGNATURE_INCLUDED.bits;
     }
 }
 
@@ -25,7 +26,7 @@ impl Codec for SpdmFinishRequestAttributes {
     fn read(r: &mut Reader) -> Option<SpdmFinishRequestAttributes> {
         let bits = u8::read(r)?;
 
-        SpdmFinishRequestAttributes::from_bits(bits)
+        SpdmFinishRequestAttributes::from_bits(bits & SpdmFinishRequestAttributes::VALID_MASK.bits)
     }
 }
 

diff --git a/spdmlib/src/message/key_exchange.rs b/spdmlib/src/message/key_exchange.rs
@@ -118,6 +118,7 @@ bitflags! {
         const MUT_AUTH_REQ = 0b00000001;
         const MUT_AUTH_REQ_WITH_ENCAP_REQUEST = 0b00000010;
         const MUT_AUTH_REQ_WITH_GET_DIGESTS = 0b00000100;
+        const VALID_MASK = Self::MUT_AUTH_REQ.bits | Self::MUT_AUTH_REQ_WITH_ENCAP_REQUEST.bits | Self::MUT_AUTH_REQ_WITH_GET_DIGESTS.bits;
     }
 }
 
@@ -129,7 +130,9 @@ impl Codec for SpdmKeyExchangeMutAuthAttributes {
     fn read(r: &mut Reader) -> Option<SpdmKeyExchangeMutAuthAttributes> {
         let bits = u8::read(r)?;
 
-        SpdmKeyExchangeMutAuthAttributes::from_bits(bits)
+        SpdmKeyExchangeMutAuthAttributes::from_bits(
+            bits & SpdmKeyExchangeMutAuthAttributes::VALID_MASK.bits,
+        )
     }
 }
 

diff --git a/spdmlib/src/message/measurement.rs b/spdmlib/src/message/measurement.rs
@@ -22,6 +22,7 @@ bitflags! {
     pub struct SpdmMeasurementAttributes: u8 {
         const SIGNATURE_REQUESTED = 0b00000001;
         const RAW_BIT_STREAM_REQUESTED = 0b0000_0010;
+        const VALID_MASK = Self::SIGNATURE_REQUESTED.bits | Self::RAW_BIT_STREAM_REQUESTED.bits;
     }
 }
 
@@ -33,7 +34,7 @@ impl Codec for SpdmMeasurementAttributes {
     fn read(r: &mut Reader) -> Option<SpdmMeasurementAttributes> {
         let bits = u8::read(r)?;
 
-        SpdmMeasurementAttributes::from_bits(bits)
+        SpdmMeasurementAttributes::from_bits(bits & SpdmMeasurementAttributes::VALID_MASK.bits)
     }
 }