From 692fba855ec72f21018e411ea9f02bb135127984 Mon Sep 17 00:00:00 2001
From: OuyangHang33 <hank.ouyang@intel.com>
Date: Wed, 24 Apr 2024 10:10:51 +0800
Subject: [PATCH] In spec only S3 old key dropped before verify new key
 operation

Signed-off-by: OuyangHang33 <hank.ouyang@intel.com>
---
 spdmlib/src/responder/key_update_rsp.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spdmlib/src/responder/key_update_rsp.rs b/spdmlib/src/responder/key_update_rsp.rs
index 63d43a5..3373052 100644
--- a/spdmlib/src/responder/key_update_rsp.rs
+++ b/spdmlib/src/responder/key_update_rsp.rs
@@ -70,7 +70,7 @@ impl ResponderContext {
             }
             SpdmKeyUpdateOperation::SpdmUpdateAllKeys => {
                 let _ = session.create_data_secret_update(spdm_version_sel, true, true);
-                let _ = session.activate_data_secret_update(spdm_version_sel, true, true, true);
+                let _ = session.activate_data_secret_update(spdm_version_sel, false, true, true);
             }
             SpdmKeyUpdateOperation::SpdmVerifyNewKey => {
                 let _ = session.activate_data_secret_update(spdm_version_sel, true, false, true);