Skip to content
This repository has been archived by the owner on Jul 29, 2024. It is now read-only.

Commit

Permalink
roll back keys when key_update fails.
Browse files Browse the repository at this point in the history
fix #27

Signed-off-by: Yang, Longlong <[email protected]>
  • Loading branch information
longlongyang committed Oct 16, 2023
1 parent feee628 commit 7d6d694
Show file tree
Hide file tree
Showing 3 changed files with 85 additions and 106 deletions.
73 changes: 10 additions & 63 deletions spdmlib/src/common/session.rs
Original file line number Diff line number Diff line change
Expand Up @@ -577,6 +577,10 @@ impl SpdmSession {
Ok(())
}

pub fn backup_data_secret(&mut self) {
self.application_secret_backup = self.application_secret.clone()
}

pub fn create_data_secret_update(
&mut self,
spdm_version: SpdmVersion,
Expand All @@ -591,11 +595,6 @@ impl SpdmSession {
let aead_algo = self.crypto_param.aead_algo;

if update_requester {
self.application_secret_backup.request_data_secret =
self.application_secret.request_data_secret.clone();
self.application_secret_backup.request_direction =
self.application_secret.request_direction.clone();

self.application_secret.request_data_secret = if let Some(us) =
self.key_schedule.derive_update_secret(
spdm_version,
Expand Down Expand Up @@ -640,11 +639,6 @@ impl SpdmSession {
}

if update_responder {
self.application_secret_backup.response_data_secret =
self.application_secret.response_data_secret.clone();
self.application_secret_backup.response_direction =
self.application_secret.response_direction.clone();

self.application_secret.response_data_secret = if let Some(us) =
self.key_schedule.derive_update_secret(
spdm_version,
Expand Down Expand Up @@ -690,41 +684,12 @@ impl SpdmSession {
Ok(())
}

pub fn activate_data_secret_update(
&mut self,
_spdm_version: SpdmVersion,
update_requester: bool,
update_responder: bool,
use_new_key: bool,
) -> SpdmResult {
if !use_new_key {
if update_requester {
self.application_secret.request_data_secret =
self.application_secret_backup.request_data_secret.clone();
self.application_secret.request_direction =
self.application_secret_backup.request_direction.clone();
}
if update_responder {
self.application_secret.response_data_secret =
self.application_secret_backup.response_data_secret.clone();
self.application_secret.response_direction =
self.application_secret_backup.response_direction.clone();
}
} else {
if update_requester {
self.application_secret_backup.request_data_secret =
SpdmDirectionDataSecretStruct::default();
self.application_secret_backup.request_direction =
SpdmSessionSecretParam::default();
}
if update_responder {
self.application_secret_backup.response_data_secret =
SpdmDirectionDataSecretStruct::default();
self.application_secret_backup.response_direction =
SpdmSessionSecretParam::default();
}
}
Ok(())
pub fn roll_back_data_secret(&mut self) {
self.application_secret = self.application_secret_backup.clone()
}

pub fn zero_data_secret_backup(&mut self) {
self.application_secret_backup = SpdmSessionAppliationSecret::default()
}

pub fn generate_hmac_with_response_finished_key(
Expand Down Expand Up @@ -1374,24 +1339,6 @@ mod tests_session {
}
}

#[test]
fn test_case0_activate_data_secret_update() {
let mut session = SpdmSession::default();
let status = session
.activate_data_secret_update(SpdmVersion::SpdmVersion12, true, true, false)
.is_ok();
assert!(status);

let status = session
.activate_data_secret_update(SpdmVersion::SpdmVersion12, true, false, false)
.is_ok();
assert!(status);

let status = session
.activate_data_secret_update(SpdmVersion::SpdmVersion12, false, false, false)
.is_ok();
assert!(status);
}
#[test]
fn test_case0_decode_msg() {
let mut session = SpdmSession::default();
Expand Down
88 changes: 51 additions & 37 deletions spdmlib/src/requester/key_update_req.rs
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ impl RequesterContext {

self.handle_spdm_key_update_op_response(
session_id,
update_requester,
update_responder,
key_update_operation,
tag,
&receive_buffer[..used],
)
}
Expand Down Expand Up @@ -75,8 +75,8 @@ impl RequesterContext {
pub fn handle_spdm_key_update_op_response(
&mut self,
session_id: u32,
update_requester: bool,
update_responder: bool,
key_update_operation: SpdmKeyUpdateOperation,
tag: u8,
receive_buffer: &[u8],
) -> SpdmResult {
let mut reader = Reader::init(receive_buffer);
Expand All @@ -87,32 +87,18 @@ impl RequesterContext {
}
match message_header.request_response_code {
SpdmRequestResponseCode::SpdmResponseKeyUpdateAck => {
let key_update_rsp =
SpdmKeyUpdateResponsePayload::spdm_read(&mut self.common, &mut reader);
let spdm_version_sel = self.common.negotiate_info.spdm_version_sel;
let session = if let Some(s) = self.common.get_session_via_id(session_id) {
s
if let Some(key_update_rsp) =
SpdmKeyUpdateResponsePayload::spdm_read(&mut self.common, &mut reader)
{
if key_update_rsp.key_update_operation != key_update_operation
|| key_update_rsp.tag != tag
{
Err(SPDM_STATUS_INVALID_MSG_FIELD)
} else {
Ok(())
}
} else {
return Err(SPDM_STATUS_INVALID_PARAMETER);
};
if let Some(key_update_rsp) = key_update_rsp {
debug!("!!! key_update rsp : {:02x?}\n", key_update_rsp);
session.activate_data_secret_update(
spdm_version_sel,
update_requester,
update_responder,
true,
)?;
Ok(())
} else {
error!("!!! key_update : fail !!!\n");
session.activate_data_secret_update(
spdm_version_sel,
update_requester,
update_responder,
false,
)?;
Err(SPDM_STATUS_INVALID_MSG_FIELD)
Err(SPDM_STATUS_INVALID_PARAMETER)
}
}
SpdmRequestResponseCode::SpdmResponseError => self
Expand All @@ -139,13 +125,41 @@ impl RequesterContext {
{
return Err(SPDM_STATUS_INVALID_MSG_FIELD);
}
self.send_receive_spdm_key_update_op(session_id, key_update_operation, 1)
.await?;
self.send_receive_spdm_key_update_op(
session_id,
SpdmKeyUpdateOperation::SpdmVerifyNewKey,
2,
)
.await

{
let session = self
.common
.get_session_via_id(session_id)
.ok_or(SPDM_STATUS_INVALID_PARAMETER)?;
session.backup_data_secret();
}

if self
.send_receive_spdm_key_update_op(session_id, key_update_operation, 1)
.await
.is_err()
|| self
.send_receive_spdm_key_update_op(
session_id,
SpdmKeyUpdateOperation::SpdmVerifyNewKey,
2,
)
.await
.is_err()
{
let session = self
.common
.get_session_via_id(session_id)
.ok_or(SPDM_STATUS_INVALID_PARAMETER)?;
session.roll_back_data_secret();
}

let session = self
.common
.get_session_via_id(session_id)
.ok_or(SPDM_STATUS_INVALID_PARAMETER)?;
session.zero_data_secret_backup();

Ok(())
}
}
30 changes: 24 additions & 6 deletions spdmlib/src/responder/key_update_rsp.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,29 @@ impl ResponderContext {
bytes: &[u8],
writer: &'a mut Writer,
) -> (SpdmResult, Option<&'a [u8]>) {
let (_, rsp_slice) = self.write_spdm_key_update_response(session_id, bytes, writer);
(Ok(()), rsp_slice)
{
if let Some(session) = self.common.get_session_via_id(session_id) {
session.backup_data_secret();
} else {
return (Ok(()), None);
}
}

let (result, rsp_slice) = self.write_spdm_key_update_response(session_id, bytes, writer);
if result.is_err() {
if let Some(session) = self.common.get_session_via_id(session_id) {
session.roll_back_data_secret();
} else {
return (Ok(()), None);
}
}

if let Some(session) = self.common.get_session_via_id(session_id) {
session.zero_data_secret_backup();
(Ok(()), rsp_slice)
} else {
(Ok(()), None)
}
}

pub fn write_spdm_key_update_response<'a>(
Expand Down Expand Up @@ -70,11 +91,8 @@ impl ResponderContext {
}
SpdmKeyUpdateOperation::SpdmUpdateAllKeys => {
let _ = session.create_data_secret_update(spdm_version_sel, true, true);
let _ = session.activate_data_secret_update(spdm_version_sel, true, true, true);
}
SpdmKeyUpdateOperation::SpdmVerifyNewKey => {
let _ = session.activate_data_secret_update(spdm_version_sel, true, false, true);
}
SpdmKeyUpdateOperation::SpdmVerifyNewKey => {}
_ => {
error!("!!! key_update req : fail !!!\n");
self.write_spdm_error(SpdmErrorCode::SpdmErrorInvalidRequest, 0, writer);
Expand Down

0 comments on commit 7d6d694

Please sign in to comment.