libspdm icon indicating copy to clipboard operation
libspdm copied to clipboard
verified publisher icon DMTF

Provide function that returns pointer to export master secret

Open steven-bellock opened this issue 3 years ago • 3 comments

Currently if an integrator wants to extract the Export Master Secret from the SPDM context they'll use the libspdm_secured_message_export_master_secret which does the memcpy for them. However the integrator may want to do the memcpy themselves, and pass the pointer to other functions, in which case libspdm should provide a libspdm_secured_message_get_export_master_secret function that returns a pointer to the EMS.

steven-bellock avatar Oct 19 '22 15:10 steven-bellock

A pointer will expose the internal data structure, this is not the good idea.

May I know why the integrator want to do memcpy by themselves?

jyao1 avatar Oct 26 '22 08:10 jyao1

May I know why the integrator want to do memcpy by themselves?

Perhaps they don't want to expose the destination pointer to libspdm? Either way there's two models of exporting / importing the EMS secret and I think it's fine to support both.

steven-bellock avatar Oct 26 '22 12:10 steven-bellock

Steven to talk with NVIDIA folks.

steven-bellock avatar Oct 31 '22 14:10 steven-bellock

We'll work around this. Closing.

steven-bellock avatar Nov 28 '22 16:11 steven-bellock