Hash functions for SPDM protocol operations, implemented via OpenPRoT crypto service.
Implements the SpdmHash trait from spdm-lib supporting SHA-384 and SHA-512 algorithms. All cryptographic operations are delegated to the centralized crypto service via IPC.
SpdmCryptoHash → CryptoClient → IPC → CryptoServer → RustCryptoBackend → SHA2
For small messages that fit in a single IPC call:
use openprot_spdm_hash::SpdmCryptoHash; use spdm_lib::platform::hash::{SpdmHash, SpdmHashAlgoType}; let mut hasher = SpdmCryptoHash::new(handle::CRYPTO); let mut output = [0u8; 48]; hasher.hash(SpdmHashAlgoType::SHA384, b"data to hash", &mut output)?;
For large messages or data that arrives in chunks:
let mut hasher = SpdmCryptoHash::new(handle::CRYPTO); // Initialize hasher.init(SpdmHashAlgoType::SHA384, None)?; // Accumulate data hasher.update(chunk1)?; hasher.update(chunk2)?; hasher.update(chunk3)?; // Finalize let mut output = [0u8; 48]; hasher.finalize(&mut output)?; // Clean up for next use hasher.reset();
The init() method supports providing initial data:
// Initialize with VCA (Version/Capabilities/Algorithms) data hasher.init(SpdmHashAlgoType::SHA384, Some(vca_buffer))?; // Then add additional messages hasher.update(request_data)?; hasher.update(response_data)?; // Finalize hasher.finalize(&mut output)?;
This implementation is used by spdm-lib for:
spdm-lib — SPDM protocol library (https://github.com/9elements/spdm-lib.git, branch: buildup)crypto-client — OpenPRoT crypto service clientThe implementation maintains internal state to support streaming operations:
State transitions:
init() → Creates session (Idle → Sha384/Sha512)update() → Feeds data (stays in current session)finalize() → Completes hash (Sha384/Sha512 → Idle)reset() → Aborts session (Any → Idle)hash() → Operates independently of stateApache-2.0