• Members Area
  • 中文
  • 日本語

User account menu

  • Log in
Home

Main navigation

  • Home
  • About DMTF
    • All About DMTF
    • Frequently Asked Questions
    • Members List
    • DMTF Officers
      • All DMTF Officers
      • DMTF Executive Biographies
    • DMTF Officer Hall of Fame
    • DMTF Fellows
    • DMTF Star Award Recipients
      • All Star Award Recipients
      • Super Star Award Recipients
    • Working Groups and Committees
    • Alliance Partners
    • Academic Alliances
    • ANSI/ISO Adoptions and Alliance Activities
    • Policies
    • Patent Disclosures
    • Copyright Statement
    • Contact Us
  • Standards & Technology
    • Standard and Technology Overview
      • Standards and Technology Overview
      • Open Source Projects Using DMTF Technologies
      • Historical Documents
      • International Translated DMTF Specifications
      • Management Profiles
      • Works in Progress
    • ANSI/ISO Adoptions and Alliance Activities
    • Feedback and Technology Submission Portal
    • DMTF Security Disclosures
    • Security Issue Reporting
    • Adopters of DMTF Standards
      • Adopters of DMTF Standards List
      • Adopter Application Form
    • All DMTF Standard Publications
    • Active Legacy Standards
      • Cloud Auditing Data Federation
      • Common Diagnostic Model
      • Cloud Management Initiative
      • Configuration Management Database Federation
      • Network Management Initiative
      • Open Virtualization Format
      • Systems Management Architecture for Server Hardware
      • Virtualization Management
      • Web-Based Enterprise Management
      • Web Services Management
    • Common Information Model
    • Desktop and Mobile Architecture for System Hardware
    • Platform Management Communications Infrastructure
    • Redfish®
    • Security Protocols and Data Models
    • SMBIOS
  • News & Events
    • All News and Events
    • Events
      • Events
      • Past Events
        • 2023 APTS
    • DMTF Press Releases
    • In the News
    • DMTF Speaker Request Form
    • Press Kit
    • Newsletter Archive
  • Education
    • All Education
    • Presentations
    • White Papers
    • Webinars
    • Open Source
    • Newsletter
  • Conformance
    • DMTF Conformance Programs
    • DASH Conformance Program
    • DMTF Certification Registry (opens in new tab)
  • Join
    • Join the DMTF
    • Benefits
    • Membership Levels
    • Sign Up
      • Individual Access
      • New Company
    • Join the Forums

SPDM announces the release of libspdm 3.8

Breadcrumb

  • Home
  • SPDM announces the release of libspdm 3.8

The Security Protocols and Data Models (SPDM) Code Task Force announces its latest open source release of libspdm, version 3.8. It is conformant with DSP0274 1.0., 1.1, 1.2 and 1.3. It is now available for download and the notable changes are: 

  • Support for DSP0286 1.0 - Security Protocol and Data Model (SPDM) to Storage Binding Specification
  • Support for DSP0287 1.0 - SPDM over TCP Binding Specification
  • SPDM 1.3 encapsulated GET_ENDPOINT_INFO
  • Update OpenSSL to 3.5.1, which supports PQC
  • Fix Ed448 signing/verification issue that it did not pass context in signing (#3037). This is an SPDM specification compliance issue, we suggest the consumers use the tag 3.8.0 for further development if Ed448 is enabled.
  • Add EdDSA and SM2 in libspdm_gen_x509_csr()

The SPDM and secured message libraries follow:

  • DSP0274 SPDM Specification (version 1.0.2, version 1.1.4, version 1.2.3 and version 1.3.2)
  • DSP0277 Secured Messages using SPDM Specification (version 1.0.1, 1.1.1, version 1.2.0)
  • DSP0275 SPDM over MCTP Binding Specification (version 1.0.2)
  • DSP0276 Secured Messages using SPDM over MCTP Binding Specification (version 1.2.0)
  • DSP0286 Security Protocol and Data Model (SPDM) to Storage Binding Specification (version 1.0.0)
  • DSP0287 SPDM over TCP Binding Specification (version 1.0.0)

You can find all of this in the group’s readme here. In addition, details such as SPDM supported commands, cryptographic algorithm support, design, threat model, and users guide can be found in the readme in the repository.
 
Protocols defined by SPDM can be used for a wide range of security functionalities including authentication of hardware/firmware identities, delivering measurements, performing attestation, and establishing session keys for secure communication channels. 
 
In addition to the core library, libspdm enables spdm-emu, which contains a full SPDM Requester and Responder; spdm-dump, which can parse SPDM messages; and the SPDM Responder Validator, which is still under development but can be used to test an SPDM Responder implementation for its conformance to the SPDM specification.
 
For more information about libspdm, please visit https://github.com/DMTF/libspdm. 

Policies | Site Map | Contact Us

Copyright © 2026 DMTF. All rights reserved.