Add initial certificate bank support and allow selecting the bank#3629
Add initial certificate bank support and allow selecting the bank#3629alistair23 wants to merge 2 commits into
Conversation
alistair23
force-pushed
the
alistair/bank-support
branch
6 times, most recently
from
e3e587a to
4e67910
Compare
Currently bank support can be handled by the implementer using the CONNECTION_STATE_NEGOTIATED callback registered with libspdm_register_connection_state_callback_func(). The problem with this is it pushes a lot of complexity back to the implementer and it makes supporting the Slot Management commands tricky, as the implementer will need to handle the commands as well. Instead let's move the bank support into libspdm. For step 1 we just convert the array of certificate information for the slots into a 2-D array of slots and banks. We hard code to use bank 0 at all times, so this is no functional change. At build time we allow users to specify their own bank count, allowing smaller bank counts on size reduced systems. Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
alistair23
force-pushed
the
alistair/bank-support
branch
7 times, most recently
from
cfa50b4 to
0484933
Compare
Allow the implementation to select the bank to use by setting the LIBSPDM_DATA_LOCAL_CURRENT_BANK property. This selects the current bank for all existing operations. Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
alistair23
force-pushed
the
alistair/bank-support
branch
from
0484933 to
5a803e8
Compare
|
|
||
| /* SPDM 1.4 capabilities. */ | ||
| #ifndef LIBSPDM_MAX_BANK_COUNT | ||
| #define LIBSPDM_MAX_BANK_COUNT SPDM_MAX_BANK_COUNT |
There was a problem hiding this comment.
I feel 240 bank is too much for a normal device.
How many banks you have seen or planned in a production usually?
There was a problem hiding this comment.
An implementation could overwrite this, 240 is just the maximum.
I would guess maybe 2 banks? One for pre-quantum and one for post-quantum. From my reading of things banks are mostly to support PQC
| spdm_key_pair_id_t local_key_pair_id[SPDM_MAX_SLOT_COUNT]; | ||
| spdm_certificate_info_t local_cert_info[SPDM_MAX_SLOT_COUNT]; | ||
| spdm_key_usage_bit_mask_t local_key_usage_bit_mask[SPDM_MAX_SLOT_COUNT]; | ||
| uint8_t current_bank; |
There was a problem hiding this comment.
I am not sure why current_bank is in libspdm_local_context_t.
I think current_bank should be based on negotiated algorithm, right?
Or do I misunderstand the meaning of current_bank?
There was a problem hiding this comment.
NEGOTIATE_ALGORITHMS doesn't select the bank. It's up to the implementation to select the bank. So the implementation uses the information about the negotiated algorithm to set current_bank.
For example, if an implementation supported 3 banks, A, B, C, if algorithm B was negotiated then it would set current_bank to 1
I think we might want a high level design for bank management.
Bank management is similar to key pair info feature. Today we are using option 2) - see https://github.com/DMTF/libspdm/blob/main/include/hal/library/responder/key_pair_info.h I feel we can start from option 2. |
The issue here though is it's very complex managing the
I think key pairs are simpler then banks. Note that the bank approach I'm thinking about here will be similar to https://github.com/DMTF/libspdm/blob/main/include/hal/library/responder/key_pair_info.h, in that we will have to call to the implementer for handling the commands. The main difference is that libspdm understands the banks as well, compared to currently where libspdm doesn't comprehend banks and the implementer has to fake it by manually swapping out the certs |
3 participants
SPDM 1.4 add support for the banked architecture. Basically allowing a number of banks of certificate slots.
Currently bank support can be handled by the implementer using the CONNECTION_STATE_NEGOTIATED callback registered with
libspdm_register_connection_state_callback_func().The problem with this is it pushes a lot of complexity back to the implementer and it makes supporting the Slot Management commands tricky, as the implementer will need to handle the commands as well.
Instead let's move the bank support into libspdm. Currently we just allow at build time a 2-D array of certificates, for banks and slots. We then allow the implementation to select the bank to use, which defaults to zero.
Future patches will work on the Slot Management commands, which can then operate on specific banks.
At build time we allow users to specify their own bank count, allowing smaller bank counts on size reduced systems.