Skip to content

Update multikey flow documentation #3327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update multikey flow documentation #3327

wants to merge 1 commit into from

Conversation

@steven-bellock
Copy link
Contributor

This is informed by #3290.

@steven-bellock steven-bellock added the documentation Improvements or additions to documentation label Oct 28, 2025
@steven-bellock steven-bellock marked this pull request as ready for review October 28, 2025 18:04
@steven-bellock steven-bellock requested a review from jyao1 as a code owner October 28, 2025 18:04
jyao1
jyao1 reviewed Oct 29, 2025
View reviewed changes
doc/multikey.md
associated with.
- If `MULTI_KEY_CAP == 1` and the Responder supports only one asymmetric cryptography
algorithm then this step can be performed before the connection is established.
3. Calls to `libspdm_responder_data_sign` then specify the `KeyPairID`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to update requester as well, since we pass KeyPairID to libspdm_requester_data_sign

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That will be done as part of the encapsulated flow documentation cleanup.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That will be done as part of the encapsulated flow documentation cleanup.

But we are working on multikey here, not encapsulated flow document.
Looking at "Multikey Flow for libspdm Requester" section, it talks nothing about "encapsulated flow". Why mix them?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it looks like I can document the multikey encapsulated flow for the Requester side. However it looks like, even ignoring multikey, parts of the encapsulated flow for the Responder side are broken, even on the 3.8 release. I will file an issue for that.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is fine. You can work on other encapsulated feature later.
Here, my comment is to document same content between requester and responder.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The instructions have been updated. I went with "Requester Sign / Responder Verify Flow" instead of "Encapsulated", although ultimately, if the libspdm Requester is going to sign a message using multikey, it needs to set ENCAP_CAP. Let me know if the new document is clear.

@steven-bellock steven-bellock requested a review from jyao1 October 30, 2025 21:47
steven-bellock
steven-bellock commented Oct 30, 2025
View reviewed changes
@steven-bellock
Update multikey flow
441e987 
Signed-off-by: Steven Bellock <[email protected]>
@steven-bellock steven-bellock changed the title Update multikey flow for Responder Update multikey flow documentation Oct 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jyao1 jyao1 Awaiting requested review from jyao1 jyao1 is a code owner

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@steven-bellock @jyao1