macro_check: enforce capability dependencies for KEM/DHE and signature algorithms#3621
macro_check: enforce capability dependencies for KEM/DHE and signature algorithms#3621czwolak wants to merge 1 commit into
Conversation
czwolak
force-pushed
the
feature/spdm14-build-profiles
branch
3 times, most recently
from
7bec0d7 to
7a4f216
Compare
|
please clarify the problem statement. Why this is needed? |
Thanks for the feedback. Today, requester/responder role selection and PQC capability combinations can lead to invalid macro sets that are only discovered later (integration/CI/runtime). So the value is:
|
| #ifndef SPDM_LIB_CONFIG_PROFILE_REQUESTER_H | ||
| #define SPDM_LIB_CONFIG_PROFILE_REQUESTER_H | ||
|
|
||
| #define LIBSPDM_SPDM14_BUILD_PROFILE_ID LIBSPDM_SPDM14_BUILD_PROFILE_REQUESTER |
There was a problem hiding this comment.
I am not sure why we need SPDM14 here.
What about SPDM10, SPDM11, SPDM12, SPDM13, and future SPDM15?
Do we want to add for each specific version?
| #endif | ||
|
|
||
| #if (LIBSPDM_ML_KEM_SUPPORT) && !(LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) | ||
| #error ML-KEM support requires KEY_EX_CAP capability. |
There was a problem hiding this comment.
why only check KEM? DHE also need KEY_EX.
There was a problem hiding this comment.
added for LIBSPDM_DHE_ALGO_SUPPORT
| #if ((LIBSPDM_ML_DSA_SUPPORT) || (LIBSPDM_SLH_DSA_SUPPORT)) && \ | ||
| !((LIBSPDM_ENABLE_CAPABILITY_CERT_CAP) || (LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP) || \ | ||
| (LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) || (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP)) | ||
| #error ML-DSA/SLH-DSA support requires CERT_CAP, CHAL_CAP, KEY_EX_CAP, or MUT_AUTH_CAP. |
There was a problem hiding this comment.
same question. RSA/ECDSA/EdDSA/... also need similar check.
There was a problem hiding this comment.
added for LIBSPDM_ASYM_ALGO_SUPPORT and removed MUT_AUTH_CAP from the condition. added condition that MUT_AUTH_CAP requires KEY_EX_CAP
|
I notice this PR include 2 features: 1) add consistency check, 2) add PROFILE_ID. I think those are 2 different features. I suggest we split to 2 different PRs. |
| #define LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT 1 | ||
| #define LIBSPDM_SEND_CHALLENGE_SUPPORT 1 | ||
| #define LIBSPDM_EVENT_RECIPIENT_SUPPORT 1 | ||
| #define LIBSPDM_SEND_GET_ENDPOINT_INFO_SUPPORT 1 |
There was a problem hiding this comment.
I do not understand why those should be in profile.
| #define LIBSPDM_SEND_GET_CERTIFICATE_SUPPORT 1 | ||
| #define LIBSPDM_SEND_CHALLENGE_SUPPORT 1 | ||
| #define LIBSPDM_EVENT_RECIPIENT_SUPPORT 0 | ||
| #define LIBSPDM_SEND_GET_ENDPOINT_INFO_SUPPORT 0 |
There was a problem hiding this comment.
I do not understand why this is a must.
|
@jyao1 I think I see your point. Lets close this PR and related task. I will try to introduce 1.4 as 1.1-1.3 was before without additional profiles, checks. Just pure support, OK? |
|
I will try to introduce 1.4 as 1.1-1.3 was before, without additional build profiles, checks. |
czwolak
force-pushed
the
feature/spdm14-build-profiles
branch
from
7a4f216 to
3793857
Compare
czwolak
changed the title
|
please change the descript if the scope is changed. |
| #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) && !(LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP) | ||
| #error If MUT_AUTH_CAP is enabled then KEY_EX_CAP must also be enabled. | ||
| #endif |
There was a problem hiding this comment.
The SPDM spec does not mention this rule.
I suggest to remove it.
czwolak
force-pushed
the
feature/spdm14-build-profiles
branch
from
3793857 to
357c7cd
Compare
…gnatures Require KEY_EX_CAP when DHE/KEM/MUT_AUTH is enabled, and require CERT_CAP/CHAL_CAP/KEY_EX_CAP when any signature algorithm is enabled. Keep checks focused on capability-to-algorithm consistency in libspdm_macro_check.h. Signed-off-by: Cezary Zwolak <cezary.zwolak@intel.com>
czwolak
force-pushed
the
feature/spdm14-build-profiles
branch
from
357c7cd to
67df213
Compare
Only consistency check left |
2 participants
Require KEY_EX_CAP when DHE/KEM/MUT_AUTH is enabled, and require CERT_CAP/CHAL_CAP/KEY_EX_CAP when any signature algorithm is enabled.
Keep checks focused on capability-to-algorithm consistency in libspdm_macro_check.h.