Skip to content

spdm_device_secret_lib_sample: Fix build when GET_KEY_PAIR_INFO_CAP is disabled #3659

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
alistair23 wants to merge 1 commit into
base: main
Choose a base branch
from
+4 −0
Open

spdm_device_secret_lib_sample: Fix build when GET_KEY_PAIR_INFO_CAP is disabled #3659

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions os_stub/spdm_device_secret_lib_sample/read_priv_key_pem.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,12 +70,14 @@ bool libspdm_read_responder_private_key_ex(uint32_t base_asym_algo, uint8_t key_
bool res;
char *file;

#if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP

@jyao1 jyao1 Jun 23, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the update.

It seems the new change always return slot 4.

But I mean to "always return libspdm_read_responder_private_key() if GET_KEY_PAIR_INFO_CAP is absent."

The reason is that: If GET_KEY_PAIR_INFO is not there, then MULTI_KEY should be disabled. As such, all keys should be the key from slot 0, not slot 4.

See the example below:

bool libspdm_read_responder_private_key_ex(uint32_t base_asym_algo, uint8_t key_pair_id,
                                           void **data, size_t *size)
{
#if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
    ... // original function
#else
        return libspdm_read_responder_private_key(base_asym_algo, data, size);
#endif
}

/* slot 0 / slot 1 share the default leaf key; slot 4 uses a distinct leaf key
* (end_responder4.key) to demonstrate multiple keys. The slot-4 key pair is the negotiated
* algorithm's SECONDARY key pair; only it selects end_responder4.key. */
if (key_pair_id != libspdm_get_key_pair_id_by_slot(base_asym_algo, 0, 4)) {
return libspdm_read_responder_private_key(base_asym_algo, data, size);
}
#endif

switch (base_asym_algo) {
case SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048:
Expand Down
2 changes: 2 additions & 0 deletions os_stub/spdm_device_secret_lib_sample/read_priv_key_pem_pqc.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,12 +85,14 @@ bool libspdm_read_responder_pqc_private_key_ex(uint32_t pqc_asym_algo, uint8_t k
bool res;
char *file;

#if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
/* slot 0 / slot 1 share the default leaf key; slot 4 uses a distinct leaf key
* (end_responder4.key) to demonstrate multiple keys. The slot-4 key pair is the negotiated
* algorithm's SECONDARY key pair; only it selects end_responder4.key. */
if (key_pair_id != libspdm_get_key_pair_id_by_slot(0, pqc_asym_algo, 4)) {
return libspdm_read_responder_pqc_private_key(pqc_asym_algo, data, size);
}
#endif

switch (pqc_asym_algo) {
case SPDM_ALGORITHMS_PQC_ASYM_ALGO_ML_DSA_44:
Expand Down
Loading