-
Use static link (Library), when there is one instance can be linked to the device. For example, crypto engine.
-
Use dynamic link (function registration), when there are multiple instances can be linked to the device. For example, transport layer.
+================+ +================+
| SPDM Requester | | SPDM Responder | // PCI Component Measurement and Authentication (CMA)
| Device Driver | | Device Driver | // PCI Integrity and Data Encryption (IDE)
+================+ +================+
| SpdmSendReceiveData ^ SPDM_GET_RESPONSE_FUNC
=============================================================
V |
+------------------+ +---------------+ +------------------+
| SpdmRequesterLib |->| SpdmCommonLib |<-| SpdmResponderLib | // DSP0274 - SPDM
+------------------+ +---------------+ +------------------+
| | | | V | | |
| | | | +-------------------+ | | |
| | | | |SpdmDeviceSecretLib| | | | // Device Secret handling (PrivateKey)
| | | | +-------------------+ | | |
| | | V ^ | | |
| | | +-----------------------+ | | |
| | ----->| SpdmSecuredMessageLib |<----- | | // DSP0277 - Secured Message in SPDM session
| | +-----------------------+ | |
| | ^ | |
=============================================================
| | | | |
| | +---------------------+ | |
| -------->| SpdmTransportXXXLib |<-------- | // DSP0275/DSP0276 - SPDM/SecuredMessage over MCTP
| | (XXX = Mctp, PciDoe)| | // PCI Data Object Exchange (DOE) message
| +---------------------+ |
| SPDM_TRANSPORT_ENCODE/DECODE_MESSAGE_FUNC |
| |
=============================================================
| |
| SPDM_DEVICE_SEND/RECEIVE_MESSAGE_FUNC |
| +----------------+ |
------------>| SPDM Device IO |<------------- // DSP0237 - MCTP over SMBus
| (SMBus, PciDoe)| // DSP0238 - MCTP over PCIeVDM
+----------------+ // PCI DOE - PCI DOE message over PCI DOE mailbox.
-
SpdmRequesterLib (follows DSP0274)
This library is linked for a SPDM requester.
-
SpdmResponderLib (follows DSP0274)
This library is linked for a SPDM responder.
-
SpdmCommonLib (follows DSP0274)
This library provides common services for SpdmRequesterLib and SpdmResponderLib.
-
SpdmSecuredMessageLib (follows DSP0277)
This library handles the session key generation and secured messages encryption and decryption.
This can be implemented in a secure environment, if the session keys are considered as secret.
-
This library handles the private key singing, PSK HMAC operation and measurement collection.
This must be implemented in a secure environment, because the private key and PSK are secret.
-
This library provides SPDM related crypto function. It is based upon BaseCryptLib.
-
SpdmTransportLib
7.1) SpdmTransportMctpLib (follows DSP0275 and DSP0276)
This library encodes and decodes MCTP message header.
SPDM requester/responder need register SPDM_TRANSPORT_ENCODE_MESSAGE_FUNC and SPDM_TRANSPORT_DECODE_MESSAGE_FUNC to the SpdmRequesterLib/SpdmResponderLib.
These two APIs encode and decode transport layer messages to or from a SPDM device.
7.2) SpdmTransportPciDoeLib (follows PCI DOE)
This library encodes and decodes PCI DOE message header.
SPDM requester/responder need register SPDM_TRANSPORT_ENCODE_MESSAGE_FUNC and SPDM_TRANSPORT_DECODE_MESSAGE_FUNC to the SpdmRequesterLib/SpdmResponderLib.
These two APIs encode and decode transport layer messages to or from a SPDM device.
-
SPDM_DEVICE_SEND_MESSAGE_FUNC and SPDM_DEVICE_RECEIVE_MESSAGE_FUNC
SPDM requester/responder need register SPDM_DEVICE_SEND_MESSAGE_FUNC and SPDM_DEVICE_RECEIVE_MESSAGE_FUNC to the SpdmRequesterLib/SpdmResponderLib.
These APIs send and receive transport layer messages to or from a SPDM device.
-
SpdmLibConfig.h provides the configuration to the openspdm library.
-
SPDM library depends upon the HAL library.
The sample implementation can be found at OsStub
10.1) BaseCryptLib provides crypto functions.
10.2) BaseMemoryLib provides memory operation.
10.3) DebugLib provides debug functions.