libspdm
libspdm copied to clipboard
DMTF
Question: Can we consider adding support for certs path?
As https://github.com/DMTF/libspdm/blob/main/os_stub/spdm_device_secret_lib_sample/cert.c#L55 shows, now spdm-emu/libspdm will only search for certificates under the built binary directory which is less flexible in some cases. Or am I missing some options/key parameters here? If not, can we consider adding such an option/parameter for specifying the certs path?
Do you want to include your own certificates in unit tests?
Not at this moment but this could be a valid use case.
Another possible use case is that if I want to build my own binary based on libspdm/spdm-emu, then I have to put my binary in the same path with those stock certificates which is not that flexible especially when I only want the binary in some system PATH (/usr/bin for example) and the certificates in some other path (let's say /usr/share).
Or you can create your own spdm_device_secret_lib instance to provide such capability.
Or you can create your own spdm_device_secret_lib instance to provide such capability.
Yes this works. I'm asking just because the functionalities of the default library is quite enough except the one I mention here so I'm wondering if such an option can be added (which sounds reasonable from my POV). Or I can look into it and file a PR later if you guys think this is actually needed.
Then why not override the default key with your key?
By overriding the default key do you mean that I have to create a custom spdm_device_secret_lib, too? Or is there another simpler way to do so?
Then why not override the default key with your key?
By overriding the default key do you mean that I have to create a custom spdm_device_secret_lib, too? Or is there another simpler way to do so?
I mean after make copy_sample_key action, you can copy your own key to the build\bin\ dir to override the default key there.
@ZhibinLiIntel , assign to you. Please propose a fix or close it if you agree.