docs: overhaul README.md and snpguest.1.adoc

[hyperfinitism]

The existing documentation (README.md and docs/snpguest.1.adoc) was out of sync with the actual snpguest CLI: README.md omitted numerous subcommands, and descriptions of flags and summary lines were inaccurate (e.g., #132, #135, #138).

This pull request overhauls README.md and docs/snpguest.1.adoc to (partly) resolve these issues.

• README.md
  • Reorganise the document structure
  • Adds full descriptions and examples for all subcommands, especially:
    • snpguest ok
    • snpguest generate measurement
    • snpguest generate ovmf-hash
    • snpguest generate id-block
    • snpguest generate key-digest
  • Sync synopsis lines and global options with current code.
• docs/snpguest.1.adoc
  • Mirror all of the above changes in the AsciiDoc
  • Reformat sections and option lists for consistency

[DGonzalezVillal]

A few nit picks and discussion points, but this is an AMAZING pr. I really really appreciate it.

[DGonzalezVillal]

I think this attestation route is currently ONLY available on Azure right? I don't think using platform will work on Linux.

I would clarify that this is a pre-generated report stored on the vTPM and that the Report Data field is pre filled. What goes on REQUEST_FILE is what was already present.

I don't think it's wrong just a little clearer on how this flag works.

[hyperfinitism]

Basically yes. It is only available on CVMs that implement this design using Microsoft's open source OpenVMM/HCL. AFAIK, no other commercial environment uses this. So I think this flag should be called something else, such as openhcl or azurecvm.

Related Issue: #125
Related PR: #141

[DGonzalezVillal]

Again subtle difference in functionality. Using -s checks only for signature and -t checks only for t. If they are used jointly, then they both will be checked, not both be skipped.

[hyperfinitism]

In fact, if both -t (or -s) and report content flags (e.g. -m) are specified, snpguest verify attestation will verify not only TCB (or signature) but specified report contents:

snpguest/src/verify.rs

Lines 452 to 466 in 5540f31

	if args.tcb || args.signature {
	if args.tcb {
	verify_attestation_tcb(vek.clone(), att_report, proc_model, quiet)?;
	}
	if args.signature {
	verify_attestation_signature(vek, att_report, quiet)?;
	}
	} else {
	verify_attestation_tcb(vek.clone(), att_report, proc_model, quiet)?;
	verify_attestation_signature(vek, att_report, quiet)?;
	}
	// Verify optional fields if provided
	if args.measurement.is_some() || args.host_data.is_some() || args.report_data.is_some() {
	verify_report_fields(&args, &att_report, quiet)?;

The flags -t and -s conflicts with each other:

snpguest/src/verify.rs

Lines 199 to 205 in 5540f31

	/// Run the TCB Verification Exclusively.
	#[arg(short, long, conflicts_with = "signature")]
	pub tcb: bool,
	/// Run the Signature Verification Exclusively.
	#[arg(short, long, conflicts_with = "tcb")]
	pub signature: bool,

Rather than changing the documentation, it might be better to change the code.

Related Issue: #132

[DGonzalezVillal]

Oh I see, I missed the conflicts_with argument, that is my bad

[hyperfinitism]

@DGonzalezVillal Thank you for your detailed review! All comments except for a few have been addressed and the commits have been squashed.

[hyperfinitism]

We now maintain similar content in both README.md and docs/snpguest.1.adoc. That duplication may become a maintenance burden. As a follow-up (out of scope for this PR), we could consider consolidating into a single source or auto-generating one from the other (or from comments within the code).

[DGonzalezVillal]

We now maintain similar content in both README.md and docs/snpguest.1.adoc. That duplication may become a maintenance burden. As a follow-up (out of scope for this PR), we could consider consolidating into a single source or auto-generating one from the other (or from comments within the code).

This is a good point and something I was thinking about while reviewing your PR.

I think technically speaking the adoc is supposed to be generally used for more detailed, structured, and feature-rich documentation. The purpose of a README file is to provide a concise, high-level introduction. I've always thought that the best way to organize the documentation would be to put the long description of each command in the adoc and then the readme would point to the adoc. In the readme I would keep the instructions on how to build the project and the different attestation workflows users could follow, but with not as much detail.

Let me know your thoughts on that.

@tylerfanelli @hyperfinitism

[hyperfinitism]

Thank you for your feedback. I largely agree. Specifically, I think the following approach makes sense:

• Generate README.md from src/main.rs using cargo rdme (following the upstream sev crate’s style).
• Use cargo doc as the source of truth for complete documentation derived from the code.

The typical usage pattern (e.g. report → fetch ca/vcek or certificates → verify certs/attestation) can remain in README.md, derived from comments in src/main.rs. However, more detailed discussions (security model, threat assumptions, trust boundaries, etc.; see also #125) would likely be better handled as separate documentation.

This keeps the README concise, reduces the risk of docs drifting from the implementation, and lowers maintenance costs.

As a follow-up, we could also enforce doc hygiene in CI (e.g. rustdoc builds and/or treating doc warnings as errors) so contributors are nudged to keep documentation up to date.

[DGonzalezVillal]

Hello @hyperfinitism

I agree with this approach. Do you think you can take care of those changes in this PR?

[DGonzalezVillal]

Hey @hyperfinitism were you able to take a look at those changes?

[hyperfinitism]

Since opening this PR, several changes have been merged to the main branch.

Because of this, the documentation needs to be updated based on the current state of the codebase. Under the new documentation approach (cargo-rdme + rustdoc), all components of the code should also have proper docstrings, many of which are currently missing.

While working on this, I have been rereading the entire codebase to fix existing documentation issues at the same time. So the process is taking some time.

Also, #141 introduced relatively large changes. If that PR gets merged, part of the documentation restructuring work in this PR may become unnecessary, so it might be better to wait for that before continuing.