From e24ec1279205278effdbc48f58d2f222966e4b1d Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Fri, 13 Sep 2024 07:05:03 +0000 Subject: [PATCH 01/16] update: add suit-candidate-verification, suit-install = 17 -> 20 --- inc/csuit/suit_common.h | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/inc/csuit/suit_common.h b/inc/csuit/suit_common.h index 3c177cf..ae94233 100644 --- a/inc/csuit/suit_common.h +++ b/inc/csuit/suit_common.h @@ -195,19 +195,16 @@ typedef enum suit_manifest_key { SUIT_VALIDATE = 7, SUIT_LOAD = 8, SUIT_INVOKE = 9, + SUIT_PAYLOAD_FETCH = 16, + SUIT_INSTALL = 20, + SUIT_TEXT = 23, /* draft-ietf-suit-update-management */ SUIT_COSWID = 14, /* draft-ietf-suit-trust-domains */ SUIT_DEPENDENCY_RESOLUTION = 15, - - /* draft-ietf-suit-manifest */ - SUIT_PAYLOAD_FETCH = 16, - SUIT_INSTALL = 17, - SUIT_TEXT = 23, - - /* draft-ietf-suit-trust-domains */ + SUIT_CANDIDATE_VERIFICATION = 18, SUIT_UNINSTALL = 24, } suit_manifest_key_t; From 7d1defc3c5ec96dc1419fe11b491a13c6d6a5671 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 01:57:01 +0000 Subject: [PATCH 02/16] update: suit-text --- inc/csuit/suit_common.h | 19 +++++--- src/suit_manifest_decode.c | 72 +++++++++++++++++++++--------- src/suit_manifest_encode.c | 90 ++++++++++++++++++++++++++------------ src/suit_manifest_print.c | 30 +++++++++++-- 4 files changed, 153 insertions(+), 58 deletions(-) diff --git a/inc/csuit/suit_common.h b/inc/csuit/suit_common.h index ae94233..1e28632 100644 --- a/inc/csuit/suit_common.h +++ b/inc/csuit/suit_common.h @@ -168,7 +168,7 @@ typedef enum suit_envelope_key { SUIT_MANIFEST = 3, SUIT_SEVERED_DEPENDENCY_RESOLUTION = 15, SUIT_SEVERED_PAYLOAD_FETCH = 16, - SUIT_SEVERED_INSTALL = 17, + SUIT_SEVERED_INSTALL = 20, SUIT_SEVERED_TEXT = 23, SUIT_SEVERED_COSWID = 24, SUIT_INTEGRATED_PAYLOAD = 25, @@ -589,9 +589,10 @@ typedef struct suit_text_component_pair { } suit_text_component_pair_t; /* - * SUIT_Text + * SUIT_Text_LMap */ -typedef struct suit_text { +typedef struct suit_text_lmap { + suit_buf_t tag38_ltag; size_t component_len; suit_text_component_pair_t component[SUIT_MAX_ARRAY_LENGTH]; suit_buf_t manifest_description; @@ -599,7 +600,15 @@ typedef struct suit_text { suit_buf_t manifest_json_source; suit_buf_t manifest_yaml_source; // TODO : $$suit-text-key-extensions -} suit_text_t; +} suit_text_lmap_t; + +/* + * SUIT_Text_Map + */ +typedef struct suit_text_map { + size_t text_lmaps_len; + suit_text_lmap_t text_lmaps[SUIT_MAX_ARRAY_LENGTH]; +} suit_text_map_t; /* * SUIT_Authentication_Wrapper @@ -620,7 +629,7 @@ typedef struct suit_severable_manifest_members { uint8_t payload_fetch_status; suit_command_sequence_t install; uint8_t install_status; - suit_text_t text; + suit_text_map_t text; uint8_t text_status; suit_buf_t coswid; uint8_t coswid_status; diff --git a/src/suit_manifest_decode.c b/src/suit_manifest_decode.c index b732cfd..3bb2ee5 100644 --- a/src/suit_manifest_decode.c +++ b/src/suit_manifest_decode.c @@ -1110,11 +1110,11 @@ suit_err_t suit_decode_text_component_from_item(QCBORDecodeContext *context, return result; } -suit_err_t suit_decode_text_from_item(const suit_decode_mode_t mode, - QCBORDecodeContext *context, - QCBORItem *item, - bool next, - suit_text_t *text) +suit_err_t suit_decode_text_lmap_from_item(const suit_decode_mode_t mode, + QCBORDecodeContext *context, + QCBORItem *item, + bool next, + suit_text_lmap_t *text_lmap) { /* NOTE: in QCBOR_DECODE_MODE_MAP_AS_ARRAY */ suit_err_t result = suit_qcbor_get(context, item, next, QCBOR_TYPE_MAP_AS_ARRAY); @@ -1123,7 +1123,7 @@ suit_err_t suit_decode_text_from_item(const suit_decode_mode_t mode, } size_t map_count = item->val.uCount; - text->component_len = 0; + text_lmap->component_len = 0; for (size_t i = 0; i < map_count; i += 2) { result = suit_qcbor_get_next(context, item, QCBOR_TYPE_ANY); if (result != SUIT_SUCCESS) { @@ -1133,18 +1133,18 @@ suit_err_t suit_decode_text_from_item(const suit_decode_mode_t mode, int64_t label = INT64_MIN; switch (item->uDataType) { case QCBOR_TYPE_ARRAY: - if (text->component_len >= SUIT_MAX_ARRAY_LENGTH) { + if (text_lmap->component_len >= SUIT_MAX_ARRAY_LENGTH) { return SUIT_ERR_NO_MEMORY; } - result = suit_decode_component_identifiers_from_item(mode, context, item, false, &text->component[text->component_len].key); + result = suit_decode_component_identifiers_from_item(mode, context, item, false, &text_lmap->component[text_lmap->component_len].key); if (result != SUIT_SUCCESS) { return result; } - result = suit_decode_text_component_from_item(context, item, true, &text->component[text->component_len].text_component); + result = suit_decode_text_component_from_item(context, item, true, &text_lmap->component[text_lmap->component_len].text_component); if (result != SUIT_SUCCESS) { return result; } - text->component_len++; + text_lmap->component_len++; break; case QCBOR_TYPE_INT64: if (label > item->val.int64 && !mode.ALLOW_NOT_CANONICAL_CBOR) { @@ -1159,20 +1159,20 @@ suit_err_t suit_decode_text_from_item(const suit_decode_mode_t mode, } switch (label) { case SUIT_TEXT_MANIFEST_DESCRIPTION: - text->manifest_description.ptr = (uint8_t *)item->val.string.ptr; - text->manifest_description.len = item->val.string.len; + text_lmap->manifest_description.ptr = (uint8_t *)item->val.string.ptr; + text_lmap->manifest_description.len = item->val.string.len; break; case SUIT_TEXT_UPDATE_DESCRIPTION: - text->update_description.ptr = (uint8_t *)item->val.string.ptr; - text->update_description.len = item->val.string.len; + text_lmap->update_description.ptr = (uint8_t *)item->val.string.ptr; + text_lmap->update_description.len = item->val.string.len; break; case SUIT_TEXT_MANIFEST_JSON_SOURCE: - text->manifest_json_source.ptr = (uint8_t *)item->val.string.ptr; - text->manifest_json_source.len = item->val.string.len; + text_lmap->manifest_json_source.ptr = (uint8_t *)item->val.string.ptr; + text_lmap->manifest_json_source.len = item->val.string.len; break; case SUIT_TEXT_MANIFEST_YAML_SOURCE: - text->manifest_yaml_source.ptr = (uint8_t *)item->val.string.ptr; - text->manifest_yaml_source.len = item->val.string.len; + text_lmap->manifest_yaml_source.ptr = (uint8_t *)item->val.string.ptr; + text_lmap->manifest_yaml_source.len = item->val.string.len; break; default: return SUIT_ERR_NOT_IMPLEMENTED; @@ -1188,11 +1188,43 @@ suit_err_t suit_decode_text_from_item(const suit_decode_mode_t mode, return result; } +suit_err_t suit_decode_text_map_from_item(const suit_decode_mode_t mode, + QCBORDecodeContext *context, + QCBORItem *item, + bool next, + suit_text_map_t *text_map) +{ + /* NOTE: in QCBOR_DECODE_MODE_MAP_AS_ARRAY */ + suit_err_t result = suit_qcbor_get(context, item, next, QCBOR_TYPE_MAP_AS_ARRAY); + if (result != SUIT_SUCCESS) { + return result; + } + if (item->val.uCount > SUIT_MAX_ARRAY_LENGTH || item->val.uCount % 2 != 0) { + return SUIT_ERR_NO_MEMORY; + } + + text_map->text_lmaps_len = item->val.uCount / 2; + for (size_t i = 0; i < text_map->text_lmaps_len; i++) { + /* get tag38_ltag */ + result = suit_qcbor_get_next(context, item, QCBOR_TYPE_TEXT_STRING); + if (result != SUIT_SUCCESS) { + return result; + } + text_map->text_lmaps[i].tag38_ltag = (suit_buf_t){.ptr = (uint8_t *)item->val.string.ptr, .len = item->val.string.len}; + + result = suit_decode_text_lmap_from_item(mode, context, item, next, &text_map->text_lmaps[i]); + if (result != SUIT_SUCCESS) { + return result; + } + } + return result; +} + suit_err_t suit_decode_text_from_bstr(const suit_decode_mode_t mode, QCBORDecodeContext *context, QCBORItem *item, bool next, - suit_text_t *text) + suit_text_map_t *text_map) { suit_err_t result = suit_qcbor_get(context, item, next, QCBOR_TYPE_BYTE_STRING); QCBORDecodeContext text_context; @@ -1202,7 +1234,7 @@ suit_err_t suit_decode_text_from_bstr(const suit_decode_mode_t mode, QCBORDecode_Init(&text_context, (UsefulBufC){item->val.string.ptr, item->val.string.len}, QCBOR_DECODE_MODE_MAP_AS_ARRAY); - result = suit_decode_text_from_item(mode, &text_context, item, true, text); + result = suit_decode_text_map_from_item(mode, &text_context, item, true, text_map); QCBORError error = QCBORDecode_Finish(&text_context); if (error != QCBOR_SUCCESS && result == SUIT_SUCCESS) { result = suit_error_from_qcbor_error(error); diff --git a/src/suit_manifest_encode.c b/src/suit_manifest_encode.c index 4855cbe..c25ae9b 100644 --- a/src/suit_manifest_encode.c +++ b/src/suit_manifest_encode.c @@ -668,72 +668,104 @@ suit_err_t suit_encode_common(const suit_common_t *suit_common, } #if !defined(LIBCSUIT_DISABLE_MANIFEST_TEXT) -suit_err_t suit_encode_text(const suit_text_t *text, - suit_encode_t *suit_encode, - UsefulBuf *buf) +suit_err_t suit_encode_text_lmap(const suit_text_lmap_t *text, + UsefulBuf tag38_buf, + QCBOREncodeContext *context) { - suit_err_t result; - UsefulBuf tmp_buf; - result = suit_use_suit_encode_buf(suit_encode, 0, &tmp_buf); - if (result != SUIT_SUCCESS) { - return result; + suit_err_t result = SUIT_SUCCESS; + if (text->tag38_ltag.len + 1 > tag38_buf.len) { + return SUIT_ERR_NO_MEMORY; } - QCBOREncodeContext context; - QCBOREncode_Init(&context, tmp_buf); + memcpy(tag38_buf.ptr, text->tag38_ltag.ptr, text->tag38_ltag.len); + ((char *)tag38_buf.ptr)[text->tag38_ltag.len] = '\0'; + QCBOREncode_OpenMapInMap(context, tag38_buf.ptr); - QCBOREncode_OpenMap(&context); // SUIT_Text_Keys : tstr if (text->manifest_description.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_description.ptr, .len = text->manifest_description.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_description.ptr, .len = text->manifest_description.len}); } if (text->update_description.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->update_description.ptr, .len = text->manifest_description.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->update_description.ptr, .len = text->manifest_description.len}); } if (text->manifest_json_source.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_json_source.ptr, .len = text->manifest_description.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_json_source.ptr, .len = text->manifest_description.len}); } if (text->manifest_yaml_source.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_yaml_source.ptr, .len = text->manifest_description.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MANIFEST_DESCRIPTION, (UsefulBufC){.ptr = text->manifest_yaml_source.ptr, .len = text->manifest_description.len}); } // TODO suit-text-key-extensions // SUIT_Component_Identifier : {} for (size_t i = 0; i < text->component_len; i++) { const suit_component_identifier_t *component = &text->component[i].key; - QCBOREncode_OpenArray(&context); + QCBOREncode_OpenArray(context); for (size_t j = 0; j < component->len; j++) { - QCBOREncode_AddBytes(&context, (UsefulBufC){.ptr = component->identifier[j].ptr, .len = component->identifier[j].len}); + QCBOREncode_AddBytes(context, (UsefulBufC){.ptr = component->identifier[j].ptr, .len = component->identifier[j].len}); } - QCBOREncode_CloseArray(&context); - QCBOREncode_OpenMap(&context); + QCBOREncode_CloseArray(context); + QCBOREncode_OpenMap(context); const suit_text_component_t *text_component = &text->component[i].text_component; if (text_component->vendor_name.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_VENDOR_NAME, (UsefulBufC){.ptr = text_component->vendor_name.ptr, .len = text_component->vendor_name.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_VENDOR_NAME, (UsefulBufC){.ptr = text_component->vendor_name.ptr, .len = text_component->vendor_name.len}); } if (text_component->model_name.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MODEL_NAME, (UsefulBufC){.ptr = text_component->model_name.ptr, .len = text_component->model_name.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MODEL_NAME, (UsefulBufC){.ptr = text_component->model_name.ptr, .len = text_component->model_name.len}); } if (text_component->vendor_domain.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_VENDOR_DOMAIN, (UsefulBufC){.ptr = text_component->vendor_domain.ptr, .len = text_component->vendor_domain.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_VENDOR_DOMAIN, (UsefulBufC){.ptr = text_component->vendor_domain.ptr, .len = text_component->vendor_domain.len}); } if (text_component->model_info.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_MODEL_INFO, (UsefulBufC){.ptr = text_component->model_info.ptr, .len = text_component->model_info.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_MODEL_INFO, (UsefulBufC){.ptr = text_component->model_info.ptr, .len = text_component->model_info.len}); } if (text_component->component_description.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_COMPONENT_DESCRIPTION, (UsefulBufC){.ptr = text_component->component_description.ptr, .len = text_component->component_description.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_COMPONENT_DESCRIPTION, (UsefulBufC){.ptr = text_component->component_description.ptr, .len = text_component->component_description.len}); } if (text_component->component_version.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_COMPONENT_VERSION, (UsefulBufC){.ptr = text_component->component_version.ptr, .len = text_component->component_version.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_COMPONENT_VERSION, (UsefulBufC){.ptr = text_component->component_version.ptr, .len = text_component->component_version.len}); } /* in draft-ietf-suit-update-management */ if (text_component->version_required.len > 0) { - QCBOREncode_AddTextToMapN(&context, SUIT_TEXT_VERSION_REQUIRED, (UsefulBufC){.ptr = text_component->version_required.ptr, .len = text_component->version_required.len}); + QCBOREncode_AddTextToMapN(context, SUIT_TEXT_VERSION_REQUIRED, (UsefulBufC){.ptr = text_component->version_required.ptr, .len = text_component->version_required.len}); } // TODO suit-text-component-key-extensions - QCBOREncode_CloseMap(&context); + QCBOREncode_CloseMap(context); } - QCBOREncode_CloseMap(&context); + QCBOREncode_CloseMap(context); + + return result; +} + +suit_err_t suit_encode_text(const suit_text_map_t *text, + suit_encode_t *suit_encode, + UsefulBuf *buf) +{ + suit_err_t result = SUIT_SUCCESS; + UsefulBuf tag38_buf; + result = suit_use_suit_encode_buf(suit_encode, SUIT_MAX_NAME_LENGTH, &tag38_buf); + if (result != SUIT_SUCCESS) { + return result; + } + result = suit_fix_suit_encode_buf(suit_encode, SUIT_MAX_NAME_LENGTH); + if (result != SUIT_SUCCESS) { + return result; + } + + UsefulBuf tmp_buf; + result = suit_use_suit_encode_buf(suit_encode, 0, &tmp_buf); + if (result != SUIT_SUCCESS) { + return result; + } + QCBOREncodeContext context; + QCBOREncode_Init(&context, tmp_buf); + QCBOREncode_OpenMap(&context); + for (size_t i = 0; i < text->text_lmaps_len; i++) { + result = suit_encode_text_lmap(&text->text_lmaps[i], tag38_buf, &context); + if (result != SUIT_SUCCESS) { + return result; + } + } + QCBOREncode_CloseMap(&context); UsefulBufC t_buf; QCBORError error = QCBOREncode_Finish(&context, &t_buf); if (error != QCBOR_SUCCESS) { @@ -743,7 +775,7 @@ suit_err_t suit_encode_text(const suit_text_t *text, return suit_fix_suit_encode_buf(suit_encode, t_buf.len); } -suit_err_t suit_encode_text_bstr(const suit_text_t *text, +suit_err_t suit_encode_text_bstr(const suit_text_map_t *text, suit_encode_t *suit_encode, UsefulBuf *buf) { diff --git a/src/suit_manifest_print.c b/src/suit_manifest_print.c index fe3f121..6896f9b 100644 --- a/src/suit_manifest_print.c +++ b/src/suit_manifest_print.c @@ -1547,7 +1547,7 @@ char *suit_str_member_is_verified(uint8_t status) return suit_str_verified(suit_is_severable_manifest_member_verified(status)); } -bool suit_text_have_something_to_print(const suit_text_t *text) +bool suit_text_have_something_to_print(const suit_text_lmap_t *text) { return (text->manifest_description.ptr != NULL || text->update_description.ptr != NULL || @@ -1556,9 +1556,9 @@ bool suit_text_have_something_to_print(const suit_text_t *text) text->component_len > 0); } -suit_err_t suit_print_text(const suit_text_t *text, - const uint32_t indent_space, - const uint32_t indent_delta) +suit_err_t suit_print_text_lmap(const suit_text_lmap_t *text, + const uint32_t indent_space, + const uint32_t indent_delta) { if (text == NULL) { return SUIT_ERR_FATAL; @@ -1628,6 +1628,28 @@ suit_err_t suit_print_text(const suit_text_t *text, return SUIT_SUCCESS; } +suit_err_t suit_print_text(const suit_text_map_t *text, + const uint32_t indent_space, + const uint32_t indent_delta) +{ + bool comma = false; + for (size_t i = 0; i < text->text_lmaps_len; i++) { + const suit_text_lmap_t *lmap = &text->text_lmaps[i]; + if (comma) { + printf(",\n"); + } + + printf("%*s\"%.*s\": {\n", indent_space + indent_delta, "", (int)lmap->tag38_ltag.len, lmap->tag38_ltag.ptr); + suit_err_t result = suit_print_text_lmap(lmap, indent_space + indent_delta, indent_delta); + if (result != SUIT_SUCCESS) { + return result; + } + printf("%*s}", indent_space + indent_delta, ""); + } + printf("\n"); + return SUIT_SUCCESS; +} + suit_err_t suit_print_manifest(const suit_decode_mode_t mode, const suit_manifest_t *manifest, const uint32_t indent_space, From 11e7ab80e0375b6f20cf76c54b290762217c16f9 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 01:59:11 +0000 Subject: [PATCH 03/16] update: example binaries --- examples/suit_manifest_process_main.c | 28 ++-- testfiles/suit_manifest_exp0.cbor | Bin 237 -> 237 bytes testfiles/suit_manifest_exp0.md | 120 ++++++++------- testfiles/suit_manifest_exp1.cbor | Bin 272 -> 272 bytes testfiles/suit_manifest_exp1.md | 130 +++++++++------- testfiles/suit_manifest_exp2A.cbor | Bin 311 -> 311 bytes testfiles/suit_manifest_exp2B.cbor | Bin 894 -> 901 bytes testfiles/suit_manifest_exp3.cbor | Bin 396 -> 396 bytes testfiles/suit_manifest_exp3.md | 207 ++++++++++++++------------ testfiles/suit_manifest_exp4.cbor | Bin 403 -> 403 bytes testfiles/suit_manifest_exp4.md | 198 +++++++++++++----------- testfiles/suit_manifest_exp5.cbor | Bin 382 -> 382 bytes testfiles/suit_manifest_exp5.md | 179 ++++++++++++---------- testfiles/suit_manifest_expAF.cbor | Bin 275 -> 275 bytes testfiles/suit_manifest_expAF.md | 14 +- testfiles/suit_manifest_expAW.cbor | Bin 249 -> 249 bytes testfiles/suit_manifest_expAW.md | 14 +- testfiles/suit_manifest_expD.cbor | Bin 701 -> 701 bytes testfiles/suit_manifest_expD.md | 46 +++--- testfiles/suit_manifest_expED.cbor | Bin 924 -> 924 bytes testfiles/suit_manifest_expED.md | 40 ++--- testfiles/suit_manifest_expEW.cbor | Bin 360 -> 360 bytes testfiles/suit_manifest_expEW.md | 18 +-- testfiles/suit_manifest_expI.cbor | Bin 353 -> 353 bytes testfiles/suit_manifest_expI.md | 16 +- testfiles/suit_manifest_expS0.cbor | Bin 190 -> 190 bytes testfiles/suit_manifest_expS0.md | 18 +-- testfiles/suit_manifest_expS1.cbor | Bin 352 -> 352 bytes testfiles/suit_manifest_expS1.md | 14 +- testfiles/suit_manifest_expS2.cbor | Bin 374 -> 374 bytes testfiles/suit_manifest_expS2.md | 30 ++-- testfiles/suit_manifest_expS3.cbor | Bin 683 -> 683 bytes testfiles/suit_manifest_expS3.md | 36 ++--- testfiles/suit_manifest_expS4.cbor | Bin 728 -> 728 bytes testfiles/suit_manifest_expS4.md | 36 ++--- testfiles/suit_manifest_expU.cbor | 6 +- testfiles/suit_manifest_expU.md | 16 +- testfiles/suit_manifest_expU0.cbor | Bin 206 -> 206 bytes testfiles/suit_manifest_expU0.md | 16 +- testfiles/suit_manifest_expU1.cbor | Bin 174 -> 174 bytes testfiles/suit_manifest_expU1.md | 16 +- 41 files changed, 650 insertions(+), 548 deletions(-) diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index c436a4a..40231ae 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -127,25 +127,25 @@ const uint8_t dependency_data[] = { 0x50, 0xCA, 0xC7, 0x16, 0x50, 0xA2, 0x13, 0x15, 0xB8, 0x2D, 0x06, 0xCA, 0x22, 0x98, 0xCD, 0x1A, 0x95, 0x51, 0x9A, 0xAE, 0x4C, 0x4B, 0x53, 0x15, 0x02, 0x58, 0x74, 0x83, 0x58, 0x24, - 0x82, 0x2F, 0x58, 0x20, 0x6E, 0xA1, 0x28, 0xD7, 0xBB, 0x19, - 0xB8, 0x6F, 0x77, 0xC4, 0x22, 0x7F, 0x2A, 0x29, 0xF2, 0x20, - 0x26, 0xA4, 0x19, 0x58, 0xAC, 0xC4, 0x5C, 0xC0, 0xA3, 0x5B, - 0xA3, 0x88, 0xB1, 0x3E, 0x2F, 0x51, 0x58, 0x4A, 0xD2, 0x84, - 0x43, 0xA1, 0x01, 0x26, 0xA0, 0xF6, 0x58, 0x40, 0x99, 0xF9, - 0x49, 0x04, 0x37, 0x01, 0xD7, 0xBD, 0xBA, 0x38, 0x90, 0x4A, - 0x0B, 0x49, 0xF0, 0x04, 0xDE, 0xD6, 0xB6, 0x4A, 0x49, 0x00, - 0xDE, 0xCA, 0x5C, 0x66, 0xAE, 0x8A, 0x9E, 0xBA, 0x91, 0x35, - 0x76, 0xDE, 0xF1, 0x36, 0xB7, 0x4E, 0xA8, 0x9C, 0x14, 0xFA, - 0x64, 0x62, 0x4D, 0xBD, 0x33, 0xB4, 0xC0, 0xBB, 0x41, 0xC1, - 0x53, 0xCA, 0x51, 0x54, 0x8C, 0x73, 0xFF, 0x71, 0xA2, 0xBA, - 0xF2, 0x74, 0x40, 0x03, 0x58, 0x42, 0xA6, 0x01, 0x01, 0x02, + 0x82, 0x2F, 0x58, 0x20, 0x0F, 0x02, 0xCA, 0xF6, 0xD3, 0xE6, + 0x19, 0x20, 0xD3, 0x6B, 0xF3, 0xCE, 0xA7, 0xF8, 0x62, 0xA1, + 0x3B, 0xB8, 0xFB, 0x1F, 0x09, 0xC3, 0xF4, 0xC2, 0x9B, 0x12, + 0x1F, 0xEA, 0xB7, 0x8E, 0xF3, 0xD8, 0x58, 0x4A, 0xD2, 0x84, + 0x43, 0xA1, 0x01, 0x26, 0xA0, 0xF6, 0x58, 0x40, 0x75, 0x11, + 0x1F, 0xE0, 0x9D, 0x12, 0x72, 0x6C, 0x09, 0xF0, 0xCA, 0x87, + 0xB3, 0x2B, 0x1E, 0x9A, 0x6D, 0xA1, 0x27, 0xE1, 0x71, 0xD6, + 0x75, 0x27, 0x43, 0x7E, 0x61, 0x67, 0x64, 0x58, 0x32, 0x77, + 0x07, 0xCC, 0x01, 0x85, 0xD8, 0x4C, 0x95, 0xC4, 0xC9, 0xEC, + 0x77, 0xE8, 0x25, 0x8B, 0x33, 0x81, 0x82, 0xF8, 0xDA, 0x1B, + 0xA7, 0x01, 0x4A, 0xD0, 0xE2, 0x6D, 0x6C, 0x5B, 0xEC, 0x29, + 0xDF, 0xC7, 0x40, 0x03, 0x58, 0x42, 0xA6, 0x01, 0x01, 0x02, 0x00, 0x03, 0x47, 0xA1, 0x02, 0x81, 0x81, 0x42, 0x30, 0x30, 0x05, 0x81, 0x4E, 0x64, 0x65, 0x70, 0x65, 0x6E, 0x64, 0x65, 0x6E, 0x74, 0x2E, 0x73, 0x75, 0x69, 0x74, 0x09, 0x4D, 0x84, 0x14, 0xA1, 0x17, 0x46, 0x63, 0x61, 0x74, 0x20, 0x30, 0x30, - 0x17, 0x0F, 0x11, 0x52, 0x84, 0x14, 0xA1, 0x12, 0x4B, 0x68, + 0x17, 0x0F, 0x14, 0x52, 0x84, 0x14, 0xA1, 0x12, 0x4B, 0x68, 0x65, 0x6C, 0x6C, 0x6F, 0x20, 0x77, 0x6F, 0x72, 0x6C, 0x64, - 0x12, 0x0F, + 0x12, 0x0F }; // suit_manifest_expS1.suit const uint8_t encrypted_firmware_uri[] = { 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78, diff --git a/testfiles/suit_manifest_exp0.cbor b/testfiles/suit_manifest_exp0.cbor index 915ab3d4267d5302614433df588db45f96ae5844..49de7f7abac47ade90c4c56715931cf3aa56d1a9 100644 GIT binary patch delta 74 zcmV-Q0JZ<^0qp^hIY4Yy@kTx8*gTY5h`j3umz9Y)lqzwuw5Q+xD^8CGxgFH*JZwn# gY36A5&XE(tE#|VZeY~sOtyPE+El6xQgx`^QbdOjjeE -# SUIT Manifest - B.1. Example 0: Secure Boot - https://tools.ietf.org/html/draft-ietf-suit-manifest-19#appendix-B.1 - - -## CBOR Diagnostic - / SUIT_Envelope = / - 107({ - / authentication-wrapper / 2: << [ - / digest: / << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'6658ea560262696dd1f13b782239a064da7c6c5cbaf52fded428a6fc83c7e5af' - ] >>, - / signatures: / << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected: / { - }, - / payload: / null, - / signature: / h'68113f1e76731330fea16136cead2be4fa8d4bb3e327e3f9232eb4f13b5d118f2ea6e31d9a09a240f6f5770776916e15a4ebca1b6262cf6e40a44353bd8161d9' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 0, - / common / 3: << { - / components / 2: [ - [h'00'] - ], - / shared-sequence / 4: << [ - / directive-override-parameters / 20, { - / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, - / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / image-size / 14: 34768 - }, - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15 - ] >> - } >>, - / validate / 7: << [ - / condition-image-match / 3, 15 - ] >>, - / invoke / 9: << [ - / directive-invoke / 23, 2 - ] >> - } >> - }) +## B.1. Example 0: Secure Boot +https://tools.ietf.org/html/draft-ietf-suit-manifest-27#appendix-B.1 + +{: numbered='no'} + +### CBOR Diagnostic Notation of SUIT Manifest +{: numbered='no'} + +~~~~ +/ SUIT_Envelope = / 107({ + / authentication-wrapper / 2: << [ + << [ + / digest-algorithm-id: / -16 / SHA256 /, + / digest-bytes: / h'6658EA560262696DD1F13B782239A064DA7C6C5CBAF52FDED428A6FC83C7E5AF' + ] >>, + << / COSE_Sign1_Tagged / 18([ + / protected: / << { + / algorithm-id / 1: -7 / ES256 / + } >>, + / unprotected: / {}, + / payload: / null, + / signature: / h'6C56F1463DE7D83C945B88BCEB0797958938942A71B2B4A7DFFE2B4E8F07B91DD4EE3C6C48F869E668F6CE9113C32DE6B2B17DBCABDCAD5588102D486C3884DF' + ]) >> + ] >>, + / manifest / 3: << { + / manifest-version / 1: 1, + / manifest-sequence-number / 2: 0, + / common / 3: << { + / components / 2: [ + [h'00'] + ], + / shared-sequence / 4: << [ + / directive-override-parameters / 20, { + / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, + / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' + ] >>, + / image-size / 14: 34768 + }, + / condition-vendor-identifier / 1, 15, + / condition-class-identifier / 2, 15 + ] >> + } >>, + / validate / 7: << [ + / condition-image-match / 3, 15 + ] >>, + / invoke / 9: << [ + / directive-invoke / 23, 2 + ] >> + } >> +})~~~~ + + +### CBOR Binary in Hex +{: numbered='no'} + +~~~~ +D86BA2025873825824822F58206658EA560262696DD1F13B782239A064DA +7C6C5CBAF52FDED428A6FC83C7E5AF584AD28443A10126A0F658406C56F1 +463DE7D83C945B88BCEB0797958938942A71B2B4A7DFFE2B4E8F07B91DD4 +EE3C6C48F869E668F6CE9113C32DE6B2B17DBCABDCAD5588102D486C3884 +DF035871A50101020003585FA202818141000458568614A40150FA6B4A53 +D5AD5FDFBE9DE663E4D41FFE02501492AF1425695E48BF429B2D51F2AB45 +035824822F582000112233445566778899AABBCCDDEEFF0123456789ABCD +EFFEDCBA98765432100E1987D0010F020F074382030F0943821702 +~~~~ diff --git a/testfiles/suit_manifest_exp1.cbor b/testfiles/suit_manifest_exp1.cbor index 25104edbb03d3a94c6af125a7c08f67cf22c4bd2..6f618a1d03eeb170fc2a5a51c7befdf89ebf5a38 100644 GIT binary patch delta 140 zcmV;70CWG40+0fK*lVH!SaX6{B!VwkARjJz%%I#ShVuSSxkvQ~bEc!us+fjsTLR`G z^dNNF@>ojJghQbLCZP6MKn+UzV}8nQdr5HIg_2+av@4Dqmemr<240KM0*hzhMPZ_u uG!)75WS-ZHH|Fx)0?|j&OT4?{Tv>u9TU&u3Vgp!|r2zqve`x^}k?AJ}+d&Ng delta 140 zcmV;70CWG40+0fK*lVH!SaX6{B!VwkAnz2n2_A~t=&C!m{GrxQvwj)e__J3O&)wWv zXvh!s4p>UkghQbLCZP6MKoPVwq$S`ljHE@JVW?Xa2Qpi2Xl|`~wG1E2l>wziAl(NP uY;!g!yXvGTQu?sVf{lwo@>796Au^YGYvM%1zXMp5r2zqve`x^`k?ALxm_EJ$ diff --git a/testfiles/suit_manifest_exp1.md b/testfiles/suit_manifest_exp1.md index f5c3514..2afd943 100644 --- a/testfiles/suit_manifest_exp1.md +++ b/testfiles/suit_manifest_exp1.md @@ -4,59 +4,77 @@ SPDX-License-Identifier: BSD-2-Clause --> -# SUIT Manifest - B.2. Example 1: Simultaneous Download and Installation of Payload - https://tools.ietf.org/html/draft-ietf-suit-manifest-19#appendix-B.2 - - -## CBOR Diagnostic - / SUIT_Envelope = / - 107({ - / authentication-wrapper / 2: << [ - / digest: / << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'ef14b7091e8adae8aa3bb6fca1d64fb37e19dcf8b35714cfdddc5968c80ff50e' - ] >>, - / signatures: / << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected: / { - }, - / payload: / null, - / signature: / h'11b434a425e02f8ca4459c61a85b1407325b6d686ead7ab50c1fcb9501a54520dd07146c733628bbeaa42752fab0cb828d8b41f253813e2132977a6be244c3bf' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 1, - / common / 3: << { - / components / 2: [ - [h'00'] - ], - / shared-sequence / 4: << [ - / directive-override-parameters / 20, { - / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, - / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / image-size / 14: 34768 - }, - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15 - ] >> - } >>, - / validate / 7: << [ - / condition-image-match / 3, 15 - ] >>, - / install / 17: << [ - / directive-override-parameters / 20, { - / uri / 21: "http://example.com/file.bin" - }, - / directive-fetch / 21, 2, - / condition-image-match / 3, 15 - ] >> - } >> - }) +## B.2. Example 1: Simultaneous Download and Installation of Payload +https://tools.ietf.org/html/draft-ietf-suit-manifest-27#appendix-B.2 + +{: numbered='no'} + +### CBOR Diagnostic Notation of SUIT Manifest +{: numbered='no'} + +~~~~ +/ SUIT_Envelope = / 107({ + / authentication-wrapper / 2: << [ + << [ + / digest-algorithm-id: / -16 / SHA256 /, + / digest-bytes: / h'1F2E7ACCA0DC2786F2FE4EB947F50873A6A3CFAA98866C5B02E621F42074DAF2' + ] >>, + << / COSE_Sign1_Tagged / 18([ + / protected: / << { + / algorithm-id / 1: -7 / ES256 / + } >>, + / unprotected: / {}, + / payload: / null, + / signature: / h'0D4AFA637ECA6D7B4970DC85926001B42B8E1B96D512CA065E8BD0028B67E04561A2993414C9F2649ED78B37E6F2DD02D147D14BBCBBE25C5982265B5B812062' + ]) >> + ] >>, + / manifest / 3: << { + / manifest-version / 1: 1, + / manifest-sequence-number / 2: 1, + / common / 3: << { + / components / 2: [ + [h'00'] + ], + / shared-sequence / 4: << [ + / directive-override-parameters / 20, { + / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, + / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' + ] >>, + / image-size / 14: 34768 + }, + / condition-vendor-identifier / 1, 15, + / condition-class-identifier / 2, 15 + ] >> + } >>, + / validate / 7: << [ + / condition-image-match / 3, 15 + ] >>, + / install / 20: << [ + / directive-override-parameters / 20, { + / uri / 21: "http://example.com/file.bin" + }, + / directive-fetch / 21, 2, + / condition-image-match / 3, 15 + ] >> + } >> +})~~~~ + + +### CBOR Binary in Hex +{: numbered='no'} + +~~~~ +D86BA2025873825824822F58201F2E7ACCA0DC2786F2FE4EB947F50873A6 +A3CFAA98866C5B02E621F42074DAF2584AD28443A10126A0F658400D4AFA +637ECA6D7B4970DC85926001B42B8E1B96D512CA065E8BD0028B67E04561 +A2993414C9F2649ED78B37E6F2DD02D147D14BBCBBE25C5982265B5B8120 +62035894A50101020103585FA202818141000458568614A40150FA6B4A53 +D5AD5FDFBE9DE663E4D41FFE02501492AF1425695E48BF429B2D51F2AB45 +035824822F582000112233445566778899AABBCCDDEEFF0123456789ABCD +EFFEDCBA98765432100E1987D0010F020F074382030F1458258614A11578 +1B687474703A2F2F6578616D706C652E636F6D2F66696C652E62696E1502 +030F +~~~~ diff --git a/testfiles/suit_manifest_exp2A.cbor b/testfiles/suit_manifest_exp2A.cbor index 4095ea9c448860453e7450f276a7a005133d4732..d4ba758e0ce898ea11a17ff3ac02854dd1172086 100644 GIT binary patch delta 140 zcmV;70CWGh0=EKx*lVH!SaX6{B!VwkAoSHNrWAH!kB@r858JsTpJscTJLeykb2&a! z93I8>NmxqKghQbLCZP6MK(dqNq5*T>%M?slcUm^IESfT0Ofs)AQ}E6jPN3rvU+xe{KO3k?u(kXg%iu delta 140 zcmV;70CWGh0=EKx*lVH!SaX6{B!VwkAcnilh$Hi)L>X4_D*zJ$^#e$BVf%Obu!isB z6)=b&msm>DghQbLCZP6MK#Xhf6t*v?xDD0oFZTjUwJH&8(Yy_@@dFXF9(yU{zOHs( utwQ^T0QwWAzinPcl9~mk2WR=WLJCj3 zEU9lq6qo)ic}3HK6DJ<7iG2ws0iG#3M_%4r{{vXNrvU+xe{KO3k?tuWFd>%IQoQBp uzv}lMIaWpO=F?^7H3y)9HWo2$HRa3Ki0R#f&_EtCm delta 185 zcmV;q07n0X2mS_s*lVN$SaX6{B!VwkAcnilh$Hi)L>X4_D*zJ$^#e$BVf%Obu!isB z6)=b&msm>DghQbLCZP6MK#Xhf6t*v?xDD0oFZTjUwJH&8(Yy_@@dFXF9(yU{zOHs( ztwQ^T0QwWAzinPcl9~mk2WR=WLJCj-A_fdK>p9WhW$ diff --git a/testfiles/suit_manifest_exp3.cbor b/testfiles/suit_manifest_exp3.cbor index 048e794b2bf88ee21e33584465d9b0b5f58e472d..ff5c7eb92247c6f58a48c30868d377cbb029cc60 100644 GIT binary patch delta 141 zcmV;80CN9~1B?TI*lVH!SaX6{B!VwkAokQsV(gG>IVAwXLg$We?J5eN(QJ_ zVgTAM;8;r1ghQbLCZP6MKpS2KFFuPZtrIY@vDpP%9`d`muAqbvG}Fy_2CBPqI+3Cn v=i)q;_?JE0h|r@PCHxrGE1~jnA(-YE&dt*Y7z0@W52XQ-f3E=)lP>{X!$mym delta 141 zcmV;80CN9~1B?TI*lVH!SaX6{B!VwkAhYJBCw9L+(ir}_0~}zSm?jPyQv4qQmV@oK z(Z$50d00x)ghQbLCZP6MK%eo}G<1o5FfV?@tC-6N;w+d`xhhuU?2?A0;z-o2S!P}1 vSR}#9txE-KHRz-aUrtLD$8im`{lK}N{{vY852XQ-f3E=%lP>{XD_%iX diff --git a/testfiles/suit_manifest_exp3.md b/testfiles/suit_manifest_exp3.md index 4b4fcc7..f1b4cc4 100644 --- a/testfiles/suit_manifest_exp3.md +++ b/testfiles/suit_manifest_exp3.md @@ -4,99 +4,122 @@ SPDX-License-Identifier: BSD-2-Clause --> -# SUIT Manifest - B.4. Example 3: A/B images - https://tools.ietf.org/html/draft-ietf-suit-manifest-19#appendix-B.4 +## B.4. Example 3: A/B images +https://tools.ietf.org/html/draft-ietf-suit-manifest-27#appendix-B.4 +{: numbered='no'} -## CBOR Diagnostic - / SUIT_Envelope = / - 107({ - / authentication-wrapper / 2: << [ - / digest: / << [ +### CBOR Diagnostic Notation of SUIT Manifest +{: numbered='no'} + +~~~~ +/ SUIT_Envelope = / 107({ + / authentication-wrapper / 2: << [ + << [ + / digest-algorithm-id: / -16 / SHA256 /, + / digest-bytes: / h'F6D44A62EC906B392500C242E78E908E9CC5057F3F04104A06A8566200DA2EE0' + ] >>, + << / COSE_Sign1_Tagged / 18([ + / protected: / << { + / algorithm-id / 1: -7 / ES256 / + } >>, + / unprotected: / {}, + / payload: / null, + / signature: / h'1B5E052F3E8B2AAD1330B1B1D9055B1EF2BBB8AEA0841034D3CD7906AABB723A91A218E7E23C96F8973DDC88D0A31C25FC18D52BA1F2712198E618CECDD30718' + ]) >> + ] >>, + / manifest / 3: << { + / manifest-version / 1: 1, + / manifest-sequence-number / 2: 3, + / common / 3: << { + / components / 2: [ + [h'00'] + ], + / shared-sequence / 4: << [ + / directive-override-parameters / 20, { + / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, + / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 / + }, + / directive-try-each / 15, [ + << [ + / directive-override-parameters / 20, { + / component-slot / 5: 0 + }, + / condition-component-slot / 5, 5, + / directive-override-parameters / 20, { + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' + ] >>, + / image-size / 14: 34768 + } + ] >>, + << [ + / directive-override-parameters / 20, { + / component-slot / 5: 1 + }, + / condition-component-slot / 5, 5, + / directive-override-parameters / 20, { + / image-digest / 3: << [ / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'b3e6a52776bf3ed218feba031c609c98260e1a52fc1f019683edb6d1c5c4a379' - ] >>, - / signatures: / << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected: / { - }, - / payload: / null, - / signature: / h'9ff1d63474897d302f7ec4ab98cb07e22c9853b92a56e3ec9286a4e248d4ac59665de35824c1caad4b056b35e8a40c60086f36eb519e31c7710db4fdc0b99eff' - ]) >> + / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' + ] >>, + / image-size / 14: 76834 + } + ] >> + ], + / condition-vendor-identifier / 1, 15, + / condition-class-identifier / 2, 15 + ] >> + } >>, + / validate / 7: << [ + / condition-image-match / 3, 15 + ] >>, + / install / 20: << [ + / directive-try-each / 15, [ + << [ + / directive-override-parameters / 20, { + / component-slot / 5: 0 + }, + / condition-component-slot / 5, 5, + / directive-override-parameters / 20, { + / uri / 21: "http://example.com/file1.bin" + } ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 3, - / common / 3: << { - / components / 2: [ - [h'00'] - ], - / shared-sequence / 4: << [ - / directive-override-parameters / 20, { - / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, - / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 / - }, - / directive-try-each / 15, [ - << [ - / directive-override-parameters / 20, { - / component-slot / 5: 0 - }, - / condition-component-slot / 5, 5, - / directive-override-parameters / 20, { - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / image-size / 14: 34768 - } - ] >>, - << [ - / directive-override-parameters / 20, { - / component-slot / 5: 1 - }, - / condition-component-slot / 5, 5, - / directive-override-parameters / 20, { - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' - ] >>, - / image-size / 14: 76834 - } - ] >> - ], - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15 - ] >> - } >>, - / validate / 7: << [ - / condition-image-match / 3, 15 - ] >>, - / install / 17: << [ - / directive-try-each / 15, [ - << [ - / directive-override-parameters / 20, { - / component-slot / 5: 0 - }, - / condition-component-slot / 5, 5, - / directive-override-parameters / 20, { - / uri / 21: "http://example.com/file1.bin" - } - ] >>, - << [ - / directive-override-parameters / 20, { - / component-slot / 5: 1 - }, - / condition-component-slot / 5, 5, - / directive-override-parameters / 20, { - / uri / 21: "http://example.com/file2.bin" - } - ] >> - ], - / directive-fetch / 21, 2, - / condition-image-match / 3, 15 - ] >> - } >> - }) + << [ + / directive-override-parameters / 20, { + / component-slot / 5: 1 + }, + / condition-component-slot / 5, 5, + / directive-override-parameters / 20, { + / uri / 21: "http://example.com/file2.bin" + } + ] >> + ], + / directive-fetch / 21, 2, + / condition-image-match / 3, 15 + ] >> + } >> +}) +~~~~ + + +### CBOR Binary in Hex +{: numbered='no'} + +~~~~ +D86BA2025873825824822F5820F6D44A62EC906B392500C242E78E908E9C +C5057F3F04104A06A8566200DA2EE0584AD28443A10126A0F658401B5E05 +2F3E8B2AAD1330B1B1D9055B1EF2BBB8AEA0841034D3CD7906AABB723A91 +A218E7E23C96F8973DDC88D0A31C25FC18D52BA1F2712198E618CECDD307 +180359010FA5010102030358A4A2028181410004589B8814A20150FA6B4A +53D5AD5FDFBE9DE663E4D41FFE02501492AF1425695E48BF429B2D51F2AB +450F8258348614A10500050514A2035824822F5820001122334455667788 +99AABBCCDDEEFF0123456789ABCDEFFEDCBA98765432100E1987D0583686 +14A10501050514A2035824822F58200123456789ABCDEFFEDCBA98765432 +1000112233445566778899AABBCCDDEEFF0E1A00012C22010F020F074382 +030F14585B860F8258288614A10500050514A115781C687474703A2F2F65 +78616D706C652E636F6D2F66696C65312E62696E58288614A10501050514 +A115781C687474703A2F2F6578616D706C652E636F6D2F66696C65322E62 +696E1502030F +~~~~ diff --git a/testfiles/suit_manifest_exp4.cbor b/testfiles/suit_manifest_exp4.cbor index 34e075af7dc934b9827a74ba497cbb5e1dfef357..66f9f16798377f5fc2e3e9a5dad17d8251455e85 100644 GIT binary patch delta 150 zcmV;H0BQe|1Cs-P*lVH!SaX6{B!VwkAX{H$hOy?&@t)*)rLC*-23QaPy;w^KGO4|< zPjbz@)>ul?ghQbLCZP6MK<-%+^w!+;$|sICFoeJ(c(ybFIK%ruJerChON=6K(nqeH zeE?hE89yQ0tk~_@2+T!HAJ`&V*mgE diff --git a/testfiles/suit_manifest_exp4.md b/testfiles/suit_manifest_exp4.md index fadc0ae..107ed95 100644 --- a/testfiles/suit_manifest_exp4.md +++ b/testfiles/suit_manifest_exp4.md @@ -4,93 +4,117 @@ SPDX-License-Identifier: BSD-2-Clause --> -# SUIT Manifest - B.5. Example 4: Load and Decompress from External Storage - https://tools.ietf.org/html/draft-ietf-suit-manifest-19#appendix-B.5 +## B.5. Example 4: Load from External Storage +https://tools.ietf.org/html/draft-ietf-suit-manifest-27#appendix-B.5 -## CBOR Diagnostic - / SUIT_Envelope = / - 107({ - / authentication-wrapper / 2: << [ - / digest: / << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'838eb848698c9d9dd29b5930102ea1f29743857d975f52ed4d19589b821e82cf' - ] >>, - / signatures: / << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected: / { - }, - / payload: / null, - / signature: / h'5ee9d2698734cef75582a2c188a328b06d414b20dff7043528045a3fc2bdcb6be36887e2dfdb6ea5ab91d74077a6cc806c4580026bfea22c4f3153e1d9692c5a' - ]) >> +{: numbered='no'} + +### CBOR Diagnostic Notation of SUIT Manifest +{: numbered='no'} + +~~~~ +/ SUIT_Envelope = / 107({ + / authentication-wrapper / 2: << [ + << [ + / digest-algorithm-id: / -16 / SHA256 /, + / digest-bytes: / h'5B5F6586B1E6CDF19EE479A5ADABF206581000BD584B0832A9BDAF4F72CDBDD6' + ] >>, + << / COSE_Sign1_Tagged / 18([ + / protected: / << { + / algorithm-id / 1: -7 / ES256 / + } >>, + / unprotected: / {}, + / payload: / null, + / signature: / h'EE5913F4D6DCF4CA278E363084C02378B6340138C3FB403C9A8A1F4B8C226FD247AE9D7D005BDF193F21DBACD8EDD908E7D80594AE1A657F97E14A02DEFBD5EE' + ]) >> + ] >>, + / manifest / 3: << { + / manifest-version / 1: 1, + / manifest-sequence-number / 2: 4, + / common / 3: << { + / components / 2: [ + [h'00'], + [h'02'], + [h'01'] + ], + / shared-sequence / 4: << [ + / directive-set-component-index / 12, 0, + / directive-override-parameters / 20, { + / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, + / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' + ] >>, + / image-size / 14: 34768 + }, + / condition-vendor-identifier / 1, 15, + / condition-class-identifier / 2, 15 + ] >> + } >>, + / validate / 7: << [ + / directive-set-component-index / 12, 0, + / condition-image-match / 3, 15 + ] >>, + / load / 8: << [ + / directive-set-component-index / 12, 2, + / directive-override-parameters / 20, { + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' + ] >>, + / image-size / 14: 76834, + / source-component / 22: 0 + }, + / directive-copy / 22, 2, + / condition-image-match / 3, 15 + ] >>, + / invoke / 9: << [ + / directive-set-component-index / 12, 2, + / directive-invoke / 23, 2 + ] >>, + / payload-fetch / 16: << [ + / directive-set-component-index / 12, 1, + / directive-override-parameters / 20, { + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 4, - / common / 3: << { - / components / 2: [ - [h'00'], - [h'02'], - [h'01'] - ], - / shared-sequence / 4: << [ - / directive-set-component-index / 12, 0, - / directive-override-parameters / 20, { - / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, - / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / image-size / 14: 34768 - }, - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15 - ] >> - } >>, - / validate / 7: << [ - / directive-set-component-index / 12, 0, - / condition-image-match / 3, 15 - ] >>, - / load / 8: << [ - / directive-set-component-index / 12, 2, - / directive-override-parameters / 20, { - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' - ] >>, - / image-size / 14: 76834, - / source-component / 22: 0 - }, - / directive-copy / 22, 2, - / condition-image-match / 3, 15 - ] >>, - / invoke / 9: << [ - / directive-set-component-index / 12, 2, - / directive-invoke / 23, 2 - ] >>, - / payload-fetch / 16: << [ - / directive-set-component-index / 12, 1, - / directive-override-parameters / 20, { - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / uri / 21: "http://example.com/file.bin" - }, - / directive-fetch / 21, 2, - / condition-image-match / 3, 15 - ] >>, - / install / 17: << [ - / directive-set-component-index / 12, 0, - / directive-override-parameters / 20, { - / source-component / 22: 1 - }, - / directive-copy / 22, 2, - / condition-image-match / 3, 15 - ] >> - } >> - }) + / uri / 21: "http://example.com/file.bin" + }, + / directive-fetch / 21, 2, + / condition-image-match / 3, 15 + ] >>, + / install / 20: << [ + / directive-set-component-index / 12, 0, + / directive-override-parameters / 20, { + / source-component / 22: 1 + }, + / directive-copy / 22, 2, + / condition-image-match / 3, 15 + ] >> + } >> +}) +~~~~ + + +### CBOR Binary in Hex +{: numbered='no'} + +~~~~ +D86BA2025873825824822F58205B5F6586B1E6CDF19EE479A5ADABF20658 +1000BD584B0832A9BDAF4F72CDBDD6584AD28443A10126A0F65840EE5913 +F4D6DCF4CA278E363084C02378B6340138C3FB403C9A8A1F4B8C226FD247 +AE9D7D005BDF193F21DBACD8EDD908E7D80594AE1A657F97E14A02DEFBD5 +EE03590116A801010204035867A20283814100814102814101045858880C +0014A40150FA6B4A53D5AD5FDFBE9DE663E4D41FFE02501492AF1425695E +48BF429B2D51F2AB45035824822F582000112233445566778899AABBCCDD +EEFF0123456789ABCDEFFEDCBA98765432100E1987D0010F020F0745840C +00030F085838880C0214A3035824822F58200123456789ABCDEFFEDCBA98 +7654321000112233445566778899AABBCCDDEEFF0E1A00012C2216001602 +030F0945840C02170210584E880C0114A2035824822F5820001122334455 +66778899AABBCCDDEEFF0123456789ABCDEFFEDCBA987654321015781B68 +7474703A2F2F6578616D706C652E636F6D2F66696C652E62696E1502030F +144B880C0014A116011602030F +~~~~ diff --git a/testfiles/suit_manifest_exp5.cbor b/testfiles/suit_manifest_exp5.cbor index aa5ec9a548259caa85b023b96537d462f33ef39d..4d53a003661ca5851636441351125613c8771b91 100644 GIT binary patch delta 141 zcmV;80CNBS0{#Mj*lVH!SaX6{B!VwkAQjGF_jXt0Qys%86<>=E*N>FF#?fW6W>j-& zJv%OrTgo?Jw_}rBn;Iwo7aKid=KvBi@ZF5 vW^hcCb{bn*F{)^0j2?wf2{!#lPv*JNlZWA diff --git a/testfiles/suit_manifest_exp5.md b/testfiles/suit_manifest_exp5.md index 04a1c7e..2cd672b 100644 --- a/testfiles/suit_manifest_exp5.md +++ b/testfiles/suit_manifest_exp5.md @@ -4,83 +4,106 @@ SPDX-License-Identifier: BSD-2-Clause --> -# SUIT Manifest - B.6. Example 5: Two Images - https://tools.ietf.org/html/draft-ietf-suit-manifest-19#appendix-B.6 +## B.6. Example 5: Two Images +https://tools.ietf.org/html/draft-ietf-suit-manifest-27#appendix-B.6 -## CBOR Diagnostic - / SUIT_Envelope = / - 107({ - / authentication-wrapper / 2: << [ - / digest: / << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'264dc89eb4a39ae7a8ed05e4d6232153bce4fb9a111a31310b90627d1edfc3bb' - ] >>, - / signatures: / << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected: / { - }, - / payload: / null, - / signature: / h'c0bf1b20b847292dc45015a013edbc56915b22fe81a8aec825eac2fb3b084fa6fa08761461987c92189ec6b8b5ab361d2588b05070b3ed03943549bafd355bf0' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 5, - / common / 3: << { - / components / 2: [ - [h'00'], - [h'01'] - ], - / shared-sequence / 4: << [ - / directive-set-component-index / 12, 0, - / directive-override-parameters / 20, { - / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, - / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' - ] >>, - / image-size / 14: 34768 - }, - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15, - / directive-set-component-index / 12, 1, - / directive-override-parameters / 20, { - / image-digest / 3: << [ - / algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' - ] >>, - / image-size / 14: 76834 - } - ] >> - } >>, - / validate / 7: << [ - / directive-set-component-index / 12, 0, - / condition-image-match / 3, 15, - / directive-set-component-index / 12, 1, - / condition-image-match / 3, 15 - ] >>, - / invoke / 9: << [ - / directive-set-component-index / 12, 0, - / directive-invoke / 23, 2 - ] >>, - / install / 17: << [ - / directive-set-component-index / 12, 0, - / directive-override-parameters / 20, { - / uri / 21: "http://example.com/file1.bin" - }, - / directive-fetch / 21, 2, - / condition-image-match / 3, 15, - / directive-set-component-index / 12, 1, - / directive-override-parameters / 20, { - / uri / 21: "http://example.com/file2.bin" - }, - / directive-fetch / 21, 2, - / condition-image-match / 3, 15 - ] >> - } >> - }) +{: numbered='no'} + +### CBOR Diagnostic Notation of SUIT Manifest +{: numbered='no'} + +~~~~ +/ SUIT_Envelope = / 107({ + / authentication-wrapper / 2: << [ + << [ + / digest-algorithm-id: / -16 / SHA256 /, + / digest-bytes: / h'15CE60F77657E4531DC329155F8B0ED78F94BDC6D165B2665473693DCC34F470' + ] >>, + << / COSE_Sign1_Tagged / 18([ + / protected: / << { + / algorithm-id / 1: -7 / ES256 / + } >>, + / unprotected: / {}, + / payload: / null, + / signature: / h'F3B3EFCC47C797508E2316A5FBEBBE3D462C30240CD5349BD781E17C0FEEE58BBC3C8066704C93761A5B5931AAE1BA08632D14880E7FCF6481661045D1399233' + ]) >> + ] >>, + / manifest / 3: << { + / manifest-version / 1: 1, + / manifest-sequence-number / 2: 5, + / common / 3: << { + / components / 2: [ + [h'00'], + [h'01'] + ], + / shared-sequence / 4: << [ + / directive-set-component-index / 12, 0, + / directive-override-parameters / 20, { + / vendor-id / 1: h'fa6b4a53d5ad5fdfbe9de663e4d41ffe' / fa6b4a53-d5ad-5fdf-be9d-e663e4d41ffe /, + / class-id / 2: h'1492af1425695e48bf429b2d51f2ab45' / 1492af14-2569-5e48-bf42-9b2d51f2ab45 /, + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'00112233445566778899aabbccddeeff0123456789abcdeffedcba9876543210' + ] >>, + / image-size / 14: 34768 + }, + / condition-vendor-identifier / 1, 15, + / condition-class-identifier / 2, 15, + / directive-set-component-index / 12, 1, + / directive-override-parameters / 20, { + / image-digest / 3: << [ + / algorithm-id: / -16 / SHA-256 /, + / digest-bytes: / h'0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff' + ] >>, + / image-size / 14: 76834 + } + ] >> + } >>, + / validate / 7: << [ + / directive-set-component-index / 12, 0, + / condition-image-match / 3, 15, + / directive-set-component-index / 12, 1, + / condition-image-match / 3, 15 + ] >>, + / invoke / 9: << [ + / directive-set-component-index / 12, 0, + / directive-invoke / 23, 2 + ] >>, + / install / 20: << [ + / directive-set-component-index / 12, 0, + / directive-override-parameters / 20, { + / uri / 21: "http://example.com/file1.bin" + }, + / directive-fetch / 21, 2, + / condition-image-match / 3, 15, + / directive-set-component-index / 12, 1, + / directive-override-parameters / 20, { + / uri / 21: "http://example.com/file2.bin" + }, + / directive-fetch / 21, 2, + / condition-image-match / 3, 15 + ] >> + } >> +}) +~~~~ + + +### CBOR Binary in Hex +{: numbered='no'} + +~~~~ +D86BA2025873825824822F582015CE60F77657E4531DC329155F8B0ED78F +94BDC6D165B2665473693DCC34F470584AD28443A10126A0F65840F3B3EF +CC47C797508E2316A5FBEBBE3D462C30240CD5349BD781E17C0FEEE58BBC +3C8066704C93761A5B5931AAE1BA08632D14880E7FCF6481661045D13992 +3303590101A601010205035895A202828141008141010458898C0C0014A4 +0150FA6B4A53D5AD5FDFBE9DE663E4D41FFE02501492AF1425695E48BF42 +9B2D51F2AB45035824822F582000112233445566778899AABBCCDDEEFF01 +23456789ABCDEFFEDCBA98765432100E1987D0010F020F0C0114A2035824 +822F58200123456789ABCDEFFEDCBA987654321000112233445566778899 +AABBCCDDEEFF0E1A00012C220749880C00030F0C01030F0945840C001702 +14584F900C0014A115781C687474703A2F2F6578616D706C652E636F6D2F +66696C65312E62696E1502030F0C0114A115781C687474703A2F2F657861 +6D706C652E636F6D2F66696C65322E62696E1502030F +~~~~ diff --git a/testfiles/suit_manifest_expAF.cbor b/testfiles/suit_manifest_expAF.cbor index dfccdaa8138457809ed7546587a2d5d5b094f427..7ea22d454f66a074ee5e1283017aa38a0fe31f92 100644 GIT binary patch delta 102 zcmV-s0Ga=j0+Rw+*lVH!SW|*nB!VwkAca$!r3VR2{-l)j*m@X?l7RYYX61v?Epvxr z@Q%636j&fhKx=_)tEcp0iN2( zRld^AFjy+lghQbL1)%m=Ad|GWbfwTj9@hI_zljPcOxnkRY`g@E^nU01fAhQo!;x7w I0TGdqgRhk__W%F@ diff --git a/testfiles/suit_manifest_expAF.md b/testfiles/suit_manifest_expAF.md index 8a6cf90..9e552d9 100644 --- a/testfiles/suit_manifest_expAF.md +++ b/testfiles/suit_manifest_expAF.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'AAB6A7868C4E43D5983BDE019EF2277921F6F8EF1FCAF9403CA97255BED2CD30' + / digest-bytes: / h'85539AA507094CFEA494F4D87A188B9280FA6966E583D12D738762F08EB9C914' ] >>, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'93B4B774A5D0421ED6FB5EBF890A284CDAC7816CBC048BF47EE7FA7FF3BC02C3' + / tag: / h'E22534A05903F63AE9EBA0C1CFA938AB48008553CA765622FBA7539E86441E38' ]) >> ] >>, / manifest / 3: << { @@ -35,7 +35,7 @@ ['encrypted-firmware'] ] } >>, - / install / 17: << [ + / install / 20: << [ / fetch encrypted firmware / / directive-set-component-index / 12, 1 / ['encrypted-firmware'] /, / directive-override-parameters / 20, { @@ -80,11 +80,11 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F5820AAB6A7868C4E43D5983BDE019EF2277921 -F6F8EF1FCAF9403CA97255BED2CD30582AD18443A10105A0F6582093B4B7 -74A5D0421ED6FB5EBF890A284CDAC7816CBC048BF47EE7FA7FF3BC02C303 +D86BA2025853825824822F582085539AA507094CFEA494F4D87A188B9280 +FA6966E583D12D738762F08EB9C914582AD18443A10105A0F65820E22534 +A05903F63AE9EBA0C1CFA938AB48008553CA765622FBA7539E86441E3803 58B7A40101020103582BA102828152706C61696E746578742D6669726D77 -6172658152656E637279707465642D6669726D776172651158818C0C0114 +6172658152656E637279707465642D6669726D776172651458818C0C0114 A20E182E15782668747470733A2F2F6578616D706C652E636F6D2F656E63 7279707465642D6669726D77617265150F0C0014A2135843D8608443A101 01A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818341A0A201220445 diff --git a/testfiles/suit_manifest_expAW.cbor b/testfiles/suit_manifest_expAW.cbor index 4d82cdf7017c452b183735c57de6582f334d6f40..a82bcfdc20616f717bee8cb89c59d6e573accb23 100644 GIT binary patch delta 102 zcmV-s0Ga>!0r>%0*lVH!SW|*nB!VwkAV4+gK{mghQbL1)%m=APJlNKzO9o$LrL6Dc3Vl%KL&RdtUF&PXgV}LFy`gd68Km I0ThvYejs2ng#Z8m delta 102 zcmV-s0Ga>!0r>%0*lVH!SW|*nB!VwkAX9F}mEn#__->, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'3B70571169B0FEE5E6220BF86E5E973F7F32875495908EDAA91EC994BCA44B29' + / tag: / h'099BFC4078A4D4C7EBD47D29D73350CAFB82277B5EEFCD4F02DDCE41EA2A7E79' ]) >> ] >>, / manifest / 3: << { @@ -34,7 +34,7 @@ ['plaintext-firmware'] ] } >>, - / install / 17: << [ + / install / 20: << [ / fetch encrypted firmware / / directive-override-parameters / 20, { / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', @@ -73,11 +73,11 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F5820536EC695E423342FF57FA89B3E3C12C0F9 -257992F7D96F017281782D2DF1C50F582AD18443A10105A0F658203B7057 -1169B0FEE5E6220BF86E5E973F7F32875495908EDAA91EC994BCA44B2903 +D86BA2025853825824822F582047BD34B3767EDD7060DB1400C7F9B1D4C1 +D24DBAB8F6A24CE05A57927EB73BDB582AD18443A10105A0F65820099BFC +4078A4D4C7EBD47D29D73350CAFB82277B5EEFCD4F02DDCE41EA2A7E7903 589DA4010102010357A102818152706C61696E746578742D6669726D7761 -726511587C8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD +726514587C8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD 85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135843 D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818341 A0A2012204456B69642D31581875603FFC9518D794713C8CA8A115A7FB32 diff --git a/testfiles/suit_manifest_expD.cbor b/testfiles/suit_manifest_expD.cbor index 952fce0b18e51c80d016b77c555567a9e55ad046..8c95a06396c117330a88cae6d8bfcda879dc5cc1 100644 GIT binary patch delta 406 zcmV;H0crld1-%7-q5@cRf>*_v)B2g6E$BNY$H@j{!!16j<1b3;_!O3;-0O5?DPOWIGt)2p@OY< z9MGF!mRNtJk{R}agG8YLI2@rMqyYjT0U=l*%Z9LNm#@1> z0hSPQ-twSP&I%P2xONWO3D#sn&wi4L*&33;_!O3;-A*4=Vz) AVE_OC delta 406 zcmV;H0crld1-%7-q5@cRf>2J=t4Sl&->r;gc}qcE8=q`j^u- z_jZX6(|daci3F{Z;PGXDKi06C3NQR)3j{!!15m?xY3;_!O3;-0O5?DQLTjcd=>5AYVIIwZ= z0#rA*LjNd*O0z76i^ivH(>q+D68|E)mFh-vw;7y?r-G4#c}gLszBF7zaon)n6IhDa zV1z)T0XhHu1yE<>x_s0v0=vVUP>Wum@x=ClgG8YLI2@rMqyYjT0U=l*@g82vZy$B9N!L86sF9Ctls+pVwTIldt-4Z;!1!NzgrK)PIW% z0(<4~yr_iBSQvePZK15}Z*Wb3KMekKAW~d`;gxoo{LT^&7#K>33;_!O3;-A*52|Om A761SM diff --git a/testfiles/suit_manifest_expD.md b/testfiles/suit_manifest_expD.md index 44254d5..6b7f397 100644 --- a/testfiles/suit_manifest_expD.md +++ b/testfiles/suit_manifest_expD.md @@ -11,7 +11,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'FE6CF752367398A8BEBF0EE521242560FF495CBA08883AEDAF8CC4DC5E0DA444' + / digest-bytes: / h'014F0B68F4D5BCEC33D28C09DB32DBF38273AF57D769E9E3D84895A4BE2C7A24' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -19,7 +19,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'DEA71FE757D211B86796EDB058A82F85F93DD95B5494AEC284E19330E376BFDDCAFA97D336F776890ED37B7B068904AD92E0F1657FE3935D78B4AB083ACFCA09' + / signature: / h'B3972AAD29F143FD4DB46E9844805DB3280D6487A0831E2ECE1A9E4DBE3EDAD12A0A289FD565AE0928387440B4DCE185D6CDC30CD2E93BA7B919166B355C0E03' ]) >> ] >>, / manifest / 3: << { @@ -75,14 +75,14 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / algorithm-id / -16 / SHA256 /, - / digest-bytes / h'EF53C7F719CB10041233850AE3211D62CEC9528924E656607688E77BC14886A0' + / digest-bytes / h'B39B52B0B747EA79588C190F567BFC2C8437BA8A73F7EA983182E79F0148D59B' ] >>, / parameter-image-size / 14: 389, / parameter-uri / 21: "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.suit" }, / directive-fetch / 21, 2 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 1, / directive-process-dependency / 11, 0, @@ -90,12 +90,12 @@ / directive-set-component-index / 12, 0, / directive-override-parameters / 20, { / NOTE: encrypted payload and encryption-info / - / parameter-content / 18: h'6D5BE4F569E98AE01F38B071EF025437B742FF28854AB32C868BC6A76CD33B5CA112FF22BA95EA4672B7199C89A7829183794A21A6BE345C4371DCB0DC', + / parameter-content / 18: h'1B643B18E1081F77FFB9B107D61CD09B60965885A31D7E355A7AC0DAF86FCBE62F3E20CBD59FEFDB7708EE708208C60E20F9056C13A43288224C0FB271', / parameter-encryption-info / 19: << 96([ / protected: / h'', / unprotected: / { / alg / 1: -65534 / A128CTR /, - / IV / 5: h'67E3BA7CD42D02BBC39C508B5EA0F1C4' + / IV / 5: h'76C8F4729BE242D1E230165C87C39219' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -107,11 +107,11 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'F2452399667F57993B14C5F1107F667884854C190894FC08531C1E2290A7BA19', - / y / -3: h'275EDDE29FD75C9393AFFA706F8FAD3C49D03D67D47F8B0C027BE5F0BCA884CB' + / x / -2: h'CB86B097AFBB4801961072DEF2A051CE0A1514B8760EDA09D66442CF7E9289D9', + / y / -3: h'D50ADBBEB94693103782200CC07C1E1DFD8635150FD9F6A7AD75B33A4F4DF169' } }, - / payload: / h'7D806DA1ACEC6F704D803F0CFE7420525C81E1957699FCCE' + / payload: / h'9C4E739A485FF8E42C7245FA50E8B55EA7026BD8EC8649E6' ] ] ]) >> @@ -136,10 +136,10 @@ {: numbered='no'} ~~~~ -A2025873825824822F5820FE6CF752367398A8BEBF0EE521242560FF495C -BA08883AEDAF8CC4DC5E0DA444584AD28443A10126A0F65840DEA71FE757 -D211B86796EDB058A82F85F93DD95B5494AEC284E19330E376BFDDCAFA97 -D336F776890ED37B7B068904AD92E0F1657FE3935D78B4AB083ACFCA0903 +A2025873825824822F5820014F0B68F4D5BCEC33D28C09DB32DBF38273AF +57D769E9E3D84895A4BE2C7A24584AD28443A10126A0F65840B3972AAD29 +F143FD4DB46E9844805DB3280D6487A0831E2ECE1A9E4DBE3EDAD12A0A28 +9FD565AE0928387440B4DCE185D6CDC30CD2E93BA7B919166B355C0E0303 590242A801010203035886A301A101A101844B544545502D446576696365 485365637572654653508D82573A926D4754935332DC29997F7444737569 740281834B544545502D4465766963654853656375726546534B636F6E66 @@ -148,16 +148,16 @@ A26C2F0250DB42F7093D8C55BAA8C5265FC5820F4E010F020F05834B5445 45502D4465766963654853656375726546534B636F6E6669672E73756974 075831860C0014A2035824822F58208273468FB64BD84BB04825F8371744 D952B751C73A60F455AF681E167726F1160E183D030F0F5872860C0114A3 -035824822F5820EF53C7F719CB10041233850AE3211D62CEC9528924E656 -607688E77BC14886A00E19018515783D68747470733A2F2F6578616D706C +035824822F5820B39B52B0B747EA79588C190F567BFC2C8437BA8A73F7EA +983182E79F0148D59B0E19018515783D68747470733A2F2F6578616D706C 652E6F72672F38643832353733612D393236642D343735342D393335332D -3332646332393939376637342E7375697415021158D88A0C010B000C0014 -A212583D6D5BE4F569E98AE01F38B071EF025437B742FF28854AB32C868B -C6A76CD33B5CA112FF22BA95EA4672B7199C89A7829183794A21A6BE345C -4371DCB0DC13588AD8608440A20139FFFD055067E3BA7CD42D02BBC39C50 -8B5EA0F1C4F6818344A101381CA120A401022001215820F2452399667F57 -993B14C5F1107F667884854C190894FC08531C1E2290A7BA19225820275E -DDE29FD75C9393AFFA706F8FAD3C49D03D67D47F8B0C027BE5F0BCA884CB -58187D806DA1ACEC6F704D803F0CFE7420525C81E1957699FCCE120F1818 +3332646332393939376637342E7375697415021458D88A0C010B000C0014 +A212583D1B643B18E1081F77FFB9B107D61CD09B60965885A31D7E355A7A +C0DAF86FCBE62F3E20CBD59FEFDB7708EE708208C60E20F9056C13A43288 +224C0FB27113588AD8608440A20139FFFD055076C8F4729BE242D1E23016 +5C87C39219F6818344A101381CA120A401022001215820CB86B097AFBB48 +01961072DEF2A051CE0A1514B8760EDA09D66442CF7E9289D9225820D50A +DBBEB94693103782200CC07C1E1DFD8635150FD9F6A7AD75B33A4F4DF169 +58189C4E739A485FF8E42C7245FA50E8B55EA7026BD8EC8649E6120F1818 4A880C010B000C0018210F ~~~~ diff --git a/testfiles/suit_manifest_expED.cbor b/testfiles/suit_manifest_expED.cbor index e2909c110d8f6f924453f62505e3cc052849ea31..0f698f6934deb84dc3b4416092e069fdedd86246 100644 GIT binary patch delta 304 zcmbQkK8Jn6x_VCLZcU{*{cjy^P21hG?P=6kpT#q3C2~%e^+%grzNM`Z;dQCSc_E|P zf^QKHQ*&2JdhI!8eyP>!*{st7SCvjhlz6rYJBigjZ;aYjwERfO=`2fa_e)ChF0mZ* z7JiRD#o^Uk;i;b;D-`mk{QGz2NXCMtjEqc-%n{~`7#9Lz<78b%FGi8c6^z#vyhTs) z?=8=2;;SpR{ortu+cZ0-bcWukH!spHB*bUm7n_{V~E-d}u6 zYjTA0rmk1dR>Z7bhaf~Wuh delta 304 zcmbQkK8Jn6y80~H`A*Nbu+-{@up~&Xv%6x|b;hmgU~1XM+Wfv`1E)(7UYA;&7c#0X z_!i-C-_!c`$MpBV9U^Ta1uk2sIZan|tNjqc@G5OZ_r#((R|VK-$cxG!Rw;@9VwYdK z>Z@e!)i++t_Pjsm{AAF)jqc#>u*jUW|g1D;TdU2m~5A zL>`qi7C&`z!OYzUwyocq*mA(B{A=3cCBpJvGOCmFnVfS7DMEH`=uCcd*E{|S{6F1N zta2ao-g#Qh!CjkiZ^pD6lH9YBA6?_Cv7I(~Tan_bT=v}`R=XPdC}*fIayq0Pm(hF2 VttfM{9CInBpnDq+gAhM6KL8)pfVThu diff --git a/testfiles/suit_manifest_expED.md b/testfiles/suit_manifest_expED.md index 83f28b7..657ae91 100644 --- a/testfiles/suit_manifest_expED.md +++ b/testfiles/suit_manifest_expED.md @@ -39,7 +39,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'6A1D9F42E7B4047D2F54046019AE3ED43A8ACC467AC16576B17D6F8E633042D2' + / digest-bytes: / h'09038B29229C8FED40DA96BB8CB6E55AF54CA3987D186CCB768F5B34D3DA2B28' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -47,7 +47,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'DF493BDBF167EFFB40593C5910D33B66429721467DF05800EA66A88B91729CD51007981F151FC324745FF43E6F75AAF5197DD5EC4AA6BCEFCE43E4B1E35C948E' + / signature: / h'956DA9194ABCC637D2853AE69ACB10D522CA587449861342167EE7815AB672A7C454CB6A392B47D2221F445D089EA1F75BCA084A8D78492F6B5D1254EC77F7F7' ]) >> ] >>, / manifest / 3: << { @@ -68,7 +68,7 @@ / manifest-component-id / 5: [ 'dependent-manifest.suit' ], - / install / 17: << [ + / install / 20: << [ / NOTE: set SUIT_Encryption_Info / / directive-set-component-index / 12, 0 / ['decrypted-firmware'] /, / directive-override-parameters / 20, { @@ -107,7 +107,7 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / algorithm-id / -16 / SHA256 /, - / digest-bytes / h'1051324059C5193317CAC9A099BBC0B6AFB56184C04277F566A3A4131F4A1C25' + / digest-bytes / h'4B15C90FBD776A820E7E733DF040D90B356B5C75982ECAECE8673818179BDF16' ] >>, / parameter-image-size / 14: 247, / parameter-uri / 21: "#dependency-manifest" @@ -122,7 +122,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'1051324059C5193317CAC9A099BBC0B6AFB56184C04277F566A3A4131F4A1C25' + / digest-bytes: / h'4B15C90FBD776A820E7E733DF040D90B356B5C75982ECAECE8673818179BDF16' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -130,7 +130,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'55990F3745DC4F200FF946643A6DE30DDCE57B080B7D68DE9896D8190B9A63E2D60E7C3D9693B67221AA6D07BBF0AB45314C236827A242C22B5E688DDC467269' + / signature: / h'2B1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3AABAAD56CBCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285DCC978382F62CC' ]) >> ] >>, / manifest / 3: << { @@ -157,7 +157,7 @@ / validate / 7: << [ / condition-image-match / 3, 15 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 0 / ['decrypted-firmware'] /, / directive-write / 18, 15 @@ -181,30 +181,30 @@ D86BA401589E8181589AD28443A10126A0584FA108A101A4010220012158 ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D 314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715C C10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D -06CA2298CD1A95519AAE4C4B5315025873825824822F58206A1D9F42E7B4 -047D2F54046019AE3ED43A8ACC467AC16576B17D6F8E633042D2584AD284 -43A10126A0F65840DF493BDBF167EFFB40593C5910D33B66429721467DF0 -5800EA66A88B91729CD51007981F151FC324745FF43E6F75AAF5197DD5EC -4AA6BCEFCE43E4B1E35C948E03590170A501010201035837A201A101A101 +06CA2298CD1A95519AAE4C4B5315025873825824822F582009038B29229C +8FED40DA96BB8CB6E55AF54CA3987D186CCB768F5B34D3DA2B28584AD284 +43A10126A0F65840956DA9194ABCC637D2853AE69ACB10D522CA58744986 +1342167EE7815AB672A7C454CB6A392B47D2221F445D089EA1F75BCA084A +8D78492F6B5D1254EC77F7F703590170A501010201035837A201A101A101 815818646570656E64656E63792D6D616E69666573742E73756974028181 526465637279707465642D6669726D77617265058157646570656E64656E -742D6D616E69666573742E73756974115901138E0C0014A212582E344FA2 +742D6D616E69666573742E73756974145901138E0C0014A212582E344FA2 D5AD2F43F6F363DA6FF2C337FE69E33E3D63714D23985BF02499EB0E8B23 1D45C378245DA3611C160CC511135890D8608443A10101A10550DAE613B2 E0DC55F4322BE38BDBA9DC68F6818344A101381CA220A401022001215820 FF6E266DABAF51B7207569E31CF72646183E94CEE64FCDC8695AD9A505AE FDEA2258205FBC4A29844450B3AC22AB30C7F7004BB59D8BD60D7997734A 9FA0124B65089504456B69642D325818B0E21628283F3E409F8158D8FFCA -567F340E379AC39E49C90C0114A3035824822F58201051324059C5193317 -CAC9A099BBC0B6AFB56184C04277F566A3A4131F4A1C250E18F715742364 +567F340E379AC39E49C90C0114A3035824822F58204B15C90FBD776A820E +7E733DF040D90B356B5C75982ECAECE8673818179BDF160E18F715742364 6570656E64656E63792D6D616E6966657374150F070F0B0F742364657065 6E64656E63792D6D616E696665737458F7D86BA2025873825824822F5820 -1051324059C5193317CAC9A099BBC0B6AFB56184C04277F566A3A4131F4A -1C25584AD28443A10126A0F6584055990F3745DC4F200FF946643A6DE30D -DCE57B080B7D68DE9896D8190B9A63E2D60E7C3D9693B67221AA6D07BBF0 -AB45314C236827A242C22B5E688DDC46726903587BA601010201035849A2 +4B15C90FBD776A820E7E733DF040D90B356B5C75982ECAECE8673818179B +DF16584AD28443A10126A0F658402B1B9C4E44E52863A78F73DA2A935823 +B28AEAE6A85CADAC4C4E3AABAAD56CBCE5A47D288F86B54D0186657E972E +748B48CDB1D420FBAC1285DCC978382F62CC03587BA601010201035849A2 028181526465637279707465642D6669726D7761726504582F840C0014A2 035824822F582036921488FE6680712F734E11F58D87EEB66D4B21A8A1AD 3441060814DA16D50F0E181E05815818646570656E64656E63792D6D616E -69666573742E73756974074382030F1147860C00120F030F +69666573742E73756974074382030F1447860C00120F030F ~~~~ diff --git a/testfiles/suit_manifest_expEW.cbor b/testfiles/suit_manifest_expEW.cbor index a767d386fb103ad8f323ead46904db31ca986da5..aa0fbda5378a9f72f4a74d74f0284c39c8a93584 100644 GIT binary patch delta 140 zcmV;70CWH70_XyN*lVH!SaX6{B!VwkAX^jvZc3bsQI@&jH^47LbINW6o{=pnBYu-o zUkKBC(pXB;ghQbLCZP6MKz}C^8l5gOr{`Tgz{EM}Og2n-V|8AzzD@{BzM^aEJzqyYhue;WZ5k(

3OZ!~ delta 140 zcmV;70CWH70_XyN*lVH!SaX6{B!VwkAkOeKB0YaBIo5WEX_d6?PJ$t`wnghQbLCZP6MKxO5ctBN(f=~Q%BF>M@npZhH8FifAe6&_rQh@b+ZlEt{j uJb|^W3ga0_wh)6(63g4Nbv~jYR7+>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'65E59AAB8A35BDE9547458316D1C769FFB2CEA304C9FB6151E5C8A88A002A292C5B8C63C81B5AC0AE31948B610834E12CBDBB2753EA221544B6733076A92EE20' + / signature: / h'7F27121A9D2E32E3DB125E6B137E5DE7339D7B8B442E68B719BFCE099504490F9E8A5E83CB06764C47B904F9FDEE152C6698A9080C132B1948A8ADF28C3D04F4' ]) >> ] >>, / manifest / 3: << { @@ -34,7 +34,7 @@ ['decrypted-firmware'] ] } >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 0 / ['plaintext-firmware'] /, / directive-override-parameters / 20, { / parameter-content / 18: h'344FA2D5AD2F43F6F363DA6FF2C337FE69E33E3D63714D23985BF02499EB0E8B231D45C378245DA3611C160CC511', @@ -77,12 +77,12 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F5820CEF034223D7F2C39D676876995B4ED4E82 -21AC5BF184B6606EE62C41C149C266584AD28443A10126A0F6584065E59A -AB8A35BDE9547458316D1C769FFB2CEA304C9FB6151E5C8A88A002A292C5 -B8C63C81B5AC0AE31948B610834E12CBDBB2753EA221544B6733076A92EE -200358ECA4010102010357A1028181526465637279707465642D6669726D -776172651158CB860C0014A212582E344FA2D5AD2F43F6F363DA6FF2C337 +D86BA2025873825824822F58205B13FF6E4A9C8B5196B9E037C02F4373CA +6E049E912D29237E93525F08D37BD2584AD28443A10126A0F658407F2712 +1A9D2E32E3DB125E6B137E5DE7339D7B8B442E68B719BFCE099504490F9E +8A5E83CB06764C47B904F9FDEE152C6698A9080C132B1948A8ADF28C3D04 +F40358ECA4010102010357A1028181526465637279707465642D6669726D +776172651458CB860C0014A212582E344FA2D5AD2F43F6F363DA6FF2C337 FE69E33E3D63714D23985BF02499EB0E8B231D45C378245DA3611C160CC5 11135890D8608443A10101A10550DAE613B2E0DC55F4322BE38BDBA9DC68 F6818344A101381CA220A401022001215820FF6E266DABAF51B7207569E3 diff --git a/testfiles/suit_manifest_expI.cbor b/testfiles/suit_manifest_expI.cbor index cff82f0fd3f1a96d3ae4ecc86f820977b497a75f..f4e66b65418771adb2704443a8724881630ebd17 100644 GIT binary patch delta 141 zcmV;80CNA~0^tIGqXJlSf>hGl8(J@@-g4Ty0z vd!xrT5~6ILIfSI*EUHWU&V<~o1v##VzMVY-Sk9&a0RjV&f3yJcF#WR delta 141 zcmV;80CNA~0^tIGqXJlSf>6UaLy diff --git a/testfiles/suit_manifest_expI.md b/testfiles/suit_manifest_expI.md index 87cc0eb..86efcaa 100644 --- a/testfiles/suit_manifest_expI.md +++ b/testfiles/suit_manifest_expI.md @@ -11,7 +11,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'526A85341DE35AFA4FAF9EDDDA40164525077DC45DFBE25785B9FF40683EE881' + / digest-bytes: / h'CEDB0457952F7DD0A33FA4692F73BC833A6A6E2300B16F6605993F0192E3F219' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -19,7 +19,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'4B57A8102D0D86B83BA0368E118917D87DBF7815DC31B19DEB7E154F3D191A1434ADFAE27D5AED39C07A2A4B2A0D78031E73B23D679507C4953DD9E00CA7E541' + / signature: / h'71E3869E4E134A78C95D7ED81F5911FEA4F189EC33C0F6474C866569ED3DF7FB4E0D8871367BA3C73612A26C9E3984A4E22CAA4BFBCE84DCAC0539AE87BE9D3D' ]) >> ] >>, / manifest / 3: << { @@ -54,7 +54,7 @@ h'8D82573A926D4754935332DC29997F74', / tc-uuid / 'suit' ], - / install / 17: << [ + / install / 20: << [ / directive-override-parameters / 20, { / uri / 21: "#tc" }, @@ -74,16 +74,16 @@ {: numbered='no'} ~~~~ -A3025873825824822F5820526A85341DE35AFA4FAF9EDDDA40164525077D -C45DFBE25785B9FF40683EE881584AD28443A10126A0F658404B57A8102D -0D86B83BA0368E118917D87DBF7815DC31B19DEB7E154F3D191A1434ADFA -E27D5AED39C07A2A4B2A0D78031E73B23D679507C4953DD9E00CA7E54103 +A3025873825824822F5820CEDB0457952F7DD0A33FA4692F73BC833A6A6E +2300B16F6605993F0192E3F219584AD28443A10126A0F6584071E3869E4E +134A78C95D7ED81F5911FEA4F189EC33C0F6474C866569ED3DF7FB4E0D88 +71367BA3C73612A26C9E3984A4E22CAA4BFBCE84DCAC0539AE87BE9D3D03 58CEA601010203035884A20281844B544545502D44657669636548536563 7572654653508D82573A926D4754935332DC29997F744274610458548614 A40150C0DDD5F15243566087DB4F5B0AA26C2F0250DB42F7093D8C55BAA8 C5265FC5820F4E035824822F58208CF71AC86AF31BE184EC7A05A411A8C3 A14FD9B77A30D046397481469468ECE80E14010F020F05844B544545502D 446576696365485365637572654653508D82573A926D4754935332DC2999 -7F744473756974114C8614A11563237463150F030F1818448218210F6323 +7F744473756974144C8614A11563237463150F030F1818448218210F6323 74635448656C6C6F2C2053656375726520576F726C6421 ~~~~ diff --git a/testfiles/suit_manifest_expS0.cbor b/testfiles/suit_manifest_expS0.cbor index 5295aca40012765c83ef32c6131d88602932058b..1d4ac4cd6354ccdf152598fdd0b3510b64f1e99e 100644 GIT binary patch delta 156 zcmV;N0Av5Y0loo$*lVH!SaX6{B!VwkAP)k{_S5DWAk%B}&Zqcdp*y(y9|^bH*b*jP%^ghQbLCZP6MK+teLp_Abwfu?Wz-tzF2ml4n4UeYos7}q@+^1Im^<;5=+ z1hia0UY4+AFFi@J*T&3*Si_GZ+FBZe<~^RASR?4Sggccz@uBE zh_OB|QCLdSghQbLCZP6MKvu6K`|_FrS-BCl`i90c49XtBI1p&BVhiiStRTDdxyV)r zQI1nnxBOtpx$tCyy}r>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'56AF23FBF29A0159B911B5FA86C6330CCA1EC0381068AF620BEBC2AC20BBF3B9C85607518E5353B7FC60C8B9F06482BDBED085B4A1E71E0C21516F8680EBC482' + / signature: / h'D0703EA193E12381A66FFADEF2F0949711CFE05ED2322818D73D19F2BBD91BE5C52F1604B45C405E96B0642F3D49B2D7C6E3B2C0B40030BDDFBD27AF930B1F8B' ]) >> ] >>, / manifest / 3: << { @@ -43,7 +43,7 @@ }, / directive-invoke / 23, 15 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-override-parameters / 20, { / parameter-content / 18: 'hello world' }, @@ -58,11 +58,11 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F58206EA128D7BB19B86F77C4227F2A29F22026 -A41958ACC45CC0A35BA388B13E2F51584AD28443A10126A0F6584056AF23 -FBF29A0159B911B5FA86C6330CCA1EC0381068AF620BEBC2AC20BBF3B9C8 -5607518E5353B7FC60C8B9F06482BDBED085B4A1E71E0C21516F8680EBC4 -82035842A6010102000347A102818142303005814E646570656E64656E74 -2E73756974094D8414A11746636174203030170F11528414A1124B68656C +D86BA2025873825824822F58200F02CAF6D3E61920D36BF3CEA7F862A13B +B8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F65840D0703E +A193E12381A66FFADEF2F0949711CFE05ED2322818D73D19F2BBD91BE5C5 +2F1604B45C405E96B0642F3D49B2D7C6E3B2C0B40030BDDFBD27AF930B1F +8B035842A6010102000347A102818142303005814E646570656E64656E74 +2E73756974094D8414A11746636174203030170F14528414A1124B68656C 6C6F20776F726C64120F ~~~~ diff --git a/testfiles/suit_manifest_expS1.cbor b/testfiles/suit_manifest_expS1.cbor index 46a5f11cac971ff27a7845c3e3b72dfe657ca5ef..e12d4a7cabee55a40824aace55c76b114f5b600e 100644 GIT binary patch delta 159 zcmV;Q0AT;%0^kCWu73{#%J$Rd86eYZ^UkOEVxc>@`yUCz^un7GAL_S`^VnEQ(u6~y z0VbgKSU`0VAK;x5a%>6k%7?Qn9-3{TC*g6{btgl9VP|AmGIs~e0fpF1mBh*HcjzUH zGl7Em+8d_nMY+LLp-^V}$SVE=&0RjL6N1+0NfkH4a1(PiS9~2Z)gcP9?OK4?m NY;PcUZ*pv85)WZ0MjrqG delta 159 zcmV;Q0AT;%0^kCWu77T!DA&6gxNmpFB7Z6=@*pOp8Ca~uT)?ASqlmFSFHu-Z(u6~y z0VbgKSU{QiNdz|m*S)$pkV*?l@C4r0wn|9=-pX8Nu8N+zku`SS@iw>, - / install / 17: << [ + / install / 20: << [ / directive-override-parameters / 20, { / parameter-content / 18: 'hello world' }, @@ -89,11 +89,11 @@ D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158 ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D 314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715C C10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D -06CA2298CD1A95519AAE4C4B5315025874835824822F58206EA128D7BB19 -B86F77C4227F2A29F22026A41958ACC45CC0A35BA388B13E2F51584AD284 -43A10126A0F6584099F949043701D7BDBA38904A0B49F004DED6B64A4900 -DECA5C66AE8A9EBA913576DEF136B74EA89C14FA64624DBD33B4C0BB41C1 -53CA51548C73FF71A2BAF27440035842A6010102000347A1028181423030 +06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E6 +1920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD284 +43A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D6 +7527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1B +A7014AD0E26D6C5BEC29DFC740035842A6010102000347A1028181423030 05814E646570656E64656E742E73756974094D8414A11746636174203030 -170F11528414A1124B68656C6C6F20776F726C64120F +170F14528414A1124B68656C6C6F20776F726C64120F ~~~~ diff --git a/testfiles/suit_manifest_expS2.cbor b/testfiles/suit_manifest_expS2.cbor index 40dcdecd07f778a04b912e4beadf8d10c84d286d..0f5dda478a88bf2adbcf93c06e8d119590e463d3 100644 GIT binary patch delta 223 zcmV<503iSN0`>xb*lVH!SaX6{B!VwkAl&mr&h|WEQWLgm=K8dVfzeb3p60zw(Sab7 zRA#CrrvU+xe^nsN7g+Ww(#_F^nAM_r zwKB&5Is-8ycPYjM?r+oc+f!eW^eitFSW}J+0TiJFSR{fkSRfAq%J$Rd86eYZ^UkOE ZVxc>@`yUCz^un7GAL_S`^VpM50VjlXXe0mt delta 223 zcmV<503iSN0`>xb*lVH!SaX6{B!VwkAV_qr$O@4tqOt{lU*()d`0Ws>znoJD{P|J1 zyRSn_l~_vBghQbLCZP6MK*CqzIy9CG;uX7_l6qP^?%iiy{eiA-RiJU zajm&xrcA&HuK7k?q7^*PI6nZj1@L*>R1aji76VxNrvU+xe^nrCh9ql{)>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'C257E23A34960BE215BB9B927A5A3CEEDD675DFD81AE6E55A66FDD22098868891DF42D71ADB962A64CC008AEF9465DA2153CCF383F00B505F079DB540F64B916' + / signature: / h'F86311478A7DCD474700B052CAF14A757CE00709404113B390218E93AE319D564127C4DC3D58CC143FFFB8657E294AA7936B93F51D4A78209479FA66E3186789' ]) >> ] >>, / manifest / 3: << { @@ -56,7 +56,7 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'6C86246B90D644F021671F6D42523B2CB5E156F764BE618AA46BFCD0DB23E768' + / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' ] >>, / parameter-image-size / 14: 352, / parameter-uri / 21: "http://example.com/dependent.suit" @@ -64,12 +64,12 @@ / directive-fetch / 21, 2, / condition-image-match / 3, 15 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 1, / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'6EA128D7BB19B86F77C4227F2A29F22026A41958ACC45CC0A35BA388B13E2F51' + / digest-bytes: / h'0F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8' ] >> }, / condition-dependency-integrity / 7, 15, @@ -90,17 +90,17 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F58204874ADC80A9128A2B2057F5FE59C45F8ED -10A9BF9C5308FCF951B8BBAF434B95584AD28443A10126A0F65840C257E2 -3A34960BE215BB9B927A5A3CEEDD675DFD81AE6E55A66FDD22098868891D -F42D71ADB962A64CC008AEF9465DA2153CCF383F00B505F079DB540F64B9 -160358FAA70101020003581CA201A101A101814E646570656E64656E742E +D86BA2025873825824822F5820DCF344CEF63C615213B669E6FAB48881D1 +54069EE6BD4CD18120935466AA3978584AD28443A10126A0F65840F86311 +478A7DCD474700B052CAF14A757CE00709404113B390218E93AE319D5641 +27C4DC3D58CC143FFFB8657E294AA7936B93F51D4A78209479FA66E31867 +890358FAA70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E73756974095286 0C0014A11749636174203030203130170F0F5858880C0114A3035824822F -58206C86246B90D644F021671F6D42523B2CB5E156F764BE618AA46BFCD0 -DB23E7680E190160157821687474703A2F2F6578616D706C652E636F6D2F -646570656E64656E742E737569741502030F1158538E0C0114A103582482 -2F58206EA128D7BB19B86F77C4227F2A29F22026A41958ACC45CC0A35BA3 -88B13E2F51070F0B000C0014A112581A20696E206D756C7469706C652074 +5820CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3 +F3DB535F0E190160157821687474703A2F2F6578616D706C652E636F6D2F +646570656E64656E742E737569741502030F1458538E0C0114A103582482 +2F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121F +EAB78EF3D8070F0B000C0014A112581A20696E206D756C7469706C652074 7275737420646F6D61696E73120F ~~~~ diff --git a/testfiles/suit_manifest_expS3.cbor b/testfiles/suit_manifest_expS3.cbor index 65d45dc5605dd5902fca58d47c1d67ecea7052ae..bb68986775eb417ae9e115e39a4e303adb6fa6e7 100644 GIT binary patch delta 351 zcmV-l0igb?1*-*r*lVK#SaX6{B!VwkAnUv@tfMig#FrbEnN`Mp^~Z$h$DpZso&Yj@ zf1JGbE?7#^ghQbLCZP6MK#CGTD;4d+#X>j?q>%I`x3a}Whe|RnvyifVfqw1qJ>%Tk z_S`jFL`RQCvQ~rG68mQ?W~|Mcj-fiz30y40(gRq$rvU+xe^oln7g+Ww(#_F^nAM_r zwKB&5Is-8ycPYjM?r+oc+f!c-83AAwZzE)7aAj^}Wo~pXb9HHS6#@ef6q61C>wgad z%J$Rd86eYZ^UkOEVxc>@`yUCz^un7GAL_S`^VnEQ(u6~y0VbgKSU`0VAK;x5a%>6k z%7?Qn9-3{TC*g6{btgl9VP|AmGIs~e0fpF1mBh*HcjzUHGl7Em+8d_nMY+LLp x-^V}$SVE=&0RjL6N1+0NfkH4a1(SFJ9~2Z)gcP9?OK4?mY;PcUZ*pv85)VZ;o`V1Y delta 351 zcmV-l0igb?1*-*r*lVK#SaX6{B!VwkATf@uUuPO^C6m{!x3G?hkUlq)APf>b7nI?Z!i^QW7OTR7}InNZmm z*DY0shJ26pjP-(h3@enCBU!_j9lsze2Xtb6!vk2nrvU+xe^okch9ql{)wj*c zDA&6gxNmpFB7Z6=@*pOp8Ca~uT)?ASqlmFSFHu-Z(u6~y0VbgKSU{QiNdz|m*S)$p zkV*?l@C4r0wn|9=-pX8Nu8N+zku`SS@iw>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'287D5AAB44D08A34954663942B2732825426893ACD735BF3A79B8B5B38EC3C9950D917D72D5586867C8FF58CF5827B0C2B94952359C3971DBF202B0774627DC3' + / signature: / h'8A12402B15EDC2C542380CA490F426B7B2C545874A322DB390B27D817EEDF03DE3DCDAF6DC355B44478F46B25683D812FB672C66ACCD9A8EA13AD2095C2CC3D2' ]) >> ] >>, / manifest / 3: << { @@ -56,7 +56,7 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'6C86246B90D644F021671F6D42523B2CB5E156F764BE618AA46BFCD0DB23E768' + / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' ] >>, / parameter-image-size / 14: 352, / parameter-uri / 21: "#dependent.suit" @@ -64,7 +64,7 @@ / directive-fetch / 21, 2, / condition-image-match / 3, 15 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 1, / directive-process-dependency / 11, 0, @@ -75,7 +75,7 @@ / directive-write / 18, 15 ] >> } >>, - "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58206EA128D7BB19B86F77C4227F2A29F22026A41958ACC45CC0A35BA388B13E2F51584AD28443A10126A0F6584099F949043701D7BDBA38904A0B49F004DED6B64A4900DECA5C66AE8A9EBA913576DEF136B74EA89C14FA64624DBD33B4C0BB41C153CA51548C73FF71A2BAF27440035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F11528414A1124B68656C6C6F20776F726C64120F' + "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' }) ~~~~ @@ -84,15 +84,15 @@ {: numbered='no'} ~~~~ -D86BA3025873825824822F5820318EAD5F671A6D2593D7ADB7B6CCADC49F -72704507004F297A25AF16A48A2111584AD28443A10126A0F65840287D5A -AB44D08A34954663942B2732825426893ACD735BF3A79B8B5B38EC3C9950 -D917D72D5586867C8FF58CF5827B0C2B94952359C3971DBF202B0774627D -C30358BCA70101020003581CA201A101A101814E646570656E64656E742E +D86BA3025873825824822F5820EBBC2FACA331A8C4971B969955C67DF5C7 +84E8C7A0A9799E00327C7F9CBCF62E584AD28443A10126A0F658408A1240 +2B15EDC2C542380CA490F426B7B2C545874A322DB390B27D817EEDF03DE3 +DCDAF6DC355B44478F46B25683D812FB672C66ACCD9A8EA13AD2095C2CC3 +D20358BCA70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E73756974095286 0C0014A11749636174203030203130170F0F5845880C0114A3035824822F -58206C86246B90D644F021671F6D42523B2CB5E156F764BE618AA46BFCD0 -DB23E7680E190160156F23646570656E64656E742E737569741502030F11 +5820CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3 +F3DB535F0E190160156F23646570656E64656E742E737569741502030F14 58288A0C010B000C0014A112581A20696E206D756C7469706C6520747275 737420646F6D61696E73120F6F23646570656E64656E742E737569745901 60D86BA301589E8181589AD28443A10126A0584FA108A101A40102200121 @@ -100,11 +100,11 @@ DB23E7680E190160156F23646570656E64656E742E737569741502030F11 03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D7 1D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F79871 5CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B8 -2D06CA2298CD1A95519AAE4C4B5315025874835824822F58206EA128D7BB -19B86F77C4227F2A29F22026A41958ACC45CC0A35BA388B13E2F51584AD2 -8443A10126A0F6584099F949043701D7BDBA38904A0B49F004DED6B64A49 -00DECA5C66AE8A9EBA913576DEF136B74EA89C14FA64624DBD33B4C0BB41 -C153CA51548C73FF71A2BAF27440035842A6010102000347A10281814230 +2D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3 +E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD2 +8443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171 +D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA +1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A10281814230 3005814E646570656E64656E742E73756974094D8414A117466361742030 -30170F11528414A1124B68656C6C6F20776F726C64120F +30170F14528414A1124B68656C6C6F20776F726C64120F ~~~~ diff --git a/testfiles/suit_manifest_expS4.cbor b/testfiles/suit_manifest_expS4.cbor index 820218ebec07b24611feeed7636f45e1420a5f4d..26ad3cff2ca6cc9aae3162c43222f9f3331edaf7 100644 GIT binary patch delta 330 zcmV-Q0k!_v1=t0D*lVK#SaX6{B!VwkAQ(0Llle#?q==iRbo`Lh(ByAMXMCOw6J_q~ z;1Oj>4_HdlghQbLCZP6MKwaJKE<*hhko9Fri0%beb%6A`wo0vxI$C}>aHz(&(Ndem zn5nUb_o!RH!E2)(eUl$cHlW0$A-apFP(-6$ZUb29rvU+xe_$ZY7g+Ww(#_F^nAM_r zwKB&5Is-8ycPYjM?r+oc+f!eW|2qK`lRE+He-8r6_S5DWAk%B}&Zqcdp*y(y9|^bH*b*jP%^ghQbLCZP6MKy?ux;GGh3YzgqnhqEglnr)#c;c?b=CqsT=XJlA1 zcL&S?h1g7$#L4V;=p~CYfr9wj8>azE(Bf@uTkI*{$3O#ELZ$%$0ssR?p#p({LNG7| clcfS56ckc~6rmDJXk~0{ZypF delta 330 zcmV-Q0k!_v1=t0D*lVK#SaX6{B!VwkAPsMy3yoV}5=Zb;N6L6Isy>&7le^zpsq^yN zjhRIp>{v?DghQbLCZP6MK-ZcSJs^g?x)%*TOmhS9R*!njS33Jfpo9dTjuqMEGCUlF z4gXzpZ%M11YSb(q+Ty;(Eg6lLES;Z7FfE-Numf1>rvU+xe_$YNh9ql{)w7|PT!BfgnRE%@~aiY5NbU*`GLZ$%$0ssR?p#p({LNG7| clcfS56cJK{6rmDJXk~0{Zy>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'D79A143D2086BDBA170D3E4C7303F0568F7ACC573AFB46A084049E8E15D9E5323C1C840DFF5D736F49AB9C6AD42C1EDAE2BEC62D198D962C9D9F48302D9D1CB0' + / signature: / h'5DDDED2E42FD1290F5654988EE05567580F4BAB64AAD8C3A5A7E3870A8C6B7D1529BC598A9B186F7A85BBFC16BA31D7D931F4B36A0C4A421BA8BA75044A35D6E' ]) >> ] >>, / manifest / 3: << { @@ -64,7 +64,7 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'6C86246B90D644F021671F6D42523B2CB5E156F764BE618AA46BFCD0DB23E768' + / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' ] >>, / parameter-image-size / 14: 352, / parameter-uri / 21: "#dependent.suit", @@ -73,7 +73,7 @@ / directive-fetch / 21, 2, / condition-image-match / 3, 15 ] >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 1, / directive-process-dependency / 11, 0, @@ -84,7 +84,7 @@ / directive-write / 18, 15 ] >> } >>, - "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58206EA128D7BB19B86F77C4227F2A29F22026A41958ACC45CC0A35BA388B13E2F51584AD28443A10126A0F6584099F949043701D7BDBA38904A0B49F004DED6B64A4900DECA5C66AE8A9EBA913576DEF136B74EA89C14FA64624DBD33B4C0BB41C153CA51548C73FF71A2BAF27440035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F11528414A1124B68656C6C6F20776F726C64120F' + "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' }) ~~~~ @@ -93,17 +93,17 @@ {: numbered='no'} ~~~~ -D86BA3025873825824822F58200D6F9F0B8D5B5F1247F05347CA7832AA3E -978693BBDF59A9F3F2DB8D99451CEC584AD28443A10126A0F65840D79A14 -3D2086BDBA170D3E4C7303F0568F7ACC573AFB46A084049E8E15D9E5323C -1C840DFF5D736F49AB9C6AD42C1EDAE2BEC62D198D962C9D9F48302D9D1C -B00358E9A70101020003581CA201A101A101814E646570656E64656E742E +D86BA3025873825824822F58201835FC93F94821A4889BA774FC90D3D0E4 +6F46677C9E0D1365EEECE01165490F584AD28443A10126A0F658405DDDED +2E42FD1290F5654988EE05567580F4BAB64AAD8C3A5A7E3870A8C6B7D152 +9BC598A9B186F7A85BBFC16BA31D7D931F4B36A0C4A421BA8BA75044A35D +6E0358E9A70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E7375697409581C 840CF50F82458408000B00508414A11749636174203030203130170F0F58 -67880C0114A4035824822F58206C86246B90D644F021671F6D42523B2CB5 -E156F764BE618AA46BFCD0DB23E7680E190160156F23646570656E64656E +67880C0114A4035824822F5820CC1758F629D2CDD18698D5A279B532C700 +3A0331237729C604EE6FD3F3DB535F0E190160156F23646570656E64656E 742E73756974181E581E436F6E74656E742D547970653A206170706C6963 -6174696F6E2F63626F721502030F1158288A0C010B000C0014A112581A20 +6174696F6E2F63626F721502030F1458288A0C010B000C0014A112581A20 696E206D756C7469706C6520747275737420646F6D61696E73120F6F2364 6570656E64656E742E73756974590160D86BA301589E8181589AD28443A1 0126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652 @@ -111,11 +111,11 @@ C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB4 90BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF 66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64 E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315 -025874835824822F58206EA128D7BB19B86F77C4227F2A29F22026A41958 -ACC45CC0A35BA388B13E2F51584AD28443A10126A0F6584099F949043701 -D7BDBA38904A0B49F004DED6B64A4900DECA5C66AE8A9EBA913576DEF136 -B74EA89C14FA64624DBD33B4C0BB41C153CA51548C73FF71A2BAF2744003 +025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F +09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12 +726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185 +D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC74003 5842A6010102000347A102818142303005814E646570656E64656E742E73 -756974094D8414A11746636174203030170F11528414A1124B68656C6C6F +756974094D8414A11746636174203030170F14528414A1124B68656C6C6F 20776F726C64120F ~~~~ diff --git a/testfiles/suit_manifest_expU.cbor b/testfiles/suit_manifest_expU.cbor index 6eebfaa..e87ec09 100644 --- a/testfiles/suit_manifest_expU.cbor +++ b/testfiles/suit_manifest_expU.cbor @@ -1,4 +1,2 @@ -¢Xs‚X$‚/X ïSÇ÷Ë3… -ã!bÎÉR‰$æV`vˆç{ÁH† XJÒ„C¡& öX@~6žHYG?½óÖ1*¨”6´äx/Êw¤’ÅŠrRêBÂ=r.xz¢5µ]¾aÝøño•n¹U -¿‘eÝY¦X„¢„KTEEP-DeviceHSecureFSP‚W:’mGT“S2Ü)™tBtaXT†¤PÀÝÕñRCV`‡ÛO[ -¢l/PÛB÷ =ŒUº¨Å&_Å‚NX$‚/X Œ÷Èjóá„ìz¤¨Ã¡OÙ·z0ÐF9tF”hìè„KTEEP-DeviceHSecureFSP‚W:’mGT“S2Ü)™tDsuitXE†¡x;https://example.org/8d82573a-926d-4754-9353-32dc29997f74.taD‚! \ No newline at end of file +¢Xs‚X$‚/X ³›R°·GêyXŒV{ü,„7ºŠs÷ê˜1‚çŸHÕ›XJÒ„C¡& öX@€åJ´…³ ¦Tfcb’‹꪿æ•{Ëeñj6~Kˆ‹ÿÛÖ÷ê(’ú6ú¢üµÛþɃ. ¹ÙÍ4Š·~%útY¦X„¢„KTEEP-DeviceHSecureFSP‚W:’mGT“S2Ü)™tBtaXT†¤PÀÝÕñRCV`‡ÛO[ +¢l/PÛB÷ =ŒUº¨Å&_Å‚NX$‚/X Œ÷Èjóá„ìz¤¨Ã¡OÙ·z0ÐF9tF”hìè„KTEEP-DeviceHSecureFSP‚W:’mGT“S2Ü)™tDsuitXE†¡x;https://example.org/8d82573a-926d-4754-9353-32dc29997f74.taD‚! \ No newline at end of file diff --git a/testfiles/suit_manifest_expU.md b/testfiles/suit_manifest_expU.md index 9b7713c..24efa82 100644 --- a/testfiles/suit_manifest_expU.md +++ b/testfiles/suit_manifest_expU.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'EF53C7F719CB10041233850AE3211D62CEC9528924E656607688E77BC14886A0' + / digest-bytes: / h'B39B52B0B747EA79588C190F567BFC2C8437BA8A73F7EA983182E79F0148D59B' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'7E367F9E124859473FBDF3D6312AA8943617B41AE4782FCA0E77A492C51F8A7252EA42C23D722E787AA235B5175DBE61DDF8F16F956E0317B9550A04BF9165DD' + / signature: / h'80E54AB485B320A61654666362928B15EAAABFE6957B1BCB65F16A367E4B19888BFFDBD6F7EA2892FA36FA18A2FCB5DBFEC9832E09B91ED9CD348AB77E25FA74' ]) >> ] >>, / manifest / 3: << { @@ -58,7 +58,7 @@ h'8D82573A926D4754935332DC29997F74', / tc-uuid / 'suit' ], - / install / 17: << [ + / install / 20: << [ / directive-override-parameters / 20, { / parameter-uri / 21: "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.ta" }, @@ -77,17 +77,17 @@ {: numbered='no'} ~~~~ -A2025873825824822F5820EF53C7F719CB10041233850AE3211D62CEC952 -8924E656607688E77BC14886A0584AD28443A10126A0F658407E367F9E12 -4859473FBDF3D6312AA8943617B41AE4782FCA0E77A492C51F8A7252EA42 -C23D722E787AA235B5175DBE61DDF8F16F956E0317B9550A04BF9165DD03 +A2025873825824822F5820B39B52B0B747EA79588C190F567BFC2C8437BA +8A73F7EA983182E79F0148D59B584AD28443A10126A0F6584080E54AB485 +B320A61654666362928B15EAAABFE6957B1BCB65F16A367E4B19888BFFDB +D6F7EA2892FA36FA18A2FCB5DBFEC9832E09B91ED9CD348AB77E25FA7403 590108A601010203035884A20281844B544545502D446576696365485365 637572654653508D82573A926D4754935332DC29997F7442746104585486 14A40150C0DDD5F15243566087DB4F5B0AA26C2F0250DB42F7093D8C55BA A8C5265FC5820F4E035824822F58208CF71AC86AF31BE184EC7A05A411A8 C3A14FD9B77A30D046397481469468ECE80E14010F020F05844B54454550 2D446576696365485365637572654653508D82573A926D4754935332DC29 -997F7444737569741158458614A115783B68747470733A2F2F6578616D70 +997F7444737569741458458614A115783B68747470733A2F2F6578616D70 6C652E6F72672F38643832353733612D393236642D343735342D39333533 2D3332646332393939376637342E7461150F030F1818448218210F ~~~~ diff --git a/testfiles/suit_manifest_expU0.cbor b/testfiles/suit_manifest_expU0.cbor index 22f2dcee3ea814f7dc7b6933c96fbc1f9341e517..99ceafae9342b472cc47ee05d0ca62f468100d41 100644 GIT binary patch delta 150 zcmV;H0BQfu0nPz`*lVH!SaX6{B!VwkAU;DhzF1OMR+y0iNDQcCD-%<0PFw4=h*Eb% zM_WPl{a8xUghQbLCZP6MK;zcpimlsTgzsBbpt)Mptho#1$>ZF?itUs~qU#dmd&e40Thvq ELHM>p0{{R3 delta 150 zcmV;H0BQfu0nPz`*lVH!SaX6{B!VwkAaQnw*;j*gQb8Mt1t=d}I`!NNawRU;|Le^g zr`qR{d{|1-ghQbLCZP6MK$9wBhl^c-1mWfF_}huOgNdIsomK2`jKAS7D3B-pdnkoK zSeG5Yz2#pbk2oK^NlNLP&p~on1V-l(bM6QFTLV~9qyYgA0ssR^p#p+|K>&e40TGdn EK|KONg8%>k diff --git a/testfiles/suit_manifest_expU0.md b/testfiles/suit_manifest_expU0.md index 19cfb90..45773bb 100644 --- a/testfiles/suit_manifest_expU0.md +++ b/testfiles/suit_manifest_expU0.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'717687D957837552411B8805281F5C3AF5DC0A72252ED7FFEBCD1BA7DAE7917C' + / digest-bytes: / h'3E4334BE58525756989101480CA8642B13536E4E5BEBB488527744475B41F5FD' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'932A62878B5D8104E1E5EDF8DB89B983899F349D55EC708CBFE12E289027FD7B28854058971DBFBDE55F228F381FBC494AE99BCF4172580446E71173EE07FA5B' + / signature: / h'E3D6E28AADDB5E84EF5B55A0B95AD3ACB90BE4C9E3DCBE9026C2586243BA806053C9369B52D8308AED9447A2EB12E47C0646FD8DFA3C24934C20D53785983885' ]) >> ] >>, / manifest / 3: << { @@ -35,7 +35,7 @@ [h'01'] ] } >>, - / install / 17: << [ + / install / 20: << [ / directive-set-component-index / 12, 0, / directive-override-parameters / 20, { / parameter-use-before / 4: 1696291200 / Tue 03 Oct 2023 12:00:00AM /, @@ -75,11 +75,11 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F5820717687D957837552411B8805281F5C3AF5 -DC0A72252ED7FFEBCD1BA7DAE7917C584AD28443A10126A0F65840932A62 -878B5D8104E1E5EDF8DB89B983899F349D55EC708CBFE12E289027FD7B28 -854058971DBFBDE55F228F381FBC494AE99BCF4172580446E71173EE07FA -5B035852A4010102000349A1028281410081410111583F8E0C0014A4041A +D86BA2025873825824822F58203E4334BE58525756989101480CA8642B13 +536E4E5BEBB488527744475B41F5FD584AD28443A10126A0F65840E3D6E2 +8AADDB5E84EF5B55A0B95AD3ACB90BE4C9E3DCBE9026C2586243BA806053 +C9369B52D8308AED9447A2EB12E47C0646FD8DFA3C24934C20D537859838 +85035852A4010102000349A1028281410081410114583F8E0C0014A4041A 651B5980181A0A181B20181C82048201000C011823A1008304181A181B14 A1181C8205830100020CF518204C88040F181A0F181C0F181B0F ~~~~ diff --git a/testfiles/suit_manifest_expU1.cbor b/testfiles/suit_manifest_expU1.cbor index 59ece5282ab784de8db2c486da5f6f8693c4886c..bfae35455c73d45200d34b52353968107a2d8b83 100644 GIT binary patch delta 150 zcmV;H0BQfO0j>dm*lVH!SaX6{B!VwkATVP?jKbXSvZ^K6ldcxU#&e40Thvq EA)LlS8~^|S delta 150 zcmV;H0BQfO0j>dm*lVH!SaX6{B!VwkAlzwwJS7}X1FeJ;pQuQA0`FZSyHi})Y~k-I zg-T`pmRL&CghQbLCZP6MK#z*oL^NrhF>`^5RLqpf@0Ok%WIzB8NCnf(Fp^;HcVuck z&HOegf>KVnhs`Q?HA?HyoR<{qPzAIaLPo7)7z0=`qyYgA0ssR^p#p+|K>&e40TGdn EArdY>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'8F8AD74434699E3173818954CC94C8EF969E1C6440000E4805D3CC309260ED77646A3DCDFC362982524EB887CD2A77354AEBD09C9714EB5005B41A4246AD6318' + / signature: / h'BC6620A01A8526C4DB8FEC103F13FA3D2D91F6B6E14C6FA40919A65D704BD41822F886C06378C0CF54EC38B18A8953A67400665373254E3C8CF74AB0F9AA92B6' ]) >> ] >>, / manifest / 3: << { @@ -35,7 +35,7 @@ [h'01'] ] } >>, - / install / 17: << [ + / install / 20: << [ / directive-override-multiple / 34, { / index / 0: { / parameter-wait-info / 29: << { @@ -62,10 +62,10 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F5820DC697E3C251C4E03AD84139FA8487902EF -5D22BB535CD86CE1EF29854A65FD96584AD28443A10126A0F658408F8AD7 -4434699E3173818954CC94C8EF969E1C6440000E4805D3CC309260ED7764 -6A3DCDFC362982524EB887CD2A77354AEBD09C9714EB5005B41A4246AD63 -18035832A4010102000349A1028281410081410111581F861822A200A118 +D86BA2025873825824822F58203063438CC2DCEFB2AA25D893AE16C5C6B4 +A7ECD87B3A578EEFDA2F760A724F06584AD28443A10126A0F65840BC6620 +A01A8526C4DB8FEC103F13FA3D2D91F6B6E14C6FA40919A65D704BD41822 +F886C06378C0CF54EC38B18A8953A67400665373254E3C8CF74AB0F9AA92 +B6035832A4010102000349A1028281410081410114581F861822A200A118 1D45A20120020A01A1181D47A1061A000143700CF5181D0F ~~~~ From ecd176abab0acde0fe54308da8319111600ed6da Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 02:13:52 +0000 Subject: [PATCH 04/16] del: unlink in suit-install example (now we have suit-uninstall) --- Makefile.parser | 2 +- Makefile.process | 2 +- testfiles/suit_manifest_expR.cbor | Bin 282 -> 0 bytes testfiles/suit_manifest_expR.md | 75 ------------------------------ 4 files changed, 2 insertions(+), 77 deletions(-) delete mode 100644 testfiles/suit_manifest_expR.cbor delete mode 100644 testfiles/suit_manifest_expR.md diff --git a/Makefile.parser b/Makefile.parser index ea9c32e..e6b0d56 100644 --- a/Makefile.parser +++ b/Makefile.parser @@ -45,7 +45,7 @@ $(TARGET): $(OBJS) | ./bin ./obj/%.o: %.c | ./obj/src ./obj/examples $(CC) $(CFLAGS) $(INC) -o $@ -c $< -TEST_NUM := 0 1 2A 2B 3 4 5 U I D R S0 S1 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D S0 S1 S2 S3 S4 U0 U1 EXPS := $(foreach num,$(TEST_NUM),./testfiles/suit_manifest_exp$(num).cbor) define test-one $(TARGET) $1 2 || exit 1 diff --git a/Makefile.process b/Makefile.process index 5bd71d8..8f1ac59 100644 --- a/Makefile.process +++ b/Makefile.process @@ -54,7 +54,7 @@ define test-one endef -TEST_NUM := 0 1 2A 2B 3 4 5 U I D R S0 S1 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D S0 S1 S2 S3 S4 U0 U1 .PHONY: test test: all $(foreach num,$(TEST_NUM),$(call test-one,$(num))) diff --git a/testfiles/suit_manifest_expR.cbor b/testfiles/suit_manifest_expR.cbor deleted file mode 100644 index b59b1c2fc5215ea8ecd5e4b727b1e87830df0fe8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 282 zcmZ3)6j9t1q0*!uq44vD`F6ps<4grK?g$4JRmHa$TNZ%ECT--US(MPm@m(UYA;& z7c#0X_!i+XdsS`r1q~nb`}M60UUsB@{=NSt-zj*=b%i7AvwDu# znN6l0319j*%ioMXUD~EDeCpdSjf*pwBNi-WWMq>54+YE-(TkWGTf9SDT?2GoQp+-v zQ$2!HlS_+I-GT#po5HOo<+_JV4mP@@IkUdRsU(plLc2|55o5rCyH`I3Ifo^*-}aB@ vT9l*D6mZ+=JEv_==<<)#8sf@%u6IGx4($X|PLiX=aI_TMG|^gdzg~K7M#_ diff --git a/testfiles/suit_manifest_expR.md b/testfiles/suit_manifest_expR.md deleted file mode 100644 index a49f9c2..0000000 --- a/testfiles/suit_manifest_expR.md +++ /dev/null @@ -1,75 +0,0 @@ - - -## E.4. Example 4: Unlink a Trusted Component {#suit-unlink} - -~~~~ -/ SUIT_Envelope / { - / authentication-wrapper / 2: << [ - << [ - / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'F9D837B7118A8972360022D51AC5319023D245A76F7504079B9ED01C0B4934F2' - ] >>, - << / COSE_Sign1_Tagged / 18([ - / protected: / << { - / algorithm-id / 1: -7 / ES256 / - } >>, - / unprotected: / {}, - / payload: / null, - / signature: / h'9BAA7D6BD0284C37DF7F85A0E98865F3FC03DE474C69F2A786F0569494DE57B911C245A84105E67F08EB6982358860F48FB31FD95BCB75862713CAF6BA28D198' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 0xFFFFFFFFFFFFFFFF, - / common / 3: << { - / components / 2: [ - [ - 'TEEP-Device', - 'SecureFS', - h'8D82573A926D4754935332DC29997F74', / tc-uuid / - 'ta' - ] - ], - / common-sequence / 4: << [ - / directive-override-parameters / 20, { - / vendor-id / 1: h'C0DDD5F15243566087DB4F5B0AA26C2F' / c0ddd5f1-5243-5660-87db-4f5b0aa26c2f /, - / class-id / 2: h'DB42F7093D8C55BAA8C5265FC5820F4E' / db42f709-3d8c-55ba-a8c5-265fc5820f4e / - }, - / condition-vendor-identifier / 1, 15, - / condition-class-identifier / 2, 15 - ] >> - } >>, - / manifest-component-id / 5: [ - 'TEEP-Device', - 'SecureFS', - h'8D82573A926D4754935332DC29997F74', / tc-uuid / - 'suit' - ], - / install / 17: << [ - / directive-set-component-index / 12, 0, - / directive-unlink / 33, 0 - ] >> - } >> -} -~~~~ - - -### CBOR Binary in Hex -{: numbered='no'} - -~~~~ -A2025873825824822F5820F9D837B7118A8972360022D51AC5319023D245 -A76F7504079B9ED01C0B4934F2584AD28443A10126A0F658409BAA7D6BD0 -284C37DF7F85A0E98865F3FC03DE474C69F2A786F0569494DE57B911C245 -A84105E67F08EB6982358860F48FB31FD95BCB75862713CAF6BA28D19803 -58A0A50101021BFFFFFFFFFFFFFFFF03585BA20281844B544545502D4465 -76696365485365637572654653508D82573A926D4754935332DC29997F74 -42746104582B8614A20150C0DDD5F15243566087DB4F5B0AA26C2F0250DB -42F7093D8C55BAA8C5265FC5820F4E010F020F05844B544545502D446576 -696365485365637572654653508D82573A926D4754935332DC29997F7444 -737569741146840C00182100 -~~~~ From 3872144c7b4c5b1908823031f4258fd2eab172eb Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 02:49:54 +0000 Subject: [PATCH 05/16] update: personalization example for TEEP Protocol --- examples/suit_manifest_process_main.c | 27 +++++++++---------- testfiles/suit_manifest_expD.cbor | Bin 701 -> 701 bytes testfiles/suit_manifest_expD.md | 36 +++++++++++++------------- 3 files changed, 32 insertions(+), 31 deletions(-) diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index 40231ae..aacfbce 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -49,23 +49,23 @@ const uint8_t depend_uri[] = { }; // "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.suit"; const uint8_t depend_suit[] = { 0xA2, 0x02, 0x58, 0x73, 0x82, 0x58, 0x24, 0x82, 0x2F, 0x58, - 0x20, 0xEF, 0x53, 0xC7, 0xF7, 0x19, 0xCB, 0x10, 0x04, 0x12, - 0x33, 0x85, 0x0A, 0xE3, 0x21, 0x1D, 0x62, 0xCE, 0xC9, 0x52, - 0x89, 0x24, 0xE6, 0x56, 0x60, 0x76, 0x88, 0xE7, 0x7B, 0xC1, - 0x48, 0x86, 0xA0, 0x58, 0x4A, 0xD2, 0x84, 0x43, 0xA1, 0x01, - 0x26, 0xA0, 0xF6, 0x58, 0x40, 0x7E, 0x36, 0x7F, 0x9E, 0x12, - 0x48, 0x59, 0x47, 0x3F, 0xBD, 0xF3, 0xD6, 0x31, 0x2A, 0xA8, - 0x94, 0x36, 0x17, 0xB4, 0x1A, 0xE4, 0x78, 0x2F, 0xCA, 0x0E, - 0x77, 0xA4, 0x92, 0xC5, 0x1F, 0x8A, 0x72, 0x52, 0xEA, 0x42, - 0xC2, 0x3D, 0x72, 0x2E, 0x78, 0x7A, 0xA2, 0x35, 0xB5, 0x17, - 0x5D, 0xBE, 0x61, 0xDD, 0xF8, 0xF1, 0x6F, 0x95, 0x6E, 0x03, - 0x17, 0xB9, 0x55, 0x0A, 0x04, 0xBF, 0x91, 0x65, 0xDD, 0x03, + 0x20, 0xB3, 0x9B, 0x52, 0xB0, 0xB7, 0x47, 0xEA, 0x79, 0x58, + 0x8C, 0x19, 0x0F, 0x56, 0x7B, 0xFC, 0x2C, 0x84, 0x37, 0xBA, + 0x8A, 0x73, 0xF7, 0xEA, 0x98, 0x31, 0x82, 0xE7, 0x9F, 0x01, + 0x48, 0xD5, 0x9B, 0x58, 0x4A, 0xD2, 0x84, 0x43, 0xA1, 0x01, + 0x26, 0xA0, 0xF6, 0x58, 0x40, 0x80, 0xE5, 0x4A, 0xB4, 0x85, + 0xB3, 0x20, 0xA6, 0x16, 0x54, 0x66, 0x63, 0x62, 0x92, 0x8B, + 0x15, 0xEA, 0xAA, 0xBF, 0xE6, 0x95, 0x7B, 0x1B, 0xCB, 0x65, + 0xF1, 0x6A, 0x36, 0x7E, 0x4B, 0x19, 0x88, 0x8B, 0xFF, 0xDB, + 0xD6, 0xF7, 0xEA, 0x28, 0x92, 0xFA, 0x36, 0xFA, 0x18, 0xA2, + 0xFC, 0xB5, 0xDB, 0xFE, 0xC9, 0x83, 0x2E, 0x09, 0xB9, 0x1E, + 0xD9, 0xCD, 0x34, 0x8A, 0xB7, 0x7E, 0x25, 0xFA, 0x74, 0x03, 0x59, 0x01, 0x08, 0xA6, 0x01, 0x01, 0x02, 0x03, 0x03, 0x58, 0x84, 0xA2, 0x02, 0x81, 0x84, 0x4B, 0x54, 0x45, 0x45, 0x50, 0x2D, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x48, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x46, 0x53, 0x50, 0x8D, 0x82, 0x57, 0x3A, 0x92, 0x6D, 0x47, 0x54, 0x93, 0x53, 0x32, 0xDC, 0x29, - 0x99, 0x7F, 0x74, 0x42, 0x74, 0x61, 0x04, 0x58, 0x54, 0x86, + 0x99, 0x7F, 0x74, 0x42, 0x74, 0x61, 0x04, 0x58, 0x54, 0x86, 0x14, 0xA4, 0x01, 0x50, 0xC0, 0xDD, 0xD5, 0xF1, 0x52, 0x43, 0x56, 0x60, 0x87, 0xDB, 0x4F, 0x5B, 0x0A, 0xA2, 0x6C, 0x2F, 0x02, 0x50, 0xDB, 0x42, 0xF7, 0x09, 0x3D, 0x8C, 0x55, 0xBA, @@ -78,7 +78,7 @@ const uint8_t depend_suit[] = { 0x2D, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x48, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x46, 0x53, 0x50, 0x8D, 0x82, 0x57, 0x3A, 0x92, 0x6D, 0x47, 0x54, 0x93, 0x53, 0x32, 0xDC, 0x29, - 0x99, 0x7F, 0x74, 0x44, 0x73, 0x75, 0x69, 0x74, 0x11, 0x58, + 0x99, 0x7F, 0x74, 0x44, 0x73, 0x75, 0x69, 0x74, 0x14, 0x58, 0x45, 0x86, 0x14, 0xA1, 0x15, 0x78, 0x3B, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x2F, 0x38, 0x64, 0x38, @@ -614,3 +614,4 @@ int main(int argc, char *argv[]) return EXIT_SUCCESS; } + diff --git a/testfiles/suit_manifest_expD.cbor b/testfiles/suit_manifest_expD.cbor index 8c95a06396c117330a88cae6d8bfcda879dc5cc1..ba2596f33b1e992b842fa52a18893c046547d6db 100644 GIT binary patch delta 355 zcmV-p0i6E51-%7-q5@cRf>&f}{frCV$0XQ6?Afy2TAORs*Afcs>qanxR zDE@usVuRnqv01N;aArI~@ BqALIZ delta 355 zcmV-p0i6E51-%7-q5@cRf> z0hSPQ-twSP&I%P;6u5Q{+6mTVLeGAZiP<7pAk_-nzPUz|5I2G#48VLI9sPzi6%X0= zr>%9fI!{gUX;>JXPIH<_U-;xKaz*-3=(S#_0&CdphDqiU4;UCqhztP>01N;aArHlk BoP7WQ diff --git a/testfiles/suit_manifest_expD.md b/testfiles/suit_manifest_expD.md index 6b7f397..fcd13ef 100644 --- a/testfiles/suit_manifest_expD.md +++ b/testfiles/suit_manifest_expD.md @@ -11,7 +11,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'014F0B68F4D5BCEC33D28C09DB32DBF38273AF57D769E9E3D84895A4BE2C7A24' + / digest-bytes: / h'C6E33791C3EA4235D3069E849CCF00390769E0118342161184B293F8893DF010' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -19,7 +19,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'B3972AAD29F143FD4DB46E9844805DB3280D6487A0831E2ECE1A9E4DBE3EDAD12A0A289FD565AE0928387440B4DCE185D6CDC30CD2E93BA7B919166B355C0E03' + / signature: / h'E2F02EB95698DF7D3C9B3B5B0A64AF58B363AD0B3E12AF77C279EBD7B503C9BE4858C36614919C110E5C294FFB1538EE234CAED278939B7260A4BB63E1970146' ]) >> ] >>, / manifest / 3: << { @@ -90,12 +90,12 @@ / directive-set-component-index / 12, 0, / directive-override-parameters / 20, { / NOTE: encrypted payload and encryption-info / - / parameter-content / 18: h'1B643B18E1081F77FFB9B107D61CD09B60965885A31D7E355A7AC0DAF86FCBE62F3E20CBD59FEFDB7708EE708208C60E20F9056C13A43288224C0FB271', + / parameter-content / 18: h'C43E94F3B51A5DBB76ECFAD44CA7DEFE71D26A36E10054723DDF0A93CD9B68D9F4B61FCC31CD0CBE30D3FFDF6AB7541BFF1980968A836E17D3BBDE7332', / parameter-encryption-info / 19: << 96([ / protected: / h'', / unprotected: / { / alg / 1: -65534 / A128CTR /, - / IV / 5: h'76C8F4729BE242D1E230165C87C39219' + / IV / 5: h'F8FC5E335366171540C1B416ABFDC9A7' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -107,11 +107,11 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'CB86B097AFBB4801961072DEF2A051CE0A1514B8760EDA09D66442CF7E9289D9', - / y / -3: h'D50ADBBEB94693103782200CC07C1E1DFD8635150FD9F6A7AD75B33A4F4DF169' + / x / -2: h'7AAF18EC7FAB5071B267FA3B8D8FF248A78DAAD9D9B8318EAE8925089F3C9431', + / y / -3: h'84BADF92D62F3804E8DE964ABB21EC6A732B46B2B02DCD2908E6A666C6D4871B' } }, - / payload: / h'9C4E739A485FF8E42C7245FA50E8B55EA7026BD8EC8649E6' + / payload: / h'F003092CB552689003EB0ACDD081595E6499FF028745DADF' ] ] ]) >> @@ -136,10 +136,10 @@ {: numbered='no'} ~~~~ -A2025873825824822F5820014F0B68F4D5BCEC33D28C09DB32DBF38273AF -57D769E9E3D84895A4BE2C7A24584AD28443A10126A0F65840B3972AAD29 -F143FD4DB46E9844805DB3280D6487A0831E2ECE1A9E4DBE3EDAD12A0A28 -9FD565AE0928387440B4DCE185D6CDC30CD2E93BA7B919166B355C0E0303 +A2025873825824822F582037522D96C0F9A6B887A21F4B21CDF02767799C +C3A66EAFD5979250CCE11377E2584AD28443A10126A0F6584084A5B76482 +0B927C580BF128CC2CA21AE2656F27A6BCE6D63228915CCCCC32DB23C93A +8518A7DB565BD0348F17978474ED7473C4FDED4A2752EEA93B90BE1FF103 590242A801010203035886A301A101A101844B544545502D446576696365 485365637572654653508D82573A926D4754935332DC29997F7444737569 740281834B544545502D4465766963654853656375726546534B636F6E66 @@ -152,12 +152,12 @@ D952B751C73A60F455AF681E167726F1160E183D030F0F5872860C0114A3 983182E79F0148D59B0E19018515783D68747470733A2F2F6578616D706C 652E6F72672F38643832353733612D393236642D343735342D393335332D 3332646332393939376637342E7375697415021458D88A0C010B000C0014 -A212583D1B643B18E1081F77FFB9B107D61CD09B60965885A31D7E355A7A -C0DAF86FCBE62F3E20CBD59FEFDB7708EE708208C60E20F9056C13A43288 -224C0FB27113588AD8608440A20139FFFD055076C8F4729BE242D1E23016 -5C87C39219F6818344A101381CA120A401022001215820CB86B097AFBB48 -01961072DEF2A051CE0A1514B8760EDA09D66442CF7E9289D9225820D50A -DBBEB94693103782200CC07C1E1DFD8635150FD9F6A7AD75B33A4F4DF169 -58189C4E739A485FF8E42C7245FA50E8B55EA7026BD8EC8649E6120F1818 +A212583DF137C0755EA5642248EC04F3D24BEF771B5CCD72C56F33F254F4 +0A2381DC7C122C5708A99FE87A702A11053EF1BA86CF9A12B7E81AF80147 +5959864E6313588AD8608440A20139FFFD0550A0DB218209E3C43E871A81 +CF1BEBC9F9F6818344A101381CA120A401022001215820A1A58EA321C7E3 +28FE7DE66283DFC3B4081FE5FA7EF90C570FC88693F857EFB6225820AE96 +AC0E18D691D5A8066BF95913252F57566F5A07EEF8643822ADD9510ADBBD +58183C09CFE4A33D69F0ADDB73EA728E942791139BA864A9369E120F1818 4A880C010B000C0018210F ~~~~ From a6e9fe6177a0bcccb899f9854701ba3b1e5ae7ee Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 11:31:26 +0000 Subject: [PATCH 06/16] update: encrypted binaries --- Makefile.process | 2 +- examples/suit_manifest_process_main.c | 10 +-- testfiles/encrypted_image_esdh.bin | 2 +- testfiles/suit_manifest_expEF.cbor | Bin 329 -> 0 bytes testfiles/suit_manifest_expEF.md | 104 -------------------------- 5 files changed, 7 insertions(+), 111 deletions(-) delete mode 100644 testfiles/suit_manifest_expEF.cbor delete mode 100644 testfiles/suit_manifest_expEF.md diff --git a/Makefile.process b/Makefile.process index 8f1ac59..b3f338a 100644 --- a/Makefile.process +++ b/Makefile.process @@ -54,7 +54,7 @@ define test-one endef -TEST_NUM := 0 1 2A 2B 3 4 5 U I D S0 S1 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW ED EW S0 S1 S2 S3 S4 U0 U1 .PHONY: test test: all $(foreach num,$(TEST_NUM),$(call test-one,$(num))) diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index aacfbce..63287f9 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -154,11 +154,11 @@ const uint8_t encrypted_firmware_uri[] = { 0x66, 0x69, 0x72, 0x6D, 0x77, 0x61, 0x72, 0x65 }; // "https://example.com/encrypted-firmware" const uint8_t encrypted_firmware_data[] = { - 0x98, 0x90, 0xD8, 0xDC, 0x74, 0x0A, 0x2E, 0x82, 0xC2, 0xBE, - 0xA9, 0xBA, 0xB1, 0x3E, 0x0B, 0xFA, 0x0F, 0xB4, 0xEB, 0x2B, - 0xA3, 0xC0, 0xBC, 0xA4, 0xB2, 0x3A, 0x0D, 0x66, 0x0C, 0x5B, - 0x30, 0x38, 0xF8, 0x63, 0x49, 0x33, 0x92, 0x1B, 0x3C, 0x2D, - 0x1A, 0x84, 0xEE, 0x6C, 0x27, 0x79, + 0x2F, 0x59, 0xC3, 0xA3, 0x4D, 0x95, 0x70, 0xFB, 0x99, 0xA5, + 0x38, 0x2E, 0x66, 0x46, 0x6A, 0x32, 0x21, 0xA8, 0xAD, 0x85, + 0xCE, 0x50, 0x8B, 0xA3, 0x06, 0xFB, 0x43, 0x1A, 0x60, 0xEF, + 0xA5, 0xAA, 0xAA, 0x07, 0x83, 0x55, 0x07, 0x02, 0x05, 0xA4, + 0xB1, 0x96, 0x83, 0x2D, 0xF1, 0x7F }; struct name_data { diff --git a/testfiles/encrypted_image_esdh.bin b/testfiles/encrypted_image_esdh.bin index 685a631..44ceccb 100644 --- a/testfiles/encrypted_image_esdh.bin +++ b/testfiles/encrypted_image_esdh.bin @@ -1 +1 @@ -4O¢Õ­/CöócÚoòÃ7þiã>=cqM#˜[ð$™ë‹#EÃx$]£a Å \ No newline at end of file +/YãM•pû™¥8.fFj2!¨­…ÎP‹£ûC`索ªƒU¤±–ƒ-ñ \ No newline at end of file diff --git a/testfiles/suit_manifest_expEF.cbor b/testfiles/suit_manifest_expEF.cbor deleted file mode 100644 index e65b98afd8dc2187ef591eafe1c5a18559cd469e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 329 zcmV-P0k;0wYoY>JbAnhTf-hJgPdRmHI;k7Nffz8wQ<*R5PvPt57=F#qD__5Iv2{Z+ zSW41_L!kjCp!Qfma1M;esLYi{#7QQ~vlPtRd(i=!<7aO{UJ>Jj$)hXuJt{3;-0O6IesoV1z@V0Rf=}P#xr8=(VI2g%o DUvR$P)`;C77rAn16U-2FIXV&;cIG0Z}MKBwfetN bUMu`RIJ5=cH*|NhGIg~uNwjMY7#{- - -## Example 1: Fetch and Decrypt Encrypted Payload -{: numbered='no'} - -### CBOR Diagnostic Notation of SUIT Manifest -{: numbered='no'} - -~~~~ -/ SUIT_Envelope_Tagged / 107({ - / authentication-wrapper / 2: << [ - << [ - / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'4F3975683AA91BC2811830C553992FE84FE1EBE7187ECDCF2B5FBF72B1754331' - ] >>, - << / COSE_Sign1_Tagged / 18([ - / protected: / << { - / algorithm-id / 1: -7 / ES256 / - } >>, - / unprotected: / {}, - / payload: / null, - / signature: / h'700E8CC7A8CC9546C44926CAB314CCDB7BD1019AE3676F415E11E384C9A32BF4E439612D1AB28F7841B5847CFBECA36578EF550D0E5DC762018C334798959741' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 1, - / common / 3: << { - / components / 2: [ - [h'00'] / to be decrypted firmware /, - [h'01'] / encrypted firmware / - ] - } >>, - / install / 17: << [ - / fetch encrypted firmware / - / directive-set-component-index / 12, 1 / [h'01'] /, - / directive-override-parameters / 20, { - / parameter-image-size / 14: 47, - / parameter-uri / 21: "https://author.example.com/encrypted-firmware.bin" - }, - / directive-fetch / 21, 15, - - / decrypt encrypted firmware / - / directive-set-component-index / 12, 0 / [h'00'] /, - / directive-override-parameters / 20, { - / parameter-encryption-info / 19: << 96([ - / protected: / << { - / alg / 1: 1 / AES-GCM-128 / - } >>, - / unprotected: / { - / IV / 5: h'1DE460E8B5B68D7222C0D6F20484D8AB' - }, - / payload: / null / detached ciphertext /, - / recipients: / [ - [ - / protected: / << { - } >>, - / unprotected: / { - / alg / 1: -3 / A128KW /, - / kid / 4: 'kid-1' - }, - / payload: / h'A86200E4754733E4C00FC08C6A72CC1996E129922EAB504F' / CEK encrypted with KEK / - ] - ] - ]) >>, - / parameter-source-component / 22: 1 / [h'01'] / - }, - / directive-copy / 22, 15 / consumes the SUIT_Encryption_Info above /, - - / verify decrypted firmware / - / directive-override-parameters / 20, { - / parameter-image-digest / 3: << [ - / digest-algorithm-id: / -16 / SHA-256 /, - / digest-bytes: / h'efe16b6a486ff25e9fb5fabf515e2bfc3f38b405de377477b23275b53049b46b' - ] >>, - / parameter-image-size / 14: 31 - }, - / condition-image-match / 3, 15 - ] >> - } >> -}) -~~~~ - - -### CBOR Binary in Hex -{: numbered='no'} - -~~~~ -D86BA2025873825824822F58204F3975683AA91BC2811830C553992FE84F -E1EBE7187ECDCF2B5FBF72B1754331584AD28443A10126A0F65840700E8C -C7A8CC9546C44926CAB314CCDB7BD1019AE3676F415E11E384C9A32BF4E4 -39612D1AB28F7841B5847CFBECA36578EF550D0E5DC762018C3347989597 -410358CDA4010102010349A102828141008141011158BA900C0114A20E18 -2F15783168747470733A2F2F617574686F722E6578616D706C652E636F6D -2F656E637279707465642D6669726D776172652E62696E150F0C0014A213 -5843D8608443A10101A105501DE460E8B5B68D7222C0D6F20484D8ABF681 -8341A0A2012204456B69642D315818A86200E4754733E4C00FC08C6A72CC -1996E129922EAB504F1601160F14A2035824822F5820EFE16B6A486FF25E -9FB5FABF515E2BFC3F38B405DE377477B23275B53049B46B0E181F030F -~~~~ From 17ae55ef54d984efef16521474aa41a104a38b0f Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 11:57:41 +0000 Subject: [PATCH 07/16] update: examples for encrypted payloads --- testfiles/suit_manifest_expAF.cbor | Bin 275 -> 274 bytes testfiles/suit_manifest_expAF.md | 27 ++++---- testfiles/suit_manifest_expAW.cbor | Bin 249 -> 248 bytes testfiles/suit_manifest_expAW.md | 27 ++++---- testfiles/suit_manifest_expED.cbor | Bin 924 -> 763 bytes testfiles/suit_manifest_expED.md | 97 ++++++++++------------------- testfiles/suit_manifest_expEW.cbor | Bin 360 -> 360 bytes testfiles/suit_manifest_expEW.md | 40 ++++++------ 8 files changed, 80 insertions(+), 111 deletions(-) diff --git a/testfiles/suit_manifest_expAF.cbor b/testfiles/suit_manifest_expAF.cbor index 7ea22d454f66a074ee5e1283017aa38a0fe31f92..a2d8831d8309825755adf4fc7c8f6e5806e46b50 100644 GIT binary patch delta 115 zcmV-(0F3{W0+Iq;*lVH!SW|*nB!VwkAXzopSq4wRos4c{wS+%_mUC#3T}o{QBRTP8 zdjy_NU05p7ghQbL1)%m=Afbyl9(}8PpEeg*>iEW<`=|1>*X4A5SF1Y`f{6*Frvq5F Vkz6$afRU0p0YZ_?9RWa*>nPv=F>L?< delta 116 zcmV-)0E_>U0+Rw<*lVH!SW|*nB!VwkAca$!r3VR2{-l)j*m@X?l7RYYX61v?Epvxr z@Q%636j& Wkz6$afsv9q0Yj0@9Rfk1k?JT6A~Y!g diff --git a/testfiles/suit_manifest_expAF.md b/testfiles/suit_manifest_expAF.md index 9e552d9..0f9e93a 100644 --- a/testfiles/suit_manifest_expAF.md +++ b/testfiles/suit_manifest_expAF.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'85539AA507094CFEA494F4D87A188B9280FA6966E583D12D738762F08EB9C914' + / digest-bytes: / h'5935D959064FC19D8C6E63B5843F80967368905D4A6D052339F1647B049E4E5D' ] >>, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'E22534A05903F63AE9EBA0C1CFA938AB48008553CA765622FBA7539E86441E38' + / tag: / h'A18B371E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A7' ]) >> ] >>, / manifest / 3: << { @@ -49,7 +49,7 @@ / directive-override-parameters / 20, { / parameter-encryption-info / 19: << 96([ / protected: / << { - / alg / 1: 1 / AES-GCM-128 / + / alg / 1: 1 / A128GCM / } >>, / unprotected: / { / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' @@ -57,8 +57,7 @@ / payload: / null / detached ciphertext /, / recipients: / [ [ - / protected: / << { - } >>, + / protected: / h'', / unprotected: / { / alg / 1: -3 / A128KW /, / kid / 4: 'kid-1' @@ -80,14 +79,14 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F582085539AA507094CFEA494F4D87A188B9280 -FA6966E583D12D738762F08EB9C914582AD18443A10105A0F65820E22534 -A05903F63AE9EBA0C1CFA938AB48008553CA765622FBA7539E86441E3803 -58B7A40101020103582BA102828152706C61696E746578742D6669726D77 -6172658152656E637279707465642D6669726D776172651458818C0C0114 +D86BA2025853825824822F58205935D959064FC19D8C6E63B5843F809673 +68905D4A6D052339F1647B049E4E5D582AD18443A10105A0F65820A18B37 +1E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A703 +58B6A40101020103582BA102828152706C61696E746578742D6669726D77 +6172658152656E637279707465642D6669726D776172651458808C0C0114 A20E182E15782668747470733A2F2F6578616D706C652E636F6D2F656E63 -7279707465642D6669726D77617265150F0C0014A2135843D8608443A101 -01A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818341A0A201220445 -6B69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D -621601160F +7279707465642D6669726D77617265150F0C0014A2135842D8608443A101 +01A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340A2012204456B +69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D62 +1601160F ~~~~ diff --git a/testfiles/suit_manifest_expAW.cbor b/testfiles/suit_manifest_expAW.cbor index a82bcfdc20616f717bee8cb89c59d6e573accb23..4fe24303e038f3c7ade36b0b6e43f04f8d0c8a97 100644 GIT binary patch delta 140 zcmV;70CWHO0r&x2*lVH!SW|*nB!VwkAb~!5nF8i!U4_c|7c9PpQmsSpTH-b>plIGv z-+nD@7g#FMghQbL1)%m=AbcKQgmEnM*MXptU16(>5dEC&PVOdioi);f0^xCo^8;9% ukz61Fdy#!MA41q*ghQbL0igv@@k*%3*lVH!SW|*nB!VwkAV4+gK{mghQbL1)%m=APJlNKzO9o$LrL6Dc3Vl%KL&RdtUF&PXgV}LFy`gc>`FT vkz61Fe35-NAVb(-ghQbL0igv@@k*>, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'099BFC4078A4D4C7EBD47D29D73350CAFB82277B5EEFCD4F02DDCE41EA2A7E79' + / tag: / h'7C1E5F84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F3' ]) >> ] >>, / manifest / 3: << { @@ -40,7 +40,7 @@ / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', / parameter-encryption-info / 19: << 96([ / protected: / << { - / alg / 1: 1 / AES-GCM-128 / + / alg / 1: 1 / A128GCM / } >>, / unprotected: / { / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' @@ -48,8 +48,7 @@ / payload: / null / detached ciphertext /, / recipients: / [ [ - / protected: / << { - } >>, + / protected: / h'', / unprotected: / { / alg / 1: -3 / A128KW /, / kid / 4: 'kid-1' @@ -73,13 +72,13 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F582047BD34B3767EDD7060DB1400C7F9B1D4C1 -D24DBAB8F6A24CE05A57927EB73BDB582AD18443A10105A0F65820099BFC -4078A4D4C7EBD47D29D73350CAFB82277B5EEFCD4F02DDCE41EA2A7E7903 -589DA4010102010357A102818152706C61696E746578742D6669726D7761 -726514587C8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD -85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135843 -D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818341 -A0A2012204456B69642D31581875603FFC9518D794713C8CA8A115A7FB32 -565A6D59534D62120F +D86BA2025853825824822F5820813E7A9902E6665D85CAF9172CBE8652AD +43EF5AE2362DA068DE51DF7E2D6C17582AD18443A10105A0F658207C1E5F +84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F303 +589CA4010102010357A102818152706C61696E746578742D6669726D7761 +726514587B8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD +85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135842 +D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340 +A2012204456B69642D31581875603FFC9518D794713C8CA8A115A7FB3256 +5A6D59534D62120F ~~~~ diff --git a/testfiles/suit_manifest_expED.cbor b/testfiles/suit_manifest_expED.cbor index 0f698f6934deb84dc3b4416092e069fdedd86246..154b2c592961ee92eb47a480c711b57c9e97dd6c 100644 GIT binary patch delta 345 zcmV-f0jB<(2m1wo*lVK#SaX6{B!VwkAZ9U$TGjNxCqA%3>DS`t(st1Er2Lc78v6h1^@qZIokl0{^L!kiyp#@O!N~@iL z)gOAmpc3Ao;}lQ delta 501 zcmV0}X1T~$Jn1eIzqrv8_n2{9!3$ad5V0A5CBaqaBwA$QF$X(`tWe6w z7Eq!S6}T-1$|9J}8kJF+u1rf)6#`guf>-e&>N& zwsNP$RLg1{IV(rfA|FIu2%e$$TgnJZjd)2fYh4ml?05I~k$GuLOT2AYZ&nDTG8&v#cVkFvs@*OSPSg)(v@=b4s6}5=&(Wl>|j=X=E)j rSQxP47APn`K0u#=SlIu{R(~`OH=4tqNy!WW6r%%^3j!vy&H*g}cdFTH diff --git a/testfiles/suit_manifest_expED.md b/testfiles/suit_manifest_expED.md index 657ae91..d7a7634 100644 --- a/testfiles/suit_manifest_expED.md +++ b/testfiles/suit_manifest_expED.md @@ -12,34 +12,10 @@ ~~~~ / SUIT_Envelope_Tagged / 107({ - / delegation / 1: << [ - [ - / NOTE: signed by trust anchor / - << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected / { - }, - / payload: / << { - / cnf / 8: { - / NOTE: public key of delegated authority / - / COSE_Key / 1: { - / kty / 1: 2 / EC2 /, - / crv / -1: 1 / P-256 /, - / x / -2: h'0E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B', - / y / -3: h'77DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A' - } - } - } >>, - / signature: / h'FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315' - ]) >> - ] - ] >>, / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'09038B29229C8FED40DA96BB8CB6E55AF54CA3987D186CCB768F5B34D3DA2B28' + / digest-bytes: / h'79707465642D6669726D77617265058157646570656E64656E742D6D616E6966' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -47,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'956DA9194ABCC637D2853AE69ACB10D522CA587449861342167EE7815AB672A7C454CB6A392B47D2221F445D089EA1F75BCA084A8D78492F6B5D1254EC77F7F7' + / signature: / h'8E0C0014A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135890D8608443A10101' ]) >> ] >>, / manifest / 3: << { @@ -72,13 +48,13 @@ / NOTE: set SUIT_Encryption_Info / / directive-set-component-index / 12, 0 / ['decrypted-firmware'] /, / directive-override-parameters / 20, { - / parameter-content / 18: h'344FA2D5AD2F43F6F363DA6FF2C337FE69E33E3D63714D23985BF02499EB0E8B231D45C378245DA3611C160CC511', + / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', / parameter-encryption-info / 19: << 96([ / protected: / << { - / alg / 1: 1 / AES-GCM-128 / + / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'DAE613B2E0DC55F4322BE38BDBA9DC68' + / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -90,12 +66,12 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'FF6E266DABAF51B7207569E31CF72646183E94CEE64FCDC8695AD9A505AEFDEA', - / y / -3: h'5FBC4A29844450B3AC22AB30C7F7004BB59D8BD60D7997734A9FA0124B650895' + / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB', + / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3' }, / kid / 4: 'kid-2' }, - / payload: / h'B0E21628283F3E409F8158D8FFCA567F340E379AC39E49C9' + / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A' / CEK encrypted with KEK / ] ] @@ -176,35 +152,30 @@ {: numbered='no'} ~~~~ -D86BA401589E8181589AD28443A10126A0584FA108A101A4010220012158 -200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03 -ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D -314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715C -C10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D -06CA2298CD1A95519AAE4C4B5315025873825824822F582009038B29229C -8FED40DA96BB8CB6E55AF54CA3987D186CCB768F5B34D3DA2B28584AD284 -43A10126A0F65840956DA9194ABCC637D2853AE69ACB10D522CA58744986 -1342167EE7815AB672A7C454CB6A392B47D2221F445D089EA1F75BCA084A -8D78492F6B5D1254EC77F7F703590170A501010201035837A201A101A101 -815818646570656E64656E63792D6D616E69666573742E73756974028181 -526465637279707465642D6669726D77617265058157646570656E64656E -742D6D616E69666573742E73756974145901138E0C0014A212582E344FA2 -D5AD2F43F6F363DA6FF2C337FE69E33E3D63714D23985BF02499EB0E8B23 -1D45C378245DA3611C160CC511135890D8608443A10101A10550DAE613B2 -E0DC55F4322BE38BDBA9DC68F6818344A101381CA220A401022001215820 -FF6E266DABAF51B7207569E31CF72646183E94CEE64FCDC8695AD9A505AE -FDEA2258205FBC4A29844450B3AC22AB30C7F7004BB59D8BD60D7997734A -9FA0124B65089504456B69642D325818B0E21628283F3E409F8158D8FFCA -567F340E379AC39E49C90C0114A3035824822F58204B15C90FBD776A820E -7E733DF040D90B356B5C75982ECAECE8673818179BDF160E18F715742364 -6570656E64656E63792D6D616E6966657374150F070F0B0F742364657065 -6E64656E63792D6D616E696665737458F7D86BA2025873825824822F5820 -4B15C90FBD776A820E7E733DF040D90B356B5C75982ECAECE8673818179B -DF16584AD28443A10126A0F658402B1B9C4E44E52863A78F73DA2A935823 -B28AEAE6A85CADAC4C4E3AABAAD56CBCE5A47D288F86B54D0186657E972E -748B48CDB1D420FBAC1285DCC978382F62CC03587BA601010201035849A2 -028181526465637279707465642D6669726D7761726504582F840C0014A2 -035824822F582036921488FE6680712F734E11F58D87EEB66D4B21A8A1AD -3441060814DA16D50F0E181E05815818646570656E64656E63792D6D616E -69666573742E73756974074382030F1447860C00120F030F +D86BA3025873825824822F58206631885AD5F4C0273EB042E9D7E2E7D329 +799F18BF476A8BF79F3253C16AAF7F584AD28443A10126A0F658401D0F95 +59EB23412946007C9DDF28547CB608E296EF5E4C176E853E2B200171C311 +82A31A25886A17289667225EA1745D0B4BFE636088B1E7FBE52B5A594A84 +3603590170A501010201035837A201A101A101815818646570656E64656E +63792D6D616E69666573742E73756974028181526465637279707465642D +6669726D77617265058157646570656E64656E742D6D616E69666573742E +73756974145901138E0C0014A212582E2F59C3A34D9570FB99A5382E6646 +6A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832D +F17F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70 +CDF6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF +14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA539795 +80F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B69 +642D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A0C +0114A3035824822F58204B15C90FBD776A820E7E733DF040D90B356B5C75 +982ECAECE8673818179BDF160E18F7157423646570656E64656E63792D6D +616E6966657374150F070F0B0F7423646570656E64656E63792D6D616E69 +6665737458F7D86BA2025873825824822F58204B15C90FBD776A820E7E73 +3DF040D90B356B5C75982ECAECE8673818179BDF16584AD28443A10126A0 +F658402B1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3A +ABAAD56CBCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285 +DCC978382F62CC03587BA601010201035849A20281815264656372797074 +65642D6669726D7761726504582F840C0014A2035824822F582036921488 +FE6680712F734E11F58D87EEB66D4B21A8A1AD3441060814DA16D50F0E18 +1E05815818646570656E64656E63792D6D616E69666573742E7375697407 +4382030F1447860C00120F030F ~~~~ diff --git a/testfiles/suit_manifest_expEW.cbor b/testfiles/suit_manifest_expEW.cbor index aa0fbda5378a9f72f4a74d74f0284c39c8a93584..496d9655f8194c627eba428b9cd717f00f2c1554 100644 GIT binary patch delta 332 zcmV-S0ki(-0_XyN*lVH!SaX6{B!VwkAc5ZaxZOB|onb>u;b~)TQufKzq-H~Zd0!T1 zHLEP}msm>DghQbLCZP6MKoOa}Fpi5+2Q9OK%~rzfZqmVH{xL&z8PBms0u>9-VXL#A zN<0-uMqx=Y2Lz^1kGhG)0{y%mL<^N?oW9PmC<9pRqyYhueZ7m`$HOF@1?4$2ZL1y0tKY8mV+(ve-l`c*kFW1p#cG*1yJ!ytDS+> zA9~qC{)ewmaLx9CgG8YLI2@uNqyYjT0U=l*)5|~TM+^0)Sf8&H=4{+JcHDZxLeZ_n z*>+^e7r#{NB3MKq`NaBDmz99^{#rIukIkqltwJSc9J|Q!F!rTT`VGgU1Vw9UWGymS e7~B_!)^T3EBhW8xENhQP58)q3D*puaIuZ{GvzRvk delta 332 zcmV-S0ki(-0_XyN*lVH!SaX6{B!VwkAX^jvZc3bsQI@&jH^47LbINW6o{=pnBYu-o zUkKBC(pXB;ghQbLCZP6MKz}C^8l5gOr{`Tgz{EM}Og2n-V|8AzzD@{BzM^aEJzqyYhue z!#DnE<32rOaZMwbTks^A>kf+}9Yw=4s^n!}z+$r2B4w~y5T diff --git a/testfiles/suit_manifest_expEW.md b/testfiles/suit_manifest_expEW.md index 5c36dfc..21d7135 100644 --- a/testfiles/suit_manifest_expEW.md +++ b/testfiles/suit_manifest_expEW.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'5B13FF6E4A9C8B5196B9E037C02F4373CA6E049E912D29237E93525F08D37BD2' + / digest-bytes: / h'81DEF8B8DD38839D61434BE169636E52F6C9D4A466437F795F166735AB2CF097' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'7F27121A9D2E32E3DB125E6B137E5DE7339D7B8B442E68B719BFCE099504490F9E8A5E83CB06764C47B904F9FDEE152C6698A9080C132B1948A8ADF28C3D04F4' + / signature: / h'1199BD308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61ABB39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB028' ]) >> ] >>, / manifest / 3: << { @@ -37,13 +37,13 @@ / install / 20: << [ / directive-set-component-index / 12, 0 / ['plaintext-firmware'] /, / directive-override-parameters / 20, { - / parameter-content / 18: h'344FA2D5AD2F43F6F363DA6FF2C337FE69E33E3D63714D23985BF02499EB0E8B231D45C378245DA3611C160CC511', + / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', / parameter-encryption-info / 19: << 96([ / protected: / << { - / alg / 1: 1 / AES-GCM-128 / + / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'DAE613B2E0DC55F4322BE38BDBA9DC68' + / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -55,12 +55,12 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'FF6E266DABAF51B7207569E31CF72646183E94CEE64FCDC8695AD9A505AEFDEA', - / y / -3: h'5FBC4A29844450B3AC22AB30C7F7004BB59D8BD60D7997734A9FA0124B650895' + / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB', + / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3' }, / kid / 4: 'kid-2' }, - / payload: / h'B0E21628283F3E409F8158D8FFCA567F340E379AC39E49C9' + / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A' / CEK encrypted with KEK / ] ] @@ -77,16 +77,16 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F58205B13FF6E4A9C8B5196B9E037C02F4373CA -6E049E912D29237E93525F08D37BD2584AD28443A10126A0F658407F2712 -1A9D2E32E3DB125E6B137E5DE7339D7B8B442E68B719BFCE099504490F9E -8A5E83CB06764C47B904F9FDEE152C6698A9080C132B1948A8ADF28C3D04 -F40358ECA4010102010357A1028181526465637279707465642D6669726D -776172651458CB860C0014A212582E344FA2D5AD2F43F6F363DA6FF2C337 -FE69E33E3D63714D23985BF02499EB0E8B231D45C378245DA3611C160CC5 -11135890D8608443A10101A10550DAE613B2E0DC55F4322BE38BDBA9DC68 -F6818344A101381CA220A401022001215820FF6E266DABAF51B7207569E3 -1CF72646183E94CEE64FCDC8695AD9A505AEFDEA2258205FBC4A29844450 -B3AC22AB30C7F7004BB59D8BD60D7997734A9FA0124B65089504456B6964 -2D325818B0E21628283F3E409F8158D8FFCA567F340E379AC39E49C9120F +D86BA2025873825824822F582081DEF8B8DD38839D61434BE169636E52F6 +C9D4A466437F795F166735AB2CF097584AD28443A10126A0F658401199BD +308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61AB +B39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB0 +280358ECA4010102010357A1028181526465637279707465642D6669726D +776172651458CB860C0014A212582E2F59C3A34D9570FB99A5382E66466A +3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF1 +7F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CD +F6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF14 +E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA53979580 +F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B6964 +2D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A120F ~~~~ From 4e51d9a539b4a12aceb9f8ac5d43c6ad72b0b9b2 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 12:33:19 +0000 Subject: [PATCH 08/16] add: image validation --- testfiles/encryption_info_esdh.cose | Bin 144 -> 137 bytes testfiles/validate_encrypted_files.py | 79 ++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) create mode 100755 testfiles/validate_encrypted_files.py diff --git a/testfiles/encryption_info_esdh.cose b/testfiles/encryption_info_esdh.cose index f64c52e42ad58a444e84a5c1cb365a6ba6eb9d69..5ba4edeb9df5ac456ab55103f6c1b7be1a113674 100644 GIT binary patch literal 137 zcmV;40CxY_V1z@V0Rf=}Q1MEuoq^RKdf7w%hp$g?&GvzVM4O z%RlHx3-zX0pRW|=Y}`0@+#n+!u$|abCP5&@XK)YmY|{;U7pU{{;0q ~ literal 144 zcmV;B0B`@;V1z@V0Rf=}P}=4bvf$iR^fD{si`%K(X!e1FM4) zZYFK3uTi%kb!p=q_a;UdK9tVpPtC|_TG^!quKnsFSRh}#N-2ayP_wKet1!p+086!< yi`ET!mvc&=pb|@E2$cjyYiVRHGFTX};ua_ Date: Sun, 15 Sep 2024 13:31:37 +0000 Subject: [PATCH 09/16] update: AES-GCM binaries --- testfiles/encrypted_image_aes.bin | 2 +- testfiles/encrypted_image_esdh.bin | 2 +- testfiles/encryption_info_aes.cose | 2 +- testfiles/encryption_info_esdh.cose | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/testfiles/encrypted_image_aes.bin b/testfiles/encrypted_image_aes.bin index 44ceccb..ce06e8a 100644 --- a/testfiles/encrypted_image_aes.bin +++ b/testfiles/encrypted_image_aes.bin @@ -1 +1 @@ -/YãM•pû™¥8.fFj2!¨­…ÎP‹£ûC`索ªƒU¤±–ƒ-ñ \ No newline at end of file +uŒK{ºâÄÁÔbB> ÃOú{…»”Ô½m~Òj³/ë3…ÔÓFY'ì‚Ë^ŠY \ No newline at end of file diff --git a/testfiles/encrypted_image_esdh.bin b/testfiles/encrypted_image_esdh.bin index 44ceccb..ce06e8a 100644 --- a/testfiles/encrypted_image_esdh.bin +++ b/testfiles/encrypted_image_esdh.bin @@ -1 +1 @@ -/YãM•pû™¥8.fFj2!¨­…ÎP‹£ûC`索ªƒU¤±–ƒ-ñ \ No newline at end of file +uŒK{ºâÄÁÔbB> ÃOú{…»”Ô½m~Òj³/ë3…ÔÓFY'ì‚Ë^ŠY \ No newline at end of file diff --git a/testfiles/encryption_info_aes.cose b/testfiles/encryption_info_aes.cose index 5c8e382..189f398 100644 --- a/testfiles/encryption_info_aes.cose +++ b/testfiles/encryption_info_aes.cose @@ -1 +1 @@ -Ø`„C¡¡PñJ«ÕzÙCþ‡¯OpÍöƒA ¢"Ekid-1Xu`?ü•×”q<Œ¨¡§û2VZmYSMb \ No newline at end of file +Ø`„C¡¡LñJ«ÕzÙCþ‡öƒ@¢"Ekid-1Xu`?ü•×”q<Œ¨¡§û2VZmYSMb \ No newline at end of file diff --git a/testfiles/encryption_info_esdh.cose b/testfiles/encryption_info_esdh.cose index 5ba4ede..abb2411 100644 --- a/testfiles/encryption_info_esdh.cose +++ b/testfiles/encryption_info_esdh.cose @@ -1 +1 @@ -Ø`„C¡¡PñJ«ÕzÙCþ‡¯OpÍöƒD¡8¡ ¤ !X ÓË?èG õ¦XŸ¯ælÜ8vÜzÂBÑ­ÄÙvdÈ¿Të"X ùÄúS—•€õþZ6Sͨ)­B%f»Èò0ö¥Pú Ç£X܇Öq^¼#Ð/m,kGáH*ÿõ: \ No newline at end of file +Ø`„C¡¡LñJ«ÕzÙCþ‡öƒD¡8¡ ¤ !X sOAZ¥)¦lÎýˆóö*sD’ÿEö­7ý(ˆç>¯Ú"X @´ŠoБªj¿ãϾíè‹4~RC@_Û×ÒÏðëÂ&X kŽePóq+ðD²}Ù²'’ñÞ — \ No newline at end of file From 85f104b170fd8c514ac9d5f97ffc9d3f5390e3eb Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 13:37:54 +0000 Subject: [PATCH 10/16] fix: examples for encrypted payloads --- examples/suit_manifest_process_main.c | 10 ++--- testfiles/suit_manifest_expAF.cbor | Bin 274 -> 270 bytes testfiles/suit_manifest_expAF.md | 23 +++++----- testfiles/suit_manifest_expAW.cbor | Bin 248 -> 244 bytes testfiles/suit_manifest_expAW.md | 26 +++++------ testfiles/suit_manifest_expED.cbor | Bin 763 -> 759 bytes testfiles/suit_manifest_expED.md | 60 +++++++++++++------------- testfiles/suit_manifest_expEW.cbor | Bin 360 -> 356 bytes testfiles/suit_manifest_expEW.md | 38 ++++++++-------- 9 files changed, 78 insertions(+), 79 deletions(-) diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index 63287f9..75ca6f8 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -154,11 +154,11 @@ const uint8_t encrypted_firmware_uri[] = { 0x66, 0x69, 0x72, 0x6D, 0x77, 0x61, 0x72, 0x65 }; // "https://example.com/encrypted-firmware" const uint8_t encrypted_firmware_data[] = { - 0x2F, 0x59, 0xC3, 0xA3, 0x4D, 0x95, 0x70, 0xFB, 0x99, 0xA5, - 0x38, 0x2E, 0x66, 0x46, 0x6A, 0x32, 0x21, 0xA8, 0xAD, 0x85, - 0xCE, 0x50, 0x8B, 0xA3, 0x06, 0xFB, 0x43, 0x1A, 0x60, 0xEF, - 0xA5, 0xAA, 0xAA, 0x07, 0x83, 0x55, 0x07, 0x02, 0x05, 0xA4, - 0xB1, 0x96, 0x83, 0x2D, 0xF1, 0x7F + 0x75, 0x8C, 0x4B, 0x7B, 0xBA, 0xE2, 0xC4, 0xC1, 0xD4, 0x62, + 0x42, 0x3E, 0x0F, 0x0D, 0xC3, 0x16, 0x4F, 0xFA, 0x7B, 0x85, + 0xBB, 0x94, 0xD4, 0xBD, 0x6D, 0x7E, 0xD2, 0x6A, 0xB3, 0x2F, + 0xEB, 0x06, 0x33, 0x85, 0xD4, 0xD3, 0x46, 0x59, 0x27, 0xEC, + 0x82, 0xCB, 0x5E, 0x19, 0x8A, 0x59 }; struct name_data { diff --git a/testfiles/suit_manifest_expAF.cbor b/testfiles/suit_manifest_expAF.cbor index a2d8831d8309825755adf4fc7c8f6e5806e46b50..d4d9b688e96f5edaa5c009ca834b263bc91a2236 100644 GIT binary patch delta 132 zcmV-~0DJ$E0*(S)*lVH!SW|*nB!VwkAcz#aMhKe9YKA&{s5w8EM_8Fa@1zDnGhX;% zRauV)!&oZOghQbL1)%m=Ahv~a_V7th>hqA!M6_b^r@i++_223HjuKc}68QE(tpixH mkz6$ae36nl7e3fvghQbL0igv<@k*)Hg;XRuG delta 136 zcmV;30C)e60+Iq;*lVH!SW|*nB!VwkAXzopSq4wRos4c{wS+%_mUC#3T}o{QBRTP8 zdjy_NU05p7ghQbL1)%m=Afbyl9(}8PpEeg*>iEW<`=|1>*X4A5SF1Y`f{6*Frvq5F qkz6$afRU0p8$#G%ghQbL0igv@@k*V_53p}U* diff --git a/testfiles/suit_manifest_expAF.md b/testfiles/suit_manifest_expAF.md index 0f9e93a..3d43f33 100644 --- a/testfiles/suit_manifest_expAF.md +++ b/testfiles/suit_manifest_expAF.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'5935D959064FC19D8C6E63B5843F80967368905D4A6D052339F1647B049E4E5D' + / digest-bytes: / h'8814BC46089ACA6A863A7BA8393F9747589940EFA40641335EF86155598F06C3' ] >>, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'A18B371E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A7' + / tag: / h'B68572F6F0494FEAF390CE44B462F2A7BDF73EF5DFE9FB8E12585A12F8F641AD' ]) >> ] >>, / manifest / 3: << { @@ -52,7 +52,7 @@ / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' + / IV / 5: h'F14AAB9D81D51F7AD943FE87' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -79,14 +79,13 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F58205935D959064FC19D8C6E63B5843F809673 -68905D4A6D052339F1647B049E4E5D582AD18443A10105A0F65820A18B37 -1E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A703 -58B6A40101020103582BA102828152706C61696E746578742D6669726D77 -6172658152656E637279707465642D6669726D776172651458808C0C0114 +D86BA2025853825824822F58208814BC46089ACA6A863A7BA8393F974758 +9940EFA40641335EF86155598F06C3582AD18443A10105A0F65820B68572 +F6F0494FEAF390CE44B462F2A7BDF73EF5DFE9FB8E12585A12F8F641AD03 +58B2A40101020103582BA102828152706C61696E746578742D6669726D77 +6172658152656E637279707465642D6669726D7761726514587C8C0C0114 A20E182E15782668747470733A2F2F6578616D706C652E636F6D2F656E63 -7279707465642D6669726D77617265150F0C0014A2135842D8608443A101 -01A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340A2012204456B -69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D62 -1601160F +7279707465642D6669726D77617265150F0C0014A213583ED8608443A101 +01A1054CF14AAB9D81D51F7AD943FE87F6818340A2012204456B69642D31 +581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D621601160F ~~~~ diff --git a/testfiles/suit_manifest_expAW.cbor b/testfiles/suit_manifest_expAW.cbor index 4fe24303e038f3c7ade36b0b6e43f04f8d0c8a97..0ab32c963b577c226adcb22848c7e9b8e6de89c0 100644 GIT binary patch delta 182 zcmV;n07?J&0rUY}*lVH!SW|*nB!VwkAOm__GF;(6c%Z7^0CXto##uHR*+43DBoMu& zLi*`WELbYhghQbL1)%m=AdQk)kP*aDq{aJbaG$2iY!8HOX)D{a_9X0)_%EMg3IkY} zkz627cZ3w85?C&Ej7xjE;>5w!VnRL-4Z{{s`g?`Dl+?X#e$r~QFY5*~h1AnVStsm* k%U&6ZSrb@3*kFW1p#cG*1x)cutDS+>A9~qC{)dsyDhhE^ivR!s delta 186 zcmV;r07d`w0r&x2*lVH!SW|*nB!VwkAb~!5nF8i!U4_c|7c9PpQmsSpTH-b>plIGv z-+nD@7g#FMghQbL1)%m=AbcKQgmEnM*MXptU16(>5dEC&PVOdioi);f0^xCo^8;9% zkz62BdxR9C5?C%TS;M1Em2mr+r8q8TMrtx4sI7(0P>Z7m`$HOF@1?4$2ZL1y0tKY8 omV+(ve-l_j*kFW1p#cG*1yJ!ytDS+>A9~qC{)ewmaLtj*Dyvsi>, << / COSE_Mac0_Tagged / 17([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / tag: / h'7C1E5F84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F3' + / tag: / h'8D92599011C451A4C5FB69709FA6CA6C0F846D692BDBB3F624EC91F82F9F620A' ]) >> ] >>, / manifest / 3: << { @@ -37,13 +37,13 @@ / install / 20: << [ / fetch encrypted firmware / / directive-override-parameters / 20, { - / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', + / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59', / parameter-encryption-info / 19: << 96([ / protected: / << { / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' + / IV / 5: h'F14AAB9D81D51F7AD943FE87' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -72,13 +72,13 @@ {: numbered='no'} ~~~~ -D86BA2025853825824822F5820813E7A9902E6665D85CAF9172CBE8652AD -43EF5AE2362DA068DE51DF7E2D6C17582AD18443A10105A0F658207C1E5F -84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F303 -589CA4010102010357A102818152706C61696E746578742D6669726D7761 -726514587B8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD -85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135842 -D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340 -A2012204456B69642D31581875603FFC9518D794713C8CA8A115A7FB3256 -5A6D59534D62120F +D86BA2025853825824822F5820037A5C325CE14078A0AADF007428EAC659 +361AD9402A732410BDA542FAE94E2C582AD18443A10105A0F658208D9259 +9011C451A4C5FB69709FA6CA6C0F846D692BDBB3F624EC91F82F9F620A03 +5898A4010102010357A102818152706C61696E746578742D6669726D7761 +72651458778414A212582E758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B +85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A5913583E +D8608443A10101A1054CF14AAB9D81D51F7AD943FE87F6818340A2012204 +456B69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D5953 +4D62120F ~~~~ diff --git a/testfiles/suit_manifest_expED.cbor b/testfiles/suit_manifest_expED.cbor index 154b2c592961ee92eb47a480c711b57c9e97dd6c..eb9166ef83f576c0ad1272fe944872c7e575fdfe 100644 GIT binary patch delta 349 zcmV-j0iyo<1@{Gi*lVK#SaX6{B!VwkAfODk$W;}=??)R@wL<#M*o$$q$LcCW-V@U- zN|^<3=~znAghQbLCZP6MK$AR)>nl5&Qs@s_W-^N{l>eJ~Op}&`6F{SCtHKpaSsCj$ z;D|Aygh1I|tl)Pf+WFO4w0-}2A5F{LFfkwO(F0ilY^4E_e_DSJjtl@4q7qmxb&N}U zy5hva)M7$D4-LZ>Px^a>yOh+uZGO^fvoGrgGlkUCMp-B9g3DeRidhp_jM!j=L!kiy zp#@CwN~@iL)gOAMfrCV$0XQ6@Afy2TAORs*AaepwL0Y91DW+`B{fP7SDsx1V z|3&t#H~lDx=RQoY8QLOPAV3AQif_=7s%pRE&%W*Gi!^>x9Ya80+tDS`t(st1Er2Lc78v6h1^@qZIokl0{^L!kiy zp#@O!N~@iL)gOA>, / unprotected: / {}, / payload: / null, - / signature: / h'8E0C0014A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135890D8608443A10101' + / signature: / h'8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A5913588CD8608443A10101' ]) >> ] >>, / manifest / 3: << { @@ -48,13 +48,13 @@ / NOTE: set SUIT_Encryption_Info / / directive-set-component-index / 12, 0 / ['decrypted-firmware'] /, / directive-override-parameters / 20, { - / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', + / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59', / parameter-encryption-info / 19: << 96([ / protected: / << { / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' + / IV / 5: h'F14AAB9D81D51F7AD943FE87' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -66,12 +66,12 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB', - / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3' + / x / -2: h'73024F415AA51529A66CCEFD88F3F62A734492FF45F6AD37FD2888E73EAF19DA', + / y / -3: h'4005B48A6FD091AA6ABFE3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B26' }, / kid / 4: 'kid-2' }, - / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A' + / payload: / h'A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997' / CEK encrypted with KEK / ] ] @@ -152,30 +152,30 @@ {: numbered='no'} ~~~~ -D86BA3025873825824822F58206631885AD5F4C0273EB042E9D7E2E7D329 -799F18BF476A8BF79F3253C16AAF7F584AD28443A10126A0F658401D0F95 -59EB23412946007C9DDF28547CB608E296EF5E4C176E853E2B200171C311 -82A31A25886A17289667225EA1745D0B4BFE636088B1E7FBE52B5A594A84 -3603590170A501010201035837A201A101A101815818646570656E64656E +D86BA3025873825824822F5820A00CB6C85515C1EF471B50B542FACDD88B +71B3C7EA2A43DE13D32C4A99056FE9584AD28443A10126A0F65840933C89 +EB2B3B9A52E80F5A66328B2D94FF9B794C9396841340A36AABC2154B5919 +EB37E08831A18440D95EACE07724DAF9D559B47DFF7A1F4DCBDC30311FEC +D10359016CA501010201035837A201A101A101815818646570656E64656E 63792D6D616E69666573742E73756974028181526465637279707465642D 6669726D77617265058157646570656E64656E742D6D616E69666573742E -73756974145901138E0C0014A212582E2F59C3A34D9570FB99A5382E6646 -6A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832D -F17F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70 -CDF6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF -14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA539795 -80F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B69 -642D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A0C -0114A3035824822F58204B15C90FBD776A820E7E733DF040D90B356B5C75 -982ECAECE8673818179BDF160E18F7157423646570656E64656E63792D6D -616E6966657374150F070F0B0F7423646570656E64656E63792D6D616E69 -6665737458F7D86BA2025873825824822F58204B15C90FBD776A820E7E73 -3DF040D90B356B5C75982ECAECE8673818179BDF16584AD28443A10126A0 -F658402B1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3A -ABAAD56CBCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285 -DCC978382F62CC03587BA601010201035849A20281815264656372797074 -65642D6669726D7761726504582F840C0014A2035824822F582036921488 -FE6680712F734E11F58D87EEB66D4B21A8A1AD3441060814DA16D50F0E18 -1E05815818646570656E64656E63792D6D616E69666573742E7375697407 -4382030F1447860C00120F030F +737569741459010F8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0D +C3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E19 +8A5913588CD8608443A10101A1054CF14AAB9D81D51F7AD943FE87F68183 +44A101381CA220A40102200121582073024F415AA51529A66CCEFD88F3F6 +2A734492FF45F6AD37FD2888E73EAF19DA2258204005B48A6FD091AA6ABF +E3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B2604456B69642D3258 +18A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE09970C0114A303 +5824822F58204B15C90FBD776A820E7E733DF040D90B356B5C75982ECAEC +E8673818179BDF160E18F7157423646570656E64656E63792D6D616E6966 +657374150F070F0B0F7423646570656E64656E63792D6D616E6966657374 +58F7D86BA2025873825824822F58204B15C90FBD776A820E7E733DF040D9 +0B356B5C75982ECAECE8673818179BDF16584AD28443A10126A0F658402B +1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3AABAAD56C +BCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285DCC97838 +2F62CC03587BA601010201035849A2028181526465637279707465642D66 +69726D7761726504582F840C0014A2035824822F582036921488FE668071 +2F734E11F58D87EEB66D4B21A8A1AD3441060814DA16D50F0E181E058158 +18646570656E64656E63792D6D616E69666573742E73756974074382030F +1447860C00120F030F ~~~~ diff --git a/testfiles/suit_manifest_expEW.cbor b/testfiles/suit_manifest_expEW.cbor index 496d9655f8194c627eba428b9cd717f00f2c1554..861e6c312f5b9c8c94297e81e7d445c91772138e 100644 GIT binary patch delta 337 zcmV-X0j~b&0^|aJ*lVH!SaX6{B!VwkARV@z@kf4{LV;f?_l^mbdnUB4&^ZFVv(fGI z+8}lHlUPd9ghQbLCZP6MK+8_8roO>`>muueZ?eCUHm2`$JQ3Q-RrN!=+^RP_g_9w? zcb1tK1+Q;fV4N?WCK{}qyYhue;t3vh714{q7qmxb&N}U zy5hva)M7$D4-LZ>Px^a>yOh+uZGO^fvoGrgGlkUCMp-B9g3DeRidhp_jM!j=L!kiy zp#@CwN~@iL)gOAMfrCV$0XQ6@Afy2TAORs*AaepwL0Y91DW+`B{fP7SDsx1V z|3&t#H~lDx=RQfV8QLOPAV3AQif_=7s%pRE&%W*Gi!^>x9Ya80+tu;b~)TQufKzq-H~Zd0!T1 zHLEP}msm>DghQbLCZP6MKoOa}Fpi5+2Q9OK%~rzfZqmVH{xL&z8PBms0u>9-VXL#A zN<0-uMqx=Y2Lz^1kGhG)0{y%mL<^N?oW9PmC<9pRqyYhue;t3zh714{q7qmxFImH* zO_gx_nWZ=`W=3ist1Er2Lc78v6h1^@qZIokl0{^L!kiy zp#@O!N~@iL)gOA>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'1199BD308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61ABB39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB028' + / signature: / h'CB4EADA6BEC17EEB22EB836FB2BF9136A6EF733C11DAC955F543BBDCAA373B859321BC77969917E4C70F049527607F4C32752D53E01346E96BFF4880B437DF64' ]) >> ] >>, / manifest / 3: << { @@ -37,13 +37,13 @@ / install / 20: << [ / directive-set-component-index / 12, 0 / ['plaintext-firmware'] /, / directive-override-parameters / 20, { - / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F', + / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59', / parameter-encryption-info / 19: << 96([ / protected: / << { / alg / 1: 1 / A128GCM / } >>, / unprotected: / { - / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD' + / IV / 5: h'F14AAB9D81D51F7AD943FE87' }, / payload: / null / detached ciphertext /, / recipients: / [ @@ -55,12 +55,12 @@ / ephemeral key / -1: { / kty / 1: 2 / EC2 /, / crv / -1: 1 / P-256 /, - / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB', - / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3' + / x / -2: h'73024F415AA51529A66CCEFD88F3F62A734492FF45F6AD37FD2888E73EAF19DA', + / y / -3: h'4005B48A6FD091AA6ABFE3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B26' }, / kid / 4: 'kid-2' }, - / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A' + / payload: / h'A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997' / CEK encrypted with KEK / ] ] @@ -77,16 +77,16 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F582081DEF8B8DD38839D61434BE169636E52F6 -C9D4A466437F795F166735AB2CF097584AD28443A10126A0F658401199BD -308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61AB -B39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB0 -280358ECA4010102010357A1028181526465637279707465642D6669726D -776172651458CB860C0014A212582E2F59C3A34D9570FB99A5382E66466A -3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF1 -7F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CD -F6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF14 -E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA53979580 -F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B6964 -2D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A120F +D86BA2025873825824822F58201DB69EF1477E9942815F29F78E09957B26 +B4ADD03902BDB3D1EDF3DA2075F593584AD28443A10126A0F65840CB4EAD +A6BEC17EEB22EB836FB2BF9136A6EF733C11DAC955F543BBDCAA373B8593 +21BC77969917E4C70F049527607F4C32752D53E01346E96BFF4880B437DF +640358E8A4010102010357A1028181526465637279707465642D6669726D +776172651458C7860C0014A212582E758C4B7BBAE2C4C1D462423E0F0DC3 +164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A +5913588CD8608443A10101A1054CF14AAB9D81D51F7AD943FE87F6818344 +A101381CA220A40102200121582073024F415AA51529A66CCEFD88F3F62A +734492FF45F6AD37FD2888E73EAF19DA2258204005B48A6FD091AA6ABFE3 +CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B2604456B69642D325818 +A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997120F ~~~~ From 5f58f90a33837590e48c5b66e52f98cc3250c23e Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 14:35:19 +0000 Subject: [PATCH 11/16] del: S1 test due to delegation chain feature has been removed --- Makefile.parser | 2 +- Makefile.process | 2 +- testfiles/suit_manifest_expS1.cbor | Bin 352 -> 0 bytes testfiles/suit_manifest_expS1.md | 99 ----------------------------- 4 files changed, 2 insertions(+), 101 deletions(-) delete mode 100644 testfiles/suit_manifest_expS1.cbor delete mode 100644 testfiles/suit_manifest_expS1.md diff --git a/Makefile.parser b/Makefile.parser index e6b0d56..1cc811b 100644 --- a/Makefile.parser +++ b/Makefile.parser @@ -45,7 +45,7 @@ $(TARGET): $(OBJS) | ./bin ./obj/%.o: %.c | ./obj/src ./obj/examples $(CC) $(CFLAGS) $(INC) -o $@ -c $< -TEST_NUM := 0 1 2A 2B 3 4 5 U I D S0 S1 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW EW ED S0 S2 S3 S4 U0 U1 EXPS := $(foreach num,$(TEST_NUM),./testfiles/suit_manifest_exp$(num).cbor) define test-one $(TARGET) $1 2 || exit 1 diff --git a/Makefile.process b/Makefile.process index b3f338a..8158102 100644 --- a/Makefile.process +++ b/Makefile.process @@ -54,7 +54,7 @@ define test-one endef -TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW ED EW S0 S1 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW ED EW S0 S2 S3 S4 U0 U1 .PHONY: test test: all $(foreach num,$(TEST_NUM),$(call test-one,$(num))) diff --git a/testfiles/suit_manifest_expS1.cbor b/testfiles/suit_manifest_expS1.cbor deleted file mode 100644 index e12d4a7cabee55a40824aace55c76b114f5b600e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 352 zcmV-m0iXWZYoh^Jo`Hc_n$mbH*b*jP%^ghQbLCZP6MKy?ux;GGh3YzgqnhqEglnr)#c;c?b=CqsT=XJlA1cL&S? zh1g7$#L4V;=p~CYfr9wj8>azE(Bf@uTkI*{$3O#ELZ$%$0ssR?p#p({LNG7|flg#) yaAj^}Wo~pXb9HHS2~C6)p%+GDVRRrcFc%LLQiK$t5=&@hY;12JcW-iRWD*Z>C6l}W diff --git a/testfiles/suit_manifest_expS1.md b/testfiles/suit_manifest_expS1.md deleted file mode 100644 index 523591e..0000000 --- a/testfiles/suit_manifest_expS1.md +++ /dev/null @@ -1,99 +0,0 @@ - - -## Example 1: SUIT Delegation Example -{: numbered='no'} - -### CBOR Diagnostic Notation of SUIT Manifest -{: numbered='no'} - -~~~~ -/ SUIT_Envelope_Tagged / 107({ - / delegation / 1: << [ - [ - / NOTE: signed by trust anchor / - << 18([ - / protected: / << { - / alg / 1: -7 / ES256 / - } >>, - / unprotected / { - }, - / payload: / << { - / cnf / 8: { - / NOTE: public key of delegated authority / - / COSE_Key / 1: { - / kty / 1: 2 / EC2 /, - / crv / -1: 1 / P-256 /, - / x / -2: h'0E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B', - / y / -3: h'77DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A' - } - } - } >>, - / signature: / h'FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315' - ]) >> - ] - ] >>, - - / NOTE: signed by delegated authority / - / authentication-wrapper / 2: << [ - << [ - / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C6' - ] >>, - << / COSE_Sign1_Tagged / 18([ - / protected: / << { - / algorithm-id / 1: -7 / ES256 / - } >>, - / unprotected: / {}, - / payload: / null, - / signature: / h'7AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC1' - ]) >> - ] >>, - / manifest / 3: << { - / manifest-version / 1: 1, - / manifest-sequence-number / 2: 0, - / common / 3: << { - / components / 2: [ - ['00'] - ] - } >>, - / manifest-component-id / 5: [ - 'dependent.suit' - ], - / invoke / 9: << [ - / directive-override-parameters / 20, { - / parameter-invoke-args / 23: 'cat 00' - }, - / directive-invoke / 23, 15 - ] >>, - / install / 20: << [ - / directive-override-parameters / 20, { - / parameter-content / 18: 'hello world' - }, - / directive-write / 18, 15 - ] >> - } >> -}) -~~~~ - - -### CBOR Binary in Hex -{: numbered='no'} - -~~~~ -D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158 -200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03 -ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D -314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715C -C10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D -06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E6 -1920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD284 -43A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D6 -7527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1B -A7014AD0E26D6C5BEC29DFC740035842A6010102000347A1028181423030 -05814E646570656E64656E742E73756974094D8414A11746636174203030 -170F14528414A1124B68656C6C6F20776F726C64120F -~~~~ From e13862046c334f356501632632840559ab8fe42d Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 14:36:26 +0000 Subject: [PATCH 12/16] fix: include UsefulBuf.h from cose key header --- examples/inc/device_es256_cose_key_private.h | 2 ++ examples/inc/device_es256_cose_key_public.h | 2 ++ examples/inc/tam_es256_cose_key_private.h | 2 ++ examples/inc/tam_es256_cose_key_public.h | 2 ++ examples/inc/trust_anchor_a128_cose_key_secret.h | 2 ++ examples/inc/trust_anchor_hmac256_cose_key_secret.h | 2 ++ examples/inc/trust_anchor_prime256v1_cose_key_private.h | 2 ++ examples/inc/trust_anchor_prime256v1_cose_key_public.h | 2 ++ 8 files changed, 16 insertions(+) diff --git a/examples/inc/device_es256_cose_key_private.h b/examples/inc/device_es256_cose_key_private.h index d9fad1c..a3e542d 100644 --- a/examples/inc/device_es256_cose_key_private.h +++ b/examples/inc/device_es256_cose_key_private.h @@ -7,6 +7,8 @@ #ifndef DEVICE_ES256_COSE_KEY_PRIVATE_H #define DEVICE_ES256_COSE_KEY_PRIVATE_H +#include "qcbor/UsefulBuf.h" + const unsigned char device_es256_cose_key_private_buf[] = { 0xA5, //# map(5) 0x01, //# unsigned(1) / 1 = kty / diff --git a/examples/inc/device_es256_cose_key_public.h b/examples/inc/device_es256_cose_key_public.h index ccc4a41..b3b23ed 100644 --- a/examples/inc/device_es256_cose_key_public.h +++ b/examples/inc/device_es256_cose_key_public.h @@ -7,6 +7,8 @@ #ifndef DEVICE_ES256_COSE_KEY_PUBLIC_H #define DEVICE_ES256_COSE_KEY_PUBLIC_H +#include "qcbor/UsefulBuf.h" + const unsigned char device_es256_cose_key_public_buf[] = { 0xA4, //# map(4) 0x01, //# unsigned(1) / 1 = kty / diff --git a/examples/inc/tam_es256_cose_key_private.h b/examples/inc/tam_es256_cose_key_private.h index 3da01fd..c26e696 100644 --- a/examples/inc/tam_es256_cose_key_private.h +++ b/examples/inc/tam_es256_cose_key_private.h @@ -7,6 +7,8 @@ #ifndef TAM_ES256_COSE_KEY_PRIVATE_H #define TAM_ES256_COSE_KEY_PRIVATE_H +#include "qcbor/UsefulBuf.h" + const unsigned char tam_es256_cose_key_private_buf[] = { 0xA5, //# map(5) 0x01, //# unsigned(1) / 1 = kty / diff --git a/examples/inc/tam_es256_cose_key_public.h b/examples/inc/tam_es256_cose_key_public.h index db8a9aa..b4ad1c7 100644 --- a/examples/inc/tam_es256_cose_key_public.h +++ b/examples/inc/tam_es256_cose_key_public.h @@ -7,6 +7,8 @@ #ifndef TAM_ES256_COSE_KEY_PUBLIC_H #define TAM_ES256_COSE_KEY_PUBLIC_H +#include "qcbor/UsefulBuf.h" + const unsigned char tam_es256_cose_key_public_buf[] = { 0xA4, //# map(4) 0x01, //# unsigned(1) / 1 = kty / diff --git a/examples/inc/trust_anchor_a128_cose_key_secret.h b/examples/inc/trust_anchor_a128_cose_key_secret.h index 9cb3151..c6fe256 100644 --- a/examples/inc/trust_anchor_a128_cose_key_secret.h +++ b/examples/inc/trust_anchor_a128_cose_key_secret.h @@ -7,6 +7,8 @@ #ifndef TRUST_ANCHOR_A128_COSE_KEY_SECRET_H #define TRUST_ANCHOR_A128_COSE_KEY_SECRET_H +#include "qcbor/UsefulBuf.h" + const unsigned char trust_anchor_a128_cose_key_secret_buf[] = { 0xA2, //# map(2) 0x01, //# unsigned(1) / 1 = key / diff --git a/examples/inc/trust_anchor_hmac256_cose_key_secret.h b/examples/inc/trust_anchor_hmac256_cose_key_secret.h index 7b68144..800ef08 100644 --- a/examples/inc/trust_anchor_hmac256_cose_key_secret.h +++ b/examples/inc/trust_anchor_hmac256_cose_key_secret.h @@ -7,6 +7,8 @@ #ifndef TRUST_ANCHOR_HMAC256_COSE_KEY_SECRET_H #define TRUST_ANCHOR_HMAC256_COSE_KEY_SECRET_H +#include "qcbor/UsefulBuf.h" + const unsigned char trust_anchor_hmac256_cose_key_secret_buf[] = { 0xA2, //# map(2) 0x01, //# unsigned(1) / 1 = key / diff --git a/examples/inc/trust_anchor_prime256v1_cose_key_private.h b/examples/inc/trust_anchor_prime256v1_cose_key_private.h index 25d921b..35c3fd3 100644 --- a/examples/inc/trust_anchor_prime256v1_cose_key_private.h +++ b/examples/inc/trust_anchor_prime256v1_cose_key_private.h @@ -7,6 +7,8 @@ #ifndef TRUST_ANCHOR_PRIME256V1_COSE_KEY_PRIVATE_H #define TRUST_ANCHOR_PRIME256V1_COSE_KEY_PRIVATE_H +#include "qcbor/UsefulBuf.h" + const unsigned char trust_anchor_prime256v1_cose_key_private_buf[] = { 0xA5, //# map(5) 0x01, //# unsigned(1) / 1 = kty / diff --git a/examples/inc/trust_anchor_prime256v1_cose_key_public.h b/examples/inc/trust_anchor_prime256v1_cose_key_public.h index d5b057e..84c5586 100644 --- a/examples/inc/trust_anchor_prime256v1_cose_key_public.h +++ b/examples/inc/trust_anchor_prime256v1_cose_key_public.h @@ -7,6 +7,8 @@ #ifndef TRUST_ANCHOR_PRIME256V1_COSE_KEY_PUBLIC_H #define TRUST_ANCHOR_PRIME256V1_COSE_KEY_PUBLIC_H +#include "qcbor/UsefulBuf.h" + const unsigned char trust_anchor_prime256v1_cose_key_public_buf[] = { 0xA4, //# map(4) 0x01, //# unsigned(1) / 1 = kty / From b8d0c2b1bfaddd6ea44df5c5b6dcddd30dc4e2d1 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 14:37:39 +0000 Subject: [PATCH 13/16] update: trust also delegated authority --- .../delegated_authority_cose_key_private.h | 41 +++++++++++++++++++ .../inc/delegated_authority_cose_key_public.h | 35 ++++++++++++++++ examples/suit_manifest_parser_main.c | 18 ++++++-- examples/suit_manifest_process_main.c | 4 +- src/suit_manifest_print.c | 36 +++++++++++----- 5 files changed, 118 insertions(+), 16 deletions(-) create mode 100644 examples/inc/delegated_authority_cose_key_private.h create mode 100644 examples/inc/delegated_authority_cose_key_public.h diff --git a/examples/inc/delegated_authority_cose_key_private.h b/examples/inc/delegated_authority_cose_key_private.h new file mode 100644 index 0000000..034d523 --- /dev/null +++ b/examples/inc/delegated_authority_cose_key_private.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2020-2023 SECOM CO., LTD. All Rights reserved. + * + * SPDX-License-Identifier: BSD-2-Clause + * + */ + +#ifndef DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H +#define DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H +#include "qcbor/UsefulBuf.h" + +const unsigned char delegated_authority_es256_cose_key_private_buf[] = { + 0xA5, //# map(5) + 0x01, //# unsigned(1) / 1 = kty / + 0x02, //# unsigned(2) / 2 = EC2 / + 0x20, //# negative(0) / -1 = crv / + 0x01, //# unsigned(1) / 1 = P-256 / + 0x21, //# negative(1) / -2 = x / + 0x58, 0x20, //# bytes(32) + 0x0E, 0x90, 0x8A, 0xA8, 0xF0, 0x66, 0xDB, 0x1F, + 0x08, 0x4E, 0x0C, 0x36, 0x52, 0xC6, 0x39, 0x52, + 0xBD, 0x99, 0xF2, 0xA5, 0xBD, 0xB2, 0x2F, 0x9E, + 0x01, 0x36, 0x7A, 0xAD, 0x03, 0xAB, 0xA6, 0x8B, + 0x22, //# negative(2) / -3 = y / + 0x58, 0x20, //# bytes(32) + 0x77, 0xDA, 0x1B, 0xD8, 0xAC, 0x4F, 0x0C, 0xB4, + 0x90, 0xBA, 0x21, 0x06, 0x48, 0xBF, 0x79, 0xAB, + 0x16, 0x4D, 0x49, 0xAD, 0x35, 0x51, 0xD7, 0x1D, + 0x31, 0x4B, 0x27, 0x49, 0xEE, 0x42, 0xD2, 0x9A, + 0x23, //# negative(3) / -4 = d / + 0x58, 0x20, //# bytes(32) + 0x84, 0x1A, 0xEB, 0xB7, 0xB9, 0xEA, 0x6F, 0x02, + 0x60, 0xBE, 0x73, 0x55, 0xA2, 0x45, 0x88, 0xB9, + 0x77, 0xD2, 0x3D, 0x2A, 0xC5, 0xBF, 0x2B, 0x6B, + 0x2D, 0x83, 0x79, 0x43, 0x2A, 0x1F, 0xEA, 0x98, +}; +const UsefulBufC delegated_authority_es256_cose_key_private = { + .ptr = delegated_authority_es256_cose_key_private_buf, + .len = sizeof(delegated_authority_es256_cose_key_private_buf) +}; +#endif /* DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H */ diff --git a/examples/inc/delegated_authority_cose_key_public.h b/examples/inc/delegated_authority_cose_key_public.h new file mode 100644 index 0000000..fd79a9c --- /dev/null +++ b/examples/inc/delegated_authority_cose_key_public.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2020-2023 SECOM CO., LTD. All Rights reserved. + * + * SPDX-License-Identifier: BSD-2-Clause + * + */ + +#ifndef DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H +#define DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H +#include "qcbor/UsefulBuf.h" + +const unsigned char delegated_authority_es256_cose_key_public_buf[] = { + 0xA4, //# map(5) + 0x01, //# unsigned(1) / 1 = kty / + 0x02, //# unsigned(2) / 2 = EC2 / + 0x20, //# negative(0) / -1 = crv / + 0x01, //# unsigned(1) / 1 = P-256 / + 0x21, //# negative(1) / -2 = x / + 0x58, 0x20, //# bytes(32) + 0x0E, 0x90, 0x8A, 0xA8, 0xF0, 0x66, 0xDB, 0x1F, + 0x08, 0x4E, 0x0C, 0x36, 0x52, 0xC6, 0x39, 0x52, + 0xBD, 0x99, 0xF2, 0xA5, 0xBD, 0xB2, 0x2F, 0x9E, + 0x01, 0x36, 0x7A, 0xAD, 0x03, 0xAB, 0xA6, 0x8B, + 0x22, //# negative(2) / -3 = y / + 0x58, 0x20, //# bytes(32) + 0x77, 0xDA, 0x1B, 0xD8, 0xAC, 0x4F, 0x0C, 0xB4, + 0x90, 0xBA, 0x21, 0x06, 0x48, 0xBF, 0x79, 0xAB, + 0x16, 0x4D, 0x49, 0xAD, 0x35, 0x51, 0xD7, 0x1D, + 0x31, 0x4B, 0x27, 0x49, 0xEE, 0x42, 0xD2, 0x9A, +}; +const UsefulBufC delegated_authority_es256_cose_key_public = { + .ptr = delegated_authority_es256_cose_key_public_buf, + .len = sizeof(delegated_authority_es256_cose_key_public_buf) +}; +#endif /* DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H */ diff --git a/examples/suit_manifest_parser_main.c b/examples/suit_manifest_parser_main.c index 5e316b7..79871c1 100644 --- a/examples/suit_manifest_parser_main.c +++ b/examples/suit_manifest_parser_main.c @@ -12,6 +12,7 @@ #include "csuit/suit_cose.h" #include "suit_examples_common.h" #include "trust_anchor_prime256v1_cose_key_private.h" +#include "delegated_authority_cose_key_private.h" #include "trust_anchor_hmac256_cose_key_secret.h" #define MAX_FILE_BUFFER_SIZE (8 * 1024 * 1024) @@ -45,15 +46,24 @@ int main(int argc, mechanisms[0].cose_tag = CBOR_TAG_COSE_SIGN1; mechanisms[0].use = false; - mechanisms[1].key.cose_algorithm_id = T_COSE_ALGORITHM_HMAC256; - result = suit_set_suit_key_from_cose_key(trust_anchor_hmac256_cose_key_secret, &mechanisms[1].key); + mechanisms[1].key.cose_algorithm_id = T_COSE_ALGORITHM_ES256; + result = suit_set_suit_key_from_cose_key(delegated_authority_es256_cose_key_private, &mechanisms[1].key); if (result != SUIT_SUCCESS) { - printf("main : Failed to create secret key. %s(%d)\n", suit_err_to_str(result), result); + printf("main : Failed to create public key. %s(%d)\n", suit_err_to_str(result), result); return EXIT_FAILURE; } - mechanisms[1].cose_tag = CBOR_TAG_COSE_MAC0; + mechanisms[1].cose_tag = CBOR_TAG_COSE_SIGN1; mechanisms[1].use = false; + mechanisms[2].key.cose_algorithm_id = T_COSE_ALGORITHM_HMAC256; + result = suit_set_suit_key_from_cose_key(trust_anchor_hmac256_cose_key_secret, &mechanisms[2].key); + if (result != SUIT_SUCCESS) { + printf("main : Failed to create secret key. %s(%d)\n", suit_err_to_str(result), result); + return EXIT_FAILURE; + } + mechanisms[2].cose_tag = CBOR_TAG_COSE_MAC0; + mechanisms[2].use = false; + // Read manifest file. printf("main : Read Manifest file.\n"); uint8_t *manifest_buf = malloc(SUIT_MAX_DATA_SIZE); diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index 75ca6f8..65e6ec3 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -22,6 +22,7 @@ #include "csuit/suit_digest.h" #include "suit_examples_common.h" #include "trust_anchor_prime256v1_cose_key_public.h" +#include "delegated_authority_cose_key_public.h" #include "trust_anchor_hmac256_cose_key_secret.h" #include "trust_anchor_a128_cose_key_secret.h" #include "device_es256_cose_key_private.h" @@ -508,9 +509,10 @@ int main(int argc, char *argv[]) suit_err_t result = 0; int num_key = 0; - #define NUM_PUBLIC_KEYS_FOR_ECDH 1 + #define NUM_PUBLIC_KEYS_FOR_ECDH 2 UsefulBufC public_keys_for_ecdh[NUM_PUBLIC_KEYS_FOR_ECDH] = { trust_anchor_prime256v1_cose_key_public, + delegated_authority_es256_cose_key_public, }; #define NUM_SECRET_KEYS_FOR_MAC 1 UsefulBufC secret_keys_for_mac[NUM_SECRET_KEYS_FOR_MAC] = { diff --git a/src/suit_manifest_print.c b/src/suit_manifest_print.c index 6896f9b..f044624 100644 --- a/src/suit_manifest_print.c +++ b/src/suit_manifest_print.c @@ -794,11 +794,19 @@ suit_err_t suit_print_encryption_info(const suit_buf_t *encryption_info, printf("[\n"); size_t cose_struct_len = item.val.uCount; - printf("%*s/ protected: / << ", indent_space + indent_delta, ""); - QCBORDecode_EnterBstrWrapped(&context, QCBOR_TAG_REQUIREMENT_NOT_A_TAG, NULL); - suit_print_cose_header(&context, indent_space + indent_delta, indent_delta); - QCBORDecode_ExitBstrWrapped(&context); - printf(" >>,\n"); + QCBORDecode_PeekNext(&context, &item); + printf("%*s/ protected: / ", indent_space + indent_delta, ""); + if (item.val.string.len > 0) { + printf("<< "); + QCBORDecode_EnterBstrWrapped(&context, QCBOR_TAG_REQUIREMENT_NOT_A_TAG, NULL); + suit_print_cose_header(&context, indent_space + indent_delta, indent_delta); + QCBORDecode_ExitBstrWrapped(&context); + printf(" >>,\n"); + } + else { + QCBORDecode_GetNext(&context, &item); + printf("h'',\n"); + } printf("%*s/ unprotected: / ", indent_space + indent_delta, ""); suit_print_cose_header(&context, indent_space + indent_delta, indent_delta); @@ -836,12 +844,18 @@ suit_err_t suit_print_encryption_info(const suit_buf_t *encryption_info, return SUIT_ERR_FATAL; } printf("%*s[\n", indent_space + 2 * indent_delta, ""); - printf("%*s/ protected: / << ", indent_space + 3 * indent_delta, ""); - QCBORDecode_EnterBstrWrapped(&context, QCBOR_TAG_REQUIREMENT_NOT_A_TAG, NULL); - suit_print_cose_header(&context, indent_space + 3 * indent_delta, indent_delta); - QCBORDecode_ExitBstrWrapped(&context); - printf(" >>,\n"); - + printf("%*s/ protected: / ", indent_space + 3 * indent_delta, ""); + if (item.val.string.len > 0) { + printf("<< "); + QCBORDecode_EnterBstrWrapped(&context, QCBOR_TAG_REQUIREMENT_NOT_A_TAG, NULL); + suit_print_cose_header(&context, indent_space + 3 * indent_delta, indent_delta); + QCBORDecode_ExitBstrWrapped(&context); + printf(" >>,\n"); + } + else { + QCBORDecode_GetNext(&context, &item); + printf("h'',\n"); + } printf("%*s/ unprotected: / ", indent_space + 3 * indent_delta, ""); suit_print_cose_header(&context, indent_space + 3 * indent_delta, indent_delta); printf(",\n"); From baf0546604995cac88454df35e911db92abc234b Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 17:57:34 +0000 Subject: [PATCH 14/16] update: misc --- Makefile.process | 2 +- examples/inc/delegated_authority_cose_key_public.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.process b/Makefile.process index 8158102..672ab97 100644 --- a/Makefile.process +++ b/Makefile.process @@ -54,7 +54,7 @@ define test-one endef -TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW ED EW S0 S2 S3 S4 U0 U1 +TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW EW ED S0 S2 S3 S4 U0 U1 .PHONY: test test: all $(foreach num,$(TEST_NUM),$(call test-one,$(num))) diff --git a/examples/inc/delegated_authority_cose_key_public.h b/examples/inc/delegated_authority_cose_key_public.h index fd79a9c..71d06f5 100644 --- a/examples/inc/delegated_authority_cose_key_public.h +++ b/examples/inc/delegated_authority_cose_key_public.h @@ -10,7 +10,7 @@ #include "qcbor/UsefulBuf.h" const unsigned char delegated_authority_es256_cose_key_public_buf[] = { - 0xA4, //# map(5) + 0xA4, //# map(4) 0x01, //# unsigned(1) / 1 = kty / 0x02, //# unsigned(2) / 2 = EC2 / 0x20, //# negative(0) / -1 = crv / From aac7699272ed231233263f7f3f95599adfcf3d95 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Sun, 15 Sep 2024 17:58:11 +0000 Subject: [PATCH 15/16] update: examples for encrypted payloads --- testfiles/suit_manifest_expED.cbor | Bin 759 -> 759 bytes testfiles/suit_manifest_expED.md | 12 +++---- testfiles/suit_manifest_expS2.cbor | Bin 374 -> 373 bytes testfiles/suit_manifest_expS2.md | 32 +++++++++--------- testfiles/suit_manifest_expS3.cbor | Bin 683 -> 519 bytes testfiles/suit_manifest_expS3.md | 49 +++++++++++++--------------- testfiles/suit_manifest_expS4.cbor | Bin 728 -> 564 bytes testfiles/suit_manifest_expS4.md | 50 +++++++++++++---------------- 8 files changed, 66 insertions(+), 77 deletions(-) diff --git a/testfiles/suit_manifest_expED.cbor b/testfiles/suit_manifest_expED.cbor index eb9166ef83f576c0ad1272fe944872c7e575fdfe..2f4129f38c66f957dac55a010ba1a2f964071104 100644 GIT binary patch delta 75 zcmV-R0JQ)21@{GzIY2@iF#dMhgoYN^FToLBrVv$l%az}pYwFoC5L}&AT=>m6$o*)n h8+%Pd8?9s7#egZlnB$@yK diff --git a/testfiles/suit_manifest_expED.md b/testfiles/suit_manifest_expED.md index d385b6e..8e1d5e7 100644 --- a/testfiles/suit_manifest_expED.md +++ b/testfiles/suit_manifest_expED.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'79707465642D6669726D77617265058157646570656E64656E742D6D616E6966' + / digest-bytes: / h'A00CB6C85515C1EF471B50B542FACDD88B71B3C7EA2A43DE13D32C4A99056FE9' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A5913588CD8608443A10101' + / signature: / h'421B30FE76DA848616D72FC1115EA6105578CB95DF9C6BEAD931105C9D555CF8CD38C8FD68ACE43445D8D2CAE6391A995A212487D92F8DAD789F65511AC61778' ]) >> ] >>, / manifest / 3: << { @@ -153,10 +153,10 @@ ~~~~ D86BA3025873825824822F5820A00CB6C85515C1EF471B50B542FACDD88B -71B3C7EA2A43DE13D32C4A99056FE9584AD28443A10126A0F65840933C89 -EB2B3B9A52E80F5A66328B2D94FF9B794C9396841340A36AABC2154B5919 -EB37E08831A18440D95EACE07724DAF9D559B47DFF7A1F4DCBDC30311FEC -D10359016CA501010201035837A201A101A101815818646570656E64656E +71B3C7EA2A43DE13D32C4A99056FE9584AD28443A10126A0F65840421B30 +FE76DA848616D72FC1115EA6105578CB95DF9C6BEAD931105C9D555CF8CD +38C8FD68ACE43445D8D2CAE6391A995A212487D92F8DAD789F65511AC617 +780359016CA501010201035837A201A101A101815818646570656E64656E 63792D6D616E69666573742E73756974028181526465637279707465642D 6669726D77617265058157646570656E64656E742D6D616E69666573742E 737569741459010F8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0D diff --git a/testfiles/suit_manifest_expS2.cbor b/testfiles/suit_manifest_expS2.cbor index 0f5dda478a88bf2adbcf93c06e8d119590e463d3..bdc81fdd2aac37b8df29de1a9963a0c06ddf9fc6 100644 GIT binary patch delta 187 zcmV;s07U=x0`&ra*lVH!SaX6{B!VwkAfo@Zo}U^i(hK%gydCKY%YNOLDr^bW55y^h zcZP6rURX-fghQbLCZP6MK&1xpWPUoH4^*IkFf>E+K0Nv;QVZefJVt!ju}M_qV8#Te zVm}mZgF9~uBvc7lRaZPnv4wC3Z>L8fcQHPI&I4HarvU+xe@HM_hztP~qXSqZf-hJg pF7Cvv?1z5gJ&RJ?7Q{IWljYb?+45TI;Bk9~8{ovE4j8_X_xb*lVH!SaX6{B!VwkAl&mr&h|WEQWLgm=K8dVfzeb3p60zw(Sab7 zRA#CrrvU+xe@HP{hztP~qXSqZf-hJg q%okYpDbmf+hM3i&d9^af06GIPBX=pr1nzIs^V?Hj4jBPpk@tQJ>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'F86311478A7DCD474700B052CAF14A757CE00709404113B390218E93AE319D564127C4DC3D58CC143FFFB8657E294AA7936B93F51D4A78209479FA66E3186789' + / signature: / h'A506F1647E3A9E0F54A07F303443F33E3CFA28520BE1E93C467CD8B14954E460C604A7623F146D833B6F0A2454095855573C48B18570066FA7472077313E80CE' ]) >> ] >>, / manifest / 3: << { @@ -56,9 +56,9 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' + / digest-bytes: / h'2EEEC4ACEC877EE13D8B52DB16C4390C93E5D84FD9F25AEAE0717B861BE0C4A2' ] >>, - / parameter-image-size / 14: 352, + / parameter-image-size / 14: 190, / parameter-uri / 21: "http://example.com/dependent.suit" }, / directive-fetch / 21, 2, @@ -90,17 +90,17 @@ {: numbered='no'} ~~~~ -D86BA2025873825824822F5820DCF344CEF63C615213B669E6FAB48881D1 -54069EE6BD4CD18120935466AA3978584AD28443A10126A0F65840F86311 -478A7DCD474700B052CAF14A757CE00709404113B390218E93AE319D5641 -27C4DC3D58CC143FFFB8657E294AA7936B93F51D4A78209479FA66E31867 -890358FAA70101020003581CA201A101A101814E646570656E64656E742E +D86BA2025873825824822F5820A2FFB59E9F1A29D20BF655BC1DE909CB7E +DD972A6C09D50FC42983778670715E584AD28443A10126A0F65840A506F1 +647E3A9E0F54A07F303443F33E3CFA28520BE1E93C467CD8B14954E460C6 +04A7623F146D833B6F0A2454095855573C48B18570066FA7472077313E80 +CE0358F9A70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E73756974095286 -0C0014A11749636174203030203130170F0F5858880C0114A3035824822F -5820CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3 -F3DB535F0E190160157821687474703A2F2F6578616D706C652E636F6D2F -646570656E64656E742E737569741502030F1458538E0C0114A103582482 -2F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121F -EAB78EF3D8070F0B000C0014A112581A20696E206D756C7469706C652074 -7275737420646F6D61696E73120F +0C0014A11749636174203030203130170F0F5857880C0114A3035824822F +58202EEEC4ACEC877EE13D8B52DB16C4390C93E5D84FD9F25AEAE0717B86 +1BE0C4A20E18BE157821687474703A2F2F6578616D706C652E636F6D2F64 +6570656E64656E742E737569741502030F1458538E0C0114A1035824822F +58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEA +B78EF3D8070F0B000C0014A112581A20696E206D756C7469706C65207472 +75737420646F6D61696E73120F ~~~~ diff --git a/testfiles/suit_manifest_expS3.cbor b/testfiles/suit_manifest_expS3.cbor index bb68986775eb417ae9e115e39a4e303adb6fa6e7..868692ee99a3b75281ece4332596e9919a7e9243 100644 GIT binary patch delta 270 zcmV+p0rCE;1&0KG*lVK#SaX6{B!VwkAY+ls!(^4Y$a=%~{J|DE+2&z*LpK-g{mwp&nL7!7@SPwZ!cKcMN3 zyi#wxm{)h|wBrBh6QoZdTmf3^Kd3_UJ~y=|76VwjrvU+xe@HMyhztP~qXSqZf-hJg zF7Cvv?1z5gJ&RJ?7Q{IWljYb?+45TI;Bk9~8{ovE4j8_X_)rO0zSwJ`0$6i`lk)*G zK+teLp_Abwfu?Wz-tzF2ml4n4UeYos7}q@+^1Im^<;5=+1hia0UY4+AFFi@J*T&j?q>%I`x3a}Whe|RnvyifVfqw1qJ>%Tk z_S`jFL`RQCvQ~rG68mQ?W~|Mcj-fiz30y40(gRq$rvU+xe@HP!hztP~qXSqZf-hJg z%okYpDbmf+hM3i&d9^af06GIPBX=pr1nzIs^V?Hj4jBPpk@rx4Spi_!Yoh^Jo`Hc_ zn$mazE(Bf@uTkI*{$3T<90Y!`9!N33j diff --git a/testfiles/suit_manifest_expS3.md b/testfiles/suit_manifest_expS3.md index 168a191..3df3a1d 100644 --- a/testfiles/suit_manifest_expS3.md +++ b/testfiles/suit_manifest_expS3.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'EBBC2FACA331A8C4971B969955C67DF5C784E8C7A0A9799E00327C7F9CBCF62E' + / digest-bytes: / h'6391CBC36495B9C87AC3EC841DB124DABD8D3C9FE2DEEFE16569AFC349E7DDB2' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'8A12402B15EDC2C542380CA490F426B7B2C545874A322DB390B27D817EEDF03DE3DCDAF6DC355B44478F46B25683D812FB672C66ACCD9A8EA13AD2095C2CC3D2' + / signature: / h'517250281E6567FF9DF519CF9D76A440D86DFEB65B505D180D7D794FEC67823FA0E98EBC526FBC985777EAB4E2FFE813A44F205C015AEB3FA842F33E37B52716' ]) >> ] >>, / manifest / 3: << { @@ -56,9 +56,9 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' + / digest-bytes: / h'2EEEC4ACEC877EE13D8B52DB16C4390C93E5D84FD9F25AEAE0717B861BE0C4A2' ] >>, - / parameter-image-size / 14: 352, + / parameter-image-size / 14: 190, / parameter-uri / 21: "#dependent.suit" }, / directive-fetch / 21, 2, @@ -75,7 +75,7 @@ / directive-write / 18, 15 ] >> } >>, - "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' + "#dependent.suit": h'D86BA2025873825824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F65840D0703EA193E12381A66FFADEF2F0949711CFE05ED2322818D73D19F2BBD91BE5C52F1604B45C405E96B0642F3D49B2D7C6E3B2C0B40030BDDFBD27AF930B1F8B035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' }) ~~~~ @@ -84,27 +84,22 @@ {: numbered='no'} ~~~~ -D86BA3025873825824822F5820EBBC2FACA331A8C4971B969955C67DF5C7 -84E8C7A0A9799E00327C7F9CBCF62E584AD28443A10126A0F658408A1240 -2B15EDC2C542380CA490F426B7B2C545874A322DB390B27D817EEDF03DE3 -DCDAF6DC355B44478F46B25683D812FB672C66ACCD9A8EA13AD2095C2CC3 -D20358BCA70101020003581CA201A101A101814E646570656E64656E742E +D86BA3025873825824822F58206391CBC36495B9C87AC3EC841DB124DABD +8D3C9FE2DEEFE16569AFC349E7DDB2584AD28443A10126A0F65840517250 +281E6567FF9DF519CF9D76A440D86DFEB65B505D180D7D794FEC67823FA0 +E98EBC526FBC985777EAB4E2FFE813A44F205C015AEB3FA842F33E37B527 +160358BBA70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E73756974095286 -0C0014A11749636174203030203130170F0F5845880C0114A3035824822F -5820CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3 -F3DB535F0E190160156F23646570656E64656E742E737569741502030F14 -58288A0C010B000C0014A112581A20696E206D756C7469706C6520747275 -737420646F6D61696E73120F6F23646570656E64656E742E737569745901 -60D86BA301589E8181589AD28443A10126A0584FA108A101A40102200121 -58200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD -03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D7 -1D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F79871 -5CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B8 -2D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3 -E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD2 -8443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171 -D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA -1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A10281814230 -3005814E646570656E64656E742E73756974094D8414A117466361742030 -30170F14528414A1124B68656C6C6F20776F726C64120F +0C0014A11749636174203030203130170F0F5844880C0114A3035824822F +58202EEEC4ACEC877EE13D8B52DB16C4390C93E5D84FD9F25AEAE0717B86 +1BE0C4A20E18BE156F23646570656E64656E742E737569741502030F1458 +288A0C010B000C0014A112581A20696E206D756C7469706C652074727573 +7420646F6D61696E73120F6F23646570656E64656E742E7375697458BED8 +6BA2025873825824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8 +FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F65840D0703EA1 +93E12381A66FFADEF2F0949711CFE05ED2322818D73D19F2BBD91BE5C52F +1604B45C405E96B0642F3D49B2D7C6E3B2C0B40030BDDFBD27AF930B1F8B +035842A6010102000347A102818142303005814E646570656E64656E742E +73756974094D8414A11746636174203030170F14528414A1124B68656C6C +6F20776F726C64120F ~~~~ diff --git a/testfiles/suit_manifest_expS4.cbor b/testfiles/suit_manifest_expS4.cbor index 26ad3cff2ca6cc9aae3162c43222f9f3331edaf7..62ba7677eac4e1da7755bcde96be402c8f70f788 100644 GIT binary patch delta 271 zcmV+q0r39V1+)Zz*lVK#SaX6{B!VwkAc47Huq{xDwSj%}70oKOU0N*ib4F?66#=Ch zv|WXg+gM7{ghQbLCZP6MK#-S&QTlprp2WiWIac!4CJaoRCg$5Qgx0V?TmfZppA>Y| zt3;mf4^z~f^YnA9km^8KyYd^1nB@Q9Dd#BAYy(*6rvU+xe^W4KhztP~qytzaf-hJg zF7Cvv?1z5gJ&RJ?7Q{IWljYb?+45TI;Bk9~8{ovE4j8_Z0|9agSiab6q5@cRf|DQu zGCYm08S=Z?8|B3>76i0hKwg%xWG_8Qve(Ar VvcR+eFumWsC$EzWAB&Td0!0cEg6#kR delta 436 zcmV;l0Zab01lR?C*lVK#SaX6{B!VwkAQ(0Llle#?q==iRbo`Lh(ByAMXMCOw6J_q~ z;1Oj>4_HdlghQbLCZP6MKwaJKE<*hhko9Fri0%beb%6A`wo0vxI$C}>aHz(&(Ndem zn5nUb_o!RH!E2)(eUl$cHlW0$A-apFP(-6$ZUb29rvU+xe^W7MhztP~qytzaf-hJg z%okYpDbmf+hM3i&d9^af06GIPBX=pr1nzIs^V?Hj4jBPplL7&9e^~)w*lVK!Se}7_ zSenv=L!kjCpjc0#2%!O_0RkWaAy^;|kcz1AX4@YKP7F3u#yL{GnewH*vM-(iHhQfC ztEP)0SRi-W8`!K*478BCAqGgld8-ypNv$0}X1T~$Jn1eI zzqrv8_n2{9!3$adED*67CBaqaBwA$QF$X(`tWe6w7Eq!S6}T-1$|9J}8kJF+u1rf) z6#`gvgOhy$GC_3_AK;x5a%>6k%7?Qn9-3{TC*g6{btgl9VP|AmGIs~e0fpF1mBh*H ecjzUHGl7Em+8d_nMY+LLp-^W0c?*T;yLcv4; diff --git a/testfiles/suit_manifest_expS4.md b/testfiles/suit_manifest_expS4.md index 4d2f8b6..d294e31 100644 --- a/testfiles/suit_manifest_expS4.md +++ b/testfiles/suit_manifest_expS4.md @@ -15,7 +15,7 @@ / authentication-wrapper / 2: << [ << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'1835FC93F94821A4889BA774FC90D3D0E46F46677C9E0D1365EEECE01165490F' + / digest-bytes: / h'81B960B02D5089B5817DF315CD2AB55D5A2CF2734669E21501A51AB45D8592DB' ] >>, << / COSE_Sign1_Tagged / 18([ / protected: / << { @@ -23,7 +23,7 @@ } >>, / unprotected: / {}, / payload: / null, - / signature: / h'5DDDED2E42FD1290F5654988EE05567580F4BAB64AAD8C3A5A7E3870A8C6B7D1529BC598A9B186F7A85BBFC16BA31D7D931F4B36A0C4A421BA8BA75044A35D6E' + / signature: / h'90978451FA7A6E9EC4C2F93956F2D6260C4C9C26E6DB3184D6B0405C0165709F1474D4AB449EEF0F53D49CF3F473AC90EA4058BBF21B8C98E4FFE029E728D06C' ]) >> ] >>, / manifest / 3: << { @@ -64,9 +64,9 @@ / directive-override-parameters / 20, { / parameter-image-digest / 3: << [ / digest-algorithm-id: / -16 / SHA256 /, - / digest-bytes: / h'CC1758F629D2CDD18698D5A279B532C7003A0331237729C604EE6FD3F3DB535F' + / digest-bytes: / h'2EEEC4ACEC877EE13D8B52DB16C4390C93E5D84FD9F25AEAE0717B861BE0C4A2' ] >>, - / parameter-image-size / 14: 352, + / parameter-image-size / 14: 190, / parameter-uri / 21: "#dependent.suit", / parameter-fetch-args / 30: 'Content-Type: application/cbor' }, @@ -84,7 +84,7 @@ / directive-write / 18, 15 ] >> } >>, - "#dependent.suit": h'D86BA301589E8181589AD28443A10126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB490BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC740035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' + "#dependent.suit": h'D86BA2025873825824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F65840D0703EA193E12381A66FFADEF2F0949711CFE05ED2322818D73D19F2BBD91BE5C52F1604B45C405E96B0642F3D49B2D7C6E3B2C0B40030BDDFBD27AF930B1F8B035842A6010102000347A102818142303005814E646570656E64656E742E73756974094D8414A11746636174203030170F14528414A1124B68656C6C6F20776F726C64120F' }) ~~~~ @@ -93,29 +93,23 @@ {: numbered='no'} ~~~~ -D86BA3025873825824822F58201835FC93F94821A4889BA774FC90D3D0E4 -6F46677C9E0D1365EEECE01165490F584AD28443A10126A0F658405DDDED -2E42FD1290F5654988EE05567580F4BAB64AAD8C3A5A7E3870A8C6B7D152 -9BC598A9B186F7A85BBFC16BA31D7D931F4B36A0C4A421BA8BA75044A35D -6E0358E9A70101020003581CA201A101A101814E646570656E64656E742E +D86BA3025873825824822F582081B960B02D5089B5817DF315CD2AB55D5A +2CF2734669E21501A51AB45D8592DB584AD28443A10126A0F65840909784 +51FA7A6E9EC4C2F93956F2D6260C4C9C26E6DB3184D6B0405C0165709F14 +74D4AB449EEF0F53D49CF3F473AC90EA4058BBF21B8C98E4FFE029E728D0 +6C0358E8A70101020003581CA201A101A101814E646570656E64656E742E 7375697402818142313005814E646570656E64696E672E7375697409581C 840CF50F82458408000B00508414A11749636174203030203130170F0F58 -67880C0114A4035824822F5820CC1758F629D2CDD18698D5A279B532C700 -3A0331237729C604EE6FD3F3DB535F0E190160156F23646570656E64656E -742E73756974181E581E436F6E74656E742D547970653A206170706C6963 -6174696F6E2F63626F721502030F1458288A0C010B000C0014A112581A20 -696E206D756C7469706C6520747275737420646F6D61696E73120F6F2364 -6570656E64656E742E73756974590160D86BA301589E8181589AD28443A1 -0126A0584FA108A101A4010220012158200E908AA8F066DB1F084E0C3652 -C63952BD99F2A5BDB22F9E01367AAD03ABA68B22582077DA1BD8AC4F0CB4 -90BA210648BF79AB164D49AD3551D71D314B2749EE42D29A5840FB2D5ACF -66B9C8573CE92E13BFB8D113F798715CC10B5A0010B11925C155E7245A64 -E131073B87AC50CAC71650A21315B82D06CA2298CD1A95519AAE4C4B5315 -025874835824822F58200F02CAF6D3E61920D36BF3CEA7F862A13BB8FB1F -09C3F4C29B121FEAB78EF3D8584AD28443A10126A0F6584075111FE09D12 -726C09F0CA87B32B1E9A6DA127E171D67527437E61676458327707CC0185 -D84C95C4C9EC77E8258B338182F8DA1BA7014AD0E26D6C5BEC29DFC74003 -5842A6010102000347A102818142303005814E646570656E64656E742E73 -756974094D8414A11746636174203030170F14528414A1124B68656C6C6F -20776F726C64120F +66880C0114A4035824822F58202EEEC4ACEC877EE13D8B52DB16C4390C93 +E5D84FD9F25AEAE0717B861BE0C4A20E18BE156F23646570656E64656E74 +2E73756974181E581E436F6E74656E742D547970653A206170706C696361 +74696F6E2F63626F721502030F1458288A0C010B000C0014A112581A2069 +6E206D756C7469706C6520747275737420646F6D61696E73120F6F236465 +70656E64656E742E7375697458BED86BA2025873825824822F58200F02CA +F6D3E61920D36BF3CEA7F862A13BB8FB1F09C3F4C29B121FEAB78EF3D858 +4AD28443A10126A0F65840D0703EA193E12381A66FFADEF2F0949711CFE0 +5ED2322818D73D19F2BBD91BE5C52F1604B45C405E96B0642F3D49B2D7C6 +E3B2C0B40030BDDFBD27AF930B1F8B035842A6010102000347A102818142 +303005814E646570656E64656E742E73756974094D8414A1174663617420 +3030170F14528414A1124B68656C6C6F20776F726C64120F ~~~~ From 7bdab6797db4e5475e220c6d51e044d6201ba110 Mon Sep 17 00:00:00 2001 From: Ken Takayama Date: Mon, 16 Sep 2024 01:26:51 +0000 Subject: [PATCH 16/16] update: fetching binary from removed S1 to S0 --- examples/suit_manifest_process_main.c | 58 +++++++++------------------ 1 file changed, 20 insertions(+), 38 deletions(-) diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c index 65e6ec3..f24d7ca 100644 --- a/examples/suit_manifest_process_main.c +++ b/examples/suit_manifest_process_main.c @@ -111,43 +111,26 @@ const uint8_t dependency_uri[] = { 0x75, 0x69, 0x74 }; // "http://example.com/dependent.suit const uint8_t dependency_data[] = { - 0xD8, 0x6B, 0xA3, 0x01, 0x58, 0x9E, 0x81, 0x81, 0x58, 0x9A, - 0xD2, 0x84, 0x43, 0xA1, 0x01, 0x26, 0xA0, 0x58, 0x4F, 0xA1, - 0x08, 0xA1, 0x01, 0xA4, 0x01, 0x02, 0x20, 0x01, 0x21, 0x58, - 0x20, 0x0E, 0x90, 0x8A, 0xA8, 0xF0, 0x66, 0xDB, 0x1F, 0x08, - 0x4E, 0x0C, 0x36, 0x52, 0xC6, 0x39, 0x52, 0xBD, 0x99, 0xF2, - 0xA5, 0xBD, 0xB2, 0x2F, 0x9E, 0x01, 0x36, 0x7A, 0xAD, 0x03, - 0xAB, 0xA6, 0x8B, 0x22, 0x58, 0x20, 0x77, 0xDA, 0x1B, 0xD8, - 0xAC, 0x4F, 0x0C, 0xB4, 0x90, 0xBA, 0x21, 0x06, 0x48, 0xBF, - 0x79, 0xAB, 0x16, 0x4D, 0x49, 0xAD, 0x35, 0x51, 0xD7, 0x1D, - 0x31, 0x4B, 0x27, 0x49, 0xEE, 0x42, 0xD2, 0x9A, 0x58, 0x40, - 0xFB, 0x2D, 0x5A, 0xCF, 0x66, 0xB9, 0xC8, 0x57, 0x3C, 0xE9, - 0x2E, 0x13, 0xBF, 0xB8, 0xD1, 0x13, 0xF7, 0x98, 0x71, 0x5C, - 0xC1, 0x0B, 0x5A, 0x00, 0x10, 0xB1, 0x19, 0x25, 0xC1, 0x55, - 0xE7, 0x24, 0x5A, 0x64, 0xE1, 0x31, 0x07, 0x3B, 0x87, 0xAC, - 0x50, 0xCA, 0xC7, 0x16, 0x50, 0xA2, 0x13, 0x15, 0xB8, 0x2D, - 0x06, 0xCA, 0x22, 0x98, 0xCD, 0x1A, 0x95, 0x51, 0x9A, 0xAE, - 0x4C, 0x4B, 0x53, 0x15, 0x02, 0x58, 0x74, 0x83, 0x58, 0x24, - 0x82, 0x2F, 0x58, 0x20, 0x0F, 0x02, 0xCA, 0xF6, 0xD3, 0xE6, - 0x19, 0x20, 0xD3, 0x6B, 0xF3, 0xCE, 0xA7, 0xF8, 0x62, 0xA1, - 0x3B, 0xB8, 0xFB, 0x1F, 0x09, 0xC3, 0xF4, 0xC2, 0x9B, 0x12, - 0x1F, 0xEA, 0xB7, 0x8E, 0xF3, 0xD8, 0x58, 0x4A, 0xD2, 0x84, - 0x43, 0xA1, 0x01, 0x26, 0xA0, 0xF6, 0x58, 0x40, 0x75, 0x11, - 0x1F, 0xE0, 0x9D, 0x12, 0x72, 0x6C, 0x09, 0xF0, 0xCA, 0x87, - 0xB3, 0x2B, 0x1E, 0x9A, 0x6D, 0xA1, 0x27, 0xE1, 0x71, 0xD6, - 0x75, 0x27, 0x43, 0x7E, 0x61, 0x67, 0x64, 0x58, 0x32, 0x77, - 0x07, 0xCC, 0x01, 0x85, 0xD8, 0x4C, 0x95, 0xC4, 0xC9, 0xEC, - 0x77, 0xE8, 0x25, 0x8B, 0x33, 0x81, 0x82, 0xF8, 0xDA, 0x1B, - 0xA7, 0x01, 0x4A, 0xD0, 0xE2, 0x6D, 0x6C, 0x5B, 0xEC, 0x29, - 0xDF, 0xC7, 0x40, 0x03, 0x58, 0x42, 0xA6, 0x01, 0x01, 0x02, - 0x00, 0x03, 0x47, 0xA1, 0x02, 0x81, 0x81, 0x42, 0x30, 0x30, - 0x05, 0x81, 0x4E, 0x64, 0x65, 0x70, 0x65, 0x6E, 0x64, 0x65, - 0x6E, 0x74, 0x2E, 0x73, 0x75, 0x69, 0x74, 0x09, 0x4D, 0x84, - 0x14, 0xA1, 0x17, 0x46, 0x63, 0x61, 0x74, 0x20, 0x30, 0x30, - 0x17, 0x0F, 0x14, 0x52, 0x84, 0x14, 0xA1, 0x12, 0x4B, 0x68, - 0x65, 0x6C, 0x6C, 0x6F, 0x20, 0x77, 0x6F, 0x72, 0x6C, 0x64, - 0x12, 0x0F -}; // suit_manifest_expS1.suit + 0xD8, 0x6B, 0xA2, 0x02, 0x58, 0x73, 0x82, 0x58, 0x24, 0x82, + 0x2F, 0x58, 0x20, 0x0F, 0x02, 0xCA, 0xF6, 0xD3, 0xE6, 0x19, + 0x20, 0xD3, 0x6B, 0xF3, 0xCE, 0xA7, 0xF8, 0x62, 0xA1, 0x3B, + 0xB8, 0xFB, 0x1F, 0x09, 0xC3, 0xF4, 0xC2, 0x9B, 0x12, 0x1F, + 0xEA, 0xB7, 0x8E, 0xF3, 0xD8, 0x58, 0x4A, 0xD2, 0x84, 0x43, + 0xA1, 0x01, 0x26, 0xA0, 0xF6, 0x58, 0x40, 0xD0, 0x70, 0x3E, + 0xA1, 0x93, 0xE1, 0x23, 0x81, 0xA6, 0x6F, 0xFA, 0xDE, 0xF2, + 0xF0, 0x94, 0x97, 0x11, 0xCF, 0xE0, 0x5E, 0xD2, 0x32, 0x28, + 0x18, 0xD7, 0x3D, 0x19, 0xF2, 0xBB, 0xD9, 0x1B, 0xE5, 0xC5, + 0x2F, 0x16, 0x04, 0xB4, 0x5C, 0x40, 0x5E, 0x96, 0xB0, 0x64, + 0x2F, 0x3D, 0x49, 0xB2, 0xD7, 0xC6, 0xE3, 0xB2, 0xC0, 0xB4, + 0x00, 0x30, 0xBD, 0xDF, 0xBD, 0x27, 0xAF, 0x93, 0x0B, 0x1F, + 0x8B, 0x03, 0x58, 0x42, 0xA6, 0x01, 0x01, 0x02, 0x00, 0x03, + 0x47, 0xA1, 0x02, 0x81, 0x81, 0x42, 0x30, 0x30, 0x05, 0x81, + 0x4E, 0x64, 0x65, 0x70, 0x65, 0x6E, 0x64, 0x65, 0x6E, 0x74, + 0x2E, 0x73, 0x75, 0x69, 0x74, 0x09, 0x4D, 0x84, 0x14, 0xA1, + 0x17, 0x46, 0x63, 0x61, 0x74, 0x20, 0x30, 0x30, 0x17, 0x0F, + 0x14, 0x52, 0x84, 0x14, 0xA1, 0x12, 0x4B, 0x68, 0x65, 0x6C, + 0x6C, 0x6F, 0x20, 0x77, 0x6F, 0x72, 0x6C, 0x64, 0x12, 0x0F +}; // suit_manifest_expS0.suit const uint8_t encrypted_firmware_uri[] = { 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, @@ -616,4 +599,3 @@ int main(int argc, char *argv[]) return EXIT_SUCCESS; } -