merge

Makefile.parser

@@ -45,7 +45,7 @@ $(TARGET): $(OBJS) | ./bin
 ./obj/%.o: %.c | ./obj/src ./obj/examples
 	$(CC) $(CFLAGS) $(INC) -o $@ -c $<
 
-TEST_NUM := 0 1 2A 2B 3 4 5 U I D R S0 S1 S2 S3 S4 U0 U1
+TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW EW ED S0 S2 S3 S4 U0 U1
 EXPS := $(foreach num,$(TEST_NUM),./testfiles/suit_manifest_exp$(num).cbor)
 define test-one
 	$(TARGET) $1 2 || exit 1

Makefile.process

@@ -61,7 +61,7 @@ define test-one
 
 endef
 
-TEST_NUM := 0 1 2A 2B 3 4 5 U I D R S0 S1 S2 S3 S4 U0 U1
+TEST_NUM := 0 1 2A 2B 3 4 5 U I D AF AW EW ED S0 S2 S3 S4 U0 U1
 .PHONY: test
 test: all
 	$(foreach num,$(TEST_NUM),$(call test-one,$(num)))

examples/inc/delegated_authority_cose_key_private.h

@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2020-2023 SECOM CO., LTD. All Rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ */
+
+#ifndef DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H
+#define DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H
+#include "qcbor/UsefulBuf.h"
+
+const unsigned char delegated_authority_es256_cose_key_private_buf[] = {
+    0xA5,                                 //# map(5)
+       0x01,                              //# unsigned(1) / 1 = kty /
+       0x02,                              //# unsigned(2) / 2 = EC2 /
+       0x20,                              //# negative(0) / -1 = crv /
+       0x01,                              //# unsigned(1) / 1 = P-256 /
+       0x21,                              //# negative(1) / -2 = x /
+       0x58, 0x20,                        //# bytes(32)
+          0x0E, 0x90, 0x8A, 0xA8, 0xF0, 0x66, 0xDB, 0x1F,
+          0x08, 0x4E, 0x0C, 0x36, 0x52, 0xC6, 0x39, 0x52,
+          0xBD, 0x99, 0xF2, 0xA5, 0xBD, 0xB2, 0x2F, 0x9E,
+          0x01, 0x36, 0x7A, 0xAD, 0x03, 0xAB, 0xA6, 0x8B,
+       0x22,                              //# negative(2) / -3 = y /
+       0x58, 0x20,                        //# bytes(32)
+          0x77, 0xDA, 0x1B, 0xD8, 0xAC, 0x4F, 0x0C, 0xB4,
+          0x90, 0xBA, 0x21, 0x06, 0x48, 0xBF, 0x79, 0xAB,
+          0x16, 0x4D, 0x49, 0xAD, 0x35, 0x51, 0xD7, 0x1D,
+          0x31, 0x4B, 0x27, 0x49, 0xEE, 0x42, 0xD2, 0x9A,
+       0x23,                              //# negative(3) / -4 = d /
+       0x58, 0x20,                        //# bytes(32)
+          0x84, 0x1A, 0xEB, 0xB7, 0xB9, 0xEA, 0x6F, 0x02,
+          0x60, 0xBE, 0x73, 0x55, 0xA2, 0x45, 0x88, 0xB9,
+          0x77, 0xD2, 0x3D, 0x2A, 0xC5, 0xBF, 0x2B, 0x6B,
+          0x2D, 0x83, 0x79, 0x43, 0x2A, 0x1F, 0xEA, 0x98,
+};
+const UsefulBufC delegated_authority_es256_cose_key_private = {
+    .ptr = delegated_authority_es256_cose_key_private_buf,
+    .len = sizeof(delegated_authority_es256_cose_key_private_buf)
+};
+#endif /* DELEGATED_AUTHORITY_ES256_COSE_KEY_PRIVATE_H */

examples/inc/delegated_authority_cose_key_public.h

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2020-2023 SECOM CO., LTD. All Rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ */
+
+#ifndef DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H
+#define DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H
+#include "qcbor/UsefulBuf.h"
+
+const unsigned char delegated_authority_es256_cose_key_public_buf[] = {
+    0xA4,                                 //# map(4)
+       0x01,                              //# unsigned(1) / 1 = kty /
+       0x02,                              //# unsigned(2) / 2 = EC2 /
+       0x20,                              //# negative(0) / -1 = crv /
+       0x01,                              //# unsigned(1) / 1 = P-256 /
+       0x21,                              //# negative(1) / -2 = x /
+       0x58, 0x20,                        //# bytes(32)
+          0x0E, 0x90, 0x8A, 0xA8, 0xF0, 0x66, 0xDB, 0x1F,
+          0x08, 0x4E, 0x0C, 0x36, 0x52, 0xC6, 0x39, 0x52,
+          0xBD, 0x99, 0xF2, 0xA5, 0xBD, 0xB2, 0x2F, 0x9E,
+          0x01, 0x36, 0x7A, 0xAD, 0x03, 0xAB, 0xA6, 0x8B,
+       0x22,                              //# negative(2) / -3 = y /
+       0x58, 0x20,                        //# bytes(32)
+          0x77, 0xDA, 0x1B, 0xD8, 0xAC, 0x4F, 0x0C, 0xB4,
+          0x90, 0xBA, 0x21, 0x06, 0x48, 0xBF, 0x79, 0xAB,
+          0x16, 0x4D, 0x49, 0xAD, 0x35, 0x51, 0xD7, 0x1D,
+          0x31, 0x4B, 0x27, 0x49, 0xEE, 0x42, 0xD2, 0x9A,
+};
+const UsefulBufC delegated_authority_es256_cose_key_public = {
+    .ptr = delegated_authority_es256_cose_key_public_buf,
+    .len = sizeof(delegated_authority_es256_cose_key_public_buf)
+};
+#endif /* DELEGATED_AUTHORITY_ES256_COSE_KEY_PUBLIC_H */

examples/inc/device_es256_cose_key_private.h

@@ -7,6 +7,8 @@
 
 #ifndef DEVICE_ES256_COSE_KEY_PRIVATE_H
 #define DEVICE_ES256_COSE_KEY_PRIVATE_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char device_es256_cose_key_private_buf[] = {
     0xA5,                                 //# map(5)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/inc/device_es256_cose_key_public.h

@@ -7,6 +7,8 @@
 
 #ifndef DEVICE_ES256_COSE_KEY_PUBLIC_H
 #define DEVICE_ES256_COSE_KEY_PUBLIC_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char device_es256_cose_key_public_buf[] = {
     0xA4,                                 //# map(4)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/inc/tam_es256_cose_key_private.h

@@ -7,6 +7,8 @@
 
 #ifndef TAM_ES256_COSE_KEY_PRIVATE_H
 #define TAM_ES256_COSE_KEY_PRIVATE_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char tam_es256_cose_key_private_buf[] = {
     0xA5,                                 //# map(5)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/inc/tam_es256_cose_key_public.h

@@ -7,6 +7,8 @@
 
 #ifndef TAM_ES256_COSE_KEY_PUBLIC_H
 #define TAM_ES256_COSE_KEY_PUBLIC_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char tam_es256_cose_key_public_buf[] = {
     0xA4,                                 //# map(4)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/inc/trust_anchor_a128_cose_key_secret.h

@@ -7,6 +7,8 @@
 
 #ifndef TRUST_ANCHOR_A128_COSE_KEY_SECRET_H
 #define TRUST_ANCHOR_A128_COSE_KEY_SECRET_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char trust_anchor_a128_cose_key_secret_buf[] = {
     0xA2,                                   //# map(2)
        0x01,                                //# unsigned(1) / 1 = key /

examples/inc/trust_anchor_hmac256_cose_key_secret.h

@@ -7,6 +7,8 @@
 
 #ifndef TRUST_ANCHOR_HMAC256_COSE_KEY_SECRET_H
 #define TRUST_ANCHOR_HMAC256_COSE_KEY_SECRET_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char trust_anchor_hmac256_cose_key_secret_buf[] = {
     0xA2,                                   //# map(2)
        0x01,                                //# unsigned(1) / 1 = key /

examples/inc/trust_anchor_prime256v1_cose_key_private.h

@@ -7,6 +7,8 @@
 
 #ifndef TRUST_ANCHOR_PRIME256V1_COSE_KEY_PRIVATE_H
 #define TRUST_ANCHOR_PRIME256V1_COSE_KEY_PRIVATE_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char trust_anchor_prime256v1_cose_key_private_buf[] = {
     0xA5,                                 //# map(5)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/inc/trust_anchor_prime256v1_cose_key_public.h

@@ -7,6 +7,8 @@
 
 #ifndef TRUST_ANCHOR_PRIME256V1_COSE_KEY_PUBLIC_H
 #define TRUST_ANCHOR_PRIME256V1_COSE_KEY_PUBLIC_H
+#include "qcbor/UsefulBuf.h"
+
 const unsigned char trust_anchor_prime256v1_cose_key_public_buf[] = {
     0xA4,                                 //# map(4)
        0x01,                              //# unsigned(1) / 1 = kty /

examples/suit_manifest_parser_main.c

@@ -12,6 +12,7 @@
 #include "csuit/suit_cose.h"
 #include "suit_examples_common.h"
 #include "trust_anchor_prime256v1_cose_key_private.h"
+#include "delegated_authority_cose_key_private.h"
 #include "trust_anchor_hmac256_cose_key_secret.h"
 
 #define MAX_FILE_BUFFER_SIZE            (8 * 1024 * 1024)
@@ -45,15 +46,24 @@ int main(int argc,
     mechanisms[0].cose_tag = CBOR_TAG_COSE_SIGN1;
     mechanisms[0].use = false;
 
-    mechanisms[1].key.cose_algorithm_id = T_COSE_ALGORITHM_HMAC256;
-    result = suit_set_suit_key_from_cose_key(trust_anchor_hmac256_cose_key_secret, &mechanisms[1].key);
+    mechanisms[1].key.cose_algorithm_id = T_COSE_ALGORITHM_ES256;
+    result = suit_set_suit_key_from_cose_key(delegated_authority_es256_cose_key_private, &mechanisms[1].key);
     if (result != SUIT_SUCCESS) {
-        printf("main : Failed to create secret key. %s(%d)\n", suit_err_to_str(result), result);
+        printf("main : Failed to create public key. %s(%d)\n", suit_err_to_str(result), result);
         return EXIT_FAILURE;
     }
-    mechanisms[1].cose_tag = CBOR_TAG_COSE_MAC0;
+    mechanisms[1].cose_tag = CBOR_TAG_COSE_SIGN1;
     mechanisms[1].use = false;
 
+    mechanisms[2].key.cose_algorithm_id = T_COSE_ALGORITHM_HMAC256;
+    result = suit_set_suit_key_from_cose_key(trust_anchor_hmac256_cose_key_secret, &mechanisms[2].key);
+    if (result != SUIT_SUCCESS) {
+        printf("main : Failed to create secret key. %s(%d)\n", suit_err_to_str(result), result);
+        return EXIT_FAILURE;
+    }
+    mechanisms[2].cose_tag = CBOR_TAG_COSE_MAC0;
+    mechanisms[2].use = false;
+
     // Read manifest file.
     printf("main : Read Manifest file.\n");
     uint8_t *manifest_buf = malloc(SUIT_MAX_DATA_SIZE);

examples/suit_manifest_process_main.c

@@ -22,6 +22,7 @@
 #include "csuit/suit_digest.h"
 #include "suit_examples_common.h"
 #include "trust_anchor_prime256v1_cose_key_public.h"
+#include "delegated_authority_cose_key_public.h"
 #include "trust_anchor_hmac256_cose_key_secret.h"
 #include "trust_anchor_a128_cose_key_secret.h"
 #include "device_es256_cose_key_private.h"
@@ -385,9 +386,10 @@ int main(int argc, char *argv[])
     suit_err_t result = 0;
 
     int num_key = 0;
-    #define NUM_PUBLIC_KEYS_FOR_ECDH        1
+    #define NUM_PUBLIC_KEYS_FOR_ECDH        2
     UsefulBufC public_keys_for_ecdh[NUM_PUBLIC_KEYS_FOR_ECDH] = {
         trust_anchor_prime256v1_cose_key_public,
+        delegated_authority_es256_cose_key_public,
     };
     #define NUM_SECRET_KEYS_FOR_MAC         1
     UsefulBufC secret_keys_for_mac[NUM_SECRET_KEYS_FOR_MAC] = {