fix: examples for encrypted payloads

kentakayama · Sep 15, 2024 · 85f104b · 85f104b
1 parent 1e068ad
commit 85f104b
Show file tree

Hide file tree

Showing 9 changed files with 78 additions and 79 deletions.
diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c
@@ -154,11 +154,11 @@ const uint8_t encrypted_firmware_uri[] = {
     0x66, 0x69, 0x72, 0x6D, 0x77, 0x61, 0x72, 0x65
 }; // "https://example.com/encrypted-firmware"
 const uint8_t encrypted_firmware_data[] = {
-    0x2F, 0x59, 0xC3, 0xA3, 0x4D, 0x95, 0x70, 0xFB, 0x99, 0xA5,
-    0x38, 0x2E, 0x66, 0x46, 0x6A, 0x32, 0x21, 0xA8, 0xAD, 0x85,
-    0xCE, 0x50, 0x8B, 0xA3, 0x06, 0xFB, 0x43, 0x1A, 0x60, 0xEF,
-    0xA5, 0xAA, 0xAA, 0x07, 0x83, 0x55, 0x07, 0x02, 0x05, 0xA4,
-    0xB1, 0x96, 0x83, 0x2D, 0xF1, 0x7F
+    0x75, 0x8C, 0x4B, 0x7B, 0xBA, 0xE2, 0xC4, 0xC1, 0xD4, 0x62,
+    0x42, 0x3E, 0x0F, 0x0D, 0xC3, 0x16, 0x4F, 0xFA, 0x7B, 0x85,
+    0xBB, 0x94, 0xD4, 0xBD, 0x6D, 0x7E, 0xD2, 0x6A, 0xB3, 0x2F, 
+    0xEB, 0x06, 0x33, 0x85, 0xD4, 0xD3, 0x46, 0x59, 0x27, 0xEC,
+    0x82, 0xCB, 0x5E, 0x19, 0x8A, 0x59
 };
 
 struct name_data {

diff --git a/testfiles/suit_manifest_expAF.cbor b/testfiles/suit_manifest_expAF.cbor
diff --git a/testfiles/suit_manifest_expAF.md b/testfiles/suit_manifest_expAF.md
@@ -15,15 +15,15 @@
   / authentication-wrapper / 2: << [
     << [
       / digest-algorithm-id: / -16 / SHA256 /,
-      / digest-bytes: / h'5935D959064FC19D8C6E63B5843F80967368905D4A6D052339F1647B049E4E5D'
+      / digest-bytes: / h'8814BC46089ACA6A863A7BA8393F9747589940EFA40641335EF86155598F06C3'
     ] >>,
     << / COSE_Mac0_Tagged / 17([
       / protected: / << {
         / algorithm-id / 1: 5 / HMAC256 /
       } >>,
       / unprotected: / {},
       / payload: / null,
-      / tag: / h'A18B371E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A7'
+      / tag: / h'B68572F6F0494FEAF390CE44B462F2A7BDF73EF5DFE9FB8E12585A12F8F641AD'
     ]) >>
   ] >>,
   / manifest / 3: << {
@@ -52,7 +52,7 @@
             / alg / 1: 1 / A128GCM /
           } >>,
           / unprotected: / {
-            / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD'
+            / IV / 5: h'F14AAB9D81D51F7AD943FE87'
           },
           / payload: / null / detached ciphertext /,
           / recipients: / [
@@ -79,14 +79,13 @@
 {: numbered='no'}
 
 ~~~~
-D86BA2025853825824822F58205935D959064FC19D8C6E63B5843F809673
-68905D4A6D052339F1647B049E4E5D582AD18443A10105A0F65820A18B37
-1E7DAB7C9F361758EAF8C69EFBA7F2B4D7E5747D57AB3B12828909A4A703
-58B6A40101020103582BA102828152706C61696E746578742D6669726D77
-6172658152656E637279707465642D6669726D776172651458808C0C0114
+D86BA2025853825824822F58208814BC46089ACA6A863A7BA8393F974758
+9940EFA40641335EF86155598F06C3582AD18443A10105A0F65820B68572
+F6F0494FEAF390CE44B462F2A7BDF73EF5DFE9FB8E12585A12F8F641AD03
+58B2A40101020103582BA102828152706C61696E746578742D6669726D77
+6172658152656E637279707465642D6669726D7761726514587C8C0C0114
 A20E182E15782668747470733A2F2F6578616D706C652E636F6D2F656E63
-7279707465642D6669726D77617265150F0C0014A2135842D8608443A101
-01A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340A2012204456B
-69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D62
-1601160F
+7279707465642D6669726D77617265150F0C0014A213583ED8608443A101
+01A1054CF14AAB9D81D51F7AD943FE87F6818340A2012204456B69642D31
+581875603FFC9518D794713C8CA8A115A7FB32565A6D59534D621601160F
 ~~~~
diff --git a/testfiles/suit_manifest_expAW.cbor b/testfiles/suit_manifest_expAW.cbor
diff --git a/testfiles/suit_manifest_expAW.md b/testfiles/suit_manifest_expAW.md
@@ -15,15 +15,15 @@
   / authentication-wrapper / 2: << [
     << [
       / digest-algorithm-id: / -16 / SHA256 /,
-      / digest-bytes: / h'813E7A9902E6665D85CAF9172CBE8652AD43EF5AE2362DA068DE51DF7E2D6C17'
+      / digest-bytes: / h'037A5C325CE14078A0AADF007428EAC659361AD9402A732410BDA542FAE94E2C'
     ] >>,
     << / COSE_Mac0_Tagged / 17([
       / protected: / << {
         / algorithm-id / 1: 5 / HMAC256 /
       } >>,
       / unprotected: / {},
       / payload: / null,
-      / tag: / h'7C1E5F84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F3'
+      / tag: / h'8D92599011C451A4C5FB69709FA6CA6C0F846D692BDBB3F624EC91F82F9F620A'
     ]) >>
   ] >>,
   / manifest / 3: << {
@@ -37,13 +37,13 @@
     / install / 20: << [
       / fetch encrypted firmware /
       / directive-override-parameters / 20, {
-        / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F',
+        / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59',
         / parameter-encryption-info / 19: << 96([
           / protected: / << {
             / alg / 1: 1 / A128GCM /
           } >>,
           / unprotected: / {
-            / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD'
+            / IV / 5: h'F14AAB9D81D51F7AD943FE87'
           },
           / payload: / null / detached ciphertext /,
           / recipients: / [
@@ -72,13 +72,13 @@
 {: numbered='no'}
 
 ~~~~
-D86BA2025853825824822F5820813E7A9902E6665D85CAF9172CBE8652AD
-43EF5AE2362DA068DE51DF7E2D6C17582AD18443A10105A0F658207C1E5F
-84712CF3D781A0925D61AB8B10FD9CEC4EEE26739D35D28302E17187F303
-589CA4010102010357A102818152706C61696E746578742D6669726D7761
-726514587B8414A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD
-85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135842
-D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CDF6818340
-A2012204456B69642D31581875603FFC9518D794713C8CA8A115A7FB3256
-5A6D59534D62120F
+D86BA2025853825824822F5820037A5C325CE14078A0AADF007428EAC659
+361AD9402A732410BDA542FAE94E2C582AD18443A10105A0F658208D9259
+9011C451A4C5FB69709FA6CA6C0F846D692BDBB3F624EC91F82F9F620A03
+5898A4010102010357A102818152706C61696E746578742D6669726D7761
+72651458778414A212582E758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B
+85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A5913583E
+D8608443A10101A1054CF14AAB9D81D51F7AD943FE87F6818340A2012204
+456B69642D31581875603FFC9518D794713C8CA8A115A7FB32565A6D5953
+4D62120F
 ~~~~
diff --git a/testfiles/suit_manifest_expED.cbor b/testfiles/suit_manifest_expED.cbor
diff --git a/testfiles/suit_manifest_expED.md b/testfiles/suit_manifest_expED.md
@@ -23,7 +23,7 @@
       } >>,
       / unprotected: / {},
       / payload: / null,
-      / signature: / h'8E0C0014A212582E2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F135890D8608443A10101'
+      / signature: / h'8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A5913588CD8608443A10101'
     ]) >>
   ] >>,
   / manifest / 3: << {
@@ -48,13 +48,13 @@
       / NOTE: set SUIT_Encryption_Info /
       / directive-set-component-index / 12, 0 / ['decrypted-firmware'] /,
       / directive-override-parameters / 20, {
-        / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F',
+        / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59',
         / parameter-encryption-info / 19: << 96([
           / protected: / << {
             / alg / 1: 1 / A128GCM /
           } >>,
           / unprotected: / {
-            / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD'
+            / IV / 5: h'F14AAB9D81D51F7AD943FE87'
           },
           / payload: / null / detached ciphertext /,
           / recipients: / [
@@ -66,12 +66,12 @@
                 / ephemeral key / -1: {
                   / kty / 1: 2 / EC2 /,
                   / crv / -1: 1 / P-256 /,
-                  / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB',
-                  / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3'
+                  / x / -2: h'73024F415AA51529A66CCEFD88F3F62A734492FF45F6AD37FD2888E73EAF19DA',
+                  / y / -3: h'4005B48A6FD091AA6ABFE3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B26'
                 },
                 / kid / 4: 'kid-2'
               },
-              / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A'
+              / payload: / h'A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997'
                 / CEK encrypted with KEK /
             ]
           ]
@@ -152,30 +152,30 @@
 {: numbered='no'}
 
 ~~~~
-D86BA3025873825824822F58206631885AD5F4C0273EB042E9D7E2E7D329
-799F18BF476A8BF79F3253C16AAF7F584AD28443A10126A0F658401D0F95
-59EB23412946007C9DDF28547CB608E296EF5E4C176E853E2B200171C311
-82A31A25886A17289667225EA1745D0B4BFE636088B1E7FBE52B5A594A84
-3603590170A501010201035837A201A101A101815818646570656E64656E
+D86BA3025873825824822F5820A00CB6C85515C1EF471B50B542FACDD88B
+71B3C7EA2A43DE13D32C4A99056FE9584AD28443A10126A0F65840933C89
+EB2B3B9A52E80F5A66328B2D94FF9B794C9396841340A36AABC2154B5919
+EB37E08831A18440D95EACE07724DAF9D559B47DFF7A1F4DCBDC30311FEC
+D10359016CA501010201035837A201A101A101815818646570656E64656E
 63792D6D616E69666573742E73756974028181526465637279707465642D
 6669726D77617265058157646570656E64656E742D6D616E69666573742E
-73756974145901138E0C0014A212582E2F59C3A34D9570FB99A5382E6646
-6A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832D
-F17F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70
-CDF6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF
-14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA539795
-80F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B69
-642D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A0C
-0114A3035824822F58204B15C90FBD776A820E7E733DF040D90B356B5C75
-982ECAECE8673818179BDF160E18F7157423646570656E64656E63792D6D
-616E6966657374150F070F0B0F7423646570656E64656E63792D6D616E69
-6665737458F7D86BA2025873825824822F58204B15C90FBD776A820E7E73
-3DF040D90B356B5C75982ECAECE8673818179BDF16584AD28443A10126A0
-F658402B1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3A
-ABAAD56CBCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285
-DCC978382F62CC03587BA601010201035849A20281815264656372797074
-65642D6669726D7761726504582F840C0014A2035824822F582036921488
-FE6680712F734E11F58D87EEB66D4B21A8A1AD3441060814DA16D50F0E18
-1E05815818646570656E64656E63792D6D616E69666573742E7375697407
-4382030F1447860C00120F030F
+737569741459010F8E0C0014A212582E758C4B7BBAE2C4C1D462423E0F0D
+C3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E19
+8A5913588CD8608443A10101A1054CF14AAB9D81D51F7AD943FE87F68183
+44A101381CA220A40102200121582073024F415AA51529A66CCEFD88F3F6
+2A734492FF45F6AD37FD2888E73EAF19DA2258204005B48A6FD091AA6ABF
+E3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B2604456B69642D3258
+18A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE09970C0114A303
+5824822F58204B15C90FBD776A820E7E733DF040D90B356B5C75982ECAEC
+E8673818179BDF160E18F7157423646570656E64656E63792D6D616E6966
+657374150F070F0B0F7423646570656E64656E63792D6D616E6966657374
+58F7D86BA2025873825824822F58204B15C90FBD776A820E7E733DF040D9
+0B356B5C75982ECAECE8673818179BDF16584AD28443A10126A0F658402B
+1B9C4E44E52863A78F73DA2A935823B28AEAE6A85CADAC4C4E3AABAAD56C
+BCE5A47D288F86B54D0186657E972E748B48CDB1D420FBAC1285DCC97838
+2F62CC03587BA601010201035849A2028181526465637279707465642D66
+69726D7761726504582F840C0014A2035824822F582036921488FE668071
+2F734E11F58D87EEB66D4B21A8A1AD3441060814DA16D50F0E181E058158
+18646570656E64656E63792D6D616E69666573742E73756974074382030F
+1447860C00120F030F
 ~~~~
diff --git a/testfiles/suit_manifest_expEW.cbor b/testfiles/suit_manifest_expEW.cbor
diff --git a/testfiles/suit_manifest_expEW.md b/testfiles/suit_manifest_expEW.md
@@ -15,15 +15,15 @@
   / authentication-wrapper / 2: << [
     << [
       / digest-algorithm-id: / -16 / SHA256 /,
-      / digest-bytes: / h'81DEF8B8DD38839D61434BE169636E52F6C9D4A466437F795F166735AB2CF097'
+      / digest-bytes: / h'1DB69EF1477E9942815F29F78E09957B26B4ADD03902BDB3D1EDF3DA2075F593'
     ] >>,
     << / COSE_Sign1_Tagged / 18([
       / protected: / << {
         / algorithm-id / 1: -7 / ES256 /
       } >>,
       / unprotected: / {},
       / payload: / null,
-      / signature: / h'1199BD308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61ABB39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB028'
+      / signature: / h'CB4EADA6BEC17EEB22EB836FB2BF9136A6EF733C11DAC955F543BBDCAA373B859321BC77969917E4C70F049527607F4C32752D53E01346E96BFF4880B437DF64'
     ]) >>
   ] >>,
   / manifest / 3: << {
@@ -37,13 +37,13 @@
     / install / 20: << [
       / directive-set-component-index / 12, 0 / ['plaintext-firmware'] /,
       / directive-override-parameters / 20, {
-        / parameter-content / 18: h'2F59C3A34D9570FB99A5382E66466A3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF17F',
+        / parameter-content / 18: h'758C4B7BBAE2C4C1D462423E0F0DC3164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A59',
         / parameter-encryption-info / 19: << 96([
           / protected: / << {
             / alg / 1: 1 / A128GCM /
           } >>,
           / unprotected: / {
-            / IV / 5: h'F14AAB9D81D51F7AD943FE87AF4F70CD'
+            / IV / 5: h'F14AAB9D81D51F7AD943FE87'
           },
           / payload: / null / detached ciphertext /,
           / recipients: / [
@@ -55,12 +55,12 @@
                 / ephemeral key / -1: {
                   / kty / 1: 2 / EC2 /,
                   / crv / -1: 1 / P-256 /,
-                  / x / -2: h'D3CB3FE8470BF5A6589FAF14E66CDC3876DC7AC242D1ADC4D97664C817BF54EB',
-                  / y / -3: h'F9C4FA53979580F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A3'
+                  / x / -2: h'73024F415AA51529A66CCEFD88F3F62A734492FF45F6AD37FD2888E73EAF19DA',
+                  / y / -3: h'4005B48A6FD091AA6ABFE3CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B26'
                 },
                 / kid / 4: 'kid-2'
               },
-              / payload: / h'DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A'
+              / payload: / h'A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997'
                 / CEK encrypted with KEK /
             ]
           ]
@@ -77,16 +77,16 @@
 {: numbered='no'}
 
 ~~~~
-D86BA2025873825824822F582081DEF8B8DD38839D61434BE169636E52F6
-C9D4A466437F795F166735AB2CF097584AD28443A10126A0F658401199BD
-308E8B51072DB381CD56C2EC6ED2C163FE31437419CFB14602150BCF61AB
-B39E4A3C1547466149310704A64F8FBA89C502FDBC1E440B95679CBECEB0
-280358ECA4010102010357A1028181526465637279707465642D6669726D
-776172651458CB860C0014A212582E2F59C3A34D9570FB99A5382E66466A
-3221A8AD85CE508BA306FB431A60EFA5AAAA078355070205A4B196832DF1
-7F135890D8608443A10101A10550F14AAB9D81D51F7AD943FE87AF4F70CD
-F6818344A101381CA220A401022001215820D3CB3FE8470BF5A6589FAF14
-E66CDC3876DC7AC242D1ADC4D97664C817BF54EB225820F9C4FA53979580
-F5FE5A36538FCDA829AD4225661CBBC8F230F6A550FA0DC7A304456B6964
-2D325818DC1787D6715EBC23D02F6D2C6B8F470FE11F482AFF04F53A120F
+D86BA2025873825824822F58201DB69EF1477E9942815F29F78E09957B26
+B4ADD03902BDB3D1EDF3DA2075F593584AD28443A10126A0F65840CB4EAD
+A6BEC17EEB22EB836FB2BF9136A6EF733C11DAC955F543BBDCAA373B8593
+21BC77969917E4C70F049527607F4C32752D53E01346E96BFF4880B437DF
+640358E8A4010102010357A1028181526465637279707465642D6669726D
+776172651458C7860C0014A212582E758C4B7BBAE2C4C1D462423E0F0DC3
+164FFA7B85BB94D4BD6D7ED26AB32FEB063385D4D3465927EC82CB5E198A
+5913588CD8608443A10101A1054CF14AAB9D81D51F7AD943FE87F6818344
+A101381CA220A40102200121582073024F415AA51529A66CCEFD88F3F62A
+734492FF45F6AD37FD2888E73EAF19DA2258204005B48A6FD091AA6ABFE3
+CFBEEDE88B347E521D43405FDBD7D2CFF0EBC21B2604456B69642D325818
+A06B8E6550F308712B1DF044B21B7D11D9B22792F1DE0997120F
 ~~~~