From f87475bf19b2cde982e33adb49bd09b88e1f3324 Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Tue, 8 Oct 2024 11:13:41 +0100 Subject: [PATCH] fix! Revert "chore: update to latest CoRIM implementation" This reverts commit b667abfdc99ffc2e3dd3e596953dabb83407a453. Signed-off-by: Yogesh Deshpande --- .github/workflows/ci-go-cover.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/linters.yml | 4 +- .gitignore | 3 + Makefile | 16 -- deployments/docker/src/builder.docker | 10 +- end-to-end/corimCcaRealm.cbor | Bin 0 -> 763 bytes go.mod | 21 +- go.sum | 48 ++-- .../comid-cca-platform-refval.json | 160 +++++------- .../endorsements/comid-cca-realm-refval.json | 76 +++--- .../data/endorsements/comid-cca-refval.json | 160 +++++------- .../endorsements/comid-enacttrust-refval.json | 14 +- .../data/endorsements/comid-psa-refval.json | 94 +++---- .../data/endorsements/corim-cca-full.json | 6 +- .../endorsements/corim-cca-platform-full.json | 6 +- .../endorsements/corim-cca-realm-full.json | 6 +- .../endorsements/corim-enacttrust-badta.cbor | Bin 166 -> 167 bytes .../endorsements/corim-enacttrust-badta.yaml | 29 --- .../endorsements/corim-enacttrust-mini.json | 4 +- .../data/endorsements/corim-psa-full.json | 4 +- .../data/endorsements/corim-psa-mini.json | 4 +- .../tests/test_enacttrust_badkey.tavern.yaml | 2 +- mk/cmd.mk | 2 +- scheme/arm-cca/corim_extractor.go | 8 +- scheme/arm-cca/endorsement_handler_test.go | 45 ++-- .../test/corim/ComidCcaRefValFour.json | 93 +++++++ ...aRefValOne.json => ComidCcaRefValOne.json} | 22 +- .../arm-cca/test/corim/build-test-vectors.sh | 91 ++++--- scheme/arm-cca/test/corim/comidCcaRealm.json | 79 ++++++ .../test/corim/comidCcaRealmInvalidClass.json | 79 ++++++ .../corim/comidCcaRealmInvalidInstance.json | 75 ++++++ .../test/corim/comidCcaRealmNoClass.json | 68 +++++ .../test/corim/comidCcaRealmNoInstance.json | 71 ++++++ .../test/corim/{src => }/corimCca.json | 4 +- .../test/corim/{src => }/corimCcaRealm.json | 4 +- .../arm-cca/test/corim/src/comidCcaRealm.json | 77 ------ .../corim/src/comidCcaRealmInvalidClass.json | 77 ------ .../src/comidCcaRealmInvalidInstance.json | 73 ------ .../test/corim/src/comidCcaRealmNoClass.json | 66 ----- .../corim/src/comidCcaRealmNoInstance.json | 69 ----- .../test/corim/src/comidCcaRefValFour.json | 127 --------- .../test/corim/src/corimCcaNoProfile.json | 22 -- .../unsignedCorimCcaComidCcaRefValFour.cbor | Bin 847 -> 0 bytes .../unsignedCorimCcaComidCcaRefValOne.cbor | Bin 386 -> 0 bytes ...edCorimCcaNoProfileComidCcaRefValFour.cbor | Bin 820 -> 0 bytes ...nedCorimCcaNoProfileComidCcaRefValOne.cbor | Bin 359 -> 0 bytes .../unsignedCorimCcaRealmComidCcaRealm.cbor | Bin 665 -> 0 bytes ...orimCcaRealmComidCcaRealmInvalidClass.cbor | Bin 668 -> 0 bytes ...mCcaRealmComidCcaRealmInvalidInstance.cbor | Bin 580 -> 0 bytes ...gnedCorimCcaRealmComidCcaRealmNoClass.cbor | Bin 552 -> 0 bytes ...dCorimCcaRealmComidCcaRealmNoInstance.cbor | Bin 541 -> 0 bytes scheme/arm-cca/test_vectors.go | 233 +++++++++++++++-- .../common/cca/platform/cca_ssd_extractor.go | 56 ++-- scheme/common/cca/realm/realm_extractor.go | 52 ++-- scheme/common/iextractor.go | 4 +- scheme/common/scripts/gen-corim | 21 -- scheme/common/unsignedcorim_decoder.go | 39 +-- scheme/parsec-cca/corim_test_vectors.go | 59 ++++- scheme/parsec-cca/endorsement_handler_test.go | 6 +- scheme/parsec-cca/parsec_cca_extractor.go | 8 +- .../test/corim/ComidParsecCcaMultRefVal.json | 108 ++++++++ .../{src => }/ComidParsecCcaRefValOne.json | 24 +- scheme/parsec-cca/test/corim/Makefile | 10 + .../test/corim/build-test-vectors.sh | 40 ++- .../test/corim/{src => }/corimParsecCca.json | 6 +- .../corim/src/ComidParsecCcaMultRefVal.json | 154 ----------- ...orimParsecCcaComidParsecCcaMultRefVal.cbor | Bin 1026 -> 0 bytes ...CorimParsecCcaComidParsecCcaRefValOne.cbor | Bin 407 -> 0 bytes scheme/parsec-tpm/corim_extractor.go | 29 +-- scheme/parsec-tpm/corim_test_vectors.go | 234 +++++++++++++++-- scheme/parsec-tpm/endorsement_handler_test.go | 17 +- .../{src => }/ComidParsecTpmKeyGood.json | 0 .../{src => }/ComidParsecTpmKeyManyKeys.json | 0 .../{src => }/ComidParsecTpmKeyNoClass.json | 0 .../{src => }/ComidParsecTpmKeyNoClassId.json | 0 .../ComidParsecTpmKeyNoInstance.json | 0 .../ComidParsecTpmKeyUnknownClassIdType.json | 0 .../ComidParsecTpmKeyUnknownInstanceType.json | 0 .../test/corim/ComidParsecTpmPcrsGood.json | 56 ++++ .../test/corim/ComidParsecTpmPcrsNoClass.json | 54 ++++ .../ComidParsecTpmPcrsNoDigests.json | 20 +- .../test/corim/ComidParsecTpmPcrsNoPCR.json | 48 ++++ .../ComidParsecTpmPcrsUnknownPCRType.json | 56 ++++ scheme/parsec-tpm/test/corim/Makefile | 10 + .../test/corim/build-test-vectors.sh | 65 +++-- scheme/parsec-tpm/test/corim/corimMini.json | 6 + .../corim/src/ComidParsecTpmPcrsGood.json | 64 ----- .../corim/src/ComidParsecTpmPcrsNoClass.json | 60 ----- .../corim/src/ComidParsecTpmPcrsNoPCR.json | 56 ---- .../src/ComidParsecTpmPcrsUnknownPCRType.json | 64 ----- .../parsec-tpm/test/corim/src/corimMini.json | 4 - ...nsignedCorimMiniComidParsecTpmKeyGood.cbor | Bin 398 -> 0 bytes ...nedCorimMiniComidParsecTpmKeyManyKeys.cbor | Bin 579 -> 0 bytes ...gnedCorimMiniComidParsecTpmKeyNoClass.cbor | Bin 376 -> 0 bytes ...edCorimMiniComidParsecTpmKeyNoClassId.cbor | Bin 389 -> 0 bytes ...dCorimMiniComidParsecTpmKeyNoInstance.cbor | Bin 359 -> 0 bytes ...niComidParsecTpmKeyUnknownClassIdType.cbor | Bin 385 -> 0 bytes ...iComidParsecTpmKeyUnknownInstanceType.cbor | Bin 379 -> 0 bytes ...signedCorimMiniComidParsecTpmPcrsGood.cbor | Bin 391 -> 0 bytes ...nedCorimMiniComidParsecTpmPcrsNoClass.cbor | Bin 425 -> 0 bytes ...dCorimMiniComidParsecTpmPcrsNoDigests.cbor | Bin 187 -> 0 bytes ...ignedCorimMiniComidParsecTpmPcrsNoPCR.cbor | Bin 387 -> 0 bytes ...mMiniComidParsecTpmPcrsUnknownPCRType.cbor | Bin 427 -> 0 bytes scheme/psa-iot/corim_extractor.go | 57 ++--- scheme/psa-iot/endorsement_handler_test.go | 19 +- .../src => }/ComidPsaIakPubNoImplID.json | 0 .../{corim/src => }/ComidPsaIakPubNoUeID.json | 0 .../{corim/src => }/ComidPsaIakPubOne.json | 0 .../{corim/src => }/ComidPsaIakPubTwo.json | 0 .../test/{corim/src => }/ComidPsaMultIak.json | 0 .../src => }/ComidPsaRefValMultDigest.json | 28 +- .../src => }/ComidPsaRefValNoImplID.json | 26 +- .../{corim/src => }/ComidPsaRefValNoMkey.json | 32 +-- .../{corim/src => }/ComidPsaRefValOne.json | 26 +- .../ComidPsaRefValOnlyMandIDAttr.json | 22 +- scheme/psa-iot/test/ComidPsaRefValThree.json | 81 ++++++ scheme/psa-iot/test/build-test-vectors.sh | 53 ++++ .../psa-iot/test/corim/build-test-vectors.sh | 32 --- .../test/corim/src/ComidPsaRefValThree.json | 103 -------- ...signedCorimCorimMiniComidPsaIakPubOne.cbor | Bin 383 -> 0 bytes ...signedCorimCorimMiniComidPsaIakPubTwo.cbor | Bin 664 -> 0 bytes ...signedCorimMiniComidPsaIakPubNoImplID.cbor | Bin 383 -> 0 bytes ...unsignedCorimMiniComidPsaIakPubNoUeID.cbor | Bin 371 -> 0 bytes .../unsignedCorimMiniComidPsaIakPubOne.cbor | Bin 410 -> 0 bytes .../unsignedCorimMiniComidPsaIakPubTwo.cbor | Bin 691 -> 0 bytes .../unsignedCorimMiniComidPsaMultIak.cbor | Bin 591 -> 0 bytes ...gnedCorimMiniComidPsaRefValMultDigest.cbor | Bin 317 -> 0 bytes ...signedCorimMiniComidPsaRefValNoImplID.cbor | Bin 253 -> 0 bytes ...unsignedCorimMiniComidPsaRefValNoMkey.cbor | Bin 234 -> 0 bytes .../unsignedCorimMiniComidPsaRefValOne.cbor | Bin 280 -> 0 bytes ...CorimMiniComidPsaRefValOnlyMandIDAttr.cbor | Bin 269 -> 0 bytes .../unsignedCorimMiniComidPsaRefValThree.cbor | Bin 589 -> 0 bytes .../test/{corim/src => }/corimMini.json | 4 +- scheme/psa-iot/test_vectors.go | 240 +++++++++++++++--- .../endorsement_handler_test.go | 19 +- scheme/tpm-enacttrust/extractor.go | 16 +- .../src => }/ComidTpmEnactTrustAKBadInst.json | 0 .../src => }/ComidTpmEnactTrustAKMult.json | 2 +- .../src => }/ComidTpmEnactTrustAKOne.json | 2 +- .../src => }/ComidTpmEnactTrustBadInst.json | 14 +- .../src => }/ComidTpmEnactTrustGoldenOne.json | 16 +- .../test/ComidTpmEnactTrustGoldenTwo.json | 44 ++++ .../ComidTpmEnactTrustMultDigest.json | 18 +- .../src => }/ComidTpmEnactTrustNoDigest.json | 14 +- .../src => }/ComidTpmEnactTrustNoInst.json | 14 +- .../tpm-enacttrust/test/build-test-vectors.sh | 34 +++ .../test/corim/build-test-vectors.sh | 30 --- .../src/ComidTpmEnactTrustGoldenTwo.json | 50 ---- .../test/corim/src/corimMini.json | 4 - ...dCorimMiniComidTpmEnactTrustAKBadInst.cbor | Bin 361 -> 0 bytes ...gnedCorimMiniComidTpmEnactTrustAKMult.cbor | Bin 523 -> 0 bytes ...ignedCorimMiniComidTpmEnactTrustAKOne.cbor | Bin 342 -> 0 bytes ...nedCorimMiniComidTpmEnactTrustBadInst.cbor | Bin 219 -> 0 bytes ...dCorimMiniComidTpmEnactTrustGoldenOne.cbor | Bin 200 -> 0 bytes ...dCorimMiniComidTpmEnactTrustGoldenTwo.cbor | Bin 263 -> 0 bytes ...CorimMiniComidTpmEnactTrustMultDigest.cbor | Bin 236 -> 0 bytes ...edCorimMiniComidTpmEnactTrustNoDigest.cbor | Bin 188 -> 0 bytes ...gnedCorimMiniComidTpmEnactTrustNoInst.cbor | Bin 238 -> 0 bytes scheme/tpm-enacttrust/test/corimMini.json | 6 + scheme/tpm-enacttrust/test_vectors.go | 139 ++++++++-- 161 files changed, 2538 insertions(+), 2093 deletions(-) create mode 100644 end-to-end/corimCcaRealm.cbor delete mode 100644 integration-tests/data/endorsements/corim-enacttrust-badta.yaml create mode 100644 scheme/arm-cca/test/corim/ComidCcaRefValFour.json rename scheme/arm-cca/test/corim/{src/comidCcaRefValOne.json => ComidCcaRefValOne.json} (69%) create mode 100644 scheme/arm-cca/test/corim/comidCcaRealm.json create mode 100644 scheme/arm-cca/test/corim/comidCcaRealmInvalidClass.json create mode 100644 scheme/arm-cca/test/corim/comidCcaRealmInvalidInstance.json create mode 100644 scheme/arm-cca/test/corim/comidCcaRealmNoClass.json create mode 100644 scheme/arm-cca/test/corim/comidCcaRealmNoInstance.json rename scheme/arm-cca/test/corim/{src => }/corimCca.json (90%) rename scheme/arm-cca/test/corim/{src => }/corimCcaRealm.json (84%) delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRealm.json delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRealmInvalidClass.json delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRealmInvalidInstance.json delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRealmNoClass.json delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRealmNoInstance.json delete mode 100644 scheme/arm-cca/test/corim/src/comidCcaRefValFour.json delete mode 100644 scheme/arm-cca/test/corim/src/corimCcaNoProfile.json delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaComidCcaRefValFour.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaComidCcaRefValOne.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValFour.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValOne.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealm.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidClass.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidInstance.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmNoClass.cbor delete mode 100644 scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmNoInstance.cbor delete mode 100755 scheme/common/scripts/gen-corim create mode 100644 scheme/parsec-cca/test/corim/ComidParsecCcaMultRefVal.json rename scheme/parsec-cca/test/corim/{src => }/ComidParsecCcaRefValOne.json (67%) create mode 100644 scheme/parsec-cca/test/corim/Makefile rename scheme/parsec-cca/test/corim/{src => }/corimParsecCca.json (86%) delete mode 100644 scheme/parsec-cca/test/corim/src/ComidParsecCcaMultRefVal.json delete mode 100644 scheme/parsec-cca/test/corim/unsignedCorimParsecCcaComidParsecCcaMultRefVal.cbor delete mode 100644 scheme/parsec-cca/test/corim/unsignedCorimParsecCcaComidParsecCcaRefValOne.cbor rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyGood.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyManyKeys.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyNoClass.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyNoClassId.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyNoInstance.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyUnknownClassIdType.json (100%) rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmKeyUnknownInstanceType.json (100%) create mode 100644 scheme/parsec-tpm/test/corim/ComidParsecTpmPcrsGood.json create mode 100644 scheme/parsec-tpm/test/corim/ComidParsecTpmPcrsNoClass.json rename scheme/parsec-tpm/test/corim/{src => }/ComidParsecTpmPcrsNoDigests.json (71%) create mode 100644 scheme/parsec-tpm/test/corim/ComidParsecTpmPcrsNoPCR.json create mode 100644 scheme/parsec-tpm/test/corim/ComidParsecTpmPcrsUnknownPCRType.json create mode 100644 scheme/parsec-tpm/test/corim/Makefile create mode 100644 scheme/parsec-tpm/test/corim/corimMini.json delete mode 100644 scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsGood.json delete mode 100644 scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoClass.json delete mode 100644 scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoPCR.json delete mode 100644 scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsUnknownPCRType.json delete mode 100644 scheme/parsec-tpm/test/corim/src/corimMini.json delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyGood.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyManyKeys.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoClass.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoClassId.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoInstance.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownClassIdType.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownInstanceType.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsGood.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsNoClass.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsNoDigests.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsNoPCR.cbor delete mode 100644 scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsUnknownPCRType.cbor rename scheme/psa-iot/test/{corim/src => }/ComidPsaIakPubNoImplID.json (100%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaIakPubNoUeID.json (100%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaIakPubOne.json (100%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaIakPubTwo.json (100%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaMultIak.json (100%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaRefValMultDigest.json (58%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaRefValNoImplID.json (62%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaRefValNoMkey.json (60%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaRefValOne.json (62%) rename scheme/psa-iot/test/{corim/src => }/ComidPsaRefValOnlyMandIDAttr.json (66%) create mode 100644 scheme/psa-iot/test/ComidPsaRefValThree.json create mode 100755 scheme/psa-iot/test/build-test-vectors.sh delete mode 100755 scheme/psa-iot/test/corim/build-test-vectors.sh delete mode 100644 scheme/psa-iot/test/corim/src/ComidPsaRefValThree.json delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubOne.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubTwo.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubNoImplID.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubNoUeID.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubOne.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubTwo.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaMultIak.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValMultDigest.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValNoImplID.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValNoMkey.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValOne.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValOnlyMandIDAttr.cbor delete mode 100644 scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValThree.cbor rename scheme/psa-iot/test/{corim/src => }/corimMini.json (53%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustAKBadInst.json (100%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustAKMult.json (94%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustAKOne.json (92%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustBadInst.json (72%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustGoldenOne.json (63%) create mode 100644 scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenTwo.json rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustMultDigest.json (57%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustNoDigest.json (66%) rename scheme/tpm-enacttrust/test/{corim/src => }/ComidTpmEnactTrustNoInst.json (75%) create mode 100755 scheme/tpm-enacttrust/test/build-test-vectors.sh delete mode 100755 scheme/tpm-enacttrust/test/corim/build-test-vectors.sh delete mode 100644 scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenTwo.json delete mode 100644 scheme/tpm-enacttrust/test/corim/src/corimMini.json delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKBadInst.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKMult.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKOne.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustBadInst.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustGoldenOne.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustGoldenTwo.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustMultDigest.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustNoDigest.cbor delete mode 100644 scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustNoInst.cbor create mode 100644 scheme/tpm-enacttrust/test/corimMini.json diff --git a/.github/workflows/ci-go-cover.yml b/.github/workflows/ci-go-cover.yml index 9a23eb38..7c0dd746 100644 --- a/.github/workflows/ci-go-cover.yml +++ b/.github/workflows/ci-go-cover.yml @@ -26,7 +26,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: "1.22" + go-version: "1.19" - name: Checkout code uses: actions/checkout@v2 - name: Install mockgen diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 977bac70..f8c9368b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,7 +12,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: "1.22" + go-version: "1.19" - name: Checkout code uses: actions/checkout@v2 - name: Install mockgen diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml index c223b2ce..d207709b 100644 --- a/.github/workflows/linters.yml +++ b/.github/workflows/linters.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: "1.22" + go-version: "1.19" - name: Checkout code uses: actions/checkout@v2 - name: Install mockgen @@ -25,7 +25,7 @@ jobs: - name: Install golangci-lint run: | go version - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.54.2 + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.51.1 - name: Install Protoc uses: arduino/setup-protoc@v1 with: diff --git a/.gitignore b/.gitignore index cbea534e..e0e86a1b 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,6 @@ management/cmd/management-service/management-service tags .ipynb_checkpoints + +# generated by build-test-vector scripts +scheme/**/*Comid*.cbor diff --git a/Makefile b/Makefile index a72fd56a..8ee3c15d 100644 --- a/Makefile +++ b/Makefile @@ -34,22 +34,6 @@ IGNORE_COVERAGE += github.com/veraison/services/plugin/test # There is protobuf-generated stuff here, which skews coverage. IGNORE_COVERAGE += github.com/veraison/services/handler -# Go 1.22 started reporting subpackages without any tests as having 0.0% -# coverage. Previous version of go ignored them. -# See: https://go-review.googlesource.com/c/go/+/495447 -IGNORE_COVERAGE += github.com/veraison/services/builtin -IGNORE_COVERAGE += github.com/veraison/services/management/api -IGNORE_COVERAGE += github.com/veraison/services/management/cmd/management-service -IGNORE_COVERAGE += github.com/veraison/services/provisioning/cmd/provisioning-service -IGNORE_COVERAGE += github.com/veraison/services/provisioning/provisioner -IGNORE_COVERAGE += github.com/veraison/services/scheme/common -IGNORE_COVERAGE += github.com/veraison/services/scheme/common/arm -IGNORE_COVERAGE += github.com/veraison/services/verification/cmd/verification-service -IGNORE_COVERAGE += github.com/veraison/services/verification/verifier -IGNORE_COVERAGE += github.com/veraison/services/vts/cmd/vts-service -IGNORE_COVERAGE += github.com/veraison/services/vts/trustedservices -IGNORE_COVERAGE += github.com/veraison/services/vtsclient - include mk/cover.mk define __MAKEFILE_HELP diff --git a/deployments/docker/src/builder.docker b/deployments/docker/src/builder.docker index bf8c152e..d6bc3100 100644 --- a/deployments/docker/src/builder.docker +++ b/deployments/docker/src/builder.docker @@ -1,6 +1,6 @@ # Go version that will be used to build the project. Due to the use of generics -# within the project, it must be at least 1.22. -ARG GO_VERSION=1.22 +# within the project, it must be at least 1.19. +ARG GO_VERSION=1.19 FROM golang:${GO_VERSION} AS veraison-builder @@ -60,9 +60,9 @@ RUN go mod download &&\ go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 &&\ go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.1 &&\ go install github.com/mitchellh/protoc-gen-go-json@v1.1.0 &&\ - go install github.com/veraison/corim/cocli@be7ec482 &&\ - go install github.com/veraison/evcli/v2@86d12893 &&\ - go install github.com/veraison/pocli@v0.2.0 &&\ + go install github.com/veraison/corim/cocli@latest &&\ + go install github.com/veraison/evcli/v2@latest &&\ + go install github.com/veraison/pocli@latest &&\ go install github.com/go-delve/delve/cmd/dlv@v1.22.1 ADD --chown=builder:builder builder-dispatcher . diff --git a/end-to-end/corimCcaRealm.cbor b/end-to-end/corimCcaRealm.cbor new file mode 100644 index 0000000000000000000000000000000000000000..7b796c45be8854239c9689f4e8b0b3a5166f9955 GIT binary patch literal 763 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_LM@O~zkK7*bR7blsg87cvAm?|xjbm*{Q0 z?sD+?k51iUOpS{fO2YGtvUBniQxu$YGE?(P6nsij^cZg_RLEtNloS+O>Fbw66(ob@ z^-?Pma|?1(nVK0GnOGJwG&U__Sj2EcHQ=l~U#QwoH{P8$zW;q#SW&}RjKyTen@k1~ z4$c&U#)XWFSimMZx=;rBmL?Zv<~BBQQ0}OdqSRais+nX+HIs~}W|A>gOk!@VkOCzw zV9H7?%GFEG&(%*(PSh_-P0Y#FH)L7Fa8N4ooCgErL8;7;^afU763ujU_H~7&%bdjI L+*EiXY-9ug5K-yL literal 0 HcmV?d00001 diff --git a/go.mod b/go.mod index ed613b82..7c5ea531 100644 --- a/go.mod +++ b/go.mod @@ -1,22 +1,19 @@ module github.com/veraison/services -go 1.22 +go 1.19 require ( github.com/DATA-DOG/go-sqlmock v1.5.0 - github.com/Masterminds/squirrel v1.5.4 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d github.com/denisbrodbeck/machineid v1.0.1 github.com/fatih/color v1.13.0 github.com/gin-gonic/gin v1.9.1 github.com/go-playground/assert/v2 v2.2.0 - github.com/go-sql-driver/mysql v1.8.1 github.com/golang/mock v1.6.0 github.com/google/go-tpm v0.3.3 github.com/google/uuid v1.6.0 github.com/hashicorp/go-hclog v1.2.0 github.com/hashicorp/go-plugin v1.4.4 - github.com/jackc/pgx/v5 v5.6.0 github.com/jellydator/ttlcache/v3 v3.0.0 github.com/json-iterator/go v1.1.12 // indirect github.com/lestrrat-go/jwx/v2 v2.0.11 @@ -31,14 +28,14 @@ require ( github.com/spf13/viper v1.13.0 github.com/stretchr/testify v1.9.0 github.com/tbaehler/gin-keycloak v1.6.1 - github.com/veraison/ccatoken v1.3.1 + github.com/veraison/ccatoken v1.1.0 github.com/veraison/cmw v0.1.0 - github.com/veraison/corim v1.1.3-0.20240911154934-4f141ee6d1e7 + github.com/veraison/corim v1.1.3-0.20240615102753-72283bb916a0 github.com/veraison/dice v0.0.1 github.com/veraison/ear v1.1.2 github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53 - github.com/veraison/parsec v0.2.1-0.20240912163334-0368b9c16228 - github.com/veraison/psatoken v1.2.1-0.20240912124429-aec3ece7886e + github.com/veraison/parsec v0.1.1-0.20230915122508-f31e6c9be40e + github.com/veraison/psatoken v1.2.0 go.uber.org/zap v1.23.0 golang.org/x/text v0.14.0 google.golang.org/grpc v1.64.0 @@ -47,7 +44,6 @@ require ( ) require ( - filippo.io/edwards25519 v1.1.0 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect github.com/agnivade/levenshtein v1.0.1 // indirect github.com/bytedance/sonic v1.11.3 // indirect @@ -70,12 +66,7 @@ require ( github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb // indirect github.com/huandu/xstrings v1.3.3 // indirect - github.com/jackc/pgpassfile v1.0.0 // indirect - github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect - github.com/jackc/puddle/v2 v2.2.1 // indirect github.com/klauspost/cpuid/v2 v2.2.7 // indirect - github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect - github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect github.com/leodido/go-urn v1.4.0 // indirect github.com/lestrrat-go/blackmagic v1.0.1 // indirect github.com/lestrrat-go/httpcc v1.0.1 // indirect @@ -101,7 +92,7 @@ require ( github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect github.com/vektah/gqlparser/v2 v2.4.6 // indirect - github.com/veraison/go-cose v1.3.0-rc.1 + github.com/veraison/go-cose v1.1.1-0.20230825153510-da0f9a62ade7 github.com/veraison/swid v1.1.1-0.20230911094910-8ffdd07a22ca github.com/x448/float16 v0.8.4 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect diff --git a/go.sum b/go.sum index 3b4dce08..6d36eee5 100644 --- a/go.sum +++ b/go.sum @@ -598,8 +598,6 @@ cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vf cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= -filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= @@ -629,8 +627,6 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= -github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= -github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -695,7 +691,6 @@ github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZo github.com/aws/aws-sdk-go v1.43.16/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -912,7 +907,9 @@ github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7h github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ= @@ -985,7 +982,6 @@ github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897 h1:E52jfcE64UG42 github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= @@ -993,6 +989,7 @@ github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmV github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/fxamacker/cbor/v2 v2.2.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= github.com/fxamacker/cbor/v2 v2.3.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= +github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= github.com/fxamacker/cbor/v2 v2.5.0 h1:oHsG0V/Q6E/wqTS2O1Cozzsy69nqCiguo5Q1a1ADivE= github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= @@ -1059,8 +1056,6 @@ github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91 github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= github.com/go-playground/validator/v10 v10.19.0 h1:ol+5Fu+cSq9JD7SoSqe04GMI92cbn0+wvQ3bZ8b/AU4= github.com/go-playground/validator/v10 v10.19.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= -github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= -github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= @@ -1287,18 +1282,9 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= -github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= -github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= -github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk= -github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= -github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY= -github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw= -github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk= -github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= github.com/jellydator/ttlcache/v3 v3.0.0 h1:zmFhqrB/4sKiEiJHhtseJsNRE32IMVmJSs4++4gaQO4= github.com/jellydator/ttlcache/v3 v3.0.0/go.mod h1:WwTaEmcXQ3MTjOm4bsZoDFiCu/hMvNWLO1w67RXz6h4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= -github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -1353,10 +1339,6 @@ github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw= -github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= -github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= -github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= @@ -1368,6 +1350,7 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= +github.com/lestrrat-go/jwx/v2 v2.0.8/go.mod h1:zLxnyv9rTlEvOUHbc48FAfIL8iYu2hHvIRaTFGc8mT0= github.com/lestrrat-go/jwx/v2 v2.0.11 h1:ViHMnaMeaO0qV16RZWBHM7GTrAnX2aFLVKofc7FuKLQ= github.com/lestrrat-go/jwx/v2 v2.0.11/go.mod h1:ZtPtMFlrfDrH2Y0iwfa3dRFn8VzwBrB+cyrm3IBWdDg= github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= @@ -1725,24 +1708,26 @@ github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/vektah/gqlparser/v2 v2.4.6 h1:Yjzp66g6oVq93Jihbi0qhGnf/6zIWjcm8H6gA27zstE= github.com/vektah/gqlparser/v2 v2.4.6/go.mod h1:flJWIR04IMQPGz+BXLrORkrARBxv/rtyIAFvd/MceW0= -github.com/veraison/ccatoken v1.3.1 h1:zUHXr2mPprxMYv5Mm2mumxzQZ3I9wy7QGayXqa9Rv/E= -github.com/veraison/ccatoken v1.3.1/go.mod h1:vMqdbW4H/8A3oT+24qssuIK3Aefy06XqzTELGg+gWAg= +github.com/veraison/ccatoken v1.1.0 h1:U0Z5fOQRsdz3ksvvxVzTITczo+kfRxIlkWahJNP6Irs= +github.com/veraison/ccatoken v1.1.0/go.mod h1:qh/KBwsrhPyGJqttlh8PU56wt1rPkUCX9A3ZAA/53Nc= github.com/veraison/cmw v0.1.0 h1:vD6tBlGPROCW/HlDcG1jh+XUJi5ihrjXatKZBjrv8mU= github.com/veraison/cmw v0.1.0/go.mod h1:WoBrlgByc6C1FeHhdze1/bQx1kv5d1sWKO5ezEf4Hs4= -github.com/veraison/corim v1.1.3-0.20240911154934-4f141ee6d1e7 h1:sq9OVQgwpRJDFrQDGAOMs5p22Hp1zfDYRkeb+EVJWTU= -github.com/veraison/corim v1.1.3-0.20240911154934-4f141ee6d1e7/go.mod h1:Wj3a6bSo7+3peVGjwGayHDALILh4PHMngDhgBYUbVLk= +github.com/veraison/corim v1.1.3-0.20240615102753-72283bb916a0 h1:FgWzsb/wUxeeKZ3Dd3NOTnwHBJ397EPNiF3o3ZJ/64o= +github.com/veraison/corim v1.1.3-0.20240615102753-72283bb916a0/go.mod h1:KB6TVcLcz1QppfzoyIesUMfdYodI/ndg7bqBdtqgc90= github.com/veraison/dice v0.0.1 h1:dOm7ByDN/r4WlDsGkEUXzdPMXgTvAPTAksQ8+BwBrD4= github.com/veraison/dice v0.0.1/go.mod h1:QPMLc5LVMj08VZ+HNMYk4XxWoVYGAUBVm8Rd5V1hzxs= github.com/veraison/ear v1.1.2 h1:Xs41FqAG8IyJaceqNFcX2+nf51Et1uyhmCJV8SZqw/8= github.com/veraison/ear v1.1.2/go.mod h1:O3yKgZR04DWKHHiNxfXCMX9ky0cLVoC67TFks6JwEhI= +github.com/veraison/eat v0.0.0-20210331113810-3da8a4dd42ff/go.mod h1:+kxt8iuFiVvKRs2VQ1Ho7bbAScXAB/kHFFuP5Biw19I= github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53 h1:5gnX2TrGd/Xz8DOp2OaLtg/jLoIubSUTrgz6iZ58pJ4= github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53/go.mod h1:+kxt8iuFiVvKRs2VQ1Ho7bbAScXAB/kHFFuP5Biw19I= -github.com/veraison/go-cose v1.3.0-rc.1 h1:j7mMBdwkbq4c+pgEZVbbWG8UwVIgGHPp6+TAAYJj+UY= -github.com/veraison/go-cose v1.3.0-rc.1/go.mod h1:df09OV91aHoQWLmy1KsDdYiagtXgyAwAl8vFeFn1gMc= -github.com/veraison/parsec v0.2.1-0.20240912163334-0368b9c16228 h1:oMCBfNZ8yxeMHelMg/H8uLrBLRvipjAwBL0d5/F9bvY= -github.com/veraison/parsec v0.2.1-0.20240912163334-0368b9c16228/go.mod h1:hobpAGxGmjCyluLHTNMdgJYficPXno4HZWKJSuUwZ7w= -github.com/veraison/psatoken v1.2.1-0.20240912124429-aec3ece7886e h1:W1OWcrRvfN0EWyldcpFgwl9xdKBbZUlk5pnbLTcR8Ec= -github.com/veraison/psatoken v1.2.1-0.20240912124429-aec3ece7886e/go.mod h1:bXUwdYAGcRoclxe73JmO8Z9ngV9KDHqW20afM9Q0FKo= +github.com/veraison/go-cose v1.0.0-rc.1/go.mod h1:7ziE85vSq4ScFTg6wyoMXjucIGOf4JkFEZi/an96Ct4= +github.com/veraison/go-cose v1.1.1-0.20230825153510-da0f9a62ade7 h1:KcKzBthSrSZIUEWBjVvkuk/DE3PyYFbXZxhx5byGFtc= +github.com/veraison/go-cose v1.1.1-0.20230825153510-da0f9a62ade7/go.mod h1:t6V8WJzHm1PD5HNsuDjW3KLv577uWb6UTzbZGvdQHD8= +github.com/veraison/parsec v0.1.1-0.20230915122508-f31e6c9be40e h1:6flWRGWeW9X2GOtegx2MqwRzO4z2DIrk3nm5FH7sGyM= +github.com/veraison/parsec v0.1.1-0.20230915122508-f31e6c9be40e/go.mod h1:IXiVM4dsJNsB2PB1NkK5AE0gUvOzsxLgOpuPo9KHs0M= +github.com/veraison/psatoken v1.2.0 h1:PeHy6YUbhFE9Z9xaQBoAMpMWUEqSHrF2JgfcwMTmFIA= +github.com/veraison/psatoken v1.2.0/go.mod h1:2tHLoYMOIS4V4mO8MJT4VstRtpO50FLmhoOR35FyIr4= github.com/veraison/swid v1.1.1-0.20230911094910-8ffdd07a22ca h1:osmCKwWO/xM68Kz+rIXio1DNzEY2NdJOpGpoy5r8NlE= github.com/veraison/swid v1.1.1-0.20230911094910-8ffdd07a22ca/go.mod h1:d5jt76uMNbTfQ+f2qU4Lt8RvWOTsv6PFgstIM1QdMH0= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= @@ -1878,6 +1863,7 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= diff --git a/integration-tests/data/endorsements/comid-cca-platform-refval.json b/integration-tests/data/endorsements/comid-cca-platform-refval.json index 08c70be4..afc94afb 100644 --- a/integration-tests/data/endorsements/comid-cca-platform-refval.json +++ b/integration-tests/data/endorsements/comid-cca-platform-refval.json @@ -28,127 +28,81 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "3.4.2", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, "value": { - "label": "BL", - "version": "3.4.2", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M1", + "version": "1.2.0", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M1", - "version": "1.2.0", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M2", + "version": "1.2.3", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M2", - "version": "1.2.3", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M3", + "version": "1.0.0", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M3", - "version": "1.0.0", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "cca.platform-config-id", + "value": "cfg v1.0.0" }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "cfg v1.0.0" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "AQID" + "value": { + "raw-value": { + "type": "bytes", + "value": "AQID" + } } } - } + ] } ] } - } + } \ No newline at end of file diff --git a/integration-tests/data/endorsements/comid-cca-realm-refval.json b/integration-tests/data/endorsements/comid-cca-realm-refval.json index fa81d86b..16697f55 100644 --- a/integration-tests/data/endorsements/comid-cca-realm-refval.json +++ b/integration-tests/data/endorsements/comid-cca-realm-refval.json @@ -31,47 +31,49 @@ "value": "Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" } }, - "measurement": { - "value": { - "raw-value": { - "type": "bytes", - "value": "QURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBRA==" - }, - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" - ] + "measurements": [ + { + "value": { + "raw-value": { + "type": "bytes", + "value": "QURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBREFEQURBRA==" }, - "rem3": { - "key-type": "text", - "value": [ - "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" - ] + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-512;Q0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQw==" + ] + } } } } - } + ] } ] } -} +} \ No newline at end of file diff --git a/integration-tests/data/endorsements/comid-cca-refval.json b/integration-tests/data/endorsements/comid-cca-refval.json index 86e78be6..7a03aeea 100644 --- a/integration-tests/data/endorsements/comid-cca-refval.json +++ b/integration-tests/data/endorsements/comid-cca-refval.json @@ -28,127 +28,81 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "3.4.2", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, "value": { - "label": "BL", - "version": "3.4.2", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M1", + "version": "1.2.0", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M1", - "version": "1.2.0", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M2", + "version": "1.2.3", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M2", - "version": "1.2.3", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M3", + "version": "1.0.0", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "M3", - "version": "1.0.0", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + "digests": [ + "sha-256:EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] } }, - "value": { - "digests": [ - "sha-256:EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + { + "key": { + "type": "cca.platform-config-id", + "value": "cfg v1.0.0" }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "cfg v1.0.0" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "AQID" + "value": { + "raw-value": { + "type": "bytes", + "value": "AQID" + } } } - } + ] } ] } -} +} \ No newline at end of file diff --git a/integration-tests/data/endorsements/comid-enacttrust-refval.json b/integration-tests/data/endorsements/comid-enacttrust-refval.json index f4aa0e5b..3b4c4ae6 100644 --- a/integration-tests/data/endorsements/comid-enacttrust-refval.json +++ b/integration-tests/data/endorsements/comid-enacttrust-refval.json @@ -22,13 +22,15 @@ "value": "7df7714e-aa04-4638-bcbf-434b1dd720f1" } }, - "measurement": { - "value": { - "digests": [ - "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] + "measurements": [ + { + "value": { + "digests": [ + "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } } - } + ] } ] } diff --git a/integration-tests/data/endorsements/comid-psa-refval.json b/integration-tests/data/endorsements/comid-psa-refval.json index 41a1f2ec..8fd66fbc 100644 --- a/integration-tests/data/endorsements/comid-psa-refval.json +++ b/integration-tests/data/endorsements/comid-psa-refval.json @@ -28,75 +28,53 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] } }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "PRoT", + "version": "1.3.5", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "PRoT", - "version": "1.3.5", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" + ] } }, - "value": { - "digests": [ - "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "ARoT", + "version": "0.1.4", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", "value": { - "label": "ARoT", - "version": "0.1.4", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" + ] } - }, - "value": { - "digests": [ - "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" - ] } - } + ] } ] } diff --git a/integration-tests/data/endorsements/corim-cca-full.json b/integration-tests/data/endorsements/corim-cca-full.json index 59e536d5..fb28d9ba 100644 --- a/integration-tests/data/endorsements/corim-cca-full.json +++ b/integration-tests/data/endorsements/corim-cca-full.json @@ -1,6 +1,8 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/cca/ssd/1", + "profiles": [ + "http://arm.com/cca/ssd/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" @@ -14,4 +16,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/integration-tests/data/endorsements/corim-cca-platform-full.json b/integration-tests/data/endorsements/corim-cca-platform-full.json index 3147f677..fcba13aa 100644 --- a/integration-tests/data/endorsements/corim-cca-platform-full.json +++ b/integration-tests/data/endorsements/corim-cca-platform-full.json @@ -1,6 +1,8 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/cca/ssd/1", + "profiles": [ + "http://arm.com/cca/ssd/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" @@ -14,4 +16,4 @@ ] } ] - } + } \ No newline at end of file diff --git a/integration-tests/data/endorsements/corim-cca-realm-full.json b/integration-tests/data/endorsements/corim-cca-realm-full.json index d57492bd..030554bf 100644 --- a/integration-tests/data/endorsements/corim-cca-realm-full.json +++ b/integration-tests/data/endorsements/corim-cca-realm-full.json @@ -1,6 +1,8 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/cca/realm/1", + "profiles": [ + "http://arm.com/cca/realm/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" @@ -14,4 +16,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/integration-tests/data/endorsements/corim-enacttrust-badta.cbor b/integration-tests/data/endorsements/corim-enacttrust-badta.cbor index bb497ebe4ace5164e7227ac75412e4a904065a55..91b0f5a2d9c9869f32bc6228048f1fd339f50f91 100644 GIT binary patch delta 110 zcmZ3+xSY{$F+)I1_=_)YXPu-cp5!<``Jv4p#>R+@n~c8}GcIHZU_b**jf)wwT=No> zOG1iDi%TZD%B!#}WNK_$$aq6Fp!R#A-zpY2i#_|Dy=AW}d~96Ekm3LY%#9P7)Bs2D BC5He2 delta 60 zcmV-C0K@;M0j2>0qXUtFCXoRe0|J4gkv<;}0BS{UVPkYua&>cb1fc_wU>_6#p#V@r SyW@W@VM{Zv(^Jp!LW>qdY!w>- diff --git a/integration-tests/data/endorsements/corim-enacttrust-badta.yaml b/integration-tests/data/endorsements/corim-enacttrust-badta.yaml deleted file mode 100644 index 81031d40..00000000 --- a/integration-tests/data/endorsements/corim-enacttrust-badta.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# This can be compiled into CBOR using -# https://github.com/veraison/gen-testcases ---- -0: !!binary |- - XFfo9EbNQhuRyQjPk+E8/A== -1: -- encodedCBOR: - tag: 506 - value: - 1: - 0: !!binary |- - Q7vjfy5hSzOu01PP8UKLFg== - 2: - - 0: EnactTrust - 1: - tag: 32 - value: https://enacttrust.com - 2: - - 0 - - 1 - - 2 - 4: - 3: - - - 1: - tag: 37 - value: !!binary |- - ffdxTqoERji8v0NLHdcg8Q== - - - 0: "@@@@" -3: http://enacttrust.com/veraison/1.0.0 diff --git a/integration-tests/data/endorsements/corim-enacttrust-mini.json b/integration-tests/data/endorsements/corim-enacttrust-mini.json index c73bcf4d..96d9fdc2 100644 --- a/integration-tests/data/endorsements/corim-enacttrust-mini.json +++ b/integration-tests/data/endorsements/corim-enacttrust-mini.json @@ -1,4 +1,6 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://enacttrust.com/veraison/1.0.0" + "profiles": [ + "http://enacttrust.com/veraison/1.0.0" + ] } diff --git a/integration-tests/data/endorsements/corim-psa-full.json b/integration-tests/data/endorsements/corim-psa-full.json index db4d772a..52b7cd5e 100644 --- a/integration-tests/data/endorsements/corim-psa-full.json +++ b/integration-tests/data/endorsements/corim-psa-full.json @@ -6,7 +6,9 @@ "thumbprint": "sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=" } ], - "profile": "http://arm.com/psa/iot/1", + "profiles": [ + "http://arm.com/psa/iot/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" diff --git a/integration-tests/data/endorsements/corim-psa-mini.json b/integration-tests/data/endorsements/corim-psa-mini.json index f9528480..f0116feb 100644 --- a/integration-tests/data/endorsements/corim-psa-mini.json +++ b/integration-tests/data/endorsements/corim-psa-mini.json @@ -1,4 +1,6 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/psa/iot/1" + "profiles": [ + "http://arm.com/psa/iot/1" + ] } diff --git a/integration-tests/tests/test_enacttrust_badkey.tavern.yaml b/integration-tests/tests/test_enacttrust_badkey.tavern.yaml index bbc4d4a4..4041c412 100644 --- a/integration-tests/tests/test_enacttrust_badkey.tavern.yaml +++ b/integration-tests/tests/test_enacttrust_badkey.tavern.yaml @@ -34,4 +34,4 @@ stages: status_code: 200 json: status: failed - failure-reason: 'submit endorsement returned error: submit endorsements failed: RPC server returned error: plugin "unsigned-corim (TPM EnactTrust profile)" returned error: decoding failed for CoMID at index 0: error unmarshalling field "Triples": error unmarshalling field "AttestVerifKeys": cbor: cannot unmarshal map into Go struct field comid.KeyTriple.verification-keys of type comid.ICryptoKeyValue' + failure-reason: 'submit endorsement returned error: submit endorsements failed: RPC server returned error: plugin "unsigned-corim (TPM EnactTrust profile)" returned error: decoding failed for CoMID at index 0: error unmarshalling field "Triples": error unmarshalling field "AttestVerifKeys": cbor: cannot unmarshal map into Go struct field comid.AttestVerifKey.verification-keys of type comid.ICryptoKeyValue' diff --git a/mk/cmd.mk b/mk/cmd.mk index 865d9988..833fbc51 100644 --- a/mk/cmd.mk +++ b/mk/cmd.mk @@ -17,7 +17,7 @@ endif SCHEME_LOADER ?= plugins -_MIN_GO_VERSION = 1.22 +_MIN_GO_VERSION = 1.19 _GO_VERSION = $(shell go version | sed 's/^[^0-9]*\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/') .PHONY: _check_version diff --git a/scheme/arm-cca/corim_extractor.go b/scheme/arm-cca/corim_extractor.go index 3b40f875..aac70b53 100644 --- a/scheme/arm-cca/corim_extractor.go +++ b/scheme/arm-cca/corim_extractor.go @@ -15,20 +15,20 @@ type CorimExtractor struct { Profile string } -func (o CorimExtractor) RefValExtractor(rvs comid.ValueTriples) ([]*handler.Endorsement, error) { +func (o CorimExtractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsement, error) { switch o.Profile { case "http://arm.com/cca/ssd/1": subScheme := &platform.CcaSsdExtractor{Scheme: SchemeName} - return subScheme.RefValExtractor(rvs) + return subScheme.RefValExtractor(rv) case "http://arm.com/cca/realm/1": subScheme := &realm.RealmExtractor{Scheme: SchemeName} - return subScheme.RefValExtractor(rvs) + return subScheme.RefValExtractor(rv) default: return nil, fmt.Errorf("invalid profile %s for scheme %s", o.Profile, SchemeName) } } -func (o CorimExtractor) TaExtractor(avk comid.KeyTriple) (*handler.Endorsement, error) { +func (o CorimExtractor) TaExtractor(avk comid.AttestVerifKey) (*handler.Endorsement, error) { switch o.Profile { case "http://arm.com/cca/ssd/1": subScheme := &platform.CcaSsdExtractor{Scheme: SchemeName} diff --git a/scheme/arm-cca/endorsement_handler_test.go b/scheme/arm-cca/endorsement_handler_test.go index f184661c..eac25f36 100644 --- a/scheme/arm-cca/endorsement_handler_test.go +++ b/scheme/arm-cca/endorsement_handler_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/veraison/corim/comid" ) func TestDecoder_GetAttestationScheme(t *testing.T) { @@ -65,15 +66,16 @@ func TestDecoder_Decode_invalid_data(t *testing.T) { } func TestDecoder_Decode_CcaSsdRefVal_OK(t *testing.T) { - tvs := [][]byte{ - unsignedCorimCcaComidCcaRefValOne, - unsignedCorimCcaComidCcaRefValFour, + tvs := []string{ + unsignedcorimCcacomidCcaRefValOne, + unsignedcorimCcacomidCcaRefValFour, } d := &EndorsementHandler{} for _, tv := range tvs { - _, err := d.Decode(tv) + data := comid.MustHexDecode(t, tv) + _, err := d.Decode(data) assert.NoError(t, err) } } @@ -81,38 +83,40 @@ func TestDecoder_Decode_CcaSsdRefVal_OK(t *testing.T) { func TestDecoder_Decode_CCaSsdRefVal_NOK(t *testing.T) { tvs := []struct { desc string - input []byte + input string expectedErr string }{ { desc: "missing profile inside corim containing one CCA platform config measurement", - input: unsignedCorimCcaNoProfileComidCcaRefValOne, + input: unsignedcorimCcaNoProfilecomidCcaRefValOne, expectedErr: "no profile information set in CoRIM", }, { desc: "missing profile inside corim containing multiple reference value measurements", - input: unsignedCorimCcaNoProfileComidCcaRefValFour, + input: unsignedcorimCcaNoProfilecomidCcaRefValFour, expectedErr: "no profile information set in CoRIM", }, } for _, tv := range tvs { + data := comid.MustHexDecode(t, tv.input) d := &EndorsementHandler{} - _, err := d.Decode(tv.input) + _, err := d.Decode(data) assert.EqualError(t, err, tv.expectedErr) } } func TestDecoder_DecodeCcaRealm_OK(t *testing.T) { - tvs := [][]byte{ - unsignedCorimCcaRealmComidCcaRealm, - unsignedCorimCcaRealmComidCcaRealmNoClass, + tvs := []string{ + unsignedcorimCcaRealmcomidCcaRealm, + unsignedcorimCcaRealmcomidCcaRealmNoClass, } d := &EndorsementHandler{} for _, tv := range tvs { - _, err := d.Decode(tv) + data := comid.MustHexDecode(t, tv) + _, err := d.Decode(data) assert.NoError(t, err) } } @@ -120,31 +124,30 @@ func TestDecoder_DecodeCcaRealm_OK(t *testing.T) { func TestDecoder_DecodeCcaRealm_negative_tests(t *testing.T) { tvs := []struct { desc string - input []byte + input string expectedErr string }{ { desc: "no realm instance identity in corim", - input: unsignedCorimCcaRealmComidCcaRealmNoInstance, + input: unsignedcorimCcaRealmcomidCcaRealmNoInstance, expectedErr: "bad software component in CoMID at index 0: could not extract Realm instance attributes: expecting instance in environment", }, { desc: "invalid instance identity in corim", - input: unsignedCorimCcaRealmComidCcaRealmInvalidInstance, + input: unsignedcorimCcaRealmcomidCcaRealmInvalidInstance, expectedErr: "bad software component in CoMID at index 0: could not extract Realm instance attributes: expecting instance as bytes for CCA Realm", }, { desc: "invalid class identity in corim", - input: unsignedCorimCcaRealmComidCcaRealmInvalidClass, + input: unsignedcorimCcaRealmcomidCcaRealmInvalidClass, expectedErr: "bad software component in CoMID at index 0: could not extract Realm class attributes: could not extract uuid from class-id: class-id type is: *comid.TaggedImplID", }, } for _, tv := range tvs { - t.Run(tv.desc, func (t *testing.T) { - d := &EndorsementHandler{} - _, err := d.Decode(tv.input) - assert.EqualError(t, err, tv.expectedErr) - }) + data := comid.MustHexDecode(t, tv.input) + d := &EndorsementHandler{} + _, err := d.Decode(data) + assert.EqualError(t, err, tv.expectedErr) } } diff --git a/scheme/arm-cca/test/corim/ComidCcaRefValFour.json b/scheme/arm-cca/test/corim/ComidCcaRefValFour.json new file mode 100644 index 00000000..296e843b --- /dev/null +++ b/scheme/arm-cca/test/corim/ComidCcaRefValFour.json @@ -0,0 +1,93 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "ACME Ltd.", + "regid": "https://acme.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "psa.impl-id", + "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" + }, + "vendor": "ACME", + "model": "RoadRunner" + } + }, + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "PRoT", + "version": "1.3.5", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "ARoT", + "version": "0.1.4", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" + ] + } + }, + { + "key": { + "type": "cca.platform-config-id", + "value": "any-value" + }, + "value": { + "raw-value": { + "type": "bytes", + "value": "cmF3dmFsdWUKcmF3dmFsdWUK" + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRefValOne.json b/scheme/arm-cca/test/corim/ComidCcaRefValOne.json similarity index 69% rename from scheme/arm-cca/test/corim/src/comidCcaRefValOne.json rename to scheme/arm-cca/test/corim/ComidCcaRefValOne.json index a02a8b02..0871e7ea 100644 --- a/scheme/arm-cca/test/corim/src/comidCcaRefValOne.json +++ b/scheme/arm-cca/test/corim/ComidCcaRefValOne.json @@ -29,18 +29,20 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "any-label" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "cmF3dmFsdWUKcmF3dmFsdWUK" + "measurements": [ + { + "key": { + "type": "cca.platform-config-id", + "value": "any-label" + }, + "value": { + "raw-value": { + "type": "bytes", + "value": "cmF3dmFsdWUKcmF3dmFsdWUK" + } } } - } + ] } ] } diff --git a/scheme/arm-cca/test/corim/build-test-vectors.sh b/scheme/arm-cca/test/corim/build-test-vectors.sh index 16a64376..bd2390b4 100755 --- a/scheme/arm-cca/test/corim/build-test-vectors.sh +++ b/scheme/arm-cca/test/corim/build-test-vectors.sh @@ -5,64 +5,77 @@ set -eu set -o pipefail -THIS_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -GEN_CORIM="$THIS_DIR/../../../common/scripts/gen-corim" +# function generate_go_test_vector constructs CBOR test vector using +# supplied comid and corim json template and saves them in a file +# $1 file name for comid json template, example one of COMID_TEMPLATES +# $2 file name for corim json template, example CORIM_TEMPLATE +# $3 a qualifier for each cbor test vector name +# $4 name of the file where the generated CBOR test vectors are aggregated +generate_go_test_vector () { + echo "generating test vector using $1 $2" + cocli comid create -t $1.json + cocli corim create -m $1.cbor -t $2.json -o corim$1.cbor + echo "// automatically generated from:" >> $4 + echo "// $1.json and $2.json" >> $4 + echo "var $3$2$1 = "'`' >> $4 + cat corim$1.cbor | xxd -p >> $4 + echo '`' >> $4 +} + +CORIM_REALM_TEMPLATE="corimCcaRealm" -SUBATTESTERS=( - cca_platform - cca_realm -) +COMID_REALM_TEMPLATES= +COMID_REALM_TEMPLATES="${COMID_REALM_TEMPLATES} comidCcaRealm" +COMID_REALM_TEMPLATES="${COMID_REALM_TEMPLATES} comidCcaRealmNoClass" +COMID_REALM_TEMPLATES="${COMID_REALM_TEMPLATES} comidCcaRealmNoInstance" +COMID_REALM_TEMPLATES="${COMID_REALM_TEMPLATES} comidCcaRealmInvalidInstance" +COMID_REALM_TEMPLATES="${COMID_REALM_TEMPLATES} comidCcaRealmInvalidClass" -CORIM_REALM_TEMPLATES=( - corimCcaRealm -) +# CORIM CCA PLATFORM TEMPLATES +CORIM_PLATFORM_TEMPLATE="corimCca" +CORIM_PLATFORM_TEMPLATE="${CORIM_PLATFORM_TEMPLATE} corimCcaNoProfile" -COMID_REALM_TEMPLATES=( - comidCcaRealm - comidCcaRealmNoClass - comidCcaRealmNoInstance - comidCcaRealmInvalidInstance - comidCcaRealmInvalidClass -) +# COMID CCA PLATFORM TEMPLATES +COMID_PLATFORM_TEMPLATES= +COMID_PLATFORM_TEMPLATES="${COMID_PLATFORM_TEMPLATES} comidCcaRefValOne" +COMID_PLATFORM_TEMPLATES="${COMID_PLATFORM_TEMPLATES} comidCcaRefValFour" -CORIM_PLATFORM_TEMPLATES=( - corimCca - corimCcaNoProfile -) +TV_DOT_GO=${TV_DOT_GO?must be set in the environment.} -COMID_PLATFORM_TEMPLATES=( - comidCcaRefValOne - comidCcaRefValFour -) +printf "package cca\n\n" > ${TV_DOT_GO} -# function to generate test vectors for the supplied CCA Platform or Realm +# function to generate test vectors for the supplied CCA Platform or Realm # $1 passed argument whose templates needs to be constructed generate_templates() { - local sub_at=$1 - echo "generating templates for subattester $sub_at" + echo "generating templates for subattester $1" + printf "" >> ${TV_DOT_GO} - if [ "$sub_at" == "cca_platform" ]; then - COMID_TEMPLATES=("${COMID_PLATFORM_TEMPLATES[@]}") - CORIM_TEMPLATES=("${CORIM_PLATFORM_TEMPLATES[@]}") + if [ "$1" == "cca_platform" ]; then + COMID_TEMPLATES=$COMID_PLATFORM_TEMPLATES + CORIM_TEMPLATE=$CORIM_PLATFORM_TEMPLATE else - COMID_TEMPLATES=("${COMID_REALM_TEMPLATES[@]}") - CORIM_TEMPLATES=("${CORIM_REALM_TEMPLATES[@]}") + COMID_TEMPLATES=$COMID_REALM_TEMPLATES + CORIM_TEMPLATE=$CORIM_REALM_TEMPLATE fi - - for corim in "${CORIM_TEMPLATES[@]}" + + for r in ${CORIM_TEMPLATE} do - for comid in "${COMID_TEMPLATES[@]}" + for t in ${COMID_TEMPLATES} do - "$GEN_CORIM" "$THIS_DIR" "$comid" "$corim" "unsigned" + generate_go_test_vector $t $r "unsigned" $TV_DOT_GO done done } -for at in "${SUBATTESTERS[@]}" +SUBATTESTER= +SUBATTESTER="${SUBATTESTER} cca_platform" +SUBATTESTER="${SUBATTESTER} cca_realm" + +for at in ${SUBATTESTER} do - generate_templates "$at" + generate_templates $at done -echo "done" +gofmt -w $TV_DOT_GO \ No newline at end of file diff --git a/scheme/arm-cca/test/corim/comidCcaRealm.json b/scheme/arm-cca/test/corim/comidCcaRealm.json new file mode 100644 index 00000000..a8b80ad7 --- /dev/null +++ b/scheme/arm-cca/test/corim/comidCcaRealm.json @@ -0,0 +1,79 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "Workload Client Ltd.", + "regid": "https://workloadclient.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "uuid", + "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" + }, + "vendor": "Workload Client Ltd" + }, + "instance": { + "type": "bytes", + "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + } + }, + "measurements": [ + { + "value": { + "raw-value": { + "type": "bytes", + "value": "5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXXkW3L1wMC1cttNjTq36X82j/dOYjR6gk3stnqE5SJNdQ==" + }, + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + } + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/comidCcaRealmInvalidClass.json b/scheme/arm-cca/test/corim/comidCcaRealmInvalidClass.json new file mode 100644 index 00000000..26da78d4 --- /dev/null +++ b/scheme/arm-cca/test/corim/comidCcaRealmInvalidClass.json @@ -0,0 +1,79 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "Workload Client Ltd.", + "regid": "https://workloadclient.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "psa.impl-id", + "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" + }, + "vendor": "ACME" + }, + "instance": { + "type": "bytes", + "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + } + }, + "measurements": [ + { + "value": { + "raw-value": { + "type": "bytes", + "value": "5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXXkW3L1wMC1cttNjTq36X82j/dOYjR6gk3stnqE5SJNdQ==" + }, + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + } + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/comidCcaRealmInvalidInstance.json b/scheme/arm-cca/test/corim/comidCcaRealmInvalidInstance.json new file mode 100644 index 00000000..a7ecff92 --- /dev/null +++ b/scheme/arm-cca/test/corim/comidCcaRealmInvalidInstance.json @@ -0,0 +1,75 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "Workload Client Ltd.", + "regid": "https://workloadclient.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "uuid", + "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" + }, + "vendor": "Workload Client Ltd" + }, + "instance": { + "type": "ueid", + "value": "Ac7rrnuJJ6MiflMDz14PH3s0u1Qq1yUKwD+83jbsLxUI" + } + }, + "measurements": [ + { + "value": { + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + } + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/comidCcaRealmNoClass.json b/scheme/arm-cca/test/corim/comidCcaRealmNoClass.json new file mode 100644 index 00000000..469585d0 --- /dev/null +++ b/scheme/arm-cca/test/corim/comidCcaRealmNoClass.json @@ -0,0 +1,68 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "Workload Client Ltd.", + "regid": "https://workloadclient.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "instance": { + "type": "bytes", + "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + } + }, + "measurements": [ + { + "value": { + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + } + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/comidCcaRealmNoInstance.json b/scheme/arm-cca/test/corim/comidCcaRealmNoInstance.json new file mode 100644 index 00000000..2b38bd54 --- /dev/null +++ b/scheme/arm-cca/test/corim/comidCcaRealmNoInstance.json @@ -0,0 +1,71 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "Workload Client Ltd.", + "regid": "https://workloadclient.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "uuid", + "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" + }, + "vendor": "Workload Client Ltd" + } + }, + "measurements": [ + { + "value": { + "integrity-registers": { + "rim": { + "key-type": "text", + "value": [ + "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" + ] + }, + "rem0": { + "key-type": "text", + "value": [ + "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem1": { + "key-type": "text", + "value": [ + "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem2": { + "key-type": "text", + "value": [ + "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + }, + "rem3": { + "key-type": "text", + "value": [ + "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" + ] + } + } + } + } + ] + } + ] + } +} diff --git a/scheme/arm-cca/test/corim/src/corimCca.json b/scheme/arm-cca/test/corim/corimCca.json similarity index 90% rename from scheme/arm-cca/test/corim/src/corimCca.json rename to scheme/arm-cca/test/corim/corimCca.json index cbebc13b..8413db0a 100644 --- a/scheme/arm-cca/test/corim/src/corimCca.json +++ b/scheme/arm-cca/test/corim/corimCca.json @@ -6,7 +6,9 @@ "thumbprint": "sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=" } ], - "profile": "http://arm.com/cca/ssd/1", + "profiles": [ + "http://arm.com/cca/ssd/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" diff --git a/scheme/arm-cca/test/corim/src/corimCcaRealm.json b/scheme/arm-cca/test/corim/corimCcaRealm.json similarity index 84% rename from scheme/arm-cca/test/corim/src/corimCcaRealm.json rename to scheme/arm-cca/test/corim/corimCcaRealm.json index d57492bd..cb496711 100644 --- a/scheme/arm-cca/test/corim/src/corimCcaRealm.json +++ b/scheme/arm-cca/test/corim/corimCcaRealm.json @@ -1,6 +1,8 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/cca/realm/1", + "profiles": [ + "http://arm.com/cca/realm/1" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" diff --git a/scheme/arm-cca/test/corim/src/comidCcaRealm.json b/scheme/arm-cca/test/corim/src/comidCcaRealm.json deleted file mode 100644 index b2c3f494..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRealm.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "Workload Client Ltd.", - "regid": "https://workloadclient.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - }, - "vendor": "Workload Client Ltd" - }, - "instance": { - "type": "bytes", - "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - } - }, - "measurement": { - "value": { - "raw-value": { - "type": "bytes", - "value": "5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXXkW3L1wMC1cttNjTq36X82j/dOYjR6gk3stnqE5SJNdQ==" - }, - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem3": { - "key-type": "text", - "value": [ - "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidClass.json b/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidClass.json deleted file mode 100644 index c4080743..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidClass.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "Workload Client Ltd.", - "regid": "https://workloadclient.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME" - }, - "instance": { - "type": "bytes", - "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - } - }, - "measurement": { - "value": { - "raw-value": { - "type": "bytes", - "value": "5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXXkW3L1wMC1cttNjTq36X82j/dOYjR6gk3stnqE5SJNdQ==" - }, - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem3": { - "key-type": "text", - "value": [ - "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidInstance.json b/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidInstance.json deleted file mode 100644 index 47558bde..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRealmInvalidInstance.json +++ /dev/null @@ -1,73 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "Workload Client Ltd.", - "regid": "https://workloadclient.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - }, - "vendor": "Workload Client Ltd" - }, - "instance": { - "type": "ueid", - "value": "Ac7rrnuJJ6MiflMDz14PH3s0u1Qq1yUKwD+83jbsLxUI" - } - }, - "measurement": { - "value": { - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem3": { - "key-type": "text", - "value": [ - "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRealmNoClass.json b/scheme/arm-cca/test/corim/src/comidCcaRealmNoClass.json deleted file mode 100644 index 1e4c5771..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRealmNoClass.json +++ /dev/null @@ -1,66 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "Workload Client Ltd.", - "regid": "https://workloadclient.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "instance": { - "type": "bytes", - "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - } - }, - "measurement": { - "value": { - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem3": { - "key-type": "text", - "value": [ - "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRealmNoInstance.json b/scheme/arm-cca/test/corim/src/comidCcaRealmNoInstance.json deleted file mode 100644 index 0bca088b..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRealmNoInstance.json +++ /dev/null @@ -1,69 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "Workload Client Ltd.", - "regid": "https://workloadclient.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - }, - "vendor": "Workload Client Ltd" - } - }, - "measurement": { - "value": { - "integrity-registers": { - "rim": { - "key-type": "text", - "value": [ - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - }, - "rem0": { - "key-type": "text", - "value": [ - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem1": { - "key-type": "text", - "value": [ - "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem2": { - "key-type": "text", - "value": [ - "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - }, - "rem3": { - "key-type": "text", - "value": [ - "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/comidCcaRefValFour.json b/scheme/arm-cca/test/corim/src/comidCcaRefValFour.json deleted file mode 100644 index 12de6cd4..00000000 --- a/scheme/arm-cca/test/corim/src/comidCcaRefValFour.json +++ /dev/null @@ -1,127 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "ACME Ltd.", - "regid": "https://acme.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "PRoT", - "version": "1.3.5", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "ARoT", - "version": "0.1.4", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "any-value" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "cmF3dmFsdWUKcmF3dmFsdWUK" - } - } - } - } - ] - } -} diff --git a/scheme/arm-cca/test/corim/src/corimCcaNoProfile.json b/scheme/arm-cca/test/corim/src/corimCcaNoProfile.json deleted file mode 100644 index b0650f9e..00000000 --- a/scheme/arm-cca/test/corim/src/corimCcaNoProfile.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "dependent-rims": [ - { - "href": "https://parent.example/rims/ccb3aa85-61b4-40f1-848e-02ad6e8a254b", - "thumbprint": "sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=" - } - ], - "validity": { - "not-before": "2021-12-31T00:00:00Z", - "not-after": "2025-12-31T00:00:00Z" - }, - "entities": [ - { - "name": "ACME Ltd.", - "regid": "acme.example", - "roles": [ - "manifestCreator" - ] - } - ] -} diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaComidCcaRefValFour.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaComidCcaRefValFour.cbor deleted file mode 100644 index 8a8cc36afbc75002d3a8da8949daa59298e81f84..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 847 zcmZ3+5D*jo;)~l^C+UeNInGahX!D1$F_Nk7CgZOq45_Jky6#Sl3mF2OcR#MzOY}Bg zcRBd{N2hKvrpCn#nU2oBt_nUSDSC`I6iPBmN(zdt^z{>yb5r$FD-v@Ha#ER^85o&Z z7BaLnEo4~CaFZz_LIEVLn+cN4P0cGwEXmBz)6GoLHGl#`#uSjLOj$wsi77#)d3mWt zi+~y<7c(X~`LLuK=^5%7utq4X*)4ed$t}eq)*zcF=cH7k9xk$6XOsPRUPa;er#E)J z$Yxx~)Y!xrq0sKse^jZ#){rf(`kc)N`zNKGX@*Z9RPU|gzn5_2yy|f(xGN!W4?X%Io2l#jT(j*}Lx0}PMtf?w%n|G|17Mh$ zkl?b#OP`B=I1}zweE8?S-Pwoyjs9QVR&7z_a_A)It@2qS6_mOxDl;*!QnxHIr!#Bf8Q!U2}33KENesRfp-^oufci}jO}lZ+D+ElhRI43kWB zO$^cubuCORQgscC5>w1lEfS4PO_CTviQq|e(boe9wiey??X}wevfix!yI+z?Rg>?V zZB;E#m3&K?D*jeM6Q-3nA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5@2%?y)FbWIG>40SC`EK+q1j1p7KQY{jVOihv)n;0V$oDl;U#ffYTda!`V(kr4n$f{aQ4 diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValFour.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValFour.cbor deleted file mode 100644 index 04a63a5aa532e08582238581fff4ad93e7999965..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 820 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_Nk7CgZOq45_Jky6#Sl3mF2OcR#MzOY}Bg zcRBd{N2hKvrpCn#nU2oBt_nUSDSC`I6iPBmN(zdt^z{>yb5r$FD-v@Ha#ER^85o&Z z7BaLnEo4~CaFZz_LIEVLn+cN4P0cGwEXmBz)6GoLHGl#`#uSjLOj$wsi77#)d3mWt zi+~y<7c(X~`LLuK=^5%7utq4X*)4ed$t}eq)*zcF=cH7k9xk$6XOsPRUPa;er#E)J z$Yxx~)Y!xrq0sKse^jZ#){rf(`kc)N`zNKGX@*Z9RPU|gzn5_2yy|f(xGN!W4?X%Io2l#jT(j*}Lx0}PMtf?w%n|G|17Mh$ zkl?b#OP`B=I1}zweE8?S-Pwoyjs9QVR&7z_a_A)It@2qS6_mOxDl;*!QnxHIr!#Bf8Q!U2}33KENesRfp-^oufci}jO}lZ+D+ElhRI43kWB zO$^cubuCORQgscC5>w1lEfS4PO_CTviQq|e(boe9wiey??X}wevfix!yI+z?Rg>?V lZB;E#m3&KC7BL)@N<8Pmz<5w9GbFu%6+La|prq+WMgTdvJ~sdW diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValOne.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaNoProfileComidCcaRefValOne.cbor deleted file mode 100644 index f49ccae9bddabad2deac44bef0d3c50fe88f878e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 359 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F=EqA#$QVqQd9GE-JKX0G6Xp9eq67Y=xx02 za`5?&PTgWmjf)vF9i4q$6?{rk^cZg_lw_2Y6ck(O>nA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5@2%?y)FbWIG>40SC`EK+q1j1p7KQY{jVOihv)n;0V$oRO!y^YJ92yw` D^$CN5 diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealm.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealm.cbor deleted file mode 100644 index c41ff5e42046297f6470b8d238393d68a31856ee..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 665 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_OvnCgZOq45_Jky6#Sl3mF2OcR#MzOY}Bg zcRBd{N2hKvrpCn#CE@u+**W=%DGJUxnW=dt3O*$%dW<&|D&#UsN(zdt^!3Z33X;L{ zdZ`tOxdl0?OwA08Oe_l-8k-g|EMmB!8gN#gFI4TP8}H5=-~T==tf*lu#$qz#O(uf~ z1E-d)nLf)7TsrUGxnO7138t9F-lxheX5P=wYBp}V^!8ZmW+nByLlKhGRD^Gw+;s5k zLdHcbAdL=BqKm#BIIy+owr{W1_Luc${onnPOsblE-)yUDd8*`FN=Tk>X>w6!ZetTW z>263VO3gI@>r`al{XFr{Qr)S-S;8T=t9-9kORMeUwOuYdZog@%Cv$}qDB^+fo>-KtmzFDh13QILPiOIRC@Fdd62mn-T9DV=* diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidClass.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidClass.cbor deleted file mode 100644 index b48479b763ee4f207d90c8786e744fcb4c65612f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 668 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_OvbCgZOq45_Jky6#Sl3mF2OcR#MzOY}Bg zcRBd{N2hKvrpCn#CE@u+**W=%DGJUxnW=dt3O*$%dW<&|D&#UsN(zdt^!3Z33X;L{ zdZ`tOxdl0?OwA08Oe_l-8k-g|EMmCH6cM42n4Fucn+cN41sarCl9`{Uo0+0(00oAO zDUQy*u8cRC3?dAiTDE5TEIV-NynE+@olz&4Vj6p&Dzlh*KR>J4xarc{W38K&)awpK zNKR7`zHxHX!LJJ$7qNgeIy{Lk`g-8N)}q_Ky;j>_)|>Tz_e(OVYVv)vt*Ygzl5Z&? zdA_B|MVYycP3)w*A*Coa*8r?jk$v~`#6L@QrwV5Yhup66y;?1;wvX3#x$L}6mTjB8 zmx-?a7U=UiE^6M=C}v%@t_qM&L$FR&GISb&bsCbP(-^GNlti7(6;hzM2S$BjQLbKc zey)CUa-x1wYGO{Vz9GvZhJ#Xx=R6n~4@zZ*q&Khv(@-WTUSSC*2b2upsict+0H})? A)c^nh diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidInstance.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmInvalidInstance.cbor deleted file mode 100644 index 4e7fd5b42958783b5f60e2ddc0e3c27124f4a285..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 580 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_Q7#O~zkK7*bR7blsg87cvAm?|xjbm*{Q0 z?sD+?k51iUOpS{fO2YGtvUBniQxu$YGE?(P6nsij^cZg_RLEtNloS+O>Fbw66(ob@ z^-?Pma|?1(nVK0GnOGJwG&U__Sj2EcHQ=l~U#QwoH{P8$zW;q#SW&}RjKyTen@nmE zij3!8udD7w6!ZetUBgn?7b z)=Zye2QHm=?_97m>I73vWA9UC7BlbXXEhr)U3z=0b+eLs-JuA{X)3}uPHsB*HKiyu z*8r?jk$v~`#6L@QrwV5Yhup66y;?1;wvX3#x$L}6mTjB8mx-?a7U=UiE^6M=C}v%@ zt_qM&L$FR&GISb&bsCbP(-^GNlti7(6;hx$0!C3{QLbKcey)CUa-x1wYGO{Vz9GvZ nhJ#Xx=R6n~4@zZ*q&Khv<2uvP+1C{o!8wV^xvB8jY-9ugFbw66(ob@ z^-?Pma|?1(nVK0GnOGJwG&U_{yvbw`Vc^uVHPdI=flKGzI~VMXI>8jv*!xtO#mxKp zSJL$Spic)h8z&aJ#cRx@3 zvs8DgaF%e$?JD1^)zWJFcx{)<&f8?!w%L1`=<08QKA+>F<}Hn4)@AFe0O>RY>r^E} zrx94EAsIT2!8%Pz)X7{S1&Rk?G$a<~>Lusr>L({B>KCOZ=H%)dvMgdaD3y55gMsm& dRAxwe11m5-Gaa3MU15=!lbD>F3XicyMgUvU<^=!% diff --git a/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmNoInstance.cbor b/scheme/arm-cca/test/corim/unsignedCorimCcaRealmComidCcaRealmNoInstance.cbor deleted file mode 100644 index e6351aa9497b4bb540eb8f4d6adc13d5947e255e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 541 zcmZ3=5D*jo;)~l^C+UeNInGahX!D1$F_LlnO~zkK7*bR7blsg87cvAm?|xjbm*{Q0 z?sD+?k51iUOpS{fO2YGtvUBniQxu$YGE?(P6nsij^cZg_RLEtNloS+O>Fbw66(ob@ z^-?Pma|?1(nVK0GnOGJwG&U_{Sj2EcHQ=l~U#QwoH{P8$zW;q#SW&}RjK$=Ij0^de zCKqMqHa4+G7&x_T&GcDz;L>^b&ILQ8PB6tZ_C8f+G4pv9g2{g zrXqaf^ur{IgVds&JNY$n7fMtJTtK`*>}a%g) 1 { + var profiles []string + for _, p := range *uc.Profiles { + name, _ := p.Get() + profiles = append(profiles, name) + } + return nil, fmt.Errorf("found multiple profiles (expected exactly one): %s", strings.Join(profiles, ", ")) + } + p := (*uc.Profiles)[0] + profile, err := p.Get() if err != nil { return nil, fmt.Errorf("failed to get the profile information: %w", err) } @@ -67,17 +78,15 @@ func UnsignedCorimDecoder( } if c.Triples.ReferenceValues != nil { - refVals, err := xtr.RefValExtractor(*c.Triples.ReferenceValues) - if err != nil { - return nil, fmt.Errorf( - "bad software component in CoMID at index %d: %w", - i, - err, - ) - } + for _, rv := range *c.Triples.ReferenceValues { + refVals, err := xtr.RefValExtractor(rv) + if err != nil { + return nil, fmt.Errorf("bad software component in CoMID at index %d: %w", i, err) + } - for _, refVal := range refVals { - rsp.ReferenceValues = append(rsp.ReferenceValues, *refVal) + for _, refVal := range refVals { + rsp.ReferenceValues = append(rsp.ReferenceValues, *refVal) + } } } @@ -85,11 +94,7 @@ func UnsignedCorimDecoder( for _, avk := range *c.Triples.AttestVerifKeys { k, err := xtr.TaExtractor(avk) if err != nil { - return nil, fmt.Errorf( - "bad key in CoMID at index %d: %w", - i, - err, - ) + return nil, fmt.Errorf("bad key in CoMID at index %d: %w", i, err) } rsp.TrustAnchors = append(rsp.TrustAnchors, *k) diff --git a/scheme/parsec-cca/corim_test_vectors.go b/scheme/parsec-cca/corim_test_vectors.go index 4a6a62ef..8eef79a7 100644 --- a/scheme/parsec-cca/corim_test_vectors.go +++ b/scheme/parsec-cca/corim_test_vectors.go @@ -1,14 +1,55 @@ -// Copyright 2023-2024 Contributors to the Veraison project. +// Copyright 2023 Contributors to the Veraison project. // SPDX-License-Identifier: Apache-2.0 package parsec_cca -import _ "embed" +// automatically generated from: +// ComidParsecCcaRefValOne.json and corimParsecCca.json +var unsignedCorimComidParsecCcaRefValOne = ` +a600505c57e8f446cd421b91c908cf93e13cfc018158b4d901faa4006565 +6e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a3006941 +434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d70 +6c65028300010204a1008182a100a300d90258582061636d652d696d706c +656d656e746174696f6e2d69642d303030303030303031016441434d4502 +6a526f616452756e6e657281a200d9025a6a6366672076312e302e3001a1 +04d902305272617776616c75650a72617776616c75650a0281a200d82078 +4068747470733a2f2f706172656e742e6578616d706c652f72696d732f63 +636233616138352d363162342d343066312d383438652d30326164366538 +61323534620182015820e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62 +347a824decb67a84e5224d750381782c7461673a6769746875622e636f6d +2f706172616c6c61787365636f6e642c323032332d30332d30333a636361 +04a200c11a61ce480001c11a695467800581a3006941434d45204c74642e +01d8206c61636d652e6578616d706c65028101 +` -var ( - //go:embed test/corim/unsignedCorimParsecCcaComidParsecCcaRefValOne.cbor - unsignedCorimComidParsecCcaRefValOne []byte - - //go:embed test/corim/unsignedCorimParsecCcaComidParsecCcaMultRefVal.cbor - unsignedCorimComidParsecCcaMultRefVal []byte -) +// automatically generated from: +// ComidParsecCcaMultRefVal.json and corimParsecCca.json +var unsignedCorimComidParsecCcaMultRefVal = ` +a600505c57e8f446cd421b91c908cf93e13cfc018159022ed901faa40065 +656e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1008182a100a300d9025858207f454c4602010100 +000000000000000003003e00010000005058000000000000016441434d45 +026a526f616452756e6e657285a200d90259a30162424c0465332e342e32 +05582007060504030201000f0e0d0c0b0a090817161514131211101f1e1d +1c1b1a191801a102818201582007060504030201000f0e0d0c0b0a090817 +161514131211101f1e1d1c1b1a1918a200d90259a301624d310463312e32 +05582007060504030201000f0e0d0c0b0a090817161514131211101f1e1d +1c1b1a191801a102818201582007060504030201000f0e0d0c0b0a090817 +161514131211101f1e1d1c1b1a1918a200d90259a301624d320465312e32 +2e3305582007060504030201000f0e0d0c0b0a090817161514131211101f +1e1d1c1b1a191801a102818201582007060504030201000f0e0d0c0b0a09 +0817161514131211101f1e1d1c1b1a1918a200d90259a301624d33046131 +05582007060504030201000f0e0d0c0b0a090817161514131211101f1e1d +1c1b1a191801a102818201582007060504030201000f0e0d0c0b0a090817 +161514131211101f1e1d1c1b1a1918a200d9025a6a6366672076312e302e +3001a104d9023058210107060504030201000f0e0d0c0b0a090817161514 +131211101f1e1d1c1b1a19180281a200d820784068747470733a2f2f7061 +72656e742e6578616d706c652f72696d732f63636233616138352d363162 +342d343066312d383438652d3032616436653861323534620182015820e4 +5b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d +750381782c7461673a6769746875622e636f6d2f706172616c6c61787365 +636f6e642c323032332d30332d30333a63636104a200c11a61ce480001c1 +1a695467800581a3006941434d45204c74642e01d8206c61636d652e6578 +616d706c65028101 +` diff --git a/scheme/parsec-cca/endorsement_handler_test.go b/scheme/parsec-cca/endorsement_handler_test.go index 59a38a20..d44da569 100644 --- a/scheme/parsec-cca/endorsement_handler_test.go +++ b/scheme/parsec-cca/endorsement_handler_test.go @@ -6,10 +6,11 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/veraison/corim/comid" ) func TestDecoder_Decode_OK(t *testing.T) { - tvs := [][]byte{ + tvs := []string{ unsignedCorimComidParsecCcaRefValOne, unsignedCorimComidParsecCcaMultRefVal, } @@ -17,7 +18,8 @@ func TestDecoder_Decode_OK(t *testing.T) { d := &EndorsementHandler{} for _, tv := range tvs { - _, err := d.Decode(tv) + data := comid.MustHexDecode(t, tv) + _, err := d.Decode(data) assert.NoError(t, err) } } diff --git a/scheme/parsec-cca/parsec_cca_extractor.go b/scheme/parsec-cca/parsec_cca_extractor.go index cb052eb3..c6dc35d5 100644 --- a/scheme/parsec-cca/parsec_cca_extractor.go +++ b/scheme/parsec-cca/parsec_cca_extractor.go @@ -14,17 +14,15 @@ type ParsecCcaExtractor struct { Profile string } -func (o ParsecCcaExtractor) RefValExtractor( - rvs comid.ValueTriples, -) ([]*handler.Endorsement, error) { +func (o ParsecCcaExtractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsement, error) { if o.Profile != "tag:github.com/parallaxsecond,2023-03-03:cca" { return nil, fmt.Errorf("invalid profile: %s for scheme PARSEC_CCA", o.Profile) } subScheme := &platform.CcaSsdExtractor{} - return subScheme.RefValExtractor(rvs) + return subScheme.RefValExtractor(rv) } -func (o ParsecCcaExtractor) TaExtractor(avk comid.KeyTriple) (*handler.Endorsement, error) { +func (o ParsecCcaExtractor) TaExtractor(avk comid.AttestVerifKey) (*handler.Endorsement, error) { if o.Profile != "tag:github.com/parallaxsecond,2023-03-03:cca" { return nil, fmt.Errorf("invalid profile: %s for scheme PARSEC_CCA", o.Profile) } diff --git a/scheme/parsec-cca/test/corim/ComidParsecCcaMultRefVal.json b/scheme/parsec-cca/test/corim/ComidParsecCcaMultRefVal.json new file mode 100644 index 00000000..7cdf68a1 --- /dev/null +++ b/scheme/parsec-cca/test/corim/ComidParsecCcaMultRefVal.json @@ -0,0 +1,108 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "ACME Ltd.", + "regid": "https://acme.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "psa.impl-id", + "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" + }, + "vendor": "ACME", + "model": "RoadRunner" + } + }, + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "3.4.2", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, + "value": { + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M1", + "version": "1.2", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, + "value": { + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M2", + "version": "1.2.3", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, + "value": { + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "M3", + "version": "1", + "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + } + }, + "value": { + "digests": [ + "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" + ] + } + }, + { + "key": { + "type": "cca.platform-config-id", + "value": "cfg v1.0.0" + }, + "value": { + "raw-value": { + "type": "bytes", + "value": "AQcGBQQDAgEADw4NDAsKCQgXFhUUExIREB8eHRwbGhkY" + } + } + } + ] + } + ] + } + } \ No newline at end of file diff --git a/scheme/parsec-cca/test/corim/src/ComidParsecCcaRefValOne.json b/scheme/parsec-cca/test/corim/ComidParsecCcaRefValOne.json similarity index 67% rename from scheme/parsec-cca/test/corim/src/ComidParsecCcaRefValOne.json rename to scheme/parsec-cca/test/corim/ComidParsecCcaRefValOne.json index 440d3c38..c24561ee 100644 --- a/scheme/parsec-cca/test/corim/src/ComidParsecCcaRefValOne.json +++ b/scheme/parsec-cca/test/corim/ComidParsecCcaRefValOne.json @@ -28,19 +28,21 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "cfg v1.0.0" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "cmF3dmFsdWUKcmF3dmFsdWUK" + "measurements": [ + { + "key": { + "type": "cca.platform-config-id", + "value": "cfg v1.0.0" + }, + "value": { + "raw-value": { + "type": "bytes", + "value": "cmF3dmFsdWUKcmF3dmFsdWUK" + } } } - } + ] } ] } - } + } \ No newline at end of file diff --git a/scheme/parsec-cca/test/corim/Makefile b/scheme/parsec-cca/test/corim/Makefile new file mode 100644 index 00000000..104ebcfc --- /dev/null +++ b/scheme/parsec-cca/test/corim/Makefile @@ -0,0 +1,10 @@ +OUTPUT := ../../corim_test_vectors.go + +DEPS := $(wildcard Comid*.json) + +all: $(OUTPUT) + +$(OUTPUT): $(DEPS) + env TV_DOT_GO=$(OUTPUT) ./build-test-vectors.sh + +clean: ; $(RM) -f *.cbor \ No newline at end of file diff --git a/scheme/parsec-cca/test/corim/build-test-vectors.sh b/scheme/parsec-cca/test/corim/build-test-vectors.sh index 839baf6a..684d5954 100755 --- a/scheme/parsec-cca/test/corim/build-test-vectors.sh +++ b/scheme/parsec-cca/test/corim/build-test-vectors.sh @@ -1,23 +1,41 @@ #!/bin/bash -# Copyright 2022-2024 Contributors to the Veraison project. +# Copyright 2022-2023 Contributors to the Veraison project. # SPDX-License-Identifier: Apache-2.0 set -eu set -o pipefail -THIS_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -GEN_CORIM="$THIS_DIR/../../../common/scripts/gen-corim" +# function generate_go_test_vector constructs CBOR test vector using +# supplied comid and corim json template and saves them in a file +# $1 file name for comid json template, example one of COMID_TEMPLATES +# $2 file name for corim json template, example CORIM_TEMPLATE +# $3 a qualifier for each cbor test vector name +# $4 name of the file where the generated CBOR test vectors are aggregated +generate_go_test_vector () { + echo "generating test vector using $1 $2" + cocli comid create -t $1.json + cocli corim create -m $1.cbor -t $2 -o corim$1.cbor + echo "// automatically generated from:" >> $4 + echo "// $1.json and $2" >> $4 + echo "var $3$1 = "'`' >> $4 + cat corim$1.cbor | xxd -p >> $4 + echo '`' >> $4 +} -CORIM_TEMPLATE=corimParsecCca +CORIM_TEMPLATE="corimParsecCca.json" -COMID_TEMPLATES=( - ComidParsecCcaRefValOne - ComidParsecCcaMultRefVal -) +COMID_TEMPLATES= +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecCcaRefValOne" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecCcaMultRefVal" -for comid in "${COMID_TEMPLATES[@]}" + +TV_DOT_GO=${TV_DOT_GO?must be set in the environment.} + +printf "package parsec_cca\n\n" > ${TV_DOT_GO} + +for t in ${COMID_TEMPLATES} do - "$GEN_CORIM" "$THIS_DIR" "$comid" "$CORIM_TEMPLATE" "unsigned" + generate_go_test_vector $t $CORIM_TEMPLATE "unsignedCorim" $TV_DOT_GO done -echo "done" +gofmt -w $TV_DOT_GO diff --git a/scheme/parsec-cca/test/corim/src/corimParsecCca.json b/scheme/parsec-cca/test/corim/corimParsecCca.json similarity index 86% rename from scheme/parsec-cca/test/corim/src/corimParsecCca.json rename to scheme/parsec-cca/test/corim/corimParsecCca.json index 9796f95a..44e84c4e 100644 --- a/scheme/parsec-cca/test/corim/src/corimParsecCca.json +++ b/scheme/parsec-cca/test/corim/corimParsecCca.json @@ -6,7 +6,9 @@ "thumbprint": "sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=" } ], - "profile": "tag:github.com/parallaxsecond,2023-03-03:cca", + "profiles": [ + "tag:github.com/parallaxsecond,2023-03-03:cca" + ], "validity": { "not-before": "2021-12-31T00:00:00Z", "not-after": "2025-12-31T00:00:00Z" @@ -20,4 +22,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/scheme/parsec-cca/test/corim/src/ComidParsecCcaMultRefVal.json b/scheme/parsec-cca/test/corim/src/ComidParsecCcaMultRefVal.json deleted file mode 100644 index 4913c8c5..00000000 --- a/scheme/parsec-cca/test/corim/src/ComidParsecCcaMultRefVal.json +++ /dev/null @@ -1,154 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "ACME Ltd.", - "regid": "https://acme.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "BL", - "version": "3.4.2", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - } - }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "M1", - "version": "1.2", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - } - }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "M2", - "version": "1.2.3", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - } - }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "M3", - "version": "1", - "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - } - }, - "value": { - "digests": [ - "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUFgAAAAAAAA=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "cca.platform-config-id", - "value": "cfg v1.0.0" - }, - "value": { - "raw-value": { - "type": "bytes", - "value": "AQcGBQQDAgEADw4NDAsKCQgXFhUUExIREB8eHRwbGhkY" - } - } - } - } - ] - } - } diff --git a/scheme/parsec-cca/test/corim/unsignedCorimParsecCcaComidParsecCcaMultRefVal.cbor b/scheme/parsec-cca/test/corim/unsignedCorimParsecCcaComidParsecCcaMultRefVal.cbor deleted file mode 100644 index 9758a45139c3425f2df79d3a72f239b67ac60e19..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1026 zcmZ3+5D*jo;)~l^C+UeNInGahX!D1$F_KyKCgZOq45_Jky6#Sl3mF2OcR#MzOY}Bg zcRBd{N2hKvrpCn#nU2oBt_nUSDSC`I6iPBmN(zdt^z{>yb5r$FD-v@Ha#ER^85o&Z z7BaLpEo4~CaFZz_LZRN($Bl`RkpTvn8SEH9ynqOZ2xAJ!RHm$;{KS-?(!9LXqD4TB zk&79VoP1bPjrC0Qj94QS*x6WFn3)(E`1yEwxVbnv#KlBKgoOkJ$qO(uf~ zMMgr&i>YxD!wrQB2UwafNGwXtD}kkY{i4j=V*TXgB;&+H3sYS)!z2@36N5BET?-S7 zR9yq3#1yksi$o(+lO#q^8hsL7^!31jtwpzed#$#=tT*fb?w4dz)#UqTTUEnA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5{UY3|sn#u)dFf}e>xS>$t0CPz}ViC{^m|OIV zGINXdlarH-6B8{=b&^PV`z4uFHTk~TR@L%U$+wibLZ>7#-6}n^B%?G*FF8L~A81`-PEKM) wacXjYUW$&9fswJU0SH+oCnvHjVmK(3c+P`?@t{;@NO}V+didp_gj*vc05 /dev/null && pwd ) -GEN_CORIM="$THIS_DIR/../../../common/scripts/gen-corim" - -CORIM_TEMPLATE=corimMini - -COMID_TEMPLATES=( - ComidParsecTpmKeyGood - ComidParsecTpmKeyNoClass - ComidParsecTpmKeyNoClassId - ComidParsecTpmKeyNoInstance - ComidParsecTpmKeyUnknownClassIdType - ComidParsecTpmKeyUnknownInstanceType - ComidParsecTpmKeyManyKeys - ComidParsecTpmPcrsGood - ComidParsecTpmPcrsNoClass - ComidParsecTpmPcrsNoPCR - ComidParsecTpmPcrsUnknownPCRType - ComidParsecTpmPcrsNoDigests -) - -for comid in "${COMID_TEMPLATES[@]}" +# function generate_go_test_vector constructs CBOR test vector using +# supplied comid and corim json template and saves them in a file +# $1 file name for comid json template, example one of COMID_TEMPLATES +# $2 file name for corim json template, example CORIM_CCA_TEMPLATE +# $3 a qualifier for each cbor test vector name +# $4 name of the file where the generated CBOR test vectors are aggregated +generate_go_test_vector () { + echo "generating test vector using $1 $2" + cocli comid create -t $1.json + cocli corim create -m $1.cbor -t $2 -o corim$1.cbor + echo "// automatically generated from:" >> $4 + echo "// $1.json and $2" >> $4 + echo "var $3$1 = "'`' >> $4 + cat corim$1.cbor | xxd -p >> $4 + echo '`' >> $4 +} + +CORIM_TEMPLATE="corimMini.json" + +COMID_TEMPLATES= +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyGood" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyNoClass" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyNoClassId" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyNoInstance" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyUnknownClassIdType" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyUnknownInstanceType" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmKeyManyKeys" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmPcrsGood" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmPcrsNoClass" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmPcrsNoPCR" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmPcrsUnknownPCRType" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidParsecTpmPcrsNoDigests" + +TV_DOT_GO=${TV_DOT_GO?must be set in the environment.} + +printf "package parsec_tpm\n\n" > ${TV_DOT_GO} + +for t in ${COMID_TEMPLATES} do - "$GEN_CORIM" "$THIS_DIR" "$comid" "$CORIM_TEMPLATE" "unsigned" + generate_go_test_vector $t $CORIM_TEMPLATE "unsignedCorim" $TV_DOT_GO done -echo "done" +gofmt -w $TV_DOT_GO diff --git a/scheme/parsec-tpm/test/corim/corimMini.json b/scheme/parsec-tpm/test/corim/corimMini.json new file mode 100644 index 00000000..265537bf --- /dev/null +++ b/scheme/parsec-tpm/test/corim/corimMini.json @@ -0,0 +1,6 @@ +{ + "corim-id": "B3EC060E-2A5B-4BC2-8F71-1DAB08CE5BE9", + "profiles": [ + "tag:github.com/parallaxsecond,2023-03-03:tpm" + ] +} diff --git a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsGood.json b/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsGood.json deleted file mode 100644 index 7b17ff43..00000000 --- a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsGood.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "tag-identity": { - "id": "99019224-57AA-44BC-BEF8-D36BDD6BD035" - }, - "entities": [ - { - "name": "Parsec", - "regid": "https://github.com/parallaxsecond", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "key": { - "type": "uint", - "value": 0 - }, - "value": { - "digests": [ - "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "key": { - "type": "uint", - "value": 1 - }, - "value": { - "digests": [ - "sha-256;rqg3uI4yCrzUdvWDmVLV4aYSwOSiJcuSBdIAcebDd0U=", - "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - ] - } -} diff --git a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoClass.json b/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoClass.json deleted file mode 100644 index 1fcaadec..00000000 --- a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoClass.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "tag-identity": { - "id": "99019224-57AA-44BC-BEF8-D36BDD6BD035" - }, - "entities": [ - { - "name": "Parsec", - "regid": "https://github.com/parallaxsecond", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "instance": { - "type": "ueid", - "value": "AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - } - }, - "measurement": { - "key": { - "type": "uint", - "value": 0 - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-384:QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - } - } - }, - { - "environment": { - "instance": { - "type": "ueid", - "value": "AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - } - }, - "measurement": { - "key": { - "type": "uint", - "value": 1 - }, - "value": { - "digests": [ - "sha-256:rqg3uI4yCrzUdvWDmVLV4aYSwOSiJcuSBdIAcebDd0U=", - "sha-384:IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - ] - } -} diff --git a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoPCR.json b/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoPCR.json deleted file mode 100644 index b5a10aef..00000000 --- a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsNoPCR.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "tag-identity": { - "id": "99019224-57AA-44BC-BEF8-D36BDD6BD035" - }, - "entities": [ - { - "name": "Parsec", - "regid": "https://github.com/parallaxsecond", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-384:QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "value": { - "digests": [ - "sha-256:rqg3uI4yCrzUdvWDmVLV4aYSwOSiJcuSBdIAcebDd0U=", - "sha-384:IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - ] - } -} diff --git a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsUnknownPCRType.json b/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsUnknownPCRType.json deleted file mode 100644 index 884ba66d..00000000 --- a/scheme/parsec-tpm/test/corim/src/ComidParsecTpmPcrsUnknownPCRType.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "tag-identity": { - "id": "99019224-57AA-44BC-BEF8-D36BDD6BD035" - }, - "entities": [ - { - "name": "Parsec", - "regid": "https://github.com/parallaxsecond", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "key": { - "type": "uuid", - "value": "30688A70-22F8-4966-8E52-8BE779DC57BA" - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-384:QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "uuid", - "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C" - } - } - }, - "measurement": { - "key": { - "type": "uuid", - "value": "94152A59-91E3-44C8-B75E-BE7F777A11BF" - }, - "value": { - "digests": [ - "sha-256:rqg3uI4yCrzUdvWDmVLV4aYSwOSiJcuSBdIAcebDd0U=", - "sha-384:IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4" - ] - } - } - } - ] - } -} diff --git a/scheme/parsec-tpm/test/corim/src/corimMini.json b/scheme/parsec-tpm/test/corim/src/corimMini.json deleted file mode 100644 index 8abf8483..00000000 --- a/scheme/parsec-tpm/test/corim/src/corimMini.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "corim-id": "B3EC060E-2A5B-4BC2-8F71-1DAB08CE5BE9", - "profile": "tag:github.com/parallaxsecond,2023-03-03:tpm" -} diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyGood.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyGood.cbor deleted file mode 100644 index ef312de1a3d339fa0f009c8dac6068edd22f6416..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 398 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMl!nJWc;<5aUny%y9fD`UpD#fncAAf)tI9f z$<(-*AuS-Ws5mv5@rFW$Vn#_xL9vy-etKp}Mro2>a(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkN)3=0`BhVB#`nJu3oB|EZ!)PxC^9k-0F5`9v??~}f`F5& zyQiN*K&X?Cr?Y~$Yb02Z%hxTt+_gN?!#h99vntEL*)cHE6UugR3`}+jOm}n*@eXox z)ekBUj>ymVv~WpDED7+BOxG{X^v*SkC@KljFLm{GEh`L+Dk}H#@JLQ8H%K-P536#| zFZ3~v)DJYP$o6ncO9>4t3^oc6&kjiO_BSvtEw{Dh0z1Lg&jsC8%oRE%iRo52Lr2HR Oz{ptF0EDbc3UUG3zzijf|Gqp8|t1(9} zlBsbqLs~#$QE_TA;|+xh#f*}Yf?_Lu{q)R|jM5~%zY2lKRSQ6kLnXX@&>78p7QB)G5U+U`XT2>esRaEZf;gOtHZjfvo9#-X^ zU+7~TsUK)ok?rA@mJ%9P7;F?Co*j_l?QdXQT5fC01$Kg~p9{LHhNPpJD|AW{)2(nu Ssg99>k+H4;2w9aBa(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkOlj5nFoA`}@J2!O_$Oj;EibV0z$)!oxiAt2Pr$J1HC+cgp_$mQ#nUG7>Q z>EWFphIj|Lx#|a%2S?=Rds?`pB$fpDN2cqSW_sru zMHH2U=$E?sx|S6NMirHNd3YqJl^Y}*hlf?U=NI}IN9qTfRb+d(rKN<16$TrHhi3<* rc>5a|mzLYwa)F)T>gR&)D&`8ElEic?oZ+BjWME{hYXCx4B?Y+v!q;-z diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoClassId.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoClassId.cbor deleted file mode 100644 index bc6f5421c9f23e68a1fa22a548bcf97a7fc5a6a7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 389 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMl#ynWc;<5aUny%y9fD`UpD#fncAAf)tI9f z$<(-*AuS-Ws5mv5@rFW$Vn#_xL9vy-etKp}Mro2>a(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkN)3=0`E9i4q$6+H8j^%!q5sYNIr;P42&u&_ww*aPAfM^HVzM~a?daHF^<#^G^@z= za7#-G4J!;b3J=c?Nb&YJFfJ{(wdDdk!PU6QSl0lAtV#-U E0m3YHaR2}S diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoInstance.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyNoInstance.cbor deleted file mode 100644 index d1a2103e25b37854d46fce6f09c7161efb406078..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 359 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMlvegWc;<5aUny%y9fD`UpD#fncAAf)tI9f z$<(-*AuS-Ws5mv5@rFW$Vn#_xL9vy-etKp}Mro2>a(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkOl3=0`BhVB#`nJu3oB|GZ!&3BY|sS(Cs%h*KZSr$Cm&B| z1#j0#uppPOTXwl?d8CJTew1fbmVvWlV5BFM?cx}i>=Kyn=o;c3g!ro7#LMl?&aZ;oK|j-Y#bg|<(^;YV;rd;XjYN! z;g*&X8dex=6ds-(kmBucU|d>mYs&?8f~%hkx~rHgbV?G_t#Eo<$H>6QSl0lAtV#-U E0Ut_x#{d8T diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownClassIdType.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownClassIdType.cbor deleted file mode 100644 index df232ea8fac948539cdf4dc17a039cc5808c4baf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 385 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMlxF6Wc;<5aUny%y9fD`UpD#fncAAf)tI9f z$<(-*AuS-Ws5mv5@rFW$Vn#_xL9vy-etKp}Mro2>a(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkN)3=0`<=Kyn=o;c3g!ro7#LMl?&aZ;oK|j-Y#bg|<(^;YV;rd;XjYN!;g*&X z8dex=6ds-(kmBucU|d>mYs&?8f~%hkx~rHgbV?G_t#Ag2j*)?pv919KS(Oyz0szmn BbwB_B diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownInstanceType.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmKeyUnknownInstanceType.cbor deleted file mode 100644 index 9b3b2195d03edd6dbe339811ad4086048ca69de7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 379 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMlzb*Wc;<5aUny%y9fD`UpD#fncAAf)tI9f z$<(-*AuS-Ws5mv5@rFW$Vn#_xL9vy-etKp}Mro2>a(=FUL1Iy2PEKM4P)UAX3R5!! zBNNL)=EkN)3=0`BhVB#`nJu3oB|EfnsGYhU&Zm&KKsEUHZ@I%fG(y zCX-gh23-(va&`CgQwRuk^6_+5@OF&^3v&6oWtY2_M|ybYM|oCd88|xzMtVZoE{=i8 zE`jNet|8t*Zm#-4<-rm8`JNUoDTyTk{*meWrJ3HjMiE6NA^N4RzOH43fl)=}ULGFF zY2^mV#^GUA?)im2#*zAgW);~UZfPl@VTHj);o;cl%QNRY^fE09Dz8WB>pF diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsGood.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsGood.cbor deleted file mode 100644 index 6c3ee245a2958a7bf2b1de1f8c7c9efea75f0a7f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 391 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMlw3wWc;<5aUny%OvXtn;j3Ks?E7&!`)>9H zQ>Mnn3~2$0Ma8Mfj5ic26f;Un3W}}t_0uy;GD?&5lJj%*3lfVGb8-?ZfJ*Z7Qka?< z7@1fWGBhLp9*6JYT5VPdDD3H@^RUSXfcBh=GA|AyZQmV}wGxQ~yz=23te6 zxaxB@AMBr$a;6zReNer(ivM21k@Kp@o7f`^oLaVK`Ybze>AZXAf}K$(m|_}xpDMGM zc|Sj^*|_P_+heVpmDKAFMMzFl5x#M9)4{K}t!0E+yKaT~jy@x9H zQ>Mnn3~2$0Ma8Mfj5ic26f;Un3W}}t_0uy;GD?&5lJj%*3lfVGb8-?ZfJ*Z7Qka?< z7@1fWGBhcQqYWsL?m&?xEWZAaadzt9!Z-G9a#AU`&?!kwx5624Iz|RY#<~U|WK~j-3jiIll(zr? diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsNoDigests.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsNoDigests.cbor deleted file mode 100644 index 42c253fc89cd48561a7f3b910b4f3080cceed7bd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 187 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMwH%U{I!^IAw$4S#z`vSt6cW%`*At@ZuSLJ zrpCn#X#t5v#i_}RHxw!qGfGMdimmkZ(=$slN|W@G^K9H zQ>Mnn3~2$0Ma8Mfj5ic26f;Un3W}}t_0uy;GD?&5lJj%*3lfVGb8-?ZfJ*Z7Qka?< z7@1fWGBhLp9*6JYT5VPdDD3H@^RUSXfcBkZ~bXQxju^Lc3G{QKbf3L$hqyBMh8cwr2V)J8C)R{t(%q9>kdUoPE!%SadOkauLLb!x59i!pApxdD`j7sX9it;xJ>B4lSQhh zC$U~)D13If+!bW0BKz*=iGP;rP8H4)4!K?Bd$n3xZ6B}ga@l#CEZa7FFB4t;Ezsw4 kT-3a!QOvq*T@}m~IwgteRyc!1$H>6QSl0lAtV#-U0c7H)iU0rr diff --git a/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsUnknownPCRType.cbor b/scheme/parsec-tpm/test/corim/unsignedCorimMiniComidParsecTpmPcrsUnknownPCRType.cbor deleted file mode 100644 index 93422612177a7f58a0f57699aad3c9f7732f76d4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 427 zcmZ3?5U}|T8=qFR_o4nm+0`89qF*vLMlz<{Wc;<5aUny%OvXtn;j3Ks?E7&!`)>9H zQ>Mnn3~2$0Ma8Mfj5ic26f;Un3W}}t_0uy;GD?&5lJj%*3lfVGb8-?ZfJ*Z7Qka?< z7@1fWGBhLp9*6JYT5VPdDD3H@^RUSXfcB2qb8b(N&=I!!xZfsQY>4o$y_Z z3z?dl7$X$go%)X|HP{-m#Z{lP`C$K~lrzon>4WOMRs8o7j+|FL-ozeZ;MB4;(`VU% zOXuA?7wn8W!4%Wj`&605%=`IS&Bjfa-X3e+tfXFdC_-|Yitvq-n+|@(>yRm;T9FeU zyPVh_x39juN^n2SA?sF{@8~n)+HE?ZXxbA?Vx WV!9R1pwlrjFf!IP03oZAf?NO&F1a88 diff --git a/scheme/psa-iot/corim_extractor.go b/scheme/psa-iot/corim_extractor.go index df2aec52..6d0b18db 100644 --- a/scheme/psa-iot/corim_extractor.go +++ b/scheme/psa-iot/corim_extractor.go @@ -17,50 +17,45 @@ type CorimExtractor struct { Profile string } -func (o CorimExtractor) RefValExtractor(rvs comid.ValueTriples) ([]*handler.Endorsement, error) { - refVals := make([]*handler.Endorsement, 0, len(rvs.Values)) - - for i, rv := range rvs.Values { - var classAttrs platform.ClassAttributes - var refVal *handler.Endorsement - var err error - - if o.Profile != "http://arm.com/psa/iot/1" { - return nil, fmt.Errorf( - "incorrect profile: %s for Scheme PSA_IOT", - o.Profile, - ) - } +func (o CorimExtractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsement, error) { + var classAttrs platform.ClassAttributes - if err := classAttrs.FromEnvironment(rv.Environment); err != nil { - return nil, fmt.Errorf("could not extract PSA class attributes: %w", err) - } + if o.Profile != "http://arm.com/psa/iot/1" { + return nil, fmt.Errorf("incorrect profile: %s for Scheme PSA_IOT", o.Profile) + } + + if err := classAttrs.FromEnvironment(rv.Environment); err != nil { + return nil, fmt.Errorf("could not extract PSA class attributes: %w", err) + } - if rv.Measurement.Key == nil { + // Each measurement is encoded in a measurement-map of a CoMID + // reference-triple-record. Since a measurement-map can encode one or more + // measurements, a single reference-triple-record can carry as many + // measurements as needed, provided they belong to the same PSA RoT + // identified in the subject of the "reference value" triple. A single + // reference-triple-record SHALL completely describe the updatable PSA RoT. + refVals := make([]*handler.Endorsement, 0, len(rv.Measurements)) + var refVal *handler.Endorsement + var err error + for i, m := range rv.Measurements { + if m.Key == nil { return nil, fmt.Errorf("measurement key is not present") } - if !rv.Measurement.Key.IsSet() { + if !m.Key.IsSet() { return nil, fmt.Errorf("measurement key is not set") } // Check which MKey is present and then decide which extractor to invoke - switch rv.Measurement.Key.Type() { + switch m.Key.Type() { case comid.PSARefValIDType: var swCompAttrs platform.SwCompAttributes - refVal, err = o.extractMeas(&swCompAttrs, rv.Measurement, classAttrs) + refVal, err = o.extractMeas(&swCompAttrs, m, classAttrs) if err != nil { - return nil, fmt.Errorf( - "unable to extract measurement at index %d, %w", - i, - err, - ) + return nil, fmt.Errorf("unable to extract measurement at index %d, %w", i, err) } default: - return nil, fmt.Errorf( - "unknown measurement key: %T", - reflect.TypeOf(rv.Measurement.Key), - ) + return nil, fmt.Errorf("unknown measurement key: %T", reflect.TypeOf(m.Key)) } refVals = append(refVals, refVal) } @@ -94,7 +89,7 @@ func (o CorimExtractor) extractMeas( return &refVal, nil } -func (o CorimExtractor) TaExtractor(avk comid.KeyTriple) (*handler.Endorsement, error) { +func (o CorimExtractor) TaExtractor(avk comid.AttestVerifKey) (*handler.Endorsement, error) { // extract implementation ID var classAttrs platform.ClassAttributes if err := classAttrs.FromEnvironment(avk.Environment); err != nil { diff --git a/scheme/psa-iot/endorsement_handler_test.go b/scheme/psa-iot/endorsement_handler_test.go index f03cc250..586ac0d3 100644 --- a/scheme/psa-iot/endorsement_handler_test.go +++ b/scheme/psa-iot/endorsement_handler_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/veraison/corim/comid" ) func TestDecoder_GetAttestationScheme(t *testing.T) { @@ -65,7 +66,7 @@ func TestDecoder_Decode_invalid_data(t *testing.T) { } func TestDecoder_Decode_OK(t *testing.T) { - tvs := [][]byte{ + tvs := []string{ unsignedCorimComidPsaIakPubOne, unsignedCorimComidPsaIakPubTwo, unsignedCorimComidPsaRefValOne, @@ -76,7 +77,8 @@ func TestDecoder_Decode_OK(t *testing.T) { d := &EndorsementHandler{} for _, tv := range tvs { - _, err := d.Decode(tv) + data := comid.MustHexDecode(t, tv) + _, err := d.Decode(data) assert.NoError(t, err) } } @@ -84,7 +86,7 @@ func TestDecoder_Decode_OK(t *testing.T) { func TestDecoder_Decode_negative_tests(t *testing.T) { tvs := []struct { desc string - input []byte + input string expectedErr string }{ { @@ -100,7 +102,7 @@ func TestDecoder_Decode_negative_tests(t *testing.T) { { desc: "missing measurement identifier", input: unsignedCorimComidPsaRefValNoMkey, - expectedErr: `bad software component in CoMID at index 0: measurement key is not present`, + expectedErr: `decoding failed for CoMID at index 0: error unmarshalling field "Triples": error unmarshalling field "ReferenceValues": error unmarshalling field "Flags": expected map (CBOR Major Type 5), found Major Type 0`, }, { desc: "no implementation id specified in the measurement", @@ -119,10 +121,9 @@ func TestDecoder_Decode_negative_tests(t *testing.T) { }} for _, tv := range tvs { - t.Run(tv.desc, func(t *testing.T) { - d := &EndorsementHandler{} - _, err := d.Decode(tv.input) - assert.EqualError(t, err, tv.expectedErr) - }) + data := comid.MustHexDecode(t, tv.input) + d := &EndorsementHandler{} + _, err := d.Decode(data) + assert.EqualError(t, err, tv.expectedErr) } } diff --git a/scheme/psa-iot/test/corim/src/ComidPsaIakPubNoImplID.json b/scheme/psa-iot/test/ComidPsaIakPubNoImplID.json similarity index 100% rename from scheme/psa-iot/test/corim/src/ComidPsaIakPubNoImplID.json rename to scheme/psa-iot/test/ComidPsaIakPubNoImplID.json diff --git a/scheme/psa-iot/test/corim/src/ComidPsaIakPubNoUeID.json b/scheme/psa-iot/test/ComidPsaIakPubNoUeID.json similarity index 100% rename from scheme/psa-iot/test/corim/src/ComidPsaIakPubNoUeID.json rename to scheme/psa-iot/test/ComidPsaIakPubNoUeID.json diff --git a/scheme/psa-iot/test/corim/src/ComidPsaIakPubOne.json b/scheme/psa-iot/test/ComidPsaIakPubOne.json similarity index 100% rename from scheme/psa-iot/test/corim/src/ComidPsaIakPubOne.json rename to scheme/psa-iot/test/ComidPsaIakPubOne.json diff --git a/scheme/psa-iot/test/corim/src/ComidPsaIakPubTwo.json b/scheme/psa-iot/test/ComidPsaIakPubTwo.json similarity index 100% rename from scheme/psa-iot/test/corim/src/ComidPsaIakPubTwo.json rename to scheme/psa-iot/test/ComidPsaIakPubTwo.json diff --git a/scheme/psa-iot/test/corim/src/ComidPsaMultIak.json b/scheme/psa-iot/test/ComidPsaMultIak.json similarity index 100% rename from scheme/psa-iot/test/corim/src/ComidPsaMultIak.json rename to scheme/psa-iot/test/ComidPsaMultIak.json diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValMultDigest.json b/scheme/psa-iot/test/ComidPsaRefValMultDigest.json similarity index 58% rename from scheme/psa-iot/test/corim/src/ComidPsaRefValMultDigest.json rename to scheme/psa-iot/test/ComidPsaRefValMultDigest.json index 8e82b317..65921af9 100644 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValMultDigest.json +++ b/scheme/psa-iot/test/ComidPsaRefValMultDigest.json @@ -28,22 +28,24 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJYjHl4Hu9eg/eYMTPJcc=" + ] } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJYjHl4Hu9eg/eYMTPJcc=" - ] } - } + ] } ] } diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValNoImplID.json b/scheme/psa-iot/test/ComidPsaRefValNoImplID.json similarity index 62% rename from scheme/psa-iot/test/corim/src/ComidPsaRefValNoImplID.json rename to scheme/psa-iot/test/ComidPsaRefValNoImplID.json index eaf5efc3..183c77aa 100644 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValNoImplID.json +++ b/scheme/psa-iot/test/ComidPsaRefValNoImplID.json @@ -29,21 +29,23 @@ "index": 0 } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] } - } + ] } ] } diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValNoMkey.json b/scheme/psa-iot/test/ComidPsaRefValNoMkey.json similarity index 60% rename from scheme/psa-iot/test/corim/src/ComidPsaRefValNoMkey.json rename to scheme/psa-iot/test/ComidPsaRefValNoMkey.json index 5b5843f9..4335231c 100644 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValNoMkey.json +++ b/scheme/psa-iot/test/ComidPsaRefValNoMkey.json @@ -28,23 +28,25 @@ "model": "RoadRunner" } }, - "measurement": { - "value": { - "op-flags": [ - "notSecure", - "debug" - ], - "digests": [ - "sha-256:RKozavTLFKh5Qy5T3WVxx/qbzK+3X0iCWSYtbqOk2Rs=" - ], - "svn": { - "type": "exact-value", - "value": 10 + "measurements": [ + { + "value": { + "op-flags": [ + "notSecure", + "debug" + ], + "digests": [ + "sha-256:RKozavTLFKh5Qy5T3WVxx/qbzK+3X0iCWSYtbqOk2Rs=" + ], + "svn": { + "type": "exact-value", + "value": 10 + } + } } - } - } + ] } ] } } - + \ No newline at end of file diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValOne.json b/scheme/psa-iot/test/ComidPsaRefValOne.json similarity index 62% rename from scheme/psa-iot/test/corim/src/ComidPsaRefValOne.json rename to scheme/psa-iot/test/ComidPsaRefValOne.json index b163e493..26536dd5 100644 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValOne.json +++ b/scheme/psa-iot/test/ComidPsaRefValOne.json @@ -28,21 +28,23 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] } - } + ] } ] } diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValOnlyMandIDAttr.json b/scheme/psa-iot/test/ComidPsaRefValOnlyMandIDAttr.json similarity index 66% rename from scheme/psa-iot/test/corim/src/ComidPsaRefValOnlyMandIDAttr.json rename to scheme/psa-iot/test/ComidPsaRefValOnlyMandIDAttr.json index 8a61d047..7e397360 100644 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValOnlyMandIDAttr.json +++ b/scheme/psa-iot/test/ComidPsaRefValOnlyMandIDAttr.json @@ -28,19 +28,21 @@ "model": "RoadRunner" } }, - "measurement": { - "key": { - "type": "psa.refval-id", + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, "value": { - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] } - } + ] } ] } diff --git a/scheme/psa-iot/test/ComidPsaRefValThree.json b/scheme/psa-iot/test/ComidPsaRefValThree.json new file mode 100644 index 00000000..8fd66fbc --- /dev/null +++ b/scheme/psa-iot/test/ComidPsaRefValThree.json @@ -0,0 +1,81 @@ +{ + "lang": "en-GB", + "tag-identity": { + "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", + "version": 0 + }, + "entities": [ + { + "name": "ACME Ltd.", + "regid": "https://acme.example", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "class": { + "id": { + "type": "psa.impl-id", + "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" + }, + "vendor": "ACME", + "model": "RoadRunner" + } + }, + "measurements": [ + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "BL", + "version": "2.1.0", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "PRoT", + "version": "1.3.5", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" + ] + } + }, + { + "key": { + "type": "psa.refval-id", + "value": { + "label": "ARoT", + "version": "0.1.4", + "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" + } + }, + "value": { + "digests": [ + "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" + ] + } + } + ] + } + ] + } +} diff --git a/scheme/psa-iot/test/build-test-vectors.sh b/scheme/psa-iot/test/build-test-vectors.sh new file mode 100755 index 00000000..f069b0b9 --- /dev/null +++ b/scheme/psa-iot/test/build-test-vectors.sh @@ -0,0 +1,53 @@ +#!/bin/bash +# Copyright 2022-2023 Contributors to the Veraison project. +# SPDX-License-Identifier: Apache-2.0 + +set -eu +set -o pipefail + +# function generate_go_test_vector constructs CBOR test vector using +# supplied comid and corim json template and saves them in a file +# $1 file name for comid json template, example one of COMID_TEMPLATES +# $2 file name for corim json template, example CORIM_TEMPLATE +# $3 a qualifier for each cbor test vector name +# $4 name of the file where the generated CBOR test vectors are aggregated +generate_go_test_vector () { + echo "generating test vector using $1 $2" + cocli comid create -t $1.json + cocli corim create -m $1.cbor -t $2 -o corim$1.cbor + echo "// automatically generated from:" >> $4 + echo "// $1.json and $2" >> $4 + echo "// nolint:unused" >> $4 + echo "var $3$1 = "'`' >> $4 + cat corim$1.cbor | xxd -p >> $4 + echo '`' >> $4 +} + +# CORIM TEMPLATE +CORIM_TEMPLATE=corimMini.json + +# COMID TEMPLATES +COMID_TEMPLATES= +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaIakPubOne" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaIakPubTwo" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValOne" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValThree" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaMultIak" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValMultDigest" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValOnlyMandIDAttr" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValNoMkey" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaRefValNoImplID" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaIakPubNoUeID" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidPsaIakPubNoImplID" + + +TV_DOT_GO=${TV_DOT_GO?must be set in the environment.} + +printf "package psa_iot\n\n" > ${TV_DOT_GO} + +for t in ${COMID_TEMPLATES} +do + generate_go_test_vector $t $CORIM_TEMPLATE "unsignedCorim" $TV_DOT_GO +done + +gofmt -w $TV_DOT_GO diff --git a/scheme/psa-iot/test/corim/build-test-vectors.sh b/scheme/psa-iot/test/corim/build-test-vectors.sh deleted file mode 100755 index c785b40b..00000000 --- a/scheme/psa-iot/test/corim/build-test-vectors.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright 2022-2024 Contributors to the Veraison project. -# SPDX-License-Identifier: Apache-2.0 - -set -eu -set -o pipefail - -THIS_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -GEN_CORIM="$THIS_DIR/../../../common/scripts/gen-corim" - -CORIM_TEMPLATE=corimMini - -COMID_TEMPLATES=( - ComidPsaIakPubOne - ComidPsaIakPubTwo - ComidPsaRefValOne - ComidPsaRefValThree - ComidPsaMultIak - ComidPsaRefValMultDigest - ComidPsaRefValOnlyMandIDAttr - ComidPsaRefValNoMkey - ComidPsaRefValNoImplID - ComidPsaIakPubNoUeID - ComidPsaIakPubNoImplID -) - -for comid in "${COMID_TEMPLATES[@]}" -do - "$GEN_CORIM" "$THIS_DIR" "$comid" "$CORIM_TEMPLATE" "unsigned" -done - -echo "done" diff --git a/scheme/psa-iot/test/corim/src/ComidPsaRefValThree.json b/scheme/psa-iot/test/corim/src/ComidPsaRefValThree.json deleted file mode 100644 index 41a1f2ec..00000000 --- a/scheme/psa-iot/test/corim/src/ComidPsaRefValThree.json +++ /dev/null @@ -1,103 +0,0 @@ -{ - "lang": "en-GB", - "tag-identity": { - "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16", - "version": 0 - }, - "entities": [ - { - "name": "ACME Ltd.", - "regid": "https://acme.example", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "BL", - "version": "2.1.0", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "PRoT", - "version": "1.3.5", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" - ] - } - } - }, - { - "environment": { - "class": { - "id": { - "type": "psa.impl-id", - "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE=" - }, - "vendor": "ACME", - "model": "RoadRunner" - } - }, - "measurement": { - "key": { - "type": "psa.refval-id", - "value": { - "label": "ARoT", - "version": "0.1.4", - "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=" - } - }, - "value": { - "digests": [ - "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=" - ] - } - } - } - ] - } -} diff --git a/scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubOne.cbor b/scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubOne.cbor deleted file mode 100644 index 88f457770f07ab8c69431a37343b08a75456a55b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 383 zcmZ3)5D*jo;)~l^C+UeNInGahX!D1$F_JO;CgZOq45_Jky6#Sl3mF2;a=Ex7J6zwk zbm(h^_$N6rH7;hzbaeK0Rq!cE(PO-!P?AwnQc!HAub-Hlo2r*uk(gVMlgiZ0z{te1 zkh!sG5yN7Jn@kZA3Lt6SOps)5YFy};aS{~`)ogd{{m1W@U7#QgZWxF^ACc6ZtJG#2%8I&aE zJC+9-2jmucXGi*!I2OBD<{OxL2m6}kCZ(tOIj0wt`WU2}g%yN&WJl$g8<%IBI=NKj rhneST`=_R+8f1DFW``Sl_(p{oyM|=uWqPHg+uCx0o#5){g6=8+!_a>J diff --git a/scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubTwo.cbor b/scheme/psa-iot/test/corim/unsignedCorimCorimMiniComidPsaIakPubTwo.cbor deleted file mode 100644 index 6e93a80a8db4daf4f0e7cf76d8662540b4d1b433..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 664 zcmZ3)5D*jo;)~l^C+UeNInGahX!D1$F_Nj_CgZOq45_Jky6#Sl3mF2;a=Ex7J6zwk zbm(h^_$N6rH7;hzbaeK0Rq!cE(PO-!P?AwnQc!HAub-Hlo2r*uk(gVMlgiZ0z{te1 zkh!U85yN7Jn@kZA3Lt6SOps)5YFy};aS{~`)ogd{{m1W@U7#QgZWxF^ACc6ZtJG#2%8I&aE zJC+9-2jmucXGi*!I2OBD<{OxL2m6}kCZ(tOIj0wt`WU2}g%yN&WJl$g8<%IBI=NKj zhneST`=_R+8f1DFW``Sl_(p{oyM|=uWqPHg+uCx0o#5){g6=9R1dPw(CttZgc^sbJ z&cvJX|3XYhS$W`oHP=&6J+ZxLCLsO=Q$8sZb0<>VJ? zT;v)N7Ft#_!(-J>$YPc{?%Z`}0+|Q_pDcQ}}nVErwf$=7jT7)9wx!3EeJJlB} z)de%3kK>oGHrXAbbzPO~fc>6(W^eRGIT~*=X;o~{1py~lcTYcsfKVqNPiF;h*GRA+ zm#K*KBmYbBG=I5MVQ0illZWdM$;*lMdV{TlYZR+GwksoHBr|qAbnre{gS(qJe z?BN>~V(c1{nV0F6l5T6u1$Kg~p9{LHm@6bep#ut>qFlY?{9OHl;za$-{1Sab0BI9` A;s5{u diff --git a/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubNoUeID.cbor b/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubNoUeID.cbor deleted file mode 100644 index 494a765e82148c05bff9eb42b487e168c436c4ab..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 371 zcmZ3?5D*jo;)~l^C+UeNInGahX!D1$F_O{YCgZOq45_Jky6#Sl3mF2;a=Ex7J6zwk zbm(h^_$N6rH7;hzbaeK0Rq!cE(PO-!P?AwnQc!HAub-Hlo2r*uk(gVMlgiZ0z{te1 zkh!sGA;V&Zn@kZA3Lt6SOps)5YFK{S*R1oqRl<6}(*|!Gc`AZrSCo<&hrV`B9!#Sq9FIfsvk2wu@t6 zvP)pPqpMqlS@T@n0cPIe`;!~L8fP6cDS*JZ&Zk}Ye;5ZrdLY3tt}VW39f!F=&oX} akN|}UC_svG^^)^*^$Us<^)vHJ^bG-aqIkyu diff --git a/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubOne.cbor b/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubOne.cbor deleted file mode 100644 index 4e0a8f6ea37f1d16d273cd3155f519de29eb7430..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 410 zcmZ3?5D*jo;)~l^C+UeNInGahX!D1$F_JO;CgZOq45_Jky6#Sl3mF2;a=Ex7J6zwk zbm(h^_$N6rH7;hzbaeK0Rq!cE(PO-!P?AwnQc!HAub-Hlo2r*uk(gVMlgiZ0z{te1 zkh!sG5yN7Jn@kZA3Lt6SOps)5YFy};aS{~`)ogd{{m1W@U7#QgZWxF^ACc6ZtJG#2%8I&aE zJC+9-2jmucXGi*!I2OBD<{OxL2m6}kCZ(tOIj0wt`WU2}g%yN&WJl$g8<%IBI=NKj zhneST`=_R+8f1DFW``Sl_(p{oyM|=uWqPHg+uCx0o#5){g6=Bj3JFlafx@jQS1&m~ PSHGY*Q9m=kMBfkqq}GS# diff --git a/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubTwo.cbor b/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaIakPubTwo.cbor deleted file mode 100644 index b08aaf20eea55cc882c8ed33e301c144a2b7ff96..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 691 zcmZ3?5D*jo;)~l^C+UeNInGahX!D1$F_Nj_CgZOq45_Jky6#Sl3mF2;a=Ex7J6zwk zbm(h^_$N6rH7;hzbaeK0Rq!cE(PO-!P?AwnQc!HAub-Hlo2r*uk(gVMlgiZ0z{te1 zkh!U85yN7Jn@kZA3Lt6SOps)5YFy};aS{~`)ogd{{m1W@U7#QgZWxF^ACc6ZtJG#2%8I&aE zJC+9-2jmucXGi*!I2OBD<{OxL2m6}kCZ(tOIj0wt`WU2}g%yN&WJl$g8<%IBI=NKj zhneST`=_R+8f1DFW``Sl_(p{oyM|=uWqPHg+uCx0o#5){g6=9R1dPw(CttZgc^sbJ z&cvJX|3XYhS$W`oHP=&6J+ZxLCLsO=Q$8sZb0<>VJ? zT;v)N7Fty};aS{~`)ogd{{m1W@U7#QgZWxF^ACc6ZtJG#2%8I&aE zJC+9-2jmucXGi*!I2OBD<{OxL2m6}kCZ(tOIj0wt`WU2}g%yN&WJl$g8<%IBI=NKj zhneST`=_R+8f1DFW``Sl_(p{oyM|=uWqPHg+uCx0o#5){g6^sz>1gH(2~ccyb5r$FD-v@Ha#ER^85o&Z z7BVz8Eo4~CaFZz_LIEVLn+cN4P0cGwEXmBz)6GoLHGl#`#uSjLOj$wsi77#)d3mWt zi+~y<7c(X~`LLuK=^5%7utq4X*)4ed$t}eq)*zcF=cH7k9xk$6XOsPRUPa;er#E)J z$Yxx~)YQZnq0sKse^jZ#){rf(`kc)N`zNKGX@*Z9RPU|gzn5_2yy|i6YLZaYFjq)` Y{08z`QLbKcey)B&aiV@^eu=&z0C2T@dH?_b diff --git a/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValNoImplID.cbor b/scheme/psa-iot/test/corim/unsignedCorimMiniComidPsaRefValNoImplID.cbor deleted file mode 100644 index f790a11cb390ee3517f7ea9376154b8e507da0e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 253 zcmVnA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5)Y!xrq2RL0IP1%4krkEBdck*73y=SreP;dkc#oz?HQl_$OKwUtS4enA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5nA4Xrs}0uB<2?6q%t)#Ffy?$ zWN2(!$gr5`^lUs^KtU)$U&Pl06JzQkD&L;csyo$o_PjBpckyb5r$FD-v@Ha#ER^85o&Z z7BVz9Eo4~CaFZz_LIEVLn+cN4P0cGwEXmBz)6GoLHGl#`#uSjLOj$wsi77#)d3mWt zi+~y<7c(X~`LLuK=^5%7utq4X*)4ed$t}eq)*zcF=cH7k9xk$6XOsPRUPa;er#E)J z$Yxx~)Y!xrq0sKse^jZ#){rf(`kc)N`zNKGX@*Z9RPU|gzn5_2yy|f(xGN!W4?X%Io2l#jT(j*}Lx0}PMtf?w%n|G|17Mh$ zkl?b#OP`B=I1}zweE8?S-Pwoyjs9QVR&7z_a_A)It@2qS70eY9ptuG_by2Qfa(=FU NL2;sfW`2pjApkAM>Q4Xw diff --git a/scheme/psa-iot/test/corim/src/corimMini.json b/scheme/psa-iot/test/corimMini.json similarity index 53% rename from scheme/psa-iot/test/corim/src/corimMini.json rename to scheme/psa-iot/test/corimMini.json index f9528480..f0116feb 100644 --- a/scheme/psa-iot/test/corim/src/corimMini.json +++ b/scheme/psa-iot/test/corimMini.json @@ -1,4 +1,6 @@ { "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc", - "profile": "http://arm.com/psa/iot/1" + "profiles": [ + "http://arm.com/psa/iot/1" + ] } diff --git a/scheme/psa-iot/test_vectors.go b/scheme/psa-iot/test_vectors.go index 565bb89e..060bef71 100644 --- a/scheme/psa-iot/test_vectors.go +++ b/scheme/psa-iot/test_vectors.go @@ -2,50 +2,216 @@ // SPDX-License-Identifier: Apache-2.0 package psa_iot -import _ "embed" +// automatically generated from: +// ComidPsaIakPubOne.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaIakPubOne = ` +a300505c57e8f446cd421b91c908cf93e13cfc0181590167d901faa40065 +656e2d474201a10050366d0a0a598845ed84882f2a544f62420281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1028182a200a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657201d90226582101ceebae7b8927a3227e5303 +cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f150881d9022a78b02d2d2d +2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d466b774577 +59484b6f5a497a6a3043415159494b6f5a497a6a30444151634451674145 +466e3074616f41775233506d724b6b594c74417344396f30354b534d366d +6267664e436770754c306736567054486b5a6c3733776b354244786f5637 +6e2b4f656565306949716b5733484d5a54334554696e694a64673d3d0a2d +2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d03817818687474 +703a2f2f61726d2e636f6d2f7073612f696f742f31 +` -var ( - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaIakPubOne.cbor - unsignedCorimComidPsaIakPubOne []byte +// automatically generated from: +// ComidPsaIakPubTwo.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaIakPubTwo = ` +a300505c57e8f446cd421b91c908cf93e13cfc0181590280d901faa40065 +656e2d474201a10050366d0a0a598845ed84882f2a544f62420281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1028282a200a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657201d90226582101ceebae7b8927a3227e5303 +cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f150881d9022a78b02d2d2d +2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d466b774577 +59484b6f5a497a6a3043415159494b6f5a497a6a30444151634451674145 +466e3074616f41775233506d724b6b594c74417344396f30354b534d366d +6267664e436770754c306736567054486b5a6c3733776b354244786f5637 +6e2b4f656565306949716b5733484d5a54334554696e694a64673d3d0a2d +2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d82a200a300d902 +58582061636d652d696d706c656d656e746174696f6e2d69642d30303030 +3030303031016441434d45026a526f616452756e6e657201d90226582101 +4ca3e4f50bf248c39787020d68ffd05c88767751bf2645ca923f57a98bec +d29681d9022a78b02d2d2d2d2d424547494e205055424c4943204b45592d +2d2d2d2d0a4d466b77457759484b6f5a497a6a3043415159494b6f5a497a +6a304441516344516741453656777165376879334f385970612b42554554 +4c556a424e5533724558565579743958485237484a574c473758544b5164 +3969316b565258654250444c466e66597275312f657578526e4a4d374839 +556f46444c64413d3d0a2d2d2d2d2d454e44205055424c4943204b45592d +2d2d2d2d03817818687474703a2f2f61726d2e636f6d2f7073612f696f74 +2f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaIakPubTwo.cbor - unsignedCorimComidPsaIakPubTwo []byte +// automatically generated from: +// ComidPsaRefValOne.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValOne = ` +a300505c57e8f446cd421b91c908cf93e13cfc018158e7d901faa4006565 +6e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a3006941 +434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d70 +6c65028300010204a1008182a100a300d90258582061636d652d696d706c +656d656e746174696f6e2d69642d303030303030303031016441434d4502 +6a526f616452756e6e657281a200d90259a30162424c0465322e312e3005 +5820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5 +d8bae86b01a102818201582087428fc522803d31065e7bce3cf03fe47509 +6631e5e07bbd7a0fde60c4cf25c703817818687474703a2f2f61726d2e63 +6f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValOne.cbor - unsignedCorimComidPsaRefValOne []byte +// automatically generated from: +// ComidPsaRefValThree.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValThree = ` +a300505c57e8f446cd421b91c908cf93e13cfc01815901a3d901faa40065 +656e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1008182a100a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657283a200d90259a30162424c0465322e312e30 +055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7 +e5d8bae86b01a102818201582087428fc522803d31065e7bce3cf03fe475 +096631e5e07bbd7a0fde60c4cf25c7a200d90259a3016450526f54046531 +2e332e35055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd +9e7871f7e5d8bae86b01a10281820158200263829989b6fd954f72baaf2f +c64bc2e2f01d692d4de72986ea808f6e99813fa200d90259a3016441526f +540465302e312e34055820acbb11c7e4da217205523ce4ce1a245ae1a239 +ae3c6bfd9e7871f7e5d8bae86b01a1028182015820a3a5e715f0cc574a73 +c3f9bebb6bc24f32ffd5b67b387244c2c909da779a147803817818687474 +703a2f2f61726d2e636f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValThree.cbor - unsignedCorimComidPsaRefValThree []byte +// automatically generated from: +// ComidPsaMultIak.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaMultIak = ` +a300505c57e8f446cd421b91c908cf93e13cfc018159021cd901faa40065 +656e2d474201a10050366d0a0a598845ed84882f2a544f62420281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1028182a200a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657201d90226582101ceebae7b8927a3227e5303 +cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f150882d9022a78b02d2d2d +2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d466b774577 +59484b6f5a497a6a3043415159494b6f5a497a6a30444151634451674145 +466e3074616f41775233506d724b6b594c74417344396f30354b534d366d +6267664e436770754c306736567054486b5a6c3733776b354244786f5637 +6e2b4f656565306949716b5733484d5a54334554696e694a64673d3d0a2d +2d2d2d2d454e44205055424c4943204b45592d2d2d2d2dd9022a78b02d2d +2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d466b7745 +7759484b6f5a497a6a3043415159494b6f5a497a6a304441516344516741 +45466e3074616f41775233506d724b6b594c74417344396f30354b534d36 +6d6267664e436770754c306736567054486b5a6c3733776b354244786f56 +376e2b4f656565306949716b5733484d5a54334554696e694a64673d3d0a +2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d038178186874 +74703a2f2f61726d2e636f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaMultIak.cbor - unsignedCorimComidPsaMultIak []byte +// automatically generated from: +// ComidPsaRefValMultDigest.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValMultDigest = ` +a300505c57e8f446cd421b91c908cf93e13cfc018159010bd901faa40065 +656e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1008182a100a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657281a200d90259a30162424c0465322e312e30 +055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7 +e5d8bae86b01a102828201582087428fc522803d31065e7bce3cf03fe475 +096631e5e07bbd7a0fde60c4cf25c78201582087428fc522803d31065e7b +ce3cf03fe475096231e5e07bbd7a0fde60c4cf25c703817818687474703a +2f2f61726d2e636f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValMultDigest.cbor - unsignedCorimComidPsaRefValMultDigest []byte +// automatically generated from: +// ComidPsaRefValOnlyMandIDAttr.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValOnlyMandIDAttr = ` +a300505c57e8f446cd421b91c908cf93e13cfc018158dcd901faa4006565 +6e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a3006941 +434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d70 +6c65028300010204a1008182a100a300d90258582061636d652d696d706c +656d656e746174696f6e2d69642d303030303030303031016441434d4502 +6a526f616452756e6e657281a200d90259a1055820acbb11c7e4da217205 +523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b01a10281820158 +2087428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4 +cf25c703817818687474703a2f2f61726d2e636f6d2f7073612f696f742f +31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValOnlyMandIDAttr.cbor - unsignedCorimComidPsaRefValOnlyMandIDAttr []byte +// automatically generated from: +// ComidPsaRefValNoMkey.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValNoMkey = ` +a300505c57e8f446cd421b91c908cf93e13cfc018158bbd901faa4006565 +6e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a3006941 +434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d70 +6c65028300010204a1008182a100a300d90258582061636d652d696d706c +656d656e746174696f6e2d69642d303030303030303031016441434d4502 +6a526f616452756e6e657281a101a301d902280a02818201582044aa336a +f4cb14a879432e53dd6571c7fa9bccafb75f488259262d6ea3a4d91b030a +03817818687474703a2f2f61726d2e636f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValNoMkey.cbor - unsignedCorimComidPsaRefValNoMkey []byte +// automatically generated from: +// ComidPsaRefValNoImplID.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaRefValNoImplID = ` +a300505c57e8f446cd421b91c908cf93e13cfc018158ccd901faa4006565 +6e2d474201a1005043bbe37f2e614b33aed353cff1428b160281a3006941 +434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d70 +6c65028300010204a1008182a100a400d82550dd6661f009284401966b58 +9ea74e32720263464d430300040081a200d90259a30162424c0465322e31 +2e30055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e78 +71f7e5d8bae86b01a102818201582087428fc522803d31065e7bce3cf03f +e475096631e5e07bbd7a0fde60c4cf25c703817818687474703a2f2f6172 +6d2e636f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaRefValNoImplID.cbor - unsignedCorimComidPsaRefValNoImplID []byte +// automatically generated from: +// ComidPsaIakPubNoUeID.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaIakPubNoUeID = ` +a300505c57e8f446cd421b91c908cf93e13cfc0181590140d901faa40065 +656e2d474201a10050366d0a0a598845ed84882f2a544f62420281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1028182a100a300d90258582061636d652d696d70 +6c656d656e746174696f6e2d69642d303030303030303031016441434d45 +026a526f616452756e6e657281d9022a78b02d2d2d2d2d424547494e2050 +55424c4943204b45592d2d2d2d2d0a4d466b77457759484b6f5a497a6a30 +43415159494b6f5a497a6a30444151634451674145466e3074616f417752 +33506d724b6b594c74417344396f30354b534d366d6267664e436770754c +306736567054486b5a6c3733776b354244786f56376e2b4f656565306949 +716b5733484d5a54334554696e694a64673d3d0a2d2d2d2d2d454e442050 +55424c4943204b45592d2d2d2d2d03817818687474703a2f2f61726d2e63 +6f6d2f7073612f696f742f31 +` - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaIakPubNoUeID.cbor - unsignedCorimComidPsaIakPubNoUeID []byte - - // nolint:unused - //go:embed test/corim/unsignedCorimMiniComidPsaIakPubNoImplID.cbor - unsignedCorimComidPsaIakPubNoImplID []byte -) +// automatically generated from: +// ComidPsaIakPubNoImplID.json and corimMini.json +// nolint:unused +var unsignedCorimComidPsaIakPubNoImplID = ` +a300505c57e8f446cd421b91c908cf93e13cfc018159014cd901faa40065 +656e2d474201a10050366d0a0a598845ed84882f2a544f62420281a30069 +41434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d +706c65028300010204a1028182a200a400d82550dd6661f009284401966b +589ea74e32720263464d430300040001d90226582101ceebae7b8927a322 +7e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f150881d9022a78b0 +2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d466b +77457759484b6f5a497a6a3043415159494b6f5a497a6a30444151634451 +674145466e3074616f41775233506d724b6b594c74417344396f30354b53 +4d366d6267664e436770754c306736567054486b5a6c3733776b35424478 +6f56376e2b4f656565306949716b5733484d5a54334554696e694a64673d +3d0a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d03817818 +687474703a2f2f61726d2e636f6d2f7073612f696f742f31 +` diff --git a/scheme/tpm-enacttrust/endorsement_handler_test.go b/scheme/tpm-enacttrust/endorsement_handler_test.go index 8a566483..8c9b9efb 100644 --- a/scheme/tpm-enacttrust/endorsement_handler_test.go +++ b/scheme/tpm-enacttrust/endorsement_handler_test.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 Contributors to the Veraison project. +// Copyright 2022-2023 Contributors to the Veraison project. // SPDX-License-Identifier: Apache-2.0 package tpm_enacttrust @@ -6,6 +6,7 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/veraison/corim/comid" ) func TestDecoder_GetAttestationScheme(t *testing.T) { @@ -53,7 +54,7 @@ func TestDecoder_Decode_empty_data(t *testing.T) { } func TestDecoder_Decode_OK(t *testing.T) { - tvs := [][]byte{ + tvs := []string{ unsignedCorimComidTpmEnactTrustAKOne, unsignedCorimComidTpmEnactTrustGoldenOne, } @@ -61,7 +62,8 @@ func TestDecoder_Decode_OK(t *testing.T) { d := &EndorsementHandler{} for _, tv := range tvs { - _, err := d.Decode(tv) + data := comid.MustHexDecode(t, tv) + _, err := d.Decode(data) assert.NoError(t, err) } } @@ -69,7 +71,7 @@ func TestDecoder_Decode_OK(t *testing.T) { func TestDecoder_Decode_negative_tests(t *testing.T) { tvs := []struct { desc string - input []byte + input string expectedErr string }{ { @@ -109,10 +111,9 @@ func TestDecoder_Decode_negative_tests(t *testing.T) { }} for _, tv := range tvs { - t.Run(tv.desc, func(t *testing.T) { - d := &EndorsementHandler{} - _, err := d.Decode(tv.input) - assert.EqualError(t, err, tv.expectedErr) - }) + data := comid.MustHexDecode(t, tv.input) + d := &EndorsementHandler{} + _, err := d.Decode(data) + assert.EqualError(t, err, tv.expectedErr) } } diff --git a/scheme/tpm-enacttrust/extractor.go b/scheme/tpm-enacttrust/extractor.go index 79346c2f..e3b059ed 100644 --- a/scheme/tpm-enacttrust/extractor.go +++ b/scheme/tpm-enacttrust/extractor.go @@ -1,4 +1,4 @@ -// Copyright 2022-2024 Contributors to the Veraison project. +// Copyright 2022-2023 Contributors to the Veraison project. // SPDX-License-Identifier: Apache-2.0 package tpm_enacttrust @@ -19,23 +19,21 @@ func (o *Extractor) SetProfile(p string) { o.Profile = p } -func (o Extractor) RefValExtractor(rvs comid.ValueTriples) ([]*handler.Endorsement, error) { - if len(rvs.Values) != 1 { - return nil, fmt.Errorf("expecting one measurement only") - } - - rv := rvs.Values[0] +func (o Extractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsement, error) { var instanceAttrs InstanceAttributes if err := instanceAttrs.FromEnvironment(rv.Environment); err != nil { return nil, fmt.Errorf("could not extract instance attributes: %w", err) } + if len(rv.Measurements) != 1 { + return nil, fmt.Errorf("expecting one measurement only") + } var ( swComponents []*handler.Endorsement swCompAttrs SwCompAttributes - measurement comid.Measurement = rv.Measurement + measurement comid.Measurement = rv.Measurements[0] ) if err := swCompAttrs.FromMeasurement(measurement); err != nil { @@ -76,7 +74,7 @@ func makeSwAttrs(i InstanceAttributes, s SwCompAttributes) (json.RawMessage, err return msg, nil } -func (o Extractor) TaExtractor(avk comid.KeyTriple) (*handler.Endorsement, error) { +func (o Extractor) TaExtractor(avk comid.AttestVerifKey) (*handler.Endorsement, error) { var instanceAttrs InstanceAttributes if err := instanceAttrs.FromEnvironment(avk.Environment); err != nil { diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKBadInst.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKBadInst.json similarity index 100% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKBadInst.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKBadInst.json diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKMult.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKMult.json similarity index 94% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKMult.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKMult.json index 37c566ee..b44ef409 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKMult.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKMult.json @@ -19,7 +19,7 @@ "environment": { "instance": { "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" } }, "verification-keys": [ diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKOne.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKOne.json similarity index 92% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKOne.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKOne.json index a45f26a5..cb0104eb 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustAKOne.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustAKOne.json @@ -19,7 +19,7 @@ "environment": { "instance": { "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" } }, "verification-keys": [ diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustBadInst.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustBadInst.json similarity index 72% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustBadInst.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustBadInst.json index f5ffaab3..29ea4d1e 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustBadInst.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustBadInst.json @@ -22,13 +22,15 @@ "value": "Ac7rrnuJJ6MiflMDz14PH3s0u1Qq1yUKwD+83jbsLxUI" } }, - "measurement": { - "value": { - "digests": [ - "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] + "measurements": [ + { + "value": { + "digests": [ + "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } } - } + ] } ] } diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenOne.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenOne.json similarity index 63% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenOne.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenOne.json index e5163b19..4b2d9d7e 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenOne.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenOne.json @@ -19,16 +19,18 @@ "environment": { "instance": { "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" } }, - "measurement": { - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] + "measurements": [ + { + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } } - } + ] } ] } diff --git a/scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenTwo.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenTwo.json new file mode 100644 index 00000000..d6ff6cd5 --- /dev/null +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustGoldenTwo.json @@ -0,0 +1,44 @@ +{ + "tag-identity": { + "id": "00000000-0000-0000-0000-000000000000" + }, + "entities": [ + { + "name": "EnactTrust", + "regid": "https://enacttrust.com", + "roles": [ + "tagCreator", + "creator", + "maintainer" + ] + } + ], + "triples": { + "reference-values": [ + { + "environment": { + "instance": { + "type": "uuid", + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" + } + }, + "measurements": [ + { + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } + }, + { + "value": { + "digests": [ + "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" + ] + } + } + ] + } + ] + } +} diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustMultDigest.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustMultDigest.json similarity index 57% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustMultDigest.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustMultDigest.json index 8616bfbb..b76df609 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustMultDigest.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustMultDigest.json @@ -19,17 +19,19 @@ "environment": { "instance": { "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" } }, - "measurement": { - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", - "sha-256:h0KPxSKAPTEGXnvOPPB/5HUJYjHl4Hu9eg/eYMTPJcc=" - ] + "measurements": [ + { + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=", + "sha-256:h0KPxSKAPTEGXnvOPPB/5HUJYjHl4Hu9eg/eYMTPJcc=" + ] + } } - } + ] } ] } diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoDigest.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoDigest.json similarity index 66% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoDigest.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoDigest.json index b3f1804b..c18814f2 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoDigest.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoDigest.json @@ -19,15 +19,17 @@ "environment": { "instance": { "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" + "value": "ffffffff-ffff-ffff-ffff-ffffffffffff" } }, - "measurement": { - "value": { - "mac-addr": "00:00:5e:00:53:01", - "ip-addr": "2001:4860:0:2001::68" + "measurements": [ + { + "value": { + "mac-addr": "00:00:5e:00:53:01", + "ip-addr": "2001:4860:0:2001::68" + } } - } + ] } ] } diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoInst.json b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoInst.json similarity index 75% rename from scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoInst.json rename to scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoInst.json index 5328077e..1c001a82 100644 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustNoInst.json +++ b/scheme/tpm-enacttrust/test/ComidTpmEnactTrustNoInst.json @@ -26,13 +26,15 @@ "model": "RoadRunner" } }, - "measurement": { - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] + "measurements": [ + { + "value": { + "digests": [ + "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" + ] + } } - } + ] } ] } diff --git a/scheme/tpm-enacttrust/test/build-test-vectors.sh b/scheme/tpm-enacttrust/test/build-test-vectors.sh new file mode 100755 index 00000000..c63efc34 --- /dev/null +++ b/scheme/tpm-enacttrust/test/build-test-vectors.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# Copyright 2022-2023 Contributors to the Veraison project. +# SPDX-License-Identifier: Apache-2.0 + +set -eu +set -o pipefail + +CORIM_TEMPLATE=corimMini.json + +COMID_TEMPLATES= +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustAKOne" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustGoldenOne" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustAKMult" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustBadInst" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustNoInst" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustMultDigest" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustGoldenTwo" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustNoDigest" +COMID_TEMPLATES="${COMID_TEMPLATES} ComidTpmEnactTrustAKBadInst" + +TV_DOT_GO=${TV_DOT_GO?must be set in the environment.} + +printf "package tpm_enacttrust\n\n" > ${TV_DOT_GO} + +for t in ${COMID_TEMPLATES} +do + cocli comid create -t ${t}.json + cocli corim create -m ${t}.cbor -t ${CORIM_TEMPLATE} -o corim${t}.cbor + echo "// automatically generated from $t.json" >> ${TV_DOT_GO} + echo "var unsignedCorim${t} = "'`' >> ${TV_DOT_GO} + cat corim${t}.cbor | xxd -p >> ${TV_DOT_GO} + echo '`' >> ${TV_DOT_GO} + gofmt -w ${TV_DOT_GO} +done diff --git a/scheme/tpm-enacttrust/test/corim/build-test-vectors.sh b/scheme/tpm-enacttrust/test/corim/build-test-vectors.sh deleted file mode 100755 index 9bcf1c8f..00000000 --- a/scheme/tpm-enacttrust/test/corim/build-test-vectors.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright 2022-2024 Contributors to the Veraison project. -# SPDX-License-Identifier: Apache-2.0 - -set -eu -set -o pipefail - -THIS_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -GEN_CORIM="$THIS_DIR/../../../common/scripts/gen-corim" - -CORIM_TEMPLATE=corimMini - -COMID_TEMPLATES=( - ComidTpmEnactTrustAKOne - ComidTpmEnactTrustGoldenOne - ComidTpmEnactTrustAKMult - ComidTpmEnactTrustBadInst - ComidTpmEnactTrustNoInst - ComidTpmEnactTrustMultDigest - ComidTpmEnactTrustGoldenTwo - ComidTpmEnactTrustNoDigest - ComidTpmEnactTrustAKBadInst -) - -for comid in "${COMID_TEMPLATES[@]}" -do - "$GEN_CORIM" "$THIS_DIR" "$comid" "$CORIM_TEMPLATE" "unsigned" -done - -echo "done" diff --git a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenTwo.json b/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenTwo.json deleted file mode 100644 index 395216d9..00000000 --- a/scheme/tpm-enacttrust/test/corim/src/ComidTpmEnactTrustGoldenTwo.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "tag-identity": { - "id": "00000000-0000-0000-0000-000000000000" - }, - "entities": [ - { - "name": "EnactTrust", - "regid": "https://enacttrust.com", - "roles": [ - "tagCreator", - "creator", - "maintainer" - ] - } - ], - "triples": { - "reference-values": [ - { - "environment": { - "instance": { - "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" - } - }, - "measurement": { - "value": { - "digests": [ - "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=" - ] - } - } - }, - { - "environment": { - "instance": { - "type": "uuid", - "value": "DD6661F0-0928-4401-966B-589EA74E3272" - } - }, - "measurement": { - "value": { - "digests": [ - "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=" - ] - } - } - } - ] - } -} diff --git a/scheme/tpm-enacttrust/test/corim/src/corimMini.json b/scheme/tpm-enacttrust/test/corim/src/corimMini.json deleted file mode 100644 index f8b15f3a..00000000 --- a/scheme/tpm-enacttrust/test/corim/src/corimMini.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "corim-id": "11111111-1111-1111-1111-111111111111", - "profile": "https://enacttrust.com/veraison/1.0.0" -} diff --git a/scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKBadInst.cbor b/scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKBadInst.cbor deleted file mode 100644 index dde075cf399178e09f9d24d4e20525a5c216bc8c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 361 zcmZ3?5Fm&K7#kxQHE%NhTFkhRA%Fo5Ff}e_$a2j~OfCs2DlINyyrEE*QBqP+Y^ATC z3KA^=iRvZi=Q1@jFfy?$WNvI)$as@UEkcp;-0OAKo$8B~>Vlci$MMToo9qtJx~|G~ zz<$p?vp4#p9E~@bv??~}f`F5&yQiN*K&X?Cr?Y~$Yb02Z%hxTt+_gN?!#h99vntEL z*)cHE6UugR3`}+jOm}oO3o9>7HP5It_P2;ENYr);bq(XO51bkf@}&W?eRo=~=nV_>pNV7jBLSy*{t zs(D7GvA;!RL87)(sB4H%XqJ;-sBw{NL|ABLiDiUGkhzCfxR1MeM2L4_ie;u@c34nE zs#AcAk6T_^WKpT1erjn&P@b2sxrb$FzMG3rileP97uX4|elF;)8j_A?u297uMfzo_ QMTwck`FZ+=dIow105pJ`&;S4c diff --git a/scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKOne.cbor b/scheme/tpm-enacttrust/test/corim/unsignedCorimMiniComidTpmEnactTrustAKOne.cbor deleted file mode 100644 index 59077cbce27057181daa0aa8db7926b16a431f2e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 342 zcmZ3?5Fm&K7#kxQ#cneGTFkhRA%Fo5Ff}e_$a2j~OfCs2DlINyyrEE*QBqP+Y^ATC z3KA^=iRvZi=Q1@jFfy?$WNvI)$aq6F;BH#t2Tlza#%b9R^OpM=6*b;u(yG{?3j$8A z?w)=M0ijMlp3Vy1u909tE?>9oa@X=m5AXaa&#Ei~XUD)uPbk~PF)-OBFx}DBEUdgR z)jXrp*xw?uAW_>X)HTE>G|R~^)VRnsA}qAB#4^Go$lSv#+{fKKBE&l|#WK?{J1i(7 z)hWQm$1N`{vZ&NhKeeLusrGBqm~kOP00SCeYFx~a<(ik6ToO`LT3o_-L!m6Aq@LusrGBqu?m~kOP00SCeYFx~a<(ik6ToO`LT3o_-L!m6Aq@Q08^PvCjbBd diff --git a/scheme/tpm-enacttrust/test/corimMini.json b/scheme/tpm-enacttrust/test/corimMini.json new file mode 100644 index 00000000..77304944 --- /dev/null +++ b/scheme/tpm-enacttrust/test/corimMini.json @@ -0,0 +1,6 @@ +{ + "corim-id": "11111111-1111-1111-1111-111111111111", + "profiles": [ + "https://enacttrust.com/veraison/1.0.0" + ] +} diff --git a/scheme/tpm-enacttrust/test_vectors.go b/scheme/tpm-enacttrust/test_vectors.go index ac4704d8..775cdda5 100644 --- a/scheme/tpm-enacttrust/test_vectors.go +++ b/scheme/tpm-enacttrust/test_vectors.go @@ -2,33 +2,128 @@ // SPDX-License-Identifier: Apache-2.0 package tpm_enacttrust -import _ "embed" +// automatically generated from ComidTpmEnactTrustAKOne.json +var unsignedCorimComidTpmEnactTrustAKOne = ` +a30050111111111111111111111111111111110181590116d901faa301a1 +0050000000000000000000000000000000000281a3006a456e6163745472 +75737401d8207668747470733a2f2f656e61637474727573742e636f6d02 +8300010204a1028182a101d82550ffffffffffffffffffffffffffffffff +81d9022a78b02d2d2d2d2d424547494e205055424c4943204b45592d2d2d +2d2d0a4d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a30 +4441516344516741453656777165376879334f385970612b425545544c55 +6a424e5533724558565579743958485237484a574c473758544b51643969 +316b565258654250444c466e66597275312f657578526e4a4d374839556f +46444c64413d3d0a2d2d2d2d2d454e44205055424c4943204b45592d2d2d +2d2d0381782568747470733a2f2f656e61637474727573742e636f6d2f76 +65726169736f6e2f312e302e30 +` -var ( - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustAKOne.cbor - unsignedCorimComidTpmEnactTrustAKOne []byte +// automatically generated from ComidTpmEnactTrustGoldenOne.json +var unsignedCorimComidTpmEnactTrustGoldenOne = ` +a30050111111111111111111111111111111110181588ad901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a101d82550ffffffffffffffffffffffffffffffff81 +a101a102818201582087428fc522803d31065e7bce3cf03fe475096631e5 +e07bbd7a0fde60c4cf25c70381782568747470733a2f2f656e6163747472 +7573742e636f6d2f7665726169736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustGoldenOne.cbor - unsignedCorimComidTpmEnactTrustGoldenOne []byte +// automatically generated from ComidTpmEnactTrustAKMult.json +var unsignedCorimComidTpmEnactTrustAKMult = ` +a300501111111111111111111111111111111101815901cbd901faa301a1 +0050000000000000000000000000000000000281a3006a456e6163745472 +75737401d8207668747470733a2f2f656e61637474727573742e636f6d02 +8300010204a1028182a101d82550ffffffffffffffffffffffffffffffff +82d9022a78b02d2d2d2d2d424547494e205055424c4943204b45592d2d2d +2d2d0a4d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a30 +4441516344516741453656777165376879334f385970612b425545544c55 +6a424e5533724558565579743958485237484a574c473758544b51643969 +316b565258654250444c466e66597275312f657578526e4a4d374839556f +46444c64413d3d0a2d2d2d2d2d454e44205055424c4943204b45592d2d2d +2d2dd9022a78b02d2d2d2d2d424547494e205055424c4943204b45592d2d +2d2d2d0a4d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a +304441516344516741453656777165376879334f385970612b425545544c +556a424e5533724558565579743958485237484a574c473758544b516439 +69316b565258654250444c466e66597275312f657578526e4a4d37483955 +6f46444c64413d3d0a2d2d2d2d2d454e44205055424c4943204b45592d2d +2d2d2d0381782568747470733a2f2f656e61637474727573742e636f6d2f +7665726169736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustAKMult.cbor - unsignedCorimComidTpmEnactTrustAKMult []byte +// automatically generated from ComidTpmEnactTrustBadInst.json +var unsignedCorimComidTpmEnactTrustBadInst = ` +a30050111111111111111111111111111111110181589dd901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a101d90226582101ceebae7b8927a3227e5303cf5e0f +1f7b34bb542ad7250ac03fbcde36ec2f150881a101a10281820158208742 +8fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7 +0381782568747470733a2f2f656e61637474727573742e636f6d2f766572 +6169736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustBadInst.cbor - unsignedCorimComidTpmEnactTrustBadInst []byte +// automatically generated from ComidTpmEnactTrustNoInst.json +var unsignedCorimComidTpmEnactTrustNoInst = ` +a3005011111111111111111111111111111111018158b0d901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a100a300d90258582061636d652d696d706c656d656e +746174696f6e2d69642d303030303030303031016441434d45026a526f61 +6452756e6e657281a101a102818201582087428fc522803d31065e7bce3c +f03fe475096631e5e07bbd7a0fde60c4cf25c70381782568747470733a2f +2f656e61637474727573742e636f6d2f7665726169736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustNoInst.cbor - unsignedCorimComidTpmEnactTrustNoInst []byte +// automatically generated from ComidTpmEnactTrustMultDigest.json +var unsignedCorimComidTpmEnactTrustMultDigest = ` +a3005011111111111111111111111111111111018158aed901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a101d82550ffffffffffffffffffffffffffffffff81 +a101a102828201582087428fc522803d31065e7bce3cf03fe475096631e5 +e07bbd7a0fde60c4cf25c78201582087428fc522803d31065e7bce3cf07f +e475096231e5e07bbd7a0fde60c4cf25c70381782568747470733a2f2f65 +6e61637474727573742e636f6d2f7665726169736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustMultDigest.cbor - unsignedCorimComidTpmEnactTrustMultDigest []byte +// automatically generated from ComidTpmEnactTrustGoldenTwo.json +var unsignedCorimComidTpmEnactTrustGoldenTwo = ` +a3005011111111111111111111111111111111018158b3d901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a101d82550ffffffffffffffffffffffffffffffff82 +a101a102818201582087428fc522803d31065e7bce3cf03fe475096631e5 +e07bbd7a0fde60c4cf25c7a101a10281820158200263829989b6fd954f72 +baaf2fc64bc2e2f01d692d4de72986ea808f6e99813f0381782568747470 +733a2f2f656e61637474727573742e636f6d2f7665726169736f6e2f312e +302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustGoldenTwo.cbor - unsignedCorimComidTpmEnactTrustGoldenTwo []byte +// automatically generated from ComidTpmEnactTrustNoDigest.json +var unsignedCorimComidTpmEnactTrustNoDigest = ` +a30050111111111111111111111111111111110181587ed901faa301a100 +50000000000000000000000000000000000281a3006a456e616374547275 +737401d8207668747470733a2f2f656e61637474727573742e636f6d0283 +00010204a1008182a101d82550ffffffffffffffffffffffffffffffff81 +a101a2064600005e00530107502001486000002001000000000000006803 +81782568747470733a2f2f656e61637474727573742e636f6d2f76657261 +69736f6e2f312e302e30 +` - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustNoDigest.cbor - unsignedCorimComidTpmEnactTrustNoDigest []byte - - //go:embed test/corim/unsignedCorimMiniComidTpmEnactTrustAKBadInst.cbor - unsignedCorimComidTpmEnactTrustAKBadInst []byte -) +// automatically generated from ComidTpmEnactTrustAKBadInst.json +var unsignedCorimComidTpmEnactTrustAKBadInst = ` +a30050111111111111111111111111111111110181590129d901faa301a1 +0050000000000000000000000000000000000281a3006a456e6163745472 +75737401d8207668747470733a2f2f656e61637474727573742e636f6d02 +8300010204a1028182a101d90226582101ceebae7b8927a3227e5303cf5e +0f1f7b34bb542ad7250ac03fbcde36ec2f150881d9022a78b02d2d2d2d2d +424547494e205055424c4943204b45592d2d2d2d2d0a4d466b7745775948 +4b6f5a497a6a3043415159494b6f5a497a6a304441516344516741453656 +777165376879334f385970612b425545544c556a424e5533724558565579 +743958485237484a574c473758544b51643969316b565258654250444c46 +6e66597275312f657578526e4a4d374839556f46444c64413d3d0a2d2d2d +2d2d454e44205055424c4943204b45592d2d2d2d2d038178256874747073 +3a2f2f656e61637474727573742e636f6d2f7665726169736f6e2f312e30 +2e30 +`