[Suit] My hackathon progress
Ken Takayama <11kenterada@gmail.com> Sun, 24 July 2022 02:26 UTC
Return-Path: <11kenterada@gmail.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A285C159489 for <suit@ietfa.amsl.com>; Sat, 23 Jul 2022 19:26:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3AhpAb9mG9KZ for <suit@ietfa.amsl.com>; Sat, 23 Jul 2022 19:26:54 -0700 (PDT)
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEF69C14F719 for <suit@ietf.org>; Sat, 23 Jul 2022 19:26:54 -0700 (PDT)
Received: by mail-pf1-x431.google.com with SMTP id 17so7590938pfy.0 for <suit@ietf.org>; Sat, 23 Jul 2022 19:26:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to:cc; bh=ZQrHWsOVn1sFxzlwp2WY+L00jiZqBht0hAfbDz+O9YY=; b=N2Xmgxrx+BkbbA3JKjxCXe5JrL2kUZm76Nce9/blXGkkseJ6AgomBweF3P/+FUFSEK IXvacR3CH67yR+vc1m+cWzwt5uj9bi2YM3m0ciK4UTp6arDEHr361TgDfEWd7ukjDsws 8ESPieNImGEO5KmiNI51j/ec78SL8HKoLg6Mpv/FB1MifkgvYva2wmKQGMIrH9txICKL ljGFEPw2B1WkDbwVsuypaLOC6JCTtfo5+u/msCIFTHIKmA1Asu5Umr/JRsum4RK9PaO3 uYQQhsfeoXaCOvP/zI7ylsVh80Bvyir9hOOSEadwHiIYypTk5QWuj9OOut63HQ8cRbL5 lrjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=ZQrHWsOVn1sFxzlwp2WY+L00jiZqBht0hAfbDz+O9YY=; b=6p+cCKvR1DWF23ooTbnQFVRAda7CWOjqR1McTaoSURcQv2sN0WeflW46A5O6DZkf59 74f1K93QEQwxE8ZdU2YpPI1exVD0xDo8tOnv2ioR/dkCF43XWbOKxPykl0DN+1OGlEXh lh2fqGtvnhtxuLjAeNNdm/Tx+eq9LE6/ykTyQ6l4E8KIVPYAqRDRAuBfNPglD6AaRgQy qC8ZR0jn3QXBOfEaw7nVPLpgJHuKOFQmw61oc+K/YNH0qZOQGI04H+uWKbiETWGOyHaK qOEHn6m0vx0DlKnTuP/YXkTRv9aJ4cSWCzfewn7Dee23V3qOZDta3GE8f9QUXUpl0APB imYQ==
X-Gm-Message-State: AJIora8aJ3ogQjWjqYdBJl8chIXDR5npUt14/wW/sC6VkCE/HydY8cdH laS68IuujaQRm008IV/NpB74D5uXYJpWL/K8woobFkBfVaOaWcae
X-Google-Smtp-Source: AGRyM1uHAYb56BzT22JVPRIbov1Y6ldTQc7txXw4e9rL8etRtAmRGOQIgjuZfN6Gt4IIglVvW5svEXN/VIsRf2JY0sA=
X-Received: by 2002:a63:c04a:0:b0:419:7597:e387 with SMTP id z10-20020a63c04a000000b004197597e387mr5551612pgi.509.1658629613815; Sat, 23 Jul 2022 19:26:53 -0700 (PDT)
MIME-Version: 1.0
From: Ken Takayama <11kenterada@gmail.com>
Date: Sun, 24 Jul 2022 11:26:40 +0900
Message-ID: <CAMGQZH4LiYCa+3PkgYcZ8ovahYi-S==Z6RuXeanUE223jCcCVA@mail.gmail.com>
To: suit@ietf.org
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Content-Type: multipart/alternative; boundary="000000000000f20b0805e483cca1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/FiMFY65uMnRV9wNXafZoMWOpu3Q>
Subject: [Suit] My hackathon progress
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jul 2022 02:26:55 -0000
Hi Hannes and SUIT team Hi, I'm Ken Takayama, an implementer of SUIT Manifest parser, and working with Hannes to add Firmware Encryption support. For the first step to support COSE_Encrypt HPKE, I added a data structure to represent multiple signing algorithms and signatures, and code that signs and verifies the SUIT_Authentication_Block. It is not tested yet. <https://github.com/yuichitk/libcsuit/tree/multiple-mechanisms-and-keys> I did this task first because it is also required by HPKE which has multiple algorithms. Tomorrow morning, I will try to add code calls t_cose_encrypt_* functions to encode Firmware Encrypted SUIT Manifest described by the data structure. In today's hackathon, a question was came up to my mind: SUIT_Authentication_Block can hold multiple signatures and macs, but how can we validate it? Option A) SUIT_Authentication_Block is valid if ALL of signatures and macs are valid Option B) SUIT_Authentication_Block is valid if ANY of signatures or macs is valid Option C) it depends on ACL (Access Control List) This is related to the case when the SUIT_Authentication_Block has COSE_Sign_Tagged signatures. Ken
- [Suit] My hackathon progress Ken Takayama