Re: [Suit] Some proposals for updates to the SUIT manifest specification

Koen Zandberg <koen.zandberg@inria.fr> Wed, 08 July 2020 13:33 UTC

Return-Path: <koen.zandberg@inria.fr>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06F173A0B03 for <suit@ietfa.amsl.com>; Wed, 8 Jul 2020 06:33:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.102
X-Spam-Level: ***
X-Spam-Status: No, score=3.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_SUMOF=5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s2deANgKJmCm for <suit@ietfa.amsl.com>; Wed, 8 Jul 2020 06:33:02 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFB993A0B87 for <suit@ietf.org>; Wed, 8 Jul 2020 06:33:01 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.75,327,1589234400"; d="asc'?scan'208";a="353943338"
Received: from 82-197-204-96.dsl.cambrium.nl (HELO [10.1.2.138]) ([82.197.204.96]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 Jul 2020 15:32:59 +0200
From: Koen Zandberg <koen.zandberg@inria.fr>
To: suit <suit@ietf.org>
References: <AB1A6457-665A-44CE-8A62-AFB8100A1B36@arm.com> <E425F5F5-3FCF-4ACF-AA57-A4DDAD7C4261@arm.com> <a9d655c8-8119-772d-5eec-9a25984b1520@inria.fr> <EBCD4730-4113-4F45-B498-3232165125E3@arm.com>
Autocrypt: addr=koen.zandberg@inria.fr; keydata= mQINBFfiUE0BEAC2GQfspM4LKuFBsuBVG5f8iKIg3SQIeyK5tG+fHrLYIt+qXIrya1rxX4MQ iGtJmG0F+iVOAZZXLvT3nd1L7jIvT83fUULRKsxGeq8swHhHRdtyiSNDCdpY3Z0PmF6nyoEV kevB5FHQPLWZIMdvX324ihJ1qN34yIBBy+Q2rk2FP8Dn0PDHcCwiY9PCzurpNDcEjQ2EdsO2 pFAUy8m04A0H9pH3Up/o6xhsQsbt4Q9U1YuGJiUpMXXBq+6hufafRtRjPIypr4LCYAVaKsds R5GxLcFrNXiMxDf3tVTrF2PebXhepamDbG7ujpiYZ5x8fKEFvrUJSM2Qz+agf0JqsueXowy7 nwNrcn9ygShydizAZ34OSphGCxnmJ6j6aTp/bo77GXJnvT3hACYHX7vmTg6ODII9pLQCYda4 ML2rL6u06oLnvyoC2Q7RQKgfMSDgA3Vx+yeWI4IoxmtNXjnFvrfGCIY347rhjBrQL4Za1xuL uw0YggCCIH1Qp6z+MNXcIuHEeS5HJJsUQlN6OfBwCWI2hfToilo+/7xv4sIc6+aknLhmE3H2 FuDYFh3Z7TUoLL3K/Jcx3ndmsajh3UNsnYPxiOLkFIKJgDfQg+Xi7eqVSaBslSPNjsw78lNc qkCSOZXuDfd7h4cuvn6m+VdFz2yRLoOhZPxc2jBd9QxSsXBIqwARAQABtC5Lb2VuIFphbmRi ZXJnIChJbnJpYSkgPGtvZW4uemFuZGJlcmdAaW5yaWEuZnI+iQJUBBMBCAA+AhsDBQsJCAcC BhUICQoLAgQWAgMBAh4BAheAFiEEgyTxs8+Xzr7AO00MaVaPK/gRSicFAl47HK4FCQg5/+AA CgkQaVaPK/gRSidZlQ//c5+ODGQ5+6fv0raabnIbIEchk3KHZobBRgPAlZ56XD8nZuUupdDz 7yo+S7V4SUwuXxJfL6UOmLcEfluWr7DQCxWMXWAjFPkH7OsGtm3WjTvINDfCMdrvER14uVQ+ 6FdGBIVzASkamteZxhgfJqQQkjIOS1IXJ4bq08Fn4nmPUELClk7aPHVMDEWPccECgMHtafSB 4a8aB8ECVBUedLpWlmYqzVN8Ev9sKZxo7o7lJbI72xw0+SuubhCegMt+2E2TDg6r3qTOL2gx G24xKGgty9N0R80I3Ek2S8A1JoOO2qc7ZNVEdm6s8CVDCt4fDsm+Sp77LY1Y/wEtpkA+YyxP RHphNbEMgTWeVeBQoDifI6gVH204MEGbfOrWFSBZUKTrOKNcGpi2DzTIbeHPj+4tCq7/NbqW GaTDqJ23hwEJbPagjFl9R0FkApX2AXhcDI84Wm9qQq/q9sD6sTByco6wHn/CKgCPRZsTWuu6 zwVHz/pgUVthKNZ8hNV8tDadC1NeTeMmk5zLiQxbpEzT245yYqhXZgpcPfs0DwJsFmRpDUFj 8tSZ9y0zfOw/a2tn0vnGZ/MkaJG813WkB07py8ka5ZW6Hx91mqPj5HL6JQXOayutSeFIsswI ZOFnT2/dCM3peZcHxuF+U2I1Xk68I9KNAsZ9jqYAcY6SEw9UGSuf5hO5Ag0EV+L6eQEQAK0U pWBT5dhVZbBDLMqYTHOJfedP1CTFMSaEDEOVmkMT8qhYwZR/LwSeTjLPhYdVTCp9mFb1oFyy JBHLRubT6fhEPzQDrw3SunBxdIBTjXzvbFp/Qs1ESUDHm2oqXD1NUO7zfjYXXSfrv/l7fREM 1xSgyseMdPgxkO/jz1IjGkwZ8QJtJ8FudkbqCop4bcCKfDz+0Sjd4GZInKkfOM33a305s/9K hjfwtGS1FpN7uU1wiYdjymgmp11b4Bxvf0n5wFdTohbWNkF4z7/UbwVTlGmFyYPezZPWRxxZ MEvHnjvIr10izPe+79XnHpxAW6vzfObViF2xdmvzMW4BWPdYfkazFD3uuzr+hJsL0VL2hkxB vJwnHxK3lWTjjyhi+TxEbHvEtEMFtFOjvy6FeidD/pl2iXC3dMQUeuI0k/8PB/ecmBsVcEft 79TJSIUc2ElxBIzmUczj5KQZfSBhVo4NgnRTQJrJP0cXMYGY5NCQZNk2vs/hWVGb3g1zWOeF 5zCSa4ucYCUTzhKz5kHpQ8qH3ow4T96okv2sXOcbNYdc1Qee8oT+Vc4P+TDvct1Fhtk+fne7 lpqf8UDDMo51b7XWk9P7olXrurDcR348cp5B4cBm98gi7NWGU+u8sIC519yXr/hm6jJZE0bY 0jbIEJUEcTPh1NBfO5A7tG0PCCDnaAUtABEBAAGJBFsEGAEIACYCGwIWIQSDJPGzz5fOvsA7 TQxpVo8r+BFKJwUCXjsc0QUJCDlV2AIpwV0gBBkBCAAGBQJX4vp5AAoJEAiVqJPm0phbx7MQ AKy/MsNZNjMJmrPKWEcEXHX+/8m82omjWaI+D09uXEITqPCTXYQNdxLWDbexje76PzU6pP1m Ilt1bjujJH85N2xJ/2vceYv7GYBZoDD3XdWubbVIovsKkduiL8vY4rPg0jpPfUaMXfAv4h2b 8z2sRv/BMPC+QyCTxgL9rRcFo7HmKiQiCnB2yexNiDxQGDOZluSEf4V+KbP0FlghOVVkkKfA kJAVmGepjfIQ2aZi2LFXQfEA372/yEbn/LKp/5Vs7HNETBCKcHsf9rYGdQmhtWtt9P2RB7I4 SK3JqpfzL/gtAj8fjHg4YQTtrwnFl9j5LeTKq1nAVJ2CL99AKT7sEMEaZM39g93XkfKWH2Te b2miQ7s5PQgABXP5uV9W0X1u/4RUmZwZVpqMw9PfuEt2lavDVRJIvuIsGItRde9t6LaqDfp4 tzwGwKeH3vR0ijs3OlDcL9z8UZPzSTD/NVY1HxxCMdrn686MtOgP7OOv80XyXmO4z6sjY1PM QeuY56zGPuA4cddF8WBdTC/aYCU3t2qNLlZX/FL2BR/6QvYdgNDzdgsDExe0QRlKxoxG5F3b tn2djxL4eozyTiTwIBX8wVZ9gM9ccP/RxqqBN0GUKjm5ThkeFli3tLx0YGGdQx7YnPqeKjRW KVqNOFPRpN7WbC0Waf4EQUR1SgceHRPsQswJCRBpVo8r+BFKJzbKD/9T2DOBpfYmRZEBysAQ GDejV8G/R++QUUTd4NWatQNweXKRCWK0ykaPlEi8QD8QLhK0dUIhZGivf+8Qgogn69EUbV/C LdW6ZckVi/8wlk4S8Zw4Fr+6msvTKPLBbyrBau48ttQbqEKVdOQuQAfk2G9oCxLFcQNKL194 9wRBr83ByPWKr34H0e/U/wFRqxxzz6/VJCsnu4bUAiWR4AQX/yrBHhBLA4+8w7JLmN7HPi94 T3tD2WnOJ2hR2G7T9ehVJvACRP7I9Y48y6xTV8O69UBPyE93P7CT+YkVvo/nT5Xtdh7j+919 7845CYjsW0WeicYt7xKDa7n90HFk4P06Pv/PQbcTRC9Arln/Td1Vnu/BVmm3OEVOlU3bff5J Ff/Ju6lIEjdN1VMKAKtdM09W5kWPsUum3nB8J7/NxnvUJgye7jMhDd3K2ilvQoKxjBtJz9SX D9HRVoTl8KUqTrcF3u8gy8BQ5eY+xJh3Dan3tWoY1B8EUiLqMQo6l3/qXiyaeuVcuaYD7emC w2vW+fOlb8is0LElGz87jb6st/cFLMUfyw+VCnHMkQRMU0oNiAV9WMoC05SV4NCWrY3g5VhM sbtD/qOy2HAvl4KXonk+oOvhXo1Ykem4Lv4wQODdNJfmC82u/9tRoioVv2zN5ImYDqUsGDhH b/ZqNN3SN4P3h0mkB7kCDQRX4lBNARAArQw2G4IrSTvz5ZysanuJlsx5eRSRwTOyZe7WZy0e iqnE42yJuA14EUv7EK6GI+SkR4EBG9qPenJyEfwKSn6G/VcVg40SxI8SE8CXVCf53fNfCp+O M5XYnmyIgmGZl23OLui8mfivTdnsoQ5cXerE1get5eOPPBRXnu6QcFkBhnYTEZM623fB3R8s QnwkKEIPr4VJWltmvGCN9gL9B4Y0Yts1rQGxtl7l73H+7UDVbJ83f/KozcEm12DoRaSRdNsw slmEKRHk23a1sXDwwGsVHiq3tKEDL2vlAPbVuBrWbvO76OO2LccnxhzcvJpTztwaVttmZA8v A+B5roDG0EKeROp8llUUCltceYKwMr7boT3bnyuVWxhHHfbpmksnl6tFmqc9lP/0YXU5ZLq9 xiTl5UiwLcwY3oq8VXEjHAWdbvNcpL3qrcZ70JGD+k07+JtKtBWquknIDQ0TIHln92eAsooq V+AstbmBr5xnSm5AoTaMIIp2Kr1kZ3IRdvcwTYkPEejRvpHOsexhV14BdqJ86oMyU9Sft9p5 JMmCORO5mEpDbs/pAjHjFCz8o5N40Tz+5nedeJ4J2k92evNKTnkeKlW9pZ0elw795Z5qRvoH sycqNAzYGDtp2LvcbyFQy62DQI38gWyf8+TCz2MT+fzg7mJ4E6a9pBuzYx5YbT4TdM8AEQEA AYkCPAQYAQgAJgIbDBYhBIMk8bPPl86+wDtNDGlWjyv4EUonBQJeOxzRBQkIOgAEAAoJEGlW jyv4EUonP90QAI/xwk0JVjeRPD+g61OrMnPlsAgdAd14H5d8Qdas9P6xAKuD8qfV+ea17CHA ZA5/yfiJxF5/d0nbEZC7VcwmWQ01NYhaco7KZrzvMXSO/dJKujKTH92+s8cgL2hVMLgS8HgT k3TtmDi7XLl17xgetZ8W0K0FpKwovGeEqBI9KR29cE1pCGpcNfG3v9mzNOjsBA5ydfyQ1bZw AI61r9n/GvBJX2mtuLslumyj5YvGKv9dXlVnXYRD2i78VVZ84AftrFZQEYVRuwGJEYLbKO+P oQxJHYaZlb3U5xvPzqE3z9v3nLzvxtp9vcdDUoNgDiByWOa0w0txWXnVBiES6m60kNN98nXO 5aHigCbC3Xe1HZ1lPbn0wqdhy1s3PK3R2jZpdlhlL5wEXCcOCU29kf0L6MeTBRKofr8vYduf 2feEQbe62WaS01WwMvYagRViKCOPE68IYf5EbKSEbN8F7H/8DBzpQZ4WTGrRm0B3NkAMN+ny SEvqMzlRDEVuhOsfbnmLqqzcPo3jYfNAoG93sQj1qClRVmIVLe8cuVOluil6SjxyS6s3stds 7qyvosM4SgyvPM3MpeIpOhnb8p39YJ7RFS+SGTUVNWXTYHMf5Pbfkry7TrcS+oBWIlfn468b 9Jl54M5sJCt+XYf70sk69xUhO31D7y+lidbaOXZKLGC8wWMN
Message-ID: <b87f24f5-2189-fc23-5d8b-ed3e7371fcfb@inria.fr>
Date: Wed, 8 Jul 2020 15:32:58 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <EBCD4730-4113-4F45-B498-3232165125E3@arm.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="lNAlRuC6J8VcJnQ2C1TzunonTi8wwKCxg"
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/QfxBS2IqD9iC9NHbomCqLN-xQuE>
Subject: Re: [Suit] Some proposals for updates to the SUIT manifest specification
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2020 13:33:04 -0000

Hi,

Here are some of the promised numbers.

The numbers here are the flash space occupied in the binary for a SAM
R21 Xplained Pro (Cortex-M0+) with -Os,  assertions and logging disabled
and without link-time optimization. The application is the suit update
example[1] provided by RIOT and updated to draft-ietf-suit-manifest-07

Version,           CBOR,   COSE,  SUIT,   Total image
suit-manifest-07,  1100 B, 900 B, 1933 B, 73915 B
suit-manifest-03,  1100 B, 900 B, 2068 B, 74083 B

Note that the total image is the full image size and includes more than
the sum of the mentioned sub components and is provided here to put the
numbers in perspective. The takeaway message here is that the numbers
didn't change much the last few iterations which I consider a good thing.

I've also took a closer look at the bstr wrapping and where they improve
the manifest parsing, see inline below. In most cases it boils down to
whether the object might potentially

>>>> My opinion on each of the bstrs is:
>>>>
>>>> 1) We must keep the bstr wrappers around all envelope elements.
>> Yes please, this is one of the few places where they really help.

After another look I believe it is okay to remove the bstr wrapping
around the SUIT_Authentication_Wrapper. Parsing or skipping is easy
enough as long as the individual SUIT_Authentication_Block's are bstr
wrapped.

>>>> 3) I’m not entirely sure we should keep the bstr wrapper around the
>>>> common block, but I think it’s useful. It always lives within the
>>>> extent of the current manifest, so overruns will be detected on the
>>>> first pass by the parser, and the extent of the common block can be
>>>> recorded prior to the execution of any command sequences.

I can live without this being wrapped I think. In my case the full
common block is always parsed and there is no situation where it should
be skipped for later parsing.

>>>> 4) I would not argue against removing the bstr wrappers around
>>>> command sequences, provided that we register a tag for either the
>>>> command sequence or the SUIT Digest.
>
> I think the other option is that we could use separate keys for digest
> and for command sequence. What I don’t like about that option is that
> it’s not clear what a device should do if both are present and one of
> the goals of this specification is to eliminate that kind of
> uncertainty. That being the case, I think I would want a SUIT_Digest
> tag or a SUIT_Command_Sequence tag. Probably a Command Sequence tag,
> since that would make the manifest smaller when including digests.
I don't really see the point in swapping a bstr wrapper for a tag,
depending on the tag value and the bstr length, this might save a byte.
Anything I'm missing here that would make this beneficial?

>>>> 5) I think we could safely remove the bstr wrappers around the
>>>> elements inside of the common block, including the command
>>>> sequence. This incurs a negligible execution time overhead when
>>>> accessing some common elements, but produces manifests that are a
>>>> few bytes smaller.

I strongly prefer to keep the bstr wrappers around the
SUIT_Command_Sequence when used as argument for the
suit-directive-run-sequence and the suit-directive-try-each. Especially
in the case of the suit-directive-try-each, the full
SUIT_Command_Sequence must be skipped if a condition inside the sequence
fails. This is significantly easier on the parser if it is bstr wrapped.

Cheers,
Koen

[1]:
https://github.com/bergzand/RIOT/tree/pr/suit/ietf_v7/examples/suit_update