Re: [Suit] [suit]: draft-moran-suit-manifest-02

David Brown <david.brown@linaro.org> Wed, 11 July 2018 17:47 UTC

Return-Path: <david.brown@linaro.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5C93130E40 for <suit@ietfa.amsl.com>; Wed, 11 Jul 2018 10:47:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=linaro.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lNGKzsihr6RT for <suit@ietfa.amsl.com>; Wed, 11 Jul 2018 10:47:29 -0700 (PDT)
Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 442A0130E31 for <suit@ietf.org>; Wed, 11 Jul 2018 10:47:29 -0700 (PDT)
Received: by mail-io0-x22a.google.com with SMTP id q4-v6so24791316iob.2 for <suit@ietf.org>; Wed, 11 Jul 2018 10:47:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=Xg4Rc91URwLHaa/AP5/Pewg47g0+pfEXOYnuYGn6zHA=; b=AjhZrefwk6VpSyEj/uGzWC3TyRb34VzE7gb8n75oAh3icg6O9gN6hTN4A8qByPzwmq CJXwlMcWTppscaL5fMI35wzsmJ3Wk3v1uFHUJPdJwjXp9g93S/QL+AlpJ8SWETJle8pc GHNMA+8n5K2G3G27ZVnPHmWvBEEchLnihWsy0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=Xg4Rc91URwLHaa/AP5/Pewg47g0+pfEXOYnuYGn6zHA=; b=gv8vRsv8Vcal6HH/ldeKv0ZpV9JWLdw3vdF6NzQV9nJNWe0o8ACOhC/C7nSNFqeUfY Cbiu0HnnB4VQQMGN7N9p1h51SMLg+hQMGqVABmeHCeQSlhHvpVvGrwUAQuo3dnt22gYB HzGlGgg9JRnvqIGA7Z3Y/dZIna4pgo8p6uPC49nrcUJHi+oLhc8QMCoQcnyfJ+YIgIHn Q9hjQdwx7SfE5ME1CJTFvt0AeX9QruB9KGbroi0s/0aiCehW9/8eAF2PEyITGSCjnQuF 5UIzKhNNZnE/vfjvt7rfYBEi1sXCjLUPTzpvyR6Pkml6lFK9Ur80Q7xoYEzpfg1Eps38 3UcA==
X-Gm-Message-State: AOUpUlE9rdBTy5Pg4ZYdLveGPl180SdA5a8OqDxzraxJpShBD8oCY8hi mhfNkiFn4Fmi6h3r7jHAZzE0+g==
X-Google-Smtp-Source: AAOMgpebH7fXs1VKnUsyB6XFj1RlDrH58EILMdD0M/CjwVB0QvNaEIYut9OWAeYjO7yAYkXTZCiPJA==
X-Received: by 2002:a6b:3a42:: with SMTP id h63-v6mr236601ioa.400.1531331248562; Wed, 11 Jul 2018 10:47:28 -0700 (PDT)
Received: from davidb.org ([2601:283:4300:987c:6245:cbff:fe6d:5400]) by smtp.gmail.com with ESMTPSA id w79-v6sm11148930iod.43.2018.07.11.10.47.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Jul 2018 10:47:28 -0700 (PDT)
Date: Wed, 11 Jul 2018 11:47:26 -0600
From: David Brown <david.brown@linaro.org>
To: "Rønningstad, Øyvind" <Oyvind.Ronningstad@nordicsemi.no>
Cc: Brendan Moran <Brendan.Moran@arm.com>, suit <suit@ietf.org>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Message-ID: <20180711174726.GB8918@davidb.org>
References: <FDAB87B5-A7CB-4BBC-B7CF-763355B099D8@arm.com> <790d40b227034bd784185bd9bdd52f4f@nordicsemi.no>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <790d40b227034bd784185bd9bdd52f4f@nordicsemi.no>
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/dcUFz82H1CXwgiMdymbCApWpu4o>
Subject: Re: [Suit] [suit]: draft-moran-suit-manifest-02
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 17:47:31 -0000

On Fri, Jul 06, 2018 at 01:50:38PM +0000, Rønningstad, Øyvind wrote:

>AuthenticatedManifest = [
>  authenticatedManifest: COSE_Mac / COSE_Sign,
>  updateProcess:         bstr .cbor UpdateProcess,
>  text:                  bstr .cbor TextMap,
>]

>UpdateProcess = [
>  nonce :              bstr,
>  textReference :      bstr,
>  preConditions :      [ * PreCondition ],
>  directives :         [ * Directive ],
>  resources :          [ * ResourceInfo ],
>  processors :         [ * ProcessingStep ],
>  targets :            [ * TargetInfo ],
>  extensions :         { * int => bstr}
>]

The textReference has to be in the Manifest that is covered by the
signature.  As stated here, none of the updateProcess or text
information is covered by a signature.

This could be done by moving textReference above into the Manifest, as
well as adding an updateProcessReference that would contain a digest
of the updateProcess.  This adds complexity to verifying this
additional information, but would indeed then allow them to be
severed, while still being covered by the signature.

David