Re: [Suit] draft-moran-suit-manifest-02
Carsten Bormann <cabo@tzi.org> Wed, 04 July 2018 20:38 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60DB5127148; Wed, 4 Jul 2018 13:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m7Fr9x2lQaGB; Wed, 4 Jul 2018 13:38:30 -0700 (PDT)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1B8F12F295; Wed, 4 Jul 2018 13:38:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id w64KcOEo020926; Wed, 4 Jul 2018 22:38:24 +0200 (CEST)
Received: from [192.168.217.114] (p5DC7FF04.dip0.t-ipconnect.de [93.199.255.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 41LXrH2gv7zDWnV; Wed, 4 Jul 2018 22:38:23 +0200 (CEST)
Content-Type: multipart/mixed; boundary="Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <edc46af214244a119950582014c8dbfe@nordicsemi.no>
Date: Wed, 04 Jul 2018 22:38:21 +0200
Cc: suit <suit@ietf.org>, cbor@ietf.org
X-Mao-Original-Outgoing-Id: 552429499.581403-d32a5fa4b61def7196ff26dd6f4c8a26
Message-Id: <F5F669C7-EBE8-41B7-B9C3-9A27F45F264B@tzi.org>
References: <edc46af214244a119950582014c8dbfe@nordicsemi.no>
To: Brendan Moran <Brendan.Moran@arm.com>, Øyvind Rønningstad <Oyvind.Ronningstad@nordicsemi.no>
X-Mailer: Apple Mail (2.3445.8.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/iBqWCq061T5Pve2Z3yaYn3BnccM>
Subject: Re: [Suit] draft-moran-suit-manifest-02
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 20:38:33 -0000
On Jul 4, 2018, at 10:26, Rønningstad, Øyvind <Oyvind.Ronningstad@nordicsemi.no> wrote:
>
> • CDDL nitpicking:
> • Some name inconsistencies: ProcessingStep vs Processor, TargetInfo vs Target.
> • There's probably a typo in the definition of Directive. Should it be an array of maps?
> • Target::storageIdentifier and Target::componentIdentifier don't use the custom types for StorageIdentifier and ComponentIdentifier.
> • I think digests should have a type, so the user can more easily restrict its format after choosing a digest algorithm.
> • Suggestion: Add nint to textKeys group.
> • AuthenticatedManifest should probably contain an authenticatedManifestVersion or similar.
> • "Processor" might be confusing (“does it mean CPU?”).
It also helps to occasionally run instances of formal languages through some tool to check them…
Apart from inconsistent use of names, most of the syntax errors stem from the arcane syntax that CDDL is using for its workaround for not having true enumerations (Section 2.2.2.2 of draft-ietf-cbor-cddl-03.txt); this requires commas (or nothing) instead of slashes, and an enclosing &, so with Øyvind’s suggestion, textKeys becomes, e.g.:
textKeys = &(
uninitialised: 0
manifestDescription: 1
payloadDescription: 2
vendorName: 3
modelName: 4
payloadVersion: 5
) / nint
And Processor starts off as:
Processor = [
&(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: 5),
(Of course, the same thing can be expressed as:
Processor = [
&(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: 5),
decrypt: 1 // decompress: 2 // undiff: 3 // relocate: 4 // unrelocate: 5,
Not sure what the intent is here; in the first case, I’d probably also add a label, as in
Processor = [
process: &(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: 5),
I have attached a version that parses (I don’t think an attachment will make it to the lists) but does not address any other of Øyvind’s suggestions.
The other problem that should probably be addressed is that most rules are unused — there would need to be one cddl file for the manifest, and maybe one for the COSE envelope. We simply don’t have a good way in CDDL yet to say “Manifest goes through an algorithm and turns up in COSE_Sign” — actually, in this case this could be solved in part as the manifest turns up in cleartezt.
I have included a dirty hack in the attached which I intend to fix.
I’m CCing the CBOR WG to give an example for CDDL being used in another WG. If you want to discuss a CDDL feature, please strike SUIT from the list (and if you want to discuss a SUIT feature, maybe strike CBOR from the list).
Grüße, Carsten
- [Suit] draft-moran-suit-manifest-02
- Re: [Suit] draft-moran-suit-manifest-02 Carsten Bormann
- Re: [Suit] draft-moran-suit-manifest-02 Brendan Moran