Return-Path: X-Original-To: suit@ietfa.amsl.com Delivered-To: suit@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60DB5127148; Wed, 4 Jul 2018 13:38:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m7Fr9x2lQaGB; Wed, 4 Jul 2018 13:38:30 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1B8F12F295; Wed, 4 Jul 2018 13:38:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id w64KcOEo020926; Wed, 4 Jul 2018 22:38:24 +0200 (CEST) Received: from [192.168.217.114] (p5DC7FF04.dip0.t-ipconnect.de [93.199.255.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 41LXrH2gv7zDWnV; Wed, 4 Jul 2018 22:38:23 +0200 (CEST) Content-Type: multipart/mixed; boundary="Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90" Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\)) From: Carsten Bormann In-Reply-To: Date: Wed, 4 Jul 2018 22:38:21 +0200 Cc: suit , cbor@ietf.org X-Mao-Original-Outgoing-Id: 552429499.581403-d32a5fa4b61def7196ff26dd6f4c8a26 Message-Id: References: To: Brendan Moran , =?utf-8?Q?=C3=98yvind_R=C3=B8nningstad?= X-Mailer: Apple Mail (2.3445.8.2) Archived-At: Subject: Re: [Suit] draft-moran-suit-manifest-02 X-BeenThere: suit@ietf.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Software Updates for Internet of Things List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jul 2018 20:38:33 -0000 --Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 On Jul 4, 2018, at 10:26, R=C3=B8nningstad, =C3=98yvind = wrote: >=20 > =E2=80=A2 CDDL nitpicking: > =E2=80=A2 Some name inconsistencies: ProcessingStep vs = Processor, TargetInfo vs Target. > =E2=80=A2 There's probably a typo in the definition of = Directive. Should it be an array of maps? > =E2=80=A2 Target::storageIdentifier and = Target::componentIdentifier don't use the custom types for = StorageIdentifier and ComponentIdentifier. > =E2=80=A2 I think digests should have a type, so the = user can more easily restrict its format after choosing a digest = algorithm. > =E2=80=A2 Suggestion: Add nint to textKeys group. > =E2=80=A2 AuthenticatedManifest should probably contain = an authenticatedManifestVersion or similar. > =E2=80=A2 "Processor" might be confusing (=E2=80=9Cdoes = it mean CPU?=E2=80=9D). It also helps to occasionally run instances of formal languages through = some tool to check them=E2=80=A6 Apart from inconsistent use of names, most of the syntax errors stem = from the arcane syntax that CDDL is using for its workaround for not = having true enumerations (Section 2.2.2.2 of = draft-ietf-cbor-cddl-03.txt); this requires commas (or nothing) instead = of slashes, and an enclosing &, so with =C3=98yvind=E2=80=99s = suggestion, textKeys becomes, e.g.: textKeys =3D &( uninitialised: 0 manifestDescription: 1 payloadDescription: 2 vendorName: 3 modelName: 4 payloadVersion: 5 ) / nint And Processor starts off as: Processor =3D [ &(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: = 5), (Of course, the same thing can be expressed as: Processor =3D [ &(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: = 5), decrypt: 1 // decompress: 2 // undiff: 3 // relocate: 4 // = unrelocate: 5, Not sure what the intent is here; in the first case, I=E2=80=99d = probably also add a label, as in Processor =3D [ process: &(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, = unrelocate: 5), I have attached a version that parses (I don=E2=80=99t think an = attachment will make it to the lists) but does not address any other of = =C3=98yvind=E2=80=99s suggestions. The other problem that should probably be addressed is that most rules = are unused =E2=80=94 there would need to be one cddl file for the = manifest, and maybe one for the COSE envelope. We simply don=E2=80=99t = have a good way in CDDL yet to say =E2=80=9CManifest goes through an = algorithm and turns up in COSE_Sign=E2=80=9D =E2=80=94 actually, in this = case this could be solved in part as the manifest turns up in cleartezt. I have included a dirty hack in the attached which I intend to fix. I=E2=80=99m CCing the CBOR WG to give an example for CDDL being used in = another WG. If you want to discuss a CDDL feature, please strike SUIT = from the list (and if you want to discuss a SUIT feature, maybe strike = CBOR from the list). Gr=C3=BC=C3=9Fe, Carsten --Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90 Content-Disposition: attachment; filename=suit.cddl Content-Type: application/octet-stream; x-unix-mode=0644; name="suit.cddl" Content-Transfer-Encoding: 7bit AuthenticatedManifest = [ authenticatedManifest: COSE_Mac / COSE_Sign, text: bstr .cbor textMap ] COSE_Mac = bstr .cbor what ; these are lies; FIXME COSE_Sign = bstr .cbor what ; these are lies; FIXME textKeys = &( uninitialised: 0 manifestDescription: 1 payloadDescription: 2 vendorName: 3 modelName: 4 payloadVersion: 5 ) / nint textMap = { * textKeys => tstr } Manifest = [ manifestVersion : 1, digestInfo : DigestInfo, ; textReference is the digest of the associated ; text map in AuthenticatedManifest textReference : bstr, nonce : bstr, sequence : SequenceNumber, preConditions : [ * PreCondition ], postConditions : [ * PostCondition ], directives : [ * Directive ], resources : [ * ResourceInfo ], processors : [ * ProcessingStep ], targets : [ * TargetInfo ], extensions : { * int => bstr} ] ResourceInfo = [ type: &(payload:1, dependency:2, key:3, alias:4) indicator: UriList, ; where to find the resource size: uint / nil, ; size of the resource ; (nil when alias) digest: bstr, ; digest of the resource onode: bstr ; Node of the processing ; graph that the resource feeds ] ProcessingStep = [ process: &(decrypt: 1, decompress: 2, undiff: 3, relocate: 4, unrelocate: 5), ; decrypt: 1 // decompress: 2 // undiff: 3 // relocate: 4 // unrelocate: 5, parameters: bstr ; TBD: more detail needed inode: bstr, ; Node of the processing graph ; that this processor consumes onode: bstr ; Node of the processing graph ; that this processor feeds ] TargetInfo = [ componentIdentifier: [ * bstr], storageIdentifier: tstr, ; where to store the resource encoding: bstr / nil, ; the format of the resource ; (nil when alias) inode: bstr ; Node of the processing graph ; that this target consumes ] PreCondition = IdCondition / TimeCondition / ImageCondition / CustomCondition PostCondition = ImageCondition / CustomCondition IdCondition = [&(vendor: 1, class: 2, device: 3), id: Uuid] TimeCondition = [&(installAfter: 4, bestBefore: 5), time: Timestamp] ImageCondition = [&(currentContent: 6, notCurrentContent: 7), digest: bstr / nil, location: StorageIdentifier] CustomCondition = [nint, parameters: bstr] Directive = [ int => bstr ] SequenceNumber = uint Timestamp = uint .size 8 Uuid = bstr .size 16 StorageIdentifier = bstr ComponentIdentifier = bstr ;;; XXX unused -- what is this for? UriList = { + int => tstr } DigestInfo = [ digestAlgorithm : uint, ? digestParameters : bstr ] --Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii --Apple-Mail=_5C896E86-7EED-48AA-90F2-A78D22C86E90--