IETF Logo Mail Archive

[Suit] Improvements to draft-moran-suit-manifest-03

Brendan Moran <Brendan.Moran@arm.com> Thu, 31 January 2019 13:27 UTC

Return-Path: <Brendan.Moran@arm.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A653129508 for <suit@ietfa.amsl.com>; Thu, 31 Jan 2019 05:27:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.043
X-Spam-Level:
X-Spam-Status: No, score=-2.043 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IyXeQOd41lWD for <suit@ietfa.amsl.com>; Thu, 31 Jan 2019 05:27:42 -0800 (PST)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130041.outbound.protection.outlook.com [40.107.13.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C217F128CB7 for <suit@ietf.org>; Thu, 31 Jan 2019 05:27:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6/V1voh4dVsR3FY0yP8QSPolA7G5GwNQPB1QKHiP+rs=; b=FpQgQk6Olo78TpZPfOtoL7cxQ5vjPL8OXc4kOHBsoAsS9oBTT1tBp/8Nvtn8YRwNC6XPQXu6xUzWIyauZ6Ii8/QyhUePAV0uDOToPCfwChnp+jEQTpgD4Xn7GtggznnHyidZTd+sjIfKwIRtnkeRxAaj9KL6gVCv3SwUEXIvbRA=
Received: from DB6PR0801MB1879.eurprd08.prod.outlook.com (10.168.84.137) by DB6PR0801MB2088.eurprd08.prod.outlook.com (10.168.87.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1580.17; Thu, 31 Jan 2019 13:27:39 +0000
Received: from DB6PR0801MB1879.eurprd08.prod.outlook.com ([fe80::8d9b:bdb:585e:c212]) by DB6PR0801MB1879.eurprd08.prod.outlook.com ([fe80::8d9b:bdb:585e:c212%3]) with mapi id 15.20.1580.017; Thu, 31 Jan 2019 13:27:39 +0000
From: Brendan Moran <Brendan.Moran@arm.com>
To: "suit@ietf.org" <suit@ietf.org>
CC: "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Thread-Topic: Improvements to draft-moran-suit-manifest-03
Thread-Index: AQHUuWi8UixHuaseU0GRJA2HOUI10g==
Date: Thu, 31 Jan 2019 13:27:39 +0000
Message-ID: <78FF2A20-1AF3-425F-B4BB-6F520E85DE46@arm.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.101.1)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Brendan.Moran@arm.com;
x-originating-ip: [217.140.106.49]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6PR0801MB2088; 6:srT1OAd6IcY8UzU38nwXVdMXHbRs/mubJNxMSfLiClqiy3oHZQ01YCE3TYeTkUm+PIYizd6Ixc4OErJswf1P+VbzwhiAyHlmuW2Bh6uavlNXHYF+XDY97jEpbJa3epbjuy9II8ZLyoie+UkZxBa1oz8dt/MHr/2TzO4+PVQXkiFqFOsW/KOAcxKcN8lyGa35R6rhh0X9n2BuKgWYsqIe9o4e4HpjdZUosngpNfNDLQbbysTBmW1zs2Fmwu2dY+mrwNIKeS8J4mXNCZx6nuGE7ycRwqH9RtGGK7stqTS4eerPjUtHtfoDK3PqUIDGpJNTtQ0+GDv/w+Ak1KGyagw5vQjBy2kbHZV0D1uYaRv4XO/9YcEZ4E9q2JexxqNp9lDcazEV1tEvvmfqCJAf8/3WDwa+x3C0yGvKYyEKMo0xYuP351dAC8mU31yH2EAiI+rOY9e+DZqMrX0Be64yeHSzfw==; 5:/8ec7cIX3XV+4VMPJlGr3O7BjphWOUnWiCBrCcBaKENyJyTzihFxSMuCj/qkjqTYIIfP0+Q7bKWNwhAEJR8qM29pIT1Mbqk8m+oYcId1WSqG2i83ZmVhwvpNjmiuVAqypxOw0Jee5NebIOcpE+tj+6XtIsA7fcqpPoxO3D7w398H/QlPg0vOTZR3Ydpgn9GDOGfGedyRa3eqqN+1Wgt2Sg==; 7:tbVUHfHm8FojF927lAOSKE1ESgXfjsP6mhg6gzNZyK9RAVVsvuV8Od/UA6raAL+U8+YnuVLyDntqw5OQUuv2FD4ZNNFlKSBoENDZ3blNC7LMHz5TibTQ6XBmUTMpRc1vIiATfSfM+O5h20UBYXIugQ==
x-ms-office365-filtering-correlation-id: 4ffad7e5-bd35-4fba-a089-08d6877fdf18
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4618075)(2017052603328)(7153060)(7193020); SRVR:DB6PR0801MB2088;
x-ms-traffictypediagnostic: DB6PR0801MB2088:
x-microsoft-antispam-prvs: <DB6PR0801MB2088EE3033236E1F0B5E6AC2EA910@DB6PR0801MB2088.eurprd08.prod.outlook.com>
x-forefront-prvs: 09347618C4
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(136003)(376002)(346002)(366004)(396003)(40434004)(189003)(199004)(2616005)(476003)(478600001)(2501003)(8936002)(6512007)(7736002)(57306001)(97736004)(6506007)(83716004)(4326008)(72206003)(14454004)(305945005)(486006)(86362001)(71190400001)(25786009)(66066001)(71200400001)(36756003)(68736007)(186003)(8676002)(99286004)(316002)(2351001)(3846002)(54906003)(81166006)(2906002)(26005)(33656002)(82746002)(106356001)(6116002)(5024004)(14444005)(256004)(5640700003)(6486002)(53936002)(102836004)(105586002)(1730700003)(50226002)(6916009)(6436002)(81156014)(290074003); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0801MB2088; H:DB6PR0801MB1879.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ft0myC7xXc9E4pYv7tEslkVqofi8/VS1H+rmHWCgNaEzy3yf4FVZNG/sfFDZvQ7p8wA6sGeJZvZqCWvEahVAoHB4L4v9CTAWYFGS8qNP7D6FJukkBQNdOk5OTo/pMamEjn4WL5xLqHMkFvY1dX/rbBQXa04M9kX7Xuie0NWdA1slx4VBU1QQpgSuwuoElMxE9k//F1n5LFB66Rpnyj6aytenSLRAjNpRndIFC1yi9viXIJ3MGLzcMtzDNrjAsNGy9dT7HZUVVM3Ub1X3ZShk9pvUwvPySQOeSnTDIimiTakFu2ZJIqWm6ew5781wKtY5K6KcTSpZesxbXZoJ0RHwBgjt/MH/PJEjUcf97LCU/obbHQ0umKonNMftv4IVwpzwBZm6HdX2WpfEIlZ/6XVVCU74y7v80muMPPe5OS9/CYA=
Content-Type: text/plain; charset="utf-8"
Content-ID: <A71D47B028085B4295427A8C02A02AEE@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ffad7e5-bd35-4fba-a089-08d6877fdf18
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jan 2019 13:27:39.1622 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0801MB2088
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/yfY_zuKr2iTxDcrzAEhevOHF0jg>
Subject: [Suit] Improvements to draft-moran-suit-manifest-03
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jan 2019 13:27:44 -0000

Following IETF103, I have been collecting more use cases and user stories to influence the development of the manifest.

Three points have become very clear:

First, the processing tree is too complicated. There are many possible configurations that would never be used. There is plenty of room for error. In reality, the configurations that seem to be usable are all the combinations of these three operations:
* decrypt
* decompress
* unpack (delta, relocate, hex, etc.)

I have yet to find a use-case where these operations do not appear in this order, or where there is another operation that is missing from this list.

That being the case, a processing tree, while very general-purpose is extra overhead that is not needed. With that in mind, I would like to propose changing the payload model back to something more conventional.

The payload-installation-info structure contains information about
* where to store the firmware image (install-component),
* where to retrieve it (uris),
* whether the firmware image is encrypted and with what algorithm (encrypt-info),
* whether a compression algorithm has been applied to the firmware image and what algorithm has been used (compression-algorithm),
* whether the image is a binary diff or requires relocation (unpack), and
* an indication whether these fields may be overridden by an authorized party (allow-override).

Here is a proposed CDDL snippet for draft-moran-suit-manifest-04:

payload-installation-info = {
   install-component => component-identifier,
   ? allow-override => bool,
   ? uris => uri-list,
   ? encrypt-info => COSE_Encrypt0 / COSE_Encrypt,
   ? compression-algorithm => compression-algorithm-ids,
   ? unpack => [
       unpack-algorithm : unpack-algorithm-ids, ; binary diff, or relocation, or binary-to-text algorithm identifier
       ? unpack-arguments : bytes                 ; private config for the unpack algorithm selected
   ]
}

This should be much easier to understand and implement.


The second point is that regen-info is frequently misunderstood and misused. After some discussion with suit participants, it’s become clear that the regen-info block should be represented as a dedicated “digest algorithm” which solves the same problem as the regen-info block currently does. When incorporated with the changes recommended by Jim Schaad, the result is that we replace COSE_Digest with SUIT_Digest and we remove regen-info. Here is a CDDL snippet that represents SUIT_Digest:

SUIT_Digest = [
   digest-algorithm-id: int,
   digest: bytes,
   ? digest-extra-info: bytes
]

Any needed regen-info can then be contained in the digest-extra-info section with an appropriate algorithm identifier.


The third point of clarity is that we need to do some work in making the manifest easier to parse and process in a constrained environment. I don’t have a simple change to enable that, but we’re working on it.

Best Regards,
Brendan
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email