comid

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2023 License: Apache-2.0 Imports: 18 Imported by: 20

Documentation

Overview

Example (Cca_refval) 
package main

import "fmt"

func main() {
	comid := Comid{}

	if err := comid.FromJSON([]byte(CCARefValJSONTemplate)); err != nil {
		panic(err)
	}

	if err := comid.Valid(); err != nil {
		panic(err)
	}

	if err := extractCcaRefVals(&comid); err != nil {
		panic(err)
	}

}

func extractCcaRefVals(c *Comid) error {
	if c.Triples.ReferenceValues == nil {
		return fmt.Errorf("no reference values triples")
	}

	for i, rv := range *c.Triples.ReferenceValues {
		if err := extractCCARefVal(rv); err != nil {
			return fmt.Errorf("bad PSA reference value at index %d: %w", i, err)
		}
	}

	return nil
}

func extractCCARefVal(rv ReferenceValue) error {
	class := rv.Environment.Class

	if err := extractImplementationID(class); err != nil {
		return fmt.Errorf("extracting impl-id: %w", err)
	}

	for i, m := range rv.Measurements {
		if m.Key == nil {
			return fmt.Errorf("missing mKey at index %d", i)
		}
		if !m.Key.IsSet() {
			return fmt.Errorf("mKey not set at index %d", i)
		}
		if m.Key.IsPSARefValID() {
			if err := extractSwMeasurement(m); err != nil {
				return fmt.Errorf("extracting measurement at index %d: %w", i, err)
			}
		}
		if m.Key.IsCCAPlatformConfigID() {
			if err := extractCCARefValID(m.Key); err != nil {
				return fmt.Errorf("extracting cca-refval-id: %w", err)
			}
			if err := extractRawValue(m.Val.RawValue); err != nil {
				return fmt.Errorf("extracting raw vlue: %w", err)
			}

			return nil
		}
	}

	return nil
}

func extractRawValue(r *RawValue) error {
	if r == nil {
		return fmt.Errorf("no raw value")
	}

	b, err := r.GetBytes()
	if err != nil {
		return fmt.Errorf("failed to extract raw value bytes")
	}
	fmt.Printf("Raw value: %x\n", b)

	return nil
}

func extractCCARefValID(k *Mkey) error {
	if k == nil {
		return fmt.Errorf("no measurement key")
	}

	id, err := k.GetCCAPlatformConfigID()
	if err != nil {
		return fmt.Errorf("getting CCA platform config id: %w", err)
	}
	fmt.Printf("Label: %s\n", id)
	return nil
}

Output:

ImplementationID: 61636d652d696d706c656d656e746174696f6e2d69642d303030303030303031
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: BL
Version: 2.1.0
Digest: 87428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: PRoT
Version: 1.3.5
Digest: 0263829989b6fd954f72baaf2fc64bc2e2f01d692d4de72986ea808f6e99813f
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: ARoT
Version: 0.1.4
Digest: a3a5e715f0cc574a73c3f9bebb6bc24f32ffd5b67b387244c2c909da779a1478
Label: a non-empty (unique) label
Raw value: 72617776616c75650a72617776616c75650a
Example (Decode_CBOR_1) 
// https://github.com/ietf-rats/ietf-corim-cddl/blob/main/examples/comid-1.diag
in := []byte{
	0xa3, 0x01, 0xa1, 0x00, 0x50, 0x3f, 0x06, 0xaf, 0x63, 0xa9, 0x3c, 0x11,
	0xe4, 0x97, 0x97, 0x00, 0x50, 0x56, 0x90, 0x77, 0x3f, 0x02, 0x81, 0xa3,
	0x00, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x01,
	0xd8, 0x20, 0x74, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x61,
	0x63, 0x6d, 0x65, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02,
	0x81, 0x00, 0x04, 0xa1, 0x00, 0x81, 0x82, 0xa1, 0x00, 0xa4, 0x00, 0xd8,
	0x25, 0x50, 0x67, 0xb2, 0x8b, 0x6c, 0x34, 0xcc, 0x40, 0xa1, 0x91, 0x17,
	0xab, 0x5b, 0x05, 0x91, 0x1e, 0x37, 0x01, 0x69, 0x41, 0x43, 0x4d, 0x45,
	0x20, 0x49, 0x6e, 0x63, 0x2e, 0x02, 0x6f, 0x41, 0x43, 0x4d, 0x45, 0x20,
	0x52, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x6e, 0x65, 0x72, 0x03, 0x01,
	0x81, 0xa1, 0x01, 0xa2, 0x00, 0xa2, 0x00, 0x65, 0x31, 0x2e, 0x30, 0x2e,
	0x30, 0x01, 0x19, 0x40, 0x00, 0x02, 0x81, 0x82, 0x01, 0x58, 0x20, 0x44,
	0xaa, 0x33, 0x6a, 0xf4, 0xcb, 0x14, 0xa8, 0x79, 0x43, 0x2e, 0x53, 0xdd,
	0x65, 0x71, 0xc7, 0xfa, 0x9b, 0xcc, 0xaf, 0xb7, 0x5f, 0x48, 0x82, 0x59,
	0x26, 0x2d, 0x6e, 0xa3, 0xa4, 0xd9, 0x1b,
}

comid := Comid{}
err := comid.FromCBOR(in)
if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Decode_CBOR_2) 
// https://github.com/ietf-rats/ietf-corim-cddl/blob/main/examples/comid-2.diag
in := []byte{
	0xa3, 0x01, 0xa1, 0x00, 0x50, 0x3f, 0x06, 0xaf, 0x63, 0xa9, 0x3c, 0x11,
	0xe4, 0x97, 0x97, 0x00, 0x50, 0x56, 0x90, 0x77, 0x3f, 0x02, 0x81, 0xa3,
	0x00, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x01,
	0xd8, 0x20, 0x74, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x61,
	0x63, 0x6d, 0x65, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02,
	0x81, 0x00, 0x04, 0xa2, 0x00, 0x83, 0x82, 0xa1, 0x00, 0xa4, 0x00, 0xd8,
	0x25, 0x50, 0x67, 0xb2, 0x8b, 0x6c, 0x34, 0xcc, 0x40, 0xa1, 0x91, 0x17,
	0xab, 0x5b, 0x05, 0x91, 0x1e, 0x37, 0x01, 0x69, 0x41, 0x43, 0x4d, 0x45,
	0x20, 0x49, 0x6e, 0x63, 0x2e, 0x02, 0x78, 0x18, 0x41, 0x43, 0x4d, 0x45,
	0x20, 0x52, 0x6f, 0x61, 0x64, 0x52, 0x75, 0x6e, 0x6e, 0x65, 0x72, 0x20,
	0x46, 0x69, 0x72, 0x6d, 0x77, 0x61, 0x72, 0x65, 0x03, 0x01, 0x81, 0xa1,
	0x01, 0xa1, 0x02, 0x81, 0x82, 0x01, 0x58, 0x20, 0x44, 0xaa, 0x33, 0x6a,
	0xf4, 0xcb, 0x14, 0xa8, 0x79, 0x43, 0x2e, 0x53, 0xdd, 0x65, 0x71, 0xc7,
	0xfa, 0x9b, 0xcc, 0xaf, 0xb7, 0x5f, 0x48, 0x82, 0x59, 0x26, 0x2d, 0x6e,
	0xa3, 0xa4, 0xd9, 0x1b, 0x82, 0xa1, 0x00, 0xa5, 0x00, 0xd8, 0x25, 0x50,
	0xa7, 0x1b, 0x3e, 0x38, 0x8d, 0x45, 0x4a, 0x05, 0x81, 0xf3, 0x52, 0xe5,
	0x8c, 0x83, 0x2c, 0x5c, 0x01, 0x6a, 0x57, 0x59, 0x4c, 0x49, 0x45, 0x20,
	0x49, 0x6e, 0x63, 0x2e, 0x02, 0x77, 0x57, 0x59, 0x4c, 0x49, 0x45, 0x20,
	0x43, 0x6f, 0x79, 0x6f, 0x74, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74,
	0x65, 0x64, 0x20, 0x4f, 0x53, 0x03, 0x02, 0x04, 0x00, 0x81, 0xa1, 0x01,
	0xa1, 0x02, 0x81, 0x82, 0x01, 0x58, 0x20, 0xbb, 0x71, 0x19, 0x8e, 0xd6,
	0x0a, 0x95, 0xdc, 0x3c, 0x61, 0x9e, 0x55, 0x5c, 0x2c, 0x0b, 0x8d, 0x75,
	0x64, 0xa3, 0x80, 0x31, 0xb0, 0x34, 0xa1, 0x95, 0x89, 0x25, 0x91, 0xc6,
	0x53, 0x65, 0xb0, 0x82, 0xa1, 0x00, 0xa5, 0x00, 0xd8, 0x25, 0x50, 0xa7,
	0x1b, 0x3e, 0x38, 0x8d, 0x45, 0x4a, 0x05, 0x81, 0xf3, 0x52, 0xe5, 0x8c,
	0x83, 0x2c, 0x5c, 0x01, 0x6a, 0x57, 0x59, 0x4c, 0x49, 0x45, 0x20, 0x49,
	0x6e, 0x63, 0x2e, 0x02, 0x77, 0x57, 0x59, 0x4c, 0x49, 0x45, 0x20, 0x43,
	0x6f, 0x79, 0x6f, 0x74, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x65,
	0x64, 0x20, 0x4f, 0x53, 0x03, 0x02, 0x04, 0x01, 0x81, 0xa1, 0x01, 0xa1,
	0x02, 0x81, 0x82, 0x01, 0x58, 0x20, 0xbb, 0x71, 0x19, 0x8e, 0xd6, 0x0a,
	0x95, 0xdc, 0x3c, 0x61, 0x9e, 0x55, 0x5c, 0x2c, 0x0b, 0x8d, 0x75, 0x64,
	0xa3, 0x80, 0x31, 0xb0, 0x34, 0xa1, 0x95, 0x89, 0x25, 0x91, 0xc6, 0x53,
	0x65, 0xb0, 0x01, 0x81, 0x82, 0xa1, 0x00, 0xa4, 0x00, 0xd8, 0x25, 0x50,
	0x67, 0xb2, 0x8b, 0x6c, 0x34, 0xcc, 0x40, 0xa1, 0x91, 0x17, 0xab, 0x5b,
	0x05, 0x91, 0x1e, 0x37, 0x01, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x49,
	0x6e, 0x63, 0x2e, 0x02, 0x72, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x52, 0x6f,
	0x6f, 0x74, 0x20, 0x6f, 0x66, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x03,
	0x00, 0x81, 0xa1, 0x01, 0xa1, 0x01, 0xd9, 0x02, 0x28, 0x01,
}

comid := Comid{}
err := comid.FromCBOR(in)
if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Decode_CBOR_3) 
// https://github.com/ietf-rats/ietf-corim-cddl/blob/main/examples/comid-design-cd.diag
in := []byte{
	0xa4, 0x01, 0xa1, 0x00, 0x50, 0x1e, 0xac, 0xd5, 0x96, 0xf4, 0xa3, 0x4f,
	0xb6, 0x99, 0xbf, 0xae, 0xb5, 0x8e, 0x0a, 0x4e, 0x47, 0x02, 0x81, 0xa3,
	0x00, 0x71, 0x46, 0x50, 0x47, 0x41, 0x20, 0x44, 0x65, 0x73, 0x69, 0x67,
	0x6e, 0x73, 0x2d, 0x52, 0x2d, 0x55, 0x73, 0x01, 0xd8, 0x20, 0x78, 0x1e,
	0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x66, 0x70, 0x67, 0x61,
	0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x73, 0x72, 0x75, 0x73, 0x2e, 0x65,
	0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02, 0x81, 0x00, 0x03, 0x81, 0xa2,
	0x00, 0x50, 0x97, 0xf5, 0xa7, 0x07, 0x1c, 0x6f, 0x43, 0x8f, 0x87, 0x7a,
	0x4a, 0x02, 0x07, 0x80, 0xeb, 0xe9, 0x01, 0x00, 0x04, 0xa2, 0x00, 0x84,
	0x82, 0xa1, 0x00, 0xa3, 0x00, 0xd8, 0x6f, 0x4b, 0x60, 0x86, 0x48, 0x01,
	0x86, 0xf8, 0x4d, 0x01, 0x0f, 0x04, 0x01, 0x01, 0x76, 0x66, 0x70, 0x67,
	0x61, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x73, 0x72, 0x75, 0x73, 0x2e,
	0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x03, 0x02, 0x81, 0xa1, 0x01,
	0xa2, 0x04, 0xd9, 0x02, 0x30, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x05, 0x48, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
	0x82, 0xa1, 0x00, 0xa3, 0x00, 0xd8, 0x6f, 0x4b, 0x60, 0x86, 0x48, 0x01,
	0x86, 0xf8, 0x4d, 0x01, 0x0f, 0x04, 0x02, 0x01, 0x76, 0x66, 0x70, 0x67,
	0x61, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x73, 0x72, 0x75, 0x73, 0x2e,
	0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x03, 0x02, 0x81, 0xa1, 0x01,
	0xa1, 0x02, 0x81, 0x82, 0x07, 0x58, 0x30, 0x3f, 0xe1, 0x8e, 0xca, 0x40,
	0x53, 0x87, 0x9e, 0x01, 0x7e, 0xf5, 0xeb, 0x7a, 0x3e, 0x51, 0x57, 0x65,
	0x9c, 0x5f, 0x9b, 0xb1, 0x5b, 0x7d, 0x09, 0x95, 0x9b, 0x8b, 0x86, 0x47,
	0x82, 0x2a, 0x4c, 0xc2, 0x1c, 0x3a, 0xa6, 0x72, 0x1c, 0xef, 0x87, 0xf5,
	0xbf, 0xa5, 0x34, 0x95, 0xdb, 0x08, 0x33, 0x82, 0xa1, 0x00, 0xa3, 0x00,
	0xd8, 0x6f, 0x4b, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x4d, 0x01, 0x0f,
	0x04, 0x03, 0x01, 0x76, 0x66, 0x70, 0x67, 0x61, 0x64, 0x65, 0x73, 0x69,
	0x67, 0x6e, 0x73, 0x72, 0x75, 0x73, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70,
	0x6c, 0x65, 0x03, 0x02, 0x81, 0xa1, 0x01, 0xa1, 0x02, 0x81, 0x82, 0x07,
	0x58, 0x30, 0x20, 0xff, 0x68, 0x1a, 0x08, 0x82, 0xe2, 0x9b, 0x48, 0x19,
	0x53, 0x88, 0x89, 0x36, 0x20, 0x9c, 0xb5, 0x3d, 0xf9, 0xc5, 0xaa, 0xec,
	0x60, 0x6a, 0x2c, 0x24, 0xa0, 0xfb, 0x13, 0x85, 0x95, 0x12, 0x4b, 0x8e,
	0x3f, 0x24, 0xa1, 0x27, 0x71, 0xbc, 0x38, 0x54, 0xcc, 0x68, 0xb4, 0x03,
	0x61, 0xad, 0x82, 0xa1, 0x00, 0xa2, 0x00, 0xd8, 0x6f, 0x4c, 0x60, 0x86,
	0x48, 0x01, 0x86, 0xf8, 0x4d, 0x01, 0x0f, 0x04, 0x63, 0x01, 0x01, 0x76,
	0x66, 0x70, 0x67, 0x61, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x73, 0x72,
	0x75, 0x73, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x81, 0xa1,
	0x01, 0xa2, 0x04, 0xd9, 0x02, 0x30, 0x58, 0x30, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x58, 0x30, 0x46,
	0x62, 0x24, 0x34, 0x3d, 0x68, 0x18, 0x02, 0xc1, 0x50, 0x6b, 0xbe, 0xd7,
	0xd7, 0xf0, 0x0b, 0x96, 0x9b, 0xad, 0xdd, 0x63, 0x46, 0xe4, 0xf2, 0xe7,
	0xce, 0x14, 0x66, 0x92, 0x99, 0x6f, 0x22, 0xa4, 0x58, 0x14, 0xde, 0x81,
	0xd2, 0x48, 0xf5, 0x83, 0xb6, 0x5f, 0x81, 0x7b, 0x5f, 0xce, 0xab, 0x01,
	0x81, 0x82, 0xa1, 0x00, 0xa2, 0x00, 0xd8, 0x6f, 0x4c, 0x60, 0x86, 0x48,
	0x01, 0x86, 0xf8, 0x4d, 0x01, 0x0f, 0x04, 0x63, 0x02, 0x01, 0x76, 0x66,
	0x70, 0x67, 0x61, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x73, 0x72, 0x75,
	0x73, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x81, 0xa1, 0x01,
	0xa2, 0x04, 0xd9, 0x02, 0x30, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x05, 0x48, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
}

comid := Comid{}
err := comid.FromCBOR(in)
if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Decode_CBOR_4) 
// https://github.com/ietf-rats/ietf-corim-cddl/blob/main/examples/comid-firmware-cd.diag
in := []byte{
	0xa3, 0x01, 0xa1, 0x00, 0x50, 0xaf, 0x1c, 0xd8, 0x95, 0xbe, 0x78, 0x4a,
	0xdb, 0xb7, 0xe9, 0xad, 0xd4, 0x4a, 0x65, 0xab, 0xf3, 0x02, 0x81, 0xa3,
	0x00, 0x71, 0x46, 0x69, 0x72, 0x6d, 0x77, 0x61, 0x72, 0x65, 0x20, 0x4d,
	0x46, 0x47, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x01, 0xd8, 0x20, 0x78, 0x18,
	0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x66, 0x77, 0x6d, 0x66,
	0x67, 0x69, 0x6e, 0x63, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
	0x02, 0x81, 0x00, 0x04, 0xa2, 0x00, 0x82, 0x82, 0xa1, 0x00, 0xa4, 0x01,
	0x70, 0x66, 0x77, 0x6d, 0x66, 0x67, 0x69, 0x6e, 0x63, 0x2e, 0x65, 0x78,
	0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02, 0x67, 0x66, 0x77, 0x59, 0x5f, 0x6e,
	0x35, 0x78, 0x03, 0x00, 0x04, 0x00, 0x81, 0xa1, 0x01, 0xa2, 0x01, 0xd9,
	0x02, 0x28, 0x01, 0x02, 0x81, 0x82, 0x07, 0x58, 0x30, 0x15, 0xe7, 0x7d,
	0x6f, 0x13, 0x32, 0x52, 0xf1, 0xdb, 0x70, 0x44, 0x90, 0x13, 0x13, 0x88,
	0x4f, 0x29, 0x77, 0xd2, 0x10, 0x9b, 0x33, 0xc7, 0x9f, 0x33, 0xe0, 0x79,
	0xbf, 0xc7, 0x88, 0x65, 0x25, 0x5c, 0x0f, 0xb7, 0x33, 0xc2, 0x40, 0xfd,
	0xda, 0x54, 0x4b, 0x82, 0x15, 0xd7, 0xb8, 0xf8, 0x15, 0x82, 0xa1, 0x00,
	0xa4, 0x01, 0x70, 0x66, 0x77, 0x6d, 0x66, 0x67, 0x69, 0x6e, 0x63, 0x2e,
	0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02, 0x67, 0x66, 0x77, 0x58,
	0x5f, 0x6e, 0x35, 0x78, 0x03, 0x01, 0x04, 0x00, 0x81, 0xa1, 0x01, 0xa2,
	0x01, 0xd9, 0x02, 0x28, 0x01, 0x02, 0x81, 0x82, 0x07, 0x58, 0x30, 0x3d,
	0x90, 0xb6, 0xbf, 0x00, 0x3d, 0xa2, 0xd9, 0x4e, 0xa5, 0x46, 0x3f, 0x97,
	0xfb, 0x3c, 0x53, 0xdd, 0xc5, 0x1c, 0xfb, 0xa1, 0xe3, 0xe3, 0x8e, 0xef,
	0x7a, 0xf0, 0x71, 0xa6, 0x79, 0x86, 0x59, 0x5d, 0x22, 0x72, 0x91, 0x31,
	0xdf, 0x9f, 0xe8, 0x0f, 0x54, 0x51, 0xee, 0xf1, 0x54, 0xf8, 0x5e, 0x01,
	0x81, 0x82, 0xa1, 0x00, 0xa2, 0x00, 0xd8, 0x6f, 0x4c, 0x60, 0x86, 0x48,
	0x01, 0x86, 0xf8, 0x4d, 0x01, 0x0f, 0x04, 0x63, 0x01, 0x01, 0x70, 0x66,
	0x77, 0x6d, 0x66, 0x67, 0x69, 0x6e, 0x63, 0x2e, 0x65, 0x78, 0x61, 0x6d,
	0x70, 0x6c, 0x65, 0x81, 0xa1, 0x01, 0xa2, 0x04, 0xd9, 0x02, 0x30, 0x48,
	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x48, 0xff, 0xff,
	0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
}

comid := Comid{}
err := comid.FromCBOR(in)
if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Decode_CBOR_5) 
// Taken from https://github.com/ietf-corim-cddl/blob/main/examples/comid-3.diag
in := []byte{
	0xa3, 0x01, 0xa1, 0x00, 0x78, 0x20, 0x6d, 0x79, 0x2d, 0x6e, 0x73, 0x3a,
	0x61, 0x63, 0x6d, 0x65, 0x2d, 0x72, 0x6f, 0x61, 0x64, 0x72, 0x75, 0x6e,
	0x6e, 0x65, 0x72, 0x2d, 0x73, 0x75, 0x70, 0x70, 0x6c, 0x65, 0x6d, 0x65,
	0x6e, 0x74, 0x02, 0x81, 0xa3, 0x00, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20,
	0x49, 0x6e, 0x63, 0x2e, 0x01, 0xd8, 0x20, 0x74, 0x68, 0x74, 0x74, 0x70,
	0x73, 0x3a, 0x2f, 0x2f, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x65, 0x78, 0x61,
	0x6d, 0x70, 0x6c, 0x65, 0x02, 0x83, 0x01, 0x00, 0x02, 0x04, 0xa1, 0x00,
	0x81, 0x82, 0xa1, 0x00, 0xa3, 0x00, 0xd8, 0x6f, 0x44, 0x55, 0x02, 0xc0,
	0x00, 0x01, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x49, 0x6e, 0x63, 0x2e,
	0x02, 0x78, 0x18, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x52, 0x6f, 0x61, 0x64,
	0x52, 0x75, 0x6e, 0x6e, 0x65, 0x72, 0x20, 0x46, 0x69, 0x72, 0x6d, 0x77,
	0x61, 0x72, 0x65, 0x81, 0xa2, 0x00, 0x19, 0x02, 0xbc, 0x01, 0xa1, 0x02,
	0x81, 0x82, 0x06, 0x44, 0xab, 0xcd, 0xef, 0x00,
}
comid := Comid{}
err := comid.FromCBOR(in)
if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Decode_JSON) 
j := `
{
	"lang": "en-GB",
	"tag-identity": {
		"id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
		"version": 1
	},
	"entities": [
		{
			"name": "ACME Ltd.",
			"regid": "https://acme.example",
			"roles": [ "tagCreator" ]
		},
		{
			"name": "EMCA Ltd.",
			"regid": "https://emca.example",
			"roles": [ "maintainer", "creator" ]
		}
	],
	"linked-tags": [
		{
			"target": "6F7D8D2F-EAEC-4A15-BB46-1E4DCB85DDFF",
			"rel": "replaces"
		}
	],
	"triples": {
		"reference-values": [
			{
				"environment": {
					"class": {
						"id": {
							"type": "uuid",
							"value": "83294297-97EB-42EF-8A72-AE9FEA002750"
						},
						"vendor": "ACME",
						"model": "RoadRunner Boot ROM",
						"layer": 0,
						"index": 0
					},
					"instance": {
						"type": "ueid",
						"value": "Ad6tvu/erb7v3q2+796tvu8="
					}
				},
				"measurements": [
					{
						"value": {
							"digests": [
								"sha-256:3q2+7w=="
							]
						}
					}
				]
			},
			{
				"environment": {
					"class": {
						"id": {
							"type": "psa.impl-id",
							"value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
						},
						"vendor": "PSA-X",
						"model": "Turbo PRoT"
					}
				},
				"measurements": [
					{
						"key": {
							"type": "psa.refval-id",
							"value": {
								"label": "PRoT",
								"version": "1.3.5",
								"signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
							}
						},
						"value": {
							"digests": [
								"sha-256:3q2+7w=="
							],
							"svn": {
								"type": "exact-value",
								"value": 1
							},
							"mac-addr": "00:00:5e:00:53:01"
						}
					}
				]
			}
		],
		"endorsed-values": [
			{
				"environment": {
					"class": {
						"id": {
							"type": "oid",
							"value": "2.16.840.1.101.3.4.2.1"
						}
					},
					"instance": {
						"type": "uuid",
						"value": "9090B8D3-3B17-474C-A0B9-6F54731CAB72"
					}
				},
				"measurements": [
					{
						"value": {
							"mac-addr": "00:00:5e:00:53:01",
							"ip-addr": "2001:4860:0:2001::68",
							"serial-number": "C02X70VHJHD5",
							"ueid": "Ad6tvu/erb7v3q2+796tvu8=",
							"uuid": "9090B8D3-3B17-474C-A0B9-6F54731CAB72",
							"raw-value": {
								"type": "bytes",
								"value": "cmF3dmFsdWUKcmF3dmFsdWUK"
							},
							"raw-value-mask": "qg==",
							"op-flags": [ "notSecure" ],
							"digests": [
								"sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=",
								"sha-384:S1bPoH+usqtX3pIeSpfWVRRLVGRw66qrb3HA21GN31tKX7KPsq0bSTQmRCTrHlqG"
							],
							"version": {
								"scheme": "semaver",
								"value": "1.2.3beta4"
							},
							"svn": {
								"type": "min-value",
								"value": 10
							}
						}
					}
				]
			}
		],
		"attester-verification-keys": [
			{
				"environment": {
					"group": {
						"type": "uuid",
						"value": "83294297-97EB-42EF-8A72-AE9FEA002750"
					}
				},
				"verification-keys": [
					{
						"key": "MFkwEwYHKoZI...",
						"chain": [
							"MIIDkjCCAxigAwIBA...",
							"MIIEnjCCA4agAwIBA..."
						]
					}
				]
			}
		],
		"dev-identity-keys": [
			{
				"environment": {
					"instance": {
						"type": "uuid",
						"value": "4ECCE47C-85F2-4FD9-9EC6-00DEB72DA707"
					}
				},
				"verification-keys": [
					{
						"key": "MIIDUDCCAvWgAw..."
					},
					{
						"key": "MIIEnjCCA4agAw..."
					}
				]
			}
		]
	}
}
`
comid := Comid{}
err := comid.FromJSON([]byte(j))

if err != nil {
	fmt.Printf("FAIL: %v", err)
} else {
	fmt.Println("OK")
}

Output:

OK
Example (Encode) 
comid := NewComid().
	SetLanguage("en-GB").
	SetTagIdentity("my-ns:acme-roadrunner-supplement", 0).
	AddEntity("ACME Ltd.", &TestRegID, RoleCreator, RoleTagCreator).
	AddEntity("EMCA Ltd.", nil, RoleMaintainer).
	AddLinkedTag("my-ns:acme-roadrunner-base", RelSupplements).
	AddLinkedTag("my-ns:acme-roadrunner-old", RelReplaces).
	AddReferenceValue(
		ReferenceValue{
			Environment: Environment{
				Class: NewClassOID(TestOID).
					SetVendor("ACME Ltd.").
					SetModel("RoadRunner").
					SetLayer(0).
					SetIndex(1),
				Instance: NewInstanceUEID(TestUEID),
				Group:    NewGroupUUID(TestUUID),
			},
			Measurements: *NewMeasurements().
				AddMeasurement(
					NewMeasurement().
						SetKeyUUID(TestUUID).
						SetRawValueBytes([]byte{0x01, 0x02, 0x03, 0x04}, []byte{0xff, 0xff, 0xff, 0xff}).
						SetSVN(2).
						AddDigest(swid.Sha256_32, []byte{0xab, 0xcd, 0xef, 0x00}).
						AddDigest(swid.Sha256_32, []byte{0xff, 0xff, 0xff, 0xff}).
						SetOpFlags(OpFlagNotSecure, OpFlagDebug).
						SetSerialNumber("C02X70VHJHD5").
						SetUEID(TestUEID).
						SetUUID(TestUUID).
						SetMACaddr(MACaddr(TestMACaddr)).
						SetIPaddr(TestIPaddr),
				),
		},
	).
	AddEndorsedValue(
		EndorsedValue{
			Environment: Environment{
				Class: NewClassUUID(TestUUID).
					SetVendor("ACME Ltd.").
					SetModel("RoadRunner").
					SetLayer(0).
					SetIndex(1),
				Instance: NewInstanceUEID(TestUEID),
				Group:    NewGroupUUID(TestUUID),
			},
			Measurements: *NewMeasurements().
				AddMeasurement(
					NewMeasurement().
						SetKeyUUID(TestUUID).
						SetRawValueBytes([]byte{0x01, 0x02, 0x03, 0x04}, []byte{0xff, 0xff, 0xff, 0xff}).
						SetMinSVN(2).
						AddDigest(swid.Sha256_32, []byte{0xab, 0xcd, 0xef, 0x00}).
						AddDigest(swid.Sha256_32, []byte{0xff, 0xff, 0xff, 0xff}).
						SetOpFlags(OpFlagNotSecure, OpFlagDebug, OpFlagNotConfigured).
						SetSerialNumber("C02X70VHJHD5").
						SetUEID(TestUEID).
						SetUUID(TestUUID).
						SetMACaddr(MACaddr(TestMACaddr)).
						SetIPaddr(TestIPaddr),
				),
		},
	).
	AddAttestVerifKey(
		AttestVerifKey{
			Environment: Environment{
				Instance: NewInstanceUUID(uuid.UUID(TestUUID)),
			},
			VerifKeys: *NewVerifKeys().
				AddVerifKey(
					NewVerifKey().
						SetKey("FGHIjkisldnASDxvWY...").
						AddCert("MENGsdhfugjQWEtyX...").
						AddCert("MIIEnjCCA4agAwIBA..."),
				),
		},
	).AddDevIdentityKey(
	DevIdentityKey{
		Environment: Environment{
			Instance: NewInstanceUEID(TestUEID),
		},
		VerifKeys: *NewVerifKeys().
			AddVerifKey(
				NewVerifKey().
					SetKey("MIGkAgEBBDCk5QboB...").
					AddCert("MIIDkjCCAxigAwIBA...").
					AddCert("MIIEnjCCA4agAwIBA..."),
			),
	},
)

cbor, err := comid.ToCBOR()
if err == nil {
	fmt.Printf("%x\n", cbor)
}

json, err := comid.ToJSON()
if err == nil {
	fmt.Printf("%s\n", string(json))
}

Output:

a50065656e2d474201a10078206d792d6e733a61636d652d726f616472756e6e65722d737570706c656d656e740282a3006941434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d706c6502820100a20069454d4341204c74642e0281020382a200781a6d792d6e733a61636d652d726f616472756e6e65722d626173650100a20078196d792d6e733a61636d652d726f616472756e6e65722d6f6c64010104a4008182a300a500d86f445502c000016941434d45204c74642e026a526f616452756e6e65720300040101d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa81a200d8255031fb5abf023e4992aa4e95f9c1503bfa01aa01d90228020282820644abcdef00820644ffffffff030a04d9023044010203040544ffffffff064802005e1000000001075020010db8000000000000000000000068086c43303258373056484a484435094702deadbeefdead0a5031fb5abf023e4992aa4e95f9c1503bfa018182a300a500d8255031fb5abf023e4992aa4e95f9c1503bfa016941434d45204c74642e026a526f616452756e6e65720300040101d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa81a200d8255031fb5abf023e4992aa4e95f9c1503bfa01aa01d90229020282820644abcdef00820644ffffffff030b04d9023044010203040544ffffffff064802005e1000000001075020010db8000000000000000000000068086c43303258373056484a484435094702deadbeefdead0a5031fb5abf023e4992aa4e95f9c1503bfa028182a101d8255031fb5abf023e4992aa4e95f9c1503bfa81a20075464748496a6b69736c646e415344787657592e2e2e0182744d454e477364686675676a5157457479582e2e2e744d4949456e6a43434134616741774942412e2e2e038182a101d902264702deadbeefdead81a200744d49476b416745424244436b3551626f422e2e2e0182744d4949446b6a43434178696741774942412e2e2e744d4949456e6a43434134616741774942412e2e2e
{"lang":"en-GB","tag-identity":{"id":"my-ns:acme-roadrunner-supplement"},"entities":[{"name":"ACME Ltd.","regid":"https://acme.example","roles":["creator","tagCreator"]},{"name":"EMCA Ltd.","roles":["maintainer"]}],"linked-tags":[{"target":"my-ns:acme-roadrunner-base","rel":"supplements"},{"target":"my-ns:acme-roadrunner-old","rel":"replaces"}],"triples":{"reference-values":[{"environment":{"class":{"id":{"type":"oid","value":"2.5.2.8192"},"vendor":"ACME Ltd.","model":"RoadRunner","layer":0,"index":1},"instance":{"type":"ueid","value":"At6tvu/erQ=="},"group":{"type":"ueid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"}},"measurements":[{"key":{"type":"uuid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"},"value":{"svn":{"type":"exact-value","value":2},"digests":["sha-256-32:q83vAA==","sha-256-32://///w=="],"op-flags":["notSecure","debug"],"raw-value":"AQIDBA==","raw-value-mask":"/////w==","mac-addr":"02:00:5e:10:00:00:00:01","ip-addr":"2001:db8::68","serial-number":"C02X70VHJHD5","ueid":"At6tvu/erQ==","uuid":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"}}]}],"endorsed-values":[{"environment":{"class":{"id":{"type":"uuid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"},"vendor":"ACME Ltd.","model":"RoadRunner","layer":0,"index":1},"instance":{"type":"ueid","value":"At6tvu/erQ=="},"group":{"type":"ueid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"}},"measurements":[{"key":{"type":"uuid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"},"value":{"svn":{"type":"min-value","value":2},"digests":["sha-256-32:q83vAA==","sha-256-32://///w=="],"op-flags":["notConfigured","notSecure","debug"],"raw-value":"AQIDBA==","raw-value-mask":"/////w==","mac-addr":"02:00:5e:10:00:00:00:01","ip-addr":"2001:db8::68","serial-number":"C02X70VHJHD5","ueid":"At6tvu/erQ==","uuid":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"}}]}],"attester-verification-keys":[{"environment":{"instance":{"type":"uuid","value":"31fb5abf-023e-4992-aa4e-95f9c1503bfa"}},"verification-keys":[{"key":"FGHIjkisldnASDxvWY...","chain":["MENGsdhfugjQWEtyX...","MIIEnjCCA4agAwIBA..."]}]}],"dev-identity-keys":[{"environment":{"instance":{"type":"ueid","value":"At6tvu/erQ=="}},"verification-keys":[{"key":"MIGkAgEBBDCk5QboB...","chain":["MIIDkjCCAxigAwIBA...","MIIEnjCCA4agAwIBA..."]}]}]}}
Example (Encode_PSA) 
comid := NewComid().
	SetTagIdentity("my-ns:acme-roadrunner-supplement", 0).
	AddEntity("ACME Ltd.", &TestRegID, RoleCreator, RoleTagCreator, RoleMaintainer).
	AddReferenceValue(
		ReferenceValue{
			Environment: Environment{
				Class: NewClassImplID(TestImplID).
					SetVendor("ACME Ltd.").
					SetModel("RoadRunner 2.0"),
			},
			Measurements: *NewMeasurements().
				AddMeasurement(
					NewPSAMeasurement(
						*NewPSARefValID(TestSignerID).
							SetLabel("BL").
							SetVersion("5.0.5"),
					).AddDigest(swid.Sha256_32, []byte{0xab, 0xcd, 0xef, 0x00}),
				).
				AddMeasurement(
					NewPSAMeasurement(
						*NewPSARefValID(TestSignerID).
							SetLabel("PRoT").
							SetVersion("1.3.5"),
					).AddDigest(swid.Sha256_32, []byte{0xab, 0xcd, 0xef, 0x00}),
				),
		},
	).
	AddAttestVerifKey(
		AttestVerifKey{
			Environment: Environment{
				Instance: NewInstanceUEID(TestUEID),
			},
			VerifKeys: *NewVerifKeys().
				AddVerifKey(
					NewVerifKey().
						SetKey("MIGkAgEBBDCk5QboB..."),
				),
		},
	)

cbor, err := comid.ToCBOR()
if err == nil {
	fmt.Printf("%x\n", cbor)
}

json, err := comid.ToJSON()
if err == nil {
	fmt.Printf("%s\n", string(json))
}

Output:

a301a10078206d792d6e733a61636d652d726f616472756e6e65722d737570706c656d656e740281a3006941434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d706c65028301000204a2008182a100a300d90258582061636d652d696d706c656d656e746174696f6e2d69642d303030303030303031016941434d45204c74642e026e526f616452756e6e657220322e3082a200d90259a30162424c0465352e302e35055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b01a10281820644abcdef00a200d90259a3016450526f540465312e332e35055820acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b01a10281820644abcdef00028182a101d902264702deadbeefdead81a100744d49476b416745424244436b3551626f422e2e2e
{"tag-identity":{"id":"my-ns:acme-roadrunner-supplement"},"entities":[{"name":"ACME Ltd.","regid":"https://acme.example","roles":["creator","tagCreator","maintainer"]}],"triples":{"reference-values":[{"environment":{"class":{"id":{"type":"psa.impl-id","value":"YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="},"vendor":"ACME Ltd.","model":"RoadRunner 2.0"}},"measurements":[{"key":{"type":"psa.refval-id","value":{"label":"BL","version":"5.0.5","signer-id":"rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="}},"value":{"digests":["sha-256-32:q83vAA=="]}},{"key":{"type":"psa.refval-id","value":{"label":"PRoT","version":"1.3.5","signer-id":"rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="}},"value":{"digests":["sha-256-32:q83vAA=="]}}]}],"attester-verification-keys":[{"environment":{"instance":{"type":"ueid","value":"At6tvu/erQ=="}},"verification-keys":[{"key":"MIGkAgEBBDCk5QboB..."}]}]}}
Example (Encode_PSA_attestation_verification) 
comid := NewComid().
	SetTagIdentity("my-ns:acme-roadrunner-supplement", 0).
	AddEntity("ACME Ltd.", &TestRegID, RoleCreator, RoleTagCreator, RoleMaintainer).
	AddAttestVerifKey(
		AttestVerifKey{
			Environment: Environment{
				Instance: NewInstanceUEID(TestUEID),
			},
			VerifKeys: *NewVerifKeys().
				AddVerifKey(
					NewVerifKey().
						SetKey("MFkwEwYHKoZI..."),
				),
		},
	)

cbor, err := comid.ToCBOR()
if err == nil {
	fmt.Printf("%x\n", cbor)
}

json, err := comid.ToJSON()
if err == nil {
	fmt.Printf("%s", string(json))
}

Output:

a301a10078206d792d6e733a61636d652d726f616472756e6e65722d737570706c656d656e740281a3006941434d45204c74642e01d8207468747470733a2f2f61636d652e6578616d706c65028301000204a1028182a101d902264702deadbeefdead81a1006f4d466b77457759484b6f5a492e2e2e
{"tag-identity":{"id":"my-ns:acme-roadrunner-supplement"},"entities":[{"name":"ACME Ltd.","regid":"https://acme.example","roles":["creator","tagCreator","maintainer"]}],"triples":{"attester-verification-keys":[{"environment":{"instance":{"type":"ueid","value":"At6tvu/erQ=="}},"verification-keys":[{"key":"MFkwEwYHKoZI..."}]}]}}
Example (Psa_keys) 
package main

import "fmt"

func main() {
	comid := Comid{}

	if err := comid.FromJSON([]byte(PSAKeysJSONTemplate)); err != nil {
		panic(err)
	}

	if err := comid.Valid(); err != nil {
		panic(err)
	}

	if err := extractKeys(&comid); err != nil {
		panic(err)
	}

}

func extractKeys(c *Comid) error {
	if c.Triples.AttestVerifKeys == nil {
		return fmt.Errorf("no reference values triples")
	}

	for i, k := range *c.Triples.AttestVerifKeys {
		if err := extractPSAKey(k); err != nil {
			return fmt.Errorf("bad PSA verification key value at index %d: %w", i, err)
		}
	}

	return nil
}

func extractPSAKey(k AttestVerifKey) error {
	class := k.Environment.Class

	if err := extractImplementationID(class); err != nil {
		return fmt.Errorf("extracting impl-id: %w", err)
	}

	instance := k.Environment.Instance

	if err := extractInstanceID(instance); err != nil {
		return fmt.Errorf("extracting inst-id: %w", err)
	}

	if len(k.VerifKeys) != 1 {
		return fmt.Errorf("more than one key")
	}

	fmt.Printf("IAK public key: %x\n", k.VerifKeys[0].Key)

	return nil
}

func extractInstanceID(i *Instance) error {
	if i == nil {
		return fmt.Errorf("no instance")
	}

	instID, err := i.GetUEID()
	if err != nil {
		return fmt.Errorf("extracting implemenetation-id: %w", err)
	}

	fmt.Printf("InstanceID: %x\n", instID)

	return nil
}

Output:

ImplementationID: 61636d652d696d706c656d656e746174696f6e2d69642d303030303030303031
InstanceID: 01ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
IAK public key: 4d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a30444151634451674145466e3074616f41775233506d724b6b594c74417344396f30354b534d366d6267664e436770754c306736567054486b5a6c3733776b354244786f56376e2b4f656565306949716b5733484d5a54334554696e694a64673d3d
ImplementationID: 61636d652d696d706c656d656e746174696f6e2d69642d303030303030303031
InstanceID: 014ca3e4f50bf248c39787020d68ffd05c88767751bf2645ca923f57a98becd296
IAK public key: 4d466b77457759484b6f5a497a6a3043415159494b6f5a497a6a304441516344516741453656777165376879334f385970612b425545544c556a424e5533724558565579743958485237484a574c473758544b51643969316b565258654250444c466e66597275312f657578526e4a4d374839556f46444c64413d3d
Example (Psa_refval) 
package main

import "fmt"

func main() {
	comid := Comid{}

	if err := comid.FromJSON([]byte(PSARefValJSONTemplate)); err != nil {
		panic(err)
	}

	if err := comid.Valid(); err != nil {
		panic(err)
	}

	if err := extractRefVals(&comid); err != nil {
		panic(err)
	}

}

func extractRefVals(c *Comid) error {
	if c.Triples.ReferenceValues == nil {
		return fmt.Errorf("no reference values triples")
	}

	for i, rv := range *c.Triples.ReferenceValues {
		if err := extractPSARefVal(rv); err != nil {
			return fmt.Errorf("bad PSA reference value at index %d: %w", i, err)
		}
	}

	return nil
}

func extractPSARefVal(rv ReferenceValue) error {
	class := rv.Environment.Class

	if err := extractImplementationID(class); err != nil {
		return fmt.Errorf("extracting impl-id: %w", err)
	}

	measurements := rv.Measurements

	if err := extractSwMeasurements(measurements); err != nil {
		return fmt.Errorf("extracting measurements: %w", err)
	}

	return nil
}

func extractSwMeasurements(m Measurements) error {
	if len(m) == 0 {
		return fmt.Errorf("no measurements")
	}

	for i, m := range m {
		if err := extractSwMeasurement(m); err != nil {
			return fmt.Errorf("extracting measurement at index %d: %w", i, err)
		}
	}

	return nil
}

func extractSwMeasurement(m Measurement) error {
	if err := extractPSARefValID(m.Key); err != nil {
		return fmt.Errorf("extracting PSA refval id: %w", err)
	}

	if err := extractDigest(m.Val.Digests); err != nil {
		return fmt.Errorf("extracting digest: %w", err)
	}

	return nil
}

func extractDigest(d *Digests) error {
	if d == nil {
		return fmt.Errorf("no digest")
	}

	if len(*d) != 1 {
		return fmt.Errorf("more than one digest")
	}

	fmt.Printf("Digest: %x\n", (*d)[0].HashValue)

	return nil
}

func extractPSARefValID(k *Mkey) error {
	if k == nil {
		return fmt.Errorf("no measurement key")
	}

	id, err := k.GetPSARefValID()
	if err != nil {
		return fmt.Errorf("getting PSA refval id: %w", err)
	}

	fmt.Printf("SignerID: %x\n", id.SignerID)

	if id.Label != nil {
		fmt.Printf("Label: %s\n", *id.Label)
	}

	if id.Version != nil {
		fmt.Printf("Version: %s\n", *id.Version)
	}

	// ignore alg-id

	return nil
}

func extractImplementationID(c *Class) error {
	if c == nil {
		return fmt.Errorf("no class")
	}

	classID := c.ClassID

	if classID == nil {
		return fmt.Errorf("no class-id")
	}

	implID, err := classID.GetImplID()
	if err != nil {
		return fmt.Errorf("extracting implemenetation-id: %w", err)
	}

	fmt.Printf("ImplementationID: %x\n", implID)

	return nil
}

Output:

ImplementationID: 61636d652d696d706c656d656e746174696f6e2d69642d303030303030303031
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: BL
Version: 2.1.0
Digest: 87428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: PRoT
Version: 1.3.5
Digest: 0263829989b6fd954f72baaf2fc64bc2e2f01d692d4de72986ea808f6e99813f
SignerID: acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b
Label: ARoT
Version: 0.1.4
Digest: a3a5e715f0cc574a73c3f9bebb6bc24f32ffd5b67b387244c2c909da779a1478

Index

Examples

Constants

View Source 
const (
	ClassIDTypeUUID = ClassIDType(iota)
	ClassIDTypeImplID
	ClassIDTypeOID

	ClassIDTypeUnknown = ^ClassIDType(0)
)
View Source 
const (
	// MaxASN1OIDLen is the maximum OID length accepted by the implementation
	MaxASN1OIDLen = 255
	// MinNumOIDArcs represents the minimum required arcs for a valid OID
	MinNumOIDArcs = 3
)
View Source 
const MaxUint64 = ^uint64(0)

Variables

View Source 
var (
	TestUUIDString = "31fb5abf-023e-4992-aa4e-95f9c1503bfa"
	TestUUID       = UUID(uuid.Must(uuid.Parse(TestUUIDString)))
	TestImplID     = ImplID([32]byte{
		0x61, 0x63, 0x6d, 0x65, 0x2d, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x6d, 0x65,
		0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2d, 0x69, 0x64, 0x2d, 0x30,
		0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31,
	})
	TestOID               = "2.5.2.8192"
	TestRegID             = "https://acme.example"
	TestMACaddr, _        = net.ParseMAC("02:00:5e:10:00:00:00:01")
	TestIPaddr            = net.ParseIP("2001:db8::68")
	TestUEIDString        = "02deadbeefdead"
	TestUEID              = eat.UEID(MustHexDecode(nil, TestUEIDString))
	TestSignerID          = MustHexDecode(nil, "acbb11c7e4da217205523ce4ce1a245ae1a239ae3c6bfd9e7871f7e5d8bae86b")
	TestTagID             = "urn:example:veraison"
	TestMKey       uint64 = 700
	TestCCALabel          = "cca-platform-config"
)
View Source 
var (
	PSARefValJSONTemplate = `` /* 1556-byte string literal not displayed */

	PSAKeysJSONTemplate = `` /* 1359-byte string literal not displayed */

	CCARefValJSONTemplate = `` /* 1806-byte string literal not displayed */

)

Functions

func IsAbsoluteURI 

func IsAbsoluteURI(s string) error

func MustHexDecode 

func MustHexDecode(t *testing.T, s string) []byte

func NewHashEntry 

func NewHashEntry(algID uint64, value []byte) *swid.HashEntry

Types

type AttestVerifKey 

type AttestVerifKey struct {
	Environment Environment `json:"environment"`
	VerifKeys   VerifKeys   `json:"verification-keys"`
	// contains filtered or unexported fields
}

AttestVerifKey stores an attest-key-triple-record with CBOR and JSON serializations. Note that the CBOR serialization packs the structure into an array. Instead, when serializing to JSON, the structure is converted into an object.

func (AttestVerifKey) Valid 

func (o AttestVerifKey) Valid() error

type CCAPlatformConfigID 

type CCAPlatformConfigID string

func (CCAPlatformConfigID) Empty 

func (o CCAPlatformConfigID) Empty() bool

func (CCAPlatformConfigID) Get 

func (o CCAPlatformConfigID) Get() (CCAPlatformConfigID, error)

func (*CCAPlatformConfigID) Set 

func (o *CCAPlatformConfigID) Set(v string) error

type Class 

type Class struct {
	ClassID *ClassID `cbor:"0,keyasint,omitempty" json:"id,omitempty"`
	Vendor  *string  `cbor:"1,keyasint,omitempty" json:"vendor,omitempty"`
	Model   *string  `cbor:"2,keyasint,omitempty" json:"model,omitempty"`
	Layer   *uint64  `cbor:"3,keyasint,omitempty" json:"layer,omitempty"`
	Index   *uint64  `cbor:"4,keyasint,omitempty" json:"index,omitempty"`
}

Class represents the class of the (target / attesting) environment. The only required field is the class unique identifier (see ClassID). Optionally, information about the specific brand & product as well as its topological coordinates within the wider device can be recorded.

func NewClassImplID 

func NewClassImplID(implID ImplID) *Class

NewClassImplID instantiates a new Class object that identifies the specified PSA Implementation ID

func NewClassOID 

func NewClassOID(oid string) *Class

NewClassOID instantiates a new Class object that identifies the OID

func NewClassUUID 

func NewClassUUID(uuid UUID) *Class

NewClassUUID instantiates a new Class object with the specified UUID as identifier

func (*Class) FromCBOR 

func (o *Class) FromCBOR(data []byte) error

FromCBOR deserializes the supplied CBOR data into the target Class

func (*Class) FromJSON 

func (o *Class) FromJSON(data []byte) error

FromJSON deserializes the supplied JSON string into the target Class

func (Class) GetIndex 

func (o Class) GetIndex() uint64

GetIndex returns the index number if it set in the target Class. Otherwise, uint64_max is returned.

func (Class) GetLayer 

func (o Class) GetLayer() uint64

GetLayer returns the layer number if it set in the target Class. Otherwise, uint64_max is returned.

func (Class) GetModel 

func (o Class) GetModel() string

GetModel returns the model string if it set in the target Class. Otherwise, an empty string is returned.

func (Class) GetVendor 

func (o Class) GetVendor() string

GetVendor returns the vendor string if it set in the target Class. Otherwise, an empty string is returned.

func (*Class) SetIndex 

func (o *Class) SetIndex(index uint64) *Class

SetIndex sets the "index" (i.e., the identifier of the environment instance in a specific layer) as indicated

func (*Class) SetLayer 

func (o *Class) SetLayer(layer uint64) *Class

SetLayer sets the "layer" (i.e., the logical/topological location of the environment in the device) as indicated

func (*Class) SetModel 

func (o *Class) SetModel(model string) *Class

SetModel sets the model metadata to the supplied string

func (*Class) SetVendor 

func (o *Class) SetVendor(vendor string) *Class

SetVendor sets the vendor metadata to the supplied string

func (Class) ToCBOR 

func (o Class) ToCBOR() ([]byte, error)

ToCBOR serializes the target Class to CBOR (if the Class is "valid")

func (Class) ToJSON 

func (o Class) ToJSON() ([]byte, error)

ToJSON serializes the target Class to JSON (if the Class is "valid")

func (Class) Valid 

func (o Class) Valid() error

Valid checks the non-empty<> constraint on the map

type ClassID 

type ClassID struct {
	// contains filtered or unexported fields
}

ClassID represents a $class-id-type-choice, which can be one of TaggedUUID, TaggedOID, or TaggedImplID (PSA-specific extension)

func (ClassID) GetImplID 

func (o ClassID) GetImplID() (ImplID, error)

func (ClassID) MarshalCBOR 

func (o ClassID) MarshalCBOR() ([]byte, error)

MarshalCBOR serializes the target ClassID to CBOR

func (ClassID) MarshalJSON 

func (o ClassID) MarshalJSON() ([]byte, error)

MarshalJSON serializes the target ClassID to JSON

func (*ClassID) SetImplID 

func (o *ClassID) SetImplID(implID ImplID) *ClassID

SetImplID sets the value of the targed ClassID to the supplied PSA Implementation ID (see Section 3.2.2 of draft-tschofenig-rats-psa-token)

func (*ClassID) SetOID 

func (o *ClassID) SetOID(s string) *ClassID

SetOID sets the value of the targed ClassID to the supplied OID. The OID is a string in dotted-decimal notation

func (*ClassID) SetUUID 

func (o *ClassID) SetUUID(uuid UUID) *ClassID

SetUUID sets the value of the targed ClassID to the supplied UUID

func (ClassID) String 

func (o ClassID) String() string

String returns a printable string of the ClassID value. UUIDs use the canonical 8-4-4-4-12 format, PSA Implementation IDs are base64 encoded. OIDs are output in dotted-decimal notation.

func (ClassID) Type 

func (o ClassID) Type() ClassIDType

Type returns the type of the target ClassID, i.e., one of UUID, OID or PSA Implementation ID

func (*ClassID) UnmarshalCBOR 

func (o *ClassID) UnmarshalCBOR(data []byte) error

UnmarshalCBOR deserializes the supplied CBOR buffer into the target ClassID. It is undefined behavior to try and inspect the target ClassID in case this method returns an error.

func (*ClassID) UnmarshalJSON 

func (o *ClassID) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the supplied JSON object into the target ClassID The class id object must have one of the following shapes:

UUID: 

{
  "type": "uuid",
  "value": "69E027B2-7157-4758-BCB4-D9F167FE49EA"
}

OID: 

{
  "type": "oid",
  "value": "2.16.840.1.113741.1.15.4.2"
}

PSA Implementation ID: 

{
  "type": "psa.impl-id",
  "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
}

func (ClassID) Unset 

func (o ClassID) Unset() bool

Unset tests whether the target ClassID has been initialized

type ClassIDType 

type ClassIDType uint16

type Comid 

type Comid struct {
	Language    *string     `cbor:"0,keyasint,omitempty" json:"lang,omitempty"`
	TagIdentity TagIdentity `cbor:"1,keyasint" json:"tag-identity"`
	Entities    *Entities   `cbor:"2,keyasint,omitempty" json:"entities,omitempty"`
	LinkedTags  *LinkedTags `cbor:"3,keyasint,omitempty" json:"linked-tags,omitempty"`
	Triples     Triples     `cbor:"4,keyasint" json:"triples"`
}

Comid is the top-level representation of a Concise Module IDentifier with CBOR and JSON serialization.

func NewComid 

func NewComid() *Comid

NewComid instantiates an empty Comid

func (*Comid) AddAttestVerifKey 

func (o *Comid) AddAttestVerifKey(val AttestVerifKey) *Comid

AddAttestVerifKey adds the supplied endorsed value to the attest-key-triples list of the target Comid.

func (*Comid) AddDevIdentityKey 

func (o *Comid) AddDevIdentityKey(val DevIdentityKey) *Comid

AddDevIdentityKey adds the supplied identity key to the identity-triples list of the target Comid.

func (*Comid) AddEndorsedValue 

func (o *Comid) AddEndorsedValue(val EndorsedValue) *Comid

AddEndorsedValue adds the supplied endorsed value to the endorsed-triples list of the target Comid.

func (*Comid) AddEntity 

func (o *Comid) AddEntity(name string, regID *string, roles ...Role) *Comid

AddEntity adds an organizational entity, together with the roles this entity claims with regards to the CoMID, to the target Comid. name is the entity name, regID is a URI that uniquely identifies the entity, and roles are one or more claimed roles chosen from the following: RoleTagCreator, RoleCreator and RoleMaintainer.

func (*Comid) AddLinkedTag 

func (o *Comid) AddLinkedTag(tagID interface{}, rel Rel) *Comid

AddLinkedTag adds a link relationship of type rel between the target Comid and another CoMID identified by its tagID. The rel parameter can be one of RelSupplements or RelReplaces.

func (*Comid) AddReferenceValue 

func (o *Comid) AddReferenceValue(val ReferenceValue) *Comid

AddReferenceValue adds the supplied reference value to the reference-triples list of the target Comid.

func (*Comid) FromCBOR 

func (o *Comid) FromCBOR(data []byte) error

FromCBOR deserializes a CBOR-encoded CoMID into the target Comid

func (*Comid) FromJSON 

func (o *Comid) FromJSON(data []byte) error

FromJSON deserializes a JSON-encoded CoMID into the target Comid

func (*Comid) SetLanguage 

func (o *Comid) SetLanguage(language string) *Comid

SetLanguage sets the language used in the target Comid to the supplied language tag. See also: BCP 47 and the IANA Language subtag registry.

func (*Comid) SetTagIdentity 

func (o *Comid) SetTagIdentity(tagID interface{}, tagIDVersion uint) *Comid

SetTagIdentity sets the identifier of the target Comid to the supplied tagID, which MUST be of type string or [16]byte. A tagIDVersion must also be supplied to disambiguate between different revisions of the same tag identity. If the tagID is newly minted, use 0. If the tagID has already been associated with a CoMID, pick a tagIDVersion greater than any other existing tagIDVersion's associated with that tagID.

func (Comid) ToCBOR 

func (o Comid) ToCBOR() ([]byte, error)

ToCBOR serializes the target Comid to CBOR

func (Comid) ToJSON 

func (o Comid) ToJSON() ([]byte, error)

ToJSON serializes the target Comid to JSON

func (Comid) ToJSONPretty 

func (o Comid) ToJSONPretty(indent string) ([]byte, error)

func (Comid) Valid 

func (o Comid) Valid() error

type DevIdentityKey 

type DevIdentityKey struct {
	Environment Environment `json:"environment"`
	VerifKeys   VerifKeys   `json:"verification-keys"`
	// contains filtered or unexported fields
}

DevIdentityKey stores an identity-triple-record with CBOR and JSON serializations. Note that the CBOR serialization packs the structure into an array. Instead, when serializing to JSON, the structure is converted into an object.

func (DevIdentityKey) Valid 

func (o DevIdentityKey) Valid() error

type Digests 

type Digests []swid.HashEntry

Digests is an alias for an array of SWID HashEntry

func NewDigests 

func NewDigests() *Digests

NewDigests instantiates an empty array of Digests

func (*Digests) AddDigest 

func (o *Digests) AddDigest(algID uint64, value []byte) *Digests

AddDigest create a new digest from the supplied arguments and appends it to the (already instantiated) Digests target. The method is a no-op if it is invoked on a nil target and will refuse to add inconsistent algo/value combinations.

func (Digests) Valid 

func (o Digests) Valid() error

type EndorsedValue 

type EndorsedValue struct {
	Environment  Environment  `json:"environment"`
	Measurements Measurements `json:"measurements"`
	// contains filtered or unexported fields
}

EndorsedValue stores an endorsed-triple-record with CBOR and JSON serializations. Note that the CBOR serialization packs the structure into an array. Instead, when serializing to JSON, the structure is converted into an object.

func (EndorsedValue) Valid 

func (o EndorsedValue) Valid() error

type Entities 

type Entities []Entity

Entities is an array of entity-map's

func NewEntities 

func NewEntities() *Entities

NewEntities instantiates an empty entity-map array

func (*Entities) AddEntity 

func (o *Entities) AddEntity(e Entity) *Entities

AddEntity adds the supplied entity-map to the target Entities

func (Entities) Valid 

func (o Entities) Valid() error

type Entity 

type Entity struct {
	EntityName string     `cbor:"0,keyasint" json:"name"`
	RegID      *TaggedURI `cbor:"1,keyasint,omitempty" json:"regid,omitempty"`
	Roles      Roles      `cbor:"2,keyasint" json:"roles"`
}

Entity stores an entity-map capable of CBOR and JSON serializations.

func (*Entity) SetEntityName 

func (o *Entity) SetEntityName(name string) *Entity

func (*Entity) SetRegID 

func (o *Entity) SetRegID(uri string) *Entity

func (*Entity) SetRoles 

func (o *Entity) SetRoles(roles ...Role) *Entity

func (Entity) Valid 

func (o Entity) Valid() error

type Environment 

type Environment struct {
	Class    *Class    `cbor:"0,keyasint,omitempty" json:"class,omitempty"`
	Instance *Instance `cbor:"1,keyasint,omitempty" json:"instance,omitempty"`
	Group    *Group    `cbor:"2,keyasint,omitempty" json:"group,omitempty"`
}

Environment stores the identifying information about a target or attesting environment at the class, instance and group scope. The Environment type has JSON and CBOR serializations.

func (*Environment) FromCBOR 

func (o *Environment) FromCBOR(data []byte) error

FromCBOR deserializes the supplied CBOR data into the target Environment

func (*Environment) FromJSON 

func (o *Environment) FromJSON(data []byte) error

FromJSON deserializes the supplied JSON string into the target Environment

func (Environment) ToCBOR 

func (o Environment) ToCBOR() ([]byte, error)

ToCBOR serializes the target Environment to CBOR (if the Environment is "valid")

func (Environment) ToJSON 

func (o Environment) ToJSON() ([]byte, error)

ToJSON serializes the target Environment to JSON (if the Environment is "valid")

func (Environment) Valid 

func (o Environment) Valid() error

Valid checks the validity (according to the spec) of the target Environment

type Group 

type Group struct {
	// contains filtered or unexported fields
}

Group stores a group identity. The supported format is UUID.

func NewGroup 

func NewGroup() *Group

NewGroup instantiates an empty group

func NewGroupUUID 

func NewGroupUUID(val UUID) *Group

NewGroupUUID instantiates a new group with the supplied UUID identity

func (Group) MarshalCBOR 

func (o Group) MarshalCBOR() ([]byte, error)

MarshalCBOR serializes the target group to CBOR

func (Group) MarshalJSON 

func (o Group) MarshalJSON() ([]byte, error)

func (*Group) SetUUID 

func (o *Group) SetUUID(val UUID) *Group

SetUUID sets the identity of the target group to the supplied UUID

func (Group) String 

func (o Group) String() string

String returns a printable string of the Group value. UUIDs use the canonical 8-4-4-4-12 format, UEIDs are hex encoded.

func (*Group) UnmarshalCBOR 

func (o *Group) UnmarshalCBOR(data []byte) error

UnmarshalCBOR deserializes the supplied CBOR into the target group

func (*Group) UnmarshalJSON 

func (o *Group) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the supplied JSON type/value object into the Group target. The only supported format is UUID, e.g.: 

{
  "type": "uuid",
  "value": "69E027B2-7157-4758-BCB4-D9F167FE49EA"
}

func (Group) Valid 

func (o Group) Valid() error

Valid checks for the validity of given group

type ImplID 

type ImplID [32]byte

func (ImplID) MarshalJSON 

func (o ImplID) MarshalJSON() ([]byte, error)

func (*ImplID) UnmarshalJSON 

func (o *ImplID) UnmarshalJSON(data []byte) error

type Instance 

type Instance struct {
	// contains filtered or unexported fields
}

Instance stores an instance identity. The supported formats are UUID and UEID.

func NewInstance 

func NewInstance() *Instance

NewInstance instantiates an empty instance

func NewInstanceUEID 

func NewInstanceUEID(val eat.UEID) *Instance

NewInstanceUEID instantiates a new instance with the supplied UEID identity

func NewInstanceUUID 

func NewInstanceUUID(val uuid.UUID) *Instance

NewInstanceUUID instantiates a new instance with the supplied UUID identity

func (Instance) GetUEID 

func (o Instance) GetUEID() (eat.UEID, error)

func (Instance) GetUUID 

func (o Instance) GetUUID() (UUID, error)

func (Instance) MarshalCBOR 

func (o Instance) MarshalCBOR() ([]byte, error)

MarshalCBOR serializes the target instance to CBOR

func (Instance) MarshalJSON 

func (o Instance) MarshalJSON() ([]byte, error)

func (*Instance) SetUEID 

func (o *Instance) SetUEID(val eat.UEID) *Instance

SetUEID sets the identity of the target instance to the supplied UEID

func (*Instance) SetUUID 

func (o *Instance) SetUUID(val uuid.UUID) *Instance

SetUUID sets the identity of the target instance to the supplied UUID

func (Instance) String 

func (o Instance) String() string

String returns a printable string of the Instance value. UUIDs use the canonical 8-4-4-4-12 format, UEIDs are hex encoded.

func (*Instance) UnmarshalCBOR 

func (o *Instance) UnmarshalCBOR(data []byte) error

func (*Instance) UnmarshalJSON 

func (o *Instance) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the supplied JSON type/value object into the Group target. The supported formats are UUID, e.g.: 

{
  "type": "uuid",
  "value": "69E027B2-7157-4758-BCB4-D9F167FE49EA"
}

and UEID: 

{
  "type": "ueid",
  "value": "Ad6tvu/erb7v3q2+796tvu8="
}

func (Instance) Valid 

func (o Instance) Valid() error

Valid checks for the validity of given instance

type LinkedTag 

type LinkedTag struct {
	LinkedTagID swid.TagID `cbor:"0,keyasint" json:"target"`
	Rel         Rel        `cbor:"1,keyasint" json:"rel"`
}

LinkedTag stores one link relation of type Rel between the embedding CoMID (the link context) and the referenced CoMID (the link target). The link can be viewed as a statement of the form: "$link_context $link_relation_type $link_target".

func NewLinkedTag 

func NewLinkedTag() *LinkedTag

func (*LinkedTag) SetLinkedTag 

func (o *LinkedTag) SetLinkedTag(t swid.TagID) *LinkedTag

func (*LinkedTag) SetRel 

func (o *LinkedTag) SetRel(r Rel) *LinkedTag

func (LinkedTag) Valid 

func (o LinkedTag) Valid() error

type LinkedTags 

type LinkedTags []LinkedTag

LinkedTags is an array of LinkedTag

func NewLinkedTags 

func NewLinkedTags() *LinkedTags

func (*LinkedTags) AddLinkedTag 

func (o *LinkedTags) AddLinkedTag(lt LinkedTag) *LinkedTags

AddLinkedTag adds the supplied linked Tag-map to the target Entities

func (LinkedTags) Valid 

func (o LinkedTags) Valid() error

type MACaddr 

type MACaddr net.HardwareAddr

MACaddr is an HW address (e.g., IEEE 802 MAC-48, EUI-48, EUI-64)

Note: Since TextUnmarshal is not defined on net.HardwareAddr (see: https://github.com/golang/go/issues/29678) we need to create an alias type with a custom decoder.

func (MACaddr) MarshalJSON 

func (o MACaddr) MarshalJSON() ([]byte, error)

func (*MACaddr) UnmarshalJSON 

func (o *MACaddr) UnmarshalJSON(data []byte) error

UnmarshalJSON deserialize a MAC address in textual form into the MACaddr target, e.g.: 

"mac-addr": "00:00:5e:00:53:01"

or 

"mac-addr": "02:00:5e:10:00:00:00:01"

Supported formats are IEEE 802 MAC-48, EUI-48, EUI-64, e.g.: 

00:00:5e:00:53:01
00-00-5e-00-53-01
02:00:5e:10:00:00:00:01
02-00-5e-10-00-00-00-01

type Measurement 

type Measurement struct {
	Key *Mkey `cbor:"0,keyasint,omitempty" json:"key,omitempty"`
	Val Mval  `cbor:"1,keyasint" json:"value"`
}

Measurement stores a measurement-map with CBOR and JSON serializations.

func NewCCAPlatCfgMeasurement 

func NewCCAPlatCfgMeasurement(ccaPlatformConfigID CCAPlatformConfigID) *Measurement

NewCCAPlatCfgMeasurement instantiates a new measurement-map with the key set to the supplied CCA platform-config-id

func NewMeasurement 

func NewMeasurement() *Measurement

NewMeasurement instantiates an empty measurement

func NewPSAMeasurement 

func NewPSAMeasurement(psaRefValID PSARefValID) *Measurement

NewPSAMeasurement instantiates a new measurement-map with the key set to the supplied PSA refval-id

func NewUUIDMeasurement 

func NewUUIDMeasurement(uuid UUID) *Measurement

NewUUIDMeasurement instantiates a new measurement-map with the key set to the supplied UUID

func NewUintMeasurement 

func NewUintMeasurement(mkey uint64) *Measurement

NewUintMeasurement instantiates a new measurement-map with the key set to the supplied Uint

func (*Measurement) AddDigest 

func (o *Measurement) AddDigest(algID uint64, digest []byte) *Measurement

AddDigest add the supplied digest - comprising the digest itself together with the hash algorithm used to obtain it - to the measurement-values-map of the target measurement

func (*Measurement) SetIPaddr 

func (o *Measurement) SetIPaddr(a net.IP) *Measurement

SetIPaddr sets the supplied IP (v4 or v6) address in the measurement-values-map of the target measurement

func (*Measurement) SetKeyCCAPlatformConfigID 

func (o *Measurement) SetKeyCCAPlatformConfigID(ccaPlatformConfigID CCAPlatformConfigID) *Measurement

SetKeyCCAPlatformConfigID sets the key of the target measurement-map to the supplied CCA platform-config-id

func (*Measurement) SetKeyPSARefValID 

func (o *Measurement) SetKeyPSARefValID(psaRefValID PSARefValID) *Measurement

SetKeyPSARefValID sets the key of the target measurement-map to the supplied PSA refval-id

func (*Measurement) SetKeyUUID 

func (o *Measurement) SetKeyUUID(u UUID) *Measurement

SetKeyKeyUUID sets the key of the target measurement-map to the supplied UUID

func (*Measurement) SetKeyUint 

func (o *Measurement) SetKeyUint(u uint64) *Measurement

SetKeyUint sets the key of the target measurement-map to the supplied unsigned integer

func (*Measurement) SetMACaddr 

func (o *Measurement) SetMACaddr(a MACaddr) *Measurement

SetMACaddr sets the supplied MAC address in the measurement-values-map of the target measurement

func (*Measurement) SetMinSVN 

func (o *Measurement) SetMinSVN(svn uint64) *Measurement

SetMinSVN sets the supplied min-svn in the measurement-values-map of the target measurement

func (*Measurement) SetOpFlags 

func (o *Measurement) SetOpFlags(flags ...OpFlags) *Measurement

SetOpFlags sets the supplied operational flags in the measurement-values-map of the target measurement

func (*Measurement) SetRawValueBytes 

func (o *Measurement) SetRawValueBytes(rawValue, rawValueMask []byte) *Measurement

SetRawValueBytes sets the supplied raw-value and its mask in the measurement-values-map of the target measurement

func (*Measurement) SetSVN 

func (o *Measurement) SetSVN(svn uint64) *Measurement

SetSVN sets the supplied svn in the measurement-values-map of the target measurement

func (*Measurement) SetSerialNumber 

func (o *Measurement) SetSerialNumber(sn string) *Measurement

SetSerialNumber sets the supplied serial number in the measurement-values-map of the target measurement

func (*Measurement) SetUEID 

func (o *Measurement) SetUEID(ueid eat.UEID) *Measurement

SetUEID sets the supplied ueid in the measurement-values-map of the target measurement

func (*Measurement) SetUUID 

func (o *Measurement) SetUUID(u UUID) *Measurement

SetUUID sets the supplied uuid in the measurement-values-map of the target measurement

func (*Measurement) SetVersion 

func (o *Measurement) SetVersion(ver string, scheme int64) *Measurement

func (Measurement) Valid 

func (o Measurement) Valid() error

type Measurements 

type Measurements []Measurement

Measurements is an array of Measurement

func NewMeasurements 

func NewMeasurements() *Measurements

NewMeasurements instantiates an empty Measurements array

func (*Measurements) AddMeasurement 

func (o *Measurements) AddMeasurement(m *Measurement) *Measurements

AddMeasurements adds the supplied Measurement to the target Measurement

func (Measurements) Valid 

func (o Measurements) Valid() error

type Mkey 

type Mkey struct {
	// contains filtered or unexported fields
}

Mkey stores a $measured-element-type-choice. The supported types are UUID, PSA refval-id, CCA platform-config-id and unsigned integer TO DO Add tagged OID: see https://github.com/veraison/corim/issues/35

func (Mkey) GetCCAPlatformConfigID 

func (o Mkey) GetCCAPlatformConfigID() (CCAPlatformConfigID, error)

func (Mkey) GetKeyUint 

func (o Mkey) GetKeyUint() (uint64, error)

func (Mkey) GetPSARefValID 

func (o Mkey) GetPSARefValID() (PSARefValID, error)

func (Mkey) IsCCAPlatformConfigID 

func (o Mkey) IsCCAPlatformConfigID() bool

func (Mkey) IsPSARefValID 

func (o Mkey) IsPSARefValID() bool

func (Mkey) IsSet 

func (o Mkey) IsSet() bool

func (Mkey) MarshalCBOR 

func (o Mkey) MarshalCBOR() ([]byte, error)

func (Mkey) MarshalJSON 

func (o Mkey) MarshalJSON() ([]byte, error)

MarshalJSON serializes the target Mkey into the type'n'value JSON object Supported types are: uuid, psa.refval-id and unsigned integer

func (*Mkey) UnmarshalCBOR 

func (o *Mkey) UnmarshalCBOR(data []byte) error

func (*Mkey) UnmarshalJSON 

func (o *Mkey) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the type'n'value JSON object into the target Mkey

func (Mkey) Valid 

func (o Mkey) Valid() error

type Mval 

type Mval struct {
	Ver          *Version  `cbor:"0,keyasint,omitempty" json:"version,omitempty"`
	SVN          *SVN      `cbor:"1,keyasint,omitempty" json:"svn,omitempty"`
	Digests      *Digests  `cbor:"2,keyasint,omitempty" json:"digests,omitempty"`
	OpFlags      *OpFlags  `cbor:"3,keyasint,omitempty" json:"op-flags,omitempty"`
	RawValue     *RawValue `cbor:"4,keyasint,omitempty" json:"raw-value,omitempty"`
	RawValueMask *[]byte   `cbor:"5,keyasint,omitempty" json:"raw-value-mask,omitempty"`
	MACAddr      *MACaddr  `cbor:"6,keyasint,omitempty" json:"mac-addr,omitempty"`
	IPAddr       *net.IP   `cbor:"7,keyasint,omitempty" json:"ip-addr,omitempty"`
	SerialNumber *string   `cbor:"8,keyasint,omitempty" json:"serial-number,omitempty"`
	UEID         *eat.UEID `cbor:"9,keyasint,omitempty" json:"ueid,omitempty"`
	UUID         *UUID     `cbor:"10,keyasint,omitempty" json:"uuid,omitempty"`
}

Mval stores a measurement-values-map with JSON and CBOR serializations.

func (Mval) Valid 

func (o Mval) Valid() error

type OID 

type OID []byte

BER-encoded absolute OID

func (*OID) FromString 

func (o *OID) FromString(s string) error

func (OID) MarshalJSON 

func (o OID) MarshalJSON() ([]byte, error)

func (OID) String 

func (o OID) String() string

func (*OID) UnmarshalJSON 

func (o *OID) UnmarshalJSON(data []byte) error

type OpFlags 

type OpFlags uint8

OpFlags implements the flags-type, mapping to DiceTcbInfo.flags via the operational flags not-configured, not-secure, recovery and debug. If the flags field is omitted, all flags are assumed to be 0. 

const (
	OpFlagNotConfigured OpFlags = 1 << iota
	OpFlagNotSecure
	OpFlagRecovery
	OpFlagDebug
)

func NewOpFlags 

func NewOpFlags() *OpFlags

func (OpFlags) IsSet 

func (o OpFlags) IsSet(flag OpFlags) bool

func (OpFlags) MarshalJSON 

func (o OpFlags) MarshalJSON() ([]byte, error)

func (*OpFlags) SetOpFlags 

func (o *OpFlags) SetOpFlags(flags ...OpFlags) *OpFlags

SetFlags sets the target object as specified. As many flags as necessary can be specified in one call.

func (OpFlags) Strings 

func (o OpFlags) Strings() []string

func (*OpFlags) UnmarshalJSON 

func (o *OpFlags) UnmarshalJSON(data []byte) error

UnmarshalJSON provides a custom deserializer for the OpFlags type that uses an array of identifiers rather than a bit set, e.g.: 

"op-flags": [
  "notSecure",
  "debug"
]

func (OpFlags) Valid 

func (o OpFlags) Valid() error

type PSARefValID 

type PSARefValID struct {
	Label    *string `cbor:"1,keyasint,omitempty" json:"label,omitempty"`
	Version  *string `cbor:"4,keyasint,omitempty" json:"version,omitempty"`
	SignerID []byte  `cbor:"5,keyasint" json:"signer-id"` // 32, 48 or 64
}

PSARefValID stores a PSA refval-id with CBOR and JSON serializations (See https://datatracker.ietf.org/doc/html/draft-xyz-rats-psa-endorsements)

func NewPSARefValID 

func NewPSARefValID(signerID []byte) *PSARefValID

func (*PSARefValID) SetLabel 

func (o *PSARefValID) SetLabel(label string) *PSARefValID

func (*PSARefValID) SetVersion 

func (o *PSARefValID) SetVersion(version string) *PSARefValID

func (PSARefValID) Valid 

func (o PSARefValID) Valid() error

Valid checks the validity (according to the spec) of the target PSARefValID

type RawValue 

type RawValue struct {
	// contains filtered or unexported fields
}

RawValue models a $raw-value-type-choice. For now, the only available type is bytes.

func NewRawValue 

func NewRawValue() *RawValue

func (RawValue) GetBytes 

func (o RawValue) GetBytes() ([]byte, error)

func (RawValue) MarshalCBOR 

func (o RawValue) MarshalCBOR() ([]byte, error)

func (RawValue) MarshalJSON 

func (o RawValue) MarshalJSON() ([]byte, error)

func (*RawValue) SetBytes 

func (o *RawValue) SetBytes(val []byte) *RawValue

func (*RawValue) UnmarshalCBOR 

func (o *RawValue) UnmarshalCBOR(data []byte) error

func (*RawValue) UnmarshalJSON 

func (o *RawValue) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the type'n'value JSON object into the target RawValue. The only supported type is "bytes" with value

type ReferenceValue 

type ReferenceValue struct {
	Environment  Environment  `json:"environment"`
	Measurements Measurements `json:"measurements"`
	// contains filtered or unexported fields
}

func (ReferenceValue) Valid 

func (o ReferenceValue) Valid() error

type Rel 

type Rel int64
const (
	RelSupplements Rel = iota
	RelReplaces

	RelUnset = ^Rel(0)
)

func NewRel 

func NewRel() *Rel

func (*Rel) FromCBOR 

func (o *Rel) FromCBOR(data []byte) error

func (Rel) Get 

func (o Rel) Get() Rel

func (Rel) MarshalJSON 

func (o Rel) MarshalJSON() ([]byte, error)

func (*Rel) Set 

func (o *Rel) Set(r Rel) *Rel

func (Rel) String 

func (o Rel) String() string

func (Rel) ToCBOR 

func (o Rel) ToCBOR() ([]byte, error)

func (*Rel) UnmarshalJSON 

func (o *Rel) UnmarshalJSON(data []byte) error

func (Rel) Valid 

func (o Rel) Valid() error

type Role 

type Role int64
const (
	RoleTagCreator Role = iota
	RoleCreator
	RoleMaintainer
)

type Roles 

type Roles []Role

func NewRoles 

func NewRoles() *Roles

func (*Roles) Add 

func (o *Roles) Add(roles ...Role) *Roles

func (*Roles) FromCBOR 

func (o *Roles) FromCBOR(data []byte) error

func (Roles) MarshalJSON 

func (o Roles) MarshalJSON() ([]byte, error)

func (Roles) ToCBOR 

func (o Roles) ToCBOR() ([]byte, error)

func (*Roles) UnmarshalJSON 

func (o *Roles) UnmarshalJSON(data []byte) error

func (Roles) Valid 

func (o Roles) Valid() error

type SVN 

type SVN struct {
	// contains filtered or unexported fields
}

func (SVN) MarshalCBOR 

func (o SVN) MarshalCBOR() ([]byte, error)

func (SVN) MarshalJSON 

func (o SVN) MarshalJSON() ([]byte, error)

func (*SVN) SetMinSVN 

func (o *SVN) SetMinSVN(val uint64) *SVN

func (*SVN) SetSVN 

func (o *SVN) SetSVN(val uint64) *SVN

func (*SVN) UnmarshalCBOR 

func (o *SVN) UnmarshalCBOR(data []byte) error

func (*SVN) UnmarshalJSON 

func (o *SVN) UnmarshalJSON(data []byte) error

Supported formats: { "type": "exact-value", "value": 123 } -> SVN { "type": "min-value", "value": 123 } -> MinSVN

type TagIdentity 

type TagIdentity struct {
	TagID      swid.TagID `cbor:"0,keyasint" json:"id"`
	TagVersion uint       `cbor:"1,keyasint,omitempty" json:"version,omitempty"`
}

func (TagIdentity) Valid 

func (o TagIdentity) Valid() error

type TaggedCCAPlatformConfigID 

type TaggedCCAPlatformConfigID CCAPlatformConfigID

type TaggedImplID 

type TaggedImplID ImplID

type TaggedMinSVN 

type TaggedMinSVN uint64

type TaggedOID 

type TaggedOID OID

type TaggedPSARefValID 

type TaggedPSARefValID PSARefValID

type TaggedRawValueBytes 

type TaggedRawValueBytes []byte

TaggedRawValueBytes is an alias for []byte to allow its automatic tagging

type TaggedSVN 

type TaggedSVN uint64

type TaggedUEID 

type TaggedUEID UEID

TaggedUEID is an alias to allow automatic tagging of an UEID type

type TaggedURI 

type TaggedURI string

func String2URI 

func String2URI(s *string) (*TaggedURI, error)

func (TaggedURI) Empty 

func (o TaggedURI) Empty() bool

type TaggedUUID 

type TaggedUUID UUID

TaggedUUID is an alias to allow automatic tagging of a UUID type

type Triples 

type Triples struct {
	ReferenceValues *[]ReferenceValue `cbor:"0,keyasint,omitempty" json:"reference-values,omitempty"`
	EndorsedValues  *[]EndorsedValue  `cbor:"1,keyasint,omitempty" json:"endorsed-values,omitempty"`
	AttestVerifKeys *[]AttestVerifKey `cbor:"2,keyasint,omitempty" json:"attester-verification-keys,omitempty"`
	DevIdentityKeys *[]DevIdentityKey `cbor:"3,keyasint,omitempty" json:"dev-identity-keys,omitempty"`
}

func (*Triples) AddAttestVerifKey 

func (o *Triples) AddAttestVerifKey(val AttestVerifKey) *Triples

func (*Triples) AddDevIdentityKey 

func (o *Triples) AddDevIdentityKey(val DevIdentityKey) *Triples

func (*Triples) AddEndorsedValue 

func (o *Triples) AddEndorsedValue(val EndorsedValue) *Triples

func (*Triples) AddReferenceValue 

func (o *Triples) AddReferenceValue(val ReferenceValue) *Triples

func (Triples) Valid 

func (o Triples) Valid() error

Valid checks that the Triples is valid as per the specification

type UEID 

type UEID eat.UEID

UEID is an Unique Entity Identifier

func (UEID) Empty 

func (o UEID) Empty() bool

func (UEID) MarshalJSON 

func (o UEID) MarshalJSON() ([]byte, error)

func (*UEID) UnmarshalJSON 

func (o *UEID) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the supplied string into the UEID target

func (UEID) Valid 

func (o UEID) Valid() error

Valid checks that the target UEID is in one of the defined formats: IMEI, EUI or RAND

type UUID 

type UUID uuid.UUID

UUID represents an Universally Unique Identifier (UUID, see RFC4122)

func ParseUUID 

func ParseUUID(s string) (UUID, error)

ParseUUID parses the supplied string into a UUID

func (UUID) Empty 

func (o UUID) Empty() bool

func (UUID) MarshalJSON 

func (o UUID) MarshalJSON() ([]byte, error)

MarshalJSON serialize the target UUID to a JSON string in canonical 8-4-4-4-12 format

func (UUID) String 

func (o UUID) String() string

String returns a string representation of the binary UUID

func (*UUID) UnmarshalJSON 

func (o *UUID) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes the supplied string into the UUID target The UUID string in expected to be in canonical 8-4-4-4-12 format

func (UUID) Valid 

func (o UUID) Valid() error

Valid checks that the target UUID is formatted as per RFC4122

type VerifKey 

type VerifKey struct {
	Key   string    `cbor:"0,keyasint" json:"key"`
	Chain *[]string `cbor:"1,keyasint,omitempty" json:"chain,omitempty"`
}

VerifKey stores the verification key material associated to a signing key. Key is - typically, but not necessarily - a public key. Chain is an optional X.509 certificate chain corresponding to the public key in Key, encoded as an array of one or more base64-encoded DER PKIX certificates. The certificate containing the public key in Key MUST be the first certificate. This MAY be followed by additional certificates, with each subsequent certificate being the one used to certify the previous one.

func NewVerifKey 

func NewVerifKey() *VerifKey

NewVerifKey instantiates an empty VerifKey

func (*VerifKey) AddCert 

func (o *VerifKey) AddCert(cert string) *VerifKey

AddCert adds the supplied base64-encoded DER PKIX certificate in the target object

func (*VerifKey) SetKey 

func (o *VerifKey) SetKey(key string) *VerifKey

SetKey sets the Key in the target object to the supplied value

func (VerifKey) Valid 

func (o VerifKey) Valid() error

type VerifKeys 

type VerifKeys []VerifKey

VerifKeys is an array of VerifKey

func NewVerifKeys 

func NewVerifKeys() *VerifKeys

NewVerifKeys instantiates an empty VerifKeys array

func (*VerifKeys) AddVerifKey 

func (o *VerifKeys) AddVerifKey(v *VerifKey) *VerifKeys

AddVerifKey adds the supplied VerifKey to the target VerifKeys array

func (VerifKeys) Valid 

func (o VerifKeys) Valid() error

type Version 

type Version struct {
	Version string             `cbor:"0,keyasint" json:"value"`
	Scheme  swid.VersionScheme `cbor:"1,keyasint" json:"scheme"`
}

Version stores a version-map with JSON and CBOR serializations.

func NewVersion 

func NewVersion() *Version

func (*Version) SetScheme 

func (o *Version) SetScheme(v int64) *Version

func (*Version) SetVersion 

func (o *Version) SetVersion(v string) *Version

func (Version) Valid 

func (o Version) Valid() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.