; ; From https://datatracker.ietf.org/doc/draft-ietf-suit-manifest/03/ ; ; Copyright (c) 2020 IETF Trust and the persons identified as the ; document authors. All rights reserved. ; ; Redistribution and use in source and binary forms, with or without ; modification, is permitted pursuant to, and subject to the license terms ; contained in, the Simplified BSD License set forth in Section 4.c of the ; IETF Trust’s Legal Provisions Relating to IETF Documents ; (http://trustee.ietf.org/license-info). ; SUIT_Outer_Wrapper = { ?suit-delegation => bstr, ;.cbor SUIT_Delegation, ?suit-authentication-wrapper => bstr .cbor SUIT_Authentication_Wrapper / nil, $$SUIT_Manifest_Wrapped, ?suit-dependency-resolution => bstr .cbor SUIT_Command_Sequence, ?suit-payload-fetch => bstr .cbor SUIT_Command_Sequence, ?suit-install => bstr .cbor SUIT_Command_Sequence, ?suit-text => bstr .cbor SUIT_Text_Map, ?suit-coswid => bstr .cbor concise-software-identity } SUIT_Authentication_Wrapper = [ + ( COSE_Mac_Tagged / COSE_Sign_Tagged / COSE_Mac0_Tagged / COSE_Sign1_Tagged) ] SUIT_Encryption_Wrapper = COSE_Encrypt_Tagged / COSE_Encrypt0_Tagged $$SUIT_Manifest_Wrapped //= (suit-manifest => bstr .cbor SUIT_Manifest) $$SUIT_Manifest_Wrapped //= ( ?suit-manifest-encryption-info => bstr .cbor SUIT_Encryption_Wrapper, ?suit-manifest-encrypted => bstr ) COSE_Mac_Tagged = any COSE_Sign_Tagged = any COSE_Mac0_Tagged = any COSE_Sign1_Tagged = any COSE_Encrypt_Tagged = any COSE_Encrypt0_Tagged = any SUIT_Digest = [ suit-digest-algorithm-id : $suit-digest-algorithm-ids, suit-digest-bytes : bstr, ;? suit-digest-parameters : any ] ; Named Information Hash Algorithm Identifiers suit-digest-algorithm-ids /= algorithm-id-sha224 suit-digest-algorithm-ids /= algorithm-id-sha256 suit-digest-algorithm-ids /= algorithm-id-sha384 suit-digest-algorithm-ids /= algorithm-id-sha512 suit-digest-algorithm-ids /= algorithm-id-sha3-224 suit-digest-algorithm-ids /= algorithm-id-sha3-256 suit-digest-algorithm-ids /= algorithm-id-sha3-384 suit-digest-algorithm-ids /= algorithm-id-sha3-512 algorithm-id-sha224 = 1 algorithm-id-sha256 = 2 algorithm-id-sha384 = 3 algorithm-id-sha512 = 4 algorithm-id-sha3-224 = 5 algorithm-id-sha3-256 = 6 algorithm-id-sha3-384 = 7 algorithm-id-sha3-512 = 8 SUIT_Manifest = { suit-manifest-version => 1, suit-manifest-sequence-number => uint, ? suit-common => bstr .cbor SUIT_Common, ? suit-dependency-resolution => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, ? suit-payload-fetch => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, ? suit-install => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, ? suit-validate => bstr .cbor SUIT_Command_Sequence, ? suit-load => bstr .cbor SUIT_Command_Sequence, ? suit-run => bstr .cbor SUIT_Command_Sequence, ? suit-text => SUIT_Digest, ? suit-coswid => SUIT_Digest / bstr .cbor concise-software-identity, } SUIT_Common = { ? suit-dependencies => bstr .cbor SUIT_Dependencies, ? suit-components => bstr .cbor SUIT_Components, ? suit-dependency-components => bstr .cbor SUIT_Component_References, ? suit-common-sequence => bstr .cbor SUIT_Command_Sequence, } SUIT_Dependencies = [ + SUIT_Dependency ] SUIT_Components = [ + SUIT_Component_Identifier ] SUIT_Component_References = [ + SUIT_Component_Reference ] concise-software-identity = any SUIT_Dependency = { suit-dependency-digest => SUIT_Digest, suit-dependency-prefix => SUIT_Component_Identifier, } SUIT_Component_Identifier = [* bstr] SUIT_Component_Reference = { suit-component-identifier => SUIT_Component_Identifier, suit-component-dependency-index => uint } SUIT_Command_Sequence = [ 1*6 ( SUIT_Condition // SUIT_Directive // SUIT_Command_Custom ) ] SUIT_Command_Custom = (nint, bstr) SUIT_Condition //= (suit-condition-vendor-identifier, nil) SUIT_Condition //= (suit-condition-class-identifier, nil) SUIT_Condition //= (suit-condition-device-identifier, nil) SUIT_Condition //= (suit-condition-image-match, nil) SUIT_Condition //= (suit-condition-image-not-match, nil) SUIT_Condition //= (suit-condition-use-before, uint) SUIT_Condition //= (suit-condition-minimum-battery, uint) SUIT_Condition //= (suit-condition-update-authorized, int) SUIT_Condition //= (suit-condition-version, SUIT_Condition_Version_Argument) SUIT_Condition //= (suit-condition-component-offset, uint) SUIT_Condition //= (suit-condition-custom, bstr) RFC4122_UUID = bstr .size 16 SUIT_Condition_Version_Argument = [ suit-condition-version-comparison-type: SUIT_Condition_Version_Comparison_Types, suit-condition-version-comparison-value: SUIT_Condition_Version_Comparison_Value ] SUIT_Condition_Version_Comparison_Types /= suit-condition-version-comparison-greater SUIT_Condition_Version_Comparison_Types /= suit-condition-version-comparison-greater-equal SUIT_Condition_Version_Comparison_Types /= suit-condition-version-comparison-equal SUIT_Condition_Version_Comparison_Types /= suit-condition-version-comparison-lesser-equal SUIT_Condition_Version_Comparison_Types /= suit-condition-version-comparison-lesser suit-condition-version-comparison-greater = 1 suit-condition-version-comparison-greater-equal = 2 suit-condition-version-comparison-equal = 3 suit-condition-version-comparison-lesser-equal = 4 suit-condition-version-comparison-lesser = 5 SUIT_Condition_Version_Comparison_Value = [+int] SUIT_Directive //= (suit-directive-set-component-index, uint/bool) SUIT_Directive //= (suit-directive-set-dependency-index, uint/bool) SUIT_Directive //= (suit-directive-run-sequence, bstr .cbor SUIT_Command_Sequence) SUIT_Directive //= (suit-directive-try-each, SUIT_Directive_Try_Each_Argument) SUIT_Directive //= (suit-directive-process-dependency, nil) SUIT_Directive //= (suit-directive-set-parameters, {+ SUIT_Parameters}) SUIT_Directive //= (suit-directive-override-parameters, {+ SUIT_Parameters}) SUIT_Directive //= (suit-directive-fetch, nil) SUIT_Directive //= (suit-directive-copy, nil) SUIT_Directive //= (suit-directive-swap, nil) SUIT_Directive //= (suit-directive-run, nil) SUIT_Directive //= (suit-directive-wait, { + SUIT_Wait_Events }) SUIT_Directive //= (suit-directive-run-with-arguments, bstr) SUIT_Directive_Try_Each_Argument = [ + bstr .cbor SUIT_Command_Sequence, nil / bstr .cbor SUIT_Command_Sequence ] SUIT_Wait_Events //= (suit-wait-event-authorization => int) SUIT_Wait_Events //= (suit-wait-event-power => int) SUIT_Wait_Events //= (suit-wait-event-network => int) SUIT_Wait_Events //= (suit-wait-event-other-device-version => SUIT_Wait_Event_Argument_Other_Device_Version) SUIT_Wait_Events //= (suit-wait-event-time => uint); Timestamp SUIT_Wait_Events //= (suit-wait-event-time-of-day => uint); Time of Day (seconds since 00:00:00) SUIT_Wait_Events //= (suit-wait-event-day-of-week => uint); Days since Sunday SUIT_Wait_Event_Argument_Authorization = int ; priority SUIT_Wait_Event_Argument_Power = int ; Power Level SUIT_Wait_Event_Argument_Network = int ; Network State SUIT_Wait_Event_Argument_Other_Device_Version = [ other-device: bstr, other-device-version: [+int] ] SUIT_Wait_Event_Argument_Time = uint ; Timestamp SUIT_Wait_Event_Argument_Time_Of_Day = uint ; Time of Day ; (seconds since 00:00:00) SUIT_Wait_Event_Argument_Day_Of_Week = uint ; Days since Sunday SUIT_Parameters //= (suit-parameter-strict-order => bool) SUIT_Parameters //= (suit-parameter-soft-failure => bool) SUIT_Parameters //= (suit-parameter-vendor-id => bstr) SUIT_Parameters //= (suit-parameter-class-id => bstr) SUIT_Parameters //= (suit-parameter-device-id => bstr) SUIT_Parameters //= (suit-parameter-uri => tstr) SUIT_Parameters //= (suit-parameter-encryption-info => bstr .cbor SUIT_Encryption_Info) SUIT_Parameters //= (suit-parameter-compression-info => bstr .cbor SUIT_Compression_Info) SUIT_Parameters //= (suit-parameter-unpack-info => bstr .cbor SUIT_Unpack_Info) SUIT_Parameters //= (suit-parameter-source-component => uint) SUIT_Parameters //= (suit-parameter-image-digest => bstr .cbor SUIT_Digest) SUIT_Parameters //= (suit-parameter-image-size => uint) SUIT_Parameters //= (suit-parameter-uri-list => bstr .cbor SUIT_Component_URI_List) SUIT_Parameters //= (suit-parameter-custom => int/bool/tstr/bstr) SUIT_Component_URI_List = [ + [priority: int, URI: tstr] ] SUIT_Encryption_Info = COSE_Encrypt_Tagged/COSE_Encrypt0_Tagged SUIT_Compression_Info = { suit-compression-algorithm => SUIT_Compression_Algorithms, ? suit-compression-parameters => bstr } SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_gzip SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_bzip2 SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_lz4 SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_lzma SUIT_Compression_Algorithm_gzip = 1 SUIT_Compression_Algorithm_bzip2 = 2 SUIT_Compression_Algorithm_deflate = 3 SUIT_Compression_Algorithm_lz4 = 4 SUIT_Compression_Algorithm_lzma = 7 SUIT_Unpack_Info = { suit-unpack-algorithm => SUIT_Unpack_Algorithms, ? suit-unpack-parameters => bstr } SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Delta SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Hex SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Elf SUIT_Unpack_Algorithm_Delta = 1 SUIT_Unpack_Algorithm_Hex = 2 SUIT_Unpack_Algorithm_Elf = 3 SUIT_Text_Map = {int => tstr} suit-delegation = 0 suit-authentication-wrapper = 1 suit-manifest = 2 suit-manifest-encryption-info = 3 suit-manifest-encrypted = 4 suit-manifest-version = 1 suit-manifest-sequence-number = 2 suit-common = 3 suit-dependency-resolution = 7 suit-payload-fetch = 8 suit-install = 9 suit-validate = 10 suit-load = 11 suit-run = 12 suit-text = 13 suit-coswid = 14 suit-dependencies = 1 suit-components = 2 suit-dependency-components = 3 suit-common-sequence = 4 suit-dependency-digest = 1 suit-dependency-prefix = 2 suit-component-identifier = 1 suit-component-dependency-index = 2 suit-command-custom = nint suit-condition-vendor-identifier = 1 suit-condition-class-identifier = 2 suit-condition-image-match = 3 suit-condition-use-before = 4 suit-condition-component-offset = 5 suit-condition-custom = 6 suit-condition-device-identifier = 24 suit-condition-image-not-match = 25 suit-condition-minimum-battery = 26 suit-condition-update-authorized = 27 suit-condition-version = 28 suit-directive-set-component-index = 12 suit-directive-set-dependency-index = 13 suit-directive-abort = 14 suit-directive-try-each = 15 ;suit-directive-do-each = 16 ; TBD ;suit-directive-map-filter = 17 ; TBD suit-directive-process-dependency = 18 suit-directive-set-parameters = 19 suit-directive-override-parameters = 20 suit-directive-fetch = 21 suit-directive-copy = 22 suit-directive-run = 23 suit-directive-wait = 29 suit-directive-run-sequence = 30 suit-directive-run-with-arguments = 31 suit-directive-swap = 32 suit-wait-event-argument-authorization = 1 suit-wait-event-power = 2 suit-wait-event-network = 3 suit-wait-event-other-device-version = 4 suit-wait-event-time = 5 suit-wait-event-time-of-day = 6 suit-wait-event-day-of-week = 7 suit-wait-event-authorization = 8 suit-parameter-strict-order = 1 suit-parameter-soft-failure = 2 suit-parameter-vendor-id = 3 suit-parameter-class-id = 4 suit-parameter-device-id = 5 suit-parameter-uri = 6 suit-parameter-encryption-info = 7 suit-parameter-compression-info = 8 suit-parameter-unpack-info = 9 suit-parameter-source-component = 10 suit-parameter-image-digest = 11 suit-parameter-image-size = 12 suit-parameter-uri-list = 24 suit-parameter-uri-list-append = 25 suit-parameter-prioritized-parameters = 26 suit-parameter-custom = nint suit-compression-algorithm = 1 suit-compression-parameters = 2 suit-unpack-algorithm = 1 suit-unpack-parameters = 2 suit-text-manifest-description = 1 suit-text-update-description = 2 suit-text-vendor-name = 3 suit-text-model-name = 4 suit-text-vendor-domain = 5 suit-text-model-info = 6 suit-text-component-description = 7 suit-text-manifest-json-source = 8 suit-text-manifest-yaml-source = 9 suit-text-version-dependencies = 10