; Copied from draft-ietf-suit-manifest-16 (https://datatracker.ietf.org/doc/html/draft-ietf-suit-manifest-16) SUIT_Envelope_Tagged = #6.107(SUIT_Envelope) SUIT_Envelope = { ; Comment out since it depends on deleted types (was probably meant to be deleted) ;? suit-delegation => bstr .cbor SUIT_Delegation, suit-authentication-wrapper => bstr .cbor SUIT_Authentication, suit-manifest => bstr .cbor SUIT_Manifest, SUIT_Severable_Manifest_Members, * SUIT_Integrated_Payload, * $$SUIT_Envelope_Extensions, ; Comment out the following entry that interferes with testing SUIT_Integrated_Payload. ; The entry is unnecessary together with $$SUIT_Envelope_Extensions. ; It is optional, so removing it is still conformant. ;* (int => bstr) } SUIT_Authentication = [ bstr .cbor SUIT_Digest, * bstr .cbor SUIT_Authentication_Block ] SUIT_Digest = [ suit-digest-algorithm-id : suit-cose-hash-algs, suit-digest-bytes : bstr, * $$SUIT_Digest-extensions ] SUIT_Authentication_Block /= COSE_Mac_Tagged SUIT_Authentication_Block /= COSE_Sign_Tagged SUIT_Authentication_Block /= COSE_Mac0_Tagged SUIT_Authentication_Block /= COSE_Sign1_Tagged SUIT_Severable_Manifest_Members = ( ? suit-payload-fetch => bstr .cbor SUIT_Command_Sequence, ? suit-install => bstr .cbor SUIT_Command_Sequence, ? suit-text => bstr .cbor SUIT_Text_Map, * $$SUIT_severable-members-extensions, ) SUIT_Integrated_Payload = (suit-integrated-payload-key => bstr) suit-integrated-payload-key = tstr SUIT_Manifest_Tagged = #6.1070(SUIT_Manifest) SUIT_Manifest = { suit-manifest-version => 1, suit-manifest-sequence-number => uint, suit-common => bstr .cbor SUIT_Common, ? suit-reference-uri => tstr, SUIT_Severable_Members_Choice, SUIT_Unseverable_Members, * $$SUIT_Manifest_Extensions, } SUIT_Unseverable_Members = ( ? suit-validate => bstr .cbor SUIT_Command_Sequence, ? suit-load => bstr .cbor SUIT_Command_Sequence, ? suit-run => bstr .cbor SUIT_Command_Sequence, * $$unseverable-manifest-member-extensions, ) SUIT_Severable_Members_Choice = ( ? suit-payload-fetch => \ bstr .cbor SUIT_Command_Sequence / SUIT_Digest, ? suit-install => bstr .cbor SUIT_Command_Sequence / SUIT_Digest, ? suit-text => bstr .cbor SUIT_Command_Sequence / SUIT_Digest, * $$severable-manifest-members-choice-extensions ) SUIT_Common = { ? suit-components => SUIT_Components, ? suit-common-sequence => bstr .cbor SUIT_Common_Sequence, * $$SUIT_Common-extensions, } SUIT_Components = [ + SUIT_Component_Identifier ] ; Comment out since it depends on deleted types (was probably meant to be deleted) ;SUIT_Dependency = { ; suit-dependency-digest => SUIT_Digest, ; ? suit-dependency-prefix => SUIT_Component_Identifier, ; * $$SUIT_Dependency-extensions, ;} ;REQUIRED to implement: suit-cose-hash-algs /= cose-alg-sha-256 ;OPTIONAL to implement: suit-cose-hash-algs /= cose-alg-shake128 suit-cose-hash-algs /= cose-alg-sha-384 suit-cose-hash-algs /= cose-alg-sha-512 suit-cose-hash-algs /= cose-alg-shake256 SUIT_Component_Identifier = [* bstr] SUIT_Common_Sequence = [ + ( SUIT_Condition // SUIT_Common_Commands ) ] SUIT_Common_Commands //= (suit-directive-set-component-index, IndexArg) SUIT_Common_Commands //= (suit-directive-run-sequence, bstr .cbor SUIT_Command_Sequence) SUIT_Common_Commands //= (suit-directive-try-each, SUIT_Directive_Try_Each_Argument) SUIT_Common_Commands //= (suit-directive-override-parameters, {+ SUIT_Parameters}) IndexArg /= uint IndexArg /= bool IndexArg /= [+uint] SUIT_Command_Sequence = [ + ( SUIT_Condition // SUIT_Directive // SUIT_Command_Custom ) ] SUIT_Command_Custom = (suit-command-custom, bstr/tstr/int/nil) SUIT_Condition //= (suit-condition-vendor-identifier, SUIT_Rep_Policy) SUIT_Condition //= (suit-condition-class-identifier, SUIT_Rep_Policy) SUIT_Condition //= (suit-condition-device-identifier, SUIT_Rep_Policy) SUIT_Condition //= (suit-condition-image-match, SUIT_Rep_Policy) SUIT_Condition //= (suit-condition-component-slot, SUIT_Rep_Policy) SUIT_Condition //= (suit-condition-abort, SUIT_Rep_Policy) SUIT_Directive //= (suit-directive-set-component-index, IndexArg) SUIT_Directive //= (suit-directive-run-sequence, bstr .cbor SUIT_Command_Sequence) SUIT_Directive //= (suit-directive-try-each, SUIT_Directive_Try_Each_Argument) ; Comment out since it depends on deleted types (was probably meant to be deleted) ;SUIT_Directive //= (suit-directive-process-dependency, SUIT_Rep_Policy) SUIT_Directive //= (suit-directive-override-parameters, {+ SUIT_Parameters}) SUIT_Directive //= (suit-directive-fetch, SUIT_Rep_Policy) SUIT_Directive //= (suit-directive-copy, SUIT_Rep_Policy) SUIT_Directive //= (suit-directive-swap, SUIT_Rep_Policy) SUIT_Directive //= (suit-directive-run, SUIT_Rep_Policy) SUIT_Directive_Try_Each_Argument = [ 2* bstr .cbor SUIT_Command_Sequence, ?nil ] SUIT_Rep_Policy = uint .bits suit-reporting-bits suit-reporting-bits = &( suit-send-record-success : 0, suit-send-record-failure : 1, suit-send-sysinfo-success : 2, suit-send-sysinfo-failure : 3 ) SUIT_Parameters //= (suit-parameter-vendor-identifier => (RFC4122_UUID / cbor-pen)) cbor-pen = #6.112(bstr) SUIT_Parameters //= (suit-parameter-class-identifier => RFC4122_UUID) SUIT_Parameters //= (suit-parameter-image-digest => bstr .cbor SUIT_Digest) SUIT_Parameters //= (suit-parameter-image-size => uint) SUIT_Parameters //= (suit-parameter-component-slot => uint) SUIT_Parameters //= (suit-parameter-uri => tstr) SUIT_Parameters //= (suit-parameter-source-component => uint) SUIT_Parameters //= (suit-parameter-run-args => bstr) SUIT_Parameters //= (suit-parameter-device-identifier => RFC4122_UUID) SUIT_Parameters //= (suit-parameter-custom => int/bool/tstr/bstr) SUIT_Parameters //= (suit-parameter-strict-order => bool) SUIT_Parameters //= (suit-parameter-soft-failure => bool) RFC4122_UUID = bstr .size 16 SUIT_Text_Map = { SUIT_Text_Keys, * SUIT_Component_Identifier => { SUIT_Text_Component_Keys } } SUIT_Text_Component_Keys = ( ? suit-text-vendor-name => tstr, ? suit-text-model-name => tstr, ? suit-text-vendor-domain => tstr, ? suit-text-model-info => tstr, ? suit-text-component-description => tstr, ? suit-text-component-version => tstr, * $$suit-text-component-key-extensions ) SUIT_Text_Keys = ( ? suit-text-manifest-description => tstr, ? suit-text-update-description => tstr, ? suit-text-manifest-json-source => tstr, ? suit-text-manifest-yaml-source => tstr, * $$suit-text-key-extensions ) suit-authentication-wrapper = 2 suit-manifest = 3 ;REQUIRED to implement: cose-alg-sha-256 = -16 ;OPTIONAL to implement: cose-alg-shake128 = -18 cose-alg-sha-384 = -43 cose-alg-sha-512 = -44 cose-alg-shake256 = -45 suit-manifest-version = 1 suit-manifest-sequence-number = 2 suit-common = 3 suit-reference-uri = 4 suit-payload-fetch = 8 suit-install = 9 suit-validate = 10 suit-load = 11 suit-run = 12 suit-text = 13 suit-components = 2 suit-common-sequence = 4 suit-command-custom = nint suit-condition-vendor-identifier = 1 suit-condition-class-identifier = 2 suit-condition-image-match = 3 suit-condition-component-slot = 5 suit-condition-abort = 14 suit-condition-device-identifier = 24 suit-directive-set-component-index = 12 suit-directive-try-each = 15 suit-directive-override-parameters = 20 suit-directive-fetch = 21 suit-directive-copy = 22 suit-directive-run = 23 suit-directive-swap = 31 suit-directive-run-sequence = 32 suit-parameter-vendor-identifier = 1 suit-parameter-class-identifier = 2 suit-parameter-image-digest = 3 suit-parameter-component-slot = 5 suit-parameter-strict-order = 12 suit-parameter-soft-failure = 13 suit-parameter-image-size = 14 suit-parameter-uri = 21 suit-parameter-source-component = 22 suit-parameter-run-args = 23 suit-parameter-device-identifier = 24 suit-parameter-custom = nint suit-text-manifest-description = 1 suit-text-update-description = 2 suit-text-manifest-json-source = 3 suit-text-manifest-yaml-source = 4 suit-text-vendor-name = 1 suit-text-model-name = 2 suit-text-vendor-domain = 3 suit-text-model-info = 4 suit-text-component-description = 5 suit-text-component-version = 6