1; 2; From https://datatracker.ietf.org/doc/draft-ietf-suit-manifest/03/ 3; 4; Copyright (c) 2020 IETF Trust and the persons identified as the 5; document authors. All rights reserved. 6; 7; Redistribution and use in source and binary forms, with or without 8; modification, is permitted pursuant to, and subject to the license terms 9; contained in, the Simplified BSD License set forth in Section 4.c of the 10; IETF Trust’s Legal Provisions Relating to IETF Documents 11; (http://trustee.ietf.org/license-info). 12; 13 14SUIT_Outer_Wrapper = { 15 ?suit-delegation => bstr, ;.cbor SUIT_Delegation, 16 ?suit-authentication-wrapper 17 => bstr .cbor SUIT_Authentication_Wrapper / nil, 18 $$SUIT_Manifest_Wrapped, 19 ?suit-dependency-resolution => bstr .cbor SUIT_Command_Sequence, 20 ?suit-payload-fetch => bstr .cbor SUIT_Command_Sequence, 21 ?suit-install => bstr .cbor SUIT_Command_Sequence, 22 ?suit-text => bstr .cbor SUIT_Text_Map, 23 ?suit-coswid => bstr .cbor concise-software-identity 24} 25 26SUIT_Authentication_Wrapper = [ + ( 27 COSE_Mac_Tagged / 28 COSE_Sign_Tagged / 29 COSE_Mac0_Tagged / 30 COSE_Sign1_Tagged) 31] 32 33SUIT_Encryption_Wrapper = COSE_Encrypt_Tagged / COSE_Encrypt0_Tagged 34 35$$SUIT_Manifest_Wrapped //= (suit-manifest => bstr .cbor SUIT_Manifest) 36$$SUIT_Manifest_Wrapped //= ( 37 ?suit-manifest-encryption-info => bstr .cbor SUIT_Encryption_Wrapper, 38 ?suit-manifest-encrypted => bstr 39) 40 41COSE_Mac_Tagged = any 42COSE_Sign_Tagged = any 43COSE_Mac0_Tagged = any 44COSE_Sign1_Tagged = any 45COSE_Encrypt_Tagged = any 46COSE_Encrypt0_Tagged = any 47 48SUIT_Digest = [ 49 suit-digest-algorithm-id : $suit-digest-algorithm-ids, 50 suit-digest-bytes : bstr, 51 ;? suit-digest-parameters : any 52] 53 54; Named Information Hash Algorithm Identifiers 55suit-digest-algorithm-ids /= algorithm-id-sha224 56suit-digest-algorithm-ids /= algorithm-id-sha256 57suit-digest-algorithm-ids /= algorithm-id-sha384 58suit-digest-algorithm-ids /= algorithm-id-sha512 59suit-digest-algorithm-ids /= algorithm-id-sha3-224 60suit-digest-algorithm-ids /= algorithm-id-sha3-256 61suit-digest-algorithm-ids /= algorithm-id-sha3-384 62suit-digest-algorithm-ids /= algorithm-id-sha3-512 63 64algorithm-id-sha224 = 1 65algorithm-id-sha256 = 2 66algorithm-id-sha384 = 3 67algorithm-id-sha512 = 4 68algorithm-id-sha3-224 = 5 69algorithm-id-sha3-256 = 6 70algorithm-id-sha3-384 = 7 71algorithm-id-sha3-512 = 8 72 73SUIT_Manifest = { 74 suit-manifest-version => 1, 75 suit-manifest-sequence-number => uint, 76 ? suit-common => bstr .cbor SUIT_Common, 77 ? suit-dependency-resolution 78 => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, 79 ? suit-payload-fetch 80 => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, 81 ? suit-install 82 => SUIT_Digest / bstr .cbor SUIT_Command_Sequence, 83 ? suit-validate => bstr .cbor SUIT_Command_Sequence, 84 ? suit-load => bstr .cbor SUIT_Command_Sequence, 85 ? suit-run => bstr .cbor SUIT_Command_Sequence, 86 ? suit-text => SUIT_Digest, 87 ? suit-coswid 88 => SUIT_Digest / bstr .cbor concise-software-identity, 89} 90 91SUIT_Common = { 92 ? suit-dependencies => bstr .cbor SUIT_Dependencies, 93 ? suit-components => bstr .cbor SUIT_Components, 94 ? suit-dependency-components 95 => bstr .cbor SUIT_Component_References, 96 ? suit-common-sequence => bstr .cbor SUIT_Command_Sequence, 97} 98 99SUIT_Dependencies = [ + SUIT_Dependency ] 100SUIT_Components = [ + SUIT_Component_Identifier ] 101SUIT_Component_References = [ + SUIT_Component_Reference ] 102 103concise-software-identity = any 104 105SUIT_Dependency = { 106 suit-dependency-digest => SUIT_Digest, 107 suit-dependency-prefix => SUIT_Component_Identifier, 108} 109 110SUIT_Component_Identifier = [* bstr] 111 112SUIT_Component_Reference = { 113 suit-component-identifier => SUIT_Component_Identifier, 114 suit-component-dependency-index => uint 115} 116 117SUIT_Command_Sequence = [ 1*6 ( 118 SUIT_Condition // SUIT_Directive // SUIT_Command_Custom 119) ] 120 121SUIT_Command_Custom = (nint, bstr) 122SUIT_Condition //= (suit-condition-vendor-identifier, nil) 123SUIT_Condition //= (suit-condition-class-identifier, nil) 124SUIT_Condition //= (suit-condition-device-identifier, nil) 125SUIT_Condition //= (suit-condition-image-match, nil) 126SUIT_Condition //= (suit-condition-image-not-match, nil) 127SUIT_Condition //= (suit-condition-use-before, uint) 128SUIT_Condition //= (suit-condition-minimum-battery, uint) 129SUIT_Condition //= (suit-condition-update-authorized, int) 130SUIT_Condition //= (suit-condition-version, 131 SUIT_Condition_Version_Argument) 132SUIT_Condition //= (suit-condition-component-offset, uint) 133SUIT_Condition //= (suit-condition-custom, bstr) 134 135RFC4122_UUID = bstr .size 16 136 137SUIT_Condition_Version_Argument = [ 138 suit-condition-version-comparison-type: 139 SUIT_Condition_Version_Comparison_Types, 140 suit-condition-version-comparison-value: 141 SUIT_Condition_Version_Comparison_Value 142] 143SUIT_Condition_Version_Comparison_Types /= 144 suit-condition-version-comparison-greater 145SUIT_Condition_Version_Comparison_Types /= 146 suit-condition-version-comparison-greater-equal 147SUIT_Condition_Version_Comparison_Types /= 148 suit-condition-version-comparison-equal 149SUIT_Condition_Version_Comparison_Types /= 150 suit-condition-version-comparison-lesser-equal 151SUIT_Condition_Version_Comparison_Types /= 152 suit-condition-version-comparison-lesser 153 154suit-condition-version-comparison-greater = 1 155suit-condition-version-comparison-greater-equal = 2 156suit-condition-version-comparison-equal = 3 157suit-condition-version-comparison-lesser-equal = 4 158suit-condition-version-comparison-lesser = 5 159 160SUIT_Condition_Version_Comparison_Value = [+int] 161 162SUIT_Directive //= (suit-directive-set-component-index, uint/bool) 163SUIT_Directive //= (suit-directive-set-dependency-index, uint/bool) 164SUIT_Directive //= (suit-directive-run-sequence, 165 bstr .cbor SUIT_Command_Sequence) 166SUIT_Directive //= (suit-directive-try-each, 167 SUIT_Directive_Try_Each_Argument) 168SUIT_Directive //= (suit-directive-process-dependency, nil) 169SUIT_Directive //= (suit-directive-set-parameters, 170 {+ SUIT_Parameters}) 171SUIT_Directive //= (suit-directive-override-parameters, 172 {+ SUIT_Parameters}) 173SUIT_Directive //= (suit-directive-fetch, nil) 174SUIT_Directive //= (suit-directive-copy, nil) 175SUIT_Directive //= (suit-directive-swap, nil) 176SUIT_Directive //= (suit-directive-run, nil) 177SUIT_Directive //= (suit-directive-wait, 178 { + SUIT_Wait_Events }) 179SUIT_Directive //= (suit-directive-run-with-arguments, bstr) 180 181SUIT_Directive_Try_Each_Argument = [ 182 + bstr .cbor SUIT_Command_Sequence, 183 nil / bstr .cbor SUIT_Command_Sequence 184] 185 186SUIT_Wait_Events //= (suit-wait-event-authorization => int) 187SUIT_Wait_Events //= (suit-wait-event-power => int) 188SUIT_Wait_Events //= (suit-wait-event-network => int) 189SUIT_Wait_Events //= (suit-wait-event-other-device-version 190 => SUIT_Wait_Event_Argument_Other_Device_Version) 191SUIT_Wait_Events //= (suit-wait-event-time => uint); Timestamp 192SUIT_Wait_Events //= (suit-wait-event-time-of-day 193 => uint); Time of Day (seconds since 00:00:00) 194SUIT_Wait_Events //= (suit-wait-event-day-of-week 195 => uint); Days since Sunday 196 197SUIT_Wait_Event_Argument_Authorization = int ; priority 198SUIT_Wait_Event_Argument_Power = int ; Power Level 199SUIT_Wait_Event_Argument_Network = int ; Network State 200SUIT_Wait_Event_Argument_Other_Device_Version = [ 201 other-device: bstr, 202 other-device-version: [+int] 203] 204SUIT_Wait_Event_Argument_Time = uint ; Timestamp 205SUIT_Wait_Event_Argument_Time_Of_Day = uint ; Time of Day 206 ; (seconds since 00:00:00) 207SUIT_Wait_Event_Argument_Day_Of_Week = uint ; Days since Sunday 208 209SUIT_Parameters //= (suit-parameter-strict-order => bool) 210SUIT_Parameters //= (suit-parameter-soft-failure => bool) 211SUIT_Parameters //= (suit-parameter-vendor-id => bstr) 212SUIT_Parameters //= (suit-parameter-class-id => bstr) 213SUIT_Parameters //= (suit-parameter-device-id => bstr) 214SUIT_Parameters //= (suit-parameter-uri => tstr) 215SUIT_Parameters //= (suit-parameter-encryption-info 216 => bstr .cbor SUIT_Encryption_Info) 217SUIT_Parameters //= (suit-parameter-compression-info 218 => bstr .cbor SUIT_Compression_Info) 219SUIT_Parameters //= (suit-parameter-unpack-info 220 => bstr .cbor SUIT_Unpack_Info) 221SUIT_Parameters //= (suit-parameter-source-component => uint) 222SUIT_Parameters //= (suit-parameter-image-digest 223 => bstr .cbor SUIT_Digest) 224SUIT_Parameters //= (suit-parameter-image-size => uint) 225SUIT_Parameters //= (suit-parameter-uri-list 226 => bstr .cbor SUIT_Component_URI_List) 227SUIT_Parameters //= (suit-parameter-custom => int/bool/tstr/bstr) 228 229SUIT_Component_URI_List = [ + [priority: int, URI: tstr] ] 230 231SUIT_Encryption_Info = COSE_Encrypt_Tagged/COSE_Encrypt0_Tagged 232SUIT_Compression_Info = { 233 suit-compression-algorithm => SUIT_Compression_Algorithms, 234 ? suit-compression-parameters => bstr 235} 236 237SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_gzip 238SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_bzip2 239SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_lz4 240SUIT_Compression_Algorithms /= SUIT_Compression_Algorithm_lzma 241 242SUIT_Compression_Algorithm_gzip = 1 243SUIT_Compression_Algorithm_bzip2 = 2 244SUIT_Compression_Algorithm_deflate = 3 245SUIT_Compression_Algorithm_lz4 = 4 246SUIT_Compression_Algorithm_lzma = 7 247 248SUIT_Unpack_Info = { 249 suit-unpack-algorithm => SUIT_Unpack_Algorithms, 250 ? suit-unpack-parameters => bstr 251} 252 253SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Delta 254SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Hex 255SUIT_Unpack_Algorithms /= SUIT_Unpack_Algorithm_Elf 256 257SUIT_Unpack_Algorithm_Delta = 1 258SUIT_Unpack_Algorithm_Hex = 2 259SUIT_Unpack_Algorithm_Elf = 3 260 261SUIT_Text_Map = {int => tstr} 262 263suit-delegation = 0 264suit-authentication-wrapper = 1 265suit-manifest = 2 266 267suit-manifest-encryption-info = 3 268suit-manifest-encrypted = 4 269 270suit-manifest-version = 1 271suit-manifest-sequence-number = 2 272suit-common = 3 273suit-dependency-resolution = 7 274suit-payload-fetch = 8 275suit-install = 9 276suit-validate = 10 277suit-load = 11 278suit-run = 12 279suit-text = 13 280suit-coswid = 14 281 282suit-dependencies = 1 283suit-components = 2 284suit-dependency-components = 3 285suit-common-sequence = 4 286 287suit-dependency-digest = 1 288suit-dependency-prefix = 2 289 290suit-component-identifier = 1 291suit-component-dependency-index = 2 292 293suit-command-custom = nint 294 295suit-condition-vendor-identifier = 1 296suit-condition-class-identifier = 2 297suit-condition-image-match = 3 298suit-condition-use-before = 4 299suit-condition-component-offset = 5 300suit-condition-custom = 6 301 302suit-condition-device-identifier = 24 303suit-condition-image-not-match = 25 304suit-condition-minimum-battery = 26 305suit-condition-update-authorized = 27 306suit-condition-version = 28 307 308suit-directive-set-component-index = 12 309suit-directive-set-dependency-index = 13 310suit-directive-abort = 14 311suit-directive-try-each = 15 312;suit-directive-do-each = 16 ; TBD 313;suit-directive-map-filter = 17 ; TBD 314suit-directive-process-dependency = 18 315suit-directive-set-parameters = 19 316suit-directive-override-parameters = 20 317suit-directive-fetch = 21 318suit-directive-copy = 22 319suit-directive-run = 23 320 321suit-directive-wait = 29 322suit-directive-run-sequence = 30 323suit-directive-run-with-arguments = 31 324suit-directive-swap = 32 325 326suit-wait-event-argument-authorization = 1 327suit-wait-event-power = 2 328suit-wait-event-network = 3 329suit-wait-event-other-device-version = 4 330suit-wait-event-time = 5 331suit-wait-event-time-of-day = 6 332suit-wait-event-day-of-week = 7 333suit-wait-event-authorization = 8 334 335suit-parameter-strict-order = 1 336suit-parameter-soft-failure = 2 337suit-parameter-vendor-id = 3 338 339suit-parameter-class-id = 4 340suit-parameter-device-id = 5 341suit-parameter-uri = 6 342suit-parameter-encryption-info = 7 343suit-parameter-compression-info = 8 344suit-parameter-unpack-info = 9 345suit-parameter-source-component = 10 346suit-parameter-image-digest = 11 347suit-parameter-image-size = 12 348 349suit-parameter-uri-list = 24 350suit-parameter-uri-list-append = 25 351suit-parameter-prioritized-parameters = 26 352 353suit-parameter-custom = nint 354 355suit-compression-algorithm = 1 356suit-compression-parameters = 2 357 358suit-unpack-algorithm = 1 359suit-unpack-parameters = 2 360 361suit-text-manifest-description = 1 362suit-text-update-description = 2 363suit-text-vendor-name = 3 364suit-text-model-name = 4 365suit-text-vendor-domain = 5 366suit-text-model-info = 6 367suit-text-component-description = 7 368suit-text-manifest-json-source = 8 369suit-text-manifest-yaml-source = 9 370suit-text-version-dependencies = 10 371
