| < draft-ietf-suit-manifest-11.txt | draft-ietf-suit-manifest-12.txt > | |||
|---|---|---|---|---|
| SUIT B. Moran | SUIT B. Moran | |||
| Internet-Draft H. Tschofenig | Internet-Draft H. Tschofenig | |||
| Intended status: Standards Track Arm Limited | Intended status: Standards Track Arm Limited | |||
| Expires: June 11, 2021 H. Birkholz | Expires: August 26, 2021 H. Birkholz | |||
| Fraunhofer SIT | Fraunhofer SIT | |||
| K. Zandberg | K. Zandberg | |||
| Inria | Inria | |||
| December 08, 2020 | February 22, 2021 | |||
| A Concise Binary Object Representation (CBOR)-based Serialization Format | A Concise Binary Object Representation (CBOR)-based Serialization Format | |||
| for the Software Updates for Internet of Things (SUIT) Manifest | for the Software Updates for Internet of Things (SUIT) Manifest | |||
| draft-ietf-suit-manifest-11 | draft-ietf-suit-manifest-12 | |||
| Abstract | Abstract | |||
| This specification describes the format of a manifest. A manifest is | This specification describes the format of a manifest. A manifest is | |||
| a bundle of metadata about code/data obtained by a recipient (chiefly | a bundle of metadata about code/data obtained by a recipient (chiefly | |||
| the firmware for an IoT device), where to find the that code/data, | the firmware for an IoT device), where to find the that code/data, | |||
| the devices to which it applies, and cryptographic information | the devices to which it applies, and cryptographic information | |||
| protecting the manifest. Software updates and Trusted Invocation | protecting the manifest. Software updates and Trusted Invocation | |||
| both tend to use sequences of common operations, so the manifest | both tend to use sequences of common operations, so the manifest | |||
| encodes those sequences of operations, rather than declaring the | encodes those sequences of operations, rather than declaring the | |||
| skipping to change at page 1, line 42 ¶ | skipping to change at page 1, line 42 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on June 11, 2021. | This Internet-Draft will expire on August 26, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 2, line 24 ¶ | skipping to change at page 2, line 24 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 6 | 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 6 | |||
| 3. How to use this Document . . . . . . . . . . . . . . . . . . 8 | 3. How to use this Document . . . . . . . . . . . . . . . . . . 8 | |||
| 4. Background . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 4. Background . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 4.1. IoT Firmware Update Constraints . . . . . . . . . . . . . 9 | 4.1. IoT Firmware Update Constraints . . . . . . . . . . . . . 9 | |||
| 4.2. SUIT Workflow Model . . . . . . . . . . . . . . . . . . . 10 | 4.2. SUIT Workflow Model . . . . . . . . . . . . . . . . . . . 10 | |||
| 5. Metadata Structure Overview . . . . . . . . . . . . . . . . . 11 | 5. Metadata Structure Overview . . . . . . . . . . . . . . . . . 11 | |||
| 5.1. Envelope . . . . . . . . . . . . . . . . . . . . . . . . 12 | 5.1. Envelope . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 5.2. Delegation Chains . . . . . . . . . . . . . . . . . . . . 13 | 5.2. Delegation Chains . . . . . . . . . . . . . . . . . . . . 13 | |||
| 5.3. Authentication Block . . . . . . . . . . . . . . . . . . 13 | 5.3. Authentication Block . . . . . . . . . . . . . . . . . . 13 | |||
| 5.4. Manifest . . . . . . . . . . . . . . . . . . . . . . . . 13 | 5.4. Manifest . . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
| 5.4.1. Critical Metadata . . . . . . . . . . . . . . . . . . 14 | 5.4.1. Critical Metadata . . . . . . . . . . . . . . . . . . 14 | |||
| 5.4.2. Common . . . . . . . . . . . . . . . . . . . . . . . 14 | 5.4.2. Common . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
| 5.4.3. Command Sequences . . . . . . . . . . . . . . . . . . 14 | 5.4.3. Command Sequences . . . . . . . . . . . . . . . . . . 14 | |||
| 5.4.4. Integrity Check Values . . . . . . . . . . . . . . . 15 | 5.4.4. Integrity Check Values . . . . . . . . . . . . . . . 15 | |||
| 5.4.5. Human-Readable Text . . . . . . . . . . . . . . . . . 15 | 5.4.5. Human-Readable Text . . . . . . . . . . . . . . . . . 15 | |||
| 5.5. Severable Elements . . . . . . . . . . . . . . . . . . . 15 | 5.5. Severable Elements . . . . . . . . . . . . . . . . . . . 15 | |||
| 5.6. Integrated Dependencies and Payloads . . . . . . . . . . 16 | 5.6. Integrated Dependencies and Payloads . . . . . . . . . . 16 | |||
| 6. Manifest Processor Behavior . . . . . . . . . . . . . . . . . 16 | 6. Manifest Processor Behavior . . . . . . . . . . . . . . . . . 16 | |||
| 6.1. Manifest Processor Setup . . . . . . . . . . . . . . . . 16 | 6.1. Manifest Processor Setup . . . . . . . . . . . . . . . . 16 | |||
| 6.2. Required Checks . . . . . . . . . . . . . . . . . . . . . 17 | 6.2. Required Checks . . . . . . . . . . . . . . . . . . . . . 17 | |||
| skipping to change at page 3, line 29 ¶ | skipping to change at page 3, line 29 ¶ | |||
| 8.6.3. suit-reference-uri . . . . . . . . . . . . . . . . . 38 | 8.6.3. suit-reference-uri . . . . . . . . . . . . . . . . . 38 | |||
| 8.6.4. suit-text . . . . . . . . . . . . . . . . . . . . . . 38 | 8.6.4. suit-text . . . . . . . . . . . . . . . . . . . . . . 38 | |||
| 8.7. text-version-required . . . . . . . . . . . . . . . . . . 40 | 8.7. text-version-required . . . . . . . . . . . . . . . . . . 40 | |||
| 8.7.1. suit-coswid . . . . . . . . . . . . . . . . . . . . . 40 | 8.7.1. suit-coswid . . . . . . . . . . . . . . . . . . . . . 40 | |||
| 8.7.2. suit-common . . . . . . . . . . . . . . . . . . . . . 40 | 8.7.2. suit-common . . . . . . . . . . . . . . . . . . . . . 40 | |||
| 8.7.3. SUIT_Command_Sequence . . . . . . . . . . . . . . . . 42 | 8.7.3. SUIT_Command_Sequence . . . . . . . . . . . . . . . . 42 | |||
| 8.7.4. Reporting Policy . . . . . . . . . . . . . . . . . . 44 | 8.7.4. Reporting Policy . . . . . . . . . . . . . . . . . . 44 | |||
| 8.7.5. SUIT_Parameters . . . . . . . . . . . . . . . . . . . 46 | 8.7.5. SUIT_Parameters . . . . . . . . . . . . . . . . . . . 46 | |||
| 8.7.6. SUIT_Condition . . . . . . . . . . . . . . . . . . . 56 | 8.7.6. SUIT_Condition . . . . . . . . . . . . . . . . . . . 56 | |||
| 8.7.7. SUIT_Directive . . . . . . . . . . . . . . . . . . . 60 | 8.7.7. SUIT_Directive . . . . . . . . . . . . . . . . . . . 60 | |||
| 8.7.8. Integrity Check Values . . . . . . . . . . . . . . . 67 | 8.7.8. suit-directive-garbage-collect . . . . . . . . . . . 67 | |||
| 8.8. Severable Elements . . . . . . . . . . . . . . . . . . . 67 | 8.7.9. Integrity Check Values . . . . . . . . . . . . . . . 68 | |||
| 9. Access Control Lists . . . . . . . . . . . . . . . . . . . . 68 | 8.8. Severable Elements . . . . . . . . . . . . . . . . . . . 68 | |||
| 9. Access Control Lists . . . . . . . . . . . . . . . . . . . . 69 | ||||
| 10. SUIT Digest Container . . . . . . . . . . . . . . . . . . . . 69 | 10. SUIT Digest Container . . . . . . . . . . . . . . . . . . . . 69 | |||
| 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69 | 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69 | |||
| 11.1. SUIT Commands . . . . . . . . . . . . . . . . . . . . . 69 | 11.1. SUIT Commands . . . . . . . . . . . . . . . . . . . . . 70 | |||
| 11.2. SUIT Parameters . . . . . . . . . . . . . . . . . . . . 71 | 11.2. SUIT Parameters . . . . . . . . . . . . . . . . . . . . 72 | |||
| 11.3. SUIT Text Values . . . . . . . . . . . . . . . . . . . . 73 | 11.3. SUIT Text Values . . . . . . . . . . . . . . . . . . . . 73 | |||
| 11.4. SUIT Component Text Values . . . . . . . . . . . . . . . 73 | 11.4. SUIT Component Text Values . . . . . . . . . . . . . . . 73 | |||
| 11.5. SUIT Algorithm Identifiers . . . . . . . . . . . . . . . 73 | 11.5. SUIT Algorithm Identifiers . . . . . . . . . . . . . . . 73 | |||
| 11.5.1. SUIT Digest Algorithm Identifiers . . . . . . . . . 73 | 11.5.1. SUIT Digest Algorithm Identifiers . . . . . . . . . 73 | |||
| 11.5.2. SUIT Compression Algorithm Identifiers . . . . . . . 74 | 11.5.2. SUIT Compression Algorithm Identifiers . . . . . . . 74 | |||
| 11.5.3. Unpack Algorithms . . . . . . . . . . . . . . . . . 74 | 11.5.3. Unpack Algorithms . . . . . . . . . . . . . . . . . 74 | |||
| 12. Security Considerations . . . . . . . . . . . . . . . . . . . 75 | 12. Security Considerations . . . . . . . . . . . . . . . . . . . 75 | |||
| 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 75 | 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 75 | |||
| 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 75 | 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 75 | |||
| 14.1. Normative References . . . . . . . . . . . . . . . . . . 75 | 14.1. Normative References . . . . . . . . . . . . . . . . . . 75 | |||
| skipping to change at page 4, line 4 ¶ | skipping to change at page 4, line 5 ¶ | |||
| 12. Security Considerations . . . . . . . . . . . . . . . . . . . 75 | 12. Security Considerations . . . . . . . . . . . . . . . . . . . 75 | |||
| 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 75 | 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 75 | |||
| 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 75 | 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 75 | |||
| 14.1. Normative References . . . . . . . . . . . . . . . . . . 75 | 14.1. Normative References . . . . . . . . . . . . . . . . . . 75 | |||
| 14.2. Informative References . . . . . . . . . . . . . . . . . 76 | 14.2. Informative References . . . . . . . . . . . . . . . . . 76 | |||
| Appendix A. A. Full CDDL . . . . . . . . . . . . . . . . . . . . 78 | Appendix A. A. Full CDDL . . . . . . . . . . . . . . . . . . . . 78 | |||
| Appendix B. B. Examples . . . . . . . . . . . . . . . . . . . . 87 | Appendix B. B. Examples . . . . . . . . . . . . . . . . . . . . 87 | |||
| B.1. Example 0: Secure Boot . . . . . . . . . . . . . . . . . 88 | B.1. Example 0: Secure Boot . . . . . . . . . . . . . . . . . 88 | |||
| B.2. Example 1: Simultaneous Download and Installation of | B.2. Example 1: Simultaneous Download and Installation of | |||
| Payload . . . . . . . . . . . . . . . . . . . . . . . . . 90 | Payload . . . . . . . . . . . . . . . . . . . . . . . . . 90 | |||
| B.3. Example 2: Simultaneous Download, Installation, Secure | B.3. Example 2: Simultaneous Download, Installation, Secure | |||
| Boot, Severed Fields . . . . . . . . . . . . . . . . . . 92 | Boot, Severed Fields . . . . . . . . . . . . . . . . . . 92 | |||
| B.4. Example 3: A/B images . . . . . . . . . . . . . . . . . . 96 | B.4. Example 3: A/B images . . . . . . . . . . . . . . . . . . 96 | |||
| B.5. Example 4: Load and Decompress from External Storage . . 99 | B.5. Example 4: Load and Decompress from External Storage . . 99 | |||
| B.6. Example 5: Two Images . . . . . . . . . . . . . . . . . . 102 | B.6. Example 5: Two Images . . . . . . . . . . . . . . . . . . 102 | |||
| Appendix C. C. Design Rational . . . . . . . . . . . . . . . . . 105 | Appendix C. C. Design Rational . . . . . . . . . . . . . . . . . 105 | |||
| C.1. C.1 Design Rationale: Envelope . . . . . . . . . . . . . 106 | C.1. C.1 Design Rationale: Envelope . . . . . . . . . . . . . 106 | |||
| C.2. C.2 Byte String Wrappers . . . . . . . . . . . . . . . . 107 | C.2. C.2 Byte String Wrappers . . . . . . . . . . . . . . . . 107 | |||
| Appendix D. D. Implementation Conformance Matrix . . . . . . . . 108 | Appendix D. D. Implementation Conformance Matrix . . . . . . . . 107 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 111 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 111 | |||
| 1. Introduction | 1. Introduction | |||
| A firmware update mechanism is an essential security feature for IoT | A firmware update mechanism is an essential security feature for IoT | |||
| devices to deal with vulnerabilities. While the transport of | devices to deal with vulnerabilities. While the transport of | |||
| firmware images to the devices themselves is important there are | firmware images to the devices themselves is important there are | |||
| already various techniques available. Equally important is the | already various techniques available. Equally important is the | |||
| inclusion of metadata about the conveyed firmware image (in the form | inclusion of metadata about the conveyed firmware image (in the form | |||
| of a manifest) and the use of a security wrapper to provide end-to- | of a manifest) and the use of a security wrapper to provide end-to- | |||
| skipping to change at page 15, line 18 ¶ | skipping to change at page 15, line 27 ¶ | |||
| To enable Section 5.5, there needs to be a mechanism to verify | To enable Section 5.5, there needs to be a mechanism to verify | |||
| integrity of any metadata outside the manifest. Integrity Check | integrity of any metadata outside the manifest. Integrity Check | |||
| Values are used to verify the integrity of metadata that is not | Values are used to verify the integrity of metadata that is not | |||
| contained in the manifest. This MAY include Severable Command | contained in the manifest. This MAY include Severable Command | |||
| Sequences, Concise Software Identifiers (CoSWID | Sequences, Concise Software Identifiers (CoSWID | |||
| [I-D.ietf-sacm-coswid]), or Text data. Integrated Dependencies and | [I-D.ietf-sacm-coswid]), or Text data. Integrated Dependencies and | |||
| Integrated Payloads are integrity-checked using Command Sequences, so | Integrated Payloads are integrity-checked using Command Sequences, so | |||
| they do not have Integrity Check Values present in the Manifest. | they do not have Integrity Check Values present in the Manifest. | |||
| See Section 8.7.8 for more detail. | See Section 8.7.9 for more detail. | |||
| 5.4.5. Human-Readable Text | 5.4.5. Human-Readable Text | |||
| Text is typically a Severable Element (Section 5.5). It contains all | Text is typically a Severable Element (Section 5.5). It contains all | |||
| the text that describes the update. Because text is explicitly for | the text that describes the update. Because text is explicitly for | |||
| human consumption, it is all grouped together so that it can be | human consumption, it is all grouped together so that it can be | |||
| Severed easily. The text section has space both for describing the | Severed easily. The text section has space both for describing the | |||
| manifest as a whole and for describing each individual component. | manifest as a whole and for describing each individual component. | |||
| See Section 8.6.4 for more detail. | See Section 8.6.4 for more detail. | |||
| skipping to change at page 22, line 46 ¶ | skipping to change at page 23, line 6 ¶ | |||
| | Copy | store(current, current.params[src-component]) | | | Copy | store(current, current.params[src-component]) | | |||
| | | | | | | | | |||
| | Swap | swap(current, current.params[src-component]) | | | Swap | swap(current, current.params[src-component]) | | |||
| | | | | | | | | |||
| | Wait For Event | until event(arg), wait | | | Wait For Event | until event(arg), wait | | |||
| | | | | | | | | |||
| | Run Sequence | exec(arg) | | | Run Sequence | exec(arg) | | |||
| | | | | | | | | |||
| | Run with | run(current, arg) | | | Run with | run(current, arg) | | |||
| | Arguments | | | | Arguments | | | |||
| | | | | ||||
| | Garbage Collect | garbage-collect(current) | | ||||
| +-------------------+-----------------------------------------------+ | +-------------------+-----------------------------------------------+ | |||
| 6.5. Special Cases of Component Index and Dependency Index | 6.5. Special Cases of Component Index and Dependency Index | |||
| Component Index and Dependency Index can each take on one of three | Component Index and Dependency Index can each take on one of three | |||
| types: | types: | |||
| 1. Integer | 1. Integer | |||
| 2. Array of integers | 2. Array of integers | |||
| skipping to change at page 38, line 5 ¶ | skipping to change at page 38, line 5 ¶ | |||
| can be either a CBOR structure or a SUIT_Digest. In each of these | can be either a CBOR structure or a SUIT_Digest. In each of these | |||
| cases, the SUIT_Digest provides for a severable element. Severable | cases, the SUIT_Digest provides for a severable element. Severable | |||
| elements are RECOMMENDED to implement. In particular, the human- | elements are RECOMMENDED to implement. In particular, the human- | |||
| readable text SHOULD be severable, since most useful text elements | readable text SHOULD be severable, since most useful text elements | |||
| occupy more space than a SUIT_Digest, but are not needed by the | occupy more space than a SUIT_Digest, but are not needed by the | |||
| Recipient. Because SUIT_Digest is a CBOR Array and each severable | Recipient. Because SUIT_Digest is a CBOR Array and each severable | |||
| element is a CBOR bstr, it is straight-forward for a Recipient to | element is a CBOR bstr, it is straight-forward for a Recipient to | |||
| determine whether an element has been severed. The key used for a | determine whether an element has been severed. The key used for a | |||
| severable element is the same in the SUIT_Manifest and in the | severable element is the same in the SUIT_Manifest and in the | |||
| SUIT_Envelope so that a Recipient can easily identify the correct | SUIT_Envelope so that a Recipient can easily identify the correct | |||
| data in the envelope. See Section 8.7.8 for more detail. | data in the envelope. See Section 8.7.9 for more detail. | |||
| 8.6.1. suit-manifest-version | 8.6.1. suit-manifest-version | |||
| The suit-manifest-version indicates the version of serialization used | The suit-manifest-version indicates the version of serialization used | |||
| to encode the manifest. Version 1 is the version described in this | to encode the manifest. Version 1 is the version described in this | |||
| document. suit-manifest-version is REQUIRED to implement. | document. suit-manifest-version is REQUIRED to implement. | |||
| 8.6.2. suit-manifest-sequence-number | 8.6.2. suit-manifest-sequence-number | |||
| The suit-manifest-sequence-number is a monotonically increasing anti- | The suit-manifest-sequence-number is a monotonically increasing anti- | |||
| skipping to change at page 61, line 47 ¶ | skipping to change at page 61, line 47 ¶ | |||
| | | | .7.10 | | | | | .7.10 | | |||
| | | | | | | | | | | |||
| | Wait For | suit-directive-wait | Section 8.7 | | | Wait For | suit-directive-wait | Section 8.7 | | |||
| | Event | | .7.11 | | | Event | | .7.11 | | |||
| | | | | | | | | | | |||
| | Run Sequence | suit-directive-run-sequence | Section 8.7 | | | Run Sequence | suit-directive-run-sequence | Section 8.7 | | |||
| | | | .7.12 | | | | | .7.12 | | |||
| | | | | | | | | | | |||
| | Swap | suit-directive-swap | Section 8.7 | | | Swap | suit-directive-swap | Section 8.7 | | |||
| | | | .7.13 | | | | | .7.13 | | |||
| | | | | | ||||
| | Garbage | suit-directive-garbage-collect | Section 8.7 | | ||||
| | Collect | | .8 | | ||||
| +---------------+-------------------------------------+-------------+ | +---------------+-------------------------------------+-------------+ | |||
| The abstract description of these commands is defined in Section 6.4. | The abstract description of these commands is defined in Section 6.4. | |||
| When a Recipient executes a Directive, it MUST report a result code. | When a Recipient executes a Directive, it MUST report a result code. | |||
| If the Directive reports failure, then the current Command Sequence | If the Directive reports failure, then the current Command Sequence | |||
| MUST be terminated. | MUST be terminated. | |||
| 8.7.7.1. suit-directive-set-component-index | 8.7.7.1. suit-directive-set-component-index | |||
| skipping to change at page 67, line 34 ¶ | skipping to change at page 67, line 34 ¶ | |||
| defined way. As with suit-directive-copy, if the source component is | defined way. As with suit-directive-copy, if the source component is | |||
| missing, this command fails. | missing, this command fails. | |||
| If SUIT_Parameter_Compression_Info or SUIT_Parameter_Encryption_Info | If SUIT_Parameter_Compression_Info or SUIT_Parameter_Encryption_Info | |||
| are present, they MUST be handled in a symmetric way, so that the | are present, they MUST be handled in a symmetric way, so that the | |||
| source is decompressed into the destination and the destination is | source is decompressed into the destination and the destination is | |||
| compressed into the source. The source is decrypted into the | compressed into the source. The source is decrypted into the | |||
| destination and the destination is encrypted into the source. suit- | destination and the destination is encrypted into the source. suit- | |||
| directive-swap is OPTIONAL to implement. | directive-swap is OPTIONAL to implement. | |||
| 8.7.8. Integrity Check Values | 8.7.8. suit-directive-garbage-collect | |||
| suit-directive-garbage-collect marks the current component as unused | ||||
| in the current manifest. This can be used to remove temporary | ||||
| storage or remove components that are no longer needed. Example use | ||||
| cases: | ||||
| - Temporary storage for encrypted download | ||||
| - Temporary storage for verifying decompressed file before writing | ||||
| to flash | ||||
| - Removing Trusted Service no longer needed by Trusted Application | ||||
| Once the current Command Sequence is complete, the manifest | ||||
| processors checks each marked component to see whether any other | ||||
| manifests have referenced it. Those marked components with no other | ||||
| references are deleted. The manifest processor MAY choose to ignore | ||||
| a Garbage Collect directive depending on device policy. | ||||
| suit-directive-garbage-collect is OPTIONAL to implement in manifest | ||||
| processors. | ||||
| 8.7.9. Integrity Check Values | ||||
| When the CoSWID, Text section, or any Command Sequence of the Update | When the CoSWID, Text section, or any Command Sequence of the Update | |||
| Procedure is made severable, it is moved to the Envelope and replaced | Procedure is made severable, it is moved to the Envelope and replaced | |||
| with a SUIT_Digest. The SUIT_Digest is computed over the entire bstr | with a SUIT_Digest. The SUIT_Digest is computed over the entire bstr | |||
| enclosing the Manifest element that has been moved to the Envelope. | enclosing the Manifest element that has been moved to the Envelope. | |||
| Each element that is made severable from the Manifest is placed in | Each element that is made severable from the Manifest is placed in | |||
| the Envelope. The keys for the envelope elements have the same | the Envelope. The keys for the envelope elements have the same | |||
| values as the keys for the manifest elements. | values as the keys for the manifest elements. | |||
| Each Integrity Check Value covers the corresponding Envelope Element | Each Integrity Check Value covers the corresponding Envelope Element | |||
| skipping to change at page 69, line 20 ¶ | skipping to change at page 69, line 46 ¶ | |||
| digest data. Some forms of digest may require additional parameters. | digest data. Some forms of digest may require additional parameters. | |||
| These can be added following the digest. | These can be added following the digest. | |||
| The SUIT digest is a CBOR List containing two elements: a suit- | The SUIT digest is a CBOR List containing two elements: a suit- | |||
| digest-algorithm-id and a bstr containing the bytes of the digest. | digest-algorithm-id and a bstr containing the bytes of the digest. | |||
| 11. IANA Considerations | 11. IANA Considerations | |||
| IANA is requested to: | IANA is requested to: | |||
| - allocate CBOR tag 48 in the CBOR Tags registry for the SUIT | - allocate CBOR tag 107 in the CBOR Tags registry for the SUIT | |||
| Envelope. | Envelope. | |||
| - allocate CBOR tag 480 in the CBOR Tags registry for the SUIT | - allocate CBOR tag 1070 in the CBOR Tags registry for the SUIT | |||
| Manifest. | Manifest. | |||
| - allocate media type application/suit-envelope in the Media Types | - allocate media type application/suit-envelope in the Media Types | |||
| registry. | registry. | |||
| - setup several registries as described below. | - setup several registries as described below. | |||
| IANA is requested to setup a registry for SUIT manifests. Several | IANA is requested to setup a registry for SUIT manifests. Several | |||
| registries defined in the subsections below need to be created. | registries defined in the subsections below need to be created. | |||
| skipping to change at page 71, line 19 ¶ | skipping to change at page 71, line 46 ¶ | |||
| | | Event | | | | | | Event | | | | |||
| | | | | | | | | | | | | |||
| | 30 | Fetch URI | Section 8.7.7.8 | | | | 30 | Fetch URI | Section 8.7.7.8 | | | |||
| | | List | | | | | | List | | | | |||
| | | | | | | | | | | | | |||
| | 31 | Swap | Section 8.7.7.13 | | | | 31 | Swap | Section 8.7.7.13 | | | |||
| | | | | | | | | | | | | |||
| | 32 | Run | Section 8.7.7.12 | | | | 32 | Run | Section 8.7.7.12 | | | |||
| | | Sequence | | | | | | Sequence | | | | |||
| | | | | | | | | | | | | |||
| | 33 | Garbage | Section 8.7.8 | | | ||||
| | | Collect | | | | ||||
| | | | | | | ||||
| | nint | Custom | Section 8.7.6.10 | | | | nint | Custom | Section 8.7.6.10 | | | |||
| | | Condition | | | | | | Condition | | | | |||
| +-------+------------+-----------------------------------+----------+ | +-------+------------+-----------------------------------+----------+ | |||
| 11.2. SUIT Parameters | 11.2. SUIT Parameters | |||
| +-------+------------------+---------------------------+ | +-------+------------------+---------------------------+ | |||
| | Label | Name | Reference | | | Label | Name | Reference | | |||
| +-------+------------------+---------------------------+ | +-------+------------------+---------------------------+ | |||
| | 1 | Vendor ID | Section 8.7.5.3 | | | 1 | Vendor ID | Section 8.7.5.3 | | |||
| | | | | | | | | | | |||
| | 2 | Class ID | Section 8.7.5.4 | | | 2 | Class ID | Section 8.7.5.4 | | |||
| | | | | | | | | | | |||
| | 3 | Image Digest | Section 8.7.5.6 | | | 3 | Image Digest | Section 8.7.5.6 | | |||
| | | | | | | | | | | |||
| | 4 | Use Before | Section 8.7.5.8 | | | 4 | Use Before | Section 8.7.5.8 | | |||
| skipping to change at page 76, line 38 ¶ | skipping to change at page 76, line 38 ¶ | |||
| [ELF] Wikipedia, ., "Executable and Linkable Format (ELF)", | [ELF] Wikipedia, ., "Executable and Linkable Format (ELF)", | |||
| 2020, <https://en.wikipedia.org/wiki/ | 2020, <https://en.wikipedia.org/wiki/ | |||
| Executable_and_Linkable_Format>. | Executable_and_Linkable_Format>. | |||
| [HEX] Wikipedia, ., "Intel HEX", 2020, | [HEX] Wikipedia, ., "Intel HEX", 2020, | |||
| <https://en.wikipedia.org/wiki/Intel_HEX>. | <https://en.wikipedia.org/wiki/Intel_HEX>. | |||
| [I-D.ietf-cbor-tags-oid] | [I-D.ietf-cbor-tags-oid] | |||
| Bormann, C. and S. Leonard, "Concise Binary Object | Bormann, C. and S. Leonard, "Concise Binary Object | |||
| Representation (CBOR) Tags for Object Identifiers", draft- | Representation (CBOR) Tags for Object Identifiers", draft- | |||
| ietf-cbor-tags-oid-03 (work in progress), November 2020. | ietf-cbor-tags-oid-04 (work in progress), January 2021. | |||
| [I-D.ietf-sacm-coswid] | [I-D.ietf-sacm-coswid] | |||
| Birkholz, H., Fitzgerald-McKay, J., Schmidt, C., and D. | Birkholz, H., Fitzgerald-McKay, J., Schmidt, C., and D. | |||
| Waltermire, "Concise Software Identification Tags", draft- | Waltermire, "Concise Software Identification Tags", draft- | |||
| ietf-sacm-coswid-16 (work in progress), November 2020. | ietf-sacm-coswid-16 (work in progress), November 2020. | |||
| [I-D.ietf-suit-architecture] | [I-D.ietf-suit-architecture] | |||
| Moran, B., Tschofenig, H., Brown, D., and M. Meriac, "A | Moran, B., Tschofenig, H., Brown, D., and M. Meriac, "A | |||
| Firmware Update Architecture for Internet of Things", | Firmware Update Architecture for Internet of Things", | |||
| draft-ietf-suit-architecture-14 (work in progress), | draft-ietf-suit-architecture-15 (work in progress), | |||
| October 2020. | January 2021. | |||
| [I-D.ietf-suit-information-model] | [I-D.ietf-suit-information-model] | |||
| Moran, B., Tschofenig, H., and H. Birkholz, "An | Moran, B., Tschofenig, H., and H. Birkholz, "An | |||
| Information Model for Firmware Updates in IoT Devices", | Information Model for Firmware Updates in IoT Devices", | |||
| draft-ietf-suit-information-model-08 (work in progress), | draft-ietf-suit-information-model-08 (work in progress), | |||
| October 2020. | October 2020. | |||
| [I-D.ietf-teep-architecture] | [I-D.ietf-teep-architecture] | |||
| Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, | Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, | |||
| "Trusted Execution Environment Provisioning (TEEP) | "Trusted Execution Environment Provisioning (TEEP) | |||
| Architecture", draft-ietf-teep-architecture-13 (work in | Architecture", draft-ietf-teep-architecture-13 (work in | |||
| progress), November 2020. | progress), November 2020. | |||
| [I-D.kucherawy-rfc8478bis] | [I-D.kucherawy-rfc8478bis] | |||
| Collet, Y. and M. Kucherawy, "Zstandard Compression and | Collet, Y. and M. Kucherawy, "Zstandard Compression and | |||
| the application/zstd Media Type", draft-kucherawy- | the application/zstd Media Type", draft-kucherawy- | |||
| rfc8478bis-05 (work in progress), April 2020. | rfc8478bis-06 (work in progress), December 2020. | |||
| [RFC1950] Deutsch, P. and J-L. Gailly, "ZLIB Compressed Data Format | [RFC1950] Deutsch, P. and J-L. Gailly, "ZLIB Compressed Data Format | |||
| Specification version 3.3", RFC 1950, | Specification version 3.3", RFC 1950, | |||
| DOI 10.17487/RFC1950, May 1996, | DOI 10.17487/RFC1950, May 1996, | |||
| <https://www.rfc-editor.org/info/rfc1950>. | <https://www.rfc-editor.org/info/rfc1950>. | |||
| [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for | [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for | |||
| Constrained-Node Networks", RFC 7228, | Constrained-Node Networks", RFC 7228, | |||
| DOI 10.17487/RFC7228, May 2014, | DOI 10.17487/RFC7228, May 2014, | |||
| <https://www.rfc-editor.org/info/rfc7228>. | <https://www.rfc-editor.org/info/rfc7228>. | |||
| skipping to change at page 81, line 32 ¶ | skipping to change at page 81, line 32 ¶ | |||
| SUIT_Directive //= (suit-directive-set-parameters, | SUIT_Directive //= (suit-directive-set-parameters, | |||
| {+ SUIT_Parameters}) | {+ SUIT_Parameters}) | |||
| SUIT_Directive //= (suit-directive-override-parameters, | SUIT_Directive //= (suit-directive-override-parameters, | |||
| {+ SUIT_Parameters}) | {+ SUIT_Parameters}) | |||
| SUIT_Directive //= (suit-directive-fetch, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-fetch, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-copy, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-copy, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-swap, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-swap, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-run, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-run, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-wait, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-wait, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-fetch-uri-list, SUIT_Rep_Policy) | SUIT_Directive //= (suit-directive-fetch-uri-list, SUIT_Rep_Policy) | |||
| SUIT_Directive //= (suit-directive-garbage-collect, SUIT_Rep_Policy) | ||||
| SUIT_Directive_Try_Each_Argument = [ | SUIT_Directive_Try_Each_Argument = [ | |||
| + bstr .cbor SUIT_Command_Sequence, | + bstr .cbor SUIT_Command_Sequence, | |||
| nil / bstr .cbor SUIT_Command_Sequence | nil / bstr .cbor SUIT_Command_Sequence | |||
| ] | ] | |||
| SUIT_Rep_Policy = uint .bits suit-reporting-bits | SUIT_Rep_Policy = uint .bits suit-reporting-bits | |||
| suit-reporting-bits = &( | suit-reporting-bits = &( | |||
| suit-send-record-success : 0, | suit-send-record-success : 0, | |||
| skipping to change at page 85, line 47 ¶ | skipping to change at page 85, line 47 ¶ | |||
| suit-condition-abort = 14 | suit-condition-abort = 14 | |||
| suit-condition-device-identifier = 24 | suit-condition-device-identifier = 24 | |||
| suit-condition-image-not-match = 25 | suit-condition-image-not-match = 25 | |||
| suit-condition-minimum-battery = 26 | suit-condition-minimum-battery = 26 | |||
| suit-condition-update-authorized = 27 | suit-condition-update-authorized = 27 | |||
| suit-condition-version = 28 | suit-condition-version = 28 | |||
| suit-directive-set-component-index = 12 | suit-directive-set-component-index = 12 | |||
| suit-directive-set-dependency-index = 13 | suit-directive-set-dependency-index = 13 | |||
| suit-directive-try-each = 15 | suit-directive-try-each = 15 | |||
| ;suit-directive-do-each = 16 ; TBD | ||||
| ;suit-directive-map-filter = 17 ; TBD | ||||
| suit-directive-process-dependency = 18 | suit-directive-process-dependency = 18 | |||
| suit-directive-set-parameters = 19 | suit-directive-set-parameters = 19 | |||
| suit-directive-override-parameters = 20 | suit-directive-override-parameters = 20 | |||
| suit-directive-fetch = 21 | suit-directive-fetch = 21 | |||
| suit-directive-copy = 22 | suit-directive-copy = 22 | |||
| suit-directive-run = 23 | suit-directive-run = 23 | |||
| suit-directive-wait = 29 | suit-directive-wait = 29 | |||
| suit-directive-fetch-uri-list = 30 | suit-directive-fetch-uri-list = 30 | |||
| suit-directive-swap = 31 | suit-directive-swap = 31 | |||
| suit-directive-run-sequence = 32 | suit-directive-run-sequence = 32 | |||
| suit-directive-garbage-collect = 33 | ||||
| suit-wait-event-authorization = 1 | suit-wait-event-authorization = 1 | |||
| suit-wait-event-power = 2 | suit-wait-event-power = 2 | |||
| suit-wait-event-network = 3 | suit-wait-event-network = 3 | |||
| suit-wait-event-other-device-version = 4 | suit-wait-event-other-device-version = 4 | |||
| suit-wait-event-time = 5 | suit-wait-event-time = 5 | |||
| suit-wait-event-time-of-day = 6 | suit-wait-event-time-of-day = 6 | |||
| suit-wait-event-day-of-week = 7 | suit-wait-event-day-of-week = 7 | |||
| suit-parameter-vendor-identifier = 1 | suit-parameter-vendor-identifier = 1 | |||
| skipping to change at page 88, line 50 ¶ | skipping to change at page 88, line 50 ¶ | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| It also serves as the minimum example. | It also serves as the minimum example. | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'5c097ef64bf3bb9b494e71e1f2418eef8d466cc902f639a855ec9af3e9eddb99' | h'5c097ef64bf3bb9b494e71e1f2418eef8d466cc902f639a855ec9af3e9eddb99' | |||
| ]) signatures: [ | ]), | |||
| bstr .cbor (18([ | signature: bstr .cbor (18([ | |||
| / protected / bstr .cbor ({ | / protected / bstr .cbor ({ | |||
| / alg / 1:-7 / "ES256" /, | / alg / 1:-7 / "ES256" /, | |||
| }), | }), | |||
| / unprotected / { | / unprotected / { | |||
| }, | }, | |||
| / payload / bstr .cbor ([ | / payload / F6 / nil /, | |||
| / algorithm-id / 2 / "sha256" /, | / signature / h'a19fd1f23b17beed321cece7423dfb48c457b8 | |||
| / digest-bytes / | f1f6ac83577a3c10c6773f6f3a7902376b59540920b6c5f57bac5fc8543d8f5d3d974f | |||
| h'5c097ef64bf3bb9b494e71e1f2418eef8d466cc902f639a855ec9af3e9eddb99' | aa2e6d03daa534b443a7' | |||
| ]), | ])) | |||
| / signature / h'60f5c3d03a3aa759bfef2ef0f5f97a93b1 | ||||
| f5e741f7463f4385af88513a5c2957bea2d6c4cfddd03392a267aab0fc0fd515560ed5 | ||||
| 8e33fad26ac32a024c5a7143' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ]), | |||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:0, | / manifest-sequence-number / 2:0, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] | [h'00'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| / directive-override-parameters / 20,{ | / directive-override-parameters / 20,{ | |||
| / vendor-id / | / vendor-id / | |||
| skipping to change at page 90, line 8 ¶ | skipping to change at page 90, line 4 ¶ | |||
| / condition-class-identifier / 2,15 | / condition-class-identifier / 2,15 | |||
| ]), | ]), | |||
| }), | }), | |||
| / validate / 10:bstr .cbor ([ | / validate / 10:bstr .cbor ([ | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| / run / 12:bstr .cbor ([ | / run / 12:bstr .cbor ([ | |||
| / directive-run / 23,2 | / directive-run / 23,2 | |||
| ]), | ]), | |||
| }), | }), | |||
| } | } | |||
| Total size of Envelope without COSE authentication object: 159 | Total size of Envelope without COSE authentication object: 159 | |||
| Envelope: | Envelope: | |||
| a2025827815824820258205c097ef64bf3bb9b494e71e1f2418eef8d466c | a2025827815824820258205c097ef64bf3bb9b494e71e1f2418eef8d466c | |||
| c902f639a855ec9af3e9eddb99035871a50101020003585fa20281814100 | c902f639a855ec9af3e9eddb99035871a50101020003585fa20281814100 | |||
| 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | |||
| 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | |||
| bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f0a | bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f0a | |||
| 4382030f0c43821702 | 4382030f0c43821702 | |||
| Total size of Envelope with COSE authentication object: 272 | Total size of Envelope with COSE authentication object: 235 | |||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a2025898825824820258205c097ef64bf3bb9b494e71e1f2418eef8d466c | a2025873825824820258205c097ef64bf3bb9b494e71e1f2418eef8d466c | |||
| c902f639a855ec9af3e9eddb99586fd28443a10126a05824820258205c09 | c902f639a855ec9af3e9eddb99584ad28443a10126a0f65840a19fd1f23b | |||
| 7ef64bf3bb9b494e71e1f2418eef8d466cc902f639a855ec9af3e9eddb99 | 17beed321cece7423dfb48c457b8f1f6ac83577a3c10c6773f6f3a790237 | |||
| 584060f5c3d03a3aa759bfef2ef0f5f97a93b1f5e741f7463f4385af8851 | 6b59540920b6c5f57bac5fc8543d8f5d3d974faa2e6d03daa534b443a703 | |||
| 3a5c2957bea2d6c4cfddd03392a267aab0fc0fd515560ed58e33fad26ac3 | 5871a50101020003585fa202818141000458568614a40150fa6b4a53d5ad | |||
| 2a024c5a7143035871a50101020003585fa202818141000458568614a401 | 5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d51f2ab450358 | |||
| 50fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b | 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | |||
| 2d51f2ab450358248202582000112233445566778899aabbccddeeff0123 | dcba98765432100e1987d0010f020f0a4382030f0c43821702 | |||
| 456789abcdeffedcba98765432100e1987d0010f020f0a4382030f0c4382 | ||||
| 1702 | ||||
| B.2. Example 1: Simultaneous Download and Installation of Payload | B.2. Example 1: Simultaneous Download and Installation of Payload | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| Simultaneous download and installation of payload. No secure boot is | Simultaneous download and installation of payload. No secure boot is | |||
| present in this example to demonstrate a download-only manifest. | present in this example to demonstrate a download-only manifest. | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'987eec85fa99fd31d332381b9810f90b05c2e0d4f284a6f4211207ed00fff750' | ||||
| ]) signatures: [ | ||||
| bstr .cbor (18([ | ||||
| / protected / bstr .cbor ({ | ||||
| / alg / 1:-7 / "ES256" /, | ||||
| }), | ||||
| / unprotected / { | ||||
| }, | ||||
| / payload / bstr .cbor ([ | ||||
| / algorithm-id / 2 / "sha256" /, | ||||
| / digest-bytes / | ||||
| h'987eec85fa99fd31d332381b9810f90b05c2e0d4f284a6f4211207ed00fff750' | h'987eec85fa99fd31d332381b9810f90b05c2e0d4f284a6f4211207ed00fff750' | |||
| ]), | ]), | |||
| / signature / h'750141d65b4f20a88dc70c6785a67e0f4f | signature: bstr .cbor (18([ | |||
| 085aead83ba2289d6e37271508cc91e0a0592f5c940c2257c9c0b26403c0ba4477f2ce | / protected / bstr .cbor ({ | |||
| 37b60089fe02cde7911d1c15' | / alg / 1:-7 / "ES256" /, | |||
| ])) | }), | |||
| / unprotected / { | ||||
| }, | ||||
| / payload / F6 / nil /, | ||||
| / signature / h'0008d2678ddda1afd6846cb9272f539a789e4c | ||||
| ed4c874774e58dbe4cf1607e755668029ad6383d4e14c72083ba43002fe3f5cda48859 | ||||
| 90c9b59135976b80ebc9' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ]), | |||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:1, | / manifest-sequence-number / 2:1, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] | [h'00'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| / directive-override-parameters / 20,{ | / directive-override-parameters / 20,{ | |||
| / vendor-id / | / vendor-id / | |||
| skipping to change at page 92, line 14 ¶ | skipping to change at page 92, line 4 ¶ | |||
| / directive-fetch / 21,2 , | / directive-fetch / 21,2 , | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| / validate / 10:bstr .cbor ([ | / validate / 10:bstr .cbor ([ | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| }), | }), | |||
| } | } | |||
| Total size of Envelope without COSE authentication object: 194 | Total size of Envelope without COSE authentication object: 194 | |||
| Envelope: | Envelope: | |||
| a202582781582482025820987eec85fa99fd31d332381b9810f90b05c2e0 | a202582781582482025820987eec85fa99fd31d332381b9810f90b05c2e0 | |||
| d4f284a6f4211207ed00fff750035894a50101020103585fa20281814100 | d4f284a6f4211207ed00fff750035894a50101020103585fa20281814100 | |||
| 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | |||
| 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | |||
| bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f09 | bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f09 | |||
| 58258613a115781b687474703a2f2f6578616d706c652e636f6d2f66696c | 58258613a115781b687474703a2f2f6578616d706c652e636f6d2f66696c | |||
| 652e62696e1502030f0a4382030f | 652e62696e1502030f0a4382030f | |||
| Total size of Envelope with COSE authentication object: 307 | Total size of Envelope with COSE authentication object: 270 | |||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a202589882582482025820987eec85fa99fd31d332381b9810f90b05c2e0 | a202587382582482025820987eec85fa99fd31d332381b9810f90b05c2e0 | |||
| d4f284a6f4211207ed00fff750586fd28443a10126a0582482025820987e | d4f284a6f4211207ed00fff750584ad28443a10126a0f658400008d2678d | |||
| ec85fa99fd31d332381b9810f90b05c2e0d4f284a6f4211207ed00fff750 | dda1afd6846cb9272f539a789e4ced4c874774e58dbe4cf1607e75566802 | |||
| 5840750141d65b4f20a88dc70c6785a67e0f4f085aead83ba2289d6e3727 | 9ad6383d4e14c72083ba43002fe3f5cda4885990c9b59135976b80ebc903 | |||
| 1508cc91e0a0592f5c940c2257c9c0b26403c0ba4477f2ce37b60089fe02 | 5894a50101020103585fa202818141000458568614a40150fa6b4a53d5ad | |||
| cde7911d1c15035894a50101020103585fa202818141000458568614a401 | 5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d51f2ab450358 | |||
| 50fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b | 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | |||
| 2d51f2ab450358248202582000112233445566778899aabbccddeeff0123 | dcba98765432100e1987d0010f020f0958258613a115781b687474703a2f | |||
| 456789abcdeffedcba98765432100e1987d0010f020f0958258613a11578 | 2f6578616d706c652e636f6d2f66696c652e62696e1502030f0a4382030f | |||
| 1b687474703a2f2f6578616d706c652e636f6d2f66696c652e62696e1502 | ||||
| 030f0a4382030f | ||||
| B.3. Example 2: Simultaneous Download, Installation, Secure Boot, | B.3. Example 2: Simultaneous Download, Installation, Secure Boot, | |||
| Severed Fields | Severed Fields | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| skipping to change at page 93, line 4 ¶ | skipping to change at page 92, line 38 ¶ | |||
| B.3. Example 2: Simultaneous Download, Installation, Secure Boot, | B.3. Example 2: Simultaneous Download, Installation, Secure Boot, | |||
| Severed Fields | Severed Fields | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| This example also demonstrates severable elements (Section 5.5), and | This example also demonstrates severable elements (Section 5.5), and | |||
| text (Section 8.6.4). | text (Section 8.6.4). | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'75685579a83babd71ec8ef22fa49ac873f78a708a43a674e782ad30b6598d17a' | h'78fa7652e377d31dcd7e95730c885ef13b6ee394d586410aa5fd0aca1f299d34' | |||
| ]) signatures: [ | ]), | |||
| bstr .cbor (18([ | signature: bstr .cbor (18([ | |||
| / protected / bstr .cbor ({ | / protected / bstr .cbor ({ | |||
| / alg / 1:-7 / "ES256" /, | / alg / 1:-7 / "ES256" /, | |||
| }), | ||||
| / unprotected / { | }), | |||
| }, | / unprotected / { | |||
| / payload / bstr .cbor ([ | }, | |||
| / algorithm-id / 2 / "sha256" /, | / payload / F6 / nil /, | |||
| / digest-bytes / | / signature / h'1aa5bf99688b5d6a1211fd9c99bdd409b64cd6 | |||
| h'75685579a83babd71ec8ef22fa49ac873f78a708a43a674e782ad30b6598d17a' | add316ff87029a81faf682f93c5fb94863eebdfd17a6fcfed729ffa9735a624ce7edb5 | |||
| ]), | 65cba26ff7a5bd6a779d' | |||
| / signature / h'861b9bfb449125742baa648bc9d148cba4 | ])) | |||
| 5519cca8efecf705c2165ecdecaeba8b6ce2131284e66708788d741e8779d5973fa8e2 | ||||
| 5da49eb203c81920719da949' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ]), | |||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:2, | / manifest-sequence-number / 2:2, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] | [h'00'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| / directive-override-parameters / 20,{ | / directive-override-parameters / 20,{ | |||
| / vendor-id / | / vendor-id / | |||
| skipping to change at page 94, line 22 ¶ | skipping to change at page 94, line 5 ¶ | |||
| ], | ], | |||
| / validate / 10:bstr .cbor ([ | / validate / 10:bstr .cbor ([ | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| / run / 12:bstr .cbor ([ | / run / 12:bstr .cbor ([ | |||
| / directive-run / 23,2 | / directive-run / 23,2 | |||
| ]), | ]), | |||
| / text / 13:[ | / text / 13:[ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'23f48b2e2838650f43c144234aee18401ffe3cce4733b23881c3a8ae2d2b66e8' | h'2bfc4d0cc6680be7dd9f5ca30aa2bb5d1998145de33d54101b80e2ca49faf918' | |||
| ], | ], | |||
| }), | }), | |||
| / install / 9:bstr .cbor ([ | / install / 9:bstr .cbor ([ | |||
| / directive-set-parameters / 19,{ | / directive-set-parameters / 19,{ | |||
| / uri / | / uri / | |||
| 21:'http://example.com/very/long/path/to/file/file.bin', | 21:'http://example.com/very/long/path/to/file/file.bin', | |||
| } , | } , | |||
| / directive-fetch / 21,2 , | / directive-fetch / 21,2 , | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| skipping to change at page 95, line 5 ¶ | skipping to change at page 94, line 30 ¶ | |||
| demonstration. The digest is a sample pattern, not a real one.', | demonstration. The digest is a sample pattern, not a real one.', | |||
| } | } | |||
| }), | }), | |||
| } | } | |||
| Total size of the Envelope without COSE authentication object or | Total size of the Envelope without COSE authentication object or | |||
| Severable Elements: 233 | Severable Elements: 233 | |||
| Envelope: | Envelope: | |||
| a20258278158248202582075685579a83babd71ec8ef22fa49ac873f78a7 | a20258278158248202582078fa7652e377d31dcd7e95730c885ef13b6ee3 | |||
| 08a43a674e782ad30b6598d17a0358bba70101020203585fa20281814100 | 94d586410aa5fd0aca1f299d340358bba70101020203585fa20281814100 | |||
| 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | 0458568614a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af14 | |||
| 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | 25695e48bf429b2d51f2ab450358248202582000112233445566778899aa | |||
| bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f09 | bbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f09 | |||
| 820258203ee96dc79641970ae46b929ccf0b72ba9536dd846020dbdc9f94 | 820258203ee96dc79641970ae46b929ccf0b72ba9536dd846020dbdc9f94 | |||
| 9d84ea0e18d20a4382030f0c438217020d8202582023f48b2e2838650f43 | 9d84ea0e18d20a4382030f0c438217020d820258202bfc4d0cc6680be7dd | |||
| c144234aee18401ffe3cce4733b23881c3a8ae2d2b66e8 | 9f5ca30aa2bb5d1998145de33d54101b80e2ca49faf918 | |||
| Total size of the Envelope with COSE authentication object but | Total size of the Envelope with COSE authentication object but | |||
| without Severable Elements: 346 | without Severable Elements: 309 | |||
| Envelope: | Envelope: | |||
| a20258988258248202582075685579a83babd71ec8ef22fa49ac873f78a7 | a20258738258248202582078fa7652e377d31dcd7e95730c885ef13b6ee3 | |||
| 08a43a674e782ad30b6598d17a586fd28443a10126a05824820258207568 | 94d586410aa5fd0aca1f299d34584ad28443a10126a0f658401aa5bf9968 | |||
| 5579a83babd71ec8ef22fa49ac873f78a708a43a674e782ad30b6598d17a | 8b5d6a1211fd9c99bdd409b64cd6add316ff87029a81faf682f93c5fb948 | |||
| 5840861b9bfb449125742baa648bc9d148cba45519cca8efecf705c2165e | 63eebdfd17a6fcfed729ffa9735a624ce7edb565cba26ff7a5bd6a779d03 | |||
| cdecaeba8b6ce2131284e66708788d741e8779d5973fa8e25da49eb203c8 | 58bba70101020203585fa202818141000458568614a40150fa6b4a53d5ad | |||
| 1920719da9490358bba70101020203585fa202818141000458568614a401 | 5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d51f2ab450358 | |||
| 50fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b | 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | |||
| 2d51f2ab450358248202582000112233445566778899aabbccddeeff0123 | dcba98765432100e1987d0010f020f09820258203ee96dc79641970ae46b | |||
| 456789abcdeffedcba98765432100e1987d0010f020f09820258203ee96d | 929ccf0b72ba9536dd846020dbdc9f949d84ea0e18d20a4382030f0c4382 | |||
| c79641970ae46b929ccf0b72ba9536dd846020dbdc9f949d84ea0e18d20a | 17020d820258202bfc4d0cc6680be7dd9f5ca30aa2bb5d1998145de33d54 | |||
| 4382030f0c438217020d8202582023f48b2e2838650f43c144234aee1840 | 101b80e2ca49faf918 | |||
| 1ffe3cce4733b23881c3a8ae2d2b66e8 | ||||
| Total size of Envelope with COSE authentication object: 929 | Total size of Envelope with COSE authentication object and Severable | |||
| Elements: 892 | ||||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a40258988258248202582075685579a83babd71ec8ef22fa49ac873f78a7 | a40258738258248202582078fa7652e377d31dcd7e95730c885ef13b6ee3 | |||
| 08a43a674e782ad30b6598d17a586fd28443a10126a05824820258207568 | 94d586410aa5fd0aca1f299d34584ad28443a10126a0f658401aa5bf9968 | |||
| 5579a83babd71ec8ef22fa49ac873f78a708a43a674e782ad30b6598d17a | 8b5d6a1211fd9c99bdd409b64cd6add316ff87029a81faf682f93c5fb948 | |||
| 5840861b9bfb449125742baa648bc9d148cba45519cca8efecf705c2165e | 63eebdfd17a6fcfed729ffa9735a624ce7edb565cba26ff7a5bd6a779d03 | |||
| cdecaeba8b6ce2131284e66708788d741e8779d5973fa8e25da49eb203c8 | 58bba70101020203585fa202818141000458568614a40150fa6b4a53d5ad | |||
| 1920719da9490358bba70101020203585fa202818141000458568614a401 | 5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d51f2ab450358 | |||
| 50fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b | 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | |||
| 2d51f2ab450358248202582000112233445566778899aabbccddeeff0123 | dcba98765432100e1987d0010f020f09820258203ee96dc79641970ae46b | |||
| 456789abcdeffedcba98765432100e1987d0010f020f09820258203ee96d | 929ccf0b72ba9536dd846020dbdc9f949d84ea0e18d20a4382030f0c4382 | |||
| c79641970ae46b929ccf0b72ba9536dd846020dbdc9f949d84ea0e18d20a | 17020d820258202bfc4d0cc6680be7dd9f5ca30aa2bb5d1998145de33d54 | |||
| 4382030f0c438217020d8202582023f48b2e2838650f43c144234aee1840 | 101b80e2ca49faf91809583c8613a1157832687474703a2f2f6578616d70 | |||
| 1ffe3cce4733b23881c3a8ae2d2b66e809583c8613a1157832687474703a | 6c652e636f6d2f766572792f6c6f6e672f706174682f746f2f66696c652f | |||
| 2f2f6578616d706c652e636f6d2f766572792f6c6f6e672f706174682f74 | 66696c652e62696e1502030f0d590204a20179019d2323204578616d706c | |||
| 6f2f66696c652f66696c652e62696e1502030f0d590204a20179019d2323 | 6520323a2053696d756c74616e656f757320446f776e6c6f61642c20496e | |||
| 204578616d706c6520323a2053696d756c74616e656f757320446f776e6c | 7374616c6c6174696f6e2c2053656375726520426f6f742c205365766572 | |||
| 6f61642c20496e7374616c6c6174696f6e2c2053656375726520426f6f74 | 6564204669656c64730a0a2020202054686973206578616d706c6520636f | |||
| 2c2053657665726564204669656c64730a0a202020205468697320657861 | 766572732074686520666f6c6c6f77696e672074656d706c617465733a0a | |||
| 6d706c6520636f766572732074686520666f6c6c6f77696e672074656d70 | 202020200a202020202a20436f6d7061746962696c69747920436865636b | |||
| 6c617465733a0a202020200a202020202a20436f6d7061746962696c6974 | 20287b7b74656d706c6174652d636f6d7061746962696c6974792d636865 | |||
| 7920436865636b20287b7b74656d706c6174652d636f6d7061746962696c | 636b7d7d290a202020202a2053656375726520426f6f7420287b7b74656d | |||
| 6974792d636865636b7d7d290a202020202a2053656375726520426f6f74 | 706c6174652d7365637572652d626f6f747d7d290a202020202a20466972 | |||
| 20287b7b74656d706c6174652d7365637572652d626f6f747d7d290a2020 | 6d7761726520446f776e6c6f616420287b7b6669726d776172652d646f77 | |||
| 20202a204669726d7761726520446f776e6c6f616420287b7b6669726d77 | 6e6c6f61642d74656d706c6174657d7d290a202020200a20202020546869 | |||
| 6172652d646f776e6c6f61642d74656d706c6174657d7d290a202020200a | 73206578616d706c6520616c736f2064656d6f6e73747261746573207365 | |||
| 2020202054686973206578616d706c6520616c736f2064656d6f6e737472 | 76657261626c6520656c656d656e747320287b7b6f76722d736576657261 | |||
| 6174657320736576657261626c6520656c656d656e747320287b7b6f7672 | 626c657d7d292c20616e64207465787420287b7b6d616e69666573742d64 | |||
| 2d736576657261626c657d7d292c20616e64207465787420287b7b6d616e | 69676573742d746578747d7d292e814100a2036761726d2e636f6d057852 | |||
| 69666573742d6469676573742d746578747d7d292e814100a2036761726d | 5468697320636f6d706f6e656e7420697320612064656d6f6e7374726174 | |||
| 2e636f6d0578525468697320636f6d706f6e656e7420697320612064656d | 696f6e2e205468652064696765737420697320612073616d706c65207061 | |||
| 6f6e7374726174696f6e2e20546865206469676573742069732061207361 | 747465726e2c206e6f742061207265616c206f6e652e | |||
| 6d706c65207061747465726e2c206e6f742061207265616c206f6e652e | ||||
| B.4. Example 3: A/B images | B.4. Example 3: A/B images | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| - A/B Image Template (Section 7.11) | - A/B Image Template (Section 7.11) | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'ae0c1ea689c9800a843550f38796b6fdbd52a0c78be5d26011d8e784da43d47c' | h'ae0c1ea689c9800a843550f38796b6fdbd52a0c78be5d26011d8e784da43d47c' | |||
| ]) signatures: [ | ]), | |||
| bstr .cbor (18([ | signature: bstr .cbor (18([ | |||
| / protected / bstr .cbor ({ | / protected / bstr .cbor ({ | |||
| / alg / 1:-7 / "ES256" /, | / alg / 1:-7 / "ES256" /, | |||
| }), | }), | |||
| / unprotected / { | / unprotected / { | |||
| }, | }, | |||
| / payload / bstr .cbor ([ | / payload / F6 / nil /, | |||
| / algorithm-id / 2 / "sha256" /, | / signature / h'1296c87d168bb857495e6551730f9d6d3a6d81 | |||
| / digest-bytes / | ad6c908c72fbc52ddcb2e8011d20d217b3f1c028374eecbda5d2ca26d047270b397dca | |||
| h'ae0c1ea689c9800a843550f38796b6fdbd52a0c78be5d26011d8e784da43d47c' | a91a48a7c78cf376004e' | |||
| ]), | ])) | |||
| / signature / h'359960bae5a7de2457c8f48d3250d96d1a | ||||
| f2d36e08764b62d76f8a3f3041774b150b2c835bb1b2d7b1b2e629e1f08cc3b1b48fce | ||||
| bb8fb38182c116161e02b33f' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ]), | |||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:3, | / manifest-sequence-number / 2:3, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] | [h'00'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| / directive-override-parameters / 20,{ | / directive-override-parameters / 20,{ | |||
| / vendor-id / | / vendor-id / | |||
| skipping to change at page 99, line 4 ¶ | skipping to change at page 98, line 16 ¶ | |||
| / uri / 21:'http://example.com/file2.bin', | / uri / 21:'http://example.com/file2.bin', | |||
| } | } | |||
| ]) | ]) | |||
| ] , | ] , | |||
| / directive-fetch / 21,2 , | / directive-fetch / 21,2 , | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| / validate / 10:bstr .cbor ([ | / validate / 10:bstr .cbor ([ | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| }), | }), | |||
| } | } | |||
| Total size of Envelope without COSE authentication object: 330 | Total size of Envelope without COSE authentication object: 330 | |||
| Envelope: | Envelope: | |||
| a202582781582482025820ae0c1ea689c9800a843550f38796b6fdbd52a0 | a202582781582482025820ae0c1ea689c9800a843550f38796b6fdbd52a0 | |||
| c78be5d26011d8e784da43d47c0359011ba5010102030358aaa202818141 | c78be5d26011d8e784da43d47c0359011ba5010102030358aaa202818141 | |||
| 000458a18814a20150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af | 000458a18814a20150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af | |||
| 1425695e48bf429b2d51f2ab450f8258368614a105198400050514a20358 | 1425695e48bf429b2d51f2ab450f8258368614a105198400050514a20358 | |||
| 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | 248202582000112233445566778899aabbccddeeff0123456789abcdeffe | |||
| dcba98765432100e1987d0583a8614a1051a00084400050514a203582482 | dcba98765432100e1987d0583a8614a1051a00084400050514a203582482 | |||
| 0258200123456789abcdeffedcba987654321000112233445566778899aa | 0258200123456789abcdeffedcba987654321000112233445566778899aa | |||
| bbccddeeff0e1a00012c22010f020f095861860f82582a8613a105198400 | bbccddeeff0e1a00012c22010f020f095861860f82582a8613a105198400 | |||
| 050513a115781c687474703a2f2f6578616d706c652e636f6d2f66696c65 | 050513a115781c687474703a2f2f6578616d706c652e636f6d2f66696c65 | |||
| 312e62696e582c8613a1051a00084400050513a115781c687474703a2f2f | 312e62696e582c8613a1051a00084400050513a115781c687474703a2f2f | |||
| 6578616d706c652e636f6d2f66696c65322e62696e1502030f0a4382030f | 6578616d706c652e636f6d2f66696c65322e62696e1502030f0a4382030f | |||
| Total size of Envelope with COSE authentication object: 443 | Total size of Envelope with COSE authentication object: 406 | |||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a202589882582482025820ae0c1ea689c9800a843550f38796b6fdbd52a0 | a202587382582482025820ae0c1ea689c9800a843550f38796b6fdbd52a0 | |||
| c78be5d26011d8e784da43d47c586fd28443a10126a0582482025820ae0c | c78be5d26011d8e784da43d47c584ad28443a10126a0f658401296c87d16 | |||
| 1ea689c9800a843550f38796b6fdbd52a0c78be5d26011d8e784da43d47c | 8bb857495e6551730f9d6d3a6d81ad6c908c72fbc52ddcb2e8011d20d217 | |||
| 5840359960bae5a7de2457c8f48d3250d96d1af2d36e08764b62d76f8a3f | b3f1c028374eecbda5d2ca26d047270b397dcaa91a48a7c78cf376004e03 | |||
| 3041774b150b2c835bb1b2d7b1b2e629e1f08cc3b1b48fcebb8fb38182c1 | 59011ba5010102030358aaa202818141000458a18814a20150fa6b4a53d5 | |||
| 16161e02b33f0359011ba5010102030358aaa202818141000458a18814a2 | ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d51f2ab450f | |||
| 0150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf42 | 8258368614a105198400050514a203582482025820001122334455667788 | |||
| 9b2d51f2ab450f8258368614a105198400050514a2035824820258200011 | 99aabbccddeeff0123456789abcdeffedcba98765432100e1987d0583a86 | |||
| 2233445566778899aabbccddeeff0123456789abcdeffedcba9876543210 | 14a1051a00084400050514a2035824820258200123456789abcdeffedcba | |||
| 0e1987d0583a8614a1051a00084400050514a20358248202582001234567 | 987654321000112233445566778899aabbccddeeff0e1a00012c22010f02 | |||
| 89abcdeffedcba987654321000112233445566778899aabbccddeeff0e1a | 0f095861860f82582a8613a105198400050513a115781c687474703a2f2f | |||
| 00012c22010f020f095861860f82582a8613a105198400050513a115781c | 6578616d706c652e636f6d2f66696c65312e62696e582c8613a1051a0008 | |||
| 687474703a2f2f6578616d706c652e636f6d2f66696c65312e62696e582c | 4400050513a115781c687474703a2f2f6578616d706c652e636f6d2f6669 | |||
| 8613a1051a00084400050513a115781c687474703a2f2f6578616d706c65 | 6c65322e62696e1502030f0a4382030f | |||
| 2e636f6d2f66696c65322e62696e1502030f0a4382030f | ||||
| B.5. Example 4: Load and Decompress from External Storage | B.5. Example 4: Load and Decompress from External Storage | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| skipping to change at page 100, line 4 ¶ | skipping to change at page 99, line 29 ¶ | |||
| B.5. Example 4: Load and Decompress from External Storage | B.5. Example 4: Load and Decompress from External Storage | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| - Install (Section 7.4) | - Install (Section 7.4) | |||
| - Load & Decompress (Section 7.8) | - Load & Decompress (Section 7.8) | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'4b4c7c8c0fda76c9c9591a9db160918e2b3c96a58b0a5e4984fd4e8f9359a928' | h'4b4c7c8c0fda76c9c9591a9db160918e2b3c96a58b0a5e4984fd4e8f9359a928' | |||
| ]) signatures: [ | ]), | |||
| bstr .cbor (18([ | signature: bstr .cbor (18([ | |||
| / protected / bstr .cbor ({ | / protected / bstr .cbor ({ | |||
| / alg / 1:-7 / "ES256" /, | / alg / 1:-7 / "ES256" /, | |||
| }), | }), | |||
| / unprotected / { | / unprotected / { | |||
| }, | }, | |||
| / payload / bstr .cbor ([ | / payload / F6 / nil /, | |||
| / algorithm-id / 2 / "sha256" /, | / signature / h'd88c4953fe5a0399e69ab37fe654d1f1b957a4 | |||
| / digest-bytes / | 4a46fde3e9cffdf0cdaa0456ddce9f08bc2a59895ffd70adce0e4aee8690645dcd4b7b | |||
| h'4b4c7c8c0fda76c9c9591a9db160918e2b3c96a58b0a5e4984fd4e8f9359a928' | 77d401bd91e35aa115d2' | |||
| ]), | ])) | |||
| / signature / h'd721cb3415f27cfeb8ef066bb6312ba758 | ||||
| 32b57410a0c700de71cf8004ea23b9dd3c912a99fab111e9b8f2cc55c7dffcc37012de | ||||
| cf72e44f69b3d3db8cc98cb6' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ||||
| ]), | ||||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:4, | / manifest-sequence-number / 2:4, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] , | [h'00'] , | |||
| [h'02'] , | [h'02'] , | |||
| [h'01'] | [h'01'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| skipping to change at page 102, line 4 ¶ | skipping to change at page 101, line 26 ¶ | |||
| / compression-info / 19:1 / "gzip" /, | / compression-info / 19:1 / "gzip" /, | |||
| } , | } , | |||
| / directive-copy / 22,2 , | / directive-copy / 22,2 , | |||
| / condition-image-match / 3,15 | / condition-image-match / 3,15 | |||
| ]), | ]), | |||
| / run / 12:bstr .cbor ([ | / run / 12:bstr .cbor ([ | |||
| / directive-set-component-index / 12,2 , | / directive-set-component-index / 12,2 , | |||
| / directive-run / 23,2 | / directive-run / 23,2 | |||
| ]), | ]), | |||
| }), | }), | |||
| } | } | |||
| Total size of Envelope without COSE authentication object: 287 | Total size of Envelope without COSE authentication object: 287 | |||
| Envelope: | Envelope: | |||
| a2025827815824820258204b4c7c8c0fda76c9c9591a9db160918e2b3c96 | a2025827815824820258204b4c7c8c0fda76c9c9591a9db160918e2b3c96 | |||
| a58b0a5e4984fd4e8f9359a9280358f1a801010204035867a20283814100 | a58b0a5e4984fd4e8f9359a9280358f1a801010204035867a20283814100 | |||
| 814102814101045858880c0014a40150fa6b4a53d5ad5fdfbe9de663e4d4 | 814102814101045858880c0014a40150fa6b4a53d5ad5fdfbe9de663e4d4 | |||
| 1ffe02501492af1425695e48bf429b2d51f2ab4503582482025820001122 | 1ffe02501492af1425695e48bf429b2d51f2ab4503582482025820001122 | |||
| 33445566778899aabbccddeeff0123456789abcdeffedcba98765432100e | 33445566778899aabbccddeeff0123456789abcdeffedcba98765432100e | |||
| 1987d0010f020f085827880c0113a115781b687474703a2f2f6578616d70 | 1987d0010f020f085827880c0113a115781b687474703a2f2f6578616d70 | |||
| 6c652e636f6d2f66696c652e62696e1502030f094b880c0013a116011602 | 6c652e636f6d2f66696c652e62696e1502030f094b880c0013a116011602 | |||
| 030f0a45840c00030f0b583a880c0213a4035824820258200123456789ab | 030f0a45840c00030f0b583a880c0213a4035824820258200123456789ab | |||
| cdeffedcba987654321000112233445566778899aabbccddeeff0e1a0001 | cdeffedcba987654321000112233445566778899aabbccddeeff0e1a0001 | |||
| 2c22130116001602030f0c45840c021702 | 2c22130116001602030f0c45840c021702 | |||
| Total size of Envelope with COSE authentication object: 400 | Total size of Envelope with COSE authentication object: 363 | |||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a2025898825824820258204b4c7c8c0fda76c9c9591a9db160918e2b3c96 | a2025873825824820258204b4c7c8c0fda76c9c9591a9db160918e2b3c96 | |||
| a58b0a5e4984fd4e8f9359a928586fd28443a10126a05824820258204b4c | a58b0a5e4984fd4e8f9359a928584ad28443a10126a0f65840d88c4953fe | |||
| 7c8c0fda76c9c9591a9db160918e2b3c96a58b0a5e4984fd4e8f9359a928 | 5a0399e69ab37fe654d1f1b957a44a46fde3e9cffdf0cdaa0456ddce9f08 | |||
| 5840d721cb3415f27cfeb8ef066bb6312ba75832b57410a0c700de71cf80 | bc2a59895ffd70adce0e4aee8690645dcd4b7b77d401bd91e35aa115d203 | |||
| 04ea23b9dd3c912a99fab111e9b8f2cc55c7dffcc37012decf72e44f69b3 | 58f1a801010204035867a20283814100814102814101045858880c0014a4 | |||
| d3db8cc98cb60358f1a801010204035867a2028381410081410281410104 | 0150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf42 | |||
| 5858880c0014a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af | 9b2d51f2ab450358248202582000112233445566778899aabbccddeeff01 | |||
| 1425695e48bf429b2d51f2ab450358248202582000112233445566778899 | 23456789abcdeffedcba98765432100e1987d0010f020f085827880c0113 | |||
| aabbccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f | a115781b687474703a2f2f6578616d706c652e636f6d2f66696c652e6269 | |||
| 085827880c0113a115781b687474703a2f2f6578616d706c652e636f6d2f | 6e1502030f094b880c0013a116011602030f0a45840c00030f0b583a880c | |||
| 66696c652e62696e1502030f094b880c0013a116011602030f0a45840c00 | 0213a4035824820258200123456789abcdeffedcba987654321000112233 | |||
| 030f0b583a880c0213a4035824820258200123456789abcdeffedcba9876 | 445566778899aabbccddeeff0e1a00012c22130116001602030f0c45840c | |||
| 54321000112233445566778899aabbccddeeff0e1a00012c221301160016 | 021702 | |||
| 02030f0c45840c021702 | ||||
| B.6. Example 5: Two Images | B.6. Example 5: Two Images | |||
| This example covers the following templates: | This example covers the following templates: | |||
| - Compatibility Check (Section 7.1) | - Compatibility Check (Section 7.1) | |||
| - Secure Boot (Section 7.2) | - Secure Boot (Section 7.2) | |||
| - Firmware Download (Section 7.3) | - Firmware Download (Section 7.3) | |||
| Furthermore, it shows using these templates with two images. | Furthermore, it shows using these templates with two images. | |||
| { | { | |||
| / authentication-wrapper / 2:bstr .cbor ({ digest: bstr | / authentication-wrapper / 2:bstr .cbor ([ | |||
| .cbor ([ | digest: bstr .cbor ([ | |||
| / algorithm-id / 2 / "sha256" /, | / algorithm-id / 2 / "sha256" /, | |||
| / digest-bytes / | / digest-bytes / | |||
| h'de7c7927a15bd2eda59cab1512875f17c9f1e9e23885ce1ac6d671eefcefa37a' | h'de7c7927a15bd2eda59cab1512875f17c9f1e9e23885ce1ac6d671eefcefa37a' | |||
| ]) signatures: [ | ]), | |||
| bstr .cbor (18([ | signature: bstr .cbor (18([ | |||
| / protected / bstr .cbor ({ | / protected / bstr .cbor ({ | |||
| / alg / 1:-7 / "ES256" /, | / alg / 1:-7 / "ES256" /, | |||
| }), | }), | |||
| / unprotected / { | / unprotected / { | |||
| }, | }, | |||
| / payload / bstr .cbor ([ | / payload / F6 / nil /, | |||
| / algorithm-id / 2 / "sha256" /, | / signature / h'8f5919c05ef786366ab4899db27a2e7412ef72 | |||
| / digest-bytes / | 480372437757b1c1c9f8b2ed2a677a88db17fcfbb47d178c9e5620f14ac68a314ceabc | |||
| h'de7c7927a15bd2eda59cab1512875f17c9f1e9e23885ce1ac6d671eefcefa37a' | d20cbf54fbe89b8e83ad' | |||
| ]), | ])) | |||
| / signature / h'e71e332c985fb0479f296685669d05348b | ||||
| cdba8e186f25a5418f4682ea168df61661f54bf48f964577225ed455b22d277dd94de8 | ||||
| 7c57f1baceedd6719f3d56ec' | ||||
| ])) | ||||
| ] | ] | |||
| }), | ]), | |||
| / manifest / 3:bstr .cbor ({ | / manifest / 3:bstr .cbor ({ | |||
| / manifest-version / 1:1, | / manifest-version / 1:1, | |||
| / manifest-sequence-number / 2:5, | / manifest-sequence-number / 2:5, | |||
| / common / 3:bstr .cbor ({ | / common / 3:bstr .cbor ({ | |||
| / components / 2:[ | / components / 2:[ | |||
| [h'00'] , | [h'00'] , | |||
| [h'01'] | [h'01'] | |||
| ], | ], | |||
| / common-sequence / 4:bstr .cbor ([ | / common-sequence / 4:bstr .cbor ([ | |||
| / directive-set-component-index / 12,0 , | / directive-set-component-index / 12,0 , | |||
| skipping to change at page 105, line 17 ¶ | skipping to change at page 104, line 33 ¶ | |||
| 008141010458898c0c0014a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe | 008141010458898c0c0014a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe | |||
| 02501492af1425695e48bf429b2d51f2ab45035824820258200011223344 | 02501492af1425695e48bf429b2d51f2ab45035824820258200011223344 | |||
| 5566778899aabbccddeeff0123456789abcdeffedcba98765432100e1987 | 5566778899aabbccddeeff0123456789abcdeffedcba98765432100e1987 | |||
| d0010f020f0c0114a2035824820258200123456789abcdeffedcba987654 | d0010f020f0c0114a2035824820258200123456789abcdeffedcba987654 | |||
| 321000112233445566778899aabbccddeeff0e1a00012c2209584f900c00 | 321000112233445566778899aabbccddeeff0e1a00012c2209584f900c00 | |||
| 13a115781c687474703a2f2f6578616d706c652e636f6d2f66696c65312e | 13a115781c687474703a2f2f6578616d706c652e636f6d2f66696c65312e | |||
| 62696e1502030f0c0113a115781c687474703a2f2f6578616d706c652e63 | 62696e1502030f0c0113a115781c687474703a2f2f6578616d706c652e63 | |||
| 6f6d2f66696c65322e62696e1502030f0a49880c00030f0c01030f0c4584 | 6f6d2f66696c65322e62696e1502030f0a49880c00030f0c01030f0c4584 | |||
| 0c001702 | 0c001702 | |||
| Total size of Envelope with COSE authentication object: 417 | Total size of Envelope with COSE authentication object: 380 | |||
| Envelope with COSE authentication object: | Envelope with COSE authentication object: | |||
| a202589882582482025820de7c7927a15bd2eda59cab1512875f17c9f1e9 | a202587382582482025820de7c7927a15bd2eda59cab1512875f17c9f1e9 | |||
| e23885ce1ac6d671eefcefa37a586fd28443a10126a0582482025820de7c | e23885ce1ac6d671eefcefa37a584ad28443a10126a0f658408f5919c05e | |||
| 7927a15bd2eda59cab1512875f17c9f1e9e23885ce1ac6d671eefcefa37a | f786366ab4899db27a2e7412ef72480372437757b1c1c9f8b2ed2a677a88 | |||
| 5840e71e332c985fb0479f296685669d05348bcdba8e186f25a5418f4682 | db17fcfbb47d178c9e5620f14ac68a314ceabcd20cbf54fbe89b8e83ad03 | |||
| ea168df61661f54bf48f964577225ed455b22d277dd94de87c57f1baceed | 590101a601010205035895a202828141008141010458898c0c0014a40150 | |||
| d6719f3d56ec03590101a601010205035895a20282814100814101045889 | fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425695e48bf429b2d | |||
| 8c0c0014a40150fa6b4a53d5ad5fdfbe9de663e4d41ffe02501492af1425 | 51f2ab450358248202582000112233445566778899aabbccddeeff012345 | |||
| 695e48bf429b2d51f2ab450358248202582000112233445566778899aabb | 6789abcdeffedcba98765432100e1987d0010f020f0c0114a20358248202 | |||
| ccddeeff0123456789abcdeffedcba98765432100e1987d0010f020f0c01 | 58200123456789abcdeffedcba987654321000112233445566778899aabb | |||
| 14a2035824820258200123456789abcdeffedcba98765432100011223344 | ccddeeff0e1a00012c2209584f900c0013a115781c687474703a2f2f6578 | |||
| 5566778899aabbccddeeff0e1a00012c2209584f900c0013a115781c6874 | 616d706c652e636f6d2f66696c65312e62696e1502030f0c0113a115781c | |||
| 74703a2f2f6578616d706c652e636f6d2f66696c65312e62696e1502030f | 687474703a2f2f6578616d706c652e636f6d2f66696c65322e62696e1502 | |||
| 0c0113a115781c687474703a2f2f6578616d706c652e636f6d2f66696c65 | 030f0a49880c00030f0c01030f0c45840c001702 | |||
| 322e62696e1502030f0a49880c00030f0c01030f0c45840c001702 | ||||
| Appendix C. C. Design Rational | Appendix C. C. Design Rational | |||
| In order to provide flexible behavior to constrained devices, while | In order to provide flexible behavior to constrained devices, while | |||
| still allowing more powerful devices to use their full capabilities, | still allowing more powerful devices to use their full capabilities, | |||
| the SUIT manifest encodes the required behavior of a Recipient | the SUIT manifest encodes the required behavior of a Recipient | |||
| device. Behavior is encoded as a specialized byte code, contained in | device. Behavior is encoded as a specialized byte code, contained in | |||
| a CBOR list. This promotes a flat encoding, which simplifies the | a CBOR list. This promotes a flat encoding, which simplifies the | |||
| parser. The information encoded by this byte code closely matches | parser. The information encoded by this byte code closely matches | |||
| the operations that a device will perform, which promotes ease of | the operations that a device will perform, which promotes ease of | |||
| skipping to change at page 108, line 19 ¶ | skipping to change at page 107, line 35 ¶ | |||
| SUIT_Digest. | SUIT_Digest. | |||
| Parameters that are structured types (arrays and maps) are also | Parameters that are structured types (arrays and maps) are also | |||
| wrapped in a bstr. This is so that parser extents can be set | wrapped in a bstr. This is so that parser extents can be set | |||
| correctly using only a reference to the beginning of the parameter. | correctly using only a reference to the beginning of the parameter. | |||
| This enables a parser to store a simple list of references to | This enables a parser to store a simple list of references to | |||
| parameters that can be retrieved when needed. | parameters that can be retrieved when needed. | |||
| Appendix D. D. Implementation Conformance Matrix | Appendix D. D. Implementation Conformance Matrix | |||
| This section summarizes the functionality a minimal implementation | This section summarizes the functionality a minimal manifest | |||
| needs to offer to claim conformance to this specification, in the | processor implementation needs to offer to claim conformance to this | |||
| absence of an application profile standard specifying otherwise. | specification, in the absence of an application profile standard | |||
| specifying otherwise. | ||||
| The subsequent table shows the conditions. | The subsequent table shows the conditions. | |||
| +-------------------+------------------+----------------+ | +-------------------+------------------+----------------+ | |||
| | Name | Reference | Implementation | | | Name | Reference | Implementation | | |||
| +-------------------+------------------+----------------+ | +-------------------+------------------+----------------+ | |||
| | Vendor Identifier | Section 8.7.5.2 | REQUIRED | | | Vendor Identifier | Section 8.7.5.2 | REQUIRED | | |||
| | | | | | | | | | | |||
| | Class Identifier | Section 8.7.5.2 | REQUIRED | | | Class Identifier | Section 8.7.5.2 | REQUIRED | | |||
| | | | | | | | | | | |||
| skipping to change at page 109, line 48 ¶ | skipping to change at page 109, line 46 ¶ | |||
| | | 11 | | | | | 11 | | | |||
| | | | | | | | | | | |||
| | Run Sequence | Section 8.7.7. | OPTIONAL | | | Run Sequence | Section 8.7.7. | OPTIONAL | | |||
| | | 12 | | | | | 12 | | | |||
| | | | | | | | | | | |||
| | Swap | Section 8.7.7. | OPTIONAL | | | Swap | Section 8.7.7. | OPTIONAL | | |||
| | | 13 | | | | | 13 | | | |||
| | | | | | | | | | | |||
| | Fetch URI List | Section 8.7.7. | OPTIONAL | | | Fetch URI List | Section 8.7.7. | OPTIONAL | | |||
| | | 8 | | | | | 8 | | | |||
| | | | | | ||||
| | Garbage Collect | Section 8.7.8 | OPTIONAL | | ||||
| +-------------------+----------------+------------------------------+ | +-------------------+----------------+------------------------------+ | |||
| The subsequent table shows the parameters. | The subsequent table shows the parameters. | |||
| +------------------+------------------+----------------------+ | +------------------+------------------+----------------------+ | |||
| | Name | Reference | Implementation | | | Name | Reference | Implementation | | |||
| +------------------+------------------+----------------------+ | +------------------+------------------+----------------------+ | |||
| | Vendor ID | Section 8.7.5.3 | REQUIRED | | | Vendor ID | Section 8.7.5.3 | REQUIRED | | |||
| | | | | | | | | | | |||
| | Class ID | Section 8.7.5.4 | REQUIRED | | | Class ID | Section 8.7.5.4 | REQUIRED | | |||
| End of changes. 70 change blocks. | ||||
| 266 lines changed or deleted | 270 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||