Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cut #6.500, #6.502 in FromCOSE #133

Merged
merged 2 commits into from
Dec 24, 2024
Merged

Cut #6.500, #6.502 in FromCOSE #133

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6621414
Cut #6.500, #6.502 in FromCOSE
deeglaze Oct 22, 2024
868324a
Revert content type following PR337 discussion.
deeglaze Dec 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions corim/cbor.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,13 @@ var (
)

var (
CoswidTag = []byte{0xd9, 0x01, 0xf9} // 505()
ComidTag = []byte{0xd9, 0x01, 0xfa} // 506()
UnsignedCorimTag = []byte{0xd9, 0x01, 0xf5} // 501()
CoswidTag = []byte{0xd9, 0x01, 0xf9} // 505()
ComidTag = []byte{0xd9, 0x01, 0xfa} // 506()

corimTagsMap = map[uint64]interface{}{
32: comid.TaggedURI(""),
32: comid.TaggedURI(""),
501: TaggedUnsignedCorim(UnsignedCorim{}),
}
)

Expand Down
15 changes: 14 additions & 1 deletion corim/signedcorim.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
package corim

import (
"bytes"
"crypto"
"crypto/rand"
"errors"
Expand All @@ -15,7 +16,8 @@ import (
)

var (
ContentType = "application/rim+cbor"
ContentType = "application/corim-unsigned+cbor"
oldContentType = "application/rim+cbor"
NoExternalData = []byte("")
HeaderLabelCorimMeta = int64(8)
)
Expand Down Expand Up @@ -63,6 +65,11 @@ func (o *SignedCorim) processHdrs() error {
return errors.New("missing mandatory content type")
}

// Compatibility step from older spec draft
if v == oldContentType {
v = ContentType
}

if v != ContentType {
return fmt.Errorf("expecting content type %q, got %q instead", ContentType, v)
}
Expand Down Expand Up @@ -100,6 +107,12 @@ func (o *SignedCorim) processHdrs() error {
func (o *SignedCorim) FromCOSE(buf []byte) error {
o.message = cose.NewSign1Message()

// If a tagged-corim-type-choice #6.500 of tagged-signed-corim #6.502, strip the prefix.
// This is a remnant of an older draft of the specification before
// https://github.com/ietf-rats-wg/draft-ietf-rats-corim/pull/337
corimTypeChoice := []byte("\xd9\x01\xf4\xd9\x01\xf6")
buf, _ = bytes.CutPrefix(buf, corimTypeChoice)

if err := o.message.UnmarshalCBOR(buf); err != nil {
return fmt.Errorf("failed CBOR decoding for COSE-Sign1 signed CoRIM: %w", err)
}
Expand Down
98 changes: 95 additions & 3 deletions corim/signedcorim_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,98 @@ func TestSignedCorim_FromCOSE_ok(t *testing.T) {
assert.Nil(t, err)
}

func TestSignedCorim_TaggedFromCOSE_ok(t *testing.T) {
/*
500(
502(
18(
[
/ protected h'a10126' / << {
/ alg / 1: -7, / ECDSA 256 /
/ content-type / 3: "application/rim+cbor",
/ issuer-key-id / 4: '[email protected]',
/ corim-meta / 8: h'a200a1006941434d45204c74642e01a101c11a5fad2056'
} >>,
/ unprotected / {},
/ payload / << 501({
0: "test corim id",
1: [
h'D901FAA40065656E2D474201A1005043BBE37F2E614B33AED353CFF1428B160281A3006941434D45204C74642E01D8207468747470733A2F2F61636D652E6578616D706C65028300010204A1008182A100A300D90258582061636D652D696D706C656D656E746174696F6E2D69642D303030303030303031016441434D45026A526F616452756E6E657283A200D90258A30162424C0465322E312E30055820ACBB11C7E4DA217205523CE4CE1A245AE1A239AE3C6BFD9E7871F7E5D8BAE86B01A102818201582087428FC522803D31065E7BCE3CF03FE475096631E5E07BBD7A0FDE60C4CF25C7A200D90258A3016450526F540465312E332E35055820ACBB11C7E4DA217205523CE4CE1A245AE1A239AE3C6BFD9E7871F7E5D8BAE86B01A10281820158200263829989B6FD954F72BAAF2FC64BC2E2F01D692D4DE72986EA808F6E99813FA200D90258A3016441526F540465302E312E34055820ACBB11C7E4DA217205523CE4CE1A245AE1A239AE3C6BFD9E7871F7E5D8BAE86B01A1028182015820A3A5E715F0CC574A73C3F9BEBB6BC24F32FFD5B67B387244C2C909DA779A1478'
]
}) >>,
/ signature / h'deadbeef'
]
)))
*/
tv := []byte{0xd9, 0x01, 0xf4, 0xd9, 0x01, 0xf6, 0xd2, 0x84,
0x58, 0x59, 0xa4, 0x01, 0x26, 0x03, 0x74, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x2f, 0x72, 0x69, 0x6d, 0x2b, 0x63, 0x62, 0x6f, 0x72,
0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, 0x64,
0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x79,
0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, 0x75, 0x63, 0x6b,
0x6c, 0x61, 0x6e, 0x64, 0x2e, 0x65, 0x78, 0x61, 0x6d,
0x70, 0x6c, 0x65, 0x08, 0x57, 0xa2, 0x00, 0xa1, 0x00,
0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x4c, 0x74, 0x64,
0x2e, 0x01, 0xa1, 0x01, 0xc1, 0x1a, 0x5f, 0xad, 0x20,
0x56, 0xa0, 0x59, 0x01, 0xbb, 0xd9, 0x01, 0xf5, 0xa2,
0x00, 0x6d, 0x74, 0x65, 0x73, 0x74, 0x20, 0x63, 0x6f,
0x72, 0x69, 0x6d, 0x20, 0x69, 0x64, 0x01, 0x81, 0x59,
0x01, 0xa3, 0xd9, 0x01, 0xfa, 0xa4, 0x00, 0x65, 0x65,
0x6e, 0x2d, 0x47, 0x42, 0x01, 0xa1, 0x00, 0x50, 0x43,
0xbb, 0xe3, 0x7f, 0x2e, 0x61, 0x4b, 0x33, 0xae, 0xd3,
0x53, 0xcf, 0xf1, 0x42, 0x8b, 0x16, 0x02, 0x81, 0xa3,
0x00, 0x69, 0x41, 0x43, 0x4d, 0x45, 0x20, 0x4c, 0x74,
0x64, 0x2e, 0x01, 0xd8, 0x20, 0x74, 0x68, 0x74, 0x74,
0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x61, 0x63, 0x6d, 0x65,
0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x02,
0x83, 0x00, 0x01, 0x02, 0x04, 0xa1, 0x00, 0x81, 0x82,
0xa1, 0x00, 0xa3, 0x00, 0xd9, 0x02, 0x58, 0x58, 0x20,
0x61, 0x63, 0x6d, 0x65, 0x2d, 0x69, 0x6d, 0x70, 0x6c,
0x65, 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2d, 0x69, 0x64, 0x2d, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x30, 0x31, 0x01, 0x64, 0x41, 0x43,
0x4d, 0x45, 0x02, 0x6a, 0x52, 0x6f, 0x61, 0x64, 0x52,
0x75, 0x6e, 0x6e, 0x65, 0x72, 0x83, 0xa2, 0x00, 0xd9,
0x02, 0x58, 0xa3, 0x01, 0x62, 0x42, 0x4c, 0x04, 0x65,
0x32, 0x2e, 0x31, 0x2e, 0x30, 0x05, 0x58, 0x20, 0xac,
0xbb, 0x11, 0xc7, 0xe4, 0xda, 0x21, 0x72, 0x05, 0x52,
0x3c, 0xe4, 0xce, 0x1a, 0x24, 0x5a, 0xe1, 0xa2, 0x39,
0xae, 0x3c, 0x6b, 0xfd, 0x9e, 0x78, 0x71, 0xf7, 0xe5,
0xd8, 0xba, 0xe8, 0x6b, 0x01, 0xa1, 0x02, 0x81, 0x82,
0x01, 0x58, 0x20, 0x87, 0x42, 0x8f, 0xc5, 0x22, 0x80,
0x3d, 0x31, 0x06, 0x5e, 0x7b, 0xce, 0x3c, 0xf0, 0x3f,
0xe4, 0x75, 0x09, 0x66, 0x31, 0xe5, 0xe0, 0x7b, 0xbd,
0x7a, 0x0f, 0xde, 0x60, 0xc4, 0xcf, 0x25, 0xc7, 0xa2,
0x00, 0xd9, 0x02, 0x58, 0xa3, 0x01, 0x64, 0x50, 0x52,
0x6f, 0x54, 0x04, 0x65, 0x31, 0x2e, 0x33, 0x2e, 0x35,
0x05, 0x58, 0x20, 0xac, 0xbb, 0x11, 0xc7, 0xe4, 0xda,
0x21, 0x72, 0x05, 0x52, 0x3c, 0xe4, 0xce, 0x1a, 0x24,
0x5a, 0xe1, 0xa2, 0x39, 0xae, 0x3c, 0x6b, 0xfd, 0x9e,
0x78, 0x71, 0xf7, 0xe5, 0xd8, 0xba, 0xe8, 0x6b, 0x01,
0xa1, 0x02, 0x81, 0x82, 0x01, 0x58, 0x20, 0x02, 0x63,
0x82, 0x99, 0x89, 0xb6, 0xfd, 0x95, 0x4f, 0x72, 0xba,
0xaf, 0x2f, 0xc6, 0x4b, 0xc2, 0xe2, 0xf0, 0x1d, 0x69,
0x2d, 0x4d, 0xe7, 0x29, 0x86, 0xea, 0x80, 0x8f, 0x6e,
0x99, 0x81, 0x3f, 0xa2, 0x00, 0xd9, 0x02, 0x58, 0xa3,
0x01, 0x64, 0x41, 0x52, 0x6f, 0x54, 0x04, 0x65, 0x30,
0x2e, 0x31, 0x2e, 0x34, 0x05, 0x58, 0x20, 0xac, 0xbb,
0x11, 0xc7, 0xe4, 0xda, 0x21, 0x72, 0x05, 0x52, 0x3c,
0xe4, 0xce, 0x1a, 0x24, 0x5a, 0xe1, 0xa2, 0x39, 0xae,
0x3c, 0x6b, 0xfd, 0x9e, 0x78, 0x71, 0xf7, 0xe5, 0xd8,
0xba, 0xe8, 0x6b, 0x01, 0xa1, 0x02, 0x81, 0x82, 0x01,
0x58, 0x20, 0xa3, 0xa5, 0xe7, 0x15, 0xf0, 0xcc, 0x57,
0x4a, 0x73, 0xc3, 0xf9, 0xbe, 0xbb, 0x6b, 0xc2, 0x4f,
0x32, 0xff, 0xd5, 0xb6, 0x7b, 0x38, 0x72, 0x44, 0xc2,
0xc9, 0x09, 0xda, 0x77, 0x9a, 0x14, 0x78, 0x44, 0xde,
0xad, 0xbe, 0xef}

var actual SignedCorim
err := actual.FromCOSE(tv)

assert.Nil(t, err)
}

func TestSignedCorim_FromCOSE_fail_no_tag(t *testing.T) {
// a single null byte is sufficient to test this condition because the tag
// is the very first thing we stumble upon
Expand All @@ -193,7 +285,7 @@ func TestSignedCorim_FromCOSE_fail_corim_bad_cbor(t *testing.T) {
[
/ protected / << {
/ alg / 1: -7, / ECDSA 256 /
/ content-type / 3: "application/rim+cbor",
/ content-type / 3: "application/corim-unsigned+cbor",
/ corim-meta / 8: h'a200a1006941434d45204c74642e01a101c11a5fad2056'
} >>,
/ unprotected / {},
Expand Down Expand Up @@ -223,7 +315,7 @@ func TestSignedCorim_FromCOSE_fail_invalid_corim(t *testing.T) {
[
/ protected / << {
/ alg / 1: -7, / ECDSA 256 /
/ content-type / 3: "application/rim+cbor",
/ content-type / 3: "application/corim-unsigned+cbor",
/ corim-meta / 8: h'a200a1006941434d45204c74642e01a101c11a5fad2056'
} >>,
/ unprotected / {},
Expand Down Expand Up @@ -304,7 +396,7 @@ func TestSignedCorim_FromCOSE_fail_unexpected_content_type(t *testing.T) {
var actual SignedCorim
err := actual.FromCOSE(tv)

assert.EqualError(t, err, `processing COSE headers: expecting content type "application/rim+cbor", got "application/cbor" instead`)
assert.EqualError(t, err, `processing COSE headers: expecting content type "application/corim-unsigned+cbor", got "application/cbor" instead`)
}

func unsignedCorimFromCBOR(t *testing.T, cbor []byte) *UnsignedCorim {
Expand Down
2 changes: 2 additions & 0 deletions corim/unsignedcorim.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ type UnsignedCorim struct {
Extensions
}

type TaggedUnsignedCorim UnsignedCorim

// NewUnsignedCorim instantiates an empty UnsignedCorim
func NewUnsignedCorim() *UnsignedCorim {
return &UnsignedCorim{}
Expand Down
Loading