diff --git a/coev/coswid_evidence.go b/coev/coswid_evidence.go index 323f4618..1aecd7eb 100644 --- a/coev/coswid_evidence.go +++ b/coev/coswid_evidence.go @@ -10,9 +10,9 @@ import ( // CoSWIDEvidenceMap is the Map to carry CoSWID Evidence type CoSWIDEvidenceMap struct { - TagID *swid.TagID `cbor:"0,keyasint,omitempty" json:"tagId,omitempty"` - Evidence swid.Evidence `cbor:"1,keyasint,omitempty" json:"evidence,omitempty"` - AuthorizedBy *comid.CryptoKey `cbor:"2,keyasint,omitempty" json:"authorized-by,omitempty"` + TagID *swid.TagID `cbor:"0,keyasint,omitempty" json:"tagId,omitempty"` + Evidence swid.Evidence `cbor:"1,keyasint,omitempty" json:"evidence,omitempty"` + AuthorizedBy *comid.CryptoKeys `cbor:"2,keyasint,omitempty" json:"authorized-by,omitempty"` } type CoSWIDEvidence []CoSWIDEvidenceMap diff --git a/coev/example_test.go b/coev/example_test.go index e00d717a..3c8f3038 100644 --- a/coev/example_test.go +++ b/coev/example_test.go @@ -298,10 +298,12 @@ func Example_decode_JSON() { "raw-value-mask": "/////w==", "mac-addr": "02:00:5e:10:00:00:00:02" }, - "authorized-by": { - "type": "pkix-base64-key", - "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" - } + "authorized-by": [ + { + "type": "pkix-base64-key", + "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" + } + ] } ] } diff --git a/coev/tdx/example_pce_test.go b/coev/tdx/example_pce_test.go index f91f35cf..19c7bfc2 100644 --- a/coev/tdx/example_pce_test.go +++ b/coev/tdx/example_pce_test.go @@ -213,10 +213,9 @@ func Example_decode_PCE_Evidence_CBOR() { // ISVSVN: 0 // ISVSVN: 0 // ISVSVN: 0 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func ExtractPceEvidence(ce *coev.TaggedConciseEvidence) error { diff --git a/coev/tdx/example_qe_test.go b/coev/tdx/example_qe_test.go index fea5a6b3..e7415f9e 100644 --- a/coev/tdx/example_qe_test.go +++ b/coev/tdx/example_qe_test.go @@ -48,10 +48,9 @@ func Example_decode_QE_Evidence_JSON() { // TEE TCB Status = UpToDate // Tee AdvisoryID = INTEL-SA-00078 // Tee AdvisoryID = INTEL-SA-00079 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func Example_encode_tdx_qe_evidence_without_profile() { @@ -201,10 +200,9 @@ func Example_decode_QE_Evidence_CBOR() { // TEE TCB Status = UpToDate // Tee AdvisoryID = INTEL-SA-00078 // Tee AdvisoryID = INTEL-SA-00079 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func ExtractQeEvidence(ce *coev.TaggedConciseEvidence) error { diff --git a/coev/tdx/example_seam_test.go b/coev/tdx/example_seam_test.go index 874f2ab5..0cdf66b4 100644 --- a/coev/tdx/example_seam_test.go +++ b/coev/tdx/example_seam_test.go @@ -196,10 +196,9 @@ func Example_decode_CBOR() { // mrsigner Digest Value: e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75 // mrsigner Digest Alg: 7 // mrsigner Digest Value: e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75e45b72f5c0c0b572db4d8d3ab7e97f36 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func ExtractSeamEvidence(ce *coev.TaggedConciseEvidence) error { diff --git a/coev/tdx/test_vars.go b/coev/tdx/test_vars.go index 3428d03b..61c8d057 100644 --- a/coev/tdx/test_vars.go +++ b/coev/tdx/test_vars.go @@ -72,10 +72,12 @@ var ( ] } }, - "authorized-by": { - "type": "pkix-base64-key", - "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" - } + "authorized-by": [ + { + "type": "pkix-base64-key", + "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" + } + ] } ] } diff --git a/coev/tdx/testcases/ce-pce-evidence.cbor b/coev/tdx/testcases/ce-pce-evidence.cbor index 50a2e1fe..2b61284b 100644 Binary files a/coev/tdx/testcases/ce-pce-evidence.cbor and b/coev/tdx/testcases/ce-pce-evidence.cbor differ diff --git a/coev/tdx/testcases/ce-qe-evidence.cbor b/coev/tdx/testcases/ce-qe-evidence.cbor index dc7ecedd..145aee39 100644 Binary files a/coev/tdx/testcases/ce-qe-evidence.cbor and b/coev/tdx/testcases/ce-qe-evidence.cbor differ diff --git a/coev/tdx/testcases/ce-seam-evidence.cbor b/coev/tdx/testcases/ce-seam-evidence.cbor index 7efc3954..b9436f17 100644 Binary files a/coev/tdx/testcases/ce-seam-evidence.cbor and b/coev/tdx/testcases/ce-seam-evidence.cbor differ diff --git a/coev/tdx/testcases/src/ce-pce-evidence.diag b/coev/tdx/testcases/src/ce-pce-evidence.diag index f64182fd..24940824 100644 --- a/coev/tdx/testcases/src/ce-pce-evidence.diag +++ b/coev/tdx/testcases/src/ce-pce-evidence.diag @@ -36,7 +36,9 @@ ], / pceid / -80 : "0000" }, - / authorized-by / 2 : 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + / authorized-by / 2 : [ + 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + ] } ] ] diff --git a/coev/tdx/testcases/src/ce-qe-evidence.diag b/coev/tdx/testcases/src/ce-qe-evidence.diag index 23e6e37f..d1eca9f0 100644 --- a/coev/tdx/testcases/src/ce-qe-evidence.diag +++ b/coev/tdx/testcases/src/ce-qe-evidence.diag @@ -30,7 +30,9 @@ "UpToDate" ] }, - / authorized-by / 2 : 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + / authorized-by / 2 : [ + 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + ] } ] ] diff --git a/coev/tdx/testcases/src/ce-seam-evidence.diag b/coev/tdx/testcases/src/ce-seam-evidence.diag index 8df2ae74..7604785d 100644 --- a/coev/tdx/testcases/src/ce-seam-evidence.diag +++ b/coev/tdx/testcases/src/ce-seam-evidence.diag @@ -27,7 +27,7 @@ ], / tcb-eval-num / -86 : 11 }, - 2 : 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + 2 : [554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----")] } ] ] diff --git a/comid/cryptokeys.go b/comid/cryptokeys.go index 98e9bd1e..099eb1d6 100644 --- a/comid/cryptokeys.go +++ b/comid/cryptokeys.go @@ -35,3 +35,20 @@ func (o CryptoKeys) Valid() error { } return nil } + +// String returns a string representation of all CryptoKeys +func (o CryptoKeys) String() string { + if len(o) == 0 { + return "[]" + } + + result := "[" + for i, key := range o { + if i > 0 { + result += ", " + } + result += key.String() + } + result += "]" + return result +} diff --git a/comid/measurement.go b/comid/measurement.go index ff105e09..eaf296cf 100644 --- a/comid/measurement.go +++ b/comid/measurement.go @@ -493,9 +493,9 @@ func (o Mval) Valid() error { // Measurement stores a measurement-map with CBOR and JSON serializations. type Measurement struct { - Key *Mkey `cbor:"0,keyasint,omitempty" json:"key,omitempty"` - Val Mval `cbor:"1,keyasint" json:"value"` - AuthorizedBy *CryptoKey `cbor:"2,keyasint,omitempty" json:"authorized-by,omitempty"` + Key *Mkey `cbor:"0,keyasint,omitempty" json:"key,omitempty"` + Val Mval `cbor:"1,keyasint" json:"value"` + AuthorizedBy *CryptoKeys `cbor:"2,keyasint,omitempty" json:"authorized-by,omitempty"` } func NewMeasurement(val any, typ string) (*Measurement, error) { diff --git a/comid/tdx/example_pce_refval_test.go b/comid/tdx/example_pce_refval_test.go index 7938d452..1712f21a 100644 --- a/comid/tdx/example_pce_refval_test.go +++ b/comid/tdx/example_pce_refval_test.go @@ -76,10 +76,9 @@ func Example_decode_PCE_JSON() { // SVN Value: 10 // SVN Operator: greater_or_equal // SVN Value: 10 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func extractPCERefVals(c *comid.Comid) error { @@ -166,10 +165,9 @@ func Example_decode_PCE_CBOR() { // SVN Value: 0 // SVN Operator: greater_or_equal // SVN Value: 0 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func Example_encode_tdx_pce_refval_with_profile() { diff --git a/comid/tdx/example_qe_refval_test.go b/comid/tdx/example_qe_refval_test.go index d5761bde..cb8bf605 100644 --- a/comid/tdx/example_qe_refval_test.go +++ b/comid/tdx/example_qe_refval_test.go @@ -58,10 +58,9 @@ func Example_decode_QE_JSON() { // Tee AdvisoryID = SA-00078 // Tee AdvisoryID = SA-00077 // Tee AdvisoryID = SA-00079 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func extractQERefVals(c *comid.Comid) error { @@ -174,8 +173,7 @@ func Example_decode_QE_CBOR() { // TeeAdvisory Operator: member // Tee AdvisoryID = INTEL-SA-00078 // Tee AdvisoryID = INTEL-SA-00079 - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } diff --git a/comid/tdx/example_seam_refval_test.go b/comid/tdx/example_seam_refval_test.go index 5c332b87..34c3604e 100644 --- a/comid/tdx/example_seam_refval_test.go +++ b/comid/tdx/example_seam_refval_test.go @@ -58,10 +58,9 @@ func Example_decode_JSON() { // mrsigner Digest Value: 87428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7 // mrsigner Digest Alg: 8 // mrsigner Digest Value: a314fc2dc663ae7a6b6bc6787594057396e6b3f569cd50fd5ddb4d1bbafd2b6aa314fc2dc663ae7a6b6bc6787594057396e6b3f569cd50fd5ddb4d1bbafd2b6a - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } func Example_encode_tdx_seam_refval_without_profile() { @@ -268,10 +267,9 @@ func Example_decode_CBOR() { // mrsigner Digest Value: a314fc2dc663ae7a6b6bc6787594057396e6b3f569cd50fd5ddb4d1bbafd2b6a // mrsigner Digest Alg: 8 // mrsigner Digest Value: a314fc2dc663ae7a6b6bc6787594057396e6b3f569cd50fd5ddb4d1bbafd2b6aa314fc2dc663ae7a6b6bc6787594057396e6b3f569cd50fd5ddb4d1bbafd2b6a - // CryptoKey Type: pkix-base64-key - // CryptoKey Value: -----BEGIN PUBLIC KEY----- + // CryptoKeys: [-----BEGIN PUBLIC KEY----- // MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg== - // -----END PUBLIC KEY----- + // -----END PUBLIC KEY-----] } diff --git a/comid/tdx/test_common_methods.go b/comid/tdx/test_common_methods.go index 921c8e32..f6f3de4e 100644 --- a/comid/tdx/test_common_methods.go +++ b/comid/tdx/test_common_methods.go @@ -136,11 +136,13 @@ func extractTeeTcbEvalNum(tcbEvalNum *TeeTcbEvalNumber) error { } func decodeAuthorisedBy(m *comid.Measurement) error { + if m.AuthorizedBy == nil { + return fmt.Errorf("no authorized-by keys") + } if err := m.AuthorizedBy.Valid(); err != nil { - return fmt.Errorf("invalid cryptokey: %w", err) + return fmt.Errorf("invalid cryptokeys: %w", err) } - fmt.Printf("\nCryptoKey Type: %s", m.AuthorizedBy.Type()) - fmt.Printf("\nCryptoKey Value: %s", m.AuthorizedBy.String()) + fmt.Printf("\nCryptoKeys: %s", m.AuthorizedBy.String()) return nil } diff --git a/comid/tdx/test_vars.go b/comid/tdx/test_vars.go index e047dc90..f6ea0d3e 100644 --- a/comid/tdx/test_vars.go +++ b/comid/tdx/test_vars.go @@ -215,10 +215,12 @@ const ( ], "pceid": "0000" }, - "authorized-by": { - "type": "pkix-base64-key", - "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" - } + "authorized-by": [ + { + "type": "pkix-base64-key", + "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" + } + ] } ] } @@ -305,10 +307,12 @@ const ( } } }, - "authorized-by": { - "type": "pkix-base64-key", - "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" - } + "authorized-by": [ + { + "type": "pkix-base64-key", + "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" + } + ] } ] } @@ -394,10 +398,12 @@ const ( } } }, - "authorized-by": { - "type": "pkix-base64-key", - "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" - } + "authorized-by": [ + { + "type": "pkix-base64-key", + "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----" + } + ] } ] } diff --git a/comid/tdx/testcases/comid_pce_refval.cbor b/comid/tdx/testcases/comid_pce_refval.cbor index fc6ef7f2..4d33c132 100644 Binary files a/comid/tdx/testcases/comid_pce_refval.cbor and b/comid/tdx/testcases/comid_pce_refval.cbor differ diff --git a/comid/tdx/testcases/comid_qe_refval.cbor b/comid/tdx/testcases/comid_qe_refval.cbor index a2545553..e2586a3b 100644 Binary files a/comid/tdx/testcases/comid_qe_refval.cbor and b/comid/tdx/testcases/comid_qe_refval.cbor differ diff --git a/comid/tdx/testcases/comid_seam_refval.cbor b/comid/tdx/testcases/comid_seam_refval.cbor index cbf42871..6e4dbebf 100644 Binary files a/comid/tdx/testcases/comid_seam_refval.cbor and b/comid/tdx/testcases/comid_seam_refval.cbor differ diff --git a/comid/tdx/testcases/src/comid_pce_refval.diag b/comid/tdx/testcases/src/comid_pce_refval.diag index f6dd910a..62415a0e 100644 --- a/comid/tdx/testcases/src/comid_pce_refval.diag +++ b/comid/tdx/testcases/src/comid_pce_refval.diag @@ -43,7 +43,9 @@ ], / pceid / -80 : "0000" }, - / authorized-by / 2: 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + / authorized-by / 2: [ + 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + ] } ] ] ] diff --git a/comid/tdx/testcases/src/comid_qe_refval.diag b/comid/tdx/testcases/src/comid_qe_refval.diag index 090c72be..d3d19e56 100644 --- a/comid/tdx/testcases/src/comid_qe_refval.diag +++ b/comid/tdx/testcases/src/comid_qe_refval.diag @@ -40,7 +40,9 @@ / advisory-ids / -89 : 60021([ /member/ 6, [ "INTEL-SA-00078", "INTEL-SA-00079" ]]), / tcbstatus / -88 : 60021([ /member/ 6, [ "UpToDate" ]]) }, - / authorized-by / 2: 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + / authorized-by / 2: [ + 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + ] } ] ] ] diff --git a/comid/tdx/testcases/src/comid_seam_refval.diag b/comid/tdx/testcases/src/comid_seam_refval.diag index 6f51a828..5ebf23a1 100644 --- a/comid/tdx/testcases/src/comid_seam_refval.diag +++ b/comid/tdx/testcases/src/comid_seam_refval.diag @@ -47,7 +47,7 @@ ]), / tcb-eval-num / -86 : 60010([ / op.ge / 2, 11 ]) }, - 2: 554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----") + 2: [554("-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----")] } ] ] ] diff --git a/comid/testcases/regen-from-src.sh b/comid/testcases/regen-from-src.sh old mode 100644 new mode 100755 diff --git a/coserv/quads.go b/coserv/quads.go index e8af8096..69a29cad 100644 --- a/coserv/quads.go +++ b/coserv/quads.go @@ -6,11 +6,11 @@ package coserv import "github.com/veraison/corim/comid" type RefValQuad struct { - Authorities *[]comid.CryptoKey `cbor:"1,keyasint"` + Authorities *comid.CryptoKeys `cbor:"1,keyasint"` RVTriple *comid.ValueTriple `cbor:"2,keyasint"` } type AKQuad struct { - Authorities *[]comid.CryptoKey `cbor:"1,keyasint"` - AKTriple *comid.KeyTriple `cbor:"2,keyasint"` + Authorities *comid.CryptoKeys `cbor:"1,keyasint"` + AKTriple *comid.KeyTriple `cbor:"2,keyasint"` } diff --git a/coserv/resultset_test.go b/coserv/resultset_test.go index 746b6b9f..96e831e3 100644 --- a/coserv/resultset_test.go +++ b/coserv/resultset_test.go @@ -17,7 +17,7 @@ func TestResultSet_AddAttestationKeys(t *testing.T) { require.NoError(t, err) akq := AKQuad{ - Authorities: &[]comid.CryptoKey{*authority}, + Authorities: comid.NewCryptoKeys().Add(authority), AKTriple: &comid.KeyTriple{ Environment: comid.Environment{ Class: comid.NewClassBytes(testBytes), diff --git a/coserv/test_common.go b/coserv/test_common.go index 73dcda3f..44b9783e 100644 --- a/coserv/test_common.go +++ b/coserv/test_common.go @@ -161,7 +161,7 @@ func exampleReferenceValuesResultSet(t *testing.T) *ResultSet { require.NoError(t, err) rvq := RefValQuad{ - Authorities: &[]comid.CryptoKey{*authority}, + Authorities: comid.NewCryptoKeys().Add(authority), RVTriple: &refval, }