Open
Conversation
setrofim
force-pushed
the
setrofim/store
branch
3 times, most recently
from
4595ff7 to
ffa997b
Compare
Contributor
thomas-fossati
left a comment
thomas-fossati
left a comment
There was a problem hiding this comment.
A regression I noticed en passant.
Move the definition of TOPDIR from the top-level Makefile into mk/common.mk. This ensures that the definition is available when invoking a sub-Makefile directly (e.g. make -C vts/cmd/vts-service). This, in turn, makes sure the pat to get-veraison-version script gets resolved correctly, and the version gets embedded into the executable. Signed-off-by: Sergei Trofimov <sergei.trofimov@arm.com>
Avoid accidentally committing built artifact. Signed-off-by: Sergei Trofimov <sergei.trofimov@arm.com>
setrofim
force-pushed
the
setrofim/store
branch
3 times, most recently
from
3ab67c7 to
9b93a64
Compare
setrofim
force-pushed
the
setrofim/store
branch
6 times, most recently
from
bd7ec7a to
7b13dbf
Compare
Switch to using CoRIM store, rather than the key-value store, for endorsements and trust anchors. Endorsement and trust anchors are now stored in a format that preserves the entire CoRIM/CoMID contents, and is entirely scheme-agnostic. The more sophisticated structures allows for more sophisticated a management life cycle to be implemented in the future, and the more generic structure makes scheme implementation easier. This change has a huge knock-on effect on both provisioning and verification pipelines implementations, and the scheme implementation framework has been completely restructured: - IEvidenceHander, IEndrosementHander, and IStoreHander interfaces are gone, replaced by the single ISchemeHander interface. - A generic scheme wrapper implements ISchemeHander based on a smaller ISchemeImplementation interface and a SchemeDescriptor. Most schemes just need to implment ISchemeImplementation and provide the SchemeDescriptor. - The SchemeDescriptor is a declarative element, grouping static information about the scheme, such as its name, supported media types, etc (in the past, this was defined on ad-hoc basis using multiple variables within old scheme implementations). - Scheme version has also been added as part of the descriptor. This isn't really used at the moment. All existing schemes have been set to version 1.0. (note: this isn't used at the moment) - ISchemeHander/ISchemeImplementation expose similar API to the old IEvidenceHander (verification pipeline stages remain the same), but the argument types differ; e.g. "keys" for endorsement/trust anchor lookup are now represented as comid.Environment's. - Instead of IEndrosementHander methods, ISchemeHander has a single ValidateCorim (made option in the ISchemeImplementation by the wrapper). This allows schemes to supply custom validation for CoRIMs before they are added to the store (this can also be more cleanly done via CoRIM profiles). - IStoreHander mothods are no longer necessary as the store interface is entirely scheme-agnostic. - Protobuf types have been removed from the IStoreHander methods. Protobuf is an implementation of the underlying RPC mechanisms and should not be exposed to the schemes (effectively burdening them with partial serialisation for transport). CoRIM store is initialized and managed by its own client. Deployments have been updated to integrate it. Since there is now a single scheme interface, the combined/split plugins configuration has been removed. There is now always one plugin per scheme. Plugin executables have also been renamed to be prefixed with scheme- or coserv- depending on plugin types (as CoSERV plugins currently reside under scheme/). Since there is now a single interface for the entire scheme, IPluggable.GetSupportedMediaTypes() has been changed to return a map[string][]string instead of just []string. This allows to separate provisioning from verification media types. An "example" scheme has been added containing the boilerplate template for imlementing new schemes. BREAKING CHANGE: the scheme implementation framework is completely different; old scheme implementations will not work with this update, and will need to be re-written to implement the new ISchemeImplementation interface. Legacy CoRIM media type application/corim-usnigned+cbor has been removed. IPluggable.GetSupportedMediaTypes() now returns a map[string][]string instead of []string. Signed-off-by: Sergei Trofimov <sergei.trofimov@arm.com>
setrofim
force-pushed
the
setrofim/store
branch
from
7b13dbf to
e8b6af7
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Switch to using CoRIM store, rather than the key-value store, for endorsements and trust anchors. Endorsement and trust anchors are now stored in a format that preserves the entire CoRIM/CoMID contents, and is entirely scheme-agnostic. The more sophisticated structures allows for more sophisticated a management life cycle to be implemented in the future, and the more generic structure makes scheme implementation easier.
This change has a huge knock-on effect on both provisioning and verification pipelines implementations, and the scheme implementation framework has been completely restructured:
IEvidenceHander,IEndrosementHander, andIStoreHanderinterfaces are gone, replaced by the singleISchemeHanderinterface.ISchemeHanderbased on a smallerISchemeImplementationinterface and aSchemeDescriptor. Most schemes just need to implmentISchemeImplementationand provide theSchemeDescriptor.SchemeDescriptoris a declarative element, grouping static information about the scheme, such as its name, supported media types, etc (in the past, this was defined on ad-hoc basis using multiple variables within old scheme implementations).ISchemeHander/ISchemeImplementationexpose similar API to the oldIEvidenceHander(verification pipeline stages remain the same), but the argument types differ; e.g. "keys" for endorsement/trust anchor lookup are now represented ascomid.Environments.IEndrosementHandermethods,ISchemeHanderhas a singleValidateCorim(made option in theISchemeImplementationby the wrapper). This allows schemes to supply custom validation for CoRIMs before they are added to the store (this can also be more cleanly done via CoRIM profiles).IStoreHandermothods are no longer necessary as the store interface is entirely scheme-agnostic.IStoreHandermethods. Protobuf is an implementation of the underlying RPC mechanisms and should not be exposed to the schemes (effectively burdening them with partial serialisation for transport).CoRIM store is initialized and managed by its own client. Deployments have been updated to integrate it.
Since there is now a single scheme interface, the combined/split plugins configuration has been removed. There is now always one plugin per scheme. Plugin executables have also been renamed to be prefixed with
scheme-orcoserv-depending on plugin types (as CoSERV plugins currently reside under scheme/).Since there is now a single interface for the entire scheme,
IPluggable.GetSupportedMediaTypes()has been changed to return amap[string][]stringinstead of just[]string. This allows to separate provisioning from verification media types.An example "scheme" has been added containing the boilerplate template for implementing new schemes.