Merge pull request #16 from ietf-rats-wg/flags

add a profile flags field

cddl/eat-ex1.diag

@@ -3,26 +3,26 @@
     [
       65000, / using a CoAP C-F from the experimental range /
       <<
-        [
-          / id / [
+        {
+          / id / 1: [
             / name / "boot loader X",
             / version / [
               "1.2.3rc2",
               16384 / semver /
             ]
           ],
-          / measurement / [
+          / measurement / 2: [
             / alg / "sha-256",
             / val / h'3996003d486fb91ffb056f7d03f2b2992b215b31db
                       e7af4b373431fc7d319da3'
           ],
-          / signers / [
+          / signers / 3: [
             h'492e9b676c21f6012b1ceeb9032feb4141a880797355f66750
               15ec59c51ca1ec',
             h'4277bb97ba7b51577a0d38151d3e08b40bdf946753f5b5bdeb
               814d6ff57a8a5e'
           ]
-        ]
+        }
       >>
     ]
   ]

cddl/ex1.diag

@@ -1,20 +1,21 @@
-[
-  / id / [
+{
+  / id / 1: [
     / name / "boot loader X",
     / version / [
       "1.2.3rc2",
       16384 / semver /
     ]
   ],
-  / measurement / [
+  / measurement / 2: [
     / alg / "sha-256",
     / val / h'3996003d486fb91ffb056f7d03f2b2992b215b31dbe7af4b37
               3431fc7d319da3'
   ],
-  / signers / [
+  / signers / 3: [
     h'492e9b676c21f6012b1ceeb9032feb4141a880797355f6675015ec59c5
       1ca1ec',
     h'4277bb97ba7b51577a0d38151d3e08b40bdf946753f5b5bdeb814d6ff5
       7a8a5e'
-  ]
-]
+  ],
+  / profile-flags / 4: h'00000101'
+}

cddl/ex2.diag

@@ -0,0 +1,15 @@
+{
+  / id / 1: [
+    / name / "boot loader X",
+    / version / [
+      "1.2.3rc2",
+      16384 / semver /
+    ]
+  ],
+  / measurement / 2: [
+    / alg / "sha-256",
+    / val / h'3996003d486fb91ffb056f7d03f2b2992b215b31dbe7af4b37
+              3431fc7d319da3'
+  ],
+  / profile-flags / 4: h'00000101'
+}

cddl/jc.cddl

@@ -0,0 +1,3 @@
+JSON-ONLY<J> = J .feature "json"
+CBOR-ONLY<C> = C .feature "cbor"
+JC<J,C> = JSON-ONLY<J> / CBOR-ONLY<C>

cddl/labels.cddl

@@ -0,0 +1,3 @@
+id-label = JC<"id", 1>
+measurement-label = JC<"measurements", 2>
+signers-label = JC<"signers", 3>

cddl/mc.cddl

@@ -1,7 +1,8 @@
-;# import digest from RFCYYYY as corim
+;# import corim.digest from RFCYYYY as corim
 
-measured-component = [
-  id:           component-id
-  measurement:  corim.digest
-  ? signers:    [ + signer-type ]
-]
+measured-component = {
+  id-label => component-id
+  measurement-label => corim.digest
+  ? signers-label => [ + signer-type ]
+  ? flags-label => profile-flags
+}

cddl/measured-component.cddlc

@@ -1,8 +1,9 @@
-measured-component = [
-  id:           component-id
-  measurement:  corim.digest
-  ? signers:    [ + signer-type ]
-]
+measured-component = {
+  id-label => component-id
+  measurement-label => corim.digest
+  ? signers-label => [ + signer-type ]
+  ? flags-label => profile-flags
+}
 
 signer-type = bytes
 
@@ -11,7 +12,7 @@ component-id = [
   ? version: version
 ]
 
-;# import $version-scheme from rfc9393 as coswid
+;# import coswid.$version-scheme from rfc9393 as coswid
 
 version = [
   val:      text 
@@ -24,3 +25,16 @@ corim.digest = [
   alg: (int / text)
   val: bytes
 ]
+
+profile-flags = bytes .size 4
+
+id-label = JC<"id", 1>
+measurement-label = JC<"measurements", 2>
+signers-label = JC<"signers", 3>
+flags-label = JC<"flags", 4>
+
+; TODO import from rfc9711
+
+JSON-ONLY<J> = J .feature "json"
+CBOR-ONLY<C> = C .feature "cbor"
+JC<J,C> = JSON-ONLY<J> / CBOR-ONLY<C>

cddl/profile-flags.cddl

@@ -0,0 +1 @@
+profile-flags = bytes .size 4

draft-ietf-rats-eat-measured-component.md

@@ -105,6 +105,8 @@ The information model of a "measured component" is described in {{tab-mc-info-el
 | Signers | One or more unique identifiers of entities signing the measured component. | OPTIONAL |
 {: #tab-mc-info-elems title="Measured Component Information Elements"}
 
+The format SHOULD also allow a limited amount of extensibility to accommodate profile-specific semantics.
+
 # Data Model
 
 The data model is inspired by the "PSA software component" claim ({{Section 4.4.1 of -psa-token}}), which has been refactored to take into account the recommendations about new EAT claims design in {{Appendix E of -rats-eat}}.
@@ -113,18 +115,23 @@ The data model is inspired by the "PSA software component" claim ({{Section 4.4.
 
 ~~~ cddl
 {::include cddl/mc.cddl}
+
+{::include cddl/labels.cddl}
 ~~~
 
 {:vspace}
-`id`
+"id" (index 1):
 : The measured component identifier encoded according to the format described in {{component-id}}.
 
-`measurement`
+"measurement" (index 2):
 : Digest value and algorithm, encoded using CoRIM digest format ({{Section 1.3.8 of -corim}}).
 
-`signers`
+"signers" (index 3):
 : One or more signing entities, see {{signer}}.
 
+"profile-flags" (index 4):
+: a 64-bit field with profile-defined semantics, see {{profile-flags}}.
+
 ### Component Identifier {#component-id}
 
 ~~~ cddl
@@ -159,6 +166,17 @@ If it is used, the profile MUST also specify what each of the entries in the `si
 {::include cddl/signer.cddl}
 ~~~
 
+### Profile Flags {#profile-flags}
+
+This field contains at most 64-bit of profile-defined semantics.
+
+~~~ cddl
+{::include cddl/profile-flags.cddl}
+~~~
+
+If an EAT profile ({{Section 6 of -rats-eat}}) uses measured components, it MUST specify whether the `profile-flags` field is used.
+If it is used, the profile MUST also specify how to interpret the 64 bits.
+
 ## EAT `measurements-format` Extensions
 
 The CDDL in {{fig-eat-plug}} extends the `$measurements-body-cbor` and `$measurements-body-json` EAT sockets to add support for `measured-component`s to the `Measurements` claim.