Fix #38 (#39)

* Fix #38

Signed-off-by: Thomas Fossati <[email protected]>

* increase coverage threshold

Signed-off-by: Thomas Fossati <[email protected]>

Author: thomas-fossati

.github/workflows/ci-go-cover.yml

@@ -14,7 +14,7 @@
 # 1. Change workflow name from "cover 100%" to "cover ≥92.5%". Script will automatically use 92.5%.  
 # 2. Update README.md to use the new path to badge.svg because the path includes the workflow name.
 
-name: cover ≥78.8%
+name: cover ≥80.4%
 on: [push, pull_request]
 jobs:
 

doc.go

@@ -113,19 +113,7 @@ Or a CoSWID/JSON tag:
 	if err := tag.FromJSON(data); err != nil { ... }
 
 Note that all nested fields are accessible from outside the swid package, so
-(for now) no special getters are provided by the API and you will need to
-create your own, e.g.:
-
-	// CheckResType return true if the a resource exists at the expected location and
-	// is of type "arm.com-PSAMeasuredSoftwareComponent"
-	func CheckResType(tag swid.SoftwareIdentity) bool {
-		if payloads := tag.Payloads; payloads != nil {
-			if resources := (*payloads)[0].Resources; resources != nil {
-				return (*resources)[0].Type == ResourceTypePSAMeasuredSoftwareComponent
-			}
-		}
-		return false
-	}
+(for now) no special getters are provided by the API.
 
 Enjoy!
 */

example_test.go

@@ -8,7 +8,7 @@ import (
 	"fmt"
 )
 
-func Example_useAPIToBuildPSAEndorsementSoftwareBundle() {
+func Example_links() {
 	// make new tag
 	tag, _ := NewTag("example.acme.roadrunner-sw-v1-0-0", "Roadrunner software bundle", "1.0.0")
 
@@ -43,50 +43,6 @@ func Example_useAPIToBuildPSAEndorsementSoftwareBundle() {
 	// <SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" tagId="example.acme.roadrunner-sw-v1-0-0" name="Roadrunner software bundle" version="1.0.0"><Entity name="ACME Ltd" regid="acme.example" role="tagCreator softwareCreator aggregator"></Entity><Link href="example.acme.roadrunner-hw-v1-0-0" rel="psa-rot-compound"></Link><Link href="example.acme.roadrunner-sw-bl-v1-0-0" rel="component"></Link><Link href="example.acme.roadrunner-sw-prot-v1-0-0" rel="component"></Link><Link href="example.acme.roadrunner-sw-arot-v1-0-0" rel="component"></Link></SoftwareIdentity>
 }
 
-func Example_useAPIToBuildPSAEndorsementSoftwareComponent() {
-	// make new tag
-	tag, _ := NewTag("example.acme.roadrunner-sw-bl-v1-0-0", "Roadrunner boot loader", "1.0.0")
-
-	// make entity and add it to the tag
-	entity, _ := NewEntity("ACME Ltd", RoleTagCreator, RoleAggregator)
-	_ = entity.SetRegID("acme.example")
-	_ = tag.AddEntity(*entity)
-
-	// make resource and add it to payload
-	resource, _ := NewPSAMeasuredSoftwareComponentResource(
-		// measurement
-		HashEntry{
-			HashAlgID: 1,
-			HashValue: []byte("aabb...eeff"),
-		},
-		// signer ID
-		HashEntry{
-			HashAlgID: 1,
-			HashValue: []byte("5192...1234"),
-		},
-	)
-
-	payload := NewPayload()
-	_ = payload.AddResource(*resource)
-	tag.Payload = payload
-
-	// make link to the HW RoT
-	link, _ := NewLink("example.acme.roadrunner-hw-v1-0-0", *NewRel("psa-rot-compound"))
-	_ = tag.AddLink(*link)
-
-	// encode tag to JSON
-	data, _ := tag.ToJSON()
-	fmt.Println(string(data))
-
-	// encode tag to XML
-	data, _ = tag.ToXML()
-	fmt.Println(string(data))
-
-	// Output:
-	// {"tag-id":"example.acme.roadrunner-sw-bl-v1-0-0","tag-version":0,"software-name":"Roadrunner boot loader","software-version":"1.0.0","entity":[{"entity-name":"ACME Ltd","reg-id":"acme.example","role":["tagCreator","aggregator"]}],"link":[{"href":"example.acme.roadrunner-hw-v1-0-0","rel":"psa-rot-compound"}],"payload":{"resource":[{"type":"arm.com-PSAMeasuredSoftwareComponent","arm.com-PSAMeasurementValue":"sha-256:YWFiYi4uLmVlZmY=","arm.com-PSASignerId":"sha-256:NTE5Mi4uLjEyMzQ="}]}}
-	// <SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" tagId="example.acme.roadrunner-sw-bl-v1-0-0" name="Roadrunner boot loader" version="1.0.0"><Entity name="ACME Ltd" regid="acme.example" role="tagCreator aggregator"></Entity><Link href="example.acme.roadrunner-hw-v1-0-0" rel="psa-rot-compound"></Link><Payload><Resource type="arm.com-PSAMeasuredSoftwareComponent" measurementValue="sha-256:YWFiYi4uLmVlZmY=" signerId="sha-256:NTE5Mi4uLjEyMzQ="></Resource></Payload></SoftwareIdentity>
-}
-
 func Example_completePrimaryTag() {
 	tag, _ := NewTag(
 		"com.acme.rrd2013-ce-sp1-v4-1-5-0",
@@ -161,63 +117,3 @@ func Example_completePrimaryTag() {
 	// Output:
 	// <SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" tagId="com.acme.rrd2013-ce-sp1-v4-1-5-0" name="ACME Roadrunner Detector 2013 Coyote Edition SP1" version="4.1.5"><Meta activationStatus="trial" colloquialVersion="2013" edition="coyote" product="Roadrunner Detector" revision="sp1"></Meta><Entity name="The ACME Corporation" regid="acme.com" role="tagCreator softwareCreator"></Entity><Entity name="Coyote Services, Inc." regid="mycoyote.com" role="distributor"></Entity><Link href="www.gnu.org/licenses/gpl.txt" rel="license"></Link><Payload><Directory name="rrdetector" root="%programdata%"><File name="rrdetector.exe" size="532712" hash="sha-256:oxT8LcZjrnpra8Z4dZQFc5bms/VpzVD9XdtNG7r9K2o="></File></Directory><File name="test.exe" size="532712" hash="sha-256:oxT8LcZjrnpra8Z4dZQFc5bms/VpzVD9XdtNG7r9K2o="></File></Payload></SoftwareIdentity>
 }
-
-func Example_decodePSAEndorsementSoftwareComponent() {
-	var tag SoftwareIdentity
-
-	data := []byte(`{
-		"tag-id": "example.acme.roadrunner-sw-bl-v1-0-0",
-		"tag-version": 0,
-		"software-name": "Roadrunner boot loader",
-		"software-version": "1.0.0",
-		"entity": [
-		  {
-			"entity-name": "ACME Ltd",
-			"reg-id": "acme.example",
-			"role": [
-			  "tagCreator",
-			  "aggregator"
-			]
-		  }
-		],
-		"link": [
-		  {
-			"href": "example.acme.roadrunner-hw-v1-0-0",
-			"rel": "psa-rot-compound"
-		  }
-		],
-		"payload": {
-		  "resource": [
-			{
-			  "type": "arm.com-PSAMeasuredSoftwareComponent",
-			  "arm.com-PSAMeasurementValue": "sha-256:YWFiYi4uLmVlZmY=",
-			  "arm.com-PSASignerId": "sha-256:NTE5Mi4uLjEyMzQ="
-			}
-		  ]
-		}
-	  }`)
-
-	if err := tag.FromJSON(data); err != nil {
-		fmt.Println(err)
-		return
-	}
-
-	if !checkResType(tag) {
-		fmt.Println("KO")
-		return
-	}
-
-	fmt.Println("OK")
-
-	// Output:
-	// OK
-}
-
-func checkResType(tag SoftwareIdentity) bool {
-	if payload := tag.Payload; payload != nil {
-		if resources := payload.Resources; resources != nil {
-			return (*resources)[0].Type == ResourceTypePSAMeasuredSoftwareComponent
-		}
-	}
-	return false
-}

resource.go

@@ -5,7 +5,7 @@ package swid
 
 // Resource models a resource-entry
 type Resource struct {
+	ResourceExtension
 	GlobalAttributes
 	Type string `cbor:"29,keyasint" json:"type" xml:"type,attr"`
-	ResourceExtension
 }

resource_extension.go

@@ -3,38 +3,6 @@
 
 package swid
 
-var (
-	// ResourceTypePSAMeasuredSoftwareComponent is the resource type to use for
-	// a PSA measured software component
-	ResourceTypePSAMeasuredSoftwareComponent = "arm.com-PSAMeasuredSoftwareComponent"
-)
-
 // ResourceExtension is a placeholder for $$resource-extension
 type ResourceExtension struct {
-	// PSA endorsements extensions
-	PSAMeasuredSoftwareComponent
-}
-
-// PSAMeasuredSoftwareComponent describes a PSA measured software component
-// See Section 3.4.1 of draft-tschofenig-rats-psa-token-05
-type PSAMeasuredSoftwareComponent struct {
-	MeasurementValue HashEntry `cbor:"arm.com-PSAMeasurementValue" json:"arm.com-PSAMeasurementValue" xml:"measurementValue,attr"`
-	SignerID         HashEntry `cbor:"arm.com-PSASignerId" json:"arm.com-PSASignerId" xml:"signerId,attr"`
-}
-
-// NewPSAMeasuredSoftwareComponentResource returns a Resource of type
-// PSAMeasuredSoftwareComponent initialized according to the supplied
-// measurement value and signer ID
-func NewPSAMeasuredSoftwareComponentResource(
-	measurementValue HashEntry, signerID HashEntry,
-) (*Resource, error) {
-	return &Resource{
-		Type: ResourceTypePSAMeasuredSoftwareComponent,
-		ResourceExtension: ResourceExtension{
-			PSAMeasuredSoftwareComponent{
-				MeasurementValue: measurementValue,
-				SignerID:         signerID,
-			},
-		},
-	}, nil
 }