Merge pull request RIOT-OS#12562 from kaspar030/pr/suit_v4_nanocbor

sys/suit/v4: switch to nanocbor

Author: benpicco

Makefile.dep

@@ -937,7 +937,7 @@ ifneq (,$(filter suit_v4_%,$(USEMODULE)))
 endif
 
 ifneq (,$(filter suit_v4,$(USEMODULE)))
-  USEPKG += tinycbor
+  USEPKG += nanocbor
   USEPKG += libcose
   USEMODULE += libcose_crypt_c25519
   USEMODULE += suit_conditions

sys/include/suit/v4/handlers.h

@@ -29,7 +29,7 @@
 
 #include "suit/v4/suit.h"
 #include "uuid.h"
-#include "cbor.h"
+#include "nanocbor/nanocbor.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -39,12 +39,12 @@ extern "C" {
  * @brief suit handler prototype
  *
  * @param manifest  SUIT v4 manifest context
- * @param it        CborValue iterator to the content the handler must handle
+ * @param it        nanocbor_value_t iterator to the content the handler must handle
  *
  * @return          1 on success
  * @return          negative on error
  */
-typedef int (*suit_manifest_handler_t)(suit_v4_manifest_t *manifest, int key, CborValue *it);
+typedef int (*suit_manifest_handler_t)(suit_v4_manifest_t *manifest, int key, nanocbor_value_t *it);
 
 /**
  * @brief    Get suit manifest handler for given integer key

sys/include/suit/v4/suit.h

@@ -26,7 +26,7 @@
 #include <stdint.h>
 
 #include "cose/sign.h"
-#include "cbor.h"
+#include "nanocbor/nanocbor.h"
 #include "uuid.h"
 #include "riotboot/flashwrite.h"
 
@@ -73,11 +73,6 @@ typedef enum {
     SUIT_ERR_SIGNATURE          = -6,   /**< Unable to verify signature */
 } suit_v4_error_t;
 
-/**
- * @brief TinyCBOR validation mode to use
- */
-#define SUIT_TINYCBOR_VALIDATION_MODE       CborValidateStrictMode
-
 /**
  * @brief SUIT payload digest algorithms
  *
@@ -121,9 +116,9 @@ enum {
  */
 typedef struct {
     uint32_t size;                      /**< Size */
-    CborValue identifier;               /**< Identifier*/
-    CborValue url;                      /**< Url */
-    CborValue digest;                   /**< Digest */
+    nanocbor_value_t identifier;        /**< Identifier*/
+    nanocbor_value_t url;               /**< Url */
+    nanocbor_value_t digest;            /**< Digest */
 } suit_v4_component_t;
 
 /**
@@ -139,7 +134,7 @@ typedef struct {
     /** List of components in the manifest */
     suit_v4_component_t components[SUIT_V4_COMPONENT_MAX];
     unsigned components_len;        /**< Current number of components */
-    int component_current;          /**< Current component index */
+    int32_t component_current;      /**< Current component index */
     riotboot_flashwrite_t *writer;  /**< Pointer to the riotboot flash writer */
     /** Manifest validation buffer */
     uint8_t validation_buf[SUIT_COSE_BUF_SIZE];
@@ -191,7 +186,7 @@ int suit_v4_policy_check(suit_v4_manifest_t *manifest);
  * @return              SUIT_OK when initialization is successful
  * @return              SUIT_ERR_INVALID_MANIFEST if the manifest is not a cbor container
  */
-int suit_cbor_map_iterate_init(CborValue *map, CborValue *it);
+int suit_cbor_map_iterate_init(nanocbor_value_t *map, nanocbor_value_t *it);
 
 /**
  * @brief Iterate over a cbor map container
@@ -203,18 +198,18 @@ int suit_cbor_map_iterate_init(CborValue *map, CborValue *it);
  * @return              0 when the iterator is already at the end of the container
  * @return              the number of returned (key, value) pair, e.g. 1
  */
-int suit_cbor_map_iterate(CborValue *it, CborValue *key, CborValue *value);
+int suit_cbor_map_iterate(nanocbor_value_t *it, nanocbor_value_t *key, nanocbor_value_t *value);
 
 /**
- * @brief Get cbor value as int
+ * @brief Get cbor value as int32_t
  *
  * @param[in]   it      cbor container iterator
  * @param[out]  out     address of the returned integer
  *
  * @return              SUIT_OK on success
  * @return              SUIT_ERR_INVALID_MANIFEST if value doesn't fit in an int
  */
-int suit_cbor_get_int(const CborValue *it, int *out);
+int suit_cbor_get_int32(nanocbor_value_t *it, int32_t *out);
 
 /**
  * @brief Get cbor value as unsigned
@@ -226,7 +221,7 @@ int suit_cbor_get_int(const CborValue *it, int *out);
  * @return              SUIT_ERR_INVALID_MANIFEST if value doesn't fit or cannot
  *                      be converted to unsigned
  */
-int suit_cbor_get_uint(const CborValue *it, unsigned *out);
+int suit_cbor_get_uint(nanocbor_value_t *it, unsigned *out);
 
 /**
  * @brief Get cbor value as unsigned long
@@ -238,7 +233,7 @@ int suit_cbor_get_uint(const CborValue *it, unsigned *out);
  * @return              SUIT_ERR_INVALID_MANIFEST if value doesn't fit or cannot
  *                      be converted to unsigned long
  */
-int suit_cbor_get_uint32(const CborValue *it, uint32_t *out);
+int suit_cbor_get_uint32(nanocbor_value_t *it, uint32_t *out);
 
 /**
  * @brief Get cbor value as string
@@ -250,20 +245,19 @@ int suit_cbor_get_uint32(const CborValue *it, uint32_t *out);
  * @return              SUIT_OK on success
  * @return              SUIT_ERR_INVALID_MANIFEST if value is not a valid string
  */
-int suit_cbor_get_string(const CborValue *it, const uint8_t **buf, size_t *len);
+int suit_cbor_get_string(nanocbor_value_t *it, const uint8_t **buf, size_t *len);
 
 /**
  * @brief Parser a cbor subsequence
  *
- * @param[in]   parser      ptr to cbor subparser
- * @param[out]  bseq        subsequence value
+ * @param[in]   bseq        subsequence value
  * @param[out]  it          cbor iterator
  *
  * @return                  0 on success
  * @return                  -1 if bseq is not a cbor string
  * @return                  CborError code on other cbor parser errors
  */
-int suit_cbor_subparse(CborParser *parser, CborValue *bseq, CborValue *it);
+int suit_cbor_subparse(nanocbor_value_t *bseq, nanocbor_value_t *it);
 
 /**
  * @brief Helper function for writing bytes on flash a specified offset

sys/suit/v4/cbor.c

@@ -26,7 +26,7 @@
 #include "suit/v4/handlers.h"
 #include "suit/v4/suit.h"
 #include "suit/v4/policy.h"
-#include "cbor.h"
+#include "nanocbor/nanocbor.h"
 #include "cose/sign.h"
 
 #include "public_key.h"
@@ -40,135 +40,116 @@
 static suit_manifest_handler_t _manifest_get_auth_wrapper_handler(int key);
 typedef suit_manifest_handler_t (*suit_manifest_handler_getter_t)(int key);
 
-int suit_cbor_map_iterate_init(CborValue *map, CborValue *it)
+int suit_cbor_map_iterate_init(nanocbor_value_t *map, nanocbor_value_t *it)
 {
-    if (!cbor_value_is_map(map)) {
+    if (nanocbor_get_type(map) != NANOCBOR_TYPE_MAP) {
         LOG_INFO("suit_v4_parse(): manifest not a map\n)");
         return SUIT_ERR_INVALID_MANIFEST;
     }
 
-    cbor_value_enter_container(map, it);
+    nanocbor_enter_map(map, it);
 
     return SUIT_OK;
 }
 
-int suit_cbor_map_iterate(CborValue *it, CborValue *key, CborValue *value)
+int suit_cbor_map_iterate(nanocbor_value_t *it, nanocbor_value_t *key,
+                          nanocbor_value_t *value)
 {
-    if (cbor_value_at_end(it)) {
+    if (nanocbor_at_end(it)) {
         return 0;
     }
 
     *key = *it;
-    cbor_value_advance(it);
+    nanocbor_skip(it);
 
     *value = *it;
-    cbor_value_advance(it);
+    nanocbor_skip(it);
 
     return 1;
 }
 
-int suit_cbor_get_int(const CborValue *it, int *out)
+int suit_cbor_get_int32(nanocbor_value_t *it, int32_t *out)
 {
-    if (!cbor_value_is_integer(it)) {
-        LOG_DEBUG("expected integer type, got %u\n", cbor_value_get_type(it));
-        return SUIT_ERR_INVALID_MANIFEST;
-    }
+    int res = nanocbor_get_int32(it, out);
 
-    /* This check tests whether the integer fits into "int", thus the check
-     * is platform dependent. This is for lack of specification of actually
-     * allowed values, to be made explicit at some point. */
-    if (cbor_value_get_int_checked(it, out) == CborErrorDataTooLarge) {
-        LOG_DEBUG("integer doesn't fit into int type\n");
+    if (res < NANOCBOR_OK) {
+        LOG_DEBUG("suit_cbor_get_int32() error %u\n", res);
         return SUIT_ERR_INVALID_MANIFEST;
     }
 
     return SUIT_OK;
 }
 
-int suit_cbor_get_string(const CborValue *it, const uint8_t **buf, size_t *len)
+int suit_cbor_get_string(nanocbor_value_t *it, const uint8_t **buf, size_t *len)
 {
-    if (!(cbor_value_is_text_string(it) || cbor_value_is_byte_string(it) || cbor_value_is_length_known(it))) {
+    if (nanocbor_get_type(it) == NANOCBOR_TYPE_TSTR) {
+        if (nanocbor_get_tstr(it, buf, len) < 0) {
+            return SUIT_ERR_INVALID_MANIFEST;
+        }
+        return SUIT_OK;
+    }
+    else if (nanocbor_get_type(it) == NANOCBOR_TYPE_BSTR) {
+        if (nanocbor_get_bstr(it, buf, len) < 0) {
+            return SUIT_ERR_INVALID_MANIFEST;
+        }
+        return SUIT_OK;
+    }
+    else {
+        LOG_DEBUG("suit_cbor_get_string(): unexpected type: %i\n",
+                  nanocbor_get_type(it));
         return SUIT_ERR_INVALID_MANIFEST;
     }
-    CborValue next = *it;
-    cbor_value_get_string_length(it, len);
-    cbor_value_advance(&next);
-    *buf = next.ptr - *len;
-    return SUIT_OK;
 }
 
-int suit_cbor_get_uint32(const CborValue *it, uint32_t *out)
+int suit_cbor_get_uint32(nanocbor_value_t *it, uint32_t *out)
 {
-    int res;
-    int64_t val;
-    if (!cbor_value_is_unsigned_integer(it)) {
-        return CborErrorIllegalType;
-    }
-    if ((res = cbor_value_get_int64_checked(it, &val))) {
-        return res;
-    }
-    if (val > 0xFFFFFFFF) {
-        return CborErrorDataTooLarge;
+    if (nanocbor_get_uint32(it, out) < 0) {
+        return SUIT_ERR_INVALID_MANIFEST;
     }
-    *out = (val & 0xFFFFFFFF);
-
-    return CborNoError;
+    return SUIT_OK;
 }
 
-int suit_cbor_get_uint(const CborValue *it, unsigned *out)
+int suit_cbor_get_uint(nanocbor_value_t *it, unsigned *out)
 {
     return suit_cbor_get_uint32(it, (uint32_t *)out);
 }
 
-int suit_cbor_subparse(CborParser *parser, CborValue *bseq, CborValue *it)
+int suit_cbor_subparse(nanocbor_value_t *bseq, nanocbor_value_t *it)
 {
     const uint8_t *bytes;
     size_t bytes_len = 0;
-
-    if (!cbor_value_is_byte_string(bseq)) {
-        LOG_DEBUG("suit_cbor_subparse(): bseq not a byte string\n");
-        return -1;
+    int res = suit_cbor_get_string(bseq, &bytes, &bytes_len);
+    if (res != SUIT_OK) {
+        return res;
     }
-
-    suit_cbor_get_string(bseq, &bytes, &bytes_len);
-
-    return cbor_parser_init(bytes, bytes_len, SUIT_TINYCBOR_VALIDATION_MODE, parser,
-                            it);
+    nanocbor_decoder_init(it, bytes, bytes_len);
+    return SUIT_OK;
 }
 
 static int _v4_parse(suit_v4_manifest_t *manifest, const uint8_t *buf,
-                       size_t len, suit_manifest_handler_getter_t getter)
+                     size_t len, suit_manifest_handler_getter_t getter)
 {
+    nanocbor_value_t it, map, key, value;
 
-    CborParser parser;
-    CborValue it, map, key, value;
-    CborError err = cbor_parser_init(buf, len, SUIT_TINYCBOR_VALIDATION_MODE,
-                                     &parser, &it);
-
-    if (err != 0) {
-        return SUIT_ERR_INVALID_MANIFEST;
-    }
+    nanocbor_decoder_init(&it, buf, len);
 
     map = it;
 
     if (suit_cbor_map_iterate_init(&map, &it) != SUIT_OK) {
-        LOG_DEBUG("manifest not a map!\n");
+        LOG_DEBUG("suit _v4_parse(): manifest not a map!\n");
         return SUIT_ERR_INVALID_MANIFEST;
     }
 
-    LOG_DEBUG("jumping into map\n)");
-
     while (suit_cbor_map_iterate(&it, &key, &value)) {
-        int integer_key;
-        if (suit_cbor_get_int(&key, &integer_key) != SUIT_OK){
+        int32_t integer_key;
+        if (suit_cbor_get_int32(&key, &integer_key) != SUIT_OK) {
             return SUIT_ERR_INVALID_MANIFEST;
         }
-        LOG_DEBUG("got key val=%i\n", integer_key);
+        LOG_DEBUG("got key val=%" PRIi32 "\n", integer_key);
         suit_manifest_handler_t handler = getter(integer_key);
 
         if (handler) {
             int res = handler(manifest, integer_key, &value);
-            LOG_DEBUG("handler res=%i\n", res);
             if (res < 0) {
                 LOG_INFO("handler returned <0\n)");
                 return SUIT_ERR_INVALID_MANIFEST;
@@ -179,20 +160,21 @@ static int _v4_parse(suit_v4_manifest_t *manifest, const uint8_t *buf,
         }
     }
 
-    cbor_value_leave_container(&map, &it);
+    nanocbor_leave_container(&map, &it);
 
     return SUIT_OK;
 }
 
 int suit_v4_parse(suit_v4_manifest_t *manifest, const uint8_t *buf,
-                       size_t len)
+                  size_t len)
 {
     manifest->buf = buf;
     manifest->len = len;
     return _v4_parse(manifest, buf, len, _manifest_get_auth_wrapper_handler);
 }
 
-static int _auth_handler(suit_v4_manifest_t *manifest, int key, CborValue *it)
+static int _auth_handler(suit_v4_manifest_t *manifest, int key,
+                         nanocbor_value_t *it)
 {
     (void)key;
     const uint8_t *cose_buf;
@@ -211,7 +193,8 @@ static int _auth_handler(suit_v4_manifest_t *manifest, int key, CborValue *it)
     return 0;
 }
 
-static int _manifest_handler(suit_v4_manifest_t *manifest, int key, CborValue *it)
+static int _manifest_handler(suit_v4_manifest_t *manifest, int key,
+                             nanocbor_value_t *it)
 {
     (void)key;
     const uint8_t *manifest_buf;
@@ -238,19 +221,20 @@ static int _manifest_handler(suit_v4_manifest_t *manifest, int key, CborValue *i
 
     LOG_INFO("suit: verifying manifest signature...\n");
     int verification = cose_sign_verify(&manifest->verify, &signature,
-            &pkey, manifest->validation_buf, SUIT_COSE_BUF_SIZE);
+                                        &pkey, manifest->validation_buf,
+                                        SUIT_COSE_BUF_SIZE);
     if (verification != 0) {
         LOG_INFO("Unable to validate signature\n");
         return SUIT_ERR_SIGNATURE;
     }
 
     return _v4_parse(manifest, manifest_buf,
-                       manifest_len, suit_manifest_get_manifest_handler);
+                     manifest_len, suit_manifest_get_manifest_handler);
 }
 
 static suit_manifest_handler_t _suit_manifest_get_handler(int key,
-                                                   const suit_manifest_handler_t *handlers,
-                                                   size_t len)
+                                                          const suit_manifest_handler_t *handlers,
+                                                          size_t len)
 {
     if (key < 0 || (size_t)key >= len) {
         return NULL;