From 4731bdd28ca95b2fea793787d908b9a526e0731d Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Tue, 5 Dec 2023 18:23:51 -0500 Subject: [PATCH] Remove utils/gen-corim as it is moved to new `gen-corim` repo Signed-off-by: Yogesh Deshpande --- go.mod | 2 - go.sum | 4 - utils/README.md | 5 - utils/gen-corim/README.md | 45 -- utils/gen-corim/cmd/gen-corim.go | 400 ------------------ utils/gen-corim/cmd/gen-corim_test.go | 279 ------------ utils/gen-corim/data/corims/bad-evidence.cbor | 0 utils/gen-corim/data/corims/cca-evidence.cbor | Bin 1382 -> 0 bytes utils/gen-corim/data/corims/psa-evidence.cbor | Bin 546 -> 0 bytes utils/gen-corim/data/keys/ec256.json | 7 - utils/gen-corim/data/keys/es256.json | 8 - .../data/templates/cca/comid-template.json | 20 - .../data/templates/cca/corim-template.json | 25 -- .../data/templates/psa/comid-template.json | 20 - .../data/templates/psa/corim-template.json | 25 -- .../bad-comid/comid-template.json | 18 - .../bad-comid/corim-template.json | 25 -- .../bad-corim/comid-template.json | 20 - .../bad-corim/corim-template.json | 25 -- .../just-comid/comid-template.json | 20 - .../just-corim/corim-template.json | 25 -- utils/gen-corim/main.go | 12 - 22 files changed, 985 deletions(-) delete mode 100644 utils/README.md delete mode 100644 utils/gen-corim/README.md delete mode 100644 utils/gen-corim/cmd/gen-corim.go delete mode 100644 utils/gen-corim/cmd/gen-corim_test.go delete mode 100644 utils/gen-corim/data/corims/bad-evidence.cbor delete mode 100644 utils/gen-corim/data/corims/cca-evidence.cbor delete mode 100644 utils/gen-corim/data/corims/psa-evidence.cbor delete mode 100644 utils/gen-corim/data/keys/ec256.json delete mode 100644 utils/gen-corim/data/keys/es256.json delete mode 100644 utils/gen-corim/data/templates/cca/comid-template.json delete mode 100644 utils/gen-corim/data/templates/cca/corim-template.json delete mode 100644 utils/gen-corim/data/templates/psa/comid-template.json delete mode 100644 utils/gen-corim/data/templates/psa/corim-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/bad-comid/comid-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/bad-comid/corim-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/bad-corim/comid-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/bad-corim/corim-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/just-comid/comid-template.json delete mode 100644 utils/gen-corim/data/templates/psa/error-templates/just-corim/corim-template.json delete mode 100644 utils/gen-corim/main.go diff --git a/go.mod b/go.mod index 40bef697..a431cd2b 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,6 @@ require ( github.com/open-policy-agent/opa v0.43.1 github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 github.com/spf13/afero v1.9.2 - github.com/spf13/cobra v1.6.1 github.com/spf13/jwalterweatherman v1.1.0 github.com/spf13/viper v1.13.0 github.com/stretchr/testify v1.8.4 @@ -48,7 +47,6 @@ require ( github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/golang/glog v1.0.0 // indirect - github.com/inconshreveable/mousetrap v1.0.1 // indirect github.com/klauspost/cpuid/v2 v2.2.4 // indirect github.com/patrickmn/go-cache v2.1.0+incompatible // indirect github.com/segmentio/asm v1.2.0 // indirect diff --git a/go.sum b/go.sum index 8fe0c865..ae2932cc 100644 --- a/go.sum +++ b/go.sum @@ -650,8 +650,6 @@ github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= -github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= @@ -994,8 +992,6 @@ github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHN github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= -github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= -github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= diff --git a/utils/README.md b/utils/README.md deleted file mode 100644 index c13e1588..00000000 --- a/utils/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Utilities - -The `utils` directory contains various utilities. -Currently only gen-corim is present. This utility enables quick generation of Endorsements from the Evidence. -Please see the [README.md](gen-corim/README.md) inside gen-corim for a more detailed explanation. \ No newline at end of file diff --git a/utils/gen-corim/README.md b/utils/gen-corim/README.md deleted file mode 100644 index 4a1f1881..00000000 --- a/utils/gen-corim/README.md +++ /dev/null @@ -1,45 +0,0 @@ -# CoRIM Generation - -## Preconditions - ->>Note: the below assumes both the [evcli](https://github.com/veraison/evcli) and the [cocli](https://github.com/veraison/corim/tree/main/cocli) tools are installed on the system. - -## Installing and configuring - -To install the `gen-corim` command, do: - -``` -$ go install github.com/veraison/services/gen-corim@latest -``` - -## Usage - -``` -$ gen-corim psa evidence.cbor key.json [--template-dir=templates] [--corim-file=endorsements/output.cbor] -``` - -On success, you should see something like this printed to stdout: - -``` ->> generated "endorsements/output.cbor" using "evidence.cbor" -``` -### Supplied Arguments -### Attestation Scheme - -The attestation scheme to be used. The only attestation schemes supported by this service are `psa` and `cca`. - -#### Evidence File - -CBOR-encoded evidence token to be used. - -### Key File - -Public key material needed to verify the evidence. The key file is expected be in [jwk](https://openid.net/specs/draft-jones-json-web-key-03.html) format. - -### Template Directory (Optional) - -The directory containing the CoMID and CoRIM templates via the `--template-dir` switch (abbrev. `-t`). If this flag is not set the path for the template directory will default to `templates` within the current working directory. The template directory must exist and must contain files named `comid-template.json` and `corim-template.json` which contain the respective templates. Some examples of CoMID and CoRIM JSON templates can be found in the [data/templates](data/templates) folder. - -### Output File (Optional) - -If you wish to specify the name and path of the produced endorsement then pass this via the `corim-file` switch (abbrev. `-c`). If this flag is not set then the produced endorsement will be saved in the current working directory under the file name `psa-endorsements.cbor` or `cca-endorsements.cbor` depending on the attestation scheme used. diff --git a/utils/gen-corim/cmd/gen-corim.go b/utils/gen-corim/cmd/gen-corim.go deleted file mode 100644 index 8343adaf..00000000 --- a/utils/gen-corim/cmd/gen-corim.go +++ /dev/null @@ -1,400 +0,0 @@ -// Copyright 2023 Contributors to the Veraison project. -// SPDX-License-Identifier: Apache-2.0 - -package cmd - -import ( - "bytes" - "crypto" - "crypto/x509" - "encoding/pem" - "errors" - "fmt" - "os" - "os/exec" - - "github.com/lestrrat-go/jwx/v2/jwk" - "github.com/spf13/cobra" - "github.com/veraison/ccatoken" - "github.com/veraison/corim/comid" - "github.com/veraison/eat" - "github.com/veraison/psatoken" -) - -var ( - genCorimAttestationScheme *string - genCorimEvidenceFile *string - genCorimKeyFile *string - genCorimCorimFile *string - genCorimTemplateDir *string -) - -var rootCmd = NewRootCmd() - -func NewRootCmd() *cobra.Command { - cmd := &cobra.Command{ - Use: "gen-corim ", - Short: "generate CoRIM from supplied evidence", - Long: `generate CoRIM from supplied evidence - - Generate CoRIM from evidence token (evidence.cbor), attestation scheme to use (only schemes supported - by ths tool are psa and cca), key material needed to verify the evidence (key.json) and templates - supplied in the template directory. - Save it to the current working directory with default file name. - - gen-corim scheme evidence.cbor key.json \ - --template-dir=directory - - Generate CoRIM from evidence token (evidence.cbor), attestation scheme to use (only schemes supported - by ths tool are psa and cca), key material needed to verify the evidence (key.json) and templates - supplied in the template directory. - Save it as target file name (endorsements.cbor) - - gen-corim scheme evidence.cbor key.json \ - --template-dir=directory \ - --corim-file=endorsements.cbor - - Note: the CoMID and CoRIM templates within the template directory must be named comid-template.json - and corim-template.json respectively - `, - Version: "0.0.1", - Args: cobra.ExactArgs(3), - RunE: func(cmd *cobra.Command, args []string) error { - genCorimAttestationScheme = &args[0] - genCorimEvidenceFile = &args[1] - genCorimKeyFile = &args[2] - if err := checkGenCorimArgs(); err != nil { - return err - } - err := generate(genCorimAttestationScheme, genCorimEvidenceFile, genCorimKeyFile, genCorimCorimFile, genCorimTemplateDir) - if err != nil { - return err - } - return nil - }, - SilenceUsage: true, - SilenceErrors: true, - } - - genCorimCorimFile = cmd.Flags().StringP("corim-file", "c", "", "name of the generated CoRIM file") - - genCorimTemplateDir = cmd.Flags().StringP("template-dir", "t", "templates", "path of directory containing the comid and corim templates") - - return cmd -} - -// checkGenCorimArgs checks that the arguments are non-empty and that the relevent filepaths exist -func checkGenCorimArgs() error { - - if *genCorimAttestationScheme != "psa" && *genCorimAttestationScheme != "cca" { - return fmt.Errorf("unsupported attestation scheme %s, only psa and cca are supported", *genCorimAttestationScheme) - } - - if _, err := os.Stat(*genCorimTemplateDir); errors.Is(err, os.ErrNotExist) { - return errors.New("template directory does not exist") - } - - if _, err := os.Stat(*genCorimTemplateDir + "/comid-template.json"); errors.Is(err, os.ErrNotExist) { - return errors.New("file `comid-template.json` is missing from template directory") - } - - if _, err := os.Stat(*genCorimTemplateDir + "/corim-template.json"); errors.Is(err, os.ErrNotExist) { - return errors.New("file `corim-template.json` is missing from template directory") - } - - return nil -} - -func Execute() { - cobra.CheckErr(rootCmd.Execute()) -} - -func generate(attestation_scheme *string, evidence_file *string, key_file *string, corim_file *string, template_dir *string) error { - - dir, err := CreateTemporaryDirectory() - if err != nil { - return err - } - - //validate evidence cryptographically and write to a file - evcli_cmd := exec.Command("evcli", *attestation_scheme, "check", "--token="+*evidence_file, "--key="+*key_file, "--claims="+dir+"/output-evidence-claims.json") - if err = evcli_cmd.Run(); err != nil { - _ = os.RemoveAll(dir) - return fmt.Errorf("error verifying evidence token: %w", err) - } - - comidClaims, err := GetComidClaimsFromTemplate(*template_dir) - if err != nil { - _ = os.RemoveAll(dir) - return err - } - - evidenceClaims, err := GetEvidenceClaims(*attestation_scheme, *evidence_file) - if err != nil { - _ = os.RemoveAll(dir) - return err - } - - schemeClaims, err := GetSchemeClaimsFromEvidenceClaims(evidenceClaims, *attestation_scheme == "cca") - if err != nil { - _ = os.RemoveAll(dir) - return err - } - - measurements := GetMeasurementsFromComponents(schemeClaims.swComponents, schemeClaims.config, *attestation_scheme == "cca") - - //creating a new reference value containing the measurements and the implementation ID from the evidence token - class := comid.NewClassImplID(schemeClaims.implID) - - refVal := comid.ReferenceValue{ - Environment: comid.Environment{Class: class}, - Measurements: measurements, - } - - //replacing the reference values from the template with the created reference value - referenceValues := append(*new([]comid.ReferenceValue), refVal) - comidClaims.Triples.ReferenceValues = &referenceValues - - keys, err := CreateVerifKeysFromJWK(*key_file) - if err != nil { - _ = os.RemoveAll(dir) - return err - } - - instance := comid.NewInstance() - instance.SetUEID(schemeClaims.instID) - - verifKey := comid.AttestVerifKey{ - Environment: comid.Environment{ - Class: class, - Instance: instance, - }, - VerifKeys: keys, - } - - attestVerifKey := append(*new([]comid.AttestVerifKey), verifKey) - comidClaims.Triples.AttestVerifKeys = &attestVerifKey - - err = CreateComidFromClaims(comidClaims, dir) - if err != nil { - _ = os.RemoveAll(dir) - return err - } - - //creating a CoRIM from the CoMID and the provided template - if *corim_file == "" { - *corim_file = *attestation_scheme + "-endorsements.cbor" - } - - corim_cmd := exec.Command("cocli", "corim", "create", "--template="+*template_dir+"/corim-template.json", "--comid="+dir+"/comid-claims.cbor", "--output="+*corim_file) - - if err := corim_cmd.Run(); err != nil { - _ = os.RemoveAll(dir) - return fmt.Errorf("error thrown by cocli corim create: %w", err) - } - - _ = os.RemoveAll(dir) - - fmt.Println(`>> generated "` + *corim_file + `" using "` + *evidence_file + `"`) - - return nil -} - -func convertJwkToPEM(fileName string) (pemKey string, err error) { - var buf bytes.Buffer - // fileName is the name of the file as string type where the JWK is stored - keyJWK, err := os.ReadFile(fileName) - if err != nil { - return "", fmt.Errorf("error loading verifying key from %s: %w", fileName, err) - } - pkey, err := PubKeyFromJWK(keyJWK) - if err != nil { - return "", fmt.Errorf("error loading verifying key from %s: %w", fileName, err) - } - pubBytes2, err := x509.MarshalPKIXPublicKey(pkey) - if err != nil { - return "", fmt.Errorf("failed to marshal public key: %w", err) - } - block := &pem.Block{ - Type: "PUBLIC KEY", - Bytes: pubBytes2, - } - if err := pem.Encode(&buf, block); err != nil { - return "", fmt.Errorf("failed to pem encode: %w", err) - } - keyStr := buf.String() - return keyStr, nil -} - -// PubKeyFromJWK extracts a crypto.PublicKey from the supplied JSON Web Key -func PubKeyFromJWK(rawJWK []byte) (crypto.PublicKey, error) { - var pKey crypto.PublicKey - err := jwk.ParseRawKey(rawJWK, &pKey) - if err != nil { - return nil, fmt.Errorf("%w", err) - } - return pKey, nil -} - -// GenComidClaimsFromTemplate reads in the corim template structure and checks the validity -func GetComidClaimsFromTemplate(template_dir string) (*comid.Comid, error) { - content, err := os.ReadFile(template_dir + "/comid-template.json") - if err != nil { - return nil, fmt.Errorf("error reading comid template: %w", err) - } - - comidClaims := comid.NewComid() - err = comidClaims.FromJSON(content) - if err != nil { - return nil, fmt.Errorf("error umarshalling comid template: %w", err) - } - - err = comidClaims.Valid() - if err != nil { - return nil, fmt.Errorf("error validating comid template: %w", err) - } - - return comidClaims, nil -} - -// GetMeasurementsFromComponents creates a new measurements list to hold the measurements extracted from the evidence token -func GetMeasurementsFromComponents(swComponents []psatoken.SwComponent, config []byte, isCca bool) comid.Measurements { - measurements := comid.NewMeasurements() - - for _, component := range swComponents { - refValID := comid.NewPSARefValID(*component.SignerID) - refValID.SetLabel(*component.MeasurementType) - refValID.SetVersion(*component.Version) - measurement := comid.NewPSAMeasurement(*refValID) - measurement.AddDigest(1, *component.MeasurementValue) - measurements.AddMeasurement(measurement) - } - - //adding cca specific measurement - if isCca { - configID := comid.CCAPlatformConfigID("cfg v1.0.0") - measurement := comid.NewCCAPlatCfgMeasurement(configID).SetRawValueBytes(config, []byte{}) - measurements.AddMeasurement(measurement) - } - - return *measurements -} - -// GetEvidenceClaims reads in the evidence token and extracts the claims -func GetEvidenceClaims(attestation_scheme string, evidence_file string) (psatoken.IClaims, error) { - content, err := os.ReadFile(evidence_file) - if err != nil { - return nil, fmt.Errorf("error reading the evidence token: %w", err) - } - - var evidenceClaims psatoken.IClaims - - if attestation_scheme == "psa" { - var evidence psatoken.Evidence - - err = evidence.FromCOSE(content) - if err != nil { - return nil, fmt.Errorf("error umarshalling evidence token: %w", err) - } - - evidenceClaims = evidence.Claims - } else { - var evidence ccatoken.Evidence - - err = evidence.FromCBOR(content) - if err != nil { - return nil, fmt.Errorf("error umarshalling evidence token: %w", err) - } - - evidenceClaims = evidence.PlatformClaims - } - return evidenceClaims, nil -} - -// GetSchemeClaimsFromEvidenceClaims stores the key components of the the claims in the desired format -func GetSchemeClaimsFromEvidenceClaims(evidenceClaims psatoken.IClaims, isCca bool) (*SchemeClaims, error) { - swComponents, err := evidenceClaims.GetSoftwareComponents() - if err != nil { - return nil, fmt.Errorf("error extracting software components: %w", err) - } - - implIDBytes, err := evidenceClaims.GetImplID() - if err != nil { - return nil, fmt.Errorf("error extracting implementation ID: %w", err) - } - var implID comid.ImplID - copy(implID[:], implIDBytes) - - instID, err := evidenceClaims.GetInstID() - if err != nil { - return nil, fmt.Errorf("error extracting instance ID: %w", err) - } - var ueid eat.UEID = instID - - var config []byte - if isCca { - config, err = evidenceClaims.GetConfig() - if err != nil { - return nil, fmt.Errorf("error extracting configuration data: %w", err) - } - } - - return &SchemeClaims{ - swComponents: swComponents, - implID: implID, - instID: ueid, - config: config, - }, nil -} - -type SchemeClaims struct { - swComponents []psatoken.SwComponent - implID comid.ImplID - instID eat.UEID - config []byte -} - -func CreateComidFromClaims(comidClaims *comid.Comid, dir string) error { - //writing the constructed claims into a json file to be used as a CoMID template - content, err := comidClaims.ToJSON() - if err != nil { - return fmt.Errorf("error marshalling claims: %w", err) - } - os.WriteFile(dir+"/comid-claims.json", content, 0664) - - //creating a CoMID from the constructed template - comid_cmd := exec.Command("cocli", "comid", "create", "--template="+dir+"/comid-claims.json", "--output-dir="+dir) - if err := comid_cmd.Run(); err != nil { - return fmt.Errorf("error thrown by cocli comid create: %w", err) - } - - return nil -} - -// CreateTemporaryDirectory creates a temporary directory to store the intermediate files -func CreateTemporaryDirectory() (string, error) { - wd, err := os.Getwd() - if err != nil { - return "", fmt.Errorf("error finding working directory: %w", err) - } - - dir, err := os.MkdirTemp(wd, "gen-corim_data") - if err != nil { - return "", fmt.Errorf("error creating temporary directory: %w", err) - } - - return dir, nil -} - -// CreateVerifKeysFromJWK extracts the key data from the key file and uses it to overwrite the AttestVerifKeys triple -func CreateVerifKeysFromJWK(key_file string) (comid.VerifKeys, error) { - key_data, err := convertJwkToPEM(key_file) - if err != nil { - return nil, err - } - key := comid.NewVerifKey() - key.SetKey(key_data) - keys := comid.NewVerifKeys() - keys.AddVerifKey(key) - return *keys, nil -} diff --git a/utils/gen-corim/cmd/gen-corim_test.go b/utils/gen-corim/cmd/gen-corim_test.go deleted file mode 100644 index a6e652d7..00000000 --- a/utils/gen-corim/cmd/gen-corim_test.go +++ /dev/null @@ -1,279 +0,0 @@ -// Copyright 2021 Contributors to the Veraison project. -// SPDX-License-Identifier: Apache-2.0 - -package cmd - -import ( - "os" - "testing" - - "github.com/stretchr/testify/assert" -) - -func Test_RootCmd_unknown_argument(t *testing.T) { - cmd := NewRootCmd() - - args := []string{"--unknown-argument=val"} - cmd.SetArgs(args) - - err := cmd.Execute() - assert.EqualError(t, err, "unknown flag: --unknown-argument") -} - -func Test_RootCmd_with_two_args(t *testing.T) { - cmd := NewRootCmd() - - args := []string{"../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "accepts 3 arg(s), received 2") -} - -func Test_RootCmd_invalid_attestation_scheme(t *testing.T) { - cmd := NewRootCmd() - - args := []string{"invalid-scheme", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "unsupported attestation scheme invalid-scheme, only psa and cca are supported") -} - -func Test_RootCmd_psa_runs(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.NoError(t, err) - os.Remove("psa-endorsements.cbor") -} - -func Test_RootCmd_cca_runs(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"cca", - "../data/corims/cca-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.NoError(t, err) - os.Remove("cca-endorsements.cbor") -} - -func Test_RootCmd_with_output(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - "--corim-file=../data/corims/test-target.cbor", - } - cmd.SetArgs((args)) - - os.Remove("../data/corims/test-target.cbor") - - err := cmd.Execute() - assert.NoError(t, err) - assert.FileExists(t, "../data/corims/test-target.cbor") - os.Remove("../data/corims/test-target.cbor") -} - -func Test_RootCmd_Execute(t *testing.T) { - - *genCorimTemplateDir = "../data/templates/psa" - *genCorimCorimFile = "" - - os.Args = []string{"gen-corim", "psa", "../data/corims/psa-evidence.cbor", "../data/keys/es256.json"} - - Execute() - os.Remove("psa-endorsements.cbor") -} - -func Test_RootCmd_with_wrong_key(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/ec256.json", - "--template-dir=../data/templates/psa", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_RootCmd_with_wrong_scheme(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/cca-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/cca", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_RootCmd_with_bad_evidence(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/bad-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_RootCmd_with_bad_output_path(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa", - "--corim-file=../data/", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_RootCmd_with_no_template_dir(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "template directory does not exist") -} - -func Test_RootCmd_with_bad_template_dir_path(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/not-exist", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "template directory does not exist") -} - -func Test_RootCmd_with_missing_comid_template(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa/error-templates/just-corim", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "file `comid-template.json` is missing from template directory") -} - -func Test_RootCmd_with_missing_corim_template(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa/error-templates/just-comid", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.EqualError(t, err, "file `corim-template.json` is missing from template directory") -} - -func Test_RootCmd_with_bad_comid_template(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa/error-templates/bad-comid", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_RootCmd_with_bad_corim_template(t *testing.T) { - - cmd := NewRootCmd() - - args := []string{"psa", - "../data/corims/psa-evidence.cbor", - "../data/keys/es256.json", - "--template-dir=../data/templates/psa/error-templates/bad-corim", - } - cmd.SetArgs((args)) - - err := cmd.Execute() - assert.Error(t, err) -} - -func Test_PubKeyFromJWK_with_bad_key(t *testing.T) { - _, err := PubKeyFromJWK(nil) - assert.Error(t, err) -} - -func Test_convertJwkToPEM_with_bad_path(t *testing.T) { - _, err := convertJwkToPEM("") - assert.Error(t, err) -} - -func Test_convertJwkToPEM_with_pub_key(t *testing.T) { - _, err := convertJwkToPEM("../data/keys/ec256.json") - assert.Error(t, err) -} -func Test_convertJwkToPEM_with_bad_file(t *testing.T) { - _, err := convertJwkToPEM("../data/templates/comid-claims-template.json") - assert.Error(t, err) -} diff --git a/utils/gen-corim/data/corims/bad-evidence.cbor b/utils/gen-corim/data/corims/bad-evidence.cbor deleted file mode 100644 index e69de29b..00000000 diff --git a/utils/gen-corim/data/corims/cca-evidence.cbor b/utils/gen-corim/data/corims/cca-evidence.cbor deleted file mode 100644 index b5c55e5941f5082da60aa188676de670c74d48bb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1382 zcmcb~*uO|}&8bMH$(LH37c#0Xh-7kKDapuLA(K&3QedU8pIDTumzVRWXTTNV!1`=!hs&`AXC*BZGI#ym@MKDwmerjfe;%EwY$F~KQ zZ*eJ9b*F{qaVdSA_ssi_e&DZ!FztY@NU z#7bBt&_rKDpo!cBO*GUq(la2^L?fVy{6v{(Or(j%KofNUpgU$#nQqi_1br3ngI63|kINc#ck#LCH0zfrhwH1|`>= zi*RtJ5J;{$-$J=5!@~s0HD_SyMsm&Bh(wmA-xrNmZaqA$eg1Ay6W$2{)B8e?&kd?v zw2NJ$Ck@l**?EkcUE%E1+aythDH$ye@)}#t|oFc@cq*|UFq_n zyHDrTnW?9rhbGnue^zAaSoUJQKTk`2bMlv&FIK;>I{w()w!`wbVRX&1oRcB(OVT~! l^)Gme2%q`XoWj0ufxv;^yEx9@`S_8SOZ>ZE<&|mNeE{RmgTDX( diff --git a/utils/gen-corim/data/corims/psa-evidence.cbor b/utils/gen-corim/data/corims/psa-evidence.cbor deleted file mode 100644 index 1d81048ecd8f2c0af0493205ffbac1dee9ccd832..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 546 zcmccA;=GViZ9ydCwUv^LoD~uoB_#z``ud4Qxq8X@x%vggiTXx*26_gPoKcLDoY9g7 z43eBN5ekXPxv9FDxdl0?xv6<2i6xo&dAgY?x&}~SD9ITcp>S{QzW4aBBxii{62>Ga zAEpR}cBlTMN)5J#Y;o1+Y(CgODdkKveEOhzZx#Q&gd^uwkF%s2=^5%7utq4X*)4ed z$t}eq)*zcF=cH7k9xk$6XOsPRUPa;er#E)J$X>#j5)hOh0yL8;xoKwSw!c&Ti*~Ko zKjwYt(FfT~UEk-LZLb>o^JX^Mv!oj88S9x6XQm^>%*9Kei+(s0?p1vF=f2(9hy0EH zU)@%1QRH&yBG2SBE#!tM>qr+FiUCWY){}=6tHwr*pZ2qqP`Z-_14bQoNT># qF-xXvSBH@V=4eb