Rebase to latest of CoRIM Branch

go.mod

@@ -29,7 +29,7 @@ require (
 	github.com/tbaehler/gin-keycloak v1.5.0
 	github.com/veraison/ccatoken v1.1.0
 	github.com/veraison/cmw v0.1.0
-	github.com/veraison/corim v1.1.2-0.20230912171018-eeb7bd486d3c
+	github.com/veraison/corim v1.1.2
 	github.com/veraison/dice v0.0.1
 	github.com/veraison/ear v1.1.2
 	github.com/veraison/eat v0.0.0-20220117140849-ddaf59d69f53
@@ -62,7 +62,7 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/fsnotify/fsnotify v1.5.4 // indirect
-	github.com/fxamacker/cbor/v2 v2.4.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.5.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect

go.sum

@@ -401,8 +401,9 @@ github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmV
 github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA=
 github.com/fxamacker/cbor/v2 v2.2.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/fxamacker/cbor/v2 v2.3.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
-github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
 github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
+github.com/fxamacker/cbor/v2 v2.5.0 h1:oHsG0V/Q6E/wqTS2O1Cozzsy69nqCiguo5Q1a1ADivE=
+github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
 github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
 github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
@@ -1062,8 +1063,8 @@ github.com/veraison/ccatoken v1.1.0 h1:U0Z5fOQRsdz3ksvvxVzTITczo+kfRxIlkWahJNP6I
 github.com/veraison/ccatoken v1.1.0/go.mod h1:qh/KBwsrhPyGJqttlh8PU56wt1rPkUCX9A3ZAA/53Nc=
 github.com/veraison/cmw v0.1.0 h1:vD6tBlGPROCW/HlDcG1jh+XUJi5ihrjXatKZBjrv8mU=
 github.com/veraison/cmw v0.1.0/go.mod h1:WoBrlgByc6C1FeHhdze1/bQx1kv5d1sWKO5ezEf4Hs4=
-github.com/veraison/corim v1.1.2-0.20230912171018-eeb7bd486d3c h1:do1Yj0d4uq+Sd4PusgE8pfLfSKejJfaWukyjYTi8Ro0=
-github.com/veraison/corim v1.1.2-0.20230912171018-eeb7bd486d3c/go.mod h1:Vn9+tCyN2ljpQxYvM6rwu3hNqdVbWrdQ9hqMa1Jfxb0=
+github.com/veraison/corim v1.1.2 h1:JIk6ZK/OzKEb0FJUFHSnmkn67yyGy+5NChYax0bwttA=
+github.com/veraison/corim v1.1.2/go.mod h1:yoN6+vVQJgzS926nheCbJi68SvOlN0CpiPuTxYSe5FU=
 github.com/veraison/dice v0.0.1 h1:dOm7ByDN/r4WlDsGkEUXzdPMXgTvAPTAksQ8+BwBrD4=
 github.com/veraison/dice v0.0.1/go.mod h1:QPMLc5LVMj08VZ+HNMYk4XxWoVYGAUBVm8Rd5V1hzxs=
 github.com/veraison/ear v1.1.2 h1:Xs41FqAG8IyJaceqNFcX2+nf51Et1uyhmCJV8SZqw/8=

integration-tests/tests/test_enacttrust_badkey.tavern.yaml

@@ -34,4 +34,4 @@ stages:
       status_code: 200
       json:
         status: failed
-        failure-reason: 'submit endorsement returned error: submit endorsements failed: RPC server returned error: plugin "unsigned-corim (TPM EnactTrust profile)" returned error: decoding failed for CoMID at index 0: cbor: cannot unmarshal map into Go struct field comid.Comid.4 of type comid.ICryptoKeyValue'
+        failure-reason: 'submit endorsement returned error: submit endorsements failed: RPC server returned error: plugin "unsigned-corim (TPM EnactTrust profile)" returned error: decoding failed for CoMID at index 0: error unmarshalling field "Triples": error unmarshalling field "AttestVerifKeys": cbor: cannot unmarshal map into Go struct field comid.AttestVerifKey.verification-keys of type comid.ICryptoKeyValue'

scheme/cca-ssd-platform/endorsement_handler_test.go

@@ -58,7 +58,7 @@ func TestDecoder_Decode_invalid_data(t *testing.T) {
 
 	invalidCbor := []byte("invalid CBOR")
 
-	expectedErr := `CBOR decoding failed: cbor: cannot unmarshal UTF-8 text string into Go value of type corim.UnsignedCorim`
+	expectedErr := `CBOR decoding failed: expected map (CBOR Major Type 5), found Major Type 3`
 
 	_, err := d.Decode(invalidCbor)
 

scheme/common/arm/extractor.go

@@ -1,4 +1,4 @@
-// Copyright 2022-2023 Contributors to the Veraison project.
+// Copyright 2022-2024 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 package arm
 
@@ -51,14 +51,15 @@ func (o Extractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsem
 		}
 
 		// Check which MKey is present and then decide which extractor to invoke
-		if m.Key.IsPSARefValID() { // nolint:gocritic
+		switch m.Key.Type() {
+		case comid.PSARefValIDType:
 			var swCompAttrs SwCompAttributes
 
 			refVal, err = extractMeasurement(&swCompAttrs, m, classAttrs, o.Scheme)
 			if err != nil {
 				return nil, fmt.Errorf("unable to extract measurement at index %d, %w", i, err)
 			}
-		} else if m.Key.IsCCAPlatformConfigID() {
+		case comid.CCAPlatformConfigIDType:
 			if (o.Scheme != "CCA_SSD_PLATFORM") && (o.Scheme != "PARSEC_CCA") {
 				return nil, fmt.Errorf("measurement error at index %d: incorrect profile %s", i, o.Scheme)
 			}
@@ -67,7 +68,7 @@ func (o Extractor) RefValExtractor(rv comid.ReferenceValue) ([]*handler.Endorsem
 			if err != nil {
 				return nil, fmt.Errorf("unable to extract measurement: %w", err)
 			}
-		} else {
+		default:
 			return nil, fmt.Errorf("unknown measurement key: %T", reflect.TypeOf(m.Key))
 		}
 		refVals = append(refVals, refVal)

scheme/parsec-cca/endorsement_handler_test.go

@@ -80,7 +80,7 @@ func TestDecoder_Decode_invalid_data(t *testing.T) {
 
 	invalidCbor := []byte("invalid CBOR")
 
-	expectedErr := `CBOR decoding failed: cbor: cannot unmarshal UTF-8 text string into Go value of type corim.UnsignedCorim`
+	expectedErr := `CBOR decoding failed: expected map (CBOR Major Type 5), found Major Type 3`
 
 	_, err := d.Decode(invalidCbor)
 

scheme/parsec-cca/evidence_handler.go

@@ -1,4 +1,4 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2024 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 package parsec_cca
 

scheme/parsec-tpm/corim_extractor.go

@@ -1,4 +1,4 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2024 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 package parsec_tpm
 
@@ -174,7 +174,7 @@ func (o *ID) FromEnvironment(e comid.Environment) error {
 		return fmt.Errorf("class-id not found in class")
 	}
 
-	if classID.Type() != comid.ClassIDTypeUUID {
+	if classID.Type() != comid.UUIDType {
 		return fmt.Errorf("class-id not in UUID format")
 	}
 

scheme/parsec-tpm/endorsement_handler_test.go

@@ -38,7 +38,7 @@ func TestDecoder_Decode_negative_tests(t *testing.T) {
 		{
 			desc:        "key with an instance identifier of an unexpected type",
 			input:       unsignedCorimComidParsecTpmKeyUnknownInstanceType,
-			expectedErr: `bad key in CoMID at index 0: could not extract id from AVK environment: could not extract instance-id (UEID) from instance: instance-id type is: comid.TaggedUUID`,
+			expectedErr: `bad key in CoMID at index 0: could not extract id from AVK environment: could not extract instance-id (UEID) from instance: instance-id type is: *comid.TaggedUUID`,
 		},
 		{
 			desc:        "key without class",
@@ -73,7 +73,7 @@ func TestDecoder_Decode_negative_tests(t *testing.T) {
 		{
 			desc:        "measurement with PCR of an unexpected type",
 			input:       unsignedCorimComidParsecTpmPcrsUnknownPCRType,
-			expectedErr: `bad software component in CoMID at index 0: could not extract PCR: measurement key is not uint: measurement-key type is: comid.TaggedUUID`,
+			expectedErr: `bad software component in CoMID at index 0: could not extract PCR: measurement key is not uint: measurement-key type is: *comid.TaggedUUID`,
 		},
 		{
 			desc:        "measurement with PCR without digests",
@@ -139,7 +139,7 @@ func TestDecoder_Decode_invalid_data(t *testing.T) {
 
 	invalidCbor := []byte("invalid CBOR")
 
-	expectedErr := `CBOR decoding failed: cbor: cannot unmarshal UTF-8 text string into Go value of type corim.UnsignedCorim`
+	expectedErr := `CBOR decoding failed: expected map (CBOR Major Type 5), found Major Type 3`
 
 	_, err := d.Decode(invalidCbor)
 

scheme/parsec-tpm/evidence_handler.go

@@ -1,4 +1,4 @@
-// Copyright 2023 Contributors to the Veraison project.
+// Copyright 2024 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 package parsec_tpm
 

scheme/psa-iot/endorsement_handler_test.go

@@ -58,7 +58,7 @@ func TestDecoder_Decode_invalid_data(t *testing.T) {
 
 	invalidCbor := []byte("invalid CBOR")
 
-	expectedErr := `CBOR decoding failed: cbor: cannot unmarshal UTF-8 text string into Go value of type corim.UnsignedCorim`
+	expectedErr := `CBOR decoding failed: expected map (CBOR Major Type 5), found Major Type 3`
 
 	_, err := d.Decode(invalidCbor)
 
@@ -102,12 +102,12 @@ func TestDecoder_Decode_negative_tests(t *testing.T) {
 		{
 			desc:        "missing measurement identifier",
 			input:       unsignedCorimComidPsaRefValNoMkey,
-			expectedErr: "bad software component in CoMID at index 0: measurement key is not present",
+			expectedErr: `decoding failed for CoMID at index 0: error unmarshalling field "Triples": error unmarshalling field "ReferenceValues": error unmarshalling field "Flags": expected map (CBOR Major Type 5), found Major Type 0`,
 		},
 		{
 			desc:        "no implementation id specified in the measurement",
 			input:       unsignedCorimComidPsaRefValNoImplID,
-			expectedErr: `bad software component in CoMID at index 0: could not extract PSA class attributes: could not extract implementation-id from class-id: class-id type is: comid.TaggedUUID`,
+			expectedErr: `bad software component in CoMID at index 0: could not extract PSA class attributes: could not extract implementation-id from class-id: class-id type is: *comid.TaggedUUID`,
 		},
 		{
 			desc:        "no instance id specified in the verification key triple",
@@ -117,7 +117,7 @@ func TestDecoder_Decode_negative_tests(t *testing.T) {
 		{
 			desc:        "no implementation id specified in the verification key triple",
 			input:       unsignedCorimComidPsaIakPubNoImplID,
-			expectedErr: `bad key in CoMID at index 0: could not extract PSA class attributes: could not extract implementation-id from class-id: class-id type is: comid.TaggedUUID`,
+			expectedErr: `bad key in CoMID at index 0: could not extract PSA class attributes: could not extract implementation-id from class-id: class-id type is: *comid.TaggedUUID`,
 		}}
 
 	for _, tv := range tvs {