diff --git a/.gitignore b/.gitignore
index 6bb26a80..06b53509 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,7 +15,3 @@
# vendor/
mocks/
-
-# Generated during testing
-cocli/cocli
-cocli/cmd/output.cbor
diff --git a/Makefile b/Makefile
index f5e8bbdb..a22b3fd4 100644
--- a/Makefile
+++ b/Makefile
@@ -7,14 +7,9 @@ GO111MODULE := on
GOPKG := github.com/veraison/corim/corim
GOPKG += github.com/veraison/corim/comid
GOPKG += github.com/veraison/corim/cots
-GOPKG += github.com/veraison/corim/cocli/cmd
GOPKG += github.com/veraison/corim/encoding
GOPKG += github.com/veraison/corim/extensions
-MOCKGEN := $(shell go env GOPATH)/bin/mockgen
-INTERFACES := cocli/cmd/isubmitter.go
-MOCKPKG := mocks
-
GOLINT ?= golangci-lint
ifeq ($(MAKECMDGOALS),lint)
@@ -26,7 +21,8 @@ else
endif
.PHONY: lint lint-extra
-lint lint-extra: _mocks; $(GOLINT) $(GOLINT_ARGS)
+lint lint-extra:
+ $(GOLINT) $(GOLINT_ARGS)
ifeq ($(MAKECMDGOALS),test)
GOTEST_ARGS ?= -v -race $(GOPKG)
@@ -38,28 +34,14 @@ endif
COVER_THRESHOLD := $(shell grep '^name: cover' .github/workflows/ci-go-cover.yml | cut -c13-)
-
-define MOCK_template
-mock_$(1): $(1)
- $$(MOCKGEN) -source=$$< -destination=cocli/cmd/mocks/$$$$(basename $$@) -package=$$(MOCKPKG)
-endef
-
-$(foreach m,$(INTERFACES),$(eval $(call MOCK_template,$(m))))
-MOCK_FILES := $(foreach m,$(INTERFACES),$(join mock_,$(m)))
-CLEANFILES := $(MOCK_FILES)
-
-_mocks: $(MOCK_FILES)
-.PHONY: _mocks
-
.PHONY: test test-cover
-test test-cover: _mocks; go test $(GOTEST_ARGS)
+test test-cover:
+ go test $(GOTEST_ARGS)
-realtest: _mocks; go test $(GOTEST_ARGS)
+realtest:
+ go test $(GOTEST_ARGS)
.PHONY: realtest
-.PHONY: clean
-clean: ; $(RM) $(CLEANFILES)
-
presubmit:
@echo
@echo ">>> Check that the reported coverage figures are $(COVER_THRESHOLD)"
diff --git a/README.md b/README.md
index 8dd87998..36ff7bd6 100644
--- a/README.md
+++ b/README.md
@@ -10,8 +10,6 @@ The [`corim/corim`](corim) and [`corim/comid`](comid) packages provide a golang
> These API are still in active development (as is the underlying CoRIM spec).
> They are **subject to change** in the future.
-The [`corim/cocli`](cocli) package uses the API above (as well as the API from [`veraison/swid`](https://github.com/veraison/swid) package) to provide a user friendly command line interface for working with CoRIM, CoMID, CoSWID and CoTS. Specifically it allows creating, signing, verifying, displaying, uploading, and more. See [`cocli/README.md`](cocli/README.md) for further details.
-
## Developer tips
Before requesting a PR (and routinely during the dev/test cycle), you are encouraged to run:
diff --git a/cocli/README.md b/cocli/README.md
index 7d0e3969..338ec40a 100644
--- a/cocli/README.md
+++ b/cocli/README.md
@@ -1,693 +1,3 @@
# Corim Command Line Interface
-In this document we describe how to use Corim Command Line Interface tool `cocli`
-
-* [Installation](#installing-and-configuring)
-* [Command Snapshot](#cocli-command-snapshot)
-* [Supported Commands](#supported-commands)
- * [CoMID Commands](#comids-manipulation)
- * [Create](#create)
- * [Display](#display)
- * [CoTS Commands](#cotss-manipulation)
- * [Create](#create-1)
- * [Display](#display-1)
- * [CoRIM Commands](#corims-manipulation)
- * [Create](#create-2)
- * [Sign](#sign)
- * [Verify](#verify)
- * [Display](#display-2)
- * [Extract](#extract-coswids-comids-and-cotss)
- * [CoRIM Submission](#corim-submission-to-veraison)
- * [Remote Authentication](#remote-service-authentication)
- * [Command Synopsis](#visual-synopsis-of-the-available-commands)
-
-# Installing and configuring
-
-To install the `cocli` command, do:
-```
-$ go install github.com/veraison/corim/cocli@latest
-```
-
-To configure auto-completion, use the `completion` subcommand. For example, if
-`bash` is your shell, you would do something like:
-```
-$ cocli completion bash > ~/.bash_completion.d/cocli
-$ . ~/.bash_completion
-```
-to get automatic command completion and suggestions using the TAB key.
-
-To get a list of the supported shells, do:
-```
-$ cocli completion --help
-```
-# Cocli Command Snapshot
-This document provides step-by-step instructions for how to use the `cocli` tool to manipulate CoRIMs, CoMIDs and CoTS.
-
-```mermaid
-flowchart TD
- subgraph COCLI["COCLI COMMANDS"]
- style COCLI fill:#ffffff, stroke:#333,stroke-width:4px
- subgraph CORIMCMD["CORIM COMMANDS \n
- cocli corim create \n cocli corim display \n cocli corim sign \n cocli corim verify\n cocli corim extract\n cocli corim submit"]
- end
- subgraph COMIDCMD["COMID COMMANDS \n cocli comid create \n cocli comid display"]
- end
-
- subgraph COTSCMD["COTS COMMANDS \n cocli cots create \n cocli cots display"]
- end
- end
- CORIM ---> CORIMCMD
-subgraph CORIM["CoRIM"]
- subgraph CoMID["COMIDs\n"]
- CM3["CoMID-N"]
- CM2["CoMID-2"]
- CM1["CoMID-1"]
- CM1 -.- CM2
- CM2 -.- CM3
- CM3 ---> COMIDCMD
- end
-
- subgraph CoSWID["CoSWID\n"]
- CSW1["CoSWID-1"]
- CSW2["CoSWID-2"]
- CSW3["CoSWID-N"]
- CSW1 -.- CSW2
- CSW2 -.- CSW3
- end
-
- subgraph CoTS["COTS\n"]
- CS3["CoTS-N"]
- CS2["CoTS-2"]
- CS1["CoTS-1"]
- CS1 -.- CS2
- CS2 -.- CS3
- CS3 ---> COTSCMD
- end
-
-end
-
-```
-
-# Supported Commands
-This section describes all the available commands supported by `cocli` tool
-
-## CoMIDs manipulation
-
-The `comid` subcommand allows you to create, display and validate CoMIDs.
-
-### Create
-
-Use the `comid create` subcommand to create a CBOR-encoded CoMID, passing its
-JSON representation via the `--template` switch (or equivalently its `-t` shorthand):
-
-* Please inspect `comid` JSON templates as examples under `data/comid/templates` `comid-*.json`
-
-```
-$ cocli comid create --template data/comid/templates/comid-dice-refval.json
-```
-On success, you should see something like the following printed to stdout:
-```
->> created "comid-dice-refval.cbor" from "comid-dice-refval.json"
-```
-
-The CBOR-encoded CoMID file is stored in the current working directory with a
-name derived from its template. If you want, you can specify a different
-target directory using the `--output-dir` command line switch (abbrev. `-o`)
-```
-$ cocli comid create --template data/comid/templates/comid-dice-refval.json --output-dir /tmp
->> created "/tmp/comid-dice-refval.cbor" from "comid-dice-refval.json"
-```
-Note that the output directory, as well as all its parent directories, MUST
-pre-exist.
-
-You can also create multiple CoMIDs in one go. Suppose all your templates are
-stored in the `templates/` folder:
-```
-$ tree templates/
-templates/
-├── comid-dice-refval1.json
-├── comid-dice-refval2.json
-...
-└── comid-dice-refvaln.json
-```
-Then, you can use the `--template-dir` (abbrev. `-T`), and let the tool load,
-validate, and CBOR-encode the templates one by one:
-```
-$ cocli comid create --template-dir templates
->> created "comid-dice-refval1.cbor" from "templates/comid-dice-refval1.json"
->> created "comid-dice-refval2.cbor" from "templates/comid-dice-refval2.json"
-...
->> created "comid-dice-refvaln.cbor" from "templates/comid-dice-refvaln.json"
-```
-
-You can specify both the `-T` and `-t` switches as many times as needed, and
-even combine them in one invocation:
-```
-$ cocli comid create -T comid-templates/ \
- -T comid-templates-aux/ \
- -t extra-comid.json \
- -t yet-another-comid.json \
- -o /var/spool/comid
-```
-
-**NOTE** that since the output file name is deterministically generated from the
-template file name, all the template files (when from different directories)
-MUST have different base names.
-
-
-### Display
-
-Use the `comid display` subcommand to print to stdout one or more CBOR-encoded
-CoMIDs in human readable (JSON) format.
-
-You can supply individual files using the `--file` switch (abbrev. `-f`), or
-directories that may (or may not) contain CoMID files using the `--dir` switch
-(abbrev. `-d`). Only valid CoMIDs will be displayed, and any decoding or
-validation error will be printed alongside the corresponding file name.
-
-For example:
-```
-$ cocli comid display --file data/comid/comid-dice-refval.cbor
-```
-provided the `comid-dice-refval.cbor` file contains valid CoMID, would print something like:
-```
->> [comid-dice-refval.cbor]
-{
- "tag-identity": {
- "id": "1d5a8c7c-1c70-4c56-937e-3c5713ae5a83"
- },
- "triples": {}
-[...]
-}
-```
-While a `data/comid/` folder with the following contents:
-```
-$ tree data/comid/
-data/comid/
-├── rubbish.cbor
-├── 1.cbor
-└── 2.cbor
-```
-could be inspected in one go using:
-```
-$ cocli comid display --dir data/comid/
-```
-which would output something like:
-```
->> failed displaying "comids.d/rubbish.cbor": CBOR decoding failed: EOF
->> [data/comid/1.cbor]
-{
- "tag-identity": {
- "id": "43bbe37f-2e61-4b33-aed3-53cff1428b16"
- },
-[...]
-}
->> [data/comid/2.cbor]
-{
- "tag-identity": {
- "id": "366d0a0a-5988-45ed-8488-2f2a544f6242"
- },
-[...]
-}
-Error: 1/3 display(s) failed
-```
-
-One or more files and directories can be supplied in the same invocation, e.g.:
-```
-$ cocli comid display -f m1.cbor \
- -f comids.d/m2.cbor \
- -d /var/spool/comids \
- -d yet-another-comid-folder/
-```
-
-## CoTSs manipulation
-The `cots` subcommand allows you to create, display and validate CoTSs.
-
-### Create
-
-Use the `cots create` subcommand to create a CBOR-encoded CoTS. The `environment` switch takes in a JSON template specifiying the environments that are valid for the keys specified and the `tas` switch takes in a directory of trust anchors files:
-
-* Please inspect `data/cots/templates` JSON templates as examples for `environment` and `claims`
-
-
-```
-$ cocli cots create --environment data/cots/env/vendor.json --tafile data/cots/shared_ta.ta
-```
-On success, you should see something like the following printed to stdout:
-```
->> created "vendor.cbor"
-```
-
-The CBOR-encoded CoTS file is stored in the current working directory with a
-name derived from its environment template. If you want, you can specify a different
-target directory and file name using the `--output` command line switch (abbrev. `-o`)
-```
-$ cocli cots create --environment data/cots/env/vendor.json --tafile data/cots/shared_ta.ta --output /tmp/myCots.cbor
->> created "/tmp/myCots.cbor"
-```
-Note that the output directory, as well as all its parent directories, MUST pre-exist.
-
-### Display
-
-Use the `cots display` subcommand to print to stdout one or more CBOR-encoded
-CoTSs in human readable (JSON) format.
-
-You can supply individual files using the `--file` switch (abbrev. `-f`), or
-directories that may (or may not) contain CoTS files using the `--dir` switch
-(abbrev. `-d`). Only valid CoTSs will be displayed, and any decoding or
-validation error will be printed alongside the corresponding file name.
-
-For example:
-```
-$ cocli cots display --file vendor.cbor
-```
-provided the `vendor.cbor` file contains valid CoTS, would print something like:
-```
->> [vendor.cbor]
-{
- "environments": [
- {
- "environment": {
- "class": {
- "vendor": "Zesty Hands, Inc."
- }
- }
- }
- ],
- "keys": {
- "tas": [
- {
- "format": 1,
- "data": "ooICejCCAnYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATjUaoQOSQHpL0DfKC8EVTQ5wHwZ085yyxPkhBpLOu+7B0nl33FYWV1Hg4je/37FTbpmohFkUKWYd81z8C/K1DMBBQBXEXJrLBGKnFd1xCgeMAVSfEBPzCCAgEwPjELMAkGA1UEBgwCVVMxEDAOBgNVBAoMB0V4YW1wbGUxHTAbBgNVBAMMFEV4YW1wbGUgVHJ1c3QgQW5jaG9yoIIBvTCCAWSgAwIBAgIVANCdkL89UlzHc9Ui7XfVniK7pFuIMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDdaFw0zMjA1MTYxNTEzMDdaMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABONRqhA5JAekvQN8oLwRVNDnAfBnTznLLE+SEGks677sHSeXfcVhZXUeDiN7/fsVNumaiEWRQpZh3zXPwL8rUMyjPzA9MB0GA1UdDgQWBBQBXEXJrLBGKnFd1xCgeMAVSfEBPzALBgNVHQ8EBAMCAoQwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiALBidABsfpzG0lTL9Eh9b6AUbqnzF+koEZbgvppvvt9QIgVoE+bhEN0j6wSPzePjLrEdD+PEgyjHJ5rbA11SPq/1M="
- }
- ]
- }
-}
-
-```
-While a `data/cots` folder with the following contents:
-```
-$ tree cots/
-cots/
-├── rubbish.cbor
-├── namedtastore.cbor
-├── vendor.cbor
-```
-could be inspected in one go using:
-```
-$ cocli cots display --dir data/cots/
-```
-which would output something like:
-```
->> [data/cots/namedtastore.cbor]
-{
- "environments": [
- {
- "namedtastore": "Miscellaneous TA Store"
- }
- ],
- "keys": {
- "tas": [
- {
- "format": 1,
- "data": "ooIC1TCCAtEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN0f5kzywEzZOYbaV23O3N8cku39JoLNjlHPwECbXDDWp0LpAO1z248/hoy6UW/TZMTPPR/93XwHsG16mSFy8XBBSKhM/5gJWjvDbW7qUY1peNm9cfYDCCAlwwXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yoIIB+jCCAZ+gAwIBAgIUEBuTRGXAEEVEHhu4xafAnqm+qYgwCgYIKoZIzj0EAwIwXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yMB4XDTIyMDUxOTE1MTMwOFoXDTMyMDUxNjE1MTMwOFowXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzdH+ZM8sBM2TmG2ldtztzfHJLt/SaCzY5Rz8BAm1ww1qdC6QDtc9uPP4aMulFv02TEzz0f/d18B7BtepkhcvF6M/MD0wHQYDVR0OBBYEFIqEz/mAlaO8NtbupRjWl42b1x9gMAsGA1UdDwQEAwIChDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0kAMEYCIQC2cf43f3PPlCO6/dxv40ftIgxxToKHF72UzENv7+y4ygIhAIGtC/r6SGaFMaP7zD2EloBuIXTtyWu8Hwl+YGdXRY93"
- }
- ]
- }
-}
->> failed displaying "data/cots/rubbish.cbor": CBOR decoding failed: cbor: cannot unmarshal primitives into Go value of type cots.ConciseTaStore
->> [data/cots/vendor.cbor]
-{
- "environments": [
- {
- "environment": {
- "class": {
- "vendor": "Zesty Hands, Inc."
- }
- }
- }
- ],
- "keys": {
- "tas": [
- {
- "format": 1,
- "data": "ooICejCCAnYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATjUaoQOSQHpL0DfKC8EVTQ5wHwZ085yyxPkhBpLOu+7B0nl33FYWV1Hg4je/37FTbpmohFkUKWYd81z8C/K1DMBBQBXEXJrLBGKnFd1xCgeMAVSfEBPzCCAgEwPjELMAkGA1UEBgwCVVMxEDAOBgNVBAoMB0V4YW1wbGUxHTAbBgNVBAMMFEV4YW1wbGUgVHJ1c3QgQW5jaG9yoIIBvTCCAWSgAwIBAgIVANCdkL89UlzHc9Ui7XfVniK7pFuIMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDdaFw0zMjA1MTYxNTEzMDdaMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABONRqhA5JAekvQN8oLwRVNDnAfBnTznLLE+SEGks677sHSeXfcVhZXUeDiN7/fsVNumaiEWRQpZh3zXPwL8rUMyjPzA9MB0GA1UdDgQWBBQBXEXJrLBGKnFd1xCgeMAVSfEBPzALBgNVHQ8EBAMCAoQwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiALBidABsfpzG0lTL9Eh9b6AUbqnzF+koEZbgvppvvt9QIgVoE+bhEN0j6wSPzePjLrEdD+PEgyjHJ5rbA11SPq/1M="
- }
- ]
- }
-}
-
-Note: One of more files and directories can be supplied in the same invocation, using -f and -d directive:
-
-```
-
-## CoSWID manipulation
-
-Tooling to manipulate `CoSWID` is not currently available under Project Veraison.
-However CoSWID can be part of CoRIM by constructing CoSWID CBOR by other indistry available
-tools such as [swid-tools](https://github.com/usnistgov/swid-tools) and including them
-as mentioned under [CORIM Construction](CORIM.md)
-
-## CoRIMs manipulation
-
-The `corim` subcommand allows you to create, display, sign, verify CoRIMs or submit
-a CoRIM using the [Veraison provisioning API](https://github.com/veraison/docs/tree/main/api/endorsement-provisioning).
-It also provides a means to extract as-is the embedded CoSWIDs, CoMIDs and CoTSs and save
-them as separate files.
-
-### Create
-
-Use the `corim create` subcommand to create a CBOR-encoded, unsigned CoRIM, by
-passing its JSON representation via the `--template` switch (or equivalently its `-t` shorthand)
-together with the CBOR-encoded CoMIDs, CoSWIDs and/or CoTS to be embedded.
-
-* Please inspect `corim` JSON templates as examples under `data/corim/templates` `corim-*.json`
-
-```
-$ cocli corim create --template data/corim/templates/corim-full.json --comid data/comid/comid-dice-refval.cbor --coswid data/coswid/1.cbor --cots data/cots/vendor.cbor
-```
-On success, you should see something like the following printed to stdout:
-```
->> created "corim-full.cbor" from "corim-full.json"
-```
-
-The CBOR-encoded CoRIM file is stored in the current working directory with a
-name derived from its template. If you want, you can specify a different
-file name using the `--output` command line switch (abbrev. `-o`):
-```
-$ cocli corim create -t data/corim/templates/corim-full.json -m data/comid/comid-dice-refval.cbor -s data/coswid/1.cbor -c data/cots/c1.cbor -o unsigned-corim.cbor
->> created "unsigned-corim.cbor" from "corim-full.json"
-```
-
-CoMIDs, CoSWIDs and CoTSs can be either supplied as individual files, using the
-`--comid` (abbrev. `-m`), `--coswid` (abbrev. `-s`) and `--cots` (abbrev. `-c`) switches respectively, or
-as "per-folder" blocks using the `--comid-dir` (abbrev. `-M`), `--coswid-dir` and `--cots-dir`
-(abbrev. `-C`) switch. For example:
-```
-$ cocli corim create --template data/corim/templates/corim-full.json --comid-dir data/comid/cbor/
-```
-
-Creation will fail if *any* of the inputs is non conformant. For example, if
-`data/comid/cbor/` contains an invalid CoMID file `rubbish.cbor`, an attempt to create a
-CoRIM:
-```
-$ cocli corim create -t data/corim/templates/corim-full.json -M data/comid/cbor/
-```
-will fail with:
-```
-Error: error loading CoMID from data/comid/cbor/rubbish.cbor: EOF
-```
-
-### Sign
-
-Use the `corim sign` subcommand to cryptographically seal the unsigned CoRIM
-supplied via the `--file` switch (abbrev. `-f`). The signature is produced
-using the key supplied via the `--key` switch (abbrev. `-k`), which is expected
-to be in [JWK](https://www.rfc-editor.org/rfc/rfc7517) format. On success, the
-resulting COSE Sign1 payload is saved to file whose name can be controlled using
-the `--output` switch (abbrev. `-o`). A CoRIM Meta template in JSON format must
-also be provided using the `--meta` switch (abbrev.`-m`).
-
-* Please inspect the `data/corim/templates` directory for `meta` JSON templates.
-
-For example, with the default output file:
-```
-$ cocli corim sign --file corim.cbor --key ec-p256.jwk --meta meta.json
->> "corim.cbor" signed and saved to "signed-corim.cbor"
-```
-Or, the same but with a custom output file:
-```
-$ cocli corim sign --file data/corim/corim-full.cbor \
- --key data/keys/ec-p256.jwk \
- --meta data/corim/templates/meta-full.json \
- --output /var/spool/signed-corim.cbor
->> "corim-full.cbor" signed and saved to "/var/spool/signed-corim.cbor"
-```
-
-### Verify
-
-Use the `corim verify` subcommand to cryptographically verify the signed CoRIM
-supplied via the `--file` switch (abbrev. `-f`). The signature is checked
-using the key supplied via the `--key` switch (abbrev. `-k`), which is expected
-to be in [JWK](https://www.rfc-editor.org/rfc/rfc7517) format. For example:
-```
-$ cocli corim verify --file data/corim/signed-corim.cbor --key data/keys/ec-p256.jwk
->> "signed-corim.cbor" verified
-```
-
-Verification can fail either because the cryptographic processing fails or
-because the signed payload or protected headers are themselves invalid. For example:
-```
-$ cocli corim verify --file data/corim/signed-corim-bad-signature.cbor --key data/keys/ec-p256.jwk
-```
-will give
-```
-Error: error verifying signed-corim-bad-signature.cbor with key ec-p256.jwk: verification failed ecdsa.Verify
-```
-
-### Display
-
-Use the `corim display` subcommand to print to stdout a signed CoRIM in human
-readable (JSON) format.
-
-You must supply the file you want to display using the `--file` switch (abbrev.
-`-f`). Only a valid CoRIM will be displayed, and any occurring decoding or
-validation errors will be printed instead.
-
-The output has two logical sections: one for Meta and one for the (unsigned)
-CoRIM:
-```
-$ cocli corim display --file data/corim/signed-corim.cbor
-Meta:
-{
- "signer": {
- "name": "ACME Ltd signing key",
- "uri": "https://acme.example/signing-key.pub"
- },
-[...]
-}
-Corim:
-{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc",
- "tags": [
- "2QH...",
-[...]
- ]
-}
-```
-
-By default, the embedded CoMID, CoSWID and CoTS tags are not expanded, and what you
-will see is the base64 encoding of their CBOR serialisation. If you want to
-peek at the tags' content, supply the `--show-tags` (abbrev. `-v`) switch, which
-will add a further Tags section with one entry per each expanded tag:
-```
-$ cocli corim display --file data/corim/signed-corim.cbor --show-tags
-Meta:
-{
-[...]
-}
-Corim:
-{
-[...]
-}
-Tags:
->> [ 0 ]
-{
- "tag-identity": {
- "id": "366d0a0a-5988-45ed-8488-2f2a544f6242"
- },
-[...]
-}
->> [ 1 ]
-{
- "tag-identity": {
- "id": "43bbe37f-2e61-4b33-aed3-53cff1428b16"
- },
-[...]
-}
->> [ 2 ]
-{
- "tag-id": "com.acme.rrd2013-ce-sp1-v4-1-5-0",
-[...]
-}
-```
-
-### Extract CoSWIDs, CoMIDs and CoTSs
-
-Use the `corim extract` subcommand to extract the embedded CoMIDs, CoSWIDs and CoTSs
-from a signed CoRIM.
-
-You must supply a signed CoRIM file using the `--file` switch (abbrev. `-f`) and
-an optional output folder (default is the current working directory) using the
-`--output-dir` switch (abbrev. `-o`). Make sure that the output directory as
-well as any parent folder exists prior to issuing the command.
-
-On success, the found CoMIDs, CoSWIDs, CoTS are saved in CBOR format:
-```
-$ cocli corim extract --file data/corim/signed-corim.cbor --output-dir output.d/
-$ tree output.d/
-output.d/
-├── 000000-comid.cbor
-├── 000001-comid.cbor
-├── 000002-coswid.cbor
-└── 000003-cots.cbor
-```
-
-## CoRIM Submission to Veraison
-
-Use the `corim submit` subcommand to upload a CoRIM using the Veraison provisioning API.
-The CoRIM file containing the CoRIM data in CBOR format is supplied via the
-`--corim-file` switch (abbrev. `-f`). The server URL where to upload the CoRIM
-payload is supplied via the `--api-server` switch (abbrev. `-s`).
-Further, it is required to supply the media type of the content via the
-`--media-type` switch (abbrev. `-m`)
-```
-$ cocli corim submit \
- --corim-file data/corim/unsigned-corim.cbor \
- --api-server "https://veraison.example/endorsement-provisioning/v1/submit" \
- --media-type "application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1"
-
->> "unsigned-corim.cbor" submit ok
-```
-
-#### Remote Service Authentication
-
-The above will work if the remote service does not authenticate
-endorsement-provisioning API calls. If the service does authenticate, then
-cocli must be configured appropriately. This can be done using a `config.yaml`
-file located in the current working directory, or in the standard config
-path (usually `~/.config/cocli/config.yaml` on XDG-compliant systems). Please
-see `./data/config/example-config.yaml` file for details of the configuration
-that needs to be provided.
-
-#### Note on TLS
-
-If the scheme in the API server URL is HTTPS, `cocli` will attempt to establish
-a TLS connection to the server, validating the server certificate using system CA
-certs. It is possible to disable server certificate validation with
-`-i`/`--insecure` flag. Alternatively, if the CA cert for the server is
-available but is not installed in the system, it may be specified using
-`-E`/`--ca-cert` flag.
-
-## Visual Synopsis of the Available Commands
-
-```mermaid
-graph LR
- OEM[(OEM/ODM \n DB)]
- JSONTmplCoMID[["JSON \n template \n (CoMID)"]]
-
- JSONTmplCoSWID[["JSON \n template \n (CoSWID)"]]
- style JSONTmplCoSWID fill:#71797E
- click JSONTmplCoSWID "https://github.com/veraison/corim/issues/81"
-
- JSONTmplCoRIM[["JSON \n template \n (CoRIM)"]]
- JSONTmplMeta[["JSON \n template \n (Meta)"]]
- key((key))
-
- %% Cots nodes
- environments[["Environments"]]
- tas(("Trust \n anchors"))
- cas(("CA \n certificates"))
- permClaims[["Permanant claims"]]
- exclClaims[["Excluded claims"]]
-
- cliComidCreate($ cocli comid create)
- cliComidDisplay($ cocli comid display)
- style cliComidCreate fill:#00758f
- style cliComidDisplay fill:#00758f
-
- cliCotsCreate($ cocli cots create)
- cliCotsDisplay($ cocli cots display)
- style cliCotsCreate fill:#00758f
- style cliCotsDisplay fill:#00758f
-
- cliCoswidCreate($ cocli coswid create)
- cliCoswidDisplay($ cocli coswid display)
- style cliCoswidCreate fill:#71797E
- style cliCoswidDisplay fill:#71797E
-
-
- cliCorimCreate($ cocli corim create)
- cliCorimSign($ cocli corim sign)
- cliCorimVerify($ cocli corim verify)
- cliCorimExtract($ cocli corim extract)
- cliCorimDisplay($ cocli corim display)
- cliCorimSubmit($ cocli corim submit)
- style cliCorimCreate fill:#00758f
- style cliCorimSign fill:#00758f
- style cliCorimVerify fill:#00758f
- style cliCorimExtract fill:#00758f
- style cliCorimDisplay fill:#00758f
- style cliCorimSubmit fill:#00758f
-
- provisioningEndpoint{{Veraison \n Provisioning \n Service}}
-
- CBORComid1((CBOR
CoMID))
- CBORSwid1((CBOR
SWID))
- CBORCots1((CBOR
CoTS))
-
- CBORComid2((CBOR
CoMID))
- CBORSwid2((CBOR
SWID))
- CBORCots2((CBOR
CoTS))
-
- CBORCorim((CBOR CoRIM))
- CoseSign1((COSE Sign1 CoRIM))
- signBool((T/F))
-
- OEM --> JSONTmplCoMID
- OEM --> JSONTmplCoSWID
-
- %% Cots items provisioning
- OEM --> environments
- OEM --> tas
- OEM --> cas
- OEM --> permClaims
- OEM --> exclClaims
-
- OEM --> JSONTmplCoRIM
- OEM --> JSONTmplMeta
- OEM --> key
-
- %% Cots individual items
- environments --> cliCotsCreate
- tas --> cliCotsCreate
- cas --> cliCotsCreate
- permClaims --> cliCotsCreate
- exclClaims --> cliCotsCreate
-
-
- JSONTmplCoMID --> cliComidCreate
- JSONTmplCoSWID --> cliCoswidCreate
- JSONTmplCoRIM --> cliCorimCreate
- JSONTmplMeta --> cliCorimSign
- key --> cliCorimSign
- key --> cliCorimVerify
-
- cliComidCreate --> CBORComid1
- cliCotsCreate --> CBORCots1
- cliCoswidCreate --> CBORSwid1
-
- cliCorimCreate --> CBORCorim
- cliCorimSign --> CoseSign1
- cliCorimVerify --> signBool
- cliCorimSubmit -- to--> provisioningEndpoint
-
- CBORComid1 --> cliComidDisplay
- CBORComid1 --> cliCorimCreate
-
- CBORCots1 --> cliCorimCreate
- CBORCots1 --> cliCotsDisplay
-
- CBORSwid1 --> cliCoswidDisplay
- CBORSwid1 --> cliCorimCreate
-
- CBORCorim --> cliCorimSubmit
- CBORCorim --> cliCorimSign
- CoseSign1 --> cliCorimExtract
- CoseSign1 --> cliCorimVerify
- CoseSign1 --> cliCorimDisplay
-
- cliCorimExtract --> CBORComid2
- cliCorimExtract --> CBORSwid2
- cliCorimExtract --> CBORCots2
-```
+`cocli` is now available at [https://github.com/veraison/cocli](https://github.com/veraison/cocli)
diff --git a/cocli/cmd/comid.go b/cocli/cmd/comid.go
deleted file mode 100644
index 0b6c2429..00000000
--- a/cocli/cmd/comid.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2021 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "os"
-
- "github.com/spf13/cobra"
-)
-
-var comidCmd = &cobra.Command{
- Use: "comid",
- Short: "CoMID manipulation",
-
- Run: func(cmd *cobra.Command, args []string) {
- if len(args) == 0 {
- cmd.Help() // nolint: errcheck
- os.Exit(0)
- }
- },
-}
-
-func init() {
- rootCmd.AddCommand(comidCmd)
-}
diff --git a/cocli/cmd/comidCreate.go b/cocli/cmd/comidCreate.go
deleted file mode 100644
index 02b1a4d8..00000000
--- a/cocli/cmd/comidCreate.go
+++ /dev/null
@@ -1,132 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/comid"
-)
-
-var (
- comidCreateFiles []string
- comidCreateDirs []string
- comidCreateOutputDir string
-)
-
-var comidCreateCmd = NewComidCreateCmd()
-
-func NewComidCreateCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "create",
- Short: "create one or more CBOR-encoded CoMID(s) from the supplied JSON template(s)",
- Long: `create one or more CBOR-encoded CoMID(s) from the supplied JSON template(s)
-
- Create CoMIDs from templates t1.json and t2.json, plus any template found in
- the templates/ directory. Save them to the current working directory.
-
- cocli comid create --template=t1.json \
- --template=t2.json \
- --template-dir=templates
-
- Create one CoMID from template t3.json and save it to the comids/ directory.
- Note that the output directory must exist.
-
- cocli comid create --template=t3.json --output-dir=comids
-
- Note: since the output file is deterministically generated from the template
- file name, all the template file names (when from different directories)
- MUST be different.
- `,
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkComidCreateArgs(); err != nil {
- return err
- }
-
- filesList := filesList(comidCreateFiles, comidCreateDirs, ".json")
- if len(filesList) == 0 {
- return errors.New("no files found")
- }
-
- errs := 0
- for _, tmplFile := range filesList {
- cborFile, err := templateToCBOR(tmplFile, comidCreateOutputDir)
- if err != nil {
- fmt.Printf(">> creation failed for %q: %v\n", cborFile, err)
- errs++
- continue
- }
- fmt.Printf(">> created %q from %q\n", cborFile, tmplFile)
- }
-
- if errs != 0 {
- return fmt.Errorf("%d/%d creations(s) failed", errs, len(filesList))
- }
- return nil
- },
- }
-
- cmd.Flags().StringArrayVarP(
- &comidCreateFiles, "template", "t", []string{}, "a CoMID template file (in JSON format)",
- )
-
- cmd.Flags().StringArrayVarP(
- &comidCreateDirs, "template-dir", "T", []string{}, "a directory containing CoMID template files",
- )
-
- cmd.Flags().StringVarP(
- &comidCreateOutputDir, "output-dir", "o", ".", "directory where the created files are stored",
- )
-
- return cmd
-}
-
-func checkComidCreateArgs() error {
- if len(comidCreateFiles) == 0 && len(comidCreateDirs) == 0 {
- return errors.New("no templates supplied")
- }
- return nil
-}
-
-func templateToCBOR(tmplFile, outputDir string) (string, error) {
- var (
- tmplData, cborData []byte
- cborFile string
- c comid.Comid
- err error
- )
-
- if tmplData, err = afero.ReadFile(fs, tmplFile); err != nil {
- return "", fmt.Errorf("error loading template from %s: %w", tmplFile, err)
- }
-
- if err = c.FromJSON(tmplData); err != nil {
- return "", fmt.Errorf("error decoding template from %s: %w", tmplFile, err)
- }
-
- if err = c.Valid(); err != nil {
- return "", fmt.Errorf("error validating template %s: %w", tmplFile, err)
- }
-
- cborData, err = c.ToCBOR()
- if err != nil {
- return "", fmt.Errorf("error encoding template %s to CBOR: %w", tmplFile, err)
- }
-
- cborFile = makeFileName(outputDir, tmplFile, ".cbor")
-
- err = afero.WriteFile(fs, cborFile, cborData, 0644)
- if err != nil {
- return "", fmt.Errorf("error saving CBOR file %s: %w", cborFile, err)
- }
-
- return cborFile, nil
-}
-
-func init() {
- comidCmd.AddCommand(comidCreateCmd)
-}
diff --git a/cocli/cmd/comidCreate_test.go b/cocli/cmd/comidCreate_test.go
deleted file mode 100644
index 9bac5dca..00000000
--- a/cocli/cmd/comidCreate_test.go
+++ /dev/null
@@ -1,128 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
- "github.com/veraison/corim/comid"
-)
-
-func Test_ComidCreateCmd_unknown_argument(t *testing.T) {
- cmd := NewComidCreateCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_ComidCreateCmd_no_templates(t *testing.T) {
- cmd := NewComidCreateCmd()
-
- // no args
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no templates supplied")
-}
-
-func Test_ComidCreateCmd_no_files_found(t *testing.T) {
- cmd := NewComidCreateCmd()
-
- args := []string{
- "--template=unknown",
- "--template-dir=unsure",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files found")
-}
-
-func Test_ComidCreateCmd_template_with_invalid_json(t *testing.T) {
- var err error
-
- cmd := NewComidCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "invalid.json", []byte("..."), 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=invalid.json",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 creations(s) failed")
-}
-
-func Test_ComidCreateCmd_template_with_invalid_comid(t *testing.T) {
- var err error
-
- cmd := NewComidCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "bad-comid.json", []byte("{}"), 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=bad-comid.json",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 creations(s) failed")
-}
-
-func Test_ComidCreateCmd_template_from_file_to_default_dir(t *testing.T) {
- var err error
-
- cmd := NewComidCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "ok.json", []byte(comid.PSARefValJSONTemplate), 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=ok.json",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- expectedFileName := "ok.cbor"
-
- _, err = fs.Stat(expectedFileName)
- assert.NoError(t, err)
-}
-
-func Test_ComidCreateCmd_template_from_dir_to_custom_dir(t *testing.T) {
- var err error
-
- cmd := NewComidCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "testdir/ok.json", []byte(comid.PSARefValJSONTemplate), 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template-dir=testdir",
- "--output-dir=testdir",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- expectedFileName := "testdir/ok.cbor"
-
- _, err = fs.Stat(expectedFileName)
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/comidDisplay.go b/cocli/cmd/comidDisplay.go
deleted file mode 100644
index 41683e66..00000000
--- a/cocli/cmd/comidDisplay.go
+++ /dev/null
@@ -1,98 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
-)
-
-var (
- comidDisplayFiles []string
- comidDisplayDirs []string
-)
-
-var comidDisplayCmd = NewComidDisplayCmd()
-
-func NewComidDisplayCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "display",
- Short: "display one or more CBOR-encoded CoMID(s) in human readable (JSON) format",
- Long: `display one or more CBOR-encoded CoMID(s) in human readable (JSON) format.
- You can supply individual CoMID files or directories containing CoMID files.
-
- Display CoMID in file c.cbor.
-
- cocli comid display --file=c.cbor
-
- Display CoMIDs in files c1.cbor, c2.cbor and any cbor file in the comids/
- directory.
-
- cocli comid display --file=c1.cbor --file=c2.cbor --dir=comids
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkComidDisplayArgs(); err != nil {
- return err
- }
-
- filesList := filesList(comidDisplayFiles, comidDisplayDirs, ".cbor")
- if len(filesList) == 0 {
- return errors.New("no files found")
- }
-
- errs := 0
- for _, file := range filesList {
- if err := displayComidFile(file); err != nil {
- fmt.Printf(">> failed displaying %q: %v\n", file, err)
- errs++
- continue
- }
- }
-
- if errs != 0 {
- return fmt.Errorf("%d/%d display(s) failed", errs, len(filesList))
- }
- return nil
- },
- }
-
- cmd.Flags().StringArrayVarP(
- &comidDisplayFiles, "file", "f", []string{}, "a CoMID file (in CBOR format)",
- )
-
- cmd.Flags().StringArrayVarP(
- &comidDisplayDirs, "dir", "d", []string{}, "a directory containing CoMID files (in CBOR format)",
- )
-
- return cmd
-}
-
-func displayComidFile(file string) error {
- var (
- data []byte
- err error
- )
-
- if data, err = afero.ReadFile(fs, file); err != nil {
- return fmt.Errorf("error loading CoMID from %s: %w", file, err)
- }
-
- // use file name as heading
- return printComid(data, ">> ["+file+"]")
-}
-
-func checkComidDisplayArgs() error {
- if len(comidDisplayFiles) == 0 && len(comidDisplayDirs) == 0 {
- return errors.New("no files supplied")
- }
- return nil
-}
-
-func init() {
- comidCmd.AddCommand(comidDisplayCmd)
-}
diff --git a/cocli/cmd/comidDisplay_test.go b/cocli/cmd/comidDisplay_test.go
deleted file mode 100644
index cc43a92f..00000000
--- a/cocli/cmd/comidDisplay_test.go
+++ /dev/null
@@ -1,101 +0,0 @@
-// Copyright 2021 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "fmt"
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_ComidDisplayCmd_unknown_argument(t *testing.T) {
- cmd := NewComidDisplayCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_ComidDisplayCmd_no_files(t *testing.T) {
- cmd := NewComidDisplayCmd()
-
- // no args
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files supplied")
-}
-
-func Test_ComidDisplayCmd_no_files_found(t *testing.T) {
- cmd := NewComidDisplayCmd()
-
- args := []string{
- "--file=unknown",
- "--dir=unsure",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files found")
-}
-
-func Test_ComidDisplayCmd_file_with_invalid_cbor(t *testing.T) {
- var err error
-
- cmd := NewComidDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "invalid.cbor", []byte{0xff, 0xff}, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=invalid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 display(s) failed")
-}
-
-func Test_ComidDisplayCmd_file_with_valid_comid(t *testing.T) {
- var err error
-
- cmd := NewComidDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "ok.cbor", PSARefValCBOR, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fmt.Printf("%x\n", PSARefValCBOR)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_ComidDisplayCmd_file_with_valid_comid_from_dir(t *testing.T) {
- var err error
-
- cmd := NewComidDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "testdir/ok.cbor", PSARefValCBOR, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--dir=testdir",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/comidValidate.go b/cocli/cmd/comidValidate.go
deleted file mode 100644
index 0aef8767..00000000
--- a/cocli/cmd/comidValidate.go
+++ /dev/null
@@ -1,108 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/comid"
-)
-
-var (
- comidValidateFiles []string
- comidValidateDirs []string
-)
-
-var comidValidateCmd = NewComidValidateCmd()
-
-func NewComidValidateCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "validate",
- Short: "validate one or more CBOR-encoded CoMID(s)",
- Long: `validate one or more CBOR-encoded CoMID(s)
-
- Validate CoMID in file c.cbor.
-
- cocli comid validate --file=c.cbor
-
- Validate CoMIDs in files c1.cbor, c2.cbor and any cbor file in the comids/
- directory.
-
- cocli comid validate --file=c1.cbor --file=c2.cbor --dir=comids
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkComidValidateArgs(); err != nil {
- return err
- }
-
- filesList := filesList(comidValidateFiles, comidValidateDirs, ".cbor")
- if len(filesList) == 0 {
- return errors.New("no files found")
- }
-
- errs := 0
- for _, file := range filesList {
- err := validateComid(file)
- if err != nil {
- fmt.Printf("[invalid] %q: %v\n", file, err)
- errs++
- continue
- }
- fmt.Printf("[valid] %q\n", file)
- }
-
- if errs != 0 {
- return fmt.Errorf("%d/%d validation(s) failed", errs, len(filesList))
- }
- return nil
- },
- }
-
- cmd.Flags().StringArrayVarP(
- &comidValidateFiles, "file", "f", []string{}, "a CoMID file (in CBOR format)",
- )
-
- cmd.Flags().StringArrayVarP(
- &comidValidateDirs, "dir", "d", []string{}, "a directory containing CoMID files (in CBOR format)",
- )
-
- return cmd
-}
-
-func validateComid(file string) error {
- var (
- data []byte
- err error
- c comid.Comid
- )
-
- if data, err = afero.ReadFile(fs, file); err != nil {
- return fmt.Errorf("error loading CoMID from %s: %w", file, err)
- }
-
- if err = c.FromCBOR(data); err != nil {
- return fmt.Errorf("error decoding CoMID from %s: %w", file, err)
- }
-
- if err = c.Valid(); err != nil {
- return fmt.Errorf("error validating CoMID %s: %w", file, err)
- }
-
- return nil
-}
-
-func checkComidValidateArgs() error {
- if len(comidValidateFiles) == 0 && len(comidValidateDirs) == 0 {
- return errors.New("no files supplied")
- }
- return nil
-}
-
-func init() {
- comidCmd.AddCommand(comidValidateCmd)
-}
diff --git a/cocli/cmd/comidValidate_test.go b/cocli/cmd/comidValidate_test.go
deleted file mode 100644
index 6c78c200..00000000
--- a/cocli/cmd/comidValidate_test.go
+++ /dev/null
@@ -1,116 +0,0 @@
-// Copyright 2021 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_ComidValidateCmd_unknown_argument(t *testing.T) {
- cmd := NewComidValidateCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_ComidValidateCmd_no_files(t *testing.T) {
- cmd := NewComidValidateCmd()
-
- // no args
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files supplied")
-}
-
-func Test_ComidValidateCmd_no_files_found(t *testing.T) {
- cmd := NewComidValidateCmd()
-
- args := []string{
- "--file=unknown",
- "--dir=unsure",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files found")
-}
-
-func Test_ComidValidateCmd_file_with_invalid_cbor(t *testing.T) {
- var err error
-
- cmd := NewComidValidateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "invalid.cbor", []byte{0xff, 0xff}, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=invalid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 validation(s) failed")
-}
-
-func Test_ComidValidateCmd_file_with_invalid_comid(t *testing.T) {
- var err error
-
- cmd := NewComidValidateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "bad-comid.cbor", []byte{0xa0}, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=bad-comid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 validation(s) failed")
-}
-
-func Test_ComidValidateCmd_file_with_valid_comid(t *testing.T) {
- var err error
-
- cmd := NewComidValidateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "ok.cbor", PSARefValCBOR, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_ComidValidateCmd_file_with_valid_comid_from_dir(t *testing.T) {
- var err error
-
- cmd := NewComidValidateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "testdir/ok.cbor", PSARefValCBOR, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--dir=testdir",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/common.go b/cocli/cmd/common.go
deleted file mode 100644
index adce111e..00000000
--- a/cocli/cmd/common.go
+++ /dev/null
@@ -1,92 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "encoding/json"
- "fmt"
- "path/filepath"
- "strings"
-
- "github.com/spf13/afero"
- "github.com/veraison/corim/comid"
- "github.com/veraison/corim/cots"
- "github.com/veraison/swid"
-)
-
-func filesList(files, dirs []string, ext string) []string {
- var l []string
-
- for _, file := range files {
- if _, err := fs.Stat(file); err == nil {
- if filepath.Ext(file) == ext {
- l = append(l, file)
- }
- }
- }
-
- for _, dir := range dirs {
- filesInfo, err := afero.ReadDir(fs, dir)
- if err != nil {
- continue
- }
-
- for _, fileInfo := range filesInfo {
- if !fileInfo.IsDir() && filepath.Ext(fileInfo.Name()) == ext {
- l = append(l, filepath.Join(dir, fileInfo.Name()))
- }
- }
- }
-
- return l
-}
-
-type FromCBORLoader interface {
- FromCBOR([]byte) error
-}
-
-func printJSONFromCBOR(fcl FromCBORLoader, cbor []byte, heading string) error {
- var (
- err error
- j []byte
- )
-
- if err = fcl.FromCBOR(cbor); err != nil {
- return fmt.Errorf("CBOR decoding failed: %w", err)
- }
-
- indent := " "
- if j, err = json.MarshalIndent(fcl, "", indent); err != nil {
- return fmt.Errorf("JSON encoding failed: %w", err)
- }
-
- fmt.Println(heading)
- fmt.Println(string(j))
-
- return nil
-}
-
-func printComid(cbor []byte, heading string) error {
- return printJSONFromCBOR(&comid.Comid{}, cbor, heading)
-}
-
-func printCoswid(cbor []byte, heading string) error {
- return printJSONFromCBOR(&swid.SoftwareIdentity{}, cbor, heading)
-}
-
-func printCots(cbor []byte, heading string) error {
- return printJSONFromCBOR(&cots.ConciseTaStore{}, cbor, heading)
-}
-
-func makeFileName(dirName, baseName, ext string) string {
- return filepath.Join(
- dirName,
- filepath.Base(
- strings.TrimSuffix(
- baseName,
- filepath.Ext(baseName),
- ),
- )+ext,
- )
-}
diff --git a/cocli/cmd/corim.go b/cocli/cmd/corim.go
deleted file mode 100644
index 2615064f..00000000
--- a/cocli/cmd/corim.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2021 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "os"
-
- "github.com/spf13/cobra"
-)
-
-var corimCmd = &cobra.Command{
- Use: "corim",
- Short: "CoRIM manipulation",
-
- Run: func(cmd *cobra.Command, args []string) {
- if len(args) == 0 {
- cmd.Help() // nolint: errcheck
- os.Exit(0)
- }
- },
-}
-
-func init() {
- rootCmd.AddCommand(corimCmd)
-}
diff --git a/cocli/cmd/corimCreate.go b/cocli/cmd/corimCreate.go
deleted file mode 100644
index c3bfd568..00000000
--- a/cocli/cmd/corimCreate.go
+++ /dev/null
@@ -1,238 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/comid"
- "github.com/veraison/corim/corim"
- "github.com/veraison/corim/cots"
- "github.com/veraison/swid"
-)
-
-var (
- corimCreateCorimFile *string
- corimCreateCoswidFiles []string
- corimCreateCoswidDirs []string
- corimCreateComidFiles []string
- corimCreateComidDirs []string
- corimCreateCotsFiles []string
- corimCreateCotsDirs []string
- corimCreateOutputFile *string
-)
-
-var corimCreateCmd = NewCorimCreateCmd()
-
-func NewCorimCreateCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "create",
- Short: "create a CBOR-encoded CoRIM from the supplied JSON template, CoMID(s), CoSWID(s) and/or CoTS",
- Long: `create a CBOR-encoded CoRIM from the supplied JSON template, CoMID(s), CoSWID(s) and/or CoTS,
-
- Create a CoRIM from template t1.json, adding CoMIDs found in the comid/
- directory, CoSWIDs found in the coswid/ directory and CoTS found in the cots/ directory. Since no explicit
- output file is set, the (unsigned) CoRIM is saved to the current directory
- with tag-id as basename and a .cbor extension.
-
- cocli corim create --template=t1.json --comid-dir=comid --coswid-dir=coswid --cots-dir=cots
-
- Create a CoRIM from template corim-template.json, adding CoMID stored in
- comid1.cbor and the two CoSWIDs stored in coswid1.cbor and dir/coswid2.cbor
- and a CoTS stored in cots1.cbor.
- The (unsigned) CoRIM is saved to corim.cbor.
-
- cocli corim create --template=corim-template.json \
- --comid=comid1.cbor \
- --coswid=coswid1.cbor \
- --coswid=dir/coswid2.cbor \
- --cots=cots1.cbor
- --output=corim.cbor
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCorimCreateArgs(); err != nil {
- return err
- }
-
- comidFilesList := filesList(corimCreateComidFiles, corimCreateComidDirs, ".cbor")
- coswidFilesList := filesList(corimCreateCoswidFiles, corimCreateCoswidDirs, ".cbor")
- cotsFilesList := filesList(corimCreateCotsFiles, corimCreateCotsDirs, ".cbor")
-
- if len(comidFilesList)+len(coswidFilesList)+len(cotsFilesList) == 0 {
- return errors.New("no CoMID, CoSWID or CoTS files found")
- }
-
- // checkCorimCreateArgs makes sure corimCreateCorimFile is not nil
- cborFile, err := corimTemplateToCBOR(*corimCreateCorimFile,
- comidFilesList, coswidFilesList, cotsFilesList, corimCreateOutputFile)
- if err != nil {
- return err
- }
- fmt.Printf(">> created %q from %q\n", cborFile, *corimCreateCorimFile)
-
- return nil
- },
- }
-
- corimCreateCorimFile = cmd.Flags().StringP("template", "t", "", "a CoRIM template file (in JSON format)")
-
- cmd.Flags().StringArrayVarP(
- &corimCreateComidDirs, "comid-dir", "M", []string{}, "a directory containing CBOR-encoded CoMID files",
- )
-
- cmd.Flags().StringArrayVarP(
- &corimCreateComidFiles, "comid", "m", []string{}, "a CBOR-encoded CoMID file",
- )
-
- cmd.Flags().StringArrayVarP(
- &corimCreateCoswidDirs, "coswid-dir", "S", []string{}, "a directory containing CBOR-encoded CoSWID files",
- )
-
- cmd.Flags().StringArrayVarP(
- &corimCreateCoswidFiles, "coswid", "s", []string{}, "a CBOR-encoded CoSWID file",
- )
-
- cmd.Flags().StringArrayVarP(
- &corimCreateCotsDirs, "cots-dir", "C", []string{}, "a directory containing CBOR-encoded CoTS files",
- )
-
- cmd.Flags().StringArrayVarP(
- &corimCreateCotsFiles, "cots", "c", []string{}, "a CBOR-encoded CoTS file",
- )
-
- corimCreateOutputFile = cmd.Flags().StringP("output", "o", "", "name of the generated (unsigned) CoRIM file")
-
- return cmd
-}
-
-func checkCorimCreateArgs() error {
- if corimCreateCorimFile == nil || *corimCreateCorimFile == "" {
- return errors.New("no CoRIM template supplied")
- }
-
- if len(corimCreateComidDirs)+len(corimCreateComidFiles)+
- len(corimCreateCoswidDirs)+len(corimCreateCoswidFiles)+
- len(corimCreateCotsDirs)+len(corimCreateCotsFiles) == 0 {
- return errors.New("no CoMID, CoSWID or CoTS files or folders supplied")
- }
-
- return nil
-}
-
-func corimTemplateToCBOR(tmplFile string, comidFiles, coswidFiles, cotsFiles []string, outputFile *string) (string, error) {
- var (
- tmplData, corimCBOR []byte
- c corim.UnsignedCorim
- corimFile string
- err error
- )
-
- if tmplData, err = afero.ReadFile(fs, tmplFile); err != nil {
- return "", fmt.Errorf("error loading template from %s: %w", tmplFile, err)
- }
-
- if err = c.FromJSON(tmplData); err != nil {
- return "", fmt.Errorf("error decoding template from %s: %w", tmplFile, err)
- }
-
- // append CoMID(s)
- for _, comidFile := range comidFiles {
- var (
- comidCBOR []byte
- m comid.Comid
- )
-
- comidCBOR, err = afero.ReadFile(fs, comidFile)
- if err != nil {
- return "", fmt.Errorf("error loading CoMID from %s: %w", comidFile, err)
- }
-
- err = m.FromCBOR(comidCBOR)
- if err != nil {
- return "", fmt.Errorf("error loading CoMID from %s: %w", comidFile, err)
- }
-
- if c.AddComid(m) == nil {
- return "", fmt.Errorf(
- "error adding CoMID from %s (check its validity using the %q sub-command)",
- comidFile, "comid validate",
- )
- }
- }
-
- // append CoSWID(s)
- for _, coswidFile := range coswidFiles {
- var (
- coswidCBOR []byte
- s swid.SoftwareIdentity
- )
-
- coswidCBOR, err = afero.ReadFile(fs, coswidFile)
- if err != nil {
- return "", fmt.Errorf("error loading CoSWID from %s: %w", coswidFile, err)
- }
-
- err = s.FromCBOR(coswidCBOR)
- if err != nil {
- return "", fmt.Errorf("error loading CoSWID from %s: %w", coswidFile, err)
- }
-
- if c.AddCoswid(s) == nil {
- return "", fmt.Errorf("error adding CoSWID from %s", coswidFile)
- }
- }
-
- // append CoTS(s)
- for _, cotsFile := range cotsFiles {
- var (
- cotsCBOR []byte
- t cots.ConciseTaStore
- )
-
- cotsCBOR, err = afero.ReadFile(fs, cotsFile)
- if err != nil {
- return "", fmt.Errorf("error loading CoTS from %s: %w", cotsFile, err)
- }
-
- err = t.FromCBOR(cotsCBOR)
- if err != nil {
- return "", fmt.Errorf("error loading CoTS from %s: %w", cotsFile, err)
- }
-
- if c.AddCots(t) == nil {
- return "", fmt.Errorf("error adding CoTS from %s", cotsFile)
- }
- }
-
- // check the result
- if err = c.Valid(); err != nil {
- return "", fmt.Errorf("error validating CoRIM: %w", err)
- }
-
- corimCBOR, err = c.ToCBOR()
- if err != nil {
- return "", fmt.Errorf("error encoding CoRIM to CBOR: %w", err)
- }
-
- if outputFile == nil || *outputFile == "" {
- corimFile = makeFileName("", tmplFile, ".cbor")
- } else {
- corimFile = *outputFile
- }
-
- err = afero.WriteFile(fs, corimFile, corimCBOR, 0644)
- if err != nil {
- return "", fmt.Errorf("error saving CoRIM to file %s: %w", corimFile, err)
- }
-
- return corimFile, nil
-}
-
-func init() {
- corimCmd.AddCommand(corimCreateCmd)
-}
diff --git a/cocli/cmd/corimCreate_test.go b/cocli/cmd/corimCreate_test.go
deleted file mode 100644
index 3a68e672..00000000
--- a/cocli/cmd/corimCreate_test.go
+++ /dev/null
@@ -1,266 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CorimCreateCmd_unknown_argument(t *testing.T) {
- cmd := NewCorimCreateCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CorimCreateCmd_no_templates(t *testing.T) {
- cmd := NewCorimCreateCmd()
-
- // no args
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM template supplied")
-}
-
-func Test_CorimCreateCmd_no_files_found(t *testing.T) {
- cmd := NewCorimCreateCmd()
-
- args := []string{
- "--template=unknown.json",
- "--comid=unsure.cbor",
- "--comid-dir=somedir",
- "--coswid=what.cbor",
- "--coswid-dir=someotherdir",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoMID, CoSWID or CoTS files found")
-}
-
-func Test_CorimCreateCmd_no_tag_files(t *testing.T) {
- cmd := NewCorimCreateCmd()
-
- args := []string{
- "--template=unknown.json",
- // no --co{m,sw}id,{cots}-{dir,}
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoMID, CoSWID or CoTS files or folders supplied")
-}
-
-func Test_CorimCreateCmd_template_not_found(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "ignored-comid.cbor", []byte{}, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=nonexistent.json",
- "--comid=ignored-comid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading template from nonexistent.json: open nonexistent.json: file does not exist")
-}
-
-func Test_CorimCreateCmd_template_with_invalid_json(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "invalid.json", []byte("..."), 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ignored-comid.cbor", []byte{}, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=invalid.json",
- "--comid=ignored-comid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding template from invalid.json: invalid character '.' looking for beginning of value")
-}
-
-func Test_CorimCreateCmd_with_a_bad_comid(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "bad-comid.cbor", badCBOR, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--comid=bad-comid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error loading CoMID from bad-comid.cbor: expected map (CBOR Major Type 5), found Major Type 7`)
-}
-
-func Test_CorimCreateCmd_with_an_invalid_comid(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "invalid-comid.cbor", invalidComid, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--comid=invalid-comid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error loading CoMID from invalid-comid.cbor: missing mandatory field "Triples" (4)`)
-}
-
-func Test_CorimCreateCmd_with_a_bad_coswid(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "bad-coswid.cbor", badCBOR, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--coswid=bad-coswid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error loading CoSWID from bad-coswid.cbor: cbor: unexpected "break" code`)
-}
-
-func Test_CorimCreateCmd_with_an_invalid_cots(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "invalid-cots.cbor", invalidCots, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--cots=invalid-cots.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error adding CoTS from invalid-cots.cbor`)
-}
-
-func Test_CorimCreateCmd_with_a_bad_cots(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "bad-cots.cbor", badCBOR, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--cots=bad-cots.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error loading CoTS from bad-cots.cbor: cbor: unexpected "break" code`)
-}
-
-func Test_CorimCreateCmd_successful_comid_coswid_and_cots_from_file(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "coswid.cbor", testCoswid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "comid.cbor", testComid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "cots.cbor", testCots, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--coswid=coswid.cbor",
- "--comid=comid.cbor",
- "--cots=cots.cbor",
- "--output=corim.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("corim.cbor")
- assert.NoError(t, err)
-}
-
-func Test_CorimCreateCmd_successful_comid_coswid_and_cots_from_dir(t *testing.T) {
- var err error
-
- cmd := NewCorimCreateCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "min-tmpl.json", minimalCorimTemplate, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "coswid/1.cbor", testCoswid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "comid/1.cbor", testComid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "cots/1.cbor", testCots, 0644)
- require.NoError(t, err)
-
- args := []string{
- "--template=min-tmpl.json",
- "--coswid-dir=coswid",
- "--comid-dir=comid",
- "--cots-dir=cots",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("min-tmpl.cbor")
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/corimDisplay.go b/cocli/cmd/corimDisplay.go
deleted file mode 100644
index 982b6450..00000000
--- a/cocli/cmd/corimDisplay.go
+++ /dev/null
@@ -1,132 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "bytes"
- "encoding/json"
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/corim"
- "github.com/veraison/corim/cots"
-)
-
-var (
- corimDisplayCorimFile *string
- corimDisplayShowTags *bool
-)
-
-var corimDisplayCmd = NewCorimDisplayCmd()
-
-func NewCorimDisplayCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "display",
- Short: "display the content of a CoRIM as JSON",
- Long: `display the content of a CoRIM as JSON
-
- Display the contents of the signed CoRIM signed-corim.cbor
-
- cocli corim display --file signed-corim.cbor
-
- Display the contents of the signed CoRIM yet-another-signed-corim.cbor and
- also unpack any embedded CoMID, CoSWID and CoTS
-
- cocli corim display --file yet-another-signed-corim.cbor --show-tags
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCorimDisplayArgs(); err != nil {
- return err
- }
-
- return display(*corimDisplayCorimFile, *corimDisplayShowTags)
- },
- }
-
- corimDisplayCorimFile = cmd.Flags().StringP("file", "f", "", "a signed CoRIM file (in CBOR format)")
- corimDisplayShowTags = cmd.Flags().BoolP("show-tags", "v", false, "display embedded tags")
-
- return cmd
-}
-
-func checkCorimDisplayArgs() error {
- if corimDisplayCorimFile == nil || *corimDisplayCorimFile == "" {
- return errors.New("no CoRIM supplied")
- }
-
- return nil
-}
-
-func display(signedCorimFile string, showTags bool) error {
- var (
- signedCorimCBOR []byte
- metaJSON []byte
- corimJSON []byte
- err error
- s corim.SignedCorim
- )
-
- if signedCorimCBOR, err = afero.ReadFile(fs, signedCorimFile); err != nil {
- return fmt.Errorf("error loading signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- if err = s.FromCOSE(signedCorimCBOR); err != nil {
- return fmt.Errorf("error decoding signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- if metaJSON, err = json.MarshalIndent(&s.Meta, "", " "); err != nil {
- return fmt.Errorf("error decoding CoRIM Meta from %s: %w", signedCorimFile, err)
- }
-
- fmt.Println("Meta:")
- fmt.Println(string(metaJSON))
-
- if corimJSON, err = json.MarshalIndent(&s.UnsignedCorim, "", " "); err != nil {
- return fmt.Errorf("error decoding unsigned CoRIM from %s: %w", signedCorimFile, err)
- }
-
- fmt.Println("Corim:")
- fmt.Println(string(corimJSON))
-
- if showTags {
- fmt.Println("Tags:")
- for i, e := range s.UnsignedCorim.Tags {
- // need at least 3 bytes for the tag and 1 for the smallest bstr
- if len(e) < 3+1 {
- fmt.Printf(">> skipping malformed tag at index %d\n", i)
- continue
- }
-
- // split tag from data
- cborTag, cborData := e[:3], e[3:]
-
- hdr := fmt.Sprintf(">> [ %d ]", i)
-
- if bytes.Equal(cborTag, corim.ComidTag) {
- if err = printComid(cborData, hdr); err != nil {
- fmt.Printf(">> skipping malformed CoMID tag at index %d: %v\n", i, err)
- }
- } else if bytes.Equal(cborTag, corim.CoswidTag) {
- if err = printCoswid(cborData, hdr); err != nil {
- fmt.Printf(">> skipping malformed CoSWID tag at index %d: %v\n", i, err)
- }
- } else if bytes.Equal(cborTag, cots.CotsTag) {
- if err = printCots(cborData, hdr); err != nil {
- fmt.Printf(">> skipping malformed CoTS tag at index %d: %v\n", i, err)
- }
- } else {
- fmt.Printf(">> unmatched CBOR tag: %x\n", cborTag)
- }
- }
- }
-
- return nil
-}
-
-func init() {
- corimCmd.AddCommand(corimDisplayCmd)
-}
diff --git a/cocli/cmd/corimDisplay_test.go b/cocli/cmd/corimDisplay_test.go
deleted file mode 100644
index 419fef6e..00000000
--- a/cocli/cmd/corimDisplay_test.go
+++ /dev/null
@@ -1,146 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CorimDisplayCmd_unknown_argument(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CorimDisplayCmd_mandatory_args_missing_corim_file(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--show-tags",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM supplied")
-}
-
-func Test_CorimDisplayCmd_non_existent_corim_file(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=nonexistent.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
-
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading signed CoRIM from nonexistent.cbor: open nonexistent.cbor: file does not exist")
-}
-
-func Test_CorimDisplayCmd_bad_signed_corim(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=bad.txt",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "bad.txt", []byte("hello!"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding signed CoRIM from bad.txt: failed CBOR decoding for COSE-Sign1 signed CoRIM: cbor: invalid COSE_Sign1_Tagged object")
-}
-
-func Test_CorimDisplayCmd_invalid_signed_corim(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=invalid.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "invalid.cbor", testSignedCorimInvalid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error decoding signed CoRIM from invalid.cbor: failed CBOR decoding of unsigned CoRIM: unexpected EOF`)
-}
-
-func Test_CorimDisplayCmd_ok_top_level_view(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_CorimDisplayCmd_ok_nested_view(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--show-tags",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_CorimDisplayCmd_ok_top_level_view_with_cots(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValidWithCots, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_CorimDisplayCmd_ok_nested_view_with_cots(t *testing.T) {
- cmd := NewCorimDisplayCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--show-tags",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValidWithCots, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/corimExtract.go b/cocli/cmd/corimExtract.go
deleted file mode 100644
index 3761ee04..00000000
--- a/cocli/cmd/corimExtract.go
+++ /dev/null
@@ -1,129 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "bytes"
- "errors"
- "fmt"
- "path/filepath"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/corim"
- "github.com/veraison/corim/cots"
-)
-
-var (
- corimExtractCorimFile *string
- corimExtractOutputDir *string
-)
-
-var corimExtractCmd = NewCorimExtractCmd()
-
-func NewCorimExtractCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "extract",
- Short: "extract, as-is, CoSWIDs CoMIDs, CoTS found in a CoRIM and save them to disk",
- Long: `extract, as-is, CoSWIDs and CoMIDs, CoTS found in a CoRIM and save them to disk
-
- Extract the contents of the signed CoRIM signed-corim.cbor to the current
- directory
-
- cocli corim extract --file=signed-corim.cbor
-
- Extract the contents of the signed CoRIM yet-another-signed-corim.cbor and
- store them to directory my-dir. Note that my-dir must exist.
-
- cocli corim extract --file=yet-another-signed-corim.cbor \
- --output-dir=my-dir
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCorimExtractArgs(); err != nil {
- return err
- }
-
- return extract(*corimExtractCorimFile, corimExtractOutputDir)
- },
- }
-
- corimExtractCorimFile = cmd.Flags().StringP("file", "f", "", "a signed CoRIM file (in CBOR format)")
- corimExtractOutputDir = cmd.Flags().StringP("output-dir", "o", ".", "folder to which CoSWIDs, CoMIDs, CoTSs are saved")
-
- return cmd
-}
-
-func checkCorimExtractArgs() error {
- if corimExtractCorimFile == nil || *corimExtractCorimFile == "" {
- return errors.New("no CoRIM supplied")
- }
-
- return nil
-}
-
-func extract(signedCorimFile string, outputDir *string) error {
- var (
- signedCorimCBOR []byte
- err error
- s corim.SignedCorim
- baseDir string
- )
-
- if signedCorimCBOR, err = afero.ReadFile(fs, signedCorimFile); err != nil {
- return fmt.Errorf("error loading signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- if err = s.FromCOSE(signedCorimCBOR); err != nil {
- return fmt.Errorf("error decoding signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- baseDir = "."
- if outputDir != nil {
- baseDir = *outputDir
- }
-
- for i, e := range s.UnsignedCorim.Tags {
- var (
- outputFile string
- )
-
- // need at least 3 bytes for the tag and 1 for the smallest bstr
- if len(e) < 3+1 {
- fmt.Printf(">> skipping malformed tag at index %d\n", i)
- continue
- }
-
- // split tag from data
- cborTag, cborData := e[:3], e[3:]
-
- if bytes.Equal(cborTag, corim.ComidTag) {
- outputFile = filepath.Join(baseDir, fmt.Sprintf("%06d-comid.cbor", i))
-
- if err = afero.WriteFile(fs, outputFile, cborData, 0644); err != nil {
- fmt.Printf(">> error saving CoMID tag at index %d: %v\n", i, err)
- }
- } else if bytes.Equal(cborTag, corim.CoswidTag) {
- outputFile = filepath.Join(baseDir, fmt.Sprintf("%06d-coswid.cbor", i))
-
- if err = afero.WriteFile(fs, outputFile, cborData, 0644); err != nil {
- fmt.Printf(">> error saving CoSWID tag at index %d: %v\n", i, err)
- }
- } else if bytes.Equal(cborTag, cots.CotsTag) {
- outputFile = filepath.Join(baseDir, fmt.Sprintf("%06d-cots.cbor", i))
-
- if err = afero.WriteFile(fs, outputFile, cborData, 0644); err != nil {
- fmt.Printf(">> error saving CoTS tag at index %d: %v\n", i, err)
- }
- } else {
- fmt.Printf(">> unmatched CBOR tag: %x\n", cborTag)
- }
- }
-
- return nil
-}
-
-func init() {
- corimCmd.AddCommand(corimExtractCmd)
-}
diff --git a/cocli/cmd/corimExtract_test.go b/cocli/cmd/corimExtract_test.go
deleted file mode 100644
index 34fabaf7..00000000
--- a/cocli/cmd/corimExtract_test.go
+++ /dev/null
@@ -1,140 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CorimExtractCmd_unknown_argument(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CorimExtractCmd_mandatory_args_missing_corim_file(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--output-dir=ignore.d/",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM supplied")
-}
-
-func Test_CorimExtractCmd_non_existent_corim_file(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=nonexistent.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
-
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading signed CoRIM from nonexistent.cbor: open nonexistent.cbor: file does not exist")
-}
-
-func Test_CorimExtractCmd_bad_signed_corim(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=bad.txt",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "bad.txt", []byte("hello!"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding signed CoRIM from bad.txt: failed CBOR decoding for COSE-Sign1 signed CoRIM: cbor: invalid COSE_Sign1_Tagged object")
-}
-
-func Test_CorimExtractCmd_invalid_signed_corim(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=invalid.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "invalid.cbor", testSignedCorimInvalid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error decoding signed CoRIM from invalid.cbor: failed CBOR decoding of unsigned CoRIM: unexpected EOF`)
-}
-
-func Test_CorimExtractCmd_ok_save_to_default_dir(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("000000-comid.cbor")
- assert.NoError(t, err)
-
-}
-
-func Test_CorimExtractCmd_ok_save_to_non_default_dir(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--output-dir=my-dir/",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("my-dir/000000-comid.cbor")
- assert.NoError(t, err)
-}
-
-func Test_CorimExtractCmd_with_cots_ok_save_to_default_dir(t *testing.T) {
- cmd := NewCorimExtractCmd()
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValidWithCots, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("000000-cots.cbor")
- assert.NoError(t, err)
-
-}
diff --git a/cocli/cmd/corimSign.go b/cocli/cmd/corimSign.go
deleted file mode 100644
index 74a0c98e..00000000
--- a/cocli/cmd/corimSign.go
+++ /dev/null
@@ -1,153 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/corim"
- cose "github.com/veraison/go-cose"
-)
-
-var (
- corimSignCorimFile *string
- corimSignKeyFile *string
- corimSignOutputFile *string
- corimSignMetaFile *string
-)
-
-var corimSignCmd = NewCorimSignCmd()
-
-func NewCorimSignCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "sign",
- Short: "create a signed CoRIM from an unsigned, CBOR-encoded CoRIM using the supplied key",
- Long: `create a signed CoRIM from an unsigned, CBOR-encoded CoRIM using the supplied key
-
- Sign the unsigned CoRIM unsigned-corim.cbor using the key in JWK format from
- file key.jwk and save the resulting COSE Sign1 to signed-corim.cbor. Read
- the relevant CorimMeta information from file meta.json.
-
- cocli corim sign --file=unsigned-corim.cbor \
- --key=key.jwk \
- --meta=meta.json \
- --output=signed-corim.cbor
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCorimSignArgs(); err != nil {
- return err
- }
-
- // checkCorimSignArgs makes sure corimSignCorimFile is not nil
- coseFile, err := sign(*corimSignCorimFile, *corimSignKeyFile,
- *corimSignMetaFile, corimSignOutputFile)
- if err != nil {
- return err
- }
- fmt.Printf(">> %q signed and saved to %q\n", *corimSignCorimFile, coseFile)
-
- return nil
- },
- }
-
- corimSignCorimFile = cmd.Flags().StringP("file", "f", "", "an unsigned CoRIM file (in CBOR format)")
- corimSignMetaFile = cmd.Flags().StringP("meta", "m", "", "CoRIM Meta file (in JSON format)")
- corimSignKeyFile = cmd.Flags().StringP("key", "k", "", "signing key in JWK format")
- corimSignOutputFile = cmd.Flags().StringP("output", "o", "", "name of the generated COSE Sign1 file")
-
- return cmd
-}
-
-func checkCorimSignArgs() error {
- if corimSignCorimFile == nil || *corimSignCorimFile == "" {
- return errors.New("no CoRIM supplied")
- }
-
- if corimSignKeyFile == nil || *corimSignKeyFile == "" {
- return errors.New("no key supplied")
- }
-
- if corimSignMetaFile == nil || *corimSignMetaFile == "" {
- return errors.New("no CoRIM Meta supplied")
- }
-
- return nil
-}
-
-func sign(unsignedCorimFile, keyFile, metaFile string, outputFile *string) (string, error) {
- var (
- unsignedCorimCBOR []byte
- signedCorimCBOR []byte
- metaJSON []byte
- keyJWK []byte
- err error
- signedCorimFile string
- c corim.UnsignedCorim
- m corim.Meta
- signer cose.Signer
- )
-
- if unsignedCorimCBOR, err = afero.ReadFile(fs, unsignedCorimFile); err != nil {
- return "", fmt.Errorf("error loading unsigned CoRIM from %s: %w", unsignedCorimFile, err)
- }
-
- if err = c.FromCBOR(unsignedCorimCBOR); err != nil {
- return "", fmt.Errorf("error decoding unsigned CoRIM from %s: %w", unsignedCorimFile, err)
- }
-
- if err = c.Valid(); err != nil {
- return "", fmt.Errorf("error validating CoRIM: %w", err)
- }
-
- if metaJSON, err = afero.ReadFile(fs, metaFile); err != nil {
- return "", fmt.Errorf("error loading CoRIM Meta from %s: %w", metaFile, err)
- }
-
- if err = m.FromJSON(metaJSON); err != nil {
- return "", fmt.Errorf("error decoding CoRIM Meta from %s: %w", metaFile, err)
- }
-
- if err = m.Valid(); err != nil {
- return "", fmt.Errorf("error validating CoRIM Meta: %w", err)
- }
-
- if keyJWK, err = afero.ReadFile(fs, keyFile); err != nil {
- return "", fmt.Errorf("error loading signing key from %s: %w", keyFile, err)
- }
-
- if signer, err = corim.NewSignerFromJWK(keyJWK); err != nil {
- return "", fmt.Errorf("error loading signing key from %s: %w", keyFile, err)
- }
-
- s := corim.SignedCorim{
- UnsignedCorim: c,
- Meta: m,
- }
-
- signedCorimCBOR, err = s.Sign(signer)
- if err != nil {
- return "", fmt.Errorf("error signing CoRIM: %w", err)
- }
-
- if outputFile == nil || *outputFile == "" {
- signedCorimFile = "signed-" + unsignedCorimFile
- } else {
- signedCorimFile = *outputFile
- }
-
- err = afero.WriteFile(fs, signedCorimFile, signedCorimCBOR, 0644)
- if err != nil {
- return "", fmt.Errorf("error saving signed CoRIM to file %s: %w", signedCorimFile, err)
- }
-
- return signedCorimFile, nil
-}
-
-func init() {
- corimCmd.AddCommand(corimSignCmd)
-}
diff --git a/cocli/cmd/corimSign_test.go b/cocli/cmd/corimSign_test.go
deleted file mode 100644
index f8f78ecc..00000000
--- a/cocli/cmd/corimSign_test.go
+++ /dev/null
@@ -1,264 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CorimSignCmd_unknown_argument(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CorimSignCmd_mandatory_args_missing_corim_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--key=ignored.jwk",
- "--meta=ignored.json",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM supplied")
-}
-
-func Test_CorimSignCmd_mandatory_args_missing_meta_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ignored.cbor",
- "--key=ignored.jwk",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM Meta supplied")
-}
-
-func Test_CorimSignCmd_mandatory_args_missing_key_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ignored.cbor",
- "--meta=ignored.json",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no key supplied")
-}
-
-func Test_CorimSignCmd_non_existent_unsigned_corim_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=nonexistent.cbor",
- "--key=ignored.jwk",
- "--meta=ignored.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
-
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading unsigned CoRIM from nonexistent.cbor: open nonexistent.cbor: file does not exist")
-}
-
-func Test_CorimSignCmd_bad_unsigned_corim(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=bad.txt",
- "--key=ignored.jwk",
- "--meta=ignored.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "bad.txt", []byte("hello!"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding unsigned CoRIM from bad.txt: expected map (CBOR Major Type 5), found Major Type 3")
-}
-
-func Test_CorimSignCmd_invalid_unsigned_corim(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=invalid.cbor",
- "--key=ignored.jwk",
- "--meta=ignored.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "invalid.cbor", testCorimInvalid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, `error decoding unsigned CoRIM from invalid.cbor: missing mandatory field "Tags" (1)`)
-}
-
-func Test_CorimSignCmd_non_existent_meta_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ignored.jwk",
- "--meta=nonexistent.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading CoRIM Meta from nonexistent.json: open nonexistent.json: file does not exist")
-}
-
-func Test_CorimSignCmd_bad_meta_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ignored.jwk",
- "--meta=bad.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "bad.json", []byte("{"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding CoRIM Meta from bad.json: unexpected end of JSON input")
-}
-
-func Test_CorimSignCmd_invalid_meta_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ignored.jwk",
- "--meta=invalid.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "invalid.json", testMetaInvalid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error validating CoRIM Meta: invalid signer: empty name")
-}
-
-func Test_CorimSignCmd_non_existent_key_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=nonexistent.jwk",
- "--meta=ok.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.json", testMetaValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading signing key from nonexistent.jwk: open nonexistent.jwk: file does not exist")
-}
-
-func Test_CorimSignCmd_invalid_key_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=invalid.jwk",
- "--meta=ok.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.json", testMetaValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "invalid.jwk", []byte("{}"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading signing key from invalid.jwk: invalid key type from JSON ()")
-}
-
-func Test_CorimSignCmd_ok_with_default_output_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ok.jwk",
- "--meta=ok.json",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.json", testMetaValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.jwk", testECKey, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("signed-ok.cbor")
- assert.NoError(t, err)
-}
-
-func Test_CorimSignCmd_ok_with_custom_output_file(t *testing.T) {
- cmd := NewCorimSignCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ok.jwk",
- "--meta=ok.json",
- "--output=my-signed-corim.cbor",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.json", testMetaValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.jwk", testECKey, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-
- _, err = fs.Stat("my-signed-corim.cbor")
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/corimSubmit.go b/cocli/cmd/corimSubmit.go
deleted file mode 100644
index 80c1bd3a..00000000
--- a/cocli/cmd/corimSubmit.go
+++ /dev/null
@@ -1,143 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
- "net/url"
- "strings"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/spf13/pflag"
- "github.com/spf13/viper"
- "github.com/veraison/apiclient/provisioning"
-)
-
-var (
- corimFile *string
- mediaType *string
- apiServer string
- isInsecure bool
- certPaths []string
-)
-
-var (
- submitter ISubmitter = &provisioning.SubmitConfig{}
- corimSubmitCmd = NewCorimSubmitCmd(submitter)
-)
-
-func NewCorimSubmitCmd(submitter ISubmitter) *cobra.Command {
- cmd := &cobra.Command{
- Use: "submit",
- Short: "submit a CBOR-encoded CoRIM payload",
- Long: `submit a CBOR-encoded CoRIM payload with supplied media type to the given API Server
-
- To submit the CBOR-encoded CoRIM from file "unsigned-corim.cbor" with media type
- "application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1" to the Veraison
- provisioning API endpoint "https://veraison.example/endorsement-provisioning/v1", do:
-
-
- cocli corim submit \
- --corim-file=unsigned-corim.cbor \
- --api-server="https://veraison.example/endorsement-provisioning/v1/submit" \
- --media-type="application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1"
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
-
- if err := checkSubmitArgs(); err != nil {
- return err
- }
-
- // Load the data from the CBOR File
- data, err := readCorimData(*corimFile)
- if err != nil {
- return fmt.Errorf("read CoRIM payload failed: %w", err)
- }
-
- if err = provisionData(data, submitter, apiServer, *mediaType); err != nil {
- return fmt.Errorf("submit CoRIM payload failed reason: %w", err)
- }
- return nil
- },
- }
-
- corimFile = cmd.Flags().StringP("corim-file", "f", "", "name of the CoRIM file in CBOR format")
- mediaType = cmd.Flags().StringP("media-type", "m", "", "media type of the CoRIM file")
-
- cmd.Flags().StringP("api-server", "s", "", "API server where to submit the corim file")
- cmd.Flags().VarP(&authMethod, "auth", "a",
- `authentication method, must be one of "none"/"passthrough", "basic", "oauth2"`)
- cmd.Flags().StringP("client-id", "C", "", "OAuth2 client ID")
- cmd.Flags().StringP("client-secret", "S", "", "OAuth2 client secret")
- cmd.Flags().StringP("token-url", "T", "", "token URL of the OAuth2 service")
- cmd.Flags().StringP("username", "U", "", "service username")
- cmd.Flags().StringP("password", "P", "", "service password")
- cmd.Flags().BoolP(
- "insecure", "i", false, "Allow insecure connections (e.g. do not verify TLS certs)",
- )
- cmd.Flags().StringArrayP(
- "ca-cert", "E", nil, "path to a CA cert that will be used in addition to system certs; may be specified multiple times",
- )
-
- cmd.Flags().VisitAll(func(flag *pflag.Flag) {
- cfgName := strings.ReplaceAll(flag.Name, "-", "_")
- err := viper.BindPFlag(cfgName, flag)
- cobra.CheckErr(err)
- })
-
- return cmd
-}
-
-func checkSubmitArgs() error {
- if corimFile == nil || *corimFile == "" {
- return errors.New("no CoRIM input file supplied")
- }
-
- apiServer = viper.GetString("api_server")
- if apiServer == "" {
- return errors.New("no API server supplied")
- }
- u, err := url.Parse(apiServer)
- if err != nil || !u.IsAbs() {
- return fmt.Errorf("malformed API server URL")
- }
-
- if mediaType == nil || *mediaType == "" {
- return errors.New("no media type supplied")
- }
-
- isInsecure = viper.GetBool("insecure")
- certPaths = viper.GetStringSlice("ca_cert")
-
- return nil
-}
-
-func provisionData(data []byte, submitter ISubmitter, uri string, mediaType string) error {
- submitter.SetAuth(cliConfig.Auth)
-
- if err := submitter.SetSubmitURI(uri); err != nil {
- return fmt.Errorf("unable to set submit URI: %w", err)
- }
-
- submitter.SetIsInsecure(isInsecure)
- submitter.SetCerts(certPaths)
-
- submitter.SetDeleteSession(true)
- if err := submitter.Run(data, mediaType); err != nil {
- return fmt.Errorf("run failed: %w", err)
- }
-
- return nil
-}
-
-func readCorimData(file string) ([]byte, error) {
- return afero.ReadFile(fs, file)
-}
-
-func init() {
- corimCmd.AddCommand(corimSubmitCmd)
-}
diff --git a/cocli/cmd/corimSubmit_test.go b/cocli/cmd/corimSubmit_test.go
deleted file mode 100644
index b5ee04a1..00000000
--- a/cocli/cmd/corimSubmit_test.go
+++ /dev/null
@@ -1,174 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "testing"
-
- "github.com/golang/mock/gomock"
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
- mock_deps "github.com/veraison/corim/cocli/cmd/mocks"
-)
-
-func Test_CorimSubmitCmd_bad_server_url(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=corim.cbor",
- "--api-server=http://www.example.com:80index",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "corim.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "malformed API server URL")
-}
-
-func Test_CorimSubmitCmd_missing_server_url(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=corim.cbor",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "corim.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "no API server supplied")
-}
-
-func Test_CorimSubmitCmd_missing_media_type(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=corim.cbor",
- "--api-server=http://www.example.com:8080",
- "--media-type=",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "corim.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "no media type supplied")
-
-}
-
-func Test_CorimSubmitCmd_missing_corim_file(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=",
- "--api-server=http://www.example.com:8080",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM input file supplied")
-
-}
-
-func Test_CorimSubmitCmd_non_existent_corim_file(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=bad.cbor",
- "--api-server=http://www.example.com:8080",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "read CoRIM payload failed: open bad.cbor: file does not exist")
-}
-
-func Test_CorimSubmitCmd_submit_ok(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=corim.cbor",
- "--api-server=http://veraison.example/endorsement-provisioning/v1/submit",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "corim.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
- ms.EXPECT().SetAuth(gomock.Any())
- ms.EXPECT().SetSubmitURI("http://veraison.example/endorsement-provisioning/v1/submit").Return(nil)
- ms.EXPECT().SetIsInsecure(false)
- ms.EXPECT().SetCerts([]string{})
- ms.EXPECT().SetDeleteSession(true)
- ms.EXPECT().Run(testSignedCorimValid, "application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1").Return(nil)
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_CorimSubmitCmd_submit_not_ok(t *testing.T) {
- ctrl := gomock.NewController(t)
- defer ctrl.Finish()
-
- ms := mock_deps.NewMockISubmitter(ctrl)
- cmd := NewCorimSubmitCmd(ms)
-
- args := []string{
- "--corim-file=corim.cbor",
- "--api-server=http://veraison.example/endorsement-provisioning/v1/submit",
- "--media-type=application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "corim.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
- ms.EXPECT().SetAuth(gomock.Any())
- ms.EXPECT().SetSubmitURI("http://veraison.example/endorsement-provisioning/v1/submit").Return(nil)
- ms.EXPECT().SetIsInsecure(false)
- ms.EXPECT().SetCerts([]string{})
- ms.EXPECT().SetDeleteSession(true)
- err = errors.New(`unexpected HTTP response code 404`)
-
- ms.EXPECT().Run(testSignedCorimValid, "application/corim-unsigned+cbor; profile=http://arm.com/psa/iot/1").Return(err)
- err = cmd.Execute()
- assert.EqualError(t, err, "submit CoRIM payload failed reason: run failed: unexpected HTTP response code 404")
-}
diff --git a/cocli/cmd/corimVerify.go b/cocli/cmd/corimVerify.go
deleted file mode 100644
index d0df48a7..00000000
--- a/cocli/cmd/corimVerify.go
+++ /dev/null
@@ -1,103 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "crypto"
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/corim"
-)
-
-var (
- corimVerifyCorimFile *string
- corimVerifyKeyFile *string
-)
-
-var corimVerifyCmd = NewCorimVerifyCmd()
-
-func NewCorimVerifyCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "verify",
- Short: "verify a signed CoRIM using the supplied key",
- Long: `verify a signed CoRIM using the supplied key
-
- Verify the signed CoRIM signed-corim.cbor using the key in JWK format from
- file key.jwk
-
- cocli corim verify --file=signed-corim.cbor --key=key.jwk
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCorimVerifyArgs(); err != nil {
- return err
- }
-
- // checkCorimVerifyArgs makes sure corimVerifyCorimFile is not nil
- err := verify(*corimVerifyCorimFile, *corimVerifyKeyFile)
- if err != nil {
- return err
- }
- fmt.Printf(">> %q verified\n", *corimVerifyCorimFile)
-
- return nil
- },
- }
-
- corimVerifyCorimFile = cmd.Flags().StringP("file", "f", "", "a signed CoRIM file (in CBOR format)")
- corimVerifyKeyFile = cmd.Flags().StringP("key", "k", "", "verification key in JWK format")
-
- return cmd
-}
-
-func checkCorimVerifyArgs() error {
- if corimVerifyCorimFile == nil || *corimVerifyCorimFile == "" {
- return errors.New("no CoRIM supplied")
- }
-
- if corimVerifyKeyFile == nil || *corimVerifyKeyFile == "" {
- return errors.New("no key supplied")
- }
-
- return nil
-}
-
-func verify(signedCorimFile, keyFile string) error {
- var (
- signedCorimCBOR []byte
- keyJWK []byte
- err error
- pkey crypto.PublicKey
- s corim.SignedCorim
- )
-
- if signedCorimCBOR, err = afero.ReadFile(fs, signedCorimFile); err != nil {
- return fmt.Errorf("error loading signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- if err = s.FromCOSE(signedCorimCBOR); err != nil {
- return fmt.Errorf("error decoding signed CoRIM from %s: %w", signedCorimFile, err)
- }
-
- if keyJWK, err = afero.ReadFile(fs, keyFile); err != nil {
- return fmt.Errorf("error loading verifying key from %s: %w", keyFile, err)
- }
-
- if pkey, err = corim.NewPublicKeyFromJWK(keyJWK); err != nil {
- return fmt.Errorf("error loading verifying key from %s: %w", keyFile, err)
- }
-
- if err = s.Verify(pkey); err != nil {
- return fmt.Errorf("error verifying %s with key %s: %w", signedCorimFile, keyFile, err)
- }
-
- return nil
-}
-
-func init() {
- corimCmd.AddCommand(corimVerifyCmd)
-}
diff --git a/cocli/cmd/corimVerify_test.go b/cocli/cmd/corimVerify_test.go
deleted file mode 100644
index f8e5b26d..00000000
--- a/cocli/cmd/corimVerify_test.go
+++ /dev/null
@@ -1,133 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CorimVerifyCmd_unknown_argument(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CorimVerifyCmd_mandatory_args_missing_corim_file(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--key=ignored.jwk",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no CoRIM supplied")
-}
-
-func Test_CorimVerifyCmd_mandatory_args_missing_key_file(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=ignored.jwk",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no key supplied")
-}
-
-func Test_CorimVerifyCmd_non_existent_signed_corim_file(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=nonexistent.cbor",
- "--key=ignored.jwk",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
-
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading signed CoRIM from nonexistent.cbor: open nonexistent.cbor: file does not exist")
-}
-
-func Test_CorimVerifyCmd_bad_signed_corim(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=bad.txt",
- "--key=ignored.jwk",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "bad.txt", []byte("hello!"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error decoding signed CoRIM from bad.txt: failed CBOR decoding for COSE-Sign1 signed CoRIM: cbor: invalid COSE_Sign1_Tagged object")
-}
-
-func Test_CorimVerifyCmd_non_existent_key_file(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=nonexistent.jwk",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading verifying key from nonexistent.jwk: open nonexistent.jwk: file does not exist")
-}
-
-func Test_CorimVerifyCmd_invalid_key_file(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=invalid.jwk",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "invalid.jwk", []byte("{}"), 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "error loading verifying key from invalid.jwk: invalid key type from JSON ()")
-}
-
-func Test_CorimVerifyCmd_ok(t *testing.T) {
- cmd := NewCorimVerifyCmd()
-
- args := []string{
- "--file=ok.cbor",
- "--key=ok.jwk",
- }
- cmd.SetArgs(args)
-
- fs = afero.NewMemMapFs()
- err := afero.WriteFile(fs, "ok.cbor", testSignedCorimValid, 0644)
- require.NoError(t, err)
- err = afero.WriteFile(fs, "ok.jwk", testECKey, 0644)
- require.NoError(t, err)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/cots.go b/cocli/cmd/cots.go
deleted file mode 100644
index 3e9090db..00000000
--- a/cocli/cmd/cots.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "os"
-
- "github.com/spf13/cobra"
-)
-
-var cotsCmd = &cobra.Command{
- Use: "cots",
- Short: "CoTS manipulation",
-
- Run: func(cmd *cobra.Command, args []string) {
- if len(args) == 0 {
- cmd.Help() // nolint: errcheck
- os.Exit(0)
- }
- },
-}
-
-func init() {
- rootCmd.AddCommand(cotsCmd)
-}
diff --git a/cocli/cmd/cotsCreate.go b/cocli/cmd/cotsCreate.go
deleted file mode 100644
index 9c650a23..00000000
--- a/cocli/cmd/cotsCreate.go
+++ /dev/null
@@ -1,281 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
- "path/filepath"
-
- "github.com/google/uuid"
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/veraison/corim/cots"
-)
-
-var (
- cotsCreateLanguage *string
- cotsCreateTagID *string
- cotsCreateTagUUIDStr *string
- cotsCreateTagUUID *bool
- cotsCreateTagVersion *uint
- cotsCreateCtsEnvFile *string
- cotsCreateCtsPermClaimsFile *string
- cotsCreateCtsExclClaimsFile *string
- cotsCreateCtsPurposes []string
- cotsCreateCtsTaDirs []string
- cotsCreateCtsTaFiles []string
- cotsCreateCtsCaDirs []string
- cotsCreateCtsCaFiles []string
- cotsCreateCtsOutputFile *string
-)
-
-var cotsCreateCtsCmd = NewCotsCreateCtsCmd()
-
-func NewCotsCreateCtsCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "create",
- Short: "create a CBOR-encoded concise-ta-store-map instance from the supplied JSON environment template, JSON constraints templates, purposes, and TAs/CAs",
- Long: `create a CBOR-encoded concise-ta-store-map instance from the supplied JSON environment template, JSON constraints templates, purposes, and TAs/CAs,
-
- Create a concise-ta-store-map from template env-template.json and TAs from tas directory. Since no explicit output file is set,
- the result is saved to the current directory with the env-template as basename and a .cbor extension.
-
- cocli cots create --environment=env-template.json --tas=tas_dir
-
- Create a concise-ta-store-map from env-template.json, claims-template.json, TAs from tas_dir directory, CAs from cas_dir directory, and
- with eat and corim purposes asserted. The result is saved to cots.cbor.
-
- cocli cots create --environment=env-template.json \
- --purpose=eat \
- --purpose=corim \
- --permclaims=claims-template.json \
- --tas=tas_dir \
- --cas=cas_dir \
- --output=cots.cbor
-
- Alternatively one can specify individual TA files (in DER Format) or CA files (binary, DER-encoded X.509 Certificate)
-
- cocli cots create --environment=env-template.json \
- --purpose=eat \
- --purpose=corim \
- --permclaims=claims-template.json \
- --tafile=tas_dir \
- --cafile=cas_dir \
- --output=cots.cbor
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkctsCreateCtsArgs(); err != nil {
- return err
- }
-
- certFilesList := filesList(cotsCreateCtsTaFiles, cotsCreateCtsTaDirs, ".der")
- taiFilesList := filesList(cotsCreateCtsTaFiles, cotsCreateCtsTaDirs, ".ta")
- spkiFilesList := filesList(cotsCreateCtsTaFiles, cotsCreateCtsTaDirs, ".spki")
- tasFilesList := append(certFilesList, taiFilesList...)
- tasFilesList = append(tasFilesList, spkiFilesList...)
- casFilesList := filesList(cotsCreateCtsCaFiles, cotsCreateCtsCaDirs, ".der")
-
- if len(tasFilesList) == 0 {
- return errors.New("no TA files found")
- }
-
- cborFile, err := ctsTemplateToCBOR(*cotsCreateLanguage, *cotsCreateTagID, *cotsCreateTagUUID, *cotsCreateTagUUIDStr, cotsCreateTagVersion, *cotsCreateCtsEnvFile, *cotsCreateCtsPermClaimsFile, *cotsCreateCtsExclClaimsFile, cotsCreateCtsPurposes,
- tasFilesList, casFilesList, cotsCreateCtsOutputFile)
- if err != nil {
- return err
- }
- fmt.Printf(">> created %q\n", cborFile)
-
- return nil
- },
- }
-
- cotsCreateLanguage = cmd.Flags().StringP("language", "l", "", "language tag")
- cotsCreateTagUUIDStr = cmd.Flags().StringP("uuid-str", "", "", "string representation of a UUID to use as tag ID (mutually exclusive from --uuid and --id)")
- cotsCreateTagUUID = cmd.Flags().BoolP("uuid", "", false, "boolean indicating a random UUID value should be used as tag ID (mutually exclusive from --id and --uuid-str)")
- cotsCreateTagID = cmd.Flags().StringP("id", "", "", "string value containing a tag ID value (mutually exclusive from --uuid and --uuid-str)")
- cotsCreateTagVersion = cmd.Flags().UintP("tag-version", "", 0, "integer value indicating version of tag identity (ignored if neither --uuid nor --id are supplied)")
- cotsCreateCtsEnvFile = cmd.Flags().StringP("environment", "e", "", "an environment template file (in JSON format)")
- cotsCreateCtsPermClaimsFile = cmd.Flags().StringP("permclaims", "p", "", "a permitted claims template file (in JSON format)")
- cotsCreateCtsExclClaimsFile = cmd.Flags().StringP("exclclaims", "x", "", "an excluded claims template file (in JSON format)")
-
- cmd.Flags().StringArrayVarP(
- &cotsCreateCtsPurposes, "purpose", "u", []string{}, "string value indicating purpose: cots,corim,comid,coswid,eat,certificate",
- )
-
- cmd.Flags().StringArrayVarP(
- &cotsCreateCtsTaDirs, "tas", "t", []string{}, "a directory containing binary DER-encoded trust anchor files",
- )
- cmd.Flags().StringArrayVarP(
- &cotsCreateCtsTaFiles, "tafile", "f", []string{}, "a DER-encoded trust anchor file",
- )
-
- cmd.Flags().StringArrayVarP(
- &cotsCreateCtsCaDirs, "cas", "c", []string{}, "a directory containing binary DER-encoded X.509 CA certificate files",
- )
- cmd.Flags().StringArrayVarP(
- &cotsCreateCtsCaFiles, "cafile", "", []string{}, "a DER-encoded certificate file",
- )
-
- cotsCreateCtsOutputFile = cmd.Flags().StringP("output", "o", "", "name of the generated CoTS file")
-
- return cmd
-}
-
-func IsValidUUID(u string) bool {
- _, err := uuid.Parse(u)
- return err == nil
-}
-
-func checkctsCreateCtsArgs() error {
- if cotsCreateCtsEnvFile == nil || *cotsCreateCtsEnvFile == "" {
- return errors.New("no environment template supplied")
- }
-
- if (*cotsCreateTagUUID != false && *cotsCreateTagID != "") || (*cotsCreateTagUUID != false && *cotsCreateTagUUIDStr != "") || (*cotsCreateTagUUIDStr != "" && *cotsCreateTagID != "") {
- return errors.New("only one of --uuid, --uuid-str and --id can be used at the same time")
- }
-
- if *cotsCreateTagUUIDStr != "" && !IsValidUUID(*cotsCreateTagUUIDStr) {
- return errors.New("--uuid-str does not contain a valid UUID")
- }
-
- if len(cotsCreateCtsTaFiles)+len(cotsCreateCtsTaDirs) == 0 {
- return errors.New("no TA files or folders supplied")
- }
-
- return nil
-}
-
-func ctsTemplateToCBOR(language string, tagID string, genUUID bool, uuidStr string, version *uint, envFile string, permClaimsFile string, exclClaimsFile string, purposes, taFiles, caFiles []string, outputFile *string) (string, error) {
- var (
- envData []byte
- env cots.EnvironmentGroups
- permClaimsData []byte
- permClaims cots.EatCWTClaim
- exclClaimsData []byte
- exclClaims cots.EatCWTClaim
- err error
- ctsCBOR []byte
- ctsFile string
- )
-
- cts := cots.ConciseTaStore{}
-
- if envData, err = afero.ReadFile(fs, envFile); err != nil {
- return "", fmt.Errorf("error loading template from %s: %w", envFile, err)
- }
-
- if err = env.FromJSON(envData); err != nil {
- return "", fmt.Errorf("error decoding template from %s: %w", envFile, err)
- }
-
- cts.Environments = env
-
- if language != "" {
- cts.Language = &language
- }
-
- if tagID != "" {
- cts.SetTagIdentity(tagID, version)
- } else if genUUID != false {
- u := uuid.New()
- b, _ := u.MarshalBinary()
- cts.SetTagIdentity(b, version)
- } else if uuidStr != "" {
- u, _ := uuid.Parse(uuidStr)
- b, _ := u.MarshalBinary()
- cts.SetTagIdentity(b, version)
- }
-
- if permClaimsFile != "" {
- if permClaimsData, err = afero.ReadFile(fs, permClaimsFile); err != nil {
- return "", fmt.Errorf("error loading template from %s: %w", permClaimsFile, err)
- }
-
- if err = permClaims.FromJSON(permClaimsData); err != nil {
- return "", fmt.Errorf("error decoding template from %s: %w", permClaimsFile, err)
- }
- cts.AddPermClaims(permClaims)
- }
- if exclClaimsFile != "" {
- if exclClaimsData, err = afero.ReadFile(fs, exclClaimsFile); err != nil {
- return "", fmt.Errorf("error loading template from %s: %w", exclClaimsFile, err)
- }
-
- if err = exclClaims.FromJSON(exclClaimsData); err != nil {
- return "", fmt.Errorf("error decoding template from %s: %w", exclClaimsFile, err)
- }
- cts.AddExclClaims(exclClaims)
- }
- if 0 != len(purposes) {
- cts.Purposes = purposes
- }
-
- k := cots.TasAndCas{}
- cts.Keys = &k
- for _, taFile := range taFiles {
- var (
- tadata []byte
- trustAnchor cots.TrustAnchor
- )
-
- tadata, err = afero.ReadFile(fs, taFile)
- if err != nil {
- return "", fmt.Errorf("error loading TA from %s: %w", taFile, err)
- }
- if ".der" == filepath.Ext(taFile) {
- trustAnchor.Format = cots.TaFormatCertificate
- }
- if ".spki" == filepath.Ext(taFile) {
- trustAnchor.Format = cots.TaFormatSubjectPublicKeyInfo
- }
- if ".ta" == filepath.Ext(taFile) {
- trustAnchor.Format = cots.TaFormatTrustAnchorInfo
- }
- trustAnchor.Data = tadata
- cts.Keys.Tas = append(cts.Keys.Tas, trustAnchor)
- }
-
- for _, caFile := range caFiles {
- var (
- cadata []byte
- )
-
- cadata, err = afero.ReadFile(fs, caFile)
- if err != nil {
- return "", fmt.Errorf("error loading CA from %s: %w", caFile, err)
- }
- cts.Keys.Cas = append(cts.Keys.Cas, cadata)
- }
-
- // check the result
- if err = cts.Valid(); err != nil {
- return "", fmt.Errorf("error validating CoTS: %w", err)
- }
-
- ctsCBOR, err = cts.ToCBOR()
- if err != nil {
- return "", fmt.Errorf("error encoding CoTS to CBOR: %w", err)
- }
-
- if outputFile == nil || *outputFile == "" {
- ctsFile = makeFileName("", envFile, ".cbor")
- } else {
- ctsFile = *outputFile
- }
-
- err = afero.WriteFile(fs, ctsFile, ctsCBOR, 0644)
- if err != nil {
- return "", fmt.Errorf("error saving CoTS to file %s: %w", ctsFile, err)
- }
-
- return ctsFile, nil
-}
-
-func init() {
- cotsCmd.AddCommand(cotsCreateCtsCmd)
-}
diff --git a/cocli/cmd/cotsCreate_test.go b/cocli/cmd/cotsCreate_test.go
deleted file mode 100644
index 56a5be8c..00000000
--- a/cocli/cmd/cotsCreate_test.go
+++ /dev/null
@@ -1,146 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
-)
-
-func Test_CotsCreateCtsCmd_unknown_argument(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CotsCreateCtsCmd_no_templates(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- // no args
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no environment template supplied")
-}
-
-func Test_CotsCreateCtsCmd_no_files_found(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no environment template supplied")
-}
-
-func Test_CotsCreateCtsCmd_env_not_found_no_tas(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--environment=nonexistent.json",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no TA files or folders supplied")
-}
-
-func Test_CotsCreateCtsCmd_too_many_ids(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--uuid",
- "--id=some_tag_identity",
- "--environment=../data/cots/templates/env/vendor.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.EqualError(t, err, "only one of --uuid, --uuid-str and --id can be used at the same time")
-}
-
-func Test_CotsCreateCtsCmd_invalid_uuid(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--uuid-str=NotAUuid",
- "--environment=../data/cots/templates/env/vendor.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.EqualError(t, err, "--uuid-str does not contain a valid UUID")
-}
-
-func Test_CotsCreateCtsCmd_loading_env_template_fail(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--environment=nonexistent.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading template from nonexistent.json: open nonexistent.json: no such file or directory")
-}
-
-func Test_CotsCreateCtsCmd_loading_permclaims_template_fail(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--environment=../data/cots/templates/env/vendor.json",
- "--permclaims=nonexistent.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading template from nonexistent.json: open nonexistent.json: no such file or directory")
-}
-
-func Test_CotsCreateCtsCmd_loading_exclclaims_template_fail(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--environment=../data/cots/templates/env/vendor.json",
- "--exclclaims=nonexistent.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.EqualError(t, err, "error loading template from nonexistent.json: open nonexistent.json: no such file or directory")
-}
-
-func Test_CotsCreateCtsCmd_ok(t *testing.T) {
- cmd := NewCotsCreateCtsCmd()
-
- args := []string{
- "--output=output.cbor",
- "--environment=../data/cots/templates/env/vendor.json",
- "--exclclaims=../data/cots/templates/claims/exclclaim.json",
- "--permclaims=../data/cots/templates/claims/permclaim.json",
- "--tafile=../data/cots/shared_ta.ta",
- }
- cmd.SetArgs(args)
- fs = afero.NewOsFs()
- err := cmd.Execute()
- assert.Nil(t, err)
-}
diff --git a/cocli/cmd/cotsDisplay.go b/cocli/cmd/cotsDisplay.go
deleted file mode 100644
index 54254114..00000000
--- a/cocli/cmd/cotsDisplay.go
+++ /dev/null
@@ -1,96 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
-)
-
-var (
- cotsDisplayFiles []string
- cotsDisplayDirs []string
-)
-
-var cotsDisplayCmd = NewCotsDisplayCmd()
-
-func NewCotsDisplayCmd() *cobra.Command {
- cmd := &cobra.Command{
- Use: "display",
- Short: "display one or more CBOR-encoded CoTS(s) in human readable (JSON) format",
- Long: `display one or more CBOR-encoded CoTS(s) in human readable (JSON) format.
- You can supply individual CoTS files or directories containing CoTS files
-
- Display CoTS in cots.cbor
-
- cocli cots display --file=cots.cbor
-
- `,
-
- RunE: func(cmd *cobra.Command, args []string) error {
- if err := checkCotsDisplayArgs(); err != nil {
- return err
- }
-
- filesList := filesList(cotsDisplayFiles, cotsDisplayDirs, ".cbor")
- if len(filesList) == 0 {
- return errors.New("no files found")
- }
-
- errs := 0
- for _, file := range filesList {
- if err := displayCotsFile(file); err != nil {
- fmt.Printf(">> failed displaying %q: %v\n", file, err)
- errs++
- continue
- }
- }
-
- if errs != 0 {
- return fmt.Errorf("%d/%d display(s) failed", errs, len(filesList))
- }
- return nil
- },
- }
-
- cmd.Flags().StringArrayVarP(
- &cotsDisplayFiles, "file", "f", []string{}, "a CoTS file (in CBOR format)",
- )
-
- cmd.Flags().StringArrayVarP(
- &cotsDisplayDirs, "dir", "d", []string{}, "a directory containing CoTS files (in CBOR format)",
- )
-
- return cmd
-}
-
-func displayCotsFile(file string) error {
- var (
- data []byte
- err error
- )
-
- if data, err = afero.ReadFile(fs, file); err != nil {
- return fmt.Errorf("error loading CoTS from %s: %w", file, err)
- }
-
- // use file name as heading
- return printCots(data, ">> ["+file+"]")
-
-}
-
-func checkCotsDisplayArgs() error {
- if len(cotsDisplayFiles) == 0 && len(cotsDisplayDirs) == 0 {
- return errors.New("no files supplied")
- }
-
- return nil
-}
-
-func init() {
- cotsCmd.AddCommand(cotsDisplayCmd)
-}
diff --git a/cocli/cmd/cotsDisplay_test.go b/cocli/cmd/cotsDisplay_test.go
deleted file mode 100644
index 8bcd06c5..00000000
--- a/cocli/cmd/cotsDisplay_test.go
+++ /dev/null
@@ -1,101 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "fmt"
- "testing"
-
- "github.com/spf13/afero"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_CotsDisplayCmd_unknown_argument(t *testing.T) {
- cmd := NewCotsDisplayCmd()
-
- args := []string{"--unknown-argument=val"}
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "unknown flag: --unknown-argument")
-}
-
-func Test_CotsDisplayCmd_no_files(t *testing.T) {
- cmd := NewCotsDisplayCmd()
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files supplied")
-}
-
-func Test_CotsDisplayCmd_no_files_found(t *testing.T) {
- cmd := NewCotsDisplayCmd()
-
- args := []string{
- "--file=unknown",
- "--dir=unsure",
- }
- cmd.SetArgs(args)
-
- err := cmd.Execute()
- assert.EqualError(t, err, "no files found")
-}
-
-func Test_CotsDisplayCmd_file_with_invalid_cbor(t *testing.T) {
- var err error
-
- cmd := NewCotsDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "invalid.cbor", []byte{0xff, 0xff}, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=invalid.cbor",
- }
- cmd.SetArgs(args)
-
- err = cmd.Execute()
- assert.EqualError(t, err, "1/1 display(s) failed")
-}
-
-func Test_CotsDisplayCmd_file_with_valid_cots(t *testing.T) {
- var err error
-
- cmd := NewCotsDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "ok.cbor", testCots, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--file=ok.cbor",
- }
- cmd.SetArgs(args)
-
- fmt.Printf("%x\n", testCots)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
-
-func Test_CotsDisplayCmd_file_with_valid_cots_from_dir(t *testing.T) {
- var err error
-
- cmd := NewCotsDisplayCmd()
-
- fs = afero.NewMemMapFs()
- err = afero.WriteFile(fs, "testdir/ok.cbor", testCots, 0400)
- require.NoError(t, err)
-
- args := []string{
- "--dir=testdir",
- }
- cmd.SetArgs(args)
-
- fmt.Printf("%x\n", testCots)
-
- err = cmd.Execute()
- assert.NoError(t, err)
-}
diff --git a/cocli/cmd/isubmitter.go b/cocli/cmd/isubmitter.go
deleted file mode 100644
index cc9734ed..00000000
--- a/cocli/cmd/isubmitter.go
+++ /dev/null
@@ -1,19 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "github.com/veraison/apiclient/auth"
- "github.com/veraison/apiclient/common"
-)
-
-type ISubmitter interface {
- Run([]byte, string) error
- SetClient(client *common.Client) error
- SetAuth(a auth.IAuthenticator)
- SetSubmitURI(uri string) error
- SetDeleteSession(session bool)
- SetIsInsecure(v bool)
- SetCerts(paths []string)
-}
diff --git a/cocli/cmd/root.go b/cocli/cmd/root.go
deleted file mode 100644
index 6297d248..00000000
--- a/cocli/cmd/root.go
+++ /dev/null
@@ -1,114 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- "errors"
- "fmt"
- "os"
- "path/filepath"
-
- "github.com/spf13/afero"
- "github.com/spf13/cobra"
- "github.com/spf13/viper"
-
- "github.com/veraison/apiclient/auth"
-)
-
-var (
- cfgFile string
- fs = afero.NewOsFs()
-
- cliConfig = &ClientConfig{}
- authMethod = auth.MethodPassthrough
-)
-
-// rootCmd represents the base command when called without any subcommands
-var rootCmd = &cobra.Command{
- Use: "cocli",
- Short: "CoRIM & CoMID swiss-army knife",
- Version: "0.0.1",
- SilenceUsage: true,
- SilenceErrors: true,
-}
-
-type ClientConfig struct {
- Auth auth.IAuthenticator
-}
-
-func Execute() {
- cobra.CheckErr(rootCmd.Execute())
-}
-
-func init() {
- cobra.OnInitialize(initConfig)
-
- rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $XDG_CONFIG_HOME/cocli/config.yaml)")
-}
-
-// initConfig reads in config file and ENV variables if set
-func initConfig() {
- v, err := readConfig(cfgFile)
- cobra.CheckErr(err)
-
- err = authMethod.Set(v.GetString("auth"))
- cobra.CheckErr(err)
-
- switch authMethod {
- case auth.MethodPassthrough:
- cliConfig.Auth = &auth.NullAuthenticator{}
- case auth.MethodBasic:
- cliConfig.Auth = &auth.BasicAuthenticator{}
- err = cliConfig.Auth.Configure(map[string]interface{}{
- "username": v.GetString("username"),
- "password": v.GetString("password"),
- })
- cobra.CheckErr(err)
- case auth.MethodOauth2:
- cliConfig.Auth = &auth.Oauth2Authenticator{}
- err = cliConfig.Auth.Configure(map[string]interface{}{
- "client_id": v.GetString("client_id"),
- "client_secret": v.GetString("client_secret"),
- "token_url": v.GetString("token_url"),
- "username": v.GetString("username"),
- "password": v.GetString("password"),
- "ca_certs": v.GetStringSlice("ca_cert"),
- })
- cobra.CheckErr(err)
- default:
- // Should never get here as authMethod value is set via
- // Method.Set(), which ensures that it's one of the above.
- panic(fmt.Sprintf("unknown auth method: %q", authMethod))
- }
-}
-
-func readConfig(path string) (*viper.Viper, error) {
- v := viper.GetViper()
- if path != "" {
- v.SetConfigFile(path)
- } else {
- wd, err := os.Getwd()
- if err != nil {
- return nil, err
- }
-
- userConfigDir, err := os.UserConfigDir()
- if err == nil {
- v.AddConfigPath(filepath.Join(userConfigDir, "cocli"))
- }
- v.AddConfigPath(wd)
- v.SetConfigType("yaml")
- v.SetConfigName("config")
- }
-
- v.SetEnvPrefix("cocli")
- v.AutomaticEnv()
-
- err := v.ReadInConfig()
- if errors.As(err, &viper.ConfigFileNotFoundError{}) {
- err = nil
- }
-
- return v, err
-}
diff --git a/cocli/cmd/test_vars.go b/cocli/cmd/test_vars.go
deleted file mode 100644
index 99b6ee9a..00000000
--- a/cocli/cmd/test_vars.go
+++ /dev/null
@@ -1,66 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package cmd
-
-import (
- _ "embed"
-
- "github.com/veraison/corim/comid"
-)
-
-var (
- minimalCorimTemplate = []byte(`{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc"
- }`)
- badCBOR = comid.MustHexDecode(nil, "ffff")
- // a "tag-id only" CoMID {1: {0: h'366D0A0A598845ED84882F2A544F6242'}}
- invalidComid = comid.MustHexDecode(nil,
- "a101a10050366d0a0a598845ed84882f2a544f6242",
- )
- //
- invalidCots = comid.MustHexDecode(nil, "a2028006a100f6")
- // note: embedded CoSWIDs are not validated {0: h'5C57E8F446CD421B91C908CF93E13CFC', 1: [505(h'deadbeef')]}
- testCorimValid = comid.MustHexDecode(nil,
- "a200505c57e8f446cd421b91c908cf93e13cfc0181d901f944deadbeef",
- )
- // {0: h'5C57E8F446CD421B91C908CF93E13CFC'}
- testCorimInvalid = comid.MustHexDecode(nil,
- "a100505c57e8f446cd421b91c908cf93e13cfc",
- )
- testMetaInvalid = []byte("{}")
- testMetaValid = []byte(`{
- "signer": {
- "name": "ACME Ltd signing key",
- "uri": "https://acme.example"
- },
- "validity": {
- "not-before": "2021-12-31T00:00:00Z",
- "not-after": "2025-12-31T00:00:00Z"
- }
- }`)
-
- //go:embed testcases/ec-p256.jwk
- testECKey []byte
-
- //go:embed testcases/signed-corim-valid.cbor
- testSignedCorimValid []byte
-
- //go:embed testcases/signed-corim-invalid.cbor
- testSignedCorimInvalid []byte
-
- //go:embed testcases/signed-corim-valid-with-cots.cbor
- testSignedCorimValidWithCots []byte
-
- //go:embed testcases/psa-refval.cbor
- PSARefValCBOR []byte
-
- //go:embed testcases/test-comid.cbor
- testComid []byte
-
- //go:embed testcases/test-coswid.cbor
- testCoswid []byte
-
- //go:embed testcases/test-cots.cbor
- testCots []byte
-)
diff --git a/cocli/cmd/testcases/ec-p256.jwk b/cocli/cmd/testcases/ec-p256.jwk
deleted file mode 100644
index e3c07719..00000000
--- a/cocli/cmd/testcases/ec-p256.jwk
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "kty": "EC",
- "crv": "P-256",
- "x": "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
- "y": "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
- "d": "870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE",
- "use": "enc",
- "kid": "1"
-}
diff --git a/cocli/cmd/testcases/psa-refval-orig.cbor b/cocli/cmd/testcases/psa-refval-orig.cbor
deleted file mode 100644
index acd82404..00000000
Binary files a/cocli/cmd/testcases/psa-refval-orig.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/psa-refval.cbor b/cocli/cmd/testcases/psa-refval.cbor
deleted file mode 100644
index e37b711c..00000000
Binary files a/cocli/cmd/testcases/psa-refval.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/regen-from-src.sh b/cocli/cmd/testcases/regen-from-src.sh
deleted file mode 100644
index c27f6c69..00000000
--- a/cocli/cmd/testcases/regen-from-src.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/usr/bin/bash
-# Copyright 2024 Contributors to the Veraison project.
-# SPDX-License-Identifier: Apache-2.0
-set -e
-
-GEN_TESTCASE=$(go env GOPATH)/bin/gen-testcase
-
-if [[ ! -f ${GEN_TESTCASE} ]]; then
- echo "installing gen-testcase"
-
- go install github.com/veraison/gen-testcase@v0.0.1
-fi
-
-testcases=(
- psa-refval
- test-comid
- test-coswid
- test-cots
-)
-
-signed_testcases=(
- signed-corim-valid
- signed-corim-invalid
- signed-corim-valid-with-cots
-)
-
-for case in "${testcases[@]}"; do
- echo "generating ${case}.cbor"
-
- ${GEN_TESTCASE} "src/${case}.yaml" -o "${case}.cbor"
-done
-
-for case in "${signed_testcases[@]}"; do
- echo "generating ${case}.cbor"
-
- ${GEN_TESTCASE} -s ec-p256.jwk -m "src/${case}-meta.yaml" "src/${case}.yaml" \
- -o "${case}.cbor"
-done
-
-echo "done."
diff --git a/cocli/cmd/testcases/signed-corim-invalid.cbor b/cocli/cmd/testcases/signed-corim-invalid.cbor
deleted file mode 100644
index 53fff8fa..00000000
Binary files a/cocli/cmd/testcases/signed-corim-invalid.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/signed-corim-valid-with-cots.cbor b/cocli/cmd/testcases/signed-corim-valid-with-cots.cbor
deleted file mode 100644
index 69bd669e..00000000
Binary files a/cocli/cmd/testcases/signed-corim-valid-with-cots.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/signed-corim-valid.cbor b/cocli/cmd/testcases/signed-corim-valid.cbor
deleted file mode 100644
index 2923cdd5..00000000
Binary files a/cocli/cmd/testcases/signed-corim-valid.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/src/psa-refval.yaml b/cocli/cmd/testcases/src/psa-refval.yaml
deleted file mode 100644
index 9a5d71e7..00000000
--- a/cocli/cmd/testcases/src/psa-refval.yaml
+++ /dev/null
@@ -1,76 +0,0 @@
----
-0: en-GB
-1:
- 0: !!binary |-
- Q7vjfy5hSzOu01PP8UKLFg==
-2:
-- 0: ACME Ltd.
- 1:
- tag: 32
- value: https://acme.example
- 2:
- - 0
- - 1
- - 2
-4:
- 0:
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: BL
- 4: 2.1.0
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: PRoT
- 4: 1.3.5
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: ARoT
- 4: 0.1.4
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=
diff --git a/cocli/cmd/testcases/src/signed-corim-invalid-meta.yaml b/cocli/cmd/testcases/src/signed-corim-invalid-meta.yaml
deleted file mode 100644
index f3be19ff..00000000
--- a/cocli/cmd/testcases/src/signed-corim-invalid-meta.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-0:
- 0: ACME Ltd signing key
- 1:
- tag: 32
- value: https://acme.example
-1:
- 0:
- tag: 1
- value: 1640908800
- 1:
- tag: 1
- value: 1767139200
diff --git a/cocli/cmd/testcases/src/signed-corim-invalid.yaml b/cocli/cmd/testcases/src/signed-corim-invalid.yaml
deleted file mode 100644
index 2fbf0ffd..00000000
--- a/cocli/cmd/testcases/src/signed-corim-invalid.yaml
+++ /dev/null
@@ -1 +0,0 @@
---- {}
diff --git a/cocli/cmd/testcases/src/signed-corim-valid-meta.yaml b/cocli/cmd/testcases/src/signed-corim-valid-meta.yaml
deleted file mode 100644
index abffebe3..00000000
--- a/cocli/cmd/testcases/src/signed-corim-valid-meta.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-1:
- 0:
- tag: 1
- value: 1640908800
- 1:
- tag: 1
- value: 1767139200
-0:
- 1:
- tag: 32
- value: https://acme.example
- 0: ACME Ltd signing key
diff --git a/cocli/cmd/testcases/src/signed-corim-valid-with-cots-meta.yaml b/cocli/cmd/testcases/src/signed-corim-valid-with-cots-meta.yaml
deleted file mode 100644
index e472e598..00000000
--- a/cocli/cmd/testcases/src/signed-corim-valid-with-cots-meta.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-0:
- 0: ACME Ltd signing key
diff --git a/cocli/cmd/testcases/src/signed-corim-valid-with-cots.yaml b/cocli/cmd/testcases/src/signed-corim-valid-with-cots.yaml
deleted file mode 100644
index de094026..00000000
--- a/cocli/cmd/testcases/src/signed-corim-valid-with-cots.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-0: !!binary |-
- XFfo9EbNQhuRyQjPk+E8/A==
-1:
-- !!binary |-
- 2QH7ogKBoQGhAKEA2G9EKgMEBQahAISCAVkC2aKCAtUwggLRMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzdH+ZM8sBM2TmG2ldtztzfHJLt/SaCzY5Rz8BAm1ww1qdC6QDtc9uPP4aMulFv02TEzz0f/d18B7BtepkhcvFwQUioTP+YCVo7w21u6lGNaXjZvXH2AwggJcMFwxCzAJBgNVBAYMAlVTMR8wHQYDVQQKDBZTbm9iYmlzaCBBcHBhcmVsLCBJbmMuMSwwKgYDVQQDDCNTbm9iYmlzaCBBcHBhcmVsLCBJbmMuIFRydXN0IEFuY2hvcqCCAfowggGfoAMCAQICFBAbk0RlwBBFRB4buMWnwJ6pvqmIMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYMAlVTMR8wHQYDVQQKDBZTbm9iYmlzaCBBcHBhcmVsLCBJbmMuMSwwKgYDVQQDDCNTbm9iYmlzaCBBcHBhcmVsLCBJbmMuIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDhaFw0zMjA1MTYxNTEzMDhaMFwxCzAJBgNVBAYMAlVTMR8wHQYDVQQKDBZTbm9iYmlzaCBBcHBhcmVsLCBJbmMuMSwwKgYDVQQDDCNTbm9iYmlzaCBBcHBhcmVsLCBJbmMuIFRydXN0IEFuY2hvcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABM3R/mTPLATNk5htpXbc7c3xyS7f0mgs2OUc/AQJtcMNanQukA7XPbjz+GjLpRb9NkxM89H/3dfAewbXqZIXLxejPzA9MB0GA1UdDgQWBBSKhM/5gJWjvDbW7qUY1peNm9cfYDALBgNVHQ8EBAMCAoQwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNJADBGAiEAtnH+N39zz5Qjuv3cb+NH7SIMcU6Chxe9lMxDb+/suMoCIQCBrQv6+khmhTGj+8w9hJaAbiF07clrvB8JfmBnV0WPd4IBWQK6ooICtjCCArIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASXz21w12owQAx58euratYWiHEkhxDU9MEgetrvAtGYZxNnkfLCsp9vLcw8ISXC8tL97k9ZCUtnr0MzLw37XKRABBT22tHlEou/DenpU0Ozccb3/+fibjCCAj0wUjELMAkGA1UEBgwCVVMxGjAYBgNVBAoMEVplc3R5IEhhbmRzLCBJbmMuMScwJQYDVQQDDB5aZXN0eSBIYW5kcywgSW5jLiBUcnVzdCBBbmNob3KgggHlMIIBi6ADAgECAhQL3EqgUXlQPljyddVSRnNHvK+1MzAKBggqhkjOPQQDAjBSMQswCQYDVQQGDAJVUzEaMBgGA1UECgwRWmVzdHkgSGFuZHMsIEluYy4xJzAlBgNVBAMMHlplc3R5IEhhbmRzLCBJbmMuIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDdaFw0zMjA1MTYxNTEzMDdaMFIxCzAJBgNVBAYMAlVTMRowGAYDVQQKDBFaZXN0eSBIYW5kcywgSW5jLjEnMCUGA1UEAwweWmVzdHkgSGFuZHMsIEluYy4gVHJ1c3QgQW5jaG9yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEl89tcNdqMEAMefHrq2rWFohxJIcQ1PTBIHra7wLRmGcTZ5HywrKfby3MPCElwvLS/e5PWQlLZ69DMy8N+1ykQKM/MD0wHQYDVR0OBBYEFPba0eUSi78N6elTQ7Nxxvf/5+JuMAsGA1UdDwQEAwIChDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIB2li+f6RCxs2EnvNWciSpIDwiUViWayGv1A8xks80eYAiEAmCez4KGrolFKOZT6bvqf1sYQuJBfvtk/y1JQdUvoqliCAVkCfqKCAnowggJ2MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE41GqEDkkB6S9A3ygvBFU0OcB8GdPOcssT5IQaSzrvuwdJ5d9xWFldR4OI3v9+xU26ZqIRZFClmHfNc/AvytQzAQUAVxFyaywRipxXdcQoHjAFUnxAT8wggIBMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcqCCAb0wggFkoAMCAQICFQDQnZC/PVJcx3PVIu131Z4iu6RbiDAKBggqhkjOPQQDAjA+MQswCQYDVQQGDAJVUzEQMA4GA1UECgwHRXhhbXBsZTEdMBsGA1UEAwwURXhhbXBsZSBUcnVzdCBBbmNob3IwHhcNMjIwNTE5MTUxMzA3WhcNMzIwNTE2MTUxMzA3WjA+MQswCQYDVQQGDAJVUzEQMA4GA1UECgwHRXhhbXBsZTEdMBsGA1UEAwwURXhhbXBsZSBUcnVzdCBBbmNob3IwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATjUaoQOSQHpL0DfKC8EVTQ5wHwZ085yyxPkhBpLOu+7B0nl33FYWV1Hg4je/37FTbpmohFkUKWYd81z8C/K1DMoz8wPTAdBgNVHQ4EFgQUAVxFyaywRipxXdcQoHjAFUnxAT8wCwYDVR0PBAQDAgKEMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgCwYnQAbH6cxtJUy/RIfW+gFG6p8xfpKBGW4L6ab77fUCIFaBPm4RDdI+sEj83j4y6xHQ/jxIMoxyea2wNdUj6v9TggJYWzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABK2KDAHantoCU9wrwnIn2cchPfjfE+icuc23qOS2LZzoqZotcFwPf4DbZcAG0QkUIrR/xhHL1Ghpcz2cSDiE1f4=
diff --git a/cocli/cmd/testcases/src/signed-corim-valid.yaml b/cocli/cmd/testcases/src/signed-corim-valid.yaml
deleted file mode 100644
index 513f2aeb..00000000
--- a/cocli/cmd/testcases/src/signed-corim-valid.yaml
+++ /dev/null
@@ -1,99 +0,0 @@
-0: !!binary |-
- XFfo9EbNQhuRyQjPk+E8/A==
-1:
-- encodedCBOR:
- tag: 506
- value:
- 0: en-GB
- 1:
- 0: !!binary |-
- Q7vjfy5hSzOu01PP8UKLFg==
- 2:
- - 0: ACME Ltd.
- 1:
- tag: 32
- value: https://acme.example
- 2:
- - 0
- - 1
- - 2
- 4:
- 0:
- - - 0:
- 0:
- tag: 600
- value: acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: BL
- 4: 2.1.0
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=
- - - 0:
- 0:
- tag: 600
- value: acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: PRoT
- 4: 1.3.5
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=
- - - 0:
- 0:
- tag: 600
- value: acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: ARoT
- 4: 0.1.4
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=
-2:
-- 0:
- tag: 32
- value: https://parent.example/rims/ccb3aa85-61b4-40f1-848e-02ad6e8a254b
- 1:
- - 1
- - !!binary |-
- 5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU=
-3: http://arm.com/iot/profile/1
-4:
- 0:
- tag: 1
- value: 1640908800
- 1:
- tag: 1
- value: 1767139200
-5:
-- 0: ACME Ltd.
- 1:
- tag: 32
- value: acme.example
- 2:
- - 1
-
diff --git a/cocli/cmd/testcases/src/test-comid.yaml b/cocli/cmd/testcases/src/test-comid.yaml
deleted file mode 100644
index 9a5d71e7..00000000
--- a/cocli/cmd/testcases/src/test-comid.yaml
+++ /dev/null
@@ -1,76 +0,0 @@
----
-0: en-GB
-1:
- 0: !!binary |-
- Q7vjfy5hSzOu01PP8UKLFg==
-2:
-- 0: ACME Ltd.
- 1:
- tag: 32
- value: https://acme.example
- 2:
- - 0
- - 1
- - 2
-4:
- 0:
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: BL
- 4: 2.1.0
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: PRoT
- 4: 1.3.5
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8=
- - - 0:
- 0:
- tag: 600
- value: !!binary |-
- YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDEK
- # acme-implementation-id-000000001
- 1: ACME
- 2: RoadRunner
- - 0:
- tag: 601
- value:
- 1: ARoT
- 4: 0.1.4
- 5: !!binary |-
- rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs=
- 1:
- 2:
- - - 1
- - !!binary |-
- o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg=
diff --git a/cocli/cmd/testcases/src/test-coswid.yaml b/cocli/cmd/testcases/src/test-coswid.yaml
deleted file mode 100644
index 912c1a67..00000000
--- a/cocli/cmd/testcases/src/test-coswid.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-0: com.acme.rrd2013-ce-sp1-v4-1-5-0
-12: 0
-1: ACME Roadrunner Detector 2013 Coyote Edition SP1
-13: 4.1.5
-5:
- 43: trial
- 45: '2013'
- 47: coyote
- 52: Roadrunner Detector
- 54: sp1
-2:
-- 31: The ACME Corporation
- 32: acme.com
- 33:
- - 1
- - 2
-- 31: Coyote Services, Inc.
- 32: mycoyote.com
- 33: 4
-4:
- 38: www.gnu.org/licenses/gpl.txt
- 40: license
-6:
- 16:
- 24: rrdetector
- 25: "%programdata%"
- 26:
- 17:
- 24: rrdetector.exe
- 20: 532712
- 7:
- - 1
- - !!binary |-
- oxT8LcZjrnpra8Z4dZQFc5bms/VpzVD9XdtNG7r9K2o=
diff --git a/cocli/cmd/testcases/src/test-cots.yaml b/cocli/cmd/testcases/src/test-cots.yaml
deleted file mode 100644
index af6af0c2..00000000
--- a/cocli/cmd/testcases/src/test-cots.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-1:
- 0: !!binary |-
- qw9Esb/cRgSrSjD4BAfrzA==
-2:
-- 3: Miscellaneous TA Store
-6:
- 0:
- - - 0 # pkix-cert-type
- - !!binary |-
- MIIBvTCCAWSgAwIBAgIVANCdkL89UlzHc9Ui7XfVniK7pFuIMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDdaFw0zMjA1MTYxNTEzMDdaMD4xCzAJBgNVBAYMAlVTMRAwDgYDVQQKDAdFeGFtcGxlMR0wGwYDVQQDDBRFeGFtcGxlIFRydXN0IEFuY2hvcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABONRqhA5JAekvQN8oLwRVNDnAfBnTznLLE+SEGks677sHSeXfcVhZXUeDiN7/fsVNumaiEWRQpZh3zXPwL8rUMyjPzA9MB0GA1UdDgQWBBQBXEXJrLBGKnFd1xCgeMAVSfEBPzALBgNVHQ8EBAMCAoQwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiALBidABsfpzG0lTL9Eh9b6AUbqnzF+koEZbgvppvvt9QIgVoE+bhEN0j6wSPzePjLrEdD+PEgyjHJ5rbA11SPq/1M=
- - - 1 # pkix-tainfo-type
- - !!binary |-
- ooICtjCCArIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASXz21w12owQAx58euratYWiHEkhxDU9MEgetrvAtGYZxNnkfLCsp9vLcw8ISXC8tL97k9ZCUtnr0MzLw37XKRABBT22tHlEou/DenpU0Ozccb3/+fibjCCAj0wUjELMAkGA1UEBgwCVVMxGjAYBgNVBAoMEVplc3R5IEhhbmRzLCBJbmMuMScwJQYDVQQDDB5aZXN0eSBIYW5kcywgSW5jLiBUcnVzdCBBbmNob3KgggHlMIIBi6ADAgECAhQL3EqgUXlQPljyddVSRnNHvK+1MzAKBggqhkjOPQQDAjBSMQswCQYDVQQGDAJVUzEaMBgGA1UECgwRWmVzdHkgSGFuZHMsIEluYy4xJzAlBgNVBAMMHlplc3R5IEhhbmRzLCBJbmMuIFRydXN0IEFuY2hvcjAeFw0yMjA1MTkxNTEzMDdaFw0zMjA1MTYxNTEzMDdaMFIxCzAJBgNVBAYMAlVTMRowGAYDVQQKDBFaZXN0eSBIYW5kcywgSW5jLjEnMCUGA1UEAwweWmVzdHkgSGFuZHMsIEluYy4gVHJ1c3QgQW5jaG9yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEl89tcNdqMEAMefHrq2rWFohxJIcQ1PTBIHra7wLRmGcTZ5HywrKfby3MPCElwvLS/e5PWQlLZ69DMy8N+1ykQKM/MD0wHQYDVR0OBBYEFPba0eUSi78N6elTQ7Nxxvf/5+JuMAsGA1UdDwQEAwIChDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIB2li+f6RCxs2EnvNWciSpIDwiUViWayGv1A8xks80eYAiEAmCez4KGrolFKOZT6bvqf1sYQuJBfvtk/y1JQdUvoqlg=
- - - 1 # pkix-tainfo-type
- - !!binary |-
- ooIC1TCCAtEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN0f5kzywEzZOYbaV23O3N8cku39JoLNjlHPwECbXDDWp0LpAO1z248/hoy6UW/TZMTPPR/93XwHsG16mSFy8XBBSKhM/5gJWjvDbW7qUY1peNm9cfYDCCAlwwXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yoIIB+jCCAZ+gAwIBAgIUEBuTRGXAEEVEHhu4xafAnqm+qYgwCgYIKoZIzj0EAwIwXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yMB4XDTIyMDUxOTE1MTMwOFoXDTMyMDUxNjE1MTMwOFowXDELMAkGA1UEBgwCVVMxHzAdBgNVBAoMFlNub2JiaXNoIEFwcGFyZWwsIEluYy4xLDAqBgNVBAMMI1Nub2JiaXNoIEFwcGFyZWwsIEluYy4gVHJ1c3QgQW5jaG9yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzdH+ZM8sBM2TmG2ldtztzfHJLt/SaCzY5Rz8BAm1ww1qdC6QDtc9uPP4aMulFv02TEzz0f/d18B7BtepkhcvF6M/MD0wHQYDVR0OBBYEFIqEz/mAlaO8NtbupRjWl42b1x9gMAsGA1UdDwQEAwIChDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0kAMEYCIQC2cf43f3PPlCO6/dxv40ftIgxxToKHF72UzENv7+y4ygIhAIGtC/r6SGaFMaP7zD2EloBuIXTtyWu8Hwl+YGdXRY93
diff --git a/cocli/cmd/testcases/test-comid.cbor b/cocli/cmd/testcases/test-comid.cbor
deleted file mode 100644
index 42a79e38..00000000
Binary files a/cocli/cmd/testcases/test-comid.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/test-coswid.cbor b/cocli/cmd/testcases/test-coswid.cbor
deleted file mode 100644
index 775208cc..00000000
Binary files a/cocli/cmd/testcases/test-coswid.cbor and /dev/null differ
diff --git a/cocli/cmd/testcases/test-cots.cbor b/cocli/cmd/testcases/test-cots.cbor
deleted file mode 100644
index 4820e0ab..00000000
Binary files a/cocli/cmd/testcases/test-cots.cbor and /dev/null differ
diff --git a/cocli/data/comid/1.cbor b/cocli/data/comid/1.cbor
deleted file mode 100644
index 35e0cb60..00000000
Binary files a/cocli/data/comid/1.cbor and /dev/null differ
diff --git a/cocli/data/comid/2.cbor b/cocli/data/comid/2.cbor
deleted file mode 100644
index b35b2add..00000000
Binary files a/cocli/data/comid/2.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-cca-mult-refval.cbor b/cocli/data/comid/comid-cca-mult-refval.cbor
deleted file mode 100644
index 12761868..00000000
Binary files a/cocli/data/comid/comid-cca-mult-refval.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-cca-refval.cbor b/cocli/data/comid/comid-cca-refval.cbor
deleted file mode 100644
index 2e2126c7..00000000
Binary files a/cocli/data/comid/comid-cca-refval.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-dice-refval.cbor b/cocli/data/comid/comid-dice-refval.cbor
deleted file mode 100644
index 29c83a2a..00000000
Binary files a/cocli/data/comid/comid-dice-refval.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-psa-iakpub.cbor b/cocli/data/comid/comid-psa-iakpub.cbor
deleted file mode 100644
index 4975373f..00000000
Binary files a/cocli/data/comid/comid-psa-iakpub.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-psa-integ-iakpub.cbor b/cocli/data/comid/comid-psa-integ-iakpub.cbor
deleted file mode 100644
index b8c4aa83..00000000
Binary files a/cocli/data/comid/comid-psa-integ-iakpub.cbor and /dev/null differ
diff --git a/cocli/data/comid/comid-psa-refval.cbor b/cocli/data/comid/comid-psa-refval.cbor
deleted file mode 100644
index acd82404..00000000
Binary files a/cocli/data/comid/comid-psa-refval.cbor and /dev/null differ
diff --git a/cocli/data/comid/templates/comid-cca-mult-refval.json b/cocli/data/comid/templates/comid-cca-mult-refval.json
deleted file mode 100644
index 229c3b57..00000000
--- a/cocli/data/comid/templates/comid-cca-mult-refval.json
+++ /dev/null
@@ -1,94 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
- "version": 0
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "https://acme.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "reference-values": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- }
- },
- "measurements": [
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "BL",
- "version": "2.1.0",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc="
- ]
- }
- },
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "PRoT",
- "version": "1.3.5",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8="
- ]
- }
- },
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "ARoT",
- "version": "0.1.4",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg="
- ]
- }
- },
- {
- "key": {
- "type": "cca.platform-config-id",
- "value": "cfg v1.0.0"
- },
- "value": {
- "raw-value": {
- "type": "bytes",
- "value": "cmF3dmFsdWUKcmF3dmFsdWUK"
- }
- }
- }
- ]
- }
- ]
- }
-}
-
diff --git a/cocli/data/comid/templates/comid-cca-realm-refval.json b/cocli/data/comid/templates/comid-cca-realm-refval.json
deleted file mode 100644
index 965d9fd2..00000000
--- a/cocli/data/comid/templates/comid-cca-realm-refval.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
- "version": 0
- },
- "entities": [
- {
- "name": "Workload Client Ltd.",
- "regid": "https://workloadclient.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "reference-values": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "uuid",
- "value": "CD1F0E55-26F9-460D-B9D8-F7FDE171787C"
- },
- "vendor": "Workload Client Ltd"
- },
- "instance": {
- "type": "bytes",
- "value": "QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1"
- }
- },
- "measurements": [
- {
- "value": {
- "integrity-registers": {
- "rim": {
- "key-type": "text",
- "value": [
- "sha-384;QoS1aUymwNLPR4mguVrIAlyBjeUjBDZL580pgbLS7caFsyInfsJYGZYkE9jJssH1"
- ]
- },
- "rem0": {
- "key-type": "text",
- "value": [
- "sha-384;IQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4"
- ]
- },
- "rem1": {
- "key-type": "text",
- "value": [
- "sha-384;JQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4"
- ]
- },
- "rem2": {
- "key-type": "text",
- "value": [
- "sha-384;MQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4"
- ]
- },
- "rem3": {
- "key-type": "text",
- "value": [
- "sha-384;NQe752H8pS2VE2oTVNt6TdV7Gya+DT2nHZ6yOYazS6YVq/ZRTPNeWp6lWgMtBop4"
- ]
- }
- }
- }
- }
- ]
- }
- ]
- }
-}
\ No newline at end of file
diff --git a/cocli/data/comid/templates/comid-cca-refval.json b/cocli/data/comid/templates/comid-cca-refval.json
deleted file mode 100644
index 974a473b..00000000
--- a/cocli/data/comid/templates/comid-cca-refval.json
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
- "version": 0
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "https://acme.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "reference-values": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- }
- },
- "measurements": [
- {
- "key": {
- "type": "cca.platform-config-id",
- "value": "cfg v1.0.0"
- },
- "value": {
- "raw-value": {
- "type": "bytes",
- "value": "cmF3dmFsdWUKcmF3dmFsdWUK"
- }
- }
- }
- ]
- }
- ]
- }
-}
-
diff --git a/cocli/data/comid/templates/comid-dice-refval.json b/cocli/data/comid/templates/comid-dice-refval.json
deleted file mode 100644
index d598c2d1..00000000
--- a/cocli/data/comid/templates/comid-dice-refval.json
+++ /dev/null
@@ -1,70 +0,0 @@
-{
- "tag-identity": {
- "id": "1D5A8C7C-1C70-4C56-937E-3C5713AE5A83"
- },
- "triples": {
- "reference-values": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "uuid",
- "value": "DD6661F0-0928-4401-966B-589EA74E3272"
- },
- "model": "FMC",
- "layer": 0,
- "index": 0
- }
- },
- "measurements": [
- {
- "value": {
- "op-flags": [
- "notSecure",
- "debug"
- ],
- "digests": [
- "sha-256:RKozavTLFKh5Qy5T3WVxx/qbzK+3X0iCWSYtbqOk2Rs="
- ],
- "svn": {
- "type": "exact-value",
- "value": 10
- }
- }
- }
- ]
- },
- {
- "environment": {
- "class": {
- "id": {
- "type": "uuid",
- "value": "FFDA7CF3-2333-4A91-99A8-068626203ACA"
- },
- "model": "L1",
- "layer": 1,
- "index": 0
- }
- },
- "measurements": [
- {
- "value": {
- "op-flags": [
- "notSecure",
- "debug"
- ],
- "digests": [
- "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=",
- "sha-256:VgXOanU71cskR7hhl418y0an8zsD772wLJYg2o6awD0="
- ],
- "svn": {
- "type": "exact-value",
- "value": 2
- }
- }
- }
- ]
- }
- ]
- }
-}
diff --git a/cocli/data/comid/templates/comid-psa-iakpub.json b/cocli/data/comid/templates/comid-psa-iakpub.json
deleted file mode 100644
index 47ef11d3..00000000
--- a/cocli/data/comid/templates/comid-psa-iakpub.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "366D0A0A-5988-45ED-8488-2F2A544F6242",
- "version": 0
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "https://acme.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "attester-verification-keys": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- },
- "instance": {
- "type": "ueid",
- "value": "Ac7rrnuJJ6MiflMDz14PH3s0u1Qq1yUKwD+83jbsLxUI"
- }
- },
- "verification-keys": [
- {
- "type": "pkix-base64-key",
- "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFn0taoAwR3PmrKkYLtAsD9o05KSM6mbgfNCgpuL0g6VpTHkZl73wk5BDxoV7n+Oeee0iIqkW3HMZT3ETiniJdg==\n-----END PUBLIC KEY-----"
- }
- ]
- },
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- },
- "instance": {
- "type": "ueid",
- "value": "AUyj5PUL8kjDl4cCDWj/0FyIdndRvyZFypI/V6mL7NKW"
- }
- },
- "verification-keys": [
- {
- "type": "pkix-base64-key",
- "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6Vwqe7hy3O8Ypa+BUETLUjBNU3rEXVUyt9XHR7HJWLG7XTKQd9i1kVRXeBPDLFnfYru1/euxRnJM7H9UoFDLdA==\n-----END PUBLIC KEY-----"
- }
- ]
- }
- ]
- }
-}
diff --git a/cocli/data/comid/templates/comid-psa-integ-iakpub.json b/cocli/data/comid/templates/comid-psa-integ-iakpub.json
deleted file mode 100644
index 2f421794..00000000
--- a/cocli/data/comid/templates/comid-psa-integ-iakpub.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "366D0A0A-5988-45ED-8488-2F2A544F6242",
- "version": 0
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "https://acme.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "attester-verification-keys": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- },
- "instance": {
- "type": "ueid",
- "value": "Ac7rrnuJJ6MiflMDz14PH3s0u1Qq1yUKwD+83jbsLxUI"
- }
- },
- "verification-keys": [
- {
- "type": "pkix-base64-key",
- "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMKBCTNIcKUSDii11ySs3526iDZ8A\niTo7Tu6KPAqv7D7gS2XpJFbZiItSs3m9+9Ue6GnvHw/GW2ZZaVtszggXIw==\n-----END PUBLIC KEY-----"
- }
- ]
- },
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- },
- "instance": {
- "type": "ueid",
- "value": "AUyj5PUL8kjDl4cCDWj/0FyIdndRvyZFypI/V6mL7NKW"
- }
- },
- "verification-keys": [
- {
- "type": "pkix-base64-key",
- "value": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6Vwqe7hy3O8Ypa+BUETLUjBNU3rEXVUyt9XHR7HJWLG7XTKQd9i1kVRXeBPDLFnfYru1/euxRnJM7H9UoFDLdA==\n-----END PUBLIC KEY-----"
- }
- ]
- }
- ]
- }
-}
diff --git a/cocli/data/comid/templates/comid-psa-refval.json b/cocli/data/comid/templates/comid-psa-refval.json
deleted file mode 100644
index 8fd66fbc..00000000
--- a/cocli/data/comid/templates/comid-psa-refval.json
+++ /dev/null
@@ -1,81 +0,0 @@
-{
- "lang": "en-GB",
- "tag-identity": {
- "id": "43BBE37F-2E61-4B33-AED3-53CFF1428B16",
- "version": 0
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "https://acme.example",
- "roles": [
- "tagCreator",
- "creator",
- "maintainer"
- ]
- }
- ],
- "triples": {
- "reference-values": [
- {
- "environment": {
- "class": {
- "id": {
- "type": "psa.impl-id",
- "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
- },
- "vendor": "ACME",
- "model": "RoadRunner"
- }
- },
- "measurements": [
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "BL",
- "version": "2.1.0",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc="
- ]
- }
- },
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "PRoT",
- "version": "1.3.5",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8="
- ]
- }
- },
- {
- "key": {
- "type": "psa.refval-id",
- "value": {
- "label": "ARoT",
- "version": "0.1.4",
- "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
- }
- },
- "value": {
- "digests": [
- "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg="
- ]
- }
- }
- ]
- }
- ]
- }
-}
diff --git a/cocli/data/config/example-config.yaml b/cocli/data/config/example-config.yaml
deleted file mode 100644
index d067efbc..00000000
--- a/cocli/data/config/example-config.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file contains example configuration for connecting to Veraison services.
-# This configuration is only necessary for the `cocli corim submit` sub-command,
-# as that is the only instance where remote service configuration is used. You
-# do not need this configuration for creating or manipulating corims/corim and
-# related objects locally.
-
-# API Server submit endpoint URL.
-api_server: https://veraison.example/endorsement-provisioning/v1/submit
-
-# Authentication method used by the remote service.
-auth: none # may also be "basic" or "oauth2"
-
-# Credentials for the remote service.
-username: example_user # used only if auth is "basic" or "oauth2"
-password: Passw0rd! # used only if auth is "basic" or "oauth2"; this can also
- # be specfied on the command line using --password, or by
- # setting COCLI_PASSWORD environment variable
-
-# OAuth2 cofiguration for the authorisation server associated with the remote
-# service.
-client_id: veraison-client # used only if auth is "oauth2"
-client_secret: YifmabB4cVSPPtFLAmHfq7wKaEHQn10Z # used only if auth is "oauth2"
-token_url: http://localhost:11111/realms/veraison/protocol/openid-connect/token # used only if auth is "oauth2"
-
diff --git a/cocli/data/corim/corim-full.cbor b/cocli/data/corim/corim-full.cbor
deleted file mode 100644
index 1f895aeb..00000000
Binary files a/cocli/data/corim/corim-full.cbor and /dev/null differ
diff --git a/cocli/data/corim/signed-corim-bad-signature.cbor b/cocli/data/corim/signed-corim-bad-signature.cbor
deleted file mode 100644
index 8116a8c3..00000000
Binary files a/cocli/data/corim/signed-corim-bad-signature.cbor and /dev/null differ
diff --git a/cocli/data/corim/signed-corim-cbor b/cocli/data/corim/signed-corim-cbor
deleted file mode 100644
index 2b65e5ab..00000000
Binary files a/cocli/data/corim/signed-corim-cbor and /dev/null differ
diff --git a/cocli/data/corim/signed-corim.cbor b/cocli/data/corim/signed-corim.cbor
deleted file mode 100644
index 58945725..00000000
Binary files a/cocli/data/corim/signed-corim.cbor and /dev/null differ
diff --git a/cocli/data/corim/templates/corim-cca-realm.json b/cocli/data/corim/templates/corim-cca-realm.json
deleted file mode 100644
index f6b07666..00000000
--- a/cocli/data/corim/templates/corim-cca-realm.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc",
- "profile": "http://arm.com/cca/realm/1",
- "validity": {
- "not-before": "2021-12-31T00:00:00Z",
- "not-after": "2025-12-31T00:00:00Z"
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "acme.example",
- "roles": [
- "manifestCreator"
- ]
- }
- ]
-}
diff --git a/cocli/data/corim/templates/corim-cca.json b/cocli/data/corim/templates/corim-cca.json
deleted file mode 100644
index 59e536d5..00000000
--- a/cocli/data/corim/templates/corim-cca.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc",
- "profile": "http://arm.com/cca/ssd/1",
- "validity": {
- "not-before": "2021-12-31T00:00:00Z",
- "not-after": "2025-12-31T00:00:00Z"
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "acme.example",
- "roles": [
- "manifestCreator"
- ]
- }
- ]
-}
diff --git a/cocli/data/corim/templates/corim-full.json b/cocli/data/corim/templates/corim-full.json
deleted file mode 100644
index db4d772a..00000000
--- a/cocli/data/corim/templates/corim-full.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc",
- "dependent-rims": [
- {
- "href": "https://parent.example/rims/ccb3aa85-61b4-40f1-848e-02ad6e8a254b",
- "thumbprint": "sha-256:5Fty9cDAtXLbTY06t+l/No/3TmI0eoJN7LZ6hOUiTXU="
- }
- ],
- "profile": "http://arm.com/psa/iot/1",
- "validity": {
- "not-before": "2021-12-31T00:00:00Z",
- "not-after": "2025-12-31T00:00:00Z"
- },
- "entities": [
- {
- "name": "ACME Ltd.",
- "regid": "acme.example",
- "roles": [
- "manifestCreator"
- ]
- }
- ]
-}
diff --git a/cocli/data/corim/templates/corim-mini.json b/cocli/data/corim/templates/corim-mini.json
deleted file mode 100644
index bc7e70ba..00000000
--- a/cocli/data/corim/templates/corim-mini.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
- "corim-id": "5c57e8f4-46cd-421b-91c9-08cf93e13cfc"
-}
diff --git a/cocli/data/corim/templates/meta-full.json b/cocli/data/corim/templates/meta-full.json
deleted file mode 100644
index 5c465494..00000000
--- a/cocli/data/corim/templates/meta-full.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "signer": {
- "name": "ACME Ltd signing key",
- "uri": "https://acme.example"
- },
- "validity": {
- "not-before": "2021-12-31T00:00:00Z",
- "not-after": "2025-12-31T00:00:00Z"
- }
-}
diff --git a/cocli/data/corim/templates/meta-mini.json b/cocli/data/corim/templates/meta-mini.json
deleted file mode 100644
index fb978cc8..00000000
--- a/cocli/data/corim/templates/meta-mini.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "signer": {
- "name": "ACME Ltd signing key"
- }
-}
diff --git a/cocli/data/corim/unsigned-corim.cbor b/cocli/data/corim/unsigned-corim.cbor
deleted file mode 100644
index bcbe320d..00000000
Binary files a/cocli/data/corim/unsigned-corim.cbor and /dev/null differ
diff --git a/cocli/data/coswid/1.cbor b/cocli/data/coswid/1.cbor
deleted file mode 100644
index bc78ffcc..00000000
Binary files a/cocli/data/coswid/1.cbor and /dev/null differ
diff --git a/cocli/data/cots/Zesty Hands_ta.ta b/cocli/data/cots/Zesty Hands_ta.ta
deleted file mode 100644
index 05705fe1..00000000
Binary files a/cocli/data/cots/Zesty Hands_ta.ta and /dev/null differ
diff --git a/cocli/data/cots/cts-map.cbor b/cocli/data/cots/cts-map.cbor
deleted file mode 100644
index 07fdd724..00000000
Binary files a/cocli/data/cots/cts-map.cbor and /dev/null differ
diff --git a/cocli/data/cots/namedtastore.cbor b/cocli/data/cots/namedtastore.cbor
deleted file mode 100644
index 2bbbcc17..00000000
Binary files a/cocli/data/cots/namedtastore.cbor and /dev/null differ
diff --git a/cocli/data/cots/rubbish.cbor b/cocli/data/cots/rubbish.cbor
deleted file mode 100644
index 336db72d..00000000
Binary files a/cocli/data/cots/rubbish.cbor and /dev/null differ
diff --git a/cocli/data/cots/templates/claims/exclclaim.json b/cocli/data/cots/templates/claims/exclclaim.json
deleted file mode 100644
index 409e138c..00000000
--- a/cocli/data/cots/templates/claims/exclclaim.json
+++ /dev/null
@@ -1 +0,0 @@
-{"swname":"More Bitter Paper"}
\ No newline at end of file
diff --git a/cocli/data/cots/templates/claims/permclaim.json b/cocli/data/cots/templates/claims/permclaim.json
deleted file mode 100644
index e5f304cd..00000000
--- a/cocli/data/cots/templates/claims/permclaim.json
+++ /dev/null
@@ -1 +0,0 @@
-{"swname":"Bitter Paper"}
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/comid.json b/cocli/data/cots/templates/env/comid.json
deleted file mode 100644
index d692c138..00000000
--- a/cocli/data/cots/templates/env/comid.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"environment":{"class":{"id":{"type":"oid","value":"1.2.3.4.5"}}}}]
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/coswid.json b/cocli/data/cots/templates/env/coswid.json
deleted file mode 100644
index a051b8e7..00000000
--- a/cocli/data/cots/templates/env/coswid.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"swidtag":{"entity":[{"entity-name":"Zesty Hands, Inc.","role":"softwareCreator"}]}}]
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/namedtastore.json b/cocli/data/cots/templates/env/namedtastore.json
deleted file mode 100644
index 24e88271..00000000
--- a/cocli/data/cots/templates/env/namedtastore.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"namedtastore":"Miscellaneous TA Store"}]
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/vendor.json b/cocli/data/cots/templates/env/vendor.json
deleted file mode 100644
index 571df036..00000000
--- a/cocli/data/cots/templates/env/vendor.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"environment":{"class":{"vendor":"Zesty Hands, Inc."}}}]
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/vendor2.json b/cocli/data/cots/templates/env/vendor2.json
deleted file mode 100644
index ae4f2027..00000000
--- a/cocli/data/cots/templates/env/vendor2.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"environment":{"class":{"vendor":"Worthless Sea, Inc."}}}]
\ No newline at end of file
diff --git a/cocli/data/cots/templates/env/vendors.json b/cocli/data/cots/templates/env/vendors.json
deleted file mode 100644
index f8160924..00000000
--- a/cocli/data/cots/templates/env/vendors.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"environment":{"class":{"vendor":"Zesty Hands, Inc."}}},{"environment":{"class":{"vendor":"Snobbish Apparel, Inc."}}}]
\ No newline at end of file
diff --git a/cocli/data/cots/vendor.cbor b/cocli/data/cots/vendor.cbor
deleted file mode 100644
index 8996a35a..00000000
Binary files a/cocli/data/cots/vendor.cbor and /dev/null differ
diff --git a/cocli/data/cots/worthlesssea.spki b/cocli/data/cots/worthlesssea.spki
deleted file mode 100644
index 0026a0eb..00000000
Binary files a/cocli/data/cots/worthlesssea.spki and /dev/null differ
diff --git a/cocli/data/keys/ec-p256.jwk b/cocli/data/keys/ec-p256.jwk
deleted file mode 100644
index e3c07719..00000000
--- a/cocli/data/keys/ec-p256.jwk
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "kty": "EC",
- "crv": "P-256",
- "x": "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
- "y": "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
- "d": "870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE",
- "use": "enc",
- "kid": "1"
-}
diff --git a/cocli/data/pics/cocli-map.graffle b/cocli/data/pics/cocli-map.graffle
deleted file mode 100644
index fc669abf..00000000
Binary files a/cocli/data/pics/cocli-map.graffle and /dev/null differ
diff --git a/cocli/data/pics/cocli-map.png b/cocli/data/pics/cocli-map.png
deleted file mode 100644
index bca1faa9..00000000
Binary files a/cocli/data/pics/cocli-map.png and /dev/null differ
diff --git a/cocli/main.go b/cocli/main.go
deleted file mode 100644
index b319cc3d..00000000
--- a/cocli/main.go
+++ /dev/null
@@ -1,12 +0,0 @@
-// Copyright 2021-2024 Contributors to the Veraison project.
-// SPDX-License-Identifier: Apache-2.0
-
-package main
-
-import (
- "github.com/veraison/corim/cocli/cmd"
-)
-
-func main() {
- cmd.Execute()
-}
diff --git a/cocli/data/cots/Snobbish Apparel_ta.ta b/cots/data/Snobbish Apparel_ta.ta
similarity index 100%
rename from cocli/data/cots/Snobbish Apparel_ta.ta
rename to cots/data/Snobbish Apparel_ta.ta
diff --git a/cocli/data/cots/shared_ta.ta b/cots/data/shared_ta.ta
similarity index 100%
rename from cocli/data/cots/shared_ta.ta
rename to cots/data/shared_ta.ta
diff --git a/cots/example_test.go b/cots/example_test.go
index 589f79c4..48add10e 100644
--- a/cots/example_test.go
+++ b/cots/example_test.go
@@ -173,8 +173,8 @@ func Example_decode_CBOR() {
}
func Example_list_of_cots_roundtrip() {
- snobTa, _ := os.ReadFile("../cocli/data/cots/Snobbish Apparel_ta.ta")
- sharedTa, _ := os.ReadFile("../cocli/data/cots/shared_ta.ta")
+ snobTa, _ := os.ReadFile("./data/Snobbish Apparel_ta.ta")
+ sharedTa, _ := os.ReadFile("./data/shared_ta.ta")
// cts1
egSnob := NewEnvironmentGroup()
diff --git a/scripts/licenses.sh b/scripts/licenses.sh
index accdad92..68fff931 100755
--- a/scripts/licenses.sh
+++ b/scripts/licenses.sh
@@ -8,7 +8,6 @@ type go-licenses &> /dev/null || go get github.com/google/go-licenses
MODULES+=("github.com/veraison/corim/corim")
MODULES+=("github.com/veraison/corim/comid")
-MODULES+=("github.com/veraison/corim/cocli")
for module in ${MODULES[@]}
do