Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CDDL inconsistencies in attStmtType and compound format #2216

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Fix CDDL inconsistencies in attStmtType and compound format #2216

wants to merge 4 commits into from

Conversation

emlun
Copy link
Member

@emlun emlun commented Nov 27, 2024
edited by pr-preview bot
Loading

Closes #2210. Also fixes a couple of other issues I noticed while working on this:

  • §6.5.2. Attestation Statement Formats refers to a CDDL extension point $attStmtFormat that (no longer?) exists, it should be $$attStmtType.
  • The .within { fmt: text .ne "compound" } control on nonCompoundAttStmt inadvertently makes nonCompoundAttStmt unable to match anything, because maps are matched exhaustively (see CDDL, so the right-hand-side of .within forbids additional fields beyond fmt.

Preview | Diff

@emlun
Fix reference to $$attStmtType in definition of attestation statement…
804cece 
… formats
@emlun
Formalize attStmtTemplate as more correct CDDL
e6a998e 
I don't think the expression `attStmtTemplate .within $$attStmtType`
successfully encodes the intent "Every attestation statement format must have
the above fields", for two reasons: it does not define a CDDL rule since it
contains no = sign, and even if it did, the `.within` control operator would apply
only to the new type defined by that rule, but not to the `attObj` type.

CDDL generally makes a distinction between types and groups, and only mentions
control operators applying to types, so I don't think we can apply `.within` to
`$$attStmtType` directly. This is why we need to duplicate the `authData` field
in `attStmtTemplate`.
@emlun
Allow attStmt to be of array type
9b16167 
This is required by the new "compound" attestation statement format.
@emlun
Fix .within operator in nonCompountAttStmt
8b29bec 
[CDDL][1] defines that:

>A map matches a specification given as a group when the group matches
>a sequence of name/value pairs such that all of these name/value
>pairs are present in the map and the map has no name/value pair that
>is not covered by the group.

Therefore the control `.within { fmt: text .ne "compound" }` forbids any maps
that contain additional fields besides `fmt`, which is clearly not what was
intended.

[1]: https://datatracker.ietf.org/doc/html/rfc8610#section-2.1
@emlun emlun added this to the L3 Candidate Recommendation milestone Nov 27, 2024
@emlun emlun self-assigned this Nov 27, 2024
@emlun emlun changed the title Issue 2210 compound att stmt template Fix CDDL inconsistencies in attStmtType and compound format Nov 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MasterKale MasterKale Awaiting requested review from MasterKale

@timcappalli timcappalli Awaiting requested review from timcappalli

@selfissued selfissued Awaiting requested review from selfissued

@akshayku akshayku Awaiting requested review from akshayku

At least 1 approving review is required to merge this pull request.

Assignees

@emlun emlun

Labels
type:editorial
Projects
None yet
Milestone
L3 Candidate Recommendation
Development

Successfully merging this pull request may close these issues.

Compound attestation statement format is incompatible with attStmtTemplate
1 participant
@emlun