diff --git a/examples/ce-member2.diag b/examples/ce-member2.diag new file mode 100644 index 0000000..12b99d3 --- /dev/null +++ b/examples/ce-member2.diag @@ -0,0 +1,154 @@ +/ Example to create membership containers using Evidence triples / +/ concise-evidence / { + / ce.ev-triples / 0 : { + / ce.domain-membership-triples / 3 : [ + [ + / Platform container as environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F64'), / 2.1.123.1.15.100 / + / comid.vendor / 1 : "XYZ.example", + / comid.model / 2 : "My_Platform_Container" + } + }, + [ + / Root of Trust module - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F6201'), / 2.1.123.1.15.98.1 / + / comid.vendor / 1 : "XYZ.example" + } + }, + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + } + ] + ], + [ + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / environment-map / { + / ** Layer 1 loader module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0801'), / 2.1.123.1.15.8.1 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / environment-map / { + / ** Layer 1 loader module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0802'), / 2.1.123.1.15.8.2 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / environment-map / { + / ** L1 Extension module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0903'), / 2.1.123.1.15.9.3 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + } + ] + ], + [ + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / environment-map / { + / ** Layer 2 design module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0401'), / 2.1.123.1.15.4.1 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / environment-map / { + / ** Layer 2 design module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0402'), / 2.1.123.1.15.4.2 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / environment-map / { + / ** Layer 2 design module 3 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0403'), / 2.1.123.1.15.4.3 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + } + ] + ], + [ + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / environment-map / { + / ** ISV App module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046301'), / 2.1.123.1.15.4.99.1 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + / environment-map / { + / ** ISV App module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046302'), / 2.1.123.1.15.4.99.2 / + / comid.vendor / 1 : "ISV-App.example" + } + } + ] + ] + ] + } +} \ No newline at end of file diff --git a/examples/comid-ce-mem2.diag b/examples/comid-ce-mem2.diag new file mode 100644 index 0000000..1cdd347 --- /dev/null +++ b/examples/comid-ce-mem2.diag @@ -0,0 +1,324 @@ +/ Example to create membership containers using Conditional Endorsement triples / +/ concise-mid-tag / { + / comid.tag-identity / 1 : { + / comid.tag-id / 0 : h'1EACD596F4A34FB699BFAEB58E0A4E47' + }, + / comid.entities / 2 : [ { + / comid.entity-name / 0 : "FPGA Designs-R-Us", + / comid.reg-id / 1 : 32("https://fpgadesignsrus.example"), + / comid.role / 2 : [ 0 ] / tag-creator / + } ], + / comid.linked-tags / 3 : [ + / linked-tag-map / { + / comid.linked-tag-id / 0 : h'97F5A7071C6F438F877A4A020780EBE9', + / comid.tag-rel / 1 : / comid.supplements / 0 + } + ], + / comid.triples / 4 : { + / comid.conditional-endorsed-triples / 10 : [ + / Create Layer 1 Container if layer 1 members are secure / [ + / conditions array / [ + / stateful-environment-map 1 / [ + / environment-map / { + / ** Layer 1 loader module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0801'), / 2.1.123.1.15.8.1 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(1) + } + } + ] + ], + / stateful-environment-map 2 / [ + / environment-map / { + / ** Layer 1 loader module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0802'), / 2.1.123.1.15.8.2 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(2) + } + } + ] + ], + / stateful-environment-map 3 / [ + / environment-map / { + / ** L1 Extension module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0903'), / 2.1.123.1.15.9.3 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(3) + } + } + ] + ] + ], / Instantiate the Layer 1 container / + / endorsements array / [ + / endorsed-triple-record / [ + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / measuremnts / [ + / measurement-map / { + / mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ] + ] + ], + / Create Layer 2 Container if layer 2 members are secure / [ + / conditions array / [ + / stateful-environment-map 1 / [ + / environment-map / { + / ** Layer 2 design module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0401'), / 2.1.123.1.15.4.1 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(4) + } + } + ] + ], + / stateful-environment-map 2 / [ + / environment-map / { + / ** Layer 2 design module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0402'), / 2.1.123.1.15.4.2 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(5) + } + } + ] + ], + / stateful-environment-map 3 / [ + / environment-map / { + / ** Layer 2 design module 3 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0403'), / 2.1.123.1.15.4.3 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(6) + } + } + ] + ] + ], / Instantiate the Layer 2 container / + / endorsements array / [ + / endorsed-triple-record / [ + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ / measuremnts / + / measurement-map / { + / mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ] + ] + ], + / Create the Layer 3 Container if layer 3 members are secure / [ + / conditions array / [ + / stateful-environment-map 1 / [ + / environment-map / { + / ** ISV App module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046301'), / 2.1.123.1.15.4.99.1 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(7) + } + } + ] + ], + / stateful-environment-map 2 / [ + / environment-map / { + / ** ISV App module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046301'), / 2.1.123.1.15.4.99.1 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / comid.svn / 1 : 552(8) + } + } + ] + ] + ], / Instantiate the Layer 3 container / + / endorsements array / [ + / endorsed-triple-record / [ + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / measurement-map / { + / mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ] + ] + ], + / Create Platform Container if intermediate containers are secure / [ + / conditions array / [ + / stateful-environment-map 1 / [ + / Root of Trust module - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F6201'), / 2.1.123.1.15.98.1 / + / comid.vendor / 1 : "XYZ.example" + } + }, + / measurement-map array / [ + / measurement-map / { + / comid.mval / 1 : { + / raw-value-group / + / comid.raw-value / 4 : 560(h'0000000000000000'), + / comid.raw-value-mask / 5 : h'FFFFFFFF00000000' + } + } + ] + ], + / stateful-environment-map 2 / [ + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ], + / stateful-environment-map 3 / [ + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ], + / stateful-environment-map 4 / [ + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / measurement-map / { + / comid.mval / 1 : { + / name / 11 : "No_known_CVEs" + } + } + ] + ] + ], / Instantiate the Platform container / + / endorsements array / [ + / endorsed-triple-record / [ + / environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F64'), / 2.1.123.1.15.100 / + / comid.vendor / 1 : "XYZ.example", + / comid.model / 2 : "My_Platform_Container" + } + }, + [ / measuremnts / + / measurement-map / { + / mval / 1 : { + / flags / 3 : { + / secure / 1 : true + } + } + } + ] + ] + ] + ] + ] + } +} \ No newline at end of file diff --git a/examples/comid-member2.diag b/examples/comid-member2.diag new file mode 100644 index 0000000..bc2cef0 --- /dev/null +++ b/examples/comid-member2.diag @@ -0,0 +1,156 @@ +/ concise-mid-tag / { + / comid.tag-identity / 1 : { + / comid.tag-id / 0 : h'1EACD596F4A34FB699BFAEB58E0A4E48' + }, + / comid.triples / 4 : { + / comid.membership-triples / 4 : [ + [ + / Platform container as environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F64'), / 2.1.123.1.15.100 / + / comid.vendor / 1 : "XYZ.example", + / comid.model / 2 : "My_Platform_Container" + } + }, + [ + / Root of Trust module - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F6201'), / 2.1.123.1.15.98.1 / + / comid.vendor / 1 : "XYZ.example" + } + }, + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + } + ] + ], + [ + / Layer 1 container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F08'), / 2.1.123.1.15.8 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + [ + / environment-map / { + / ** Layer 1 loader module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0801'), / 2.1.123.1.15.8.1 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / environment-map / { + / ** Layer 1 loader module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0802'), / 2.1.123.1.15.8.2 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + }, + / environment-map / { + / ** L1 Extension module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0903'), / 2.1.123.1.15.9.3 / + / comid.vendor / 1 : "LoadInc.example", + / comid.layer / 3 : 1 + } + } + ] + ], + [ + / Layer 2 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F04'), / 2.1.123.1.15.4 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + [ + / environment-map / { + / ** Layer 2 design module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0401'), / 2.1.123.1.15.4.1 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / environment-map / { + / ** Layer 2 design module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0402'), / 2.1.123.1.15.4.2 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + }, + / environment-map / { + / ** Layer 2 design module 3 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0403'), / 2.1.123.1.15.4.3 / + / comid.vendor / 1 : "FPGAsRuS.example", + / comid.layer / 3 : 2 + } + } + ] + ], + [ + / Layer 3 Container - environment-map / { + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F0463'), / 2.1.123.1.15.4.99 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + [ + / environment-map / { + / ** ISV App module 1 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046301'), / 2.1.123.1.15.4.99.1 / + / comid.vendor / 1 : "ISV-App.example" + } + }, + / environment-map / { + / ** ISV App module 2 ** / + / comid.class / 0 : { + / comid.class-id / 0 : + / tagged-oid-type / 111(h'0607517B010F046302'), / 2.1.123.1.15.4.99.2 / + / comid.vendor / 1 : "ISV-App.example" + } + } + ] + ] + ] + } +} \ No newline at end of file