cddl 0.8.18 → 0.8.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/cddl.gemspec +1 -1
- data/lib/cddl.rb +54 -22
- data/test-data/abnf3.cddl +32 -0
- data/test-data/bat.cddl +16 -0
- data/test-data/homenet-de.cddl +12 -0
- data/test-data/homenet-fe.cddl +12 -0
- data/test-data/lint1.cddl +9 -0
- data/test-data/non-empty.cddl +5 -0
- data/test-data/oid.cddl +8 -0
- data/test-data/oidbat.cddl +8 -0
- data/test-data/plus.cddl +3 -0
- data/test-data/sasl.cddl +24 -0
- data/test-data/sipos.cddl +8 -0
- data/test-data/star-edited.cddl +98 -0
- data/test-data/star.cddl +95 -0
- data/test-data/time.cddl +11 -0
- data/test-data/yaron1.cddl +95 -0
- metadata +17 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 900cef2acf86b7e14cd7c6b534b590862452c75b79c8244126dab0a2a91dc809
|
4
|
+
data.tar.gz: 6107b03e4c7ac8f7cdedde604a1ae84198d0709b3147674775998d17d3ead00e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4daecf273c14c8f3be89fbbe0a02522c7d53509adc25aeca23b2466387b10506503e8d8b7d23647d9eecaacc4fac154a8ca859bc54294599fc775e581bfa7eb2
|
7
|
+
data.tar.gz: 8d7cf1307dcad944255ef2c83bfda804c88b250145b3ae949954fb865412bf61edd3e0e24e76729a554e92da93a86406c1b6a7e275c99b81bdd06743dca823a9
|
data/cddl.gemspec
CHANGED
data/lib/cddl.rb
CHANGED
@@ -56,6 +56,8 @@ module CDDL
|
|
56
56
|
@ast = @abnf.ast?
|
57
57
|
# our little argument stack for rule processing
|
58
58
|
@insides = []
|
59
|
+
# collect error information
|
60
|
+
@last_message = ""
|
59
61
|
end
|
60
62
|
|
61
63
|
def apr # for debugging
|
@@ -244,6 +246,12 @@ module CDDL
|
|
244
246
|
[rule[0], *rule[1]]
|
245
247
|
end
|
246
248
|
|
249
|
+
def remove_indentation(s)
|
250
|
+
l = s.lines
|
251
|
+
indent = l.grep(/\S/).map {|l| l[/^\s*/].size}.min
|
252
|
+
l.map {|l| l.sub(/^ {0,#{indent}}/, "")}.join
|
253
|
+
end
|
254
|
+
|
247
255
|
# Memoize a bit here
|
248
256
|
|
249
257
|
REGEXP_FOR_STRING = Hash.new {|h, k|
|
@@ -255,6 +263,11 @@ module CDDL
|
|
255
263
|
h[k] = ABNF.from_abnf(grammar)
|
256
264
|
}
|
257
265
|
|
266
|
+
ABNF_ENCODING_FOR_CONOP = {
|
267
|
+
abnf: Encoding::UTF_8,
|
268
|
+
abnfb: Encoding::BINARY
|
269
|
+
}
|
270
|
+
|
258
271
|
def generate
|
259
272
|
@recursion = 0
|
260
273
|
generate1(rules)
|
@@ -399,7 +412,7 @@ module CDDL
|
|
399
412
|
when :anno
|
400
413
|
target = where[2]
|
401
414
|
control = where[3]
|
402
|
-
case where[1]
|
415
|
+
case conop = where[1]
|
403
416
|
when :size
|
404
417
|
should_be_int = generate1(control)
|
405
418
|
unless (Array === target && target[0] == :prim && [0, 2, 3].include?(target[1])) && Integer === should_be_int && should_be_int >= 0
|
@@ -447,9 +460,10 @@ module CDDL
|
|
447
460
|
generate1(target, inmap)
|
448
461
|
when :feature
|
449
462
|
generate1(target, inmap)
|
450
|
-
when :cat
|
463
|
+
when :cat, :det
|
451
464
|
lhs = generate1(target, inmap)
|
452
465
|
rhs = generate1(control)
|
466
|
+
rhs = remove_indentation(rhs) if conop == :det
|
453
467
|
begin
|
454
468
|
lhs + rhs
|
455
469
|
rescue Exception => e
|
@@ -483,7 +497,7 @@ module CDDL
|
|
483
497
|
content = Integer(content)
|
484
498
|
case target[1]
|
485
499
|
when 0
|
486
|
-
case
|
500
|
+
case conop
|
487
501
|
when :lt
|
488
502
|
rand(0...content)
|
489
503
|
when :le
|
@@ -510,18 +524,25 @@ module CDDL
|
|
510
524
|
fail "Don't know yet how to generate #{where}"
|
511
525
|
end
|
512
526
|
REGEXP_FOR_STRING[regexp].random_example(max_repeater_variance: 5)
|
513
|
-
when :abnf
|
527
|
+
when :abnf, :abnfb
|
514
528
|
grammar = generate1(control)
|
515
|
-
|
529
|
+
bytes = true if target == [:prim, 2]
|
530
|
+
bytes = false if target == [:prim, 3]
|
531
|
+
unless !bytes.nil? && String === grammar
|
516
532
|
fail "Don't know yet how to generate #{where}"
|
517
533
|
end
|
518
|
-
ABNF_PARSER_FOR_STRING[grammar].generate
|
534
|
+
out = ABNF_PARSER_FOR_STRING[grammar].generate
|
535
|
+
if conop == :abnfb
|
536
|
+
out = out.codepoints.pack("C*")
|
537
|
+
end
|
538
|
+
enc = bytes ? Encoding::BINARY : Encoding::UTF_8
|
539
|
+
out.force_encoding(enc)
|
519
540
|
when :cbor, :cborseq
|
520
541
|
unless target == [:prim, 2]
|
521
542
|
fail "Don't know yet how to generate #{where}"
|
522
543
|
end
|
523
544
|
content = CBOR::encode(generate1(control))
|
524
|
-
if
|
545
|
+
if conop == :cborseq
|
525
546
|
# remove the first head
|
526
547
|
n = case content.getbyte(0) - (4 << 5)
|
527
548
|
when 0..23; 1
|
@@ -539,7 +560,7 @@ module CDDL
|
|
539
560
|
content = generate1(target)
|
540
561
|
if validate1(content, control)
|
541
562
|
return content
|
542
|
-
elsif
|
563
|
+
elsif conop == :within
|
543
564
|
warn "*** #{content.inspect} meets #{target.inspect} but not #{control.inspect}"
|
544
565
|
end
|
545
566
|
end
|
@@ -580,7 +601,7 @@ module CDDL
|
|
580
601
|
elsif t[0] == :anno
|
581
602
|
_, conop, target, control = t
|
582
603
|
# warn ["EXV0", conop, target, control].inspect
|
583
|
-
if conop == :cat || conop == :plus
|
604
|
+
if conop == :cat || conop == :plus || conop == :det
|
584
605
|
ok1, v1, vt1 = extract_value(target)
|
585
606
|
ok2, v2, vt2 = extract_value(control)
|
586
607
|
# warn ["EXV", ok1, v1, vt1, ok2, v2, vt2].inspect
|
@@ -590,6 +611,7 @@ module CDDL
|
|
590
611
|
elsif vt1 == Float
|
591
612
|
[true, v1 + v2, vt1] if vt2 == Integer || vt2 == Float
|
592
613
|
else
|
614
|
+
v2 = remove_indentation(v2) if conop == :det
|
593
615
|
[true, v1 + v2, vt1] if vt1 == vt2
|
594
616
|
end
|
595
617
|
end rescue nil
|
@@ -634,7 +656,7 @@ module CDDL
|
|
634
656
|
|
635
657
|
def validate_result(check)
|
636
658
|
check || (
|
637
|
-
@last_message
|
659
|
+
@last_message << yield
|
638
660
|
false
|
639
661
|
)
|
640
662
|
end
|
@@ -667,7 +689,9 @@ module CDDL
|
|
667
689
|
ann.concat(ann2)
|
668
690
|
end
|
669
691
|
if occ < s
|
670
|
-
|
692
|
+
# warn "*** lme #{@last_message.encoding} #{@last_message}"
|
693
|
+
# warn "*** #{"\noccur #{occ} < #{s}, not reached at #{i} in array #{d} for #{where}".encoding}"
|
694
|
+
@last_message << "\noccur #{occ} < #{s}, not reached at #{i} in array #{d} for #{where}"
|
671
695
|
return [false, ann]
|
672
696
|
end
|
673
697
|
end
|
@@ -756,13 +780,17 @@ module CDDL
|
|
756
780
|
puts "COMPLEX: #{k.inspect} #{simple.inspect} #{simpleval.inspect}" if ENV["CDDL_TRACE"]
|
757
781
|
keys = d_check.keys
|
758
782
|
ta, keys = keys.partition{ |key| validate1(key, k)}
|
759
|
-
|
760
|
-
|
761
|
-
|
762
|
-
|
763
|
-
|
764
|
-
|
765
|
-
|
783
|
+
count = 0
|
784
|
+
catch :enough do
|
785
|
+
ta.all? { |val|
|
786
|
+
if (ann2 = validate1a(d[val], v)) && # XXX check cut or not!
|
787
|
+
d_check.delete(val) {:not_found} != :not_found
|
788
|
+
anno.concat(ann2)
|
789
|
+
throw :enough, true if (count += 1) == e
|
790
|
+
true
|
791
|
+
end
|
792
|
+
}
|
793
|
+
end and count >= s # XXX save error indication
|
766
794
|
end
|
767
795
|
end
|
768
796
|
else
|
@@ -832,6 +860,7 @@ module CDDL
|
|
832
860
|
# warn ["ANNO0", ok1, v1, vt1, ok2, v2, vt2, d].inspect
|
833
861
|
if ok1 && ok2
|
834
862
|
v2 = Integer(v2) if vt1 == Integer
|
863
|
+
v2 = remove_indentation(v2) if conop == :det
|
835
864
|
# warn ["ANNO", ok1, v1, vt1, ok2, v2, vt2, d].inspect
|
836
865
|
[] if d == v1 + v2 # XXX Focus ArgumentError
|
837
866
|
end
|
@@ -908,17 +937,19 @@ module CDDL
|
|
908
937
|
end
|
909
938
|
end
|
910
939
|
)
|
911
|
-
when :abnf
|
940
|
+
when :abnf, :abnfb
|
912
941
|
ann if (
|
913
942
|
if String === d
|
914
943
|
ok, v, vt = extract_value(control)
|
915
944
|
if ok && vt == String
|
916
945
|
begin
|
917
|
-
ABNF_PARSER_FOR_STRING[v].validate(
|
946
|
+
ABNF_PARSER_FOR_STRING[v].validate(
|
947
|
+
d.dup.force_encoding(ABNF_ENCODING_FOR_CONOP[conop]).codepoints.pack("U*")
|
948
|
+
)
|
918
949
|
true
|
919
950
|
rescue => e
|
920
951
|
# warn "*** #{e}" # XXX
|
921
|
-
@last_message = e
|
952
|
+
@last_message = e.to_s.force_encoding(Encoding::UTF_8)
|
922
953
|
nil
|
923
954
|
end
|
924
955
|
end
|
@@ -1278,7 +1309,8 @@ module CDDL
|
|
1278
1309
|
BRACE = {"{" => :map, "[" => :array}
|
1279
1310
|
RANGE_EXCLUDE_END = {".." => false, "..." => true}
|
1280
1311
|
SUPPORTED_ANNOTATIONS = [:bits, :size, :regexp, :cbor, :cborseq, :within, :and,
|
1281
|
-
:default, :lt, :le, :gt, :ge, :eq, :ne,
|
1312
|
+
:default, :lt, :le, :gt, :ge, :eq, :ne,
|
1313
|
+
:feature, :abnf, :abnfb, :det, :cat, :plus]
|
1282
1314
|
|
1283
1315
|
def type1(n, canbegroup = false)
|
1284
1316
|
# puts "NVALUE #{n.value.inspect}"
|
@@ -0,0 +1,32 @@
|
|
1
|
+
start = [tt, tb, bt, bb]
|
2
|
+
|
3
|
+
|
4
|
+
tt = text .abnf '4DIGIT 1FOO
|
5
|
+
DIGIT = %x30-39 ; 0-9
|
6
|
+
FOO = %xc0-cf
|
7
|
+
'
|
8
|
+
tb = text .abnfb '4DIGIT 1FOO
|
9
|
+
DIGIT = %x30-39 ; 0-9
|
10
|
+
FOO = %xc0-cf
|
11
|
+
'
|
12
|
+
bt = bytes .abnf '4DIGIT 1FOO
|
13
|
+
DIGIT = %x30-39 ; 0-9
|
14
|
+
FOO = %xc0-cf
|
15
|
+
'
|
16
|
+
bb = bytes .abnfb '4DIGIT 1FOO
|
17
|
+
DIGIT = %x30-39 ; 0-9
|
18
|
+
FOO = %xc0-cf
|
19
|
+
'
|
20
|
+
|
21
|
+
; ["7408\xC6", "7073\xC3", h'30383131CD', h'32363738CD']
|
22
|
+
; ["5892\u00ca", "2145\u00c6", h'33333338C38B', h'31343033C388']
|
23
|
+
|
24
|
+
|
25
|
+
; ** ENCOED UTF-8
|
26
|
+
; ** ENCOED UTF-8
|
27
|
+
; ** ENCOED UTF-8
|
28
|
+
; ** ENCOED UTF-8
|
29
|
+
; ["5845\u00c6", "9329\u00cb", h'38393538C389', h'33343230C386']
|
30
|
+
|
31
|
+
|
32
|
+
; ["1066\u00cc", "9253\xC9", h'38333533C38A', h'32373337C4']
|
data/test-data/bat.cddl
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
hna-configuration = {
|
2
|
+
"registred_domain" : tstr,
|
3
|
+
"dm" : tstr,
|
4
|
+
? "dm_transport" : "53" // "DoT" // "DoH" // "DoQ"
|
5
|
+
? "dm_port" : uint,
|
6
|
+
? "dm_acl" : hna-acl // [ +hna-acl ]
|
7
|
+
? "hna_auth_method": hna-auth-method
|
8
|
+
? "hna_certificate": tstr
|
9
|
+
}
|
10
|
+
|
11
|
+
hna-acl = tstr
|
12
|
+
hna-auth-method /= "certificate"
|
@@ -0,0 +1,12 @@
|
|
1
|
+
hna-configuration = {
|
2
|
+
"registered_domain" : tstr,
|
3
|
+
"dm" : tstr,
|
4
|
+
? "dm_transport" : "53" / "DoT" / "DoH" / "DoQ"
|
5
|
+
? "dm_port" : uint,
|
6
|
+
? "dm_acl" : hna-acl / [ +hna-acl ]
|
7
|
+
? "hna_auth_method": hna-auth-method
|
8
|
+
? "hna_certificate": tstr
|
9
|
+
}
|
10
|
+
|
11
|
+
hna-acl = tstr
|
12
|
+
hna-auth-method /= "certificate"
|
data/test-data/oid.cddl
ADDED
data/test-data/plus.cddl
ADDED
data/test-data/sasl.cddl
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
message = text .abnfb ("message" .cat rfc4505)
|
2
|
+
|
3
|
+
rfc4505 = '
|
4
|
+
message = [ email / token ]
|
5
|
+
;; to be prepared in accordance with Section 3
|
6
|
+
|
7
|
+
UTF1 = %x00-3F / %x41-7F ;; less "@" (U+0040)
|
8
|
+
UTF2 = %xC2-DF UTF0
|
9
|
+
UTF3 = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
|
10
|
+
%xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
|
11
|
+
UTF4 = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
|
12
|
+
%xF4 %x80-8F 2(UTF0)
|
13
|
+
UTF0 = %x80-BF
|
14
|
+
|
15
|
+
TCHAR = UTF1 / UTF2 / UTF3 / UTF4
|
16
|
+
;; any UTF-8 encoded Unicode character
|
17
|
+
;; except "@" (U+0040)
|
18
|
+
|
19
|
+
email = "too@much.work"; for this example
|
20
|
+
;email = addr-spec
|
21
|
+
;; as defined in [IMAIL]
|
22
|
+
|
23
|
+
token = 1*255TCHAR
|
24
|
+
'
|
@@ -0,0 +1,98 @@
|
|
1
|
+
csr-template-schema = {
|
2
|
+
keyTypes: [ 1* $keyType ]
|
3
|
+
? subject: distinguishedName
|
4
|
+
extensions: extensions
|
5
|
+
}
|
6
|
+
|
7
|
+
mandatory-wildcard = "**"
|
8
|
+
optional-wildcard = "*"
|
9
|
+
wildcard = mandatory-wildcard / optional-wildcard
|
10
|
+
|
11
|
+
; non-empty = { + any => any }
|
12
|
+
non-empty<M> = (M) .and ({ + any => any })
|
13
|
+
|
14
|
+
; regtext matches all text strings but "*" and "**"
|
15
|
+
regtext = text .regexp "([^\*].*)|([\*][^\*].*)|([\*][\*].+)"
|
16
|
+
|
17
|
+
regtext-or-wildcard = regtext / wildcard
|
18
|
+
|
19
|
+
distinguishedName = non-empty<{
|
20
|
+
? country: regtext-or-wildcard
|
21
|
+
? stateOrProvince: regtext-or-wildcard
|
22
|
+
? locality: regtext-or-wildcard
|
23
|
+
? organization: regtext-or-wildcard
|
24
|
+
? organizationalUnit: regtext-or-wildcard
|
25
|
+
? emailAddress: regtext-or-wildcard
|
26
|
+
? commonName: regtext-or-wildcard
|
27
|
+
}>
|
28
|
+
|
29
|
+
$keyType /= rsaKeyType
|
30
|
+
$keyType /= ecdsaKeyType
|
31
|
+
|
32
|
+
rsaKeyType = {
|
33
|
+
PublicKeyType: "rsaEncryption" ; OID: 1.2.840.113549.1.1.1
|
34
|
+
PublicKeyLength: rsaKeySize
|
35
|
+
SignatureType: $rsaSignatureType
|
36
|
+
}
|
37
|
+
|
38
|
+
rsaKeySize = int .ge 2048
|
39
|
+
|
40
|
+
; RSASSA-PKCS1-v1_5 with SHA-256
|
41
|
+
$rsaSignatureType /= "sha256WithRSAEncryption"
|
42
|
+
; RSASSA-PCKS1-v1_5 with SHA-384
|
43
|
+
$rsaSignatureType /= "sha384WithRSAEncryption"
|
44
|
+
; RSASSA-PCKS1-v1_5 with SHA-512
|
45
|
+
$rsaSignatureType /= "sha512WithRSAEncryption"
|
46
|
+
; RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a 32 byte salt
|
47
|
+
$rsaSignatureType /= "sha256WithRSAandMGF1"
|
48
|
+
; RSASSA-PSS with SHA-384, MGF-1 with SHA-384, and a 48 byte salt
|
49
|
+
$rsaSignatureType /= "sha384WithRSAandMGF1"
|
50
|
+
; RSASSA-PSS with SHA-512, MGF-1 with SHA-512, and a 64 byte salt
|
51
|
+
$rsaSignatureType /= "sha512WithRSAandMGF1"
|
52
|
+
|
53
|
+
ecdsaKeyType = {
|
54
|
+
PublicKeyType: "id-ecPublicKey" ; OID: 1.2.840.10045.2.1
|
55
|
+
namedCurve: $ecdsaCurve
|
56
|
+
SignatureType: $ecdsaSignatureType
|
57
|
+
}
|
58
|
+
|
59
|
+
$ecdsaCurve /= "secp256r1" ; OID: 1.2.840.10045.3.1.7
|
60
|
+
$ecdsaCurve /= "secp384r1" ; OID: 1.3.132.0.34
|
61
|
+
$ecdsaCurve /= "secp521r1" ; OID: 1.3.132.0.3
|
62
|
+
|
63
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA256" ; paired with secp256r1
|
64
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA384" ; paired with secp384r1
|
65
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA512" ; paired with secp521r1
|
66
|
+
|
67
|
+
subjectaltname = {
|
68
|
+
? DNS: [ 1* regtext-or-wildcard ]
|
69
|
+
? Email: [ 1* regtext ]
|
70
|
+
? URI: [ 1* regtext ]
|
71
|
+
* $$subjectaltname-extension
|
72
|
+
}
|
73
|
+
|
74
|
+
extensions = {
|
75
|
+
? keyUsage: [ 1* keyUsageType ]
|
76
|
+
? extendedKeyUsage: [ 1* extendedKeyUsageType ]
|
77
|
+
subjectAltName: subjectaltname
|
78
|
+
}
|
79
|
+
|
80
|
+
keyUsageType /= "digitalSignature"
|
81
|
+
keyUsageType /= "nonRepudiation"
|
82
|
+
keyUsageType /= "keyEncipherment"
|
83
|
+
keyUsageType /= "dataEncipherment"
|
84
|
+
keyUsageType /= "keyAgreement"
|
85
|
+
keyUsageType /= "keyCertSign"
|
86
|
+
keyUsageType /= "cRLSign"
|
87
|
+
keyUsageType /= "encipherOnly"
|
88
|
+
keyUsageType /= "decipherOnly"
|
89
|
+
|
90
|
+
extendedKeyUsageType /= "serverAuth"
|
91
|
+
extendedKeyUsageType /= "clientAuth"
|
92
|
+
extendedKeyUsageType /= "codeSigning"
|
93
|
+
extendedKeyUsageType /= "emailProtection"
|
94
|
+
extendedKeyUsageType /= "timeStamping"
|
95
|
+
extendedKeyUsageType /= "OCSPSigning"
|
96
|
+
extendedKeyUsageType /= oid
|
97
|
+
|
98
|
+
oid = text .regexp "[0-9]+(\\.[0-9]+)*"
|
data/test-data/star.cddl
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
csr-template-schema = {
|
2
|
+
keyTypes: [ 1* $keyType ]
|
3
|
+
? subject: distinguishedName
|
4
|
+
extensions: extensions
|
5
|
+
}
|
6
|
+
|
7
|
+
mandatory-wildcard = "**"
|
8
|
+
optional-wildcard = "*"
|
9
|
+
wildcard = mandatory-wildcard / optional-wildcard
|
10
|
+
|
11
|
+
; regtext matches all text strings but "*" and "**"
|
12
|
+
regtext = text .regexp "([^\*].*)|([\*][^\*].*)|([\*][\*].+)"
|
13
|
+
|
14
|
+
regtext-or-wildcard = regtext / wildcard
|
15
|
+
|
16
|
+
distinguishedName = {
|
17
|
+
? country: regtext-or-wildcard
|
18
|
+
? stateOrProvince: regtext-or-wildcard
|
19
|
+
? locality: regtext-or-wildcard
|
20
|
+
? organization: regtext-or-wildcard
|
21
|
+
? organizationalUnit: regtext-or-wildcard
|
22
|
+
? emailAddress: regtext-or-wildcard
|
23
|
+
? commonName: regtext-or-wildcard
|
24
|
+
}
|
25
|
+
|
26
|
+
$keyType /= rsaKeyType
|
27
|
+
$keyType /= ecdsaKeyType
|
28
|
+
|
29
|
+
rsaKeyType = {
|
30
|
+
PublicKeyType: "rsaEncryption" ; OID: 1.2.840.113549.1.1.1
|
31
|
+
PublicKeyLength: rsaKeySize
|
32
|
+
SignatureType: $rsaSignatureType
|
33
|
+
}
|
34
|
+
|
35
|
+
rsaKeySize = int .ge 2048
|
36
|
+
|
37
|
+
; RSASSA-PKCS1-v1_5 with SHA-256
|
38
|
+
$rsaSignatureType /= "sha256WithRSAEncryption"
|
39
|
+
; RSASSA-PCKS1-v1_5 with SHA-384
|
40
|
+
$rsaSignatureType /= "sha384WithRSAEncryption"
|
41
|
+
; RSASSA-PCKS1-v1_5 with SHA-512
|
42
|
+
$rsaSignatureType /= "sha512WithRSAEncryption"
|
43
|
+
; RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a 32 byte salt
|
44
|
+
$rsaSignatureType /= "sha256WithRSAandMGF1"
|
45
|
+
; RSASSA-PSS with SHA-384, MGF-1 with SHA-384, and a 48 byte salt
|
46
|
+
$rsaSignatureType /= "sha384WithRSAandMGF1"
|
47
|
+
; RSASSA-PSS with SHA-512, MGF-1 with SHA-512, and a 64 byte salt
|
48
|
+
$rsaSignatureType /= "sha512WithRSAandMGF1"
|
49
|
+
|
50
|
+
ecdsaKeyType = {
|
51
|
+
PublicKeyType: "id-ecPublicKey" ; OID: 1.2.840.10045.2.1
|
52
|
+
namedCurve: $ecdsaCurve
|
53
|
+
SignatureType: $ecdsaSignatureType
|
54
|
+
}
|
55
|
+
|
56
|
+
$ecdsaCurve /= "secp256r1" ; OID: 1.2.840.10045.3.1.7
|
57
|
+
$ecdsaCurve /= "secp384r1" ; OID: 1.3.132.0.34
|
58
|
+
$ecdsaCurve /= "secp521r1" ; OID: 1.3.132.0.3
|
59
|
+
|
60
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA256" ; paired with secp256r1
|
61
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA384" ; paired with secp384r1
|
62
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA512" ; paired with secp521r1
|
63
|
+
|
64
|
+
subjectaltname = {
|
65
|
+
? DNS: [ 1* regtext-or-wildcard ]
|
66
|
+
? Email: [ 1* regtext ]
|
67
|
+
? URI: [ 1* regtext ]
|
68
|
+
* $$subjectaltname-extension
|
69
|
+
}
|
70
|
+
|
71
|
+
extensions = {
|
72
|
+
? keyUsage: [ 1* keyUsageType ]
|
73
|
+
? extendedKeyUsage: [ 1* extendedKeyUsageType ]
|
74
|
+
subjectAltName: subjectaltname
|
75
|
+
}
|
76
|
+
|
77
|
+
keyUsageType /= "digitalSignature"
|
78
|
+
keyUsageType /= "nonRepudiation"
|
79
|
+
keyUsageType /= "keyEncipherment"
|
80
|
+
keyUsageType /= "dataEncipherment"
|
81
|
+
keyUsageType /= "keyAgreement"
|
82
|
+
keyUsageType /= "keyCertSign"
|
83
|
+
keyUsageType /= "cRLSign"
|
84
|
+
keyUsageType /= "encipherOnly"
|
85
|
+
keyUsageType /= "decipherOnly"
|
86
|
+
|
87
|
+
extendedKeyUsageType /= "serverAuth"
|
88
|
+
extendedKeyUsageType /= "clientAuth"
|
89
|
+
extendedKeyUsageType /= "codeSigning"
|
90
|
+
extendedKeyUsageType /= "emailProtection"
|
91
|
+
extendedKeyUsageType /= "timeStamping"
|
92
|
+
extendedKeyUsageType /= "OCSPSigning"
|
93
|
+
extendedKeyUsageType /= oid
|
94
|
+
|
95
|
+
oid = text .regexp "[0-9]+(\\.[0-9]+)*"
|
data/test-data/time.cddl
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
csr-template-schema = {
|
2
|
+
keyTypes: [ 1* $keyType ]
|
3
|
+
? subject: distinguishedName
|
4
|
+
extensions: extensions
|
5
|
+
}
|
6
|
+
|
7
|
+
mandatory-wildcard = "**"
|
8
|
+
optional-wildcard = "*"
|
9
|
+
wildcard = mandatory-wildcard / optional-wildcard
|
10
|
+
|
11
|
+
; regtext matches all text strings but "*" and "**"
|
12
|
+
regtext = text .regexp "([^\*].*)|([\*][^\*].*)|([\*][\*].+)"
|
13
|
+
|
14
|
+
regtext-or-wildcard = regtext / wildcard
|
15
|
+
|
16
|
+
distinguishedName = {
|
17
|
+
? country: regtext-or-wildcard
|
18
|
+
? stateOrProvince: regtext-or-wildcard
|
19
|
+
? locality: regtext-or-wildcard
|
20
|
+
? organization: regtext-or-wildcard
|
21
|
+
? organizationalUnit: regtext-or-wildcard
|
22
|
+
? emailAddress: regtext-or-wildcard
|
23
|
+
? commonName: regtext-or-wildcard
|
24
|
+
}
|
25
|
+
|
26
|
+
$keyType /= rsaKeyType
|
27
|
+
$keyType /= ecdsaKeyType
|
28
|
+
|
29
|
+
rsaKeyType = {
|
30
|
+
PublicKeyType: "rsaEncryption" ; OID: 1.2.840.113549.1.1.1
|
31
|
+
PublicKeyLength: rsaKeySize
|
32
|
+
SignatureType: $rsaSignatureType
|
33
|
+
}
|
34
|
+
|
35
|
+
rsaKeySize = int .ge 2048
|
36
|
+
|
37
|
+
; RSASSA-PKCS1-v1_5 with SHA-256
|
38
|
+
$rsaSignatureType /= "sha256WithRSAEncryption"
|
39
|
+
; RSASSA-PCKS1-v1_5 with SHA-384
|
40
|
+
$rsaSignatureType /= "sha384WithRSAEncryption"
|
41
|
+
; RSASSA-PCKS1-v1_5 with SHA-512
|
42
|
+
$rsaSignatureType /= "sha512WithRSAEncryption"
|
43
|
+
; RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a 32 byte salt
|
44
|
+
$rsaSignatureType /= "sha256WithRSAandMGF1"
|
45
|
+
; RSASSA-PSS with SHA-384, MGF-1 with SHA-384, and a 48 byte salt
|
46
|
+
$rsaSignatureType /= "sha384WithRSAandMGF1"
|
47
|
+
; RSASSA-PSS with SHA-512, MGF-1 with SHA-512, and a 64 byte salt
|
48
|
+
$rsaSignatureType /= "sha512WithRSAandMGF1"
|
49
|
+
|
50
|
+
ecdsaKeyType = {
|
51
|
+
PublicKeyType: "id-ecPublicKey" ; OID: 1.2.840.10045.2.1
|
52
|
+
namedCurve: $ecdsaCurve
|
53
|
+
SignatureType: $ecdsaSignatureType
|
54
|
+
}
|
55
|
+
|
56
|
+
$ecdsaCurve /= "secp256r1" ; OID: 1.2.840.10045.3.1.7
|
57
|
+
$ecdsaCurve /= "secp384r1" ; OID: 1.3.132.0.34
|
58
|
+
$ecdsaCurve /= "secp521r1" ; OID: 1.3.132.0.3
|
59
|
+
|
60
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA256" ; paired with secp256r1
|
61
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA384" ; paired with secp384r1
|
62
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA512" ; paired with secp521r1
|
63
|
+
|
64
|
+
subjectaltname = {
|
65
|
+
? DNS: [ 1* regtext-or-wildcard ]
|
66
|
+
? Email: [ 1* regtext ]
|
67
|
+
? URI: [ 1* regtext ]
|
68
|
+
* $$subjectaltname-extension
|
69
|
+
}
|
70
|
+
|
71
|
+
extensions = {
|
72
|
+
? keyUsage: [ 1* keyUsageType ]
|
73
|
+
? extendedKeyUsage: [ 1* extendedKeyUsageType ]
|
74
|
+
subjectAltName: subjectaltname
|
75
|
+
}
|
76
|
+
|
77
|
+
keyUsageType /= "digitalSignature"
|
78
|
+
keyUsageType /= "nonRepudiation"
|
79
|
+
keyUsageType /= "keyEncipherment"
|
80
|
+
keyUsageType /= "dataEncipherment"
|
81
|
+
keyUsageType /= "keyAgreement"
|
82
|
+
keyUsageType /= "keyCertSign"
|
83
|
+
keyUsageType /= "cRLSign"
|
84
|
+
keyUsageType /= "encipherOnly"
|
85
|
+
keyUsageType /= "decipherOnly"
|
86
|
+
|
87
|
+
extendedKeyUsageType /= "serverAuth"
|
88
|
+
extendedKeyUsageType /= "clientAuth"
|
89
|
+
extendedKeyUsageType /= "codeSigning"
|
90
|
+
extendedKeyUsageType /= "emailProtection"
|
91
|
+
extendedKeyUsageType /= "timeStamping"
|
92
|
+
extendedKeyUsageType /= "OCSPSigning"
|
93
|
+
extendedKeyUsageType /= oid
|
94
|
+
|
95
|
+
oid = text .regexp "[0-9]+(\\.[0-9]+)*"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cddl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.23
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Carsten Bormann
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: cbor-diag
|
@@ -116,10 +116,12 @@ files:
|
|
116
116
|
- test-data/abignum.cddl
|
117
117
|
- test-data/abnf1.cddl
|
118
118
|
- test-data/abnf2.cddl
|
119
|
+
- test-data/abnf3.cddl
|
119
120
|
- test-data/ambig.cddl
|
120
121
|
- test-data/b.cddl
|
121
122
|
- test-data/badaddr.cddl
|
122
123
|
- test-data/basic_syntax_example.cddl
|
124
|
+
- test-data/bat.cddl
|
123
125
|
- test-data/bpv7.cddl
|
124
126
|
- test-data/bpv7a.cddl
|
125
127
|
- test-data/bpv7b.cddl
|
@@ -143,6 +145,8 @@ files:
|
|
143
145
|
- test-data/grasp-09.cddl
|
144
146
|
- test-data/grasp-v1.cddl
|
145
147
|
- test-data/grasp-v2X.cddl
|
148
|
+
- test-data/homenet-de.cddl
|
149
|
+
- test-data/homenet-fe.cddl
|
146
150
|
- test-data/ifmap-base-2.0v17.cddl
|
147
151
|
- test-data/ifmap-base-2.2v9_fh-cabo.cddl
|
148
152
|
- test-data/ifmap-metadata-2.2v9_fh-cabo.cddl
|
@@ -152,6 +156,7 @@ files:
|
|
152
156
|
- test-data/jim-cut.cddl
|
153
157
|
- test-data/jsoniodef.cddl
|
154
158
|
- test-data/kevin5.cddl
|
159
|
+
- test-data/lint1.cddl
|
155
160
|
- test-data/map-group.cddl
|
156
161
|
- test-data/mapkey.cddl
|
157
162
|
- test-data/mdl-ble.cddl
|
@@ -165,11 +170,20 @@ files:
|
|
165
170
|
- test-data/mon-val.cddl
|
166
171
|
- test-data/multipart-ct.cddl
|
167
172
|
- test-data/named-group.cddl
|
173
|
+
- test-data/non-empty.cddl
|
174
|
+
- test-data/oid.cddl
|
175
|
+
- test-data/oidbat.cddl
|
168
176
|
- test-data/patch1.cddl
|
177
|
+
- test-data/plus.cddl
|
169
178
|
- test-data/reused_named_group.cddl
|
179
|
+
- test-data/sasl.cddl
|
170
180
|
- test-data/sequence.cddl
|
181
|
+
- test-data/sipos.cddl
|
182
|
+
- test-data/star-edited.cddl
|
183
|
+
- test-data/star.cddl
|
171
184
|
- test-data/structure.cddl
|
172
185
|
- test-data/test-gen.cddl
|
186
|
+
- test-data/time.cddl
|
173
187
|
- test-data/toerless0.cddl
|
174
188
|
- test-data/toerless1.cddl
|
175
189
|
- test-data/two_anonymous_groups.cddl
|
@@ -178,6 +192,7 @@ files:
|
|
178
192
|
- test-data/wrong2.cddl
|
179
193
|
- test-data/wrong2a.cddl
|
180
194
|
- test-data/xmlmig.cddl
|
195
|
+
- test-data/yaron1.cddl
|
181
196
|
- test/test-cddl.rb
|
182
197
|
homepage: http://github.com/cabo/cddl
|
183
198
|
licenses:
|