cddl 0.8.22 → 0.8.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/cddl.gemspec +1 -1
- data/lib/cddl.rb +11 -7
- data/test-data/homenet-de.cddl +12 -0
- data/test-data/homenet-fe.cddl +12 -0
- data/test-data/lint1.cddl +9 -0
- data/test-data/non-empty.cddl +5 -0
- data/test-data/plus.cddl +3 -0
- data/test-data/sipos.cddl +8 -0
- data/test-data/star-edited.cddl +98 -0
- data/test-data/star.cddl +95 -0
- data/test-data/time.cddl +11 -0
- metadata +11 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 900cef2acf86b7e14cd7c6b534b590862452c75b79c8244126dab0a2a91dc809
|
4
|
+
data.tar.gz: 6107b03e4c7ac8f7cdedde604a1ae84198d0709b3147674775998d17d3ead00e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4daecf273c14c8f3be89fbbe0a02522c7d53509adc25aeca23b2466387b10506503e8d8b7d23647d9eecaacc4fac154a8ca859bc54294599fc775e581bfa7eb2
|
7
|
+
data.tar.gz: 8d7cf1307dcad944255ef2c83bfda804c88b250145b3ae949954fb865412bf61edd3e0e24e76729a554e92da93a86406c1b6a7e275c99b81bdd06743dca823a9
|
data/cddl.gemspec
CHANGED
data/lib/cddl.rb
CHANGED
@@ -780,13 +780,17 @@ module CDDL
|
|
780
780
|
puts "COMPLEX: #{k.inspect} #{simple.inspect} #{simpleval.inspect}" if ENV["CDDL_TRACE"]
|
781
781
|
keys = d_check.keys
|
782
782
|
ta, keys = keys.partition{ |key| validate1(key, k)}
|
783
|
-
|
784
|
-
|
785
|
-
|
786
|
-
|
787
|
-
|
788
|
-
|
789
|
-
|
783
|
+
count = 0
|
784
|
+
catch :enough do
|
785
|
+
ta.all? { |val|
|
786
|
+
if (ann2 = validate1a(d[val], v)) && # XXX check cut or not!
|
787
|
+
d_check.delete(val) {:not_found} != :not_found
|
788
|
+
anno.concat(ann2)
|
789
|
+
throw :enough, true if (count += 1) == e
|
790
|
+
true
|
791
|
+
end
|
792
|
+
}
|
793
|
+
end and count >= s # XXX save error indication
|
790
794
|
end
|
791
795
|
end
|
792
796
|
else
|
@@ -0,0 +1,12 @@
|
|
1
|
+
hna-configuration = {
|
2
|
+
"registred_domain" : tstr,
|
3
|
+
"dm" : tstr,
|
4
|
+
? "dm_transport" : "53" // "DoT" // "DoH" // "DoQ"
|
5
|
+
? "dm_port" : uint,
|
6
|
+
? "dm_acl" : hna-acl // [ +hna-acl ]
|
7
|
+
? "hna_auth_method": hna-auth-method
|
8
|
+
? "hna_certificate": tstr
|
9
|
+
}
|
10
|
+
|
11
|
+
hna-acl = tstr
|
12
|
+
hna-auth-method /= "certificate"
|
@@ -0,0 +1,12 @@
|
|
1
|
+
hna-configuration = {
|
2
|
+
"registered_domain" : tstr,
|
3
|
+
"dm" : tstr,
|
4
|
+
? "dm_transport" : "53" / "DoT" / "DoH" / "DoQ"
|
5
|
+
? "dm_port" : uint,
|
6
|
+
? "dm_acl" : hna-acl / [ +hna-acl ]
|
7
|
+
? "hna_auth_method": hna-auth-method
|
8
|
+
? "hna_certificate": tstr
|
9
|
+
}
|
10
|
+
|
11
|
+
hna-acl = tstr
|
12
|
+
hna-auth-method /= "certificate"
|
data/test-data/plus.cddl
ADDED
@@ -0,0 +1,98 @@
|
|
1
|
+
csr-template-schema = {
|
2
|
+
keyTypes: [ 1* $keyType ]
|
3
|
+
? subject: distinguishedName
|
4
|
+
extensions: extensions
|
5
|
+
}
|
6
|
+
|
7
|
+
mandatory-wildcard = "**"
|
8
|
+
optional-wildcard = "*"
|
9
|
+
wildcard = mandatory-wildcard / optional-wildcard
|
10
|
+
|
11
|
+
; non-empty = { + any => any }
|
12
|
+
non-empty<M> = (M) .and ({ + any => any })
|
13
|
+
|
14
|
+
; regtext matches all text strings but "*" and "**"
|
15
|
+
regtext = text .regexp "([^\*].*)|([\*][^\*].*)|([\*][\*].+)"
|
16
|
+
|
17
|
+
regtext-or-wildcard = regtext / wildcard
|
18
|
+
|
19
|
+
distinguishedName = non-empty<{
|
20
|
+
? country: regtext-or-wildcard
|
21
|
+
? stateOrProvince: regtext-or-wildcard
|
22
|
+
? locality: regtext-or-wildcard
|
23
|
+
? organization: regtext-or-wildcard
|
24
|
+
? organizationalUnit: regtext-or-wildcard
|
25
|
+
? emailAddress: regtext-or-wildcard
|
26
|
+
? commonName: regtext-or-wildcard
|
27
|
+
}>
|
28
|
+
|
29
|
+
$keyType /= rsaKeyType
|
30
|
+
$keyType /= ecdsaKeyType
|
31
|
+
|
32
|
+
rsaKeyType = {
|
33
|
+
PublicKeyType: "rsaEncryption" ; OID: 1.2.840.113549.1.1.1
|
34
|
+
PublicKeyLength: rsaKeySize
|
35
|
+
SignatureType: $rsaSignatureType
|
36
|
+
}
|
37
|
+
|
38
|
+
rsaKeySize = int .ge 2048
|
39
|
+
|
40
|
+
; RSASSA-PKCS1-v1_5 with SHA-256
|
41
|
+
$rsaSignatureType /= "sha256WithRSAEncryption"
|
42
|
+
; RSASSA-PCKS1-v1_5 with SHA-384
|
43
|
+
$rsaSignatureType /= "sha384WithRSAEncryption"
|
44
|
+
; RSASSA-PCKS1-v1_5 with SHA-512
|
45
|
+
$rsaSignatureType /= "sha512WithRSAEncryption"
|
46
|
+
; RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a 32 byte salt
|
47
|
+
$rsaSignatureType /= "sha256WithRSAandMGF1"
|
48
|
+
; RSASSA-PSS with SHA-384, MGF-1 with SHA-384, and a 48 byte salt
|
49
|
+
$rsaSignatureType /= "sha384WithRSAandMGF1"
|
50
|
+
; RSASSA-PSS with SHA-512, MGF-1 with SHA-512, and a 64 byte salt
|
51
|
+
$rsaSignatureType /= "sha512WithRSAandMGF1"
|
52
|
+
|
53
|
+
ecdsaKeyType = {
|
54
|
+
PublicKeyType: "id-ecPublicKey" ; OID: 1.2.840.10045.2.1
|
55
|
+
namedCurve: $ecdsaCurve
|
56
|
+
SignatureType: $ecdsaSignatureType
|
57
|
+
}
|
58
|
+
|
59
|
+
$ecdsaCurve /= "secp256r1" ; OID: 1.2.840.10045.3.1.7
|
60
|
+
$ecdsaCurve /= "secp384r1" ; OID: 1.3.132.0.34
|
61
|
+
$ecdsaCurve /= "secp521r1" ; OID: 1.3.132.0.3
|
62
|
+
|
63
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA256" ; paired with secp256r1
|
64
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA384" ; paired with secp384r1
|
65
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA512" ; paired with secp521r1
|
66
|
+
|
67
|
+
subjectaltname = {
|
68
|
+
? DNS: [ 1* regtext-or-wildcard ]
|
69
|
+
? Email: [ 1* regtext ]
|
70
|
+
? URI: [ 1* regtext ]
|
71
|
+
* $$subjectaltname-extension
|
72
|
+
}
|
73
|
+
|
74
|
+
extensions = {
|
75
|
+
? keyUsage: [ 1* keyUsageType ]
|
76
|
+
? extendedKeyUsage: [ 1* extendedKeyUsageType ]
|
77
|
+
subjectAltName: subjectaltname
|
78
|
+
}
|
79
|
+
|
80
|
+
keyUsageType /= "digitalSignature"
|
81
|
+
keyUsageType /= "nonRepudiation"
|
82
|
+
keyUsageType /= "keyEncipherment"
|
83
|
+
keyUsageType /= "dataEncipherment"
|
84
|
+
keyUsageType /= "keyAgreement"
|
85
|
+
keyUsageType /= "keyCertSign"
|
86
|
+
keyUsageType /= "cRLSign"
|
87
|
+
keyUsageType /= "encipherOnly"
|
88
|
+
keyUsageType /= "decipherOnly"
|
89
|
+
|
90
|
+
extendedKeyUsageType /= "serverAuth"
|
91
|
+
extendedKeyUsageType /= "clientAuth"
|
92
|
+
extendedKeyUsageType /= "codeSigning"
|
93
|
+
extendedKeyUsageType /= "emailProtection"
|
94
|
+
extendedKeyUsageType /= "timeStamping"
|
95
|
+
extendedKeyUsageType /= "OCSPSigning"
|
96
|
+
extendedKeyUsageType /= oid
|
97
|
+
|
98
|
+
oid = text .regexp "[0-9]+(\\.[0-9]+)*"
|
data/test-data/star.cddl
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
csr-template-schema = {
|
2
|
+
keyTypes: [ 1* $keyType ]
|
3
|
+
? subject: distinguishedName
|
4
|
+
extensions: extensions
|
5
|
+
}
|
6
|
+
|
7
|
+
mandatory-wildcard = "**"
|
8
|
+
optional-wildcard = "*"
|
9
|
+
wildcard = mandatory-wildcard / optional-wildcard
|
10
|
+
|
11
|
+
; regtext matches all text strings but "*" and "**"
|
12
|
+
regtext = text .regexp "([^\*].*)|([\*][^\*].*)|([\*][\*].+)"
|
13
|
+
|
14
|
+
regtext-or-wildcard = regtext / wildcard
|
15
|
+
|
16
|
+
distinguishedName = {
|
17
|
+
? country: regtext-or-wildcard
|
18
|
+
? stateOrProvince: regtext-or-wildcard
|
19
|
+
? locality: regtext-or-wildcard
|
20
|
+
? organization: regtext-or-wildcard
|
21
|
+
? organizationalUnit: regtext-or-wildcard
|
22
|
+
? emailAddress: regtext-or-wildcard
|
23
|
+
? commonName: regtext-or-wildcard
|
24
|
+
}
|
25
|
+
|
26
|
+
$keyType /= rsaKeyType
|
27
|
+
$keyType /= ecdsaKeyType
|
28
|
+
|
29
|
+
rsaKeyType = {
|
30
|
+
PublicKeyType: "rsaEncryption" ; OID: 1.2.840.113549.1.1.1
|
31
|
+
PublicKeyLength: rsaKeySize
|
32
|
+
SignatureType: $rsaSignatureType
|
33
|
+
}
|
34
|
+
|
35
|
+
rsaKeySize = int .ge 2048
|
36
|
+
|
37
|
+
; RSASSA-PKCS1-v1_5 with SHA-256
|
38
|
+
$rsaSignatureType /= "sha256WithRSAEncryption"
|
39
|
+
; RSASSA-PCKS1-v1_5 with SHA-384
|
40
|
+
$rsaSignatureType /= "sha384WithRSAEncryption"
|
41
|
+
; RSASSA-PCKS1-v1_5 with SHA-512
|
42
|
+
$rsaSignatureType /= "sha512WithRSAEncryption"
|
43
|
+
; RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a 32 byte salt
|
44
|
+
$rsaSignatureType /= "sha256WithRSAandMGF1"
|
45
|
+
; RSASSA-PSS with SHA-384, MGF-1 with SHA-384, and a 48 byte salt
|
46
|
+
$rsaSignatureType /= "sha384WithRSAandMGF1"
|
47
|
+
; RSASSA-PSS with SHA-512, MGF-1 with SHA-512, and a 64 byte salt
|
48
|
+
$rsaSignatureType /= "sha512WithRSAandMGF1"
|
49
|
+
|
50
|
+
ecdsaKeyType = {
|
51
|
+
PublicKeyType: "id-ecPublicKey" ; OID: 1.2.840.10045.2.1
|
52
|
+
namedCurve: $ecdsaCurve
|
53
|
+
SignatureType: $ecdsaSignatureType
|
54
|
+
}
|
55
|
+
|
56
|
+
$ecdsaCurve /= "secp256r1" ; OID: 1.2.840.10045.3.1.7
|
57
|
+
$ecdsaCurve /= "secp384r1" ; OID: 1.3.132.0.34
|
58
|
+
$ecdsaCurve /= "secp521r1" ; OID: 1.3.132.0.3
|
59
|
+
|
60
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA256" ; paired with secp256r1
|
61
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA384" ; paired with secp384r1
|
62
|
+
$ecdsaSignatureType /= "ecdsa-with-SHA512" ; paired with secp521r1
|
63
|
+
|
64
|
+
subjectaltname = {
|
65
|
+
? DNS: [ 1* regtext-or-wildcard ]
|
66
|
+
? Email: [ 1* regtext ]
|
67
|
+
? URI: [ 1* regtext ]
|
68
|
+
* $$subjectaltname-extension
|
69
|
+
}
|
70
|
+
|
71
|
+
extensions = {
|
72
|
+
? keyUsage: [ 1* keyUsageType ]
|
73
|
+
? extendedKeyUsage: [ 1* extendedKeyUsageType ]
|
74
|
+
subjectAltName: subjectaltname
|
75
|
+
}
|
76
|
+
|
77
|
+
keyUsageType /= "digitalSignature"
|
78
|
+
keyUsageType /= "nonRepudiation"
|
79
|
+
keyUsageType /= "keyEncipherment"
|
80
|
+
keyUsageType /= "dataEncipherment"
|
81
|
+
keyUsageType /= "keyAgreement"
|
82
|
+
keyUsageType /= "keyCertSign"
|
83
|
+
keyUsageType /= "cRLSign"
|
84
|
+
keyUsageType /= "encipherOnly"
|
85
|
+
keyUsageType /= "decipherOnly"
|
86
|
+
|
87
|
+
extendedKeyUsageType /= "serverAuth"
|
88
|
+
extendedKeyUsageType /= "clientAuth"
|
89
|
+
extendedKeyUsageType /= "codeSigning"
|
90
|
+
extendedKeyUsageType /= "emailProtection"
|
91
|
+
extendedKeyUsageType /= "timeStamping"
|
92
|
+
extendedKeyUsageType /= "OCSPSigning"
|
93
|
+
extendedKeyUsageType /= oid
|
94
|
+
|
95
|
+
oid = text .regexp "[0-9]+(\\.[0-9]+)*"
|
data/test-data/time.cddl
ADDED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cddl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.23
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Carsten Bormann
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: cbor-diag
|
@@ -145,6 +145,8 @@ files:
|
|
145
145
|
- test-data/grasp-09.cddl
|
146
146
|
- test-data/grasp-v1.cddl
|
147
147
|
- test-data/grasp-v2X.cddl
|
148
|
+
- test-data/homenet-de.cddl
|
149
|
+
- test-data/homenet-fe.cddl
|
148
150
|
- test-data/ifmap-base-2.0v17.cddl
|
149
151
|
- test-data/ifmap-base-2.2v9_fh-cabo.cddl
|
150
152
|
- test-data/ifmap-metadata-2.2v9_fh-cabo.cddl
|
@@ -154,6 +156,7 @@ files:
|
|
154
156
|
- test-data/jim-cut.cddl
|
155
157
|
- test-data/jsoniodef.cddl
|
156
158
|
- test-data/kevin5.cddl
|
159
|
+
- test-data/lint1.cddl
|
157
160
|
- test-data/map-group.cddl
|
158
161
|
- test-data/mapkey.cddl
|
159
162
|
- test-data/mdl-ble.cddl
|
@@ -167,14 +170,20 @@ files:
|
|
167
170
|
- test-data/mon-val.cddl
|
168
171
|
- test-data/multipart-ct.cddl
|
169
172
|
- test-data/named-group.cddl
|
173
|
+
- test-data/non-empty.cddl
|
170
174
|
- test-data/oid.cddl
|
171
175
|
- test-data/oidbat.cddl
|
172
176
|
- test-data/patch1.cddl
|
177
|
+
- test-data/plus.cddl
|
173
178
|
- test-data/reused_named_group.cddl
|
174
179
|
- test-data/sasl.cddl
|
175
180
|
- test-data/sequence.cddl
|
181
|
+
- test-data/sipos.cddl
|
182
|
+
- test-data/star-edited.cddl
|
183
|
+
- test-data/star.cddl
|
176
184
|
- test-data/structure.cddl
|
177
185
|
- test-data/test-gen.cddl
|
186
|
+
- test-data/time.cddl
|
178
187
|
- test-data/toerless0.cddl
|
179
188
|
- test-data/toerless1.cddl
|
180
189
|
- test-data/two_anonymous_groups.cddl
|