cddl 0.8.8 → 0.8.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6c877883cb125426e061f527ba4375c0f021d70dfef060336fe0bb0f5e2ca3d4
-  data.tar.gz: 7a3dc4065f3616bf57c229b410782b35140018ecada4418c0ef45056c62aef0b
+  metadata.gz: 2864bab5890244b179dd65b3508fa3138f9e5a1d7fbb8a3843090c60212a66bf
+  data.tar.gz: 5e501ebd3d42e3236a03375586c64a03d3f6db390fa5827cf91f100d6d8a1e4c
 SHA512:
-  metadata.gz: b3987fbe82e80dddba2f650b1a12941ed6092708297302cf1a78dfe45b20b79d08e85901cb8739b5fc79eab8cde70ca8efb88698f4340da72c722a7a461565c6
-  data.tar.gz: 68c35688bac9b30411ee419e171860c463df28c3452bce1741399274e51295b609e0acc8df54e9876037f9d96ba02e369fd9465c2fe7c38bb9682d5ec19018cd
+  metadata.gz: b973bc02bd23664027c8457f18e123e54f53da345381ec5099fc3b5c1f31d9c540ef765c217f237b43e426ab5ff8514f627230c3674f7fff39331f2f541aee54
+  data.tar.gz: ecb4f59bb8bd4c01a947557229c707f8ff47ebb1b7498cfafb0c5a9ced7b46fd7653186bee6d67585758687dcb0dea7e05d0cc1c5e84399b111fa4484e01a9de

data/cddl.gemspec

@@ -1,6 +1,6 @@
 spec = Gem::Specification.new do |s|
   s.name = 'cddl'
-  s.version = '0.8.8'
+  s.version = '0.8.9'
   s.summary = "CDDL generator and validator."
   s.description = %{A parser, generator, and validator for CDDL}
   s.add_dependency('cbor-diag')
@@ -19,3 +19,4 @@ spec = Gem::Specification.new do |s|
   s.homepage = "http://github.com/cabo/cddl"
   s.license = 'MIT'
 end
+

data/lib/cddl.rb

@@ -329,8 +329,12 @@ module CDDL
           unless kr
             case vr[0]
             when :grpent
-              fail "grpent in map #{vr.inspect}" unless vr.size == 2
-              g = Array.new(st) { generate1(vr[1], true) }.flatten(1)
+              # fail "grpent in map #{vr.inspect}" unless vr.size == 2
+              g = Array.new(st) {
+                vr[1..-1].map{ |vrx|
+                  generate1(vrx, true)
+                }.flatten(1)
+              }.flatten(1)
               # warn "GGG #{g.inspect}"
               return g
             when :grpchoice
@@ -1142,7 +1146,7 @@ module CDDL
           end
         when :recurse_grpent # XXX we don't have the entry yet
         when :member
-          fail "map entry without member key given: #{member}" unless member[3] || member[4][0] == :grpent || member[4][0] == :grpchoice
+          fail "map entry #{member.inspect} without member key given: #{member}" unless member[3] || member[4][0] == :grpent || member[4][0] == :grpchoice
         else
           fail ["type1 member", member].inspect unless member[0] == :member
         end

data/test-data/bpv7.cddl

@@ -0,0 +1,136 @@
+   start = bundle
+
+   dtn-time = uint
+
+   creation-timestamp = [dtn-time, sequence: uint]
+
+   eid-generic = [uri-code, SSP: any]
+
+   uri-code = uint
+
+   eid = eid-choice .within eid-generic
+
+   eid-choice /= [dtn-code, SSP: (text / 0)]
+
+   dtn-code = 1 ; TBD
+
+   eid-choice /= [ipn-code, SSP: [nodenum: uint, servicenum: uint]]
+
+   ipn-code = 2 ; TBD
+
+   bundle-control-flags = uint .bits bundleflagbits
+
+   bundleflagbits = &(
+
+     reserved: 15
+
+     reserved: 14
+
+     reserved: 13
+
+     bundle-deletion-status-reports-are-requested: 12
+
+     bundle-delivery-status-reports-are-requested: 11
+
+     bundle-forwarding-status-reports-are-requested: 10
+
+     reserved: 9
+
+     bundle-reception-status-reports-are-requested: 8
+
+     bundle-contains-a-Manifest-block: 7
+
+     status-time-is-requested-in-all-status-reports: 6
+
+     user-application-acknowledgement-is-requested: 5
+
+     reserved: 4
+
+     reserved: 3
+
+     bundle-must-not-be-fragmented: 2
+
+     payload-is-an-administrative-record: 1
+
+     bundle-is-a-fragment: 0
+
+   )
+
+   crc = bytes
+
+   block-control-flags = uint .bits blockflagbits
+
+   blockflagbits = &(
+
+     reserved: 7
+
+     reserved: 6
+
+     reserved: 5
+
+     reserved: 4
+
+     bundle-must-be-deleted-if-block-cannot-be-processed: 3
+
+     status-report-must-be-transmitted-if-block-cannot-be-processed: 2
+
+     block-must-be-removed-from-bundle-if-it-cannot-be-processed: 1
+
+     block-must-be-replicated-in-every-fragment: 0
+
+   )
+
+   bundle = [primary-block, *extension-block, payload-block]
+
+   primary-block = [
+
+                 version: 7,
+
+                 bundle-control-flags,
+
+                 crc-type: uint,
+
+                 destination: eid,
+
+                 source-node: eid,
+
+                 report-to: eid,
+
+                 creation-timestamp,
+
+                 lifetime: uint,
+
+                 ? fragment-offset: uint,
+
+                 ? total-application-data-length: uint,
+
+                 ? crc,
+
+   ]
+
+   canonical-block = [
+
+                           block-type-code: uint,
+
+                           canonical-block-common,
+
+                           ? crc
+
+   ]
+
+   canonical-block-common = (
+
+                          block-number: uint,
+
+                          block-control-flags,
+
+                          crc-type: uint,
+
+                          block-type-specific-data: bytes
+
+   )
+
+
+payload-block = ([block-type-code: 1, canonical-block-common, ?crc]) .within canonical-block
+
+extension-block = ([block-type-code: (uint .ne 1), canonical-block-common, ?crc]) .within canonical-block

data/test-data/bpv7a.cddl

@@ -0,0 +1,181 @@
+start = bundle / #6.55799(bundle)
+
+; Times before 2000 are invalid
+dtn-time = uint
+
+; CRC enumerated type
+crc-type = 0 / 1 / 2
+; Either 16-bit or 32-bit
+crc-value = (bstr .size 2) / (bstr .size 4)
+
+creation-timestamp = [dtn-time, sequence: uint]
+
+eid = $eid-choice .within eid-structure
+eid-structure = [
+ uri-code: uint,
+ SSP: any
+]
+$eid-choice /= [
+ uri-code: 1,
+ SSP: (tstr / 0)
+]
+$eid-choice /= [
+ uri-code: 2,
+ SSP: [
+   nodenum: uint,
+   servicenum: uint
+ ]
+]
+
+bundle-control-flags = uint .bits bundleflagbits
+bundleflagbits = &(
+ reserved: 15
+ reserved: 14
+ reserved: 13
+ bundle-deletion-status-reports-are-requested: 12
+ bundle-delivery-status-reports-are-requested: 11
+ bundle-forwarding-status-reports-are-requested: 10
+ reserved: 9
+ bundle-reception-status-reports-are-requested: 8
+ bundle-contains-a-Manifest-block: 7
+ status-time-is-requested-in-all-status-reports: 6
+ user-application-acknowledgement-is-requested: 5
+ reserved: 4
+ reserved: 3
+ bundle-must-not-be-fragmented: 2
+ payload-is-an-administrative-record: 1
+ bundle-is-a-fragment: 0
+)
+
+block-control-flags = uint .bits blockflagbits
+blockflagbits = &(
+ reserved: 7
+ reserved: 6
+ reserved: 5
+ reserved: 4
+ bundle-must-be-deleted-if-block-cannot-be-processed: 3
+ status-report-must-be-transmitted-if-block-cannot-be-processed: 2
+ block-must-be-removed-from-bundle-if-it-cannot-be-processed: 1
+ block-must-be-replicated-in-every-fragment: 0
+)
+
+bundle = [primary-block, *extension-block, payload-block]
+
+primary-block = [
+ version: 7,
+ bundle-control-flags,
+ crc-type,
+ destination: eid,
+ source-node: eid,
+ report-to: eid,
+ creation-timestamp,
+ lifetime: uint,
+ ? (
+   fragment-offset: uint,
+;    total-application-data-length: uint,
+ )
+ ? crc-value,
+]
+
+; Abstract shared structure of all non-primary blocks
+canonical-block-structure = [
+ block-type-code: uint,
+ block-number: uint,
+ block-control-flags,
+ crc-type,
+ ; Each block type defines the content within the bytestring
+ block-type-specific-data,
+ ? crc-value
+]
+block-type-specific-data = bstr / #6.24(bstr)
+; Extension block type, which does not specialize any more than the code/number
+extension-block = $extension-block-structure .within canonical-block-structure
+$extension-block-structure = [
+ block-type-code: (uint .gt 1),
+ extension-block-number,
+ block-control-flags,
+ crc-type,
+ ($extension-block-data .within block-type-specific-data)
+ ? crc-value
+]
+extension-block-number = (uint .ne 0)
+; Payload block type
+payload-block = payload-block-structure .within canonical-block-structure
+payload-block-structure = [
+ block-type-code: 1,
+ block-number: 0,
+ block-control-flags,
+ crc-type,
+ ($payload-block-data .within block-type-specific-data)
+ ? crc-value
+]
+
+; Arbitrary payload data
+$payload-block-data /= bstr
+
+
+; Administrative record as a payload data specialization
+$payload-block-data /= block-type-specific-data .cbor admin-record
+admin-record = $admin-record .within admin-record-structure
+admin-record-structure = [
+ record-type-code: uint,
+ record-content: any
+]
+; Only one defined record type
+$admin-record /= [1, status-record-content]
+status-record-content = [
+ bundle-status-information,
+ status-report-reason-code: uint,
+ source-node-eid: eid,
+ subject-creation-timestamp: creation-timestamp,
+ ? (
+   subject-payload-offset: uint,
+   subject-payload-length: uint
+ )
+]
+bundle-status-information = [
+ reporting-node-received-bundle: status-info-content,
+ reporting-node-forwarded-bundle: status-info-content,
+ reporting-node-delivered-bundle: status-info-content,
+ reporting-node-deleted-bundle: status-info-content
+]
+status-info-content = [
+ status-indicator: bool,
+ ? timestamp: dtn-time
+]
+
+; Previous Node extension block
+$extension-block-structure /= [
+ block-type-code: 7,
+ extension-block-number,
+ block-control-flags,
+ crc-type,
+ (block-type-specific-data .cbor ext-data-previous-node)
+ ? crc-value
+]
+ext-data-previous-node = eid
+
+; Bundle Age extension block
+$extension-block-structure /= [
+ block-type-code: 8,
+ extension-block-number,
+ block-control-flags,
+ crc-type,
+ (block-type-specific-data .cbor ext-data-bundle-age)
+ ? crc-value
+]
+ext-data-bundle-age = uint
+
+; Hop Count extension block
+$extension-block-structure /= [
+ block-type-code: 9,
+ extension-block-number,
+ block-control-flags,
+ crc-type,
+ (block-type-specific-data .cbor ext-data-hop-count)
+ ? crc-value
+]
+ext-data-hop-count = [
+ hop-limit: uint,
+ hop-count: uint
+]

data/test-data/bpv7b.cddl

@@ -0,0 +1,167 @@
+start = bundle / #6.55799(bundle)
+
+; Times before 2000 are invalid
+dtn-time = uint
+
+; CRC enumerated type
+crc-type = 0 / 1 / 2
+; Either 16-bit or 32-bit
+crc-value = (bstr .size 2) / (bstr .size 4)
+
+creation-timestamp = [dtn-time, sequence: uint]
+
+eid = $eid-choice .within eid-structure
+eid-structure = [
+  uri-code: uint,
+  SSP: any
+]
+$eid-choice /= [
+  uri-code: 1,
+  SSP: (tstr / 0)
+]
+$eid-choice /= [
+  uri-code: 2,
+  SSP: [
+    nodenum: uint,
+    servicenum: uint
+  ]
+]
+
+; The root bundle array
+bundle = [primary-block, *extension-block, payload-block]
+
+primary-block = [
+  version: 7,
+  bundle-control-flags,
+  crc-type,
+  destination: eid,
+  source-node: eid,
+  report-to: eid,
+  creation-timestamp,
+  lifetime: uint,
+  ? (
+    fragment-offset: uint,
+    total-application-data-length: uint,
+  )
+  ? crc-value,
+]
+bundle-control-flags = uint .bits bundleflagbits
+bundleflagbits = &(
+  reserved: 15,
+  reserved: 14,
+  reserved: 13,
+  bundle-deletion-status-reports-are-requested: 12,
+  bundle-delivery-status-reports-are-requested: 11,
+  bundle-forwarding-status-reports-are-requested: 10,
+  reserved: 9,
+  bundle-reception-status-reports-are-requested: 8,
+  bundle-contains-a-Manifest-block: 7,
+  status-time-is-requested-in-all-status-reports: 6,
+  user-application-acknowledgement-is-requested: 5,
+  reserved: 4,
+  reserved: 3,
+  bundle-must-not-be-fragmented: 2,
+  payload-is-an-administrative-record: 1,
+  bundle-is-a-fragment: 0
+)
+
+; Abstract shared structure of all non-primary blocks
+canonical-block-structure = [
+  block-type-code: uint,
+  block-number: uint,
+  block-control-flags,
+  crc-type,
+  ; Each block type defines the content within the bytestring
+  block-type-specific-data,
+  ? crc-value
+]
+block-control-flags = uint .bits blockflagbits
+blockflagbits = &(
+  reserved: 7,
+  reserved: 6,
+  reserved: 5,
+  reserved: 4,
+  bundle-must-be-deleted-if-block-cannot-be-processed: 3,
+  status-report-must-be-transmitted-if-block-cannot-be-processed: 2,
+  block-must-be-removed-from-bundle-if-it-cannot-be-processed: 1,
+  block-must-be-replicated-in-every-fragment: 0
+)
+block-type-specific-data = bstr / #6.24(bstr)
+; Actual CBOR data embedded in a bytestring, with optional tag to indicate so
+embedded-cbor<Item> = (bstr .cbor Item) / #6.24(bstr .cbor Item)
+
+; Extension block type, which does not specialize other than the code/number
+extension-block = $extension-block-structure .within canonical-block-structure
+; Generic shared structure of all non-primary blocks
+extension-block-use<CodeValue, BlockData> = [
+  block-type-code: CodeValue,
+  block-number: (uint .ne 0),
+  block-control-flags,
+  crc-type,
+  BlockData,
+  ? crc-value
+]
+
+; Payload block type
+payload-block = payload-block-structure .within canonical-block-structure
+payload-block-structure = [
+  block-type-code: 1,
+  block-number: 0,
+  block-control-flags,
+  crc-type,
+  $payload-block-data,
+  ? crc-value
+]
+
+; Arbitrary payload data, including non-CBOR bytestring
+$payload-block-data /= block-type-specific-data
+
+
+; Administrative record as a payload data specialization
+$payload-block-data /= embedded-cbor<admin-record>
+admin-record = $admin-record .within admin-record-structure
+admin-record-structure = [
+  record-type-code: uint,
+  record-content: any
+]
+; Only one defined record type
+$admin-record /= [1, status-record-content]
+status-record-content = [
+  bundle-status-information,
+  status-report-reason-code: uint,
+  source-node-eid: eid,
+  subject-creation-timestamp: creation-timestamp,
+  ? (
+    subject-payload-offset: uint,
+    subject-payload-length: uint
+  )
+]
+bundle-status-information = [
+  reporting-node-received-bundle: status-info-content,
+  reporting-node-forwarded-bundle: status-info-content,
+  reporting-node-delivered-bundle: status-info-content,
+  reporting-node-deleted-bundle: status-info-content
+]
+status-info-content = [
+  status-indicator: bool,
+  ? timestamp: dtn-time
+]
+
+
+; Previous Node extension block
+$extension-block-structure /=
+  extension-block-use<7, embedded-cbor<ext-data-previous-node>>
+ext-data-previous-node = eid
+
+; Bundle Age extension block
+$extension-block-structure /= 
+  extension-block-use<8, embedded-cbor<ext-data-bundle-age>>
+ext-data-bundle-age = uint
+
+; Hop Count extension block
+$extension-block-structure /=
+  extension-block-use<9, embedded-cbor<ext-data-hop-count>>
+ext-data-hop-count = [
+  hop-limit: uint,
+  hop-count: uint
+]

data/test-data/foo.cddl

@@ -0,0 +1 @@
+foo=bar=int

data/test-data/jsoniodef.cddl

@@ -0,0 +1,719 @@
+start = iodef
+
+;;; iodef.json: IODEF-Document
+
+iodef = {
+ version: text
+ ? lang: lang
+ ? format-id: text
+ ? private-enum-name: text
+ ? private-enum-id: text
+ Incident: [+ Incident]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+duration = "second" / "minute" / "hour" / "day" / "month" / "quarter" /
+           "year" / "ext-value"
+lang = "" / text .regexp "[a-zA-Z]{1,8}(-[a-zA-Z0-9]{1,8})*"
+
+restriction = "public" / "partner" / "need-to-know" / "private" /
+              "default" / "white" / "green" / "amber" / "red" /
+              "ext-value"
+SpecID = "urn:ietf:params:xml:ns:mile:mmdef:1.2" /  "private"
+IDtype = text .regexp "[a-zA-Z_][a-zA-Z0-9_.-]*"
+IDREFType = IDtype
+URLtype = uri
+TimeZonetype = text .regexp "Z|[\+\-](0[0-9]|1[0-4]):[0-5][0-9]"
+PortlistType = text .regexp "\\d+(\\-\\d+)?(,\\d+(\\-\\d+)?)*"
+action = "nothing" / "contact-source-site" / "contact-target-site" /
+         "contact-sender" / "investigate" / "block-host" /
+         "block-network" / "block-port" / "rate-limit-host" /
+         "rate-limit-network" / "rate-limit-port" / "redirect-traffic" /
+         "honeypot" / "upgrade-software" / "rebuild-asset" /
+         "harden-asset" / "remediate-other" / "status-triage" /
+         "status-new-info" / "watch-and-report" / "training" /
+         "defined-coa" / "other" / "ext-value"
+
+DATETIME = tdate
+
+BYTE = eb64legacy
+
+MLStringType = {
+    value: text
+    ? lang: lang
+    ? translation-id: text
+} / text
+
+PositiveFloatType = float32 .gt 0
+
+PAddressType = MLStringType
+
+ExtensionType  = {
+ value: text
+ ? name: text
+ dtype: "boolean" / "byte" / "bytes" / "character" / "date-time" /
+          "ntpstamp" / "integer" / "portlist" / "real" / "string" /
+          "file" / "path" / "frame" / "packet" / "ipv4-packet" / "json"/
+          "ipv6-packet" / "url" / "csv" / "winreg" / "xml" / "ext-value"
+          .default "string"
+ ? ext-dtype: text
+ ? meaning: text
+ ? formatid: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+}
+
+SoftwareType = {
+ ? SoftwareReference: SoftwareReference
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+}
+
+SoftwareReference = {
+ ? value: text
+ spec-name: "custom" / "cpe" / "swid" / "ext-value"
+ ? ext-spec-name: text
+ ? dtype: "bytes" / "integer" / "real" / "string" / "xml" / "ext-value"
+          .default "string"
+ ? ext-dtype: text
+}
+
+Incident = {
+ purpose: "traceback" / "mitigation" / "reporting" / "watch" / "other" /
+          "ext-value"
+ ? ext-purpose: text
+ ? status: "new" / "in-progress"/ "forwarded" / "resolved" / "future" /
+           "ext-value"
+ ? ext-status: text
+ ? lang: lang
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ IncidentID: IncidentID
+ ? AlternativeID: AlternativeID
+ ? RelatedActivity: [+ RelatedActivity]
+ ? DetectTime: DATETIME
+ ? StartTime: DATETIME
+ ? EndTime: DATETIME
+ ? RecoveryTime: DATETIME
+ ? ReportTime: DATETIME
+ GenerationTime: DATETIME
+ ? Description: [+ MLStringType]
+ ? Discovery: [+ Discovery]
+ ? Assessment: [+ Assessment]
+ ? Method: [+ Method]
+ Contact: [+ Contact]
+ ? EventData: [+ EventData]
+ ? Indicator: [+ Indicator]
+ ? History: History
+ ? AdditionalData: [+ ExtensionType]
+}
+
+IncidentID = {
+ id: text
+ name: text
+ ? instance: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+}
+
+AlternativeID = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ IncidentID: [+ IncidentID]
+}
+
+RelatedActivity = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? IncidentID: [+ IncidentID]
+ ? URL: [+ URLtype]
+ ? ThreatActor: [+ ThreatActor]
+ ? Campaign: [+ Campaign]
+ ? IndicatorID: [+ IndicatorID]
+ ? Confidence: Confidence
+ ? Description: [+ text]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+ThreatActor = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? ThreatActorID: [+ text]
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+Campaign  = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? CampaignID: [+ text]
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+Contact = {
+ role: "creator" / "reporter" / "admin" / "tech" / "provider" / "user" /
+       "billing" / "legal" / "irt" / "abuse" / "cc" / "cc-irt" / "leo" /
+       "vendor" / "vendor-support" / "victim" / "victim-notified" /
+       "ext-value"
+ ? ext-role: text
+ type: "person" / "organization" / "ext-value"
+ ? ext-type: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? ContactName: [+ MLStringType]
+ ? ContactTitle: [+ MLStringType]
+ ? Description: [+ MLStringType]
+ ? RegistryHandle: [+ RegistryHandle]
+ ? PostalAddress: [+ PostalAddress]
+ ? Email: [+ Email]
+ ? Telephone: [+ Telephone]
+ ? Timezone: TimeZonetype
+ ? Contact: [+ Contact]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+RegistryHandle = {
+ handle: text
+ registry: "internic" / "apnic" / "arin" / "lacnic" / "ripe" /
+           "afrinic" / "local" / "ext-value"
+ ? ext-registry: text
+}
+
+PostalAddress = {
+ ? type: "street" / "mailing" / "ext-value"
+ ? ext-type: text
+ PAddress: PAddressType
+ ? Description: [+ MLStringType]
+}
+
+Email = {
+ ? type: "direct" / "hotline" / "ext-value"
+ ? ext-type: text
+ EmailTo: text
+ ? Description: [+ MLStringType]
+}
+
+Telephone = {
+ ? type: "wired" / "mobile" / "fax" / "hotline" / "ext-value"
+ ? ext-type: text
+ TelephoneNumber: text
+ ? Description: [+ MLStringType]
+}
+
+Discovery = {
+ ? source: "nidps" / "hips" / "siem" / "av" / "third-party-monitoring" /
+           "incident" / "os-log" / "application-log" / "device-log" /
+           "network-flow" / "passive-dns" / "investigation" / "audit" /
+           "internal-notification" / "external-notification" /
+           "leo" / "partner" / "actor" / "unknown" / "ext-value"
+ ? ext-source: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? Description: [+ MLStringType]
+ ? Contact: [+ Contact]
+ ? DetectionPattern: [+ DetectionPattern]
+}
+
+DetectionPattern = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ (Description: [+ MLStringType] // DetectionConfiguration: [+ text])
+ Application: SoftwareType
+}
+
+Method = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? Reference: [+ Reference]
+ ? Description: [+ MLStringType]
+ ? AttackPattern: [+ StructuredInfo]
+ ? Vulnerability: [+ StructuredInfo]
+ ? Weakness: [+ StructuredInfo]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+StructuredInfo = {
+ SpecID: SpecID
+ ? ext-SpecID: text
+ ? ContentID: text
+ ? (RawData: [+ BYTE] // Reference:[+ Reference])
+ ? Platform:[+ Platform]
+ ? Scoring:[+ Scoring]
+}
+
+Platform = {
+    SpecID: SpecID
+    ? ext-SpecID: text
+    ? ContentID: text
+    ? RawData: [+ BYTE]
+    ? Reference: [+ Reference]
+}
+Scoring = {
+    SpecID: SpecID
+    ? ext-SpecID: text
+    ? ContentID: text
+    ? RawData: [+ BYTE]
+    ? Reference: [+ Reference]
+}
+Reference = {
+ ? observable-id: IDtype
+ ? ReferenceName: ReferenceName
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+}
+
+ReferenceName = {
+ specIndex: integer
+ ID: IDtype
+}
+
+Assessment = {
+ ? occurrence: "actual" / "potential"
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ ? IncidentCategory: [+ MLStringType]
+ Impact: [+ {SystemImpact: SystemImpact} /
+          {BusinessImpact: BusinessImpact} / {TimeImpact: TimeImpact} /
+          {MonetaryImpact: MonetaryImpact} /
+          {IntendedImpact: BusinessImpact}]
+ ? Counter: [+ Counter]
+ ? MitigatingFactor: [+ MLStringType]
+ ? Cause: [+ MLStringType]
+ ? Confidence: Confidence
+ ? AdditionalData: [+ ExtensionType]
+}
+
+SystemImpact = {
+ ? severity: "low" / "medium" / "high"
+ ? completion: "failed" / "succeeded"
+ type: "takeover-account" / "takeover-service" / "takeover-system" /
+       "cps-manipulation" / "cps-damage" / "availability-data" /
+       "availability-account" / "availability-service" /
+       "availability-system" / "damaged-system" / "damaged-data" /
+       "breach-proprietary" / "breach-privacy" / "breach-credential" /
+       "breach-configuration" / "integrity-data" /
+       "integrity-configuration" / "integrity-hardware" /
+       "traffic-redirection" / "monitoring-traffic" / "monitoring-host"/
+       "policy" / "unknown" / "ext-value" .default "unknown"
+ ? ext-type: text
+ ? Description: [+ MLStringType]
+}
+
+BusinessImpact = {
+ ? severity:"none" / "low" / "medium" / "high" / "unknown" / "ext-value"
+            .default "unknown"
+ ? ext-severity: text
+ type: "breach-proprietary" / "breach-privacy" / "breach-credential" /
+       "loss-of-integrity" / "loss-of-service" / "theft-financial" /
+       "theft-service" / "degraded-reputation" / "asset-damage" /
+       "asset-manipulation" / "legal" / "extortion" / "unknown" /
+       "ext-value" .default "unknown"
+ ? ext-type: text
+ ? Description: [+ MLStringType]
+}
+
+TimeImpact = {
+ value: PositiveFloatType
+ ? severity: "low" / "medium" / "high"
+ metric: "labor" / "elapsed" / "downtime" / "ext-value"
+ ? ext-metric: text
+ ? duration: duration .default "hour"
+ ? ext-duration: text
+}
+
+MonetaryImpact = {
+ value: PositiveFloatType
+ ? severity: "low" / "medium" / "high"
+ ? currency: text
+}
+
+Confidence = {
+ value: float32
+ rating: "low" / "medium" / "high" / "numeric" / "unknown" / "ext-value"
+ ? ext-rating: text
+}
+
+History = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ HistoryItem: [+ HistoryItem]
+}
+
+HistoryItem = {
+ action: action .default "other"
+ ? ext-action: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ DateTime: DATETIME
+ ? IncidentID: IncidentID
+ ? Contact: Contact
+ ? Description: [+ MLStringType]
+ ? DefinedCOA: [+ text]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+EventData = {
+ ? restriction: restriction .default "default"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ ? Description: [+ MLStringType]
+ ? DetectTime: DATETIME
+ ? StartTime: DATETIME
+ ? EndTime: DATETIME
+ ? RecoveryTime: DATETIME
+ ? ReportTime: DATETIME
+ ? Contact: [+ Contact]
+ ? Discovery: [+ Discovery]
+ ? Assessment: Assessment
+ ? Method: [+ Method]
+ ? System: [+ System]
+ ? Expectation: [+ Expectation]
+ ? RecordData: [+ RecordData]
+ ? EventData: [+ EventData]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+Expectation = {
+ ? action: action .default "other"
+ ? ext-action: text
+ ? severity: "low" / "medium" / "high"
+ ? restriction: restriction .default "default"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ ? Description: [+ MLStringType]
+ ? DefinedCOA: [+ text]
+ ? StartTime: DATETIME
+ ? EndTime: DATETIME
+ ? Contact: Contact
+}
+
+System = {
+ ? category: "source" / "target" / "intermediate" / "sensor" /
+             "infrastructure" / "ext-value"
+ ? ext-category: text
+ ? interface: text
+ ? spoofed: "unknown" / "yes" / "no" .default "unknown"
+ ? virtual: "yes" / "no" / "unknown" .default "unknown"
+ ? ownership: "organization" / "personal" / "partner" / "customer" /
+              "no-relationship" / "unknown" / "ext-value"
+ ? ext-ownership: text
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ Node: Node
+ ? NodeRole: [+ NodeRole]
+ ? Service: [+ Service]
+ ? OperatingSystem: [+ SoftwareType]
+ ? Counter: [+ Counter]
+ ? AssetID: [+ text]
+ ? Description: [+ MLStringType]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+Node = {
+ (DomainData:[+ DomainData]
+  ? Address:[+ Address] //
+  ? DomainData:[+ DomainData]
+  Address:[+ Address])
+ ? PostalAddress: PostalAddress
+ ? Location: [+ MLStringType]
+ ? Counter: [+ Counter]
+}
+
+Address = {
+ value: text
+ category: "asn" / "atm" / "e-mail" / "ipv4-addr" / "ipv4-net" /
+           "ipv4-net-masked" / "ipv4-net-mask" / "ipv6-addr" /
+           "ipv6-net" / "ipv6-net-masked" / "mac" / "site-uri" /
+           "ext-value" .default "ipv6-addr"
+ ? ext-category: text
+ ? vlan-name: text
+ ? vlan-num: integer
+ ? observable-id: IDtype
+}
+
+NodeRole = {
+ category: "client" / "client-enterprise" / "client-partner" /
+           "client-remote" / "client-kiosk" / "client-mobile" /
+           "server-internal" / "server-public" / "www" / "mail" /
+           "webmail" / "messaging" / "streaming" / "voice" / "file" /
+           "ftp" / "p2p" / "name" / "directory" / "credential" /
+           "print" / "application" / "database" / "backup" / "dhcp" /
+           "assessment" / "source-control" / "config-management" /
+           "monitoring" / "infra" / "infra-firewall" / "infra-router" /
+           "infra-switch" / "camera" / "proxy" / "remote-access" /
+           "log" / "virtualization" / "pos" /  "scada" /
+           "scada-supervisory" / "sinkhole" / "honeypot" /
+           "anomyzation" / "c2-server" / "malware-distribution" /
+           "drop-server" / "hop-point" / "reflector" /
+           "phishing-site" / "spear-phishing-site" / "recruiting-site" /
+           "fraudulent-site" / "ext-value"
+ ? ext-category: text
+ ? Description: [+ MLStringType]
+}
+
+Counter = {
+ value: float32
+ type: "count" / "peak" / "average" / "ext-value"
+ ? ext-type: text
+ unit: "byte" / "mbit" / "packet" / "flow" / "session" / "alert" /
+       "message" / "event" / "host" / "site" / "organization" /
+       "ext-value"
+ ? ext-unit: text
+ ? meaning: text
+ ? duration: duration .default "hour"
+ ? ext-duration: text
+}
+
+DomainData = {
+ system-status: "spoofed" / "fraudulent" / "innocent-hacked" /
+                "innocent-hijacked" / "unknown" / "ext-value"
+ ? ext-system-status: text
+ domain-status: "reservedDelegation" / "assignedAndActive" /
+                "assignedAndInactive" / "assignedAndOnHold" /
+                "revoked" / "transferPending" / "registryLock" /
+                "registrarLock" / "other" / "unknown" / "ext-value"
+ ? ext-domain-status: text
+ ? observable-id: IDtype
+ Name: text
+ ? DateDomainWasChecked: DATETIME
+ ? RegistrationDate: DATETIME
+ ? ExpirationDate: DATETIME
+ ? RelatedDNS: [+ ExtensionType]
+ ? NameServers: [+ NameServers]
+ ? DomainContacts: DomainContacts
+}
+
+NameServers = {
+ Server: text
+ Address: [+ Address]
+}
+
+DomainContacts = {
+ (SameDomainContact: text // Contact: [+ Contact])
+}
+
+Service = {
+ ? ip-protocol: integer
+ ? observable-id: IDtype
+ ? ServiceName: ServiceName
+ ? Port: integer
+ ? Portlist: PortlistType
+ ? ProtoCode: integer
+ ? ProtoType: integer
+ ? ProtoField: integer
+ ? ApplicationHeaderField: [+ ExtensionType]
+ ? EmailData: EmailData
+ ? Application: SoftwareType
+}
+
+ServiceName = {
+ ? IANAService: text
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+}
+
+EmailData = {
+ ? observable-id: IDtype
+ ? EmailTo: [+ text]
+ ? EmailFrom: text
+ ? EmailSubject: text
+ ? EmailX-Mailer: text
+ ? EmailHeaderField: [+ ExtensionType]
+ ? EmailHeaders: text
+ ? EmailBody: text
+ ? EmailMessage: text
+ ? HashData: [+ HashData]
+ ? Signature: [+ BYTE]
+}
+
+RecordData = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ ? DateTime: DATETIME
+ ? Description: [+ MLStringType]
+ ? Application: SoftwareType
+ ? RecordPattern: [+ RecordPattern]
+ ? RecordItem: [+ ExtensionType]
+ ? URL: [+ URLtype]
+ ? FileData: [+ FileData]
+ ? WindowsRegistryKeysModified: [+ WindowsRegistryKeysModified]
+ ? CertificateData: [+ CertificateData]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+RecordPattern = {
+ value: text
+ type: "regex" / "binary" / "xpath" / "ext-value"  .default "regex"
+ ? ext-type: text
+ ? offset: integer
+ ? offsetunit: "line" / "byte" / "ext-value" .default "line"
+ ? ext-offsetunit: text
+ ? instance: integer
+}
+
+WindowsRegistryKeysModified = {
+ ? observable-id: IDtype
+ Key: [+ Key]
+}
+
+Key = {
+ ? registryaction: "add-key" / "add-value" / "delete-key" /
+                   "delete-value" / "modify-key" / "modify-value" /
+                   "ext-value"
+ ? ext-registryaction: text
+ ? observable-id: IDtype
+ KeyName: text
+ ? KeyValue: text
+}
+
+CertificateData = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ Certificate: [+ Certificate]
+}
+
+Certificate = {
+ ? observable-id: IDtype
+ X509Data: BYTE
+ ? Description: [+ MLStringType]
+}
+
+FileData = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? observable-id: IDtype
+ File: [+ File]
+}
+
+File = {
+ ? observable-id: IDtype
+ ? FileName: text
+ ? FileSize: integer
+ ? FileType: text
+ ? URL: [+ URLtype]
+ ? HashData: HashData
+ ? Signature: [+ BYTE]
+ ? AssociatedSoftware: SoftwareType
+ ? FileProperties: [+ ExtensionType]
+}
+
+HashData = {
+ scope: "file-contents" / "file-pe-section" / "file-pe-iat" /
+        "file-pe-resource" / "file-pdf-object" / "email-hash" /
+        "email-headers-hash" / "email-body-hash" / "ext-value"
+ ? HashTargetID: text
+ ? Hash: [+ Hash]
+ ? FuzzyHash: [+ FuzzyHash]
+}
+
+Hash = {
+ DigestMethod: BYTE
+ DigestValue: BYTE
+ ? CanonicalizationMethod: BYTE
+ ? Application: SoftwareType
+}
+
+FuzzyHash = {
+ FuzzyHashValue: [+ ExtensionType]
+ ? Application: SoftwareType
+ ? AdditionalData: [+ ExtensionType]
+}
+
+Indicator = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ IndicatorID: IndicatorID
+ ? AlternativeIndicatorID: [+ AlternativeIndicatorID]
+ ? Description: [+ MLStringType]
+ ? StartTime: DATETIME
+ ? EndTime: DATETIME
+ ? Confidence: Confidence
+ ? Contact: [+ Contact]
+ (Observable: Observable // uid-ref: IDREFType //
+  IndicatorExpression: IndicatorExpression //
+  IndicatorReference: IndicatorReference)
+ ? NodeRole: [+ NodeRole]
+ ? AttackPhase: [+ AttackPhase]
+ ? Reference: [+ Reference]
+ ? AdditionalData: [+ ExtensionType]
+}
+
+IndicatorID = {
+ id: IDtype
+ name: text
+ version: text
+}
+
+AlternativeIndicatorID = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ IndicatorID: [+ IndicatorID]
+}
+
+Observable = {
+ ? restriction: restriction .default "private"
+ ? ext-restriction: text
+ ? (System: System // Address: Address // DomainData: DomainData //
+  EmailData: EmailData // Service: Service //
+  WindowsRegistryKeysModified: WindowsRegistryKeysModified //
+  FileData: FileData // CertificateData: CertificateData //
+  RegistryHandle: RegistryHandle // RecordData: RecordData //
+  EventData: EventData // Incident: Incident //
+  Expectation: Expectation // Reference: Reference //
+  Assessment: Assessment // DetectionPattern: DetectionPattern //
+  HistoryItem: HistoryItem // BulkObservable: BulkObservable //
+  AdditionalData: [+ ExtensionType])
+}
+
+BulkObservable = {
+ ? type: "asn" / "atm" / "e-mail" / "ipv4-addr" / "ipv4-net" /
+         "ipv4-net-mask" / "ipv6-addr" / "ipv6-net" / "ipv6-net-mask" /
+         "mac" / "site-uri" / "domain-name" / "domain-to-ipv4" /
+         "domain-to-ipv6" / "domain-to-ipv4-timestamp" /
+         "domain-to-ipv6-timestamp" / "ipv4-port" / "ipv6-port" /
+         "windows-reg-key" / "file-hash" / "email-x-mailer" /
+         "email-subject" / "http-user-agent" / "http-request-uri" /
+         "mutex" / "file-path" / "user-name" / "ext-value"
+ ? ext-type: text
+ ? BulkObservableFormat: BulkObservableFormat
+ BulkObservableList: text
+ ? AdditionalData: [+ ExtensionType]
+}
+
+BulkObservableFormat = {
+ (Hash: Hash // AdditionalData: [+ ExtensionType])
+}
+
+IndicatorExpression = {
+ ? operator: "not" / "and" / "or" / "xor" .default "and"
+ ? ext-operator: text
+ ? IndicatorExpression: [+ IndicatorExpression]
+ ? Observable: [+ Observable]
+ ? uid-ref: [+ IDREFType]
+ ? IndicatorReference: [+ IndicatorReference]
+ ? Confidence: Confidence
+ ? AdditionalData: [+ ExtensionType]
+}
+
+IndicatorReference = {
+ (uid-ref: IDREFType // euid-ref: text)
+ ? version: text
+}
+
+AttackPhase = {
+ ? AttackPhaseID: [+ text]
+ ? URL: [+ URLtype]
+ ? Description: [+ MLStringType]
+ ? AdditionalData: [+ ExtensionType]
+}

data/test-data/named-group.cddl

@@ -0,0 +1,7 @@
+foo = { + $$elements }
+
+$$elements //= element1
+$$elements //= element2
+
+element1 = (1: "a")
+element2 = (2: "b")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cddl
 version: !ruby/object:Gem::Version
-  version: 0.8.8
+  version: 0.8.9
 platform: ruby
 authors:
 - Carsten Bormann
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-12-07 00:00:00.000000000 Z
+date: 2019-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cbor-diag
@@ -102,12 +102,16 @@ files:
 - test-data/b.cddl
 - test-data/badaddr.cddl
 - test-data/basic_syntax_example.cddl
+- test-data/bpv7.cddl
+- test-data/bpv7a.cddl
+- test-data/bpv7b.cddl
 - test-data/cdni-ct.cddl
 - test-data/cose.cddl
 - test-data/dcaf.cddl
 - test-data/dcaf1.cddl
 - test-data/dotsize.cddl
 - test-data/extractor-demo.cddl
+- test-data/foo.cddl
 - test-data/grasp-01-extract.cddl
 - test-data/grasp-01-test.cddl
 - test-data/grasp-01.cddl
@@ -119,10 +123,12 @@ files:
 - test-data/ifmap-metadata-2.2v9_fh-cabo.cddl
 - test-data/ifmap2.cddl
 - test-data/jcr-ex.cddl
+- test-data/jsoniodef.cddl
 - test-data/kevin5.cddl
 - test-data/map-group.cddl
 - test-data/mapkey.cddl
 - test-data/minimal.cddl
+- test-data/named-group.cddl
 - test-data/patch1.cddl
 - test-data/reused_named_group.cddl
 - test-data/structure.cddl
@@ -154,8 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: CDDL generator and validator.