cddlc 0.2.1 → 0.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ea4f2c1a1ecedae6a543bebad045a0063e3b7103b757306a8f1da1fea694c3ca
-  data.tar.gz: 247a51f6016e133358fb37e524e0692eec3c84104ea63137b9549e3164ff65ad
+  metadata.gz: f35079da2cf258708ed948eb0c9b11bddff20f5a37c5967f0eed5bbc24d37821
+  data.tar.gz: cb4a9ac9618a27734cb1ab088b493f852e323227e19362b7012ab7b16c48b714
 SHA512:
-  metadata.gz: 1d039d6618590fea6f3baaf19888583afdddcab37887cb4e9fb24b56c1fcf52455964426c8ea8325f2d57fa67e19008c05de791278664c094e3da500455387d8
-  data.tar.gz: be73e1a03f41bb0052eac06e1fac77bddb3ef55eade8e2b8f0e4c9f625cd5c7bd928a5b464a693e07826521135bd402583d32d801908a95c2749c9f3508eb253
+  metadata.gz: 7edb8b482557190e6b7a79f0646183f7b32308fc5574931ae9d6e281af11cfa66640395057e6611c308ac713aac2958dde5d0f609bc405c6467ff86db64f47a2
+  data.tar.gz: c51b2735ae93b9ba9ca3671bec546e46345498829c14c0ed338fa782e8d95d7999ac0afcf97c7eabc5a11f564108cf816e975a1ee72c66f9244685f2eb82fa95

data/cddlc.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = "cddlc"
-  s.version = "0.2.1"
+  s.version = "0.2.3"
   s.summary = "CDDL (Concise Data Definition Language) converters and miscellaneous tools"
   s.description = %q{cddlc implements converters and miscellaneous tools for CDDL, RFC 8610}
   s.author = "Carsten Bormann"

data/data/rfc9393-concise-swid-tag.cddl

@@ -0,0 +1,279 @@
+concise-swid-tag = {
+  tag-id => text / bstr .size 16,
+  tag-version => integer,
+  ? corpus => bool,
+  ? patch => bool,
+  ? supplemental => bool,
+  software-name => text,
+  ? software-version => text,
+  ? version-scheme => $version-scheme,
+  ? media => text,
+  ? software-meta => one-or-more<software-meta-entry>,
+  entity => one-or-more<entity-entry>,
+  ? link => one-or-more<link-entry>,
+  ? payload-or-evidence,
+  * $$coswid-extension,
+  global-attributes,
+}
+
+payload-or-evidence //= ( payload => payload-entry )
+payload-or-evidence //= ( evidence => evidence-entry )
+
+any-uri = uri
+label = text / int
+
+$version-scheme /= multipartnumeric
+$version-scheme /= multipartnumeric-suffix
+$version-scheme /= alphanumeric
+$version-scheme /= decimal
+$version-scheme /= semver
+$version-scheme /= int / text
+
+any-attribute = (
+  label => one-or-more<text> / one-or-more<int>
+)
+
+one-or-more<T> = T / [ 2* T ]
+
+global-attributes = (
+  ? lang => text,
+  * any-attribute,
+)
+
+hash-entry = [
+  hash-alg-id: int,
+  hash-value: bytes,
+]
+
+entity-entry = {
+  entity-name => text,
+  ? reg-id => any-uri,
+  role => one-or-more<$role>,
+  ? thumbprint => hash-entry,
+  * $$entity-extension,
+  global-attributes,
+}
+
+$role /= tag-creator
+$role /= software-creator
+$role /= aggregator
+$role /= distributor
+$role /= licensor
+$role /= maintainer
+$role /= int / text
+
+link-entry = {
+  ? artifact => text,
+  href => any-uri,
+  ? media => text,
+  ? ownership => $ownership,
+  rel => $rel,
+  ? media-type => text,
+  ? use => $use,
+  * $$link-extension,
+  global-attributes,
+}
+
+$ownership /= shared
+$ownership /= private
+$ownership /= abandon
+$ownership /= int / text
+
+$rel /= ancestor
+$rel /= component
+$rel /= feature
+$rel /= installationmedia
+$rel /= packageinstaller
+$rel /= parent
+$rel /= patches
+$rel /= requires
+$rel /= see-also
+$rel /= supersedes
+$rel /= supplemental
+$rel /= -256..65536 / text
+
+$use /= optional
+$use /= required
+$use /= recommended
+$use /= int / text
+
+software-meta-entry = {
+  ? activation-status => text,
+  ? channel-type => text,
+  ? colloquial-version => text,
+  ? description => text,
+  ? edition => text,
+  ? entitlement-data-required => bool,
+  ? entitlement-key => text,
+  ? generator => text / bstr .size 16,
+  ? persistent-id => text,
+  ? product => text,
+  ? product-family => text,
+  ? revision => text,
+  ? summary => text,
+  ? unspsc-code => text,
+  ? unspsc-version => text,
+  * $$software-meta-extension,
+  global-attributes,
+}
+
+path-elements-group = ( ? directory => one-or-more<directory-entry>,
+                        ? file => one-or-more<file-entry>,
+                      )
+
+resource-collection = (
+  path-elements-group,
+  ? process => one-or-more<process-entry>,
+  ? resource => one-or-more<resource-entry>,
+  * $$resource-collection-extension,
+)
+
+file-entry = {
+  filesystem-item,
+  ? size => uint,
+  ? file-version => text,
+  ? hash => hash-entry,
+  * $$file-extension,
+  global-attributes,
+}
+
+directory-entry = {
+  filesystem-item,
+  ? path-elements => { path-elements-group },
+  * $$directory-extension,
+  global-attributes,
+}
+
+process-entry = {
+  process-name => text,
+  ? pid => integer,
+  * $$process-extension,
+  global-attributes,
+}
+
+resource-entry = {
+  type => text,
+  * $$resource-extension,
+  global-attributes,
+}
+
+filesystem-item = (
+  ? key => bool,
+  ? location => text,
+  fs-name => text,
+  ? root => text,
+)
+
+payload-entry = {
+  resource-collection,
+  * $$payload-extension,
+  global-attributes,
+}
+
+evidence-entry = {
+  resource-collection,
+  ? date => integer-time,
+  ? device-id => text,
+  ? location => text,
+  * $$evidence-extension,
+  global-attributes,
+}
+
+integer-time = #6.1(int)
+
+; "global map member" integer indices
+tag-id = 0
+software-name = 1
+entity = 2
+evidence = 3
+link = 4
+software-meta = 5
+payload = 6
+hash = 7
+corpus = 8
+patch = 9
+media = 10
+supplemental = 11
+tag-version = 12
+software-version = 13
+version-scheme = 14
+lang = 15
+directory = 16
+file = 17
+process = 18
+resource = 19
+size = 20
+file-version = 21
+key = 22
+location = 23
+fs-name = 24
+root = 25
+path-elements = 26
+process-name = 27
+pid = 28
+type = 29
+entity-name = 31
+reg-id = 32
+role = 33
+thumbprint = 34
+date = 35
+device-id = 36
+artifact = 37
+href = 38
+ownership = 39
+rel = 40
+media-type = 41
+use = 42
+activation-status = 43
+channel-type = 44
+colloquial-version = 45
+description = 46
+edition = 47
+entitlement-data-required = 48
+entitlement-key = 49
+generator = 50
+persistent-id = 51
+product = 52
+product-family = 53
+revision = 54
+summary = 55
+unspsc-code = 56
+unspsc-version = 57
+
+; "version-scheme" integer indices
+multipartnumeric = 1
+multipartnumeric-suffix = 2
+alphanumeric = 3
+decimal = 4
+semver = 16384
+
+; "role" integer indices
+tag-creator=1
+software-creator=2
+aggregator=3
+distributor=4
+licensor=5
+maintainer=6
+
+; "ownership" integer indices
+abandon=1
+private=2
+shared=3
+
+; "rel" integer indices
+ancestor=1
+component=2
+feature=3
+installationmedia=4
+packageinstaller=5
+parent=6
+patches=7
+requires=8
+see-also=9
+supersedes=10
+; supplemental=11 ; already defined
+
+; "use" integer indices
+optional=1
+required=2
+recommended=3

data/data/rfc9393-sign.cddl

@@ -0,0 +1,26 @@
+COSE_Sign-coswid<payload> = [
+    protected: bstr .cbor protected-signed-coswid-header1,
+    unprotected: unprotected-signed-coswid-header,
+    payload: bstr .cbor payload,
+    signature: [ * COSE_Signature ],
+]
+
+protected-signed-coswid-header1 = {
+    3 => "application/swid+cbor",
+    * cose-label => cose-values,
+}
+
+protected-signature-coswid-header = {
+    1 => int,                      ; algorithm identifier
+    * cose-label => cose-values,
+}
+
+unprotected-signed-coswid-header = {
+    * cose-label => cose-values,
+}
+
+COSE_Signature =  [
+    protected: bstr .cbor protected-signature-coswid-header,
+    unprotected: unprotected-signed-coswid-header,
+    signature: bstr
+]

data/data/rfc9393-sign1.cddl

@@ -0,0 +1,19 @@
+COSE_Sign1-coswid<payload> = [
+    protected: bstr .cbor protected-signed-coswid-header,
+    unprotected: unprotected-signed-coswid-header,
+    payload: bstr .cbor payload,
+    signature: bstr,
+]
+
+cose-label = int / tstr
+cose-values = any
+
+protected-signed-coswid-header = {
+    1 => int,                      ; algorithm identifier
+    3 => "application/swid+cbor",
+    * cose-label => cose-values,
+}
+
+unprotected-signed-coswid-header = {
+    * cose-label => cose-values,
+}

data/data/rfc9393-tags.cddl

@@ -0,0 +1,9 @@
+coswid = unsigned-coswid / signed-coswid
+unsigned-coswid = concise-swid-tag / tagged-coswid<concise-swid-tag>
+signed-coswid1 = signed-coswid-for<unsigned-coswid>
+signed-coswid = signed-coswid1 / tagged-coswid<signed-coswid1>
+
+tagged-coswid<T> = #6.1398229316(T)
+
+signed-coswid-for<payload> = #6.18(COSE_Sign1-coswid<payload>)
+    / #6.98(COSE_Sign-coswid<payload>)

data/data/rfc9393.cddl

@@ -0,0 +1 @@
+rfc9393-concise-swid-tag.cddl

data/lib/processor/cddl-expander.rb

@@ -2,6 +2,16 @@ require_relative "../cddlc.rb"
 require_relative "./cddl-visitor.rb"
 
 class CDDL
+
+  class MissingGenericError < StandardError
+    attr_reader :name, :args
+    def initialize(name_, args_)
+      @name = name_
+      @args = args_
+      super("** no generic for #{name}<#{args}>")
+    end
+  end
+
   def substitute(prod, parms, subs, &block)
     visit(prod) do |p, &block1|
       case p
@@ -18,7 +28,9 @@ class CDDL
   end
   def gen_apply(gen_name, gen_args, &block)
     gen_parms, gen_prod = @gen[gen_name]
-    fail "** no generic for #{gen_name}<#{gen_args}>" unless gen_parms
+    unless gen_parms
+      fail MissingGenericError.new(gen_name, gen_args)
+    end
     substitute(gen_prod, gen_parms, gen_args, &block)
   end
   def expand_prod(prod)

data/lib/processor/cddl-undefined.rb

@@ -27,7 +27,11 @@ class CDDL
   def cddl_undefined
     # currently only works on expanded...
     cddl2 = self.deep_clone                # needs deep-clone
-    cddl2.expand_generics
+    begin
+      cddl2.expand_generics
+    rescue CDDL::MissingGenericError => e
+      return [e.name] # make this expandable first by pulling missing generic
+    end
     used = {}
     cddl2.rules.each do |k, v|
       fail unless String === k

data/lib/writer/cddl-writer.rb

@@ -42,7 +42,7 @@ class CDDL
     in ["gen", id, *parms]  # oops -- namep vs. namea; ouch
       [4, "#{id}<#{parms.map{write_rhs(_1, 2, indent, pn)}.join(", ")}>"]
     in ["tcho", *types]
-      [2, types.map{write_rhs(_1, 3, indent, pn)}.join(" / ")]
+      [2.1, types.map{write_rhs(_1, 3, indent, pn)}.join(" / ")]
     in ["gcho", *groups]
       [0, groups.map{write_rhs(_1, 2, indent, pn)}.join(" // ")]
     in ["op", op, l, r]
@@ -116,7 +116,7 @@ class CDDL
       in ["parm", parmnames, _type]
       else
       end
-      "#{write_lhs(k, parmnames)} = #{write_rhs(v, 2)}" # 2: parenthesize groups
+      "#{write_lhs(k, parmnames)} = #{write_rhs(v, 2.1)}" # 2: parenthesize groups
     }.join("\n")
   end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cddlc
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.3
 platform: ruby
 authors:
 - Carsten Bormann
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-15 00:00:00.000000000 Z
+date: 2024-01-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -97,6 +97,11 @@ files:
 - data/rfc9290.cddl
 - data/rfc9321.cddl
 - data/rfc9338.cddl
+- data/rfc9393-concise-swid-tag.cddl
+- data/rfc9393-sign.cddl
+- data/rfc9393-sign1.cddl
+- data/rfc9393-tags.cddl
+- data/rfc9393.cddl
 - lib/cddlc.rb
 - lib/parser/cddl-util.rb
 - lib/parser/cddlgrammar.rb