Merge branch 'main' into tdx-profile

veraison · Jan 28, 2025 · 4cdbc95 · 4cdbc95
2 parents 661ae12 + 14a8274
commit 4cdbc95
Show file tree

Hide file tree

Showing 38 changed files with 619 additions and 268 deletions.
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
@@ -22,5 +22,3 @@ jobs:
         go install github.com/golang/mock/[email protected]
     - name: Run required linters in .golangci.yml plus hard-coded ones here
       run: make lint
-    - name: Run optional linters (not required to pass)
-      run: make lint-extra
diff --git a/Makefile b/Makefile
@@ -12,16 +12,10 @@ GOPKG += github.com/veraison/corim/extensions
 
 GOLINT ?= golangci-lint
 
-ifeq ($(MAKECMDGOALS),lint)
-GOLINT_ARGS ?= run --timeout=3m
-else
-  ifeq ($(MAKECMDGOALS),lint-extra)
-  GOLINT_ARGS ?= run --timeout=3m --issues-exit-code=0 -E dupl -E gocritic -E gosimple -E lll -E prealloc
-  endif
-endif
+GOLINT_ARGS ?= run --timeout=3m -E dupl -E gocritic -E gosimple -E lll -E prealloc
 
-.PHONY: lint lint-extra
-lint lint-extra:
+.PHONY: lint
+lint:
 	$(GOLINT) $(GOLINT_ARGS)
 
 ifeq ($(MAKECMDGOALS),test)
@@ -50,7 +44,7 @@ presubmit:
 	@echo
 	@echo ">>> Fix any lint error"
 	@echo
-	$(MAKE) lint-extra
+	$(MAKE) lint
 
 .PHONY: licenses
 licenses: ; @./scripts/licenses.sh
@@ -60,8 +54,7 @@ help:
 	@echo "Available targets:"
 	@echo "  * test:       run unit tests for $(GOPKG)"
 	@echo "  * test-cover: run unit tests and measure coverage for $(GOPKG)"
-	@echo "  * lint:       lint sources using default configuration"
-	@echo "  * lint-extra: lint sources using default configuration and some extra checkers"
+	@echo "  * lint:       lint sources using default configuration and some extra checkers"
 	@echo "  * presubmit:  check you are ready to push your local branch to remote"
 	@echo "  * help:       print this menu"
 	@echo "  * licenses:   check licenses of dependent packages"
diff --git a/README.md b/README.md
@@ -10,6 +10,13 @@ The [`corim/corim`](corim) and [`corim/comid`](comid) packages provide a golang
 > These API are still in active development (as is the underlying CoRIM spec).
 > They are **subject to change** in the future.
 
+## Required Tools
+
+Ensure you have the following tools installed with the specified versions on your machine to ensure everything works properly:
+
+- **Go**: Version 1.22
+- **golangci-lint**: Version 1.54.2
+
 ## Developer tips
 
 Before requesting a PR (and routinely during the dev/test cycle), you are encouraged to run:

diff --git a/comid/classid.go b/comid/classid.go
@@ -94,6 +94,8 @@ func (o *ClassID) UnmarshalCBOR(data []byte) error {
 //		uuid: standard UUID string representation, e.g. "550e8400-e29b-41d4-a716-446655440000"
 //		int: an integer value, e.g. 7
 //	 bytes: a variable length opaque bytes, example {0x07, 0x12, 0x34}
+
+//nolint:dupl
 func (o *ClassID) UnmarshalJSON(data []byte) error {
 	var tnv encoding.TypeAndValue
 

diff --git a/comid/comid.go b/comid/comid.go
@@ -242,6 +242,7 @@ func (o *Comid) AddDevIdentityKey(val KeyTriple) *Comid {
 	return o
 }
 
+// nolint:gocritic
 func (o Comid) Valid() error {
 	if err := o.TagIdentity.Valid(); err != nil {
 		return fmt.Errorf("tag-identity validation failed: %w", err)
@@ -267,6 +268,7 @@ func (o Comid) Valid() error {
 }
 
 // ToCBOR serializes the target Comid to CBOR
+// nolint:gocritic
 func (o Comid) ToCBOR() ([]byte, error) {
 	if err := o.Valid(); err != nil {
 		return nil, err
@@ -291,6 +293,7 @@ func (o *Comid) FromCBOR(data []byte) error {
 }
 
 // ToJSON serializes the target Comid to JSON
+// nolint:gocritic
 func (o Comid) ToJSON() ([]byte, error) {
 	if err := o.Valid(); err != nil {
 		return nil, err
@@ -314,6 +317,7 @@ func (o *Comid) FromJSON(data []byte) error {
 	return encoding.PopulateStructFromJSON(data, o)
 }
 
+// nolint:gocritic
 func (o Comid) ToJSONPretty(indent string) ([]byte, error) {
 	if err := o.Valid(); err != nil {
 		return nil, err

diff --git a/comid/environment_test.go b/comid/environment_test.go
@@ -58,6 +58,13 @@ func TestEnvironment_Valid_ok_with_class(t *testing.T) {
 	assert.Nil(t, err)
 }
 
+func TestEnvironment_ToCBOR_empty(t *testing.T) {
+	var actual Environment
+	_, err := actual.ToCBOR()
+
+	assert.EqualError(t, err, "environment must not be empty")
+}
+
 func TestEnvironment_ToCBOR_class_only(t *testing.T) {
 	tv := Environment{
 		Class: NewClassUUID(TestUUID),
@@ -75,6 +82,40 @@ func TestEnvironment_ToCBOR_class_only(t *testing.T) {
 	assert.Equal(t, expected, actual)
 }
 
+func TestEnvironment_ToCBOR_instance_only(t *testing.T) {
+	tv := Environment{
+		Instance: MustNewUEIDInstance(TestUEID),
+	}
+	require.NotNil(t, tv.Instance)
+
+	// {1: 550(h'02DEADBEEFDEAD')}
+	expected := MustHexDecode(t, "a101d902264702deadbeefdead")
+
+	actual, err := tv.ToCBOR()
+
+	fmt.Printf("CBOR: %x\n", actual)
+
+	assert.Nil(t, err)
+	assert.Equal(t, expected, actual)
+}
+
+func TestEnvironment_ToCBOR_group_only(t *testing.T) {
+	tv := Environment{
+		Group: MustNewUUIDGroup(TestUUID),
+	}
+	require.NotNil(t, tv.Group)
+
+	// {2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	expected := MustHexDecode(t, "a102d8255031fb5abf023e4992aa4e95f9c1503bfa")
+
+	actual, err := tv.ToCBOR()
+
+	fmt.Printf("CBOR: %x\n", actual)
+
+	assert.Nil(t, err)
+	assert.Equal(t, expected, actual)
+}
+
 func TestEnvironment_ToCBOR_class_and_instance(t *testing.T) {
 	tv := Environment{
 		Class:    NewClassUUID(TestUUID),
@@ -94,14 +135,16 @@ func TestEnvironment_ToCBOR_class_and_instance(t *testing.T) {
 	assert.Equal(t, expected, actual)
 }
 
-func TestEnvironment_ToCBOR_instance_only(t *testing.T) {
+func TestEnvironment_ToCBOR_class_and_group(t *testing.T) {
 	tv := Environment{
-		Instance: MustNewUEIDInstance(TestUEID),
+		Class: NewClassUUID(TestUUID),
+		Group: MustNewUUIDGroup(TestUUID),
 	}
-	require.NotNil(t, tv.Instance)
+	require.NotNil(t, tv.Class)
+	require.NotNil(t, tv.Group)
 
-	// {1: 550(h'02DEADBEEFDEAD')}
-	expected := MustHexDecode(t, "a101d902264702deadbeefdead")
+	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}, 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	expected := MustHexDecode(t, "a200a100d8255031fb5abf023e4992aa4e95f9c1503bfa02d8255031fb5abf023e4992aa4e95f9c1503bfa")
 
 	actual, err := tv.ToCBOR()
 
@@ -111,14 +154,16 @@ func TestEnvironment_ToCBOR_instance_only(t *testing.T) {
 	assert.Equal(t, expected, actual)
 }
 
-func TestEnvironment_ToCBOR_group_only(t *testing.T) {
+func TestEnvironment_ToCBOR_instance_and_group(t *testing.T) {
 	tv := Environment{
-		Group: MustNewUUIDGroup(TestUUID),
+		Instance: MustNewUEIDInstance(TestUEID),
+		Group:    MustNewUUIDGroup(TestUUID),
 	}
+	require.NotNil(t, tv.Instance)
 	require.NotNil(t, tv.Group)
 
-	// {2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
-	expected := MustHexDecode(t, "a102d8255031fb5abf023e4992aa4e95f9c1503bfa")
+	// {1: 550(h'02DEADBEEFDEAD'), 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	expected := MustHexDecode(t, "a201d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa")
 
 	actual, err := tv.ToCBOR()
 
@@ -128,20 +173,25 @@ func TestEnvironment_ToCBOR_group_only(t *testing.T) {
 	assert.Equal(t, expected, actual)
 }
 
-func TestEnvironment_FromCBOR_empty(t *testing.T) {
-	tv := MustHexDecode(t, "a0")
+func TestEnvironment_ToCBOR_class_and_instance_and_group(t *testing.T) {
+	tv := Environment{
+		Class:    NewClassUUID(TestUUID),
+		Instance: MustNewUEIDInstance(TestUEID),
+		Group:    MustNewUUIDGroup(TestUUID),
+	}
+	require.NotNil(t, tv.Class)
+	require.NotNil(t, tv.Instance)
+	require.NotNil(t, tv.Group)
 
-	var actual Environment
-	err := actual.FromCBOR(tv)
+	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}, 1: 550(h'02DEADBEEFDEAD'), 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	expected := MustHexDecode(t, "a300a100d8255031fb5abf023e4992aa4e95f9c1503bfa01d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa")
 
-	assert.EqualError(t, err, "environment must not be empty")
-}
+	actual, err := tv.ToCBOR()
 
-func TestEnvironment_ToCBOR_empty(t *testing.T) {
-	var actual Environment
-	_, err := actual.ToCBOR()
+	fmt.Printf("CBOR: %x\n", actual)
 
-	assert.EqualError(t, err, "environment must not be empty")
+	assert.Nil(t, err)
+	assert.Equal(t, expected, actual)
 }
 
 func TestEnvironment_FromCBOR_unknown_map_entry(t *testing.T) {
@@ -155,6 +205,15 @@ func TestEnvironment_FromCBOR_unknown_map_entry(t *testing.T) {
 	assert.EqualError(t, err, "environment must not be empty")
 }
 
+func TestEnvironment_FromCBOR_empty(t *testing.T) {
+	tv := MustHexDecode(t, "a0")
+
+	var actual Environment
+	err := actual.FromCBOR(tv)
+
+	assert.EqualError(t, err, "environment must not be empty")
+}
+
 func TestEnvironment_FromCBOR_class_only(t *testing.T) {
 	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}}
 	tv := MustHexDecode(t, "a100a100d8255031fb5abf023e4992aa4e95f9c1503bfa")
@@ -169,6 +228,34 @@ func TestEnvironment_FromCBOR_class_only(t *testing.T) {
 	assert.Nil(t, actual.Group)
 }
 
+func TestEnvironment_FromCBOR_instance_only(t *testing.T) {
+	// {1: 550(h'02DEADBEEFDEAD')}
+	tv := MustHexDecode(t, "a101d902264702deadbeefdead")
+
+	var actual Environment
+	err := actual.FromCBOR(tv)
+
+	assert.Nil(t, err)
+	assert.Nil(t, actual.Class)
+	assert.NotNil(t, actual.Instance)
+	assert.Equal(t, []byte(TestUEID), actual.Instance.Bytes())
+	assert.Nil(t, actual.Group)
+}
+
+func TestEnvironment_FromCBOR_group_only(t *testing.T) {
+	// {2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	tv := MustHexDecode(t, "a102d8255031fb5abf023e4992aa4e95f9c1503bfa")
+
+	var actual Environment
+	err := actual.FromCBOR(tv)
+
+	assert.Nil(t, err)
+	assert.Nil(t, actual.Class)
+	assert.Nil(t, actual.Instance)
+	assert.NotNil(t, actual.Group)
+	assert.Equal(t, TestUUIDString, actual.Group.String())
+}
+
 func TestEnvironment_FromCBOR_class_and_instance(t *testing.T) {
 	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}, 1: 550(h'02DEADBEEFDEAD')}
 	tv := MustHexDecode(t, "a200a100d8255031fb5abf023e4992aa4e95f9c1503bfa01d902264702deadbeefdead")
@@ -184,20 +271,52 @@ func TestEnvironment_FromCBOR_class_and_instance(t *testing.T) {
 	assert.Nil(t, actual.Group)
 }
 
-func TestEnvironment_FromCBOR_group_only(t *testing.T) {
-	// {2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
-	tv := MustHexDecode(t, "a102d8255031fb5abf023e4992aa4e95f9c1503bfa")
+func TestEnvironment_FromCBOR_class_and_group(t *testing.T) {
+	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}, 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	tv := MustHexDecode(t, "a200a100d8255031fb5abf023e4992aa4e95f9c1503bfa02d8255031fb5abf023e4992aa4e95f9c1503bfa")
 
 	var actual Environment
 	err := actual.FromCBOR(tv)
 
 	assert.Nil(t, err)
-	assert.Nil(t, actual.Class)
+	assert.NotNil(t, actual.Class)
+	assert.Equal(t, TestUUIDString, actual.Class.ClassID.String())
 	assert.Nil(t, actual.Instance)
 	assert.NotNil(t, actual.Group)
 	assert.Equal(t, TestUUIDString, actual.Group.String())
 }
 
+func TestEnvironment_FromCBOR_instance_and_group(t *testing.T) {
+	// {1: 550(h'02DEADBEEFDEAD'), 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	tv := MustHexDecode(t, "a201d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa")
+
+	var actual Environment
+	err := actual.FromCBOR(tv)
+
+	assert.Nil(t, err)
+	assert.Nil(t, actual.Class)
+	assert.NotNil(t, actual.Instance)
+	assert.Equal(t, []byte(TestUEID), actual.Instance.Bytes())
+	assert.NotNil(t, actual.Group)
+	assert.Equal(t, TestUUIDString, actual.Group.String())
+}
+
+func TestEnvironment_FromCBOR_class_and_instance_and_group(t *testing.T) {
+	// {0: {0: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}, 1: 550(h'02DEADBEEFDEAD'), 2: 37(h'31FB5ABF023E4992AA4E95F9C1503BFA')}
+	tv := MustHexDecode(t, "a300a100d8255031fb5abf023e4992aa4e95f9c1503bfa01d902264702deadbeefdead02d8255031fb5abf023e4992aa4e95f9c1503bfa")
+
+	var actual Environment
+	err := actual.FromCBOR(tv)
+
+	assert.Nil(t, err)
+	assert.NotNil(t, actual.Class)
+	assert.Equal(t, TestUUIDString, actual.Class.ClassID.String())
+	assert.NotNil(t, actual.Instance)
+	assert.Equal(t, []byte(TestUEID), actual.Instance.Bytes())
+	assert.NotNil(t, actual.Group)
+	assert.Equal(t, TestUUIDString, actual.Group.String())
+}
+
 func TestEnviroment_JSON(t *testing.T) {
 	testEnv := Environment{
 		Class: NewClassUUID(TestUUID),

diff --git a/comid/example_cca_realm_refval_test.go b/comid/example_cca_realm_refval_test.go
@@ -77,12 +77,12 @@ func extractRealmRefVal(rv ValueTriple) error {
 	}
 	return nil
 }
-
 func extractMeasurements(m Measurements) error {
 	if len(m.Values) == 0 {
 		return fmt.Errorf("no measurements")
 	}
-	for i, meas := range m.Values {
+	for i := range m.Values {
+		meas := &m.Values[i]
 		if err := extractMeasurement(meas); err != nil {
 			return fmt.Errorf("extracting measurement at index %d: %w", i, err)
 		}
@@ -91,7 +91,7 @@ func extractMeasurements(m Measurements) error {
 	return nil
 }
 
-func extractMeasurement(m Measurement) error {
+func extractMeasurement(m *Measurement) error {
 	if err := extractRealmPersonalizationValue(m.Val.RawValue); err != nil {
 		return fmt.Errorf("extracting realm personalization value: %w", err)
 	}

diff --git a/comid/example_cca_refval_test.go b/comid/example_cca_refval_test.go
@@ -58,7 +58,8 @@ func extractCCARefVal(rv ValueTriple) error {
 		return fmt.Errorf("extracting impl-id: %w", err)
 	}
 
-	for i, m := range rv.Measurements.Values {
+	for i := range rv.Measurements.Values {
+		m := &rv.Measurements.Values[i]
 		if m.Key == nil {
 			return fmt.Errorf("missing mKey at index %d", i)
 		}
@@ -75,10 +76,10 @@ func extractCCARefVal(rv ValueTriple) error {
 				return fmt.Errorf("extracting cca-refval-id: %w", err)
 			}
 			if err := extractRawValue(m.Val.RawValue); err != nil {
-				return fmt.Errorf("extracting raw vlue: %w", err)
+				return fmt.Errorf("extracting raw value: %w", err)
 			}
 		default:
-			return fmt.Errorf("unexpected  Mkey type: %T", t)
+			return fmt.Errorf("unexpected Mkey type: %T", t)
 		}
 	}