Add PSA profile support for issue #331 #339
Conversation
- Add support for new PSA endorsements profile 'tag:arm.com,2025:psa#1.0.0' - Maintain backward compatibility with legacy profile 'http://arm.com/psa/iot/1' - Update scheme.go to support both signed and unsigned CoRIM with new profile - Update corim_extractor.go profile validation for both old and new profiles - Add comprehensive test coverage for profile support - Prepare foundation for PSA software component support Signed-off-by: Sukuna0007Abhi <[email protected]>
| func (o *CorimExtractor) SetProfile(profile string) { | ||
| o.Profile = profile | ||
| } | ||
| // Copyright 2022-2024 Contributors to the Veraison project. |
There was a problem hiding this comment.
Please update year in copyright
| "reflect" | ||
|
|
||
| "github.com/veraison/corim/comid" | ||
| // "github.com/veraison/corim/comid/psa" |
There was a problem hiding this comment.
Please remove commented code
| var refVal *handler.Endorsement | ||
| var err error | ||
|
|
||
| if o.Profile != "http://arm.com/psa/iot/1" && o.Profile != "tag:arm.com,2025:psa#1.0.0" { |
There was a problem hiding this comment.
This check can be done before the for loop -- there is no need to re-do it on each iteration of the loop.
| // reference-triple-record SHALL completely describe the updatable PSA RoT. | ||
| for i, m := range rv.Measurements.Values { | ||
| if m.Key == nil { | ||
| return nil, fmt.Errorf("measurement key is not present") |
There was a problem hiding this comment.
Should add the index to the error message (as below).
| if err != nil { | ||
| return nil, fmt.Errorf("unable to extract measurement at index %d, %w", i, err) | ||
| } | ||
| // TODO: Uncomment when PSA profile dependency is available |
There was a problem hiding this comment.
Do not do this.
If there is already an open pull request that implements the required dependency on the corim repo, link to it in the description of this pull, indicating it as prerequisite for this pull (note that you would need to update the go.mod in this pull once that is meraged).
If that does not yet exist, then close this pull request (or mark it as draft) and re-open it once the depency is available.
There was a problem hiding this comment.
I attached the PR's related to it here : veraison/corim#221 & this veraison/cocli/pull/43
2 participants
Summary
This PR implements support for the new PSA endorsements profile
tag:arm.com,2025:psa#1.0.0as requested in issue #331, while maintaining backward compatibility with the legacy profilehttp://arm.com/psa/iot/1.Changes Made
Key Features
tag:arm.com,2025:psa#1.0.0http://arm.com/psa/iot/1Testing
All existing tests pass, and new tests verify that both profile URIs are properly supported.
Fixes #331