From 230cde6ed8752d379ed29e00769bf0761d7437a7 Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@arm.com>
Date: Thu, 3 Mar 2022 19:09:36 +0000
Subject: [PATCH] Initial stab at the schema

Partially addresses #2
---
 README.md                          | 18 +++++++-
 gluecose-schema.cddl               | 73 ++++++++++++++++++++++++++++++
 misc/gocose-result-sign1-0000.json | 11 +++++
 sign1-0000.json                    | 34 ++++++++++++++
 4 files changed, 134 insertions(+), 2 deletions(-)
 create mode 100644 gluecose-schema.cddl
 create mode 100644 misc/gocose-result-sign1-0000.json
 create mode 100644 sign1-0000.json

diff --git a/README.md b/README.md
index 09b58ef..da291d5 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,16 @@
-# test-vectors
-Repository to hold the various test inputs 
+# GlueCOSE Validation Suite
+
+**Caution: this is a work in progress in its very early stage.**
+
+This is a repository of GlueCOSE test cases.  Eventually, this will morph in to
+the GlueCOSE validation suite.
+
+Here's a first stab at the [CDDL schema](gluecose-schema.cddl) for specifying
+test cases as well as their results.
+
+And here's the first test case for a [successful Sign1](sign1-0000.json) that
+has been [validated](misc/gocose-result-sign1-0000.json) using the go-cose
+implementation.
+
+Implementation note: use `/dev/zero` as PRNG in order to make the randomised
+test deterministic.
diff --git a/gluecose-schema.cddl b/gluecose-schema.cddl
new file mode 100644
index 0000000..d8fd940
--- /dev/null
+++ b/gluecose-schema.cddl
@@ -0,0 +1,73 @@
+start = TestCaseInput / TestCaseOutput
+
+TestCaseInput = {
+  uuid: text ; unique identifier for the test case
+  ? title: text
+  ? description: text
+  operation
+}
+
+TestCaseOutput = {
+  uuid: text ; unique identifier for the test case
+  implementation: Implementation
+  executionTs: text ; RFC3339 date-time
+  result: Result
+}
+
+Result /= "success"
+Result /= "skipped"
+Result /= "failure"
+
+Implementation = {
+  name: text
+  version: text
+  publicRepoURL: text
+  license: text
+}
+
+operation //= ( "sign1" => OpSign1 )
+operation //= ( "sign" => TODO ) 
+operation //= ( "encrypt" => TODO )
+operation //= ( "encrypt0" => TODO )
+operation //= ( "mac" => TODO )
+operation //= ( "mac0" => TODO )
+
+TODO = "todo"
+
+OpSign1 = {
+  input: Sign1Input
+  intermediate: Sign1Intermediate
+  output
+}
+
+output //= ( "expectedOutput" => CBORBlob )
+output //= ( "expectedFailure" => text )  ; failure reason
+
+Sign1Input = {
+  key: JWK
+  alg: SignAlgo
+  payload: HexString
+  protectedHeaders: CBORBlob
+  unprotectedHeaders: CBORBlob
+  ? external: HexString
+}
+
+Sign1Intermediate = {
+  tbsHex: HexString
+}
+
+CBORBlob = {
+  cborHex: HexString
+  cborDiag: text
+}
+
+HexString = text .regexp "([a-f0-9]{2})+"
+
+; See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+SignAlgo /= "ES256"
+SignAlgo /= "ES384"
+; SignAlgo /= TODO
+
+JWK = {
+  + text => text
+}
\ No newline at end of file
diff --git a/misc/gocose-result-sign1-0000.json b/misc/gocose-result-sign1-0000.json
new file mode 100644
index 0000000..6b9a05a
--- /dev/null
+++ b/misc/gocose-result-sign1-0000.json
@@ -0,0 +1,11 @@
+{
+  "uuid": "66584A57-390B-4A52-B7B6-B7CA4FC4204F",
+  "implementation": {
+    "name": "go-cose",
+    "version": "0.0.1",
+    "publicRepoURL": "https://github.com/veraison/go-cose",
+    "license": "MPL 2.0"
+  },
+  "executionTs": "2022-03-03T18:49:03Z",
+  "result": "success"
+}
diff --git a/sign1-0000.json b/sign1-0000.json
new file mode 100644
index 0000000..61298aa
--- /dev/null
+++ b/sign1-0000.json
@@ -0,0 +1,34 @@
+{
+  "uuid": "66584A57-390B-4A52-B7B6-B7CA4FC4204F",
+  "title": "Let's go",
+  "description": "First attempt at drafting a Sign1 test case",
+  "sign1": {
+    "input": {
+      "key": {
+        "kty": "EC",
+        "crv": "P-256",
+        "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
+        "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
+        "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+      },
+      "alg": "ES256",
+      "payload": "546869732069732074686520636f6e74656e742e",
+      "protectedHeaders": {
+        "cborHex": "a10126",
+        "cborDiag": "{1: -7}"
+      },
+      "unprotectedHeaders": {
+        "cborHex": "a104423131",
+        "cborDiag": "{4: h'3131'}"
+      },
+      "external": "11aa22bb33cc44dd55006699"
+    },
+    "intermediate": {
+      "tbsHex": "846a5369676e61747572653143a101264c11aa22bb33cc44dd5500669954546869732069732074686520636f6e74656e742e"
+    },
+    "expectedOutput": {
+      "cborHex": "d28443a10126a10442313154546869732069732074686520636f6e74656e742e58403a7487d9a528cb61dd8e99bd652c12577fc47d70ee5af2e703c420584f060fc7a8d61e4a35862b2b531a8447030ab966aeed8dd45ebc507c761431e349995770",
+      "cborDiag": "18([h'A10126', {4: h'3131'}, h'546869732069732074686520636F6E74656E742E', h'3A7487D9A528CB61DD8E99BD652C12577FC47D70EE5AF2E703C420584F060FC7A8D61E4A35862B2B531A8447030AB966AEED8DD45EBC507C761431E349995770'])"
+    }
+  }
+}