Update comid-5.diag

nedmsmith · nedmsmith · commit bfa4cfd96d57 · 2024-11-13T10:43:24.000-08:00
added examples for identity and attest-key triples that exercises the optional conditions map
diff --git a/cddl/examples/comid-5.diag b/cddl/examples/comid-5.diag
@@ -16,10 +16,10 @@
             / layer / 3 : 1
           }
         },
-        [
+        / key-list / [
           / tagged-pkix-base64-key-type / 554("base64_key_X"),
-          / tagged-pkix-base64-cert-type / 555("base64_cert"),
-          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path"),
+          / tagged-pkix-base64-cert-type / 555("base64_cert_Y"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Z"),
           / tagged-thumbprint-type / 557([
             / alg / 1, / sha256 /
             / value / h'44aa336af4cb14a879432e53dd6571c7fa9bccafb75f488259262d6ea3a4d91b'
@@ -38,6 +38,130 @@
             / value / h'66aa336af4cb14a879432e53dd6571c7fa9bccafb75f488259262d6ea3a4d91b'
           ])
         ]
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e38' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / mkey / 0 : "thing 1"
+        }
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e39' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / mkey / 0 : "thing 2",
+          / authorized-by / 1: [
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_A"),
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_B")
+          ]
+        }
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e40' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / authorized-by / 1: [
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_A"),
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_B")
+          ]
+        }
+      ]
+    ],
+/ attest-key-triples / 3 : [ 
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37(
+                h'67b28b6c34cc40a19117ab5b05911e37'
+              ),
+            / vendor / 1 : "ACME Inc.",
+            / model / 2 : "ACME RoadRunner",
+            / layer / 3 : 1
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-key-type / 554("base64_key_X"),
+          / tagged-pkix-base64-cert-type / 555("base64_cert_Y"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Z")
+        ]
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e30' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / mkey / 0 : "thing 1"
+        }
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e31' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / mkey / 0 : "thing 2",
+          / authorized-by / 1: [
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_A"),
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_B")
+          ]
+        }
+      ],
+      [
+        / environment-map / {
+          / class / 0 : {
+            / class-id / 0 :
+              / tagged-uuid-type / 37( h'67b28b6c34cc40a19117ab5b05911e32' )
+          }
+        },
+        / key-list / [
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_X"),
+          / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_Y")
+        ],
+        / conditions / {
+          / authorized-by / 1: [
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_A"),
+            / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_B")
+          ]
+        }
       ]
     ]
   }
