Imagine a HW Register which has two possible reference values: 0 and 1. I am trying to find out the complete list of spec allowed methods and have listed 4 options below. Can I please get feedback on the allowed list of spec compliant options?
Option 1 (Use anonymous values in measurement-values-map. Violation of spec)
The approach below looks conceptually most reasonable to me but violates "Two or more measurement-map entries within the same environment MUST populate mkey". Is there a reason, though, why spec prohibits multiple anonymous measurement-map entries when they correspond to same measured element and no other measured element is part of same environment?
Note: Veraison/cocli does not throw any error with the option below
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"value": {
"raw-value": {
"type": "bytes",
"value": "AA=="
}
}
},
{
"value": {
"raw-value": {
"type": "bytes",
"value": "AQ=="
}
}
}
]
}
Option 2 (Duplicate the environment while using anonymous value in measurement-values-map to side step spec violation)
The approach below does not seem to violate "Two or more measurement-map entries within the same environment MUST populate mkey" but is effectively the same as Option 1.
Question: Is there any text in spec that prevents the below? Is the verifier supposed to reject a CoRIM that looks like below?
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"value": {
"raw-value": {
"type": "bytes",
"value": "AA=="
}
}
}
]
}
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"value": {
"raw-value": {
"type": "bytes",
"value": "AQ=="
}
}
}
]
}
Option 3 (Dummy mkey to meet spec requirement of no more than 1 anonymous measurement-values-map)
Notice that I have used the same mkey value for both reference values since if I give them different names, there is no way for verifier to know that they correspond to the same measured element. This option seems appears unclean since it forces both evidence and CoRIM to have dummy mkey
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"key": {
"type": "string",
"value": "Allowed value"
},
"value": {
"raw-value": {
"type": "bytes",
"value": "AA=="
}
}
},
{
"key": {
"type": "string",
"value": "Allowed value"
},
"value": {
"raw-value": {
"type": "bytes",
"value": "AQ=="
}
}
}
]
}
Option 4 (Same as Option 2 but using mkey in case Option 2 is disallowed)
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"key": {
"type": "string",
"value": "Allowed value"
},
"value": {
"raw-value": {
"type": "bytes",
"value": "AA=="
}
}
}
]
}
{
"environment": {
"class": {
"vendor": "ACME",
"model": "HW Register Value"
}
},
"measurements": [
{
"key": {
"type": "string",
"value": "Allowed value"
},
"value": {
"raw-value": {
"type": "bytes",
"value": "AQ=="
}
}
}
]
}
Imagine a HW Register which has two possible reference values: 0 and 1. I am trying to find out the complete list of spec allowed methods and have listed 4 options below. Can I please get feedback on the allowed list of spec compliant options?
Option 1 (Use anonymous values in measurement-values-map. Violation of spec)
The approach below looks conceptually most reasonable to me but violates "Two or more measurement-map entries within the same environment MUST populate mkey". Is there a reason, though, why spec prohibits multiple anonymous measurement-map entries when they correspond to same measured element and no other measured element is part of same environment?
Note: Veraison/cocli does not throw any error with the option below
Option 2 (Duplicate the environment while using anonymous value in measurement-values-map to side step spec violation)
The approach below does not seem to violate "Two or more measurement-map entries within the same environment MUST populate mkey" but is effectively the same as Option 1.
Question: Is there any text in spec that prevents the below? Is the verifier supposed to reject a CoRIM that looks like below?
Option 3 (Dummy mkey to meet spec requirement of no more than 1 anonymous measurement-values-map)
Notice that I have used the same mkey value for both reference values since if I give them different names, there is no way for verifier to know that they correspond to the same measured element. This option seems appears unclean since it forces both evidence and CoRIM to have dummy mkey
Option 4 (Same as Option 2 but using mkey in case Option 2 is disallowed)