Skip to content

Allow multiple source documents #43

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
keks wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Allow multiple source documents #43

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 27 additions & 14 deletions checksets/01-leaf_node.dhall
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,14 @@ let descText =
</ul>
''

let desc = types.RfcRef/single descText "section-7.3"
let desc = types.DocumentRef/single descText types.Document.MlsRfc "section-7.3"

let checks =
[ types.Check/new
1
( types.RfcRef/single
( types.DocumentRef/single
"Verify that the credential in the LeafNode is valid, as described in Section 5.3.1."
types.Document.MlsRfc
"section-7.3-4.1"
)
types.Status.Unknown
Expand All @@ -30,17 +31,19 @@ let checks =
)
, types.Check/new
2
( types.RfcRef/single
( types.DocumentRef/single
"Verify that the signature on the LeafNode is valid using signature_key."
types.Document.MlsRfc
"section-7.3-4.2"
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
3
( types.RfcRef/single
( types.DocumentRef/single
"Verify that the LeafNode is compatible with the group's parameters. If the GroupContext has a required_capabilities extension, then the required extensions, proposals, and credential types MUST be listed in the LeafNode's capabilities field."
types.Document.MlsRfc
"section-7.3-4.3"
)
types.Status.Complete
Expand All @@ -52,28 +55,30 @@ let checks =
)
, types.Check/new
4
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the credential type is supported by all members of
the group, as specified by the capabilities field of each member's
LeafNode, and that the capabilities field of this LeafNode
indicates support for all the credential types currently in use by
other members.
''
types.Document.MlsRfc
"section-7.3-4.4"
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
5
( types.RfcRef/new
( types.DocumentRef/new
''
Verify the `lifetime` field: If the LeafNode appears in a message
being sent by the client, e.g., a Proposal or a Commit, then the
client MUST verify that the current time is within the range of
the lifetime field.
''
types.Document.MlsRfc
[ "section-7.3-4.5.1", "section-7.3-4.5.2.1" ]
)
types.Status.Complete
Expand All @@ -86,7 +91,7 @@ let checks =
)
, types.Check/new
6
( types.RfcRef/new
( types.DocumentRef/new
''
Verify the `lifetime` field: If instead the LeafNode appears in a
message being received by the client, e.g., a Proposal, a Commit,
Expand All @@ -96,93 +101,101 @@ let checks =
mandatory because the LeafNode might have expired in the time
between when the message was sent and when it was received.)
''
types.Document.MlsRfc
[ "section-7.3-4.5.1", "section-7.3-4.5.2.2" ]
)
types.Status.Complete
types.Status.Missing
types.Notes/empty
, types.Check/new
7
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the extensions in the LeafNode are supported by
checking that the ID for each extension in the extensions field
is listed in the capabilities.extensions field of the LeafNode.
''
types.Document.MlsRfc
"section-7.3-4.6"
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
8
( types.RfcRef/new
( types.DocumentRef/new
''
Verify the `leaf_node_source` field: If the LeafNode appears in
a KeyPackage, verify that leaf_node_source is set to key_package.
''
types.Document.MlsRfc
[ "section-7.3-4.7.1", "section-7.3-4.7.2.1" ]
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
9
( types.RfcRef/new
( types.DocumentRef/new
''
Verify the `leaf_node_source` field: If the LeafNode appears in an
Update proposal, verify that leaf_node_source is set to update and
that encryption_key represents a different public key than the
encryption_key in the leaf node being replaced by the Update proposal.
''
types.Document.MlsRfc
[ "section-7.3-4.7.1", "section-7.3-4.7.2.2" ]
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
10
( types.RfcRef/new
( types.DocumentRef/new
''
Verify the `leaf_node_source` field: If the LeafNode appears in the
leaf_node value of the UpdatePath in a Commit, verify that
leaf_node_source is set to commit.
''
types.Document.MlsRfc
[ "section-7.3-4.7.1", "section-7.3-4.7.2.3" ]
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
11
( types.RfcRef/new
( types.DocumentRef/new
''
Verify that the following fields are unique among the members of
the group: `signature_key`
''
types.Document.MlsRfc
[ "section-7.3-4.8.1", "section-7.3-4.7.8.1" ]
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
12
( types.RfcRef/new
( types.DocumentRef/new
''
Verify that the following fields are unique among the members of
the group: `encryption_key`
''
types.Document.MlsRfc
[ "section-7.3-4.8.1", "section-7.3-4.7.8.2" ]
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
13
( types.RfcRef/new
( types.DocumentRef/new
''
Verify that the credential type used in the LeafNode is included in the credentials field of the capabilities field.
''
types.Document.MlsRfc
[ "section-7.2-7" ]
)
types.Status.Complete
Expand Down
18 changes: 12 additions & 6 deletions checksets/02-key_package.dhall
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,28 +13,31 @@ let descText =
</ul
''

let desc = types.RfcRef/single descText "section-10.1"
let desc =
types.DocumentRef/single descText types.Document.MlsRfc "section-10.1"

let checks =
[ types.Check/new
1
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the cipher suite and protocol version of the KeyPackage
match those in the GroupContext.
''
types.Document.MlsRfc
"section-10.1-4.1"
)
types.Status.Complete
types.Status.Complete
types.Notes/empty
, types.Check/new
2
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the leaf_node of the KeyPackage is valid for a KeyPackage
according to Section 7.3.
''
types.Document.MlsRfc
"section-10.1-4.2"
)
types.Status.Complete
Expand All @@ -47,11 +50,12 @@ let checks =
)
, types.Check/new
3
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the signature on the KeyPackage is valid using the public
key in `leaf_node.credential`.
''
types.Document.MlsRfc
"section-10.1-4.3"
)
types.Status.Complete
Expand All @@ -64,24 +68,26 @@ let checks =
)
, types.Check/new
4
( types.RfcRef/single
( types.DocumentRef/single
''
Verify that the value of `leaf_node.encryption_key` is different from
the value of the `init_key` field.
''
types.Document.MlsRfc
"section-10.1-4.4"
)
types.Status.Complete
types.Status.Unknown
types.Notes/empty
, types.Check/new
5
( types.RfcRef/single
( types.DocumentRef/single
''
If a client receives a KeyPackage carried within an MLSMessage object, then it MUST
verify that the version field of the KeyPackage has the same value as the version
field of the MLSMessage.
''
types.Document.MlsRfc
"section-10-7"
)
types.Status.Complete
Expand Down
Loading