Add real world examples

Signed-off-by: Yogesh Deshpande <[email protected]>
veraison · Dec 19, 2023 · e77fee7 · e77fee7
1 parent 7bf707f
commit e77fee7
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 13 deletions.
diff --git a/cocli/CORIM.md b/cocli/CORIM.md
@@ -14,7 +14,7 @@ together with the CBOR-encoded CoMIDs, CoSWIDs and/or CoTS to be embedded.
 * Please inspect `corim` JSON templates as examples under `data/corim/templates` `corim-*.json`
 
 ```
-$ cocli corim create --template data/corim/templates/corim-full.json --comid comid-dice-refval.cbor --coswid data/coswid/1.cbor --cots data/cots/vendor.cbor
+$ cocli corim create --template data/corim/templates/corim-full.json --comid data/comid/comid-dice-refval.cbor --coswid data/coswid/1.cbor --cots data/cots/vendor.cbor
 ```
 On success, you should see something like the following printed to stdout:
 ```
@@ -25,7 +25,7 @@ The CBOR-encoded CoRIM file is stored in the current working directory with a
 name derived from its template.  If you want, you can specify a different
 file name using the `--output` command line switch (abbrev. `-o`):
 ```
-$ cocli corim create -t data/corim/templates/corim-full.json -m comid-dice-refval.cbor -s data/coswid/1.cbor -c data/cots/c1.cbor -o my-corim.cbor
+$ cocli corim create -t data/corim/templates/corim-full.json -m data/comid/comid-dice-refval.cbor -s data/coswid/1.cbor -c data/cots/c1.cbor -o my-corim.cbor
 >> created "my-corim.cbor" from "corim-full.json"
 ```
 
@@ -67,11 +67,11 @@ $ cocli corim sign --file corim.cbor --key ec-p256.jwk --meta meta.json
 ```
 Or, the same but with a custom output file:
 ```
-$ cocli corim sign --file data/corim/corim.cbor \
+$ cocli corim sign --file data/corim/corim-full.cbor \
                  --key data/keys/ec-p256.jwk \
-                 --meta meta.json \
+                 --meta data/corim/templates/meta-full.json \
                  --output /var/spool/signed-corim.cbor
->> "corim.cbor" signed and saved to "/var/spool/signed-corim.cbor"
+>> "corim-full.cbor" signed and saved to "/var/spool/corim-signed.cbor"
 ```
 
 ## Verify
@@ -81,18 +81,18 @@ supplied via the `--file` switch (abbrev. `-f`).  The signature is checked
 using the key supplied via the `--key` switch (abbrev. `-k`), which is expected
 to be in [JWK](https://www.rfc-editor.org/rfc/rfc7517) format.  For example:
 ```
-$ cocli corim verify --file data/corim/signed-corim.cbor --key data/keys/ec-p256.jwk
->> "signed-corim.cbor" verified
+$ cocli corim verify --file data/corim/corim-signed.cbor --key data/keys/ec-p256.jwk
+>> "corim-signed.cbor" verified
 ```
 
 Verification can fail either because the cryptographic processing fails or
 because the signed payload or protected headers are themselves invalid.  For example:
 ```
-$ cocli corim verify --file data/corim/signed-corim-bad-signature.cbor --key data/keys/ec-p256.jwk
+$ cocli corim verify --file data/corim/corim-signed-bad-signature.cbor --key data/keys/ec-p256.jwk
 ```
 will give
 ```
-Error: error verifying signed-corim-bad-signature.cbor with key ec-p256.jwk: verification failed ecdsa.Verify
+Error: error verifying corim-signed-bad-signature.cbor with key ec-p256.jwk: verification failed ecdsa.Verify
 ```
 
 ## Display
@@ -107,7 +107,7 @@ validation errors will be printed instead.
 The output has two logical sections: one for Meta and one for the (unsigned)
 CoRIM:
 ```
-$ cocli corim display --file data/corim/signed-corim.cbor
+$ cocli corim display --file data/corim/corim-signed.cbor
 Meta:
 {
   "signer": {
@@ -131,7 +131,7 @@ will see is the base64 encoding of their CBOR serialisation.  If you want to
 peek at the tags' content, supply the `--show-tags` (abbrev. `-v`) switch, which
 will add a further Tags section with one entry per each expanded tag:
 ```
-$ cocli corim display --file data/corim/signed-corim.cbor --show-tags
+$ cocli corim display --file data/corim/corim-signed.cbor --show-tags
 Meta:
 {
 [...]
@@ -174,7 +174,7 @@ well as any parent folder exists prior to issuing the command.
 
 On success, the found CoMIDs, CoSWIDs, CoTS are saved in CBOR format:
 ```
-$ cocli corim extract --file data/corim/signed-corim.cbor --output-dir output.d/
+$ cocli corim extract --file data/corim/corim-signed.cbor --output-dir output.d/
 $ tree output.d/
 output.d/
 ├── 000000-comid.cbor

diff --git a/cocli/COTS.md b/cocli/COTS.md
@@ -39,7 +39,7 @@ validation error will be printed alongside the corresponding file name.
 
 For example:
 ```
-$ cocli cots display --file c1.cbor
+$ cocli cots display --file vendor.cbor
 ```
 provided the `vendor.cbor` file contains valid CoTS, would print something like:
 ```

diff --git a/cocli/data/corim/corim-full.cbor b/cocli/data/corim/corim-full.cbor
diff --git a/cocli/data/corim/corim-signed-bad-signature.cbor b/cocli/data/corim/corim-signed-bad-signature.cbor
diff --git a/cocli/data/corim/corim-signed.cbor b/cocli/data/corim/corim-signed.cbor