From f101fa940a0a9813fc8138da5db6dd637fd26bc0 Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@arm.com>
Date: Mon, 28 Mar 2022 17:49:15 +0100
Subject: [PATCH 1/6] assorted fixes for the 0-th test vector

* fix indentation
* add missing external data
* fix string encoding in diagnostic CBOR
* set a sensible title and description

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 sign1-sign-0000.json   | 9 +++++----
 sign1-verify-0000.json | 4 ++--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/sign1-sign-0000.json b/sign1-sign-0000.json
index edfff30..940721c 100644
--- a/sign1-sign-0000.json
+++ b/sign1-sign-0000.json
@@ -1,8 +1,8 @@
 {
   "uuid": "D55A49BD-53D9-42B1-9E76-E0CF2AD33E9D",
-  "title": "And another one...",
-  "description": "Second attempt at a Sign1 test case (sign)",
-   "key": {
+  "title": "Sign1 w/ external input - ECDSA w/ SHA-256 (sign)",
+  "description": "Sign with one signer using ECDSA w/ SHA-256 supplying external input",
+  "key": {
     "kty": "EC",
     "crv": "P-256",
     "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
@@ -22,8 +22,9 @@
     },
     "tbsHex": {
       "cborHex": "846a5369676e61747572653143a101264c11aa22bb33cc44dd5500669954546869732069732074686520636f6e74656e742e",
-      "cborDiag": "['Signature1', h'A10126', h'11AA22BB33CC44DD55006699', h'546869732069732074686520636F6E74656E742E']"
+      "cborDiag": "[\"Signature1\", h'A10126', h'11AA22BB33CC44DD55006699', h'546869732069732074686520636F6E74656E742E']"
     },
+    "external": "11aa22bb33cc44dd55006699",
     "detached": false,
     "expectedOutput": {
       "cborHex": "d28443a10126a10442313154546869732069732074686520636f6e74656e742e58403a7487d9a528cb61dd8e99bd652c12577fc47d70ee5af2e703c420584f060fc7a8d61e4a35862b2b531a8447030ab966aeed8dd45ebc507c761431e349995770",
diff --git a/sign1-verify-0000.json b/sign1-verify-0000.json
index a66749e..edbbb31 100644
--- a/sign1-verify-0000.json
+++ b/sign1-verify-0000.json
@@ -1,7 +1,7 @@
 {
   "uuid": "66584A57-390B-4A52-B7B6-B7CA4FC4204F",
-  "title": "Let's go",
-  "description": "First attempt at drafting a Sign1 test case",
+  "title": "Sign1 w/ external input - ECDSA w/ SHA-256 (verify)",
+  "description": "Verify signature with one signer using ECDSA w/ SHA-256 supplying external input",
   "key": {
     "kty": "EC",
     "crv": "P-256",

From 3804a14c1015ad8ebcd47d5878be129026aafc0f Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@arm.com>
Date: Mon, 28 Mar 2022 20:00:37 +0100
Subject: [PATCH 2/6] add new Sign1 test vectors

* ECDSA w/ SHA-256 (sign)
* ECDSA w/ SHA-256 (successful verify)
* ECDSA w/ SHA-384 (sign)
* ECDSA w/ SHA-384 (successful verify)
* ECDSA w/ SHA-512 (sign)
* ECDSA w/ SHA-512 (successful verify)

Also add ES512 to the list of accepted algorithms in the schema

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 Makefile               |  3 +--
 gluecose-schema.cddl   |  3 ++-
 sign1-sign-0000.json   |  4 ++--
 sign1-sign-0001.json   | 34 ++++++++++++++++++++++++++++++++++
 sign1-sign-0002.json   | 35 +++++++++++++++++++++++++++++++++++
 sign1-sign-0003.json   | 36 ++++++++++++++++++++++++++++++++++++
 sign1-verify-0001.json | 20 ++++++++++++++++++++
 sign1-verify-0002.json | 21 +++++++++++++++++++++
 sign1-verify-0003.json | 22 ++++++++++++++++++++++
 9 files changed, 173 insertions(+), 5 deletions(-)
 create mode 100644 sign1-sign-0001.json
 create mode 100644 sign1-sign-0002.json
 create mode 100644 sign1-sign-0003.json
 create mode 100644 sign1-verify-0001.json
 create mode 100644 sign1-verify-0002.json
 create mode 100644 sign1-verify-0003.json

diff --git a/Makefile b/Makefile
index 9a37027..56cf7b3 100644
--- a/Makefile
+++ b/Makefile
@@ -2,8 +2,7 @@
 
 SCHEMA := gluecose-schema.cddl
 
-TESTS := sign1-verify-0000.json
-TESTS += sign1-sign-0000.json
+TESTS := $(wildcard sign1*.json)
 
 EXTRA := misc/gocose-result-sign1-verify-0000.json
 
diff --git a/gluecose-schema.cddl b/gluecose-schema.cddl
index ae86783..76d2d4a 100644
--- a/gluecose-schema.cddl
+++ b/gluecose-schema.cddl
@@ -56,6 +56,7 @@ HexString = text .regexp "([a-f0-9]{2})+"
 ; See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
 COSEAlgo /= "ES256"
 COSEAlgo /= "ES384"
+COSEAlgo /= "ES512"
 ; COSEAlgo /= TODO
 
 JWK = {
@@ -82,4 +83,4 @@ Implementation = {
   sourceLang: [ + text ]
   ? targetLang: [ + text ]
   deterministic: bool
-}
\ No newline at end of file
+}
diff --git a/sign1-sign-0000.json b/sign1-sign-0000.json
index 940721c..cee5cb5 100644
--- a/sign1-sign-0000.json
+++ b/sign1-sign-0000.json
@@ -18,7 +18,7 @@
     },
     "unprotectedHeaders": {
       "cborHex": "a104423131",
-      "cborDiag": "{4: h'3131'}"
+      "cborDiag": "{4: '11'}"
     },
     "tbsHex": {
       "cborHex": "846a5369676e61747572653143a101264c11aa22bb33cc44dd5500669954546869732069732074686520636f6e74656e742e",
@@ -28,7 +28,7 @@
     "detached": false,
     "expectedOutput": {
       "cborHex": "d28443a10126a10442313154546869732069732074686520636f6e74656e742e58403a7487d9a528cb61dd8e99bd652c12577fc47d70ee5af2e703c420584f060fc7a8d61e4a35862b2b531a8447030ab966aeed8dd45ebc507c761431e349995770",
-      "cborDiag": "18([h'A10126', {4: h'3131'}, h'546869732069732074686520636F6E74656E742E', h'3A7487D9A528CB61DD8E99BD652C12577FC47D70EE5AF2E703C420584F060FC7A8D61E4A35862B2B531A8447030AB966AEED8DD45EBC507C761431E349995770'])"
+      "cborDiag": "18([h'A10126', {4: '11'}, h'546869732069732074686520636F6E74656E742E', h'3A7487D9A528CB61DD8E99BD652C12577FC47D70EE5AF2E703C420584F060FC7A8D61E4A35862B2B531A8447030AB966AEED8DD45EBC507C761431E349995770'])"
     },
     "fixedOutputLength": 32
   }
diff --git a/sign1-sign-0001.json b/sign1-sign-0001.json
new file mode 100644
index 0000000..4c2ca63
--- /dev/null
+++ b/sign1-sign-0001.json
@@ -0,0 +1,34 @@
+{
+  "uuid": "0F78DB1C-C30F-47B1-AF19-6D0C0B2F3803",
+  "title": "Sign1 - ECDSA w/ SHA-256 (sign)",
+  "description": "Sign with one signer using ECDSA w/ SHA-256",
+  "key": {
+    "kty": "EC",
+    "crv": "P-256",
+    "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
+    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
+    "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+  },
+  "alg": "ES256",
+  "sign1::sign": {
+    "payload": "546869732069732074686520636f6e74656e742e",
+    "protectedHeaders": {
+      "cborHex": "a201260300",
+      "cborDiag": "{1: -7, 3: 0}"
+    },
+    "unprotectedHeaders": {
+      "cborHex": "a104423131",
+      "cborDiag": "{4: '11'}"
+    },
+    "tbsHex": {
+      "cborHex": "846a5369676e61747572653145a2012603004054546869732069732074686520636f6e74656e742e",
+      "cborDiag": "[\"Signature1\", h'A201260300', h'', h'546869732069732074686520636F6E74656E742E']"
+    },
+    "detached": false,
+    "expectedOutput": {
+      "cborHex": "d28445a201260300a10442313154546869732069732074686520636f6e74656e742e58402ad3b9dcc1e13d04f357e11cc8acd825196620e62f0d8deca72672508b829d90e07a3f23be6aa36fd6ebd31e2ed08d1760bffd981f991bfc94a45199a54875c4",
+      "cborDiag": "18([h'A201260300', {4: '11'}, h'546869732069732074686520636F6E74656E742E', h'2AD3B9DCC1E13D04F357E11CC8ACD825196620E62F0D8DECA72672508B829D90E07A3F23BE6AA36FD6EBD31E2ED08D1760BFFD981F991BFC94A45199A54875C4'])"
+    },
+    "fixedOutputLength": 34
+  }
+}
diff --git a/sign1-sign-0002.json b/sign1-sign-0002.json
new file mode 100644
index 0000000..2183ad8
--- /dev/null
+++ b/sign1-sign-0002.json
@@ -0,0 +1,35 @@
+{
+  "uuid": "E693D0C8-C702-4E6C-A70D-0D4DA4C408A0",
+  "title": "Sign1 - ECDSA w/ SHA-384 (sign)",
+  "description": "Sign with one signer using ECDSA w/ SHA-384",
+  "key": {
+    "kty": "EC",
+    "kid": "P384",
+    "crv": "P-384",
+    "x": "kTJyP2KSsBBhnb4kjWmMF7WHVsY55xUPgb7k64rDcjatChoZ1nvjKmYmPh5STRKc",
+    "y": "mM0weMVU2DKsYDxDJkEP9hZiRZtB8fPfXbzINZj_fF7YQRynNWedHEyzAJOX2e8s",
+    "d": "ok3Nq97AXlpEusO7jIy1FZATlBP9PNReMU7DWbkLQ5dU90snHuuHVDjEPmtV0fTo"
+  },
+  "alg": "ES384",
+  "sign1::sign": {
+    "payload": "546869732069732074686520636f6e74656e742e",
+    "protectedHeaders": {
+      "cborHex": "a1013822",
+      "cborDiag": "{1: -35}"
+    },
+    "unprotectedHeaders": {
+      "cborHex": "a1044450333834",
+      "cborDiag": "{4: 'P384'}"
+    },
+    "tbsHex": {
+      "cborHex": "846a5369676e61747572653144a10138224054546869732069732074686520636f6e74656e742e",
+      "cborDiag": "[\"Signature1\", h'A1013822', h'', h'546869732069732074686520636F6E74656E742E']"
+    },
+    "detached": false,
+    "expectedOutput": {
+      "cborHex": "d28444a1013822a104445033383454546869732069732074686520636f6e74656e742e5860aa46c1ab71cd3c1e68ed62c27653797cb72cba3a856fd5e2f38794eee0d666e88139ec51fb62466f4865ca56df493905911e329e829c1887f6259681360a8e7f7d3fd080dcb0720066f13e1621656700c99d6e3771ac2549fde998ee9b1e2cad",
+      "cborDiag": "18([h'A1013822', {4: 'P384'}, h'546869732069732074686520636F6E74656E742E', h'AA46C1AB71CD3C1E68ED62C27653797CB72CBA3A856FD5E2F38794EEE0D666E88139EC51FB62466F4865CA56DF493905911E329E829C1887F6259681360A8E7F7D3FD080DCB0720066F13E1621656700C99D6E3771AC2549FDE998EE9B1E2CAD'])"
+    },
+    "fixedOutputLength": 35
+  }
+}
diff --git a/sign1-sign-0003.json b/sign1-sign-0003.json
new file mode 100644
index 0000000..463136d
--- /dev/null
+++ b/sign1-sign-0003.json
@@ -0,0 +1,36 @@
+{
+  "uuid": "06EFA821-9026-4CDD-A4FB-634103472BC3",
+  "title": "Sign1 - ECDSA w/ SHA-512 (sign)",
+  "description": "Sign with one signer using ECDSA w/ SHA-512",
+  "key": {
+    "kty": "EC",
+    "kid": "bilbo.baggins@hobbiton.example",
+    "use": "sig",
+    "crv": "P-521",
+    "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt",
+    "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1",
+    "d": "AAhRON2r9cqXX1hg-RoI6R1tX5p2rUAYdmpHZoC1XNM56KtscrX6zbKipQrCW9CGZH3T4ubpnoTKLDYJ_fF3_rJt"
+  },
+  "alg": "ES512",
+  "sign1::sign": {
+    "payload": "546869732069732074686520636f6e74656e742e",
+    "protectedHeaders": {
+      "cborHex": "a1013823",
+      "cborDiag": "{1: -36}"
+    },
+    "unprotectedHeaders": {
+      "cborHex": "a104581e62696c626f2e62616767696e7340686f626269746f6e2e6578616d706c65",
+      "cborDiag": "{4: 'bilbo.baggins@hobbiton.example'}"
+    },
+    "tbsHex": {
+      "cborHex": "846a5369676e61747572653144a10138234054546869732069732074686520636f6e74656e742e",
+      "cborDiag": "[\"Signature1\", h'A1013823', h'', h'546869732069732074686520636F6E74656E742E']"
+    },
+    "detached": false,
+    "expectedOutput": {
+      "cborHex": "d28444a1013823a104581e62696c626f2e62616767696e7340686f626269746f6e2e6578616d706c6554546869732069732074686520636f6e74656e742e58840128bbda237a1b55568da74cefe02cf2d2a6216f80ac757bea8effc056d2f634f6e257077b0dabe9d4b3689eb8228e20f60bc74ff84ae3a38ee9a69e158cbf80f93a017acf5877e5083548a45143b602ccd776c5eb39537a2e68dc8c47ff62e10fc42f045b781e4313fbf421903785c3dfeb181c3a93b46a67a9b0e82947ee83f7b44cf0",
+      "cborDiag": "18([h'A1013823', {4: 'bilbo.baggins@hobbiton.example'}, h'546869732069732074686520636F6E74656E742E', h'0128BBDA237A1B55568DA74CEFE02CF2D2A6216F80AC757BEA8EFFC056D2F634F6E257077B0DABE9D4B3689EB8228E20F60BC74FF84AE3A38EE9A69E158CBF80F93A017ACF5877E5083548A45143B602CCD776C5EB39537A2E68DC8C47FF62E10FC42F045B781E4313FBF421903785C3DFEB181C3A93B46A67A9B0E82947EE83F7B44CF0'])"
+    },
+    "fixedOutputLength": 62
+  }
+}
diff --git a/sign1-verify-0001.json b/sign1-verify-0001.json
new file mode 100644
index 0000000..fd17ba0
--- /dev/null
+++ b/sign1-verify-0001.json
@@ -0,0 +1,20 @@
+{
+  "uuid": "2AF74107-34AB-4DD5-BC3C-E83895CAE1A4",
+  "title": "Sign1 - ECDSA w/ SHA-256 (verify)",
+  "description": "Verify signature with one signer using ECDSA w/ SHA-256",
+  "key": {
+    "kty": "EC",
+    "crv": "P-256",
+    "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
+    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
+    "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+  },
+  "alg": "ES256",
+  "sign1::verify": {
+    "taggedCOSESign1": {
+      "cborHex": "d28445a201260300a10442313154546869732069732074686520636f6e74656e742e58402ad3b9dcc1e13d04f357e11cc8acd825196620e62f0d8deca72672508b829d90e07a3f23be6aa36fd6ebd31e2ed08d1760bffd981f991bfc94a45199a54875c4",
+      "cborDiag": "18([h'A201260300', {4: h'3131'}, h'546869732069732074686520636F6E74656E742E', h'2AD3B9DCC1E13D04F357E11CC8ACD825196620E62F0D8DECA72672508B829D90E07A3F23BE6AA36FD6EBD31E2ED08D1760BFFD981F991BFC94A45199A54875C4'])"
+    },
+    "shouldVerify": true
+  }
+}
diff --git a/sign1-verify-0002.json b/sign1-verify-0002.json
new file mode 100644
index 0000000..763dea2
--- /dev/null
+++ b/sign1-verify-0002.json
@@ -0,0 +1,21 @@
+{
+  "uuid": "C5763BDB-5A23-4E9E-9AA2-463A8B107033",
+  "title": "Sign1 - ECDSA w/ SHA-384 (verify)",
+  "description": "Verify signature with one signer using ECDSA w/ SHA-384",
+  "key": {
+    "kty": "EC",
+    "kid": "P384",
+    "crv": "P-384",
+    "x": "kTJyP2KSsBBhnb4kjWmMF7WHVsY55xUPgb7k64rDcjatChoZ1nvjKmYmPh5STRKc",
+    "y": "mM0weMVU2DKsYDxDJkEP9hZiRZtB8fPfXbzINZj_fF7YQRynNWedHEyzAJOX2e8s",
+    "d": "ok3Nq97AXlpEusO7jIy1FZATlBP9PNReMU7DWbkLQ5dU90snHuuHVDjEPmtV0fTo"
+  },
+  "alg": "ES384",
+  "sign1::verify": {
+    "taggedCOSESign1": {
+      "cborHex": "d28444a1013822a104445033383454546869732069732074686520636f6e74656e742e5860aa46c1ab71cd3c1e68ed62c27653797cb72cba3a856fd5e2f38794eee0d666e88139ec51fb62466f4865ca56df493905911e329e829c1887f6259681360a8e7f7d3fd080dcb0720066f13e1621656700c99d6e3771ac2549fde998ee9b1e2cad",
+      "cborDiag": "18([h'A1013822', {4: 'P384'}, h'546869732069732074686520636F6E74656E742E', h'AA46C1AB71CD3C1E68ED62C27653797CB72CBA3A856FD5E2F38794EEE0D666E88139EC51FB62466F4865CA56DF493905911E329E829C1887F6259681360A8E7F7D3FD080DCB0720066F13E1621656700C99D6E3771AC2549FDE998EE9B1E2CAD'])"
+    },
+    "shouldVerify": true
+  }
+}
diff --git a/sign1-verify-0003.json b/sign1-verify-0003.json
new file mode 100644
index 0000000..d478298
--- /dev/null
+++ b/sign1-verify-0003.json
@@ -0,0 +1,22 @@
+{
+  "uuid": "5F6E65B5-1E2F-4242-87CE-C76E26E927D8",
+  "title": "Sign1 - ECDSA w/ SHA-512 (verify)",
+  "description": "Verify signature with one signer using ECDSA w/ SHA-512",
+  "key": {
+    "kty": "EC",
+    "kid": "bilbo.baggins@hobbiton.example",
+    "use": "sig",
+    "crv": "P-521",
+    "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt",
+    "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1",
+    "d": "AAhRON2r9cqXX1hg-RoI6R1tX5p2rUAYdmpHZoC1XNM56KtscrX6zbKipQrCW9CGZH3T4ubpnoTKLDYJ_fF3_rJt"
+  },
+  "alg": "ES512",
+  "sign1::verify": {
+    "taggedCOSESign1": {
+      "cborHex": "d28444a1013823a104581e62696c626f2e62616767696e7340686f626269746f6e2e6578616d706c6554546869732069732074686520636f6e74656e742e58840128bbda237a1b55568da74cefe02cf2d2a6216f80ac757bea8effc056d2f634f6e257077b0dabe9d4b3689eb8228e20f60bc74ff84ae3a38ee9a69e158cbf80f93a017acf5877e5083548a45143b602ccd776c5eb39537a2e68dc8c47ff62e10fc42f045b781e4313fbf421903785c3dfeb181c3a93b46a67a9b0e82947ee83f7b44cf0",
+      "cborDiag": "18([h'A1013823', {4: 'bilbo.baggins@hobbiton.example'}, h'546869732069732074686520636F6E74656E742E', h'0128BBDA237A1B55568DA74CEFE02CF2D2A6216F80AC757BEA8EFFC056D2F634F6E257077B0DABE9D4B3689EB8228E20F60BC74FF84AE3A38EE9A69E158CBF80F93A017ACF5877E5083548A45143B602CCD776C5EB39537A2E68DC8C47FF62E10FC42F045B781E4313FBF421903785C3DFEB181C3A93B46A67A9B0E82947EE83F7B44CF0'])"
+    },
+    "shouldVerify": true
+  }
+}

From 1c7d9cc7892f61ae3bef0cae7bf3c77003d1247a Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@arm.com>
Date: Mon, 28 Mar 2022 22:45:32 +0100
Subject: [PATCH 3/6] refactor the Makefile a bit

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 Makefile | 48 ++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 38 insertions(+), 10 deletions(-)

diff --git a/Makefile b/Makefile
index 56cf7b3..d13e855 100644
--- a/Makefile
+++ b/Makefile
@@ -1,20 +1,48 @@
-.DEFAULT_GOAL := all
+all: check spell
 
 SCHEMA := gluecose-schema.cddl
-
 TESTS := $(wildcard sign1*.json)
-
 EXTRA := misc/gocose-result-sign1-verify-0000.json
+DOCS := README.md
 
 include tools.mk
 
-.PHONY: tests
-tests: ; for f in $(TESTS) ; do $(cddl) $(SCHEMA) v $$f ; done
+check::
 
-.PHONY: extra
-extra: ; for f in $(EXTRA) ; do $(cddl) $(SCHEMA) v $$f ; done
+# $(1): check targets infix (e.g., "x" creates targets "check-x-schema"
+#       and "check-x-files")
+# $(2): reference CDDL schema
+# $(3): files to be checked against the reference schema
+define check_validity
 
-.PHONY: spell
-spell: ; $(mdspell) --en-us README.md
+.PHONY: check-$(1)-schema
+check-$(1)-schema: $(2)
+	@echo "><> validating schema: $$<" ; \
+	$$(cddl) $$< g 1 &>/dev/null
+
+.PHONY: check-$(1)-files
+check-$(1)-files: $(2) $(3)
+	@for f in $(3) ; do \
+		echo "><> validating file: $$$$f against $$< schema" ; \
+		$$(cddl) $$< v $$$$f &>/dev/null || exit 1 ; \
+	done
 
-all: tests extra spell
+check:: check-$(1)-schema check-$(1)-files
+
+endef
+
+$(eval $(call check_validity,test,$(SCHEMA),$(TESTS)))
+$(eval $(call check_validity,extra,$(SCHEMA),$(EXTRA)))
+
+.PHONY: spell
+spell: $(DOCS) ; @$(mdspell) --en-us $^
+
+help:
+	@echo
+	@echo "Available targets:"
+	@echo "  check              - run all validations"
+	@echo "  check-test-schema  - validate the test vectors schema"
+	@echo "  check-test-files   - validate tests against the schema"
+	@echo "  check-extra-files  - validate any extra files against the schema"
+	@echo "  spell              - check documentation for spelling errors"
+	@echo

From f90fbd97cae2686c2c9dbe9fc17c81e7e58f7014 Mon Sep 17 00:00:00 2001
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Mon, 28 Mar 2022 22:53:51 +0100
Subject: [PATCH 4/6] update CI to align with Makefile refactoring

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 .github/workflows/ci.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e9c77ef..464d92c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,5 @@ jobs:
       - name: set up PATH
         run: echo "$(gem env gempath | cut -d':' -f1)/bin" >> $GITHUB_PATH
       - uses: actions/checkout@v2
-      - name: test schema against test vectors
-        run: cddl=cddl mdspell=unused make tests
-      - name: test schema against any extra document
-        run: cddl=cddl mdspell=unused make extra
+      - name: test schema against test vectors and any extra document
+        run: cddl=cddl mdspell=unused make check

From 38cd57a13a94ea6a3718153c62bb3d35843f2e75 Mon Sep 17 00:00:00 2001
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Tue, 29 Mar 2022 12:00:22 +0100
Subject: [PATCH 5/6] Use textual bstr

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 sign1-verify-0001.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sign1-verify-0001.json b/sign1-verify-0001.json
index fd17ba0..15174b2 100644
--- a/sign1-verify-0001.json
+++ b/sign1-verify-0001.json
@@ -13,7 +13,7 @@
   "sign1::verify": {
     "taggedCOSESign1": {
       "cborHex": "d28445a201260300a10442313154546869732069732074686520636f6e74656e742e58402ad3b9dcc1e13d04f357e11cc8acd825196620e62f0d8deca72672508b829d90e07a3f23be6aa36fd6ebd31e2ed08d1760bffd981f991bfc94a45199a54875c4",
-      "cborDiag": "18([h'A201260300', {4: h'3131'}, h'546869732069732074686520636F6E74656E742E', h'2AD3B9DCC1E13D04F357E11CC8ACD825196620E62F0D8DECA72672508B829D90E07A3F23BE6AA36FD6EBD31E2ED08D1760BFFD981F991BFC94A45199A54875C4'])"
+      "cborDiag": "18([h'A201260300', {4: '11'}, h'546869732069732074686520636F6E74656E742E', h'2AD3B9DCC1E13D04F357E11CC8ACD825196620E62F0D8DECA72672508B829D90E07A3F23BE6AA36FD6EBD31E2ED08D1760BFFD981F991BFC94A45199A54875C4'])"
     },
     "shouldVerify": true
   }

From 222194b3d570fbc81cd9262bf2cacd0948473e1a Mon Sep 17 00:00:00 2001
From: Thomas Fossati <thomas.fossati@arm.com>
Date: Tue, 29 Mar 2022 13:36:33 +0100
Subject: [PATCH 6/6] remove private key from Sign1 verification tests

Signed-off-by: Thomas Fossati <thomas.fossati@arm.com>
---
 sign1-verify-0000.json | 3 +--
 sign1-verify-0001.json | 3 +--
 sign1-verify-0002.json | 3 +--
 sign1-verify-0003.json | 3 +--
 4 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/sign1-verify-0000.json b/sign1-verify-0000.json
index edbbb31..6405093 100644
--- a/sign1-verify-0000.json
+++ b/sign1-verify-0000.json
@@ -6,8 +6,7 @@
     "kty": "EC",
     "crv": "P-256",
     "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
-    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
-    "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4"
   },
   "alg": "ES256",
   "sign1::verify": {
diff --git a/sign1-verify-0001.json b/sign1-verify-0001.json
index 15174b2..5096036 100644
--- a/sign1-verify-0001.json
+++ b/sign1-verify-0001.json
@@ -6,8 +6,7 @@
     "kty": "EC",
     "crv": "P-256",
     "x": "usWxHK2PmfnHKwXPS54m0kTcGJ90UiglWiGahtagnv8",
-    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4",
-    "d": "V8kgd2ZBRuh2dgyVINBUqpPDr7BOMGcF22CQMIUHtNM"
+    "y": "IBOL-C3BttVivg-lSreASjpkttcsz-1rb7btKLv8EX4"
   },
   "alg": "ES256",
   "sign1::verify": {
diff --git a/sign1-verify-0002.json b/sign1-verify-0002.json
index 763dea2..7836b4b 100644
--- a/sign1-verify-0002.json
+++ b/sign1-verify-0002.json
@@ -7,8 +7,7 @@
     "kid": "P384",
     "crv": "P-384",
     "x": "kTJyP2KSsBBhnb4kjWmMF7WHVsY55xUPgb7k64rDcjatChoZ1nvjKmYmPh5STRKc",
-    "y": "mM0weMVU2DKsYDxDJkEP9hZiRZtB8fPfXbzINZj_fF7YQRynNWedHEyzAJOX2e8s",
-    "d": "ok3Nq97AXlpEusO7jIy1FZATlBP9PNReMU7DWbkLQ5dU90snHuuHVDjEPmtV0fTo"
+    "y": "mM0weMVU2DKsYDxDJkEP9hZiRZtB8fPfXbzINZj_fF7YQRynNWedHEyzAJOX2e8s"
   },
   "alg": "ES384",
   "sign1::verify": {
diff --git a/sign1-verify-0003.json b/sign1-verify-0003.json
index d478298..cef5320 100644
--- a/sign1-verify-0003.json
+++ b/sign1-verify-0003.json
@@ -8,8 +8,7 @@
     "use": "sig",
     "crv": "P-521",
     "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt",
-    "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1",
-    "d": "AAhRON2r9cqXX1hg-RoI6R1tX5p2rUAYdmpHZoC1XNM56KtscrX6zbKipQrCW9CGZH3T4ubpnoTKLDYJ_fF3_rJt"
+    "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1"
   },
   "alg": "ES512",
   "sign1::verify": {