cddl icon indicating copy to clipboard operation
cddl copied to clipboard

Published 20 hours ago verified publisher icon anweiss

Validation always fails for CBOR with non-standard simple values

Open Anrock opened this issue 3 years ago • 6 comments

Seems like cddl is unable to validate any CBOR binary that uses non-standard simple values, instead producing

Validation of "filename.cbor" failed

error parsing cbor: unassigned type at offset X

As far as I understand this is due to serde_cbor intentionally producing parser error when it encounters any simple value it doesn't understand.

Is there any workaround for that or the fix would be to replace serde_cbor with other library?

Anrock avatar Aug 30 '21 13:08 Anrock

hey @Anrock, thanks for highlighting this. Indeed, this is due to error in the serde_cbor library as you indicated. Given that https://github.com/pyfisch/cbor is now archived and no longer being maintained, I plan to replace it with a different library.

anweiss avatar Aug 30 '21 14:08 anweiss

@anweiss not sure if it's fixed with ciborium. I just compiled 8d398daf and tried to validate same cbor against cddl spec and got

thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Semantic(None, "invalid type: simple, expected known simple value")', src/validator/mod.rs:169:76
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Seems like it's the same thing with ciborium too - it intentionally produces an error on any custom simple value it doesn't know about

Anrock avatar Nov 29 '21 10:11 Anrock

hey @Anrock, can you provide the CDDL you are using that is causing this error?

anweiss avatar Nov 29 '21 15:11 anweiss

@anweiss I don't think it's the CDDL itself but a cbor binary. Minimal repro should be just a simple value from unassigned range, like 40 or 41 (CDDL #7.40 or #7.41). I'll try to get minimal repro tomorrow.

Anrock avatar Nov 29 '21 18:11 Anrock

@anweiss okay, I got minimal repro.

cddl: root = #7.32

cbor: f820.

I don't think I can attach a binary file in github, but you can easily create it via echo f820 | xxd -p -r > min.cbor

Then running ./cddl validate --cddl min.cddl --cbor min.cbor will produce

thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Semantic(None, "invalid type: simple, expected known simple value")', src/validator/mod.rs:169:76
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Anrock avatar Nov 30 '21 09:11 Anrock

Thanks @Anrock for reporting this. Putting this in the backlog until https://github.com/enarx/ciborium/issues/60 is looked at.

anweiss avatar Oct 27 '22 15:10 anweiss