veraison · Sukuna0007Abhi · Sep 22, 2025
@@ -0,0 +1,71 @@
+# CMW Example Files
+
+This directory contains example Conceptual Message Wrapper (CMW) files for testing and development purposes with RATSD.
+
+## File Overview
+
+- **`basic-mock-tsm.json`** - Simple mock TSM attester example with minimal required fields
+- **`mock-tsm-with-privilege.json`** - Mock TSM attester with privilege level specified
+- **`tsm-report-basic.json`** - Basic TSM report attester example
+- **`multi-attester.json`** - Example showing both mock-tsm and tsm-report attesters in one CMW
+- **`tsm-cbor-format.json`** - TSM report using CBOR content type instead of JSON
+
+## CMW Structure
+
+All CMW files follow this basic structure:
+
+```json
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "<attester-name>": [
+    "<content-type>",
+    <evidence-data>
+  ]
+}
+```
+
+## Available Attesters
+
+### mock-tsm
+- **Content Type**: `application/vnd.veraison.configfs-tsm+json`
+- **Required Fields**: `auxblob`, `outblob`
+- **Optional Fields**: `provider`, `privilege_level` (0-3)
+
+### tsm-report  
+- **Content Types**: 
+  - `application/vnd.veraison.configfs-tsm+json` (JSON format)
+  - `application/vnd.veraison.configfs-tsm+cbor` (CBOR format)
+- **Required Fields**: `auxblob`, `outblob`
+- **Optional Fields**: `provider`, `privilege_level` (0-3)
+
+## Usage with RATSD
+
+These files can be used for testing RATSD in mock mode or as reference for understanding the expected CMW format.
+
+### Testing with curl
+
+```bash
+# Basic query (returns all available attesters)
+curl -X POST http://localhost:8895/ratsd/chares \
+  -H "Content-type: application/vnd.veraison.chares+json" \
+  -d '{"nonce": "TUlEQk5IMjhpaW9pc2pQeXh4eHh4eHh4eHh4eHh4eHhNSURCTkgyOGlpb2lzalB5eHh4eHh4eHh4eHh4eHh4eA"}'
+
+# Query with specific attester selection
+curl -X POST http://localhost:8895/ratsd/chares \
+  -H "Content-type: application/vnd.veraison.chares+json" \
+  -d '{
+    "nonce": "TUlEQk5IMjhpaW9pc2pQeXh4eHh4eHh4eHh4eHh4eHhNSURCTkgyOGlpb2lzalB5eHh4eHh4eHh4eHh4eHh4eA",
+    "attester-selection": {
+      "mock-tsm": {
+        "privilege_level": "3"
+      }
+    }
+  }'
+```
+
+## Notes
+
+- All `auxblob` and `outblob` values are base64-encoded
+- The examples use fake/placeholder data for demonstration purposes
+- For CBOR format, the evidence data itself is base64-encoded CBOR
+- Privilege levels range from 0 (lowest) to 3 (highest)
@@ -0,0 +1,11 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "mock-tsm": [
+    "application/vnd.veraison.configfs-tsm+json",
+    {
+      "auxblob": "YVhWNFlteHZZZw==",
+      "outblob": "cHJpdmlsZWdlLWxldmVsLWJhc2ljLW1vY2stdHNtLWV4YW1wbGUtZGF0YQ==",
+      "provider": "mock-hardware"
+    }
+  ]
+}
@@ -0,0 +1,12 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "mock-tsm": [
+    "application/vnd.veraison.configfs-tsm+json",
+    {
+      "auxblob": "bW9jay10c20tYXV4LWRhdGE=",
+      "outblob": "cHJpdmlsZWdlLWxldmVsLXRocmVlLW1vY2stdHNtLWV4YW1wbGUtZGF0YQ==",
+      "provider": "secure-enclave",
+      "privilege_level": "3"
+    }
+  ]
+}
@@ -0,0 +1,21 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "mock-tsm": [
+    "application/vnd.veraison.configfs-tsm+json",
+    {
+      "auxblob": "bW9jay10c20tYXV4",
+      "outblob": "bW9jay10c20tb3V0YmxvYi1kYXRhLWZvci1tdWx0aS1hdHRlc3Rlci1leGFtcGxl",
+      "provider": "mock-hardware",
+      "privilege_level": "1"
+    }
+  ],
+  "tsm-report": [
+    "application/vnd.veraison.configfs-tsm+json", 
+    {
+      "auxblob": "dHNtLXJlcG9ydC1hdXgtbXVsdGk=",
+      "outblob": "dHNtLXJlcG9ydC1vdXRibG9iLWRhdGEtZm9yLW11bHRpLWF0dGVzdGVyLWV4YW1wbGUtd2l0aC1ib3RoLWF0dGVzdGVycy1wcmVzZW50",
+      "provider": "real-tsm",
+      "privilege_level": "2"
+    }
+  ]
+}
@@ -0,0 +1,13 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "mock-tsm": [
+    "application/vnd.veraison.configfs-tsm+json",
+    {
+      "auxblob": "cHJpdmlsZWdlLWxldmVsLXRlc3QtYXV4",
+      "outblob": "cHJpdmlsZWdlLWxldmVsLXRlc3Qtb3V0YmxvYi13aXRoLW1heGltdW0tc2VjdXJpdHktcHJpdmlsZWdlLWxldmVsLTM=",
+      "provider": "secure-enclave",
+      "privilege_level": "3",
+      "description": "Maximum privilege level for secure operations"
+    }
+  ]
+}
@@ -0,0 +1,83 @@
+#!/bin/bash
+
+# Test script for CMW examples
+# This script validates that the example CMW files are properly formatted
+
+echo "Testing CMW Example Files..."
+echo "================================"
+
+EXAMPLES_DIR="$(dirname "$0")"
+FAILED_TESTS=0
+
+# Function to test JSON validity
+test_json_validity() {
+    local file="$1"
+    echo -n "Testing $file... "
+
+    if jq empty "$file" 2>/dev/null; then
+        echo "✓ Valid JSON"
+    else
+        echo "✗ Invalid JSON"
+        ((FAILED_TESTS++))
+    fi
+}
+
+# Function to test CMW structure
+test_cmw_structure() {
+    local file="$1"
+    echo -n "Testing CMW structure in $file... "
+
+    # Check for required __cmwc_t field
+    if jq -e '.__cmwc_t == "tag:github.com,2025:veraison/ratsd/cmw"' "$file" >/dev/null 2>&1; then
+        echo "✓ Valid CMW structure"
+    else
+        echo "✗ Invalid CMW structure"
+        ((FAILED_TESTS++))
+    fi
+}
+
+# Function to test base64 fields
+test_base64_fields() {
+    local file="$1"
+    echo -n "Testing base64 fields in $file... "
+
+    # Extract all auxblob and outblob values and test if they're valid base64
+    local base64_valid=true
+
+    while IFS= read -r blob; do
+        if [[ -n "$blob" ]]; then
+            if ! echo "$blob" | base64 -d >/dev/null 2>&1; then
+                base64_valid=false
+                break
+            fi
+        fi
+    done < <(jq -r '.. | select(type == "object") | select(has("auxblob")) | .auxblob, .outblob' "$file" 2>/dev/null)
+
+    if $base64_valid; then
+        echo "✓ Valid base64 encoding"
+    else
+        echo "✗ Invalid base64 encoding"
+        ((FAILED_TESTS++))
+    fi
+}
+
+# Test all JSON files in the directory
+for file in "$EXAMPLES_DIR"/*.json; do
+    if [[ -f "$file" ]]; then
+        echo
+        echo "Testing $(basename "$file"):"
+        test_json_validity "$file"
+        test_cmw_structure "$file"
+        test_base64_fields "$file"
+    fi
+done
+
+echo
+echo "================================"
+if [[ $FAILED_TESTS -eq 0 ]]; then
+    echo "All tests passed! ✓"
+    exit 0
+else
+    echo "$FAILED_TESTS test(s) failed! ✗"
+    exit 1
+fi
@@ -0,0 +1,7 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "tsm-report": [
+    "application/vnd.veraison.configfs-tsm+cbor",
+    "pGNhdXhqQ0JPUi1hdXgtZGF0YWZvdXRibG9ieFpDQk9SLWVuY29kZWQtdHNtLXJlcG9ydC1kYXRhLWZvci1yYXRzZC1leGFtcGxlLXB1cnBvc2VzLW9ubHktbm90LXJlYWwtZGF0YWhwcm92aWRlcmx0c20tY2Jvci1oYXJkd2FyZW9wcml2aWxlZ2VfbGV2ZWxhMw=="
+  ]
+}
@@ -0,0 +1,12 @@
+{
+  "__cmwc_t": "tag:github.com,2025:veraison/ratsd/cmw",
+  "tsm-report": [
+    "application/vnd.veraison.configfs-tsm+json",
+    {
+      "auxblob": "dHNtLXJlcG9ydC1hdXg=",
+      "outblob": "dHNtLXJlcG9ydC1vdXRibG9iLWRhdGEtZXhhbXBsZS1mb3ItcmF0c2QtZGVtb25zdHJhdGlvbi1wdXJwb3Nlcy1vbmx5LXRoaXMtaXMtbm90LWEtcmVhbC10c20tcmVwb3J0LWJ1dC1hLXNhbXBsZS1mb3ItdGVzdGluZw==",
+      "provider": "tsm-hardware",
+      "privilege_level": "0"
+    }
+  ]
+}