fix(scheme): align PSA/CCA with CoRIM profiles

Migrate PSA-IoT and ARM-CCA scheme handling to latest profile APIs and string measurement keys.

Regenerate PSA and ARM-CCA CoRIM test vectors and update negative cases to match new profile validation behavior.

Signed-off-by: Abhishek kumar <abhirajabhi312@gmail.com>

Author: abhiraj-ku

deployments/docker/src/builder.docker

@@ -60,7 +60,7 @@ RUN go mod download &&\
     go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 &&\
     go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.1 &&\
     go install github.com/mitchellh/protoc-gen-go-json@v1.1.0 &&\
-    go install github.com/veraison/cocli@v1.0.0-alpha0 &&\
+    go install github.com/veraison/cocli@v1.0.0-alpha0.0.20260313151307-405ce39d50b6 &&\
     go install github.com/veraison/evcli/v2@1685bf5 &&\
     go install github.com/veraison/pocli@v0.2.0 &&\
     go install github.com/go-delve/delve/cmd/dlv@v1.24.0 &&\

deployments/native/deployment.sh

@@ -231,7 +231,7 @@ function init_sqlite_stores() {
 
 function init_clients() {
 	_init_client evcli github.com/veraison/evcli/v2@v2.1.0
-	_init_client cocli github.com/veraison/cocli@8ebd64c1
+	_init_client cocli github.com/veraison/cocli@v1.0.0-alpha0.0.20260313151307-405ce39d50b6
 	_init_client pocli github.com/veraison/pocli@2fa24ea3
 	_init_client corim-store github.com/veraison/corim-store/cmd/corim-store@9e4ba68b
 }

end-to-end/input/src/comid-cca-refval.json

@@ -21,84 +21,95 @@
         "environment": {
           "class": {
             "id": {
-              "type": "psa.impl-id",
+              "type": "bytes",
               "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
-            },
-            "vendor": "ACME",
-            "model": "RoadRunner"
+            }
           }
         },
         "measurements": [
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "BL",
-                "version": "3.4.2",
-                "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              }
+              "type": "string",
+              "value": "cca.software-component"
             },
             "value": {
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "01234567890123456789012345678901"
+                }
+              ],
               "digests": [
-                "sha-256;BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              ]
+                "sha-256:BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
+              ],
+              "name": "BL"
             }
           },
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "M1",
-                "version": "1.2.0",
-                "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              }
+              "type": "string",
+              "value": "cca.software-component"
             },
             "value": {
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "01234567890123456789012345678901"
+                }
+              ],
               "digests": [
-                "sha-256;CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              ]
+                "sha-256:CwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
+              ],
+              "name": "M1"
             }
           },
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "M2",
-                "version": "1.2.3",
-                "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              }
+              "type": "string",
+              "value": "cca.software-component"
             },
             "value": {
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "01234567890123456789012345678901"
+                }
+              ],
               "digests": [
-                "sha-256;DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              ]
+                "sha-256:DwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
+              ],
+              "name": "M2"
             }
           },
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "M3",
-                "version": "1.0.0",
-                "signer-id": "BwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              }
+              "type": "string",
+              "value": "cca.software-component"
             },
             "value": {
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "01234567890123456789012345678901"
+                }
+              ],
               "digests": [
-                "sha-256;EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
-              ]
+                "sha-256:EwYFBAMCAQAPDg0MCwoJCBcWFRQTEhEQHx4dHBsaGRg="
+              ],
+              "name": "M3"
             }
           },
           {
             "key": {
-              "type": "cca.platform-config-id",
-              "value": "cfg v1.0.0"
+              "type": "string",
+              "value": "cca.platform-config"
             },
             "value": {
               "raw-value": {
                 "type": "bytes",
                 "value": "AQID"
-              }
+              },
+              "raw-value-mask": "AQID"
             }
           }
         ]

end-to-end/input/src/comid-cca-ta.json

@@ -21,11 +21,9 @@
         "environment": {
           "class": {
             "id": {
-              "type": "psa.impl-id",
+              "type": "bytes",
               "value": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
-            },
-            "vendor": "ACME",
-            "model": "RoadRunner"
+            }
           },
           "instance": {
             "type": "ueid",

end-to-end/input/src/comid-psa-refval.json

@@ -21,7 +21,7 @@
         "environment": {
           "class": {
             "id": {
-              "type": "psa.impl-id",
+              "type": "bytes",
               "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
             },
             "vendor": "ACME",
@@ -31,46 +31,52 @@
         "measurements": [
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "BL",
-                "version": "2.1.0",
-                "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
-              }
+              "type": "string",
+              "value": "psa.software-component"
             },
             "value": {
               "digests": [
-                "sha-256;h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc="
+                "sha-256:h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc="
+              ],
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
+                }
               ]
             }
           },
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "PRoT",
-                "version": "1.3.5",
-                "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
-              }
+              "type": "string",
+              "value": "psa.software-component"
             },
             "value": {
               "digests": [
-                "sha-256;AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8="
+                "sha-256:AmOCmYm2/ZVPcrqvL8ZLwuLwHWktTecphuqAj26ZgT8="
+              ],
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
+                }
               ]
             }
           },
           {
             "key": {
-              "type": "psa.refval-id",
-              "value": {
-                "label": "ARoT",
-                "version": "0.1.4",
-                "signer-id": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
-              }
+              "type": "string",
+              "value": "psa.software-component"
             },
             "value": {
               "digests": [
-                "sha-256;o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg="
+                "sha-256:o6XnFfDMV0pzw/m+u2vCTzL/1bZ7OHJEwskJ2neaFHg="
+              ],
+              "cryptokeys": [
+                {
+                  "type": "bytes",
+                  "value": "rLsRx+TaIXIFUjzkzhokWuGiOa48a/2eeHH35di66Gs="
+                }
               ]
             }
           }

end-to-end/input/src/comid-psa-ta.json

@@ -21,11 +21,9 @@
         "environment": {
           "class": {
             "id": {
-              "type": "psa.impl-id",
+              "type": "bytes",
               "value": "YWNtZS1pbXBsZW1lbnRhdGlvbi1pZC0wMDAwMDAwMDE="
-            },
-            "vendor": "ACME",
-            "model": "RoadRunner"
+            }
           },
           "instance": {
             "type": "ueid",

end-to-end/input/src/corim-psa.json

@@ -1,4 +1,4 @@
 {
   "corim-id": "00000000-0000-0001-p5a1-000000000001",
-  "profile": "http://arm.com/psa/iot/1"
+  "profile": "tag:arm.com,2025:psa#1.0.0"
 }

go.mod

@@ -40,7 +40,7 @@ require (
 	github.com/tbaehler/gin-keycloak v1.6.1
 	github.com/veraison/ccatoken v1.3.2-0.20250512122414-b26aba0635c4
 	github.com/veraison/cmw v0.2.0
-	github.com/veraison/corim v1.1.3-0.20260214081209-effcd0f48c8a
+	github.com/veraison/corim v1.1.3-0.20260309101151-2fa49d7c02e3
 	github.com/veraison/corim-store v0.0.0-20260220100808-e966b3eab910
 	github.com/veraison/dice v0.0.1
 	github.com/veraison/ear v1.1.4-0.20260213122616-3034258cda59

go.sum

@@ -1255,8 +1255,8 @@ github.com/veraison/ccatoken v1.3.2-0.20250512122414-b26aba0635c4 h1:t2GQueIc1Sr
 github.com/veraison/ccatoken v1.3.2-0.20250512122414-b26aba0635c4/go.mod h1:vMqdbW4H/8A3oT+24qssuIK3Aefy06XqzTELGg+gWAg=
 github.com/veraison/cmw v0.2.0 h1:BWEvwZnD4nn5osq6XwQpTRcGxwV+Su4t6ytdAbVXAJY=
 github.com/veraison/cmw v0.2.0/go.mod h1:OiYKk1t6/Fmmg30ZpSMzi4nKr5kt3374sNTkgxC5BDs=
-github.com/veraison/corim v1.1.3-0.20260214081209-effcd0f48c8a h1:Y19AyrbBpuyQZ/Sa/Hyh6bo5FrO6FMeR6g3jjnjLMBE=
-github.com/veraison/corim v1.1.3-0.20260214081209-effcd0f48c8a/go.mod h1:96PQ0lk+O9bzutKTDz66G2DaARYUp1BeR06EYwEwSH0=
+github.com/veraison/corim v1.1.3-0.20260309101151-2fa49d7c02e3 h1:yFF+d5ekY8g1nTAuV3lEvVI4dGdQMcoYp8blegIrrSQ=
+github.com/veraison/corim v1.1.3-0.20260309101151-2fa49d7c02e3/go.mod h1:96PQ0lk+O9bzutKTDz66G2DaARYUp1BeR06EYwEwSH0=
 github.com/veraison/corim-store v0.0.0-20260220100808-e966b3eab910 h1:hg09D27B9qkrN6zFQEs6wEG0qiTk451ExGMnSAq2tXY=
 github.com/veraison/corim-store v0.0.0-20260220100808-e966b3eab910/go.mod h1:/SqPJwSHexrxsNtiAJ/JqNgvC6+yihOyRlrTJO+0GnY=
 github.com/veraison/dice v0.0.1 h1:dOm7ByDN/r4WlDsGkEUXzdPMXgTvAPTAksQ8+BwBrD4=

integration-tests/data/claims/cca.good.json

@@ -1,7 +1,7 @@
 {
   "cca-platform-token": {
     "cca-platform-challenge": "5QHHS9edCpI1N1heeR7DUBI+gaqXUB34EkQCITSCxVM=",
-    "cca-platform-profile": "http://arm.com/CCA-SSD/1.0.0",
+    "cca-platform-profile": "tag:arm.com,2023:cca_platform#1.0.0",
     "cca-platform-implementation-id": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=",
     "cca-platform-instance-id": "AQICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC",
     "cca-platform-config": "AQID",