CoRIM Structure
A CoRIM is associated with an image release. The CoRIM contains one or more CoMIDs, with each CoMID providing reference claims for a device.
A signed CoRIM includes a set of protected header parameters, a set of unprotected header parameters, the payload, and the COSE Single Signer (COSE-Sign1) signature. The signature covers the protected header parameters and the payload. The message structures are built on the CBOR array type.
The corim-meta-map structure identifies the entity creating and signing the CoRIM and is part of the protected header parameters. Currently, the meta map contents reflect the following:
{ "signer"
: { "name"
: "NVIDIA"
} }
At the top-level, IANA global content tags identify unsigned and signed CoRIMs. The top-level CoRIM structure is described by the following CDDL rules:
corim = #6.500
(corim-type-choice)
$corim-type-choice /= #6.501
(corim-map)
$corim-type-choice /= #6.502
(signed-corim)