From 81e77c4814cba4bbaa1e45a59dac78ce9885726a Mon Sep 17 00:00:00 2001
From: Jagannathan Raman <jag.raman@oracle.com>
Date: Mon, 10 Feb 2025 16:45:51 -0500
Subject: [PATCH] integrityregisters: add Compare routine

Add a routine to compare IntegrityRegisters against a reference

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 comid/integrityregisters.go      | 21 +++++++++++++++-
 comid/integrityregisters_test.go | 41 +++++++++++++++++++++++++++++++-
 2 files changed, 60 insertions(+), 2 deletions(-)

diff --git a/comid/integrityregisters.go b/comid/integrityregisters.go
index fb149305..18ab1083 100644
--- a/comid/integrityregisters.go
+++ b/comid/integrityregisters.go
@@ -1,8 +1,9 @@
-// Copyright 2024 Contributors to the Veraison project.
+// Copyright 2024-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 package comid
 
 import (
+	"bytes"
 	"encoding/json"
 	"fmt"
 	"strconv"
@@ -136,3 +137,21 @@ func (i *IntegrityRegisters) UnmarshalJSON(data []byte) error {
 	}
 	return nil
 }
+
+func (i *IntegrityRegisters) Compare(r *IntegrityRegisters) error {
+	claim, err := i.MarshalJSON()
+	if err != nil {
+		return err
+	}
+
+	ref, err := r.MarshalJSON()
+	if err != nil {
+		return err
+	}
+
+	if bytes.Equal(claim, ref) {
+		return nil
+	}
+
+	return fmt.Errorf("mismatched integrity registers")
+}
diff --git a/comid/integrityregisters_test.go b/comid/integrityregisters_test.go
index 079956e9..72368c60 100644
--- a/comid/integrityregisters_test.go
+++ b/comid/integrityregisters_test.go
@@ -1,4 +1,4 @@
-// Copyright 2024 Contributors to the Veraison project.
+// Copyright 2024-2025 Contributors to the Veraison project.
 // SPDX-License-Identifier: Apache-2.0
 
 package comid
@@ -300,3 +300,42 @@ func TestIntegrityRegisters_UnmarshalJSON_NOK(t *testing.T) {
 		})
 	}
 }
+
+func TestIntegrityRegisters_Compare_OK(t *testing.T) {
+	claim := IntegrityRegisters{map[IRegisterIndex]Digests{
+		uint64(0): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(1): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(2): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(3): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(4): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+	}}
+
+	ref := IntegrityRegisters{map[IRegisterIndex]Digests{
+		uint64(0): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(1): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(2): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(3): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(4): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+	}}
+
+	assert.Nil(t, claim.Compare(&ref))
+}
+
+func TestIntegrityRegisters_Compare_NOK(t *testing.T) {
+	claim := IntegrityRegisters{map[IRegisterIndex]Digests{
+		uint64(0): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(1): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(2): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(3): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(4): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+	}}
+
+	ref := IntegrityRegisters{map[IRegisterIndex]Digests{
+		uint64(0): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(1): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(2): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+		uint64(3): []swid.HashEntry{{HashAlgID: swid.Sha256, HashValue: MustHexDecode(t, "e45b72f5c0c0b572db4d8d3ab7e97f368ff74e62347a824decb67a84e5224d75")}},
+	}}
+
+	assert.Errorf(t, claim.Compare(&ref), "mismatched integrity registers")
+}