[SRI] Clarification regarding "Parse metadata" algorithm

[hrj]

I am confused by the wording in section 3.3.3. To quote the algorithm:

1. Let result be the empty set.
2. Let empty be equal to true.
3. For each token returned by splitting metadata on spaces:
   1. Set empty to false.
   2. If token is not a valid metadata, skip the remaining steps, and proceed to the next token.
   3. Parse token per the grammar in integrity metadata.
   4. Let algorithm be the alg component of token.
   5. If algorithm is a hash function recognized by the user agent, add the parsed token to result.
4. Return no metadata if empty is true, otherwise return result.

Question:

What is the definition of "valid metadata" mentioned in step 3 ii? Is it just syntactical correctness as per the ABNF grammar or something more? I ask because the parsing step (3 iii) is mentioned after the check for "valid metadata" which seems to imply that there is more to it than just syntax. But I can't find any other criteria for metadata correctness.

Thanks in advance!

[hrj]

A related question:

If a token parses correctly per the grammar, but doesn't decode correctly as base64 (for example due to wrong padding) is that considered invalid metadata?

[hrj]

If a token parses correctly per the grammar, but doesn't decode correctly as base64 (for example due to wrong padding) is that considered invalid metadata?

Oops, I just realized that base64 decoding isn't really required. If the the encoded strings don't match then the match fails as per section 3.3.1 and so the case of badly encoded base64 string is adequately covered.

However, this brings us back to the original question: what are the criteria for validity of metadata?