draft-ietf-rats-yang-tpm-charra-07.txt   draft-ietf-rats-yang-tpm-charra-08.txt 
RATS Working Group H. Birkholz RATS Working Group H. Birkholz
Internet-Draft M. Eckel Internet-Draft M. Eckel
Intended status: Standards Track Fraunhofer SIT Intended status: Standards Track Fraunhofer SIT
Expires: 16 October 2021 S. Bhandari Expires: 5 December 2021 S. Bhandari
ThoughtSpot ThoughtSpot
E. Voit E. Voit
B. Sulzen B. Sulzen
Cisco Cisco
L. Xia L. Xia
Huawei Huawei
T. Laffey T. Laffey
HPE HPE
G. Fedorkow G. Fedorkow
Juniper Juniper
14 April 2021 3 June 2021
A YANG Data Model for Challenge-Response-based Remote Attestation A YANG Data Model for Challenge-Response-based Remote Attestation
Procedures using TPMs Procedures using TPMs
draft-ietf-rats-yang-tpm-charra-07 draft-ietf-rats-yang-tpm-charra-08
Abstract Abstract
This document defines a YANG RPC and a small number of configuration This document defines YANG RPCs and a small number of configuration
node required to retrieve attestation evidence about integrity nodes required to retrieve attestation evidence about integrity
measurements from a device following the operational context defined measurements from a device, following the operational context defined
in TPM-based Network Device Remote Integrity Verification. in TPM-based Network Device Remote Integrity Verification.
Complementary measurement logs are also provided by the YANG RPC Complementary measurement logs are also provided by the YANG RPCs,
originating from one or more roots of trust of measurement. The originating from one or more roots of trust for measurement (RTMs).
module defined requires at least one TPM 1.2 or TPM 2.0 and The module defined requires at least one TPM 1.2 or TPM 2.0 as well
corresponding Trusted Software Stack included in the device as a corresponding TPM Software Stack (TSS), included in the device
components of the composite device the YANG server is running on. components of the composite device the YANG server is running on.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 16 October 2021. This Internet-Draft will expire on 5 December 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 26 skipping to change at page 2, line 26
extracted from this document must include Simplified BSD License text extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3
2. The YANG Module for Basic Remote Attestation Procedures . . . 3 2. The YANG Module for Basic Remote Attestation Procedures . . . 3
2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3
2.1.1. ietf-tpm-remote-attestation . . . . . . . . . . . . . 3 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 3
2.1.2. ietf-tcg-algs . . . . . . . . . . . . . . . . . . . . 31 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 32
3. IANA considerations . . . . . . . . . . . . . . . . . . . . . 47 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47
4. Security Considerations . . . . . . . . . . . . . . . . . . . 47 4. Security Considerations . . . . . . . . . . . . . . . . . . . 47
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 48 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 48
6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 48 6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 48
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 49 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 49
7.1. Normative References . . . . . . . . . . . . . . . . . . 49 7.1. Normative References . . . . . . . . . . . . . . . . . . 49
7.2. Informative References . . . . . . . . . . . . . . . . . 50 7.2. Informative References . . . . . . . . . . . . . . . . . 51
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 51 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 51
1. Introduction 1. Introduction
This document is based on the terminology defined in the This document is based on the general terminology defined in the
[I-D.ietf-rats-architecture] and uses the operational context defined [I-D.ietf-rats-architecture] and uses the operational context defined
in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the
interaction model and information elements defined in interaction model and information elements defined in
[I-D.ietf-rats-reference-interaction-models]. The currently [I-D.ietf-rats-reference-interaction-models]. The currently
supported hardware security modules (HWM) are the Trusted Platform supported hardware security modules (HSMs) are the Trusted Platform
Module (TPM) [TPM1.2] and [TPM2.0] specified by the Trusted Computing Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted
Group (TCG). One ore more TPMs embedded in the components of a Computing Group (TCG). One or more TPMs embedded in the components
composite device - sometimes also referred to as an aggregate device of a Composite Device are required in order to use the YANG module
- are required in order to use the YANG module defined in this defined in this document. A TPM is used as a root of trust for
document. A TPM is used as a root of trust for reporting (RTR) in reporting (RTR) in order to retrieve attestation Evidence from a
order to retrieve attestation evidence from a composite device (quote composite device (_TPM Quote_ primitive operation). Additionally, it
primitive operation). Additionally, it is used as a root of trust is used as a root of trust for storage (RTS) in order to retain
for storage (RTS) in order to retain shielded secrets and store shielded secrets and store system measurements using a folding hash
system measurements using a folding hash function (extend primitive function (_TPM PCR Extend_ primitive operation).
operation).
Specific terms imported from [I-D.ietf-rats-architecture] and used in
this document include: Attester, Composite Device, Evidence.
Specific terms imported from [TPM2.0-Key] and used in this document
include: Endorsement Key (EK), Initial Attestation Key (IAK), Local
Attestation Key (LAK).
1.1. Requirements notation 1.1. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2. The YANG Module for Basic Remote Attestation Procedures 2. The YANG Module for Basic Remote Attestation Procedures
One or more TPMs MUST be embedded in the composite device that is One or more TPMs MUST be embedded in a Composite Device that provides
providing attestation evidence via the YANG module defined in this attestation evidence via the YANG module defined in this document.
document. The ietf-basic-remote-attestation YANG module enables a The ietf-basic-remote-attestation YANG module enables a composite
composite device to take on the role of Claimant and Attester in device to take on the role of an Attester, in accordance with the
accordance with the Remote Attestation Procedures (RATS) architecture Remote Attestation Procedures (RATS) architecture
[I-D.ietf-rats-architecture] and the corresponding challenge-response [I-D.ietf-rats-architecture], and the corresponding challenge-
interaction model defined in the response interaction model defined in the
[I-D.ietf-rats-reference-interaction-models] document. A fresh nonce [I-D.ietf-rats-reference-interaction-models] document. A fresh nonce
with an appropriate amount of entropy MUST be supplied by the YANG with an appropriate amount of entropy MUST be supplied by the YANG
client in order to enable a proof-of-freshness with respect to the client in order to enable a proof-of-freshness with respect to the
attestation evidence provided by the attester running the YANG attestation Evidence provided by the Attester running the YANG
datastore. The functions of this YANG module are restricted to 0-1 datastore. Further, this nonce is used to prevent replay attacks.
TPMs per hardware component. The functions of this YANG module are restricted to 0-1 TPMs per
hardware component.
2.1. YANG Modules 2.1. YANG Modules
2.1.1. ietf-tpm-remote-attestation In this section the several YANG modules are defined.
2.1.1. 'ietf-tpm-remote-attestation'
This YANG module imports modules from [RFC6991], [RFC8348], This YANG module imports modules from [RFC6991], [RFC8348],
[I-D.ietf-netconf-keystore], ietf-tcg-algs.yang Section 2.1.2.3. [I-D.ietf-netconf-keystore], and "ietf-tcg-algs.yang"
Section 2.1.2.3.
2.1.1.1. Features 2.1.1.1. Features
This module supports the following features: This module supports the following features:
<TPMs> - Indicates that multiple TPMs on the device can support * 'TPMs': Indicates that multiple TPMs on the device can support
remote attestation, This feature is applicable in cases where remote attestation. This feature is applicable in cases where
multiple line cards, each with its own TPM. multiple line cards are present, each with its own TPM.
<bios> - Indicates the device supports the retrieval of bios event * 'bios': Indicates that the device supports the retrieval of BIOS/
logs. UEFI event logs.
<ima> - Indicates the device supports the retrieval of Integrity * 'ima': Indicates that the device supports the retrieval of event
Measurement Architecture event logs. logs from the Linux Integrity Measurement Architecture (IMA).
<netequip_boot> - Indicates the device supports the retrieval of * 'netequip_boot': Indicates that the device supports the retrieval
netequip boot event logs. of netequip boot event logs.
2.1.1.2. Identities 2.1.1.2. Identities
This module supports the following types of attestation event logs: This module supports the following types of attestation event logs:
<ima>, <bios>, and <netequip_boot>. 'bios', 'ima', and 'netequip_boot'.
2.1.1.3. RPCs 2.1.1.3. Remote Procedure Calls (RPCs)
2.1.1.3.1. <tpm20-challenge-response-attestation> In the following, RPCs for both TPM 1.2 and TPM 2.0 attestation
procedures are defined.
This RPC allows a Verifier to request a quote of PCRs from a TPM2.0 2.1.1.3.1. 'tpm12-challenge-response-attestation'
compliant cryptoprocessor. Where the feature <TPMs> is active, and
one or more <certificate-name> is not provided, all TPM2.0 compliant This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_
cryptoprocessors will respond. A YANG tree diagram of this RPC is as operation) from a TPM 1.2 compliant cryptoprocessor. Where the
follows: feature 'TPMs' is active, and one or more 'certificate-name' is not
provided, all TPM 1.2 compliant cryptoprocessors will respond. A
YANG tree diagram of this RPC is as follows:
+---x tpm12-challenge-response-attestation {taa:TPM12}?
+---w input
| +---w tpm12-attestation-challenge
| +---w pcr-index* pcr
| +---w nonce-value binary
| +---w certificate-name* certificate-name-ref {tpm:TPMs}?
+--ro output
+--ro tpm12-attestation-response* []
+--ro certificate-name certificate-name-ref
+--ro up-time? uint32
+--ro TPM_QUOTE2? binary
2.1.1.3.2. 'tpm20-challenge-response-attestation'
This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_
operation) from a TPM 2.0 compliant cryptoprocessor. Where the
feature 'TPMs' is active, and one or more 'certificate-name' is not
provided, all TPM 2.0 compliant cryptoprocessors will respond. A
YANG tree diagram of this RPC is as follows:
+---x tpm20-challenge-response-attestation {taa:TPM20}? +---x tpm20-challenge-response-attestation {taa:TPM20}?
+---w input +---w input
| +---w tpm20-attestation-challenge | +---w tpm20-attestation-challenge
| +---w nonce-value binary | +---w nonce-value binary
| +---w tpm20-pcr-selection* [] | +---w tpm20-pcr-selection* []
| | +---w TPM20-hash-algo? identityref | | +---w TPM20-hash-algo? identityref
| | +---w pcr-index* tpm:pcr | | +---w pcr-index* tpm:pcr
| +---w certificate-name* certificate-name-ref {tpm:TPMs}? | +---w certificate-name* certificate-name-ref {tpm:TPMs}?
+--ro output +--ro output
skipping to change at page 4, line 43 skipping to change at page 5, line 33
+--ro certificate-name certificate-name-ref +--ro certificate-name certificate-name-ref
+--ro TPMS_QUOTE_INFO binary +--ro TPMS_QUOTE_INFO binary
+--ro quote-signature? binary +--ro quote-signature? binary
+--ro up-time? uint32 +--ro up-time? uint32
+--ro unsigned-pcr-values* [] +--ro unsigned-pcr-values* []
+--ro TPM20-hash-algo? identityref +--ro TPM20-hash-algo? identityref
+--ro pcr-values* [pcr-index] +--ro pcr-values* [pcr-index]
+--ro pcr-index pcr +--ro pcr-index pcr
+--ro pcr-value? binary +--ro pcr-value? binary
An example of an RPC challenge requesting PCRs 0-7 from a SHA256 bank An example of an RPC challenge requesting PCRs 0-7 from a SHA-256
could look like the following: bank could look like the following:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<tpm20-challenge-response-attestation> <tpm20-challenge-response-attestation>
xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation">
<nonce>110101010110011011111001010010100</nonce> <certificate-name>
<tpm20-pcr-selection> (identifier of a TPM signature key with which the Verifier is supposed
<TPM20-hash-algo to sign the attestation data)
xmlns:taa="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> </certificate-name>
taa:TPM_ALG_SHA256 <nonce>
</TPM20-hash-algo> 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9d
<pcr-index>0</pcr-index> </nonce>
<pcr-index>1</pcr-index> <tpm20-pcr-selection>
<pcr-index>2</pcr-index> <tpm20-hash-algo
<pcr-index>3</pcr-index> xmlns:taa="urn:ietf:params:xml:ns:yang:ietf-tcg-algs">
<pcr-index>4</pcr-index> taa:TPM_ALG_SHA256
<pcr-index>5</pcr-index> </tpm20-hash-algo>
<pcr-index>6</pcr-index> <pcr-index>0</pcr-index>
<pcr-index>7</pcr-index> <pcr-index>1</pcr-index>
</tpm20-pcr-selection> <pcr-index>2</pcr-index>
</tpm20-challenge-response-attestation> <pcr-index>3</pcr-index>
</rpc> <pcr-index>4</pcr-index>
<pcr-index>5</pcr-index>
<pcr-index>6</pcr-index>
<pcr-index>7</pcr-index>
</tpm20-pcr-selection>
</tpm20-challenge-response-attestation>
</rpc>
and a successful response might be formated as follows: A successful response could be formatted as follows:
<rpc-reply message-id="101" <rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<tpm12-attestation-response <tpm20-attestation-response
xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation">
<certificate-name <certificate-name
xmlns:ks=urn:ietf:params:xml:ns:yang:ietf-keystore> xmlns:ks=urn:ietf:params:xml:ns:yang:ietf-keystore>
ks:(instance of Certificate name in the Keystore) ks:(instance of Certificate name in the Keystore)
</certificate-name> </certificate-name>
<TPMS_QUOTE_INFO> <attestation-data>
(raw information from the TPM Quote, this includes a digest (raw attestation data, i.e. the TPM quote; this includes
across the requested PCRs, the nonce, TPM2 time counters.) a composite digest of requested PCRs, the nonce,
</TPMS_QUOTE_INFO> and TPM 2.0 time information.)
</attestation-data>
<quote-signature> <quote-signature>
(signature across TPMS_QUOTE_INFO) (signature over attestation-data using the TPM key
identified by sig-key-id)
</quote-signature> </quote-signature>
</tpm12-attestation-response> </tpm20-attestation-response>
</rpc-reply> </rpc-reply>
2.1.1.4. <tpm12-challenge-response-attestation> 2.1.1.4. 'log-retrieval'
This RPC allows a Verifier to request a quote of PCRs from a TPM1.2
compliant cryptoprocessor. Where the feature <TPMs> is active, and
one or more <certificate-name> is not provided, all TPM1.2 compliant
cryptoprocessors will respond. A YANG tree diagram of this RPC is as
follows:
+---x tpm12-challenge-response-attestation {taa:TPM12}?
+---w input
| +---w tpm12-attestation-challenge
| +---w pcr-index* pcr
| +---w nonce-value binary
| +---w certificate-name* certificate-name-ref {tpm:TPMs}?
+--ro output
+--ro tpm12-attestation-response* []
+--ro certificate-name certificate-name-ref
+--ro up-time? uint32
+--ro TPM_QUOTE2? binary
2.1.1.5. <log-retrieval>
This RPC allows a Verifier to acquire the evidence which was extended This RPC allows a Verifier to acquire the evidence which was extended
into specific PCRs. A YANG tree diagram of this RPC is as follows: into specific TPM PCRs. A YANG tree diagram of this RPC is as
follows:
+---x log-retrieval +---x log-retrieval
+---w input +---w input
| +---w log-selector* [] | +---w log-selector* []
| | +---w tpm-name* string | | +---w name* string
| | +---w (index-type)? | | +---w (index-type)?
| | | +--:(last-entry) | | | +--:(last-entry)
| | | | +---w last-entry-value? binary | | | | +---w last-entry-value? binary
| | | +--:(index) | | | +--:(index)
| | | | +---w last-index-number? uint64 | | | | +---w last-index-number? uint64
| | | +--:(timestamp) | | | +--:(timestamp)
| | | +---w timestamp? yang:date-and-time | | | +---w timestamp? yang:date-and-time
| | +---w log-entry-quantity? uint16 | | +---w log-entry-quantity? uint16
| +---w log-type identityref | +---w log-type identityref
+--ro output +--ro output
+--ro system-event-logs +--ro system-event-logs
+--ro node-data* [] +--ro node-data* []
+--ro tpm-name? string +--ro name? string
+--ro up-time? uint32 +--ro up-time? uint32
+--ro log-result +--ro log-result
+--ro (attested_event_log_type) +--ro (attested_event_log_type)
+--:(bios) +--:(bios) {bios}?
| +--ro bios-event-logs | +--ro bios-event-logs
| +--ro bios-event-entry* [event-number] | +--ro bios-event-entry* [event-number]
| +--ro event-number uint32 | +--ro event-number uint32
| +--ro event-type? uint32 | +--ro event-type? uint32
| +--ro pcr-index? pcr | +--ro pcr-index? pcr
| +--ro digest-list* [] | +--ro digest-list* []
| | +--ro hash-algo? identityref | | +--ro hash-algo? identityref
| | +--ro digest* binary | | +--ro digest* binary
| +--ro event-size? uint32 | +--ro event-size? uint32
| +--ro event-data* uint8 | +--ro event-data* uint8
+--:(ima) +--:(ima) {ima}?
| +--ro ima-event-logs | +--ro ima-event-logs
| +--ro ima-event-entry* [event-number] | +--ro ima-event-entry* [event-number]
| +--ro event-number uint64 | +--ro event-number uint64
| +--ro ima-template? string | +--ro ima-template? string
| +--ro filename-hint? string | +--ro filename-hint? string
| +--ro filedata-hash? binary | +--ro filedata-hash? binary
| +--ro filedata-hash-algorithm? string | +--ro filedata-hash-algorithm? string
| +--ro template-hash-algorithm? string | +--ro template-hash-algorithm? string
| +--ro template-hash? binary | +--ro template-hash? binary
| +--ro pcr-index? pcr | +--ro pcr-index? pcr
| +--ro signature? binary | +--ro signature? binary
+--:(netequip_boot) +--:(netequip_boot) {netequip_boot}?
+--ro boot-event-logs +--ro boot-event-logs
+--ro boot-event-entry* [event-number] +--ro boot-event-entry* [event-number]
+--ro event-number uint64 +--ro event-number uint64
+--ro filename-hint? string +--ro ima-template? string
+--ro filedata-hash? binary +--ro filename-hint? string
+--ro filedata-hash-algorithm? string +--ro filedata-hash? binary
+--ro file-version? string +--ro filedata-hash-algorithm? string
+--ro file-type? string +--ro template-hash-algorithm? string
+--ro pcr-index? pcr +--ro template-hash? binary
+--ro pcr-index? pcr
+--ro signature? binary
2.1.1.6. Data Nodes 2.1.1.5. Data Nodes
This section provides a high level description of the data nodes This section provides a high level description of the data nodes
containing the configuration and operational objects with the YANG containing the configuration and operational objects with the YANG
model. For more details, please see the YANG model itself in model. For more details, please see the YANG model itself in
Section 2.1.1.7. Figure 1.
container <rats-support-structures> - This houses the set of Container 'rats-support-structures': This houses the set of
information relating to a device's TPM(s). information relating to a device's TPM(s).
container <tpms> - Provides configuration and operational details for Container 'tpms': Provides configuration and operational details for
each supported TPM, including the tpm-firmware-version, PCRs which each supported TPM, including the tpm-firmware-version, PCRs which
may be quoted, certificates which are associated with that TPM, and may be quoted, certificates which are associated with that TPM,
the current operational status. Of note is the certificates which and the current operational status. Of note are the certificates
are associated with that TPM. As a certificate is associated with a which are associated with that TPM. As a certificate is
single Attestation key, knowledge of the certificate allows a associated with a particular TPM attestation key, knowledge of the
specific TPM to be identified. certificate allows a specific TPM to be identified.
+--rw tpms +--rw tpms
+--rw tpm* [tpm-name] +--rw tpm* [name]
+--rw tpm-name string +--rw name string
+--ro hardware-based? boolean +--ro hardware-based? boolean
+--ro tpm-physical-index? int32 {ietfhw:entity-mib}? +--ro physical-index? int32 {ietfhw:entity-mib}?
+--ro tpm-path? string +--ro path? string
+--ro compute-node compute-node-ref {tpm:TPMs}? +--ro compute-node compute-node-ref {tpm:tpms}?
+--ro tpm-manufacturer? string +--ro manufacturer? string
+--rw tpm-firmware-version identityref +--rw firmware-version identityref
+--rw TPM12-hash-algo? identityref +--rw tpm12-hash-algo? identityref
+--rw TPM12-pcrs* pcr +--rw tpm12-pcrs* pcr
+--rw tpm20-pcr-bank* [TPM20-hash-algo] +--rw tpm20-pcr-bank* [tpm20-hash-algo]
| +--rw TPM20-hash-algo identityref | +--rw tpm20-hash-algo identityref
| +--rw pcr-index* tpm:pcr | +--rw pcr-index* tpm:pcr
+--ro tpm-status enumeration +--ro status enumeration
+--rw certificates +--rw certificates
+--rw certificate* [certificate-name] +--rw certificate* [name]
+--rw certificate-name string +--rw name string
+--rw certificate-keystore-ref? -> /ks:keystore/asymmetric-keys/asymmetric-key/certificates/certificate/name +--rw keystore-ref? leafref
+--rw certificate-type? enumeration +--rw type? enumeration
container <attester-supported-algos> - Identifies which TCG container 'attester-supported-algos' - Identifies which TCG hash
algorithms are available for use the Attesting platform. This allows algorithms are available for use on the Attesting platform. This
an operator to limit algorithms available for use by RPCs to just a allows an operator to limit algorithms available for use by RPCs to
desired set from the universe of all allowed by TCG. just a desired set from the universe of all allowed hash algorithms
by the TCG.
+--rw attester-supported-algos +--rw attester-supported-algos
+--rw tpm12-asymmetric-signing* identityref {taa:TPM12}? +--rw tpm12-asymmetric-signing* identityref
+--rw tpm12-hash* identityref {taa:TPM12}? +--rw tpm12-hash* identityref
+--rw tpm20-asymmetric-signing* identityref {taa:TPM20}? +--rw tpm20-asymmetric-signing* identityref
+--rw tpm20-hash* identityref {taa:TPM20}? +--rw tpm20-hash* identityref
container <compute-nodes> - When there is more than one TPM container 'compute-nodes' - When there is more than one TPM
supported, this container maintains the set of information related to supported, this container maintains the set of information related to
the compute associated with a specific TPM. This allows each the compute node associated with a specific TPM. This allows each
specific TPM to identify on which <compute-node> it belongs. specific TPM to identify to which 'compute-node' it belongs.
+--rw compute-nodes {tpm:TPMs}? +--rw compute-nodes {tpm:TPMs}?
+--ro compute-node* [node-id] +--ro compute-node* [node-id]
+--ro node-id string +--ro node-id string
+--ro node-physical-index? int32 {ietfhw:entity-mib}? +--ro node-physical-index? int32 {ietfhw:entity-mib}?
+--ro node-name? string +--ro node-name? string
+--ro node-location? string +--ro node-location? string
2.1.1.7. YANG Module 2.1.1.6. YANG Module
<CODE BEGINS> file "ietf-tpm-remote-attestation@2021-03-16.yang" <CODE BEGINS> file "ietf-tpm-remote-attestation@2021-05-11.yang"
module ietf-tpm-remote-attestation { module ietf-tpm-remote-attestation {
namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation";
prefix "tpm"; prefix tpm;
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
} }
import ietf-hardware { import ietf-hardware {
prefix ietfhw; prefix ietfhw;
} }
import ietf-keystore { import ietf-keystore {
prefix ks; prefix ks;
} }
import ietf-tcg-algs { import ietf-tcg-algs {
prefix taa; prefix taa;
} }
organization organization
"IETF RATS (Remote ATtestation procedureS) Working Group"; "IETF RATS (Remote ATtestation procedureS) Working Group";
contact contact
"WG Web : <http://datatracker.ietf.org/wg/rats/> "WG Web : <http://datatracker.ietf.org/wg/rats/>
WG List : <mailto:rats@ietf.org> WG List : <mailto:rats@ietf.org>
Author : Eric Voit <evoit@cisco.com> Author : Eric Voit <evoit@cisco.com>
Author : Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Author : Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Author : Michael Eckel <michael.eckel@sit.fraunhofer.de> Author : Michael Eckel <michael.eckel@sit.fraunhofer.de>
Author : Shwetha Bhandari <shwetha.bhandari@thoughtspot.com> Author : Shwetha Bhandari <shwetha.bhandari@thoughtspot.com>
Author : Bill Sulzen <bsulzen@cisco.com> Author : Bill Sulzen <bsulzen@cisco.com>
Author : Liang Xia (Frank) <frank.xialiang@huawei.com> Author : Liang Xia (Frank) <frank.xialiang@huawei.com>
Author : Tom Laffey <tom.laffey@hpe.com> Author : Tom Laffey <tom.laffey@hpe.com>
Author : Guy Fedorkow <gfedorkow@juniper.net>"; Author : Guy Fedorkow <gfedorkow@juniper.net>";
description description
"A YANG module to enable a TPM 1.2 and TPM 2.0 based "A YANG module to enable a TPM 1.2 and TPM 2.0 based
remote attestation procedure using a challenge-response remote attestation procedure using a challenge-response
interaction model and the TPM 1.2 and TPM 2.0 Quote interaction model and the TPM 1.2 and TPM 2.0 Quote
primitive operations. primitive operations.
Copyright (c) 2021 IETF Trust and the persons identified
Copyright (c) 2020 IETF Trust and the persons identified
as authors of the code. All rights reserved. as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices. itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119) are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all (RFC 8174) when, and only when, they appear in all
capitals, as shown here."; capitals, as shown here.";
skipping to change at page 10, line 16 skipping to change at page 11, line 12
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices. itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119) are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all (RFC 8174) when, and only when, they appear in all
capitals, as shown here."; capitals, as shown here.";
revision "2021-03-16" { revision 2021-05-11 {
description description
"Initial version"; "Initial version";
reference reference
"draft-ietf-rats-yang-tpm-charra"; "draft-ietf-rats-yang-tpm-charra";
} }
/*****************/ /*****************/
/* Features */ /* Features */
/*****************/ /*****************/
feature TPMs { feature tpms {
description description
"The device supports the remote attestation of multiple "The device supports the remote attestation of multiple
TPM based cryptoprocessors."; TPM based cryptoprocessors.";
} }
feature bios { feature bios {
description description
"The device supports the bios logs."; "The device supports the bios logs.";
reference reference
"https://trustedcomputinggroup.org/wp-content/uploads/ "https://trustedcomputinggroup.org/wp-content/uploads/
PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf
Section 9.4.5.2"; Section 9.4.5.2";
} }
skipping to change at page 11, line 21 skipping to change at page 12, line 16
typedef pcr { typedef pcr {
type uint8 { type uint8 {
range "0..31"; range "0..31";
} }
description description
"Valid index number for a PCR. At this point 0-31 is viable."; "Valid index number for a PCR. At this point 0-31 is viable.";
} }
typedef compute-node-ref { typedef compute-node-ref {
type leafref { type leafref {
path "/tpm:rats-support-structures/tpm:compute-nodes" + path "/tpm:rats-support-structures/tpm:compute-nodes"
"/tpm:compute-node/tpm:node-name"; + "/tpm:compute-node/tpm:node-name";
} }
description description
"This type is used to reference a hardware node. It is quite "This type is used to reference a hardware node. It is quite
possible this leafref will eventually point to another YANG possible this leafref will eventually point to another YANG
module's node."; module's node.";
} }
typedef certificate-name-ref { typedef certificate-name-ref {
type leafref { type leafref {
path "/tpm:rats-support-structures/tpm:tpms/tpm:tpm" + path "/tpm:rats-support-structures/tpm:tpms/tpm:tpm"
"/tpm:certificates/tpm:certificate/tpm:certificate-name"; + "/tpm:certificates/tpm:certificate/tpm:name";
} }
description description
"A type which allows identification of a TPM based certificate."; "A type which allows identification of a TPM based certificate.";
} }
/******************/ /******************/
/* Identities */ /* Identities */
/******************/ /******************/
identity attested_event_log_type { identity attested_event_log_type {
skipping to change at page 12, line 23 skipping to change at page 13, line 18
identity netequip_boot { identity netequip_boot {
base attested_event_log_type; base attested_event_log_type;
description description
"An event type associated with Network Equipment Boot."; "An event type associated with Network Equipment Boot.";
} }
/*****************/ /*****************/
/* Groupings */ /* Groupings */
/*****************/ /*****************/
grouping TPM20-hash-algo { grouping tpm20-hash-algo {
description description
"The cryptographic algorithm used to hash the TPM2 PCRs. This "The cryptographic algorithm used to hash the TPM2 PCRs. This
must be from the list of platform supported options."; must be from the list of platform supported options.";
leaf TPM20-hash-algo { leaf tpm20-hash-algo {
type identityref { type identityref {
base taa:hash; base taa:hash;
} }
must "/tpm:rats-support-structures/tpm:attester-supported-algos" must '/tpm:rats-support-structures/tpm:attester-supported-algos'
+ "/tpm:tpm20-hash" { + '/tpm:tpm20-hash' {
error-message "Not a platform supported TPM20-hash-algo"; error-message "This platform does not support tpm20-hash-algo";
} }
default taa:TPM_ALG_SHA256; default "taa:TPM_ALG_SHA256";
description description
"The hash scheme that is used to hash a TPM1.2 PCR. This "The hash scheme that is used to hash a TPM1.2 PCR. This
must be one of those supported by a platform."; must be one of those supported by a platform.";
} }
} }
grouping TPM12-hash-algo { grouping tpm12-hash-algo {
description description
"The cryptographic algorithm used to hash the TPM1.2 PCRs."; "The cryptographic algorithm used to hash the TPM1.2 PCRs.";
leaf TPM12-hash-algo { leaf tpm12-hash-algo {
type identityref { type identityref {
base taa:hash; base taa:hash;
} }
must "/tpm:rats-support-structures/tpm:attester-supported-algos" must '/tpm:rats-support-structures/tpm:attester-supported-algos'
+ "/tpm:tpm12-hash" { + '/tpm:tpm12-hash' {
error-message "Not a platform supported TPM12-hash-algo"; error-message "This platform does not support tpm12-hash-algo";
} }
default taa:TPM_ALG_SHA1; default "taa:TPM_ALG_SHA1";
description description
"The hash scheme that is used to hash a TPM1.2 PCR. This "The hash scheme that is used to hash a TPM1.2 PCR. This
MUST be one of those supported by a platform. This assumes MUST be one of those supported by a platform. This assumes
that an algorithm other than SHA1 can be supported on some that an algorithm other than SHA1 can be supported on some
TPM1.2 cryptoprocessor variant."; TPM1.2 cryptoprocessor variant.";
} }
} }
grouping nonce { grouping nonce {
description description
"A random number intended to be used once to show freshness "A random number intended to be used once to show freshness
and to allow the detection of replay attacks."; and to allow the detection of replay attacks.";
leaf nonce-value { leaf nonce-value {
type binary; type binary;
mandatory true; mandatory true;
description description
"This nonce SHOULD be generated via a registered "A cryptographically generated random number which should
cryptographic-strength algorithm. In consequence, not be predictable prior to its issuance from a random
the length of the nonce depends on the hash algorithm number generation function. The random number MUST be
used. The algorithm used in this case is independent derived from an entropy source external to the Attester.";
from the hash algorithm used to create the hash-value
in the response of the attestor.";
} }
} }
grouping tpm12-pcr-selection { grouping tpm12-pcr-selection {
description description
"A Verifier can request one or more PCR values using its "A Verifier can request one or more PCR values using its
individually created Attestation Key Certificate (AC). individually created Attestation Key Certificate (AC).
The corresponding selection filter is represented in this The corresponding selection filter is represented in this
grouping. grouping.
Requesting a PCR value that is not in scope of the AC used, Requesting a PCR value that is not in scope of the AC used,
detailed exposure via error msg should be avoided."; detailed exposure via error msg should be avoided.";
leaf-list pcr-index { leaf-list pcr-index {
/* the following XPATH must be updated to ensure that only type pcr;
selectable PCRs are allowed in the RPC must '/tpm:rats-support-structures/tpm:tpms'
must "/tpm:rats-support-structures/tpm:tpms" + + '/tpm:tpm[name = current()] and '
"/tpm:tpm[tpm-name = current()]" + + '/tpm:rats-support-structures/tpm:tpms'
"/tpm:tpm[TPM12-pcrs = current()]" { + '/tpm:tpm[tpm12-pcrs = current()]' {
error-message "Acquiring this PCR index is not supported"; error-message "Acquiring this PCR index is not supported";
} }
*/
type pcr;
description description
"The numbers/indexes of the PCRs. At the moment this is limited "The numbers/indexes of the PCRs. At the moment this is limited
to 32."; to 32.";
} }
} }
grouping tpm20-pcr-selection { grouping tpm20-pcr-selection {
description description
"A Verifier can acquire one or more PCR values, which are hashed "A Verifier can acquire one or more PCR values, which are hashed
together in a TPM2B_DIGEST coming from the TPM2. The selection together in a TPM2B_DIGEST coming from the TPM2. The selection
list of desired PCRs and the Hash Algorithm is represented in list of desired PCRs and the Hash Algorithm is represented in
this grouping."; this grouping.";
list tpm20-pcr-selection { list tpm20-pcr-selection {
unique "TPM20-hash-algo"; unique "tpm20-hash-algo";
description description
"Specifies the list of PCRs and Hash Algorithms that can be "Specifies the list of PCRs and Hash Algorithms that can be
returned within a TPM2B_DIGEST."; returned within a TPM2B_DIGEST.";
reference reference
"https://www.trustedcomputinggroup.org/wp-content/uploads/ "https://www.trustedcomputinggroup.org/wp-content/uploads/
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
uses TPM20-hash-algo; uses tpm20-hash-algo;
leaf-list pcr-index { leaf-list pcr-index {
/* the following XPATH must be updated to ensure that only type pcr;
selectable PCRs are allowed in the RPC must '/tpm:rats-support-structures/tpm:tpms'
must "/tpm:rats-support-structures/tpm:tpms" + + '/tpm:tpm[name = current()] and '
"/tpm:tpm[tpm-name = current()]" + + '/tpm:rats-support-structures/tpm:tpms/tpm:tpm'
"/tpm:tpm20-pcr-bank[pcr-index = current()]" { + '/tpm:tpm20-pcr-bank[pcr-index = current()]' {
error-message "Acquiring this PCR index is not supported"; error-message "Acquiring this PCR index is not supported";
} }
*/
type tpm:pcr;
description description
"The numbers of the PCRs that which are being tracked "The numbers of the PCRs that which are being tracked
with a hash based on the TPM20-hash-algo."; with a hash based on the tpm20-hash-algo.";
} }
} }
} }
grouping certificate-name-ref { grouping certificate-name-ref {
description description
"Identifies a certificate in a keystore."; "Identifies a certificate in a keystore.";
leaf certificate-name { leaf certificate-name {
type certificate-name-ref; type certificate-name-ref;
mandatory true; mandatory true;
description description
"Identifies a certificate in a keystore."; "Identifies a certificate in a keystore.";
} }
} }
grouping tpm-name { grouping tpm-name {
description description
"A unique TPM on a device."; "A unique TPM on a device.";
leaf tpm-name { leaf name {
type string; type string;
description description
"Unique system generated name for a TPM on a device."; "Unique system generated name for a TPM on a device.";
} }
} }
grouping tpm-name-selector { grouping tpm-name-selector {
description description
"One or more TPM on a device."; "One or more TPM on a device.";
leaf-list tpm-name {
leaf-list name {
type string; type string;
config false; config false;
description description
"Name of one or more unique TPMs on a device. If this object "Name of one or more unique TPMs on a device. If this object
exists, a selection should pull only the objects related to exists, a selection should pull only the objects related to
these TPM(s). If it does not exist, all qualifying TPMs that these TPM(s). If it does not exist, all qualifying TPMs that
are 'hardware-based' equals true on the device are selected."; are 'hardware-based' equals true on the device are selected.";
} }
} }
skipping to change at page 16, line 25 skipping to change at page 17, line 15
and Hash Algorithms."; and Hash Algorithms.";
reference reference
"https://www.trustedcomputinggroup.org/wp-content/uploads/ "https://www.trustedcomputinggroup.org/wp-content/uploads/
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.12.1"; TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.12.1";
} }
leaf quote-signature { leaf quote-signature {
type binary; type binary;
description description
"Quote signature returned by TPM Quote. The signature was "Quote signature returned by TPM Quote. The signature was
generated using the key associated with the generated using the key associated with the
certificate-name."; certificate 'name'.";
reference reference
"https://www.trustedcomputinggroup.org/wp-content/uploads/ "https://www.trustedcomputinggroup.org/wp-content/uploads/
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 11.2.1"; TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 11.2.1";
} }
uses node-uptime; uses node-uptime;
list unsigned-pcr-values { list unsigned-pcr-values {
description description
"PCR values in each PCR bank. This might appear redundant with "PCR values in each PCR bank. This might appear redundant with
the TPM2B_DIGEST, but that digest is calculated across multiple the TPM2B_DIGEST, but that digest is calculated across multiple
PCRs. Having to verify across multiple PCRs does not PCRs. Having to verify across multiple PCRs does not
skipping to change at page 16, line 41 skipping to change at page 17, line 31
list unsigned-pcr-values { list unsigned-pcr-values {
description description
"PCR values in each PCR bank. This might appear redundant with "PCR values in each PCR bank. This might appear redundant with
the TPM2B_DIGEST, but that digest is calculated across multiple the TPM2B_DIGEST, but that digest is calculated across multiple
PCRs. Having to verify across multiple PCRs does not PCRs. Having to verify across multiple PCRs does not
necessarily make it easy for a Verifier to appraise just the necessarily make it easy for a Verifier to appraise just the
minimum set of PCR information which has changed since the last minimum set of PCR information which has changed since the last
received TPM2B_DIGEST. Put another way, why should a Verifier received TPM2B_DIGEST. Put another way, why should a Verifier
reconstruct the proper value of all PCR Quotes when only a reconstruct the proper value of all PCR Quotes when only a
single PCR has changed? single PCR has changed?
To help this happen, if the Attester does know specific PCR To help this happen, if the Attester does know specific PCR
values, the Attester can provide these individual values via values, the Attester can provide these individual values via
'unsigned-pcr-values'. By comparing this information to the 'unsigned-pcr-values'. By comparing this information to the
what has previously been validated, it is possible for a what has previously been validated, it is possible for a
Verifier to confirm the Attester's signature while eliminating Verifier to confirm the Attester's signature while eliminating
significant processing."; significant processing.";
uses TPM20-hash-algo; uses tpm20-hash-algo;
list pcr-values { list pcr-values {
key pcr-index; key "pcr-index";
description description
"List of one PCR bank."; "List of one PCR bank.";
leaf pcr-index { leaf pcr-index {
type pcr; type pcr;
description description
"PCR index number."; "PCR index number.";
} }
leaf pcr-value { leaf pcr-value {
type binary; type binary;
description description
"PCR value."; "PCR value.";
reference reference
"https://www.trustedcomputinggroup.org/wp-content/uploads/ "https://www.trustedcomputinggroup.org/wp-content/uploads/
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
} }
} }
} }
} }
grouping log-identifier { grouping log-identifier {
description description
"Identifier for type of log to be retrieved."; "Identifier for type of log to be retrieved.";
leaf log-type { leaf log-type {
type identityref { type identityref {
skipping to change at page 20, line 19 skipping to change at page 20, line 51
description description
"Measurement log created by IMA."; "Measurement log created by IMA.";
list ima-event-entry { list ima-event-entry {
key event-number; key event-number;
description description
"Ordered list of ima event logs by event-number"; "Ordered list of ima event logs by event-number";
uses ima-event; uses ima-event;
} }
} }
grouping netequip-boot-event {
description
"Defines an hash log extend event for Network Equipment Boot.";
leaf event-number {
type uint64;
description
"Unique number for this event for sequencing";
}
leaf filename-hint {
type string;
description
"File that was measured";
}
leaf filedata-hash {
type binary;
description
"Hash of filedata";
}
leaf filedata-hash-algorithm {
type string;
description
"Algorithm used for filedata-hash.";
}
leaf file-version {
type string;
description
"File version information.";
}
leaf file-type {
type string;
description
"Indicating at which boot stage the file is loaded,
such as BIOS, BootLoader, etc.";
}
leaf pcr-index {
type pcr;
description
"Defines the PCR index that this event extended";
}
}
grouping network-equipment-boot-event-log { grouping network-equipment-boot-event-log {
description description
"Measurement log created by Network Equipment Boot."; "Measurement log created by Network Equipment Boot. The Network
Equipment Boot format is identical to the IMA format. In
contrast to the IMA log, the Network Equipment Boot log
includes every measurable event from an Attester, including
the boot stages of BIOS, Bootloader, etc. In essence, the scope
of events represented in this format combines the scope of BIOS
events and IMA events.";
list boot-event-entry { list boot-event-entry {
key event-number; key event-number;
description description
"Ordered list of Network Equipment Boot event logs "Ordered list of Network Equipment Boot event logs
by event-number."; by event-number, using the IMA event format.";
uses netequip-boot-event; uses ima-event;
} }
} }
grouping event-logs { grouping event-logs {
description description
"A selector for the log and its type."; "A selector for the log and its type.";
choice attested_event_log_type { choice attested_event_log_type {
mandatory true; mandatory true;
description description
"Event log type determines the event logs content."; "Event log type determines the event logs content.";
case bios { case bios {
if-feature "bios"; if-feature "bios";
description description
skipping to change at page 22, line 21 skipping to change at page 22, line 17
} }
} }
} }
} }
/**********************/ /**********************/
/* RPC operations */ /* RPC operations */
/**********************/ /**********************/
rpc tpm12-challenge-response-attestation { rpc tpm12-challenge-response-attestation {
if-feature "taa:TPM12"; if-feature "taa:tpm12";
description description
"This RPC accepts the input for TSS TPM 1.2 commands made to the "This RPC accepts the input for TSS TPM 1.2 commands made to the
attesting device."; attesting device.";
input { input {
container tpm12-attestation-challenge { container tpm12-attestation-challenge {
description description
"This container includes every information element defined "This container includes every information element defined
in the reference challenge-response interaction model for in the reference challenge-response interaction model for
remote attestation. Corresponding values are based on remote attestation. Corresponding values are based on
TPM 1.2 structure definitions"; TPM 1.2 structure definitions";
uses tpm12-pcr-selection; uses tpm12-pcr-selection;
uses nonce; uses nonce;
leaf-list certificate-name { leaf-list certificate-name {
if-feature "tpm:TPMs"; if-feature "tpm:tpms";
type certificate-name-ref; type certificate-name-ref;
must "/tpm:rats-support-structures/tpm:tpms" + must "/tpm:rats-support-structures/tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm12']" + + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"
"/tpm:certificates/" + + "/tpm:certificates/"
"/tpm:certificate[certificate-name-ref=current()]" { + "/tpm:certificate[name=current()]" {
error-message "Not an available TPM1.2 AIK certificate."; error-message "Not an available TPM1.2 AIK certificate.";
} }
description description
"When populated, the RPC will only get a Quote for the "When populated, the RPC will only get a Quote for the
TPMs associated with these certificate(s)."; TPMs associated with these certificate(s).";
} }
} }
} }
output { output {
list tpm12-attestation-response { list tpm12-attestation-response {
unique "certificate-name"; unique "certificate-name";
description description
"The binary output of TPM 1.2 TPM_Quote/TPM_Quote2, including "The binary output of TPM 1.2 TPM_Quote/TPM_Quote2, including
the PCR selection and other associated attestation evidence the PCR selection and other associated attestation evidence
metadata"; metadata";
skipping to change at page 23, line 18 skipping to change at page 23, line 15
uses certificate-name-ref { uses certificate-name-ref {
description description
"Certificate associated with this tpm12-attestation."; "Certificate associated with this tpm12-attestation.";
} }
uses tpm12-attestation; uses tpm12-attestation;
} }
} }
} }
rpc tpm20-challenge-response-attestation { rpc tpm20-challenge-response-attestation {
if-feature "taa:TPM20"; if-feature "taa:tpm20";
description description
"This RPC accepts the input for TSS TPM 2.0 commands of the "This RPC accepts the input for TSS TPM 2.0 commands of the
managed device. ComponentIndex from the hardware manager YANG managed device. ComponentIndex from the hardware manager YANG
module to refer to dedicated TPM in composite devices, module to refer to dedicated TPM in composite devices,
e.g. smart NICs, is still a TODO."; e.g. smart NICs, is still a TODO.";
input { input {
container tpm20-attestation-challenge { container tpm20-attestation-challenge {
description description
"This container includes every information element defined "This container includes every information element defined
in the reference challenge-response interaction model for in the reference challenge-response interaction model for
remote attestation. Corresponding values are based on remote attestation. Corresponding values are based on
TPM 2.0 structure definitions"; TPM 2.0 structure definitions";
uses nonce; uses nonce;
uses tpm20-pcr-selection; uses tpm20-pcr-selection;
leaf-list certificate-name { leaf-list certificate-name {
if-feature "tpm:TPMs"; if-feature "tpm:tpms";
type certificate-name-ref; type certificate-name-ref;
must "/tpm:rats-support-structures/tpm:tpms" + must "/tpm:rats-support-structures/tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm20']" + + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"
"/tpm:certificates/" + + "/tpm:certificates/"
"/tpm:certificate[certificate-name-ref=current()]" { + "/tpm:certificate[name=current()]" {
error-message "Not an available TPM2.0 AIK certificate."; error-message "Not an available TPM2.0 AIK certificate.";
} }
description description
"When populated, the RPC will only get a Quote for the "When populated, the RPC will only get a Quote for the
TPMs associated with the certificates."; TPMs associated with the certificates.";
} }
} }
} }
output { output {
list tpm20-attestation-response { list tpm20-attestation-response {
unique "certificate-name"; unique "certificate-name";
description description
"The binary output of TPM2b_Quote in one TPM chip of the "The binary output of TPM2b_Quote in one TPM chip of the
node which identified by node-id. An TPMS_ATTEST structure node which identified by node-id. An TPMS_ATTEST structure
including a length, encapsulated in a signature"; including a length, encapsulated in a signature";
skipping to change at page 25, line 28 skipping to change at page 25, line 24
} }
leaf log-entry-quantity { leaf log-entry-quantity {
type uint16; type uint16;
description description
"The number of log entries to be returned. If omitted, it "The number of log entries to be returned. If omitted, it
means all of them."; means all of them.";
} }
} }
uses log-identifier; uses log-identifier;
} }
output { output {
container system-event-logs { container system-event-logs {
description description
"The requested data of the measurement event logs"; "The requested data of the measurement event logs";
list node-data { list node-data {
unique "tpm-name"; unique "name";
description description
"Event logs of a node in a distributed system "Event logs of a node in a distributed system
identified by the node name"; identified by the node name";
uses tpm-name; uses tpm-name;
uses node-uptime; uses node-uptime;
container log-result { container log-result {
description description
"The requested entries of the corresponding log."; "The requested entries of the corresponding log.";
uses event-logs; uses event-logs;
} }
skipping to change at page 26, line 12 skipping to change at page 26, line 7
/**************************************/ /**************************************/
/* Config & Oper accessible nodes */ /* Config & Oper accessible nodes */
/**************************************/ /**************************************/
container rats-support-structures { container rats-support-structures {
description description
"The datastore definition enabling verifiers or relying "The datastore definition enabling verifiers or relying
parties to discover the information necessary to use the parties to discover the information necessary to use the
remote attestation RPCs appropriately."; remote attestation RPCs appropriately.";
container compute-nodes { container compute-nodes {
if-feature "tpm:TPMs"; if-feature "tpm:tpms";
description description
"Holds the set device subsystems/components in this composite "Holds the set device subsystems/components in this composite
device that support TPM operations."; device that support TPM operations.";
list compute-node { list compute-node {
key node-id; key "node-id";
config false; config false;
min-elements 2; min-elements 2;
description description
"A component within this composite device which "A component within this composite device which
supports TPM operations."; supports TPM operations.";
leaf node-id { leaf node-id {
type string; type string;
description description
"ID of the compute node, such as Board Serial Number."; "ID of the compute node, such as Board Serial Number.";
} }
leaf node-physical-index { leaf node-physical-index {
if-feature ietfhw:entity-mib; if-feature "ietfhw:entity-mib";
type int32 { type int32 {
range "1..2147483647"; range "1..2147483647";
} }
config false; config false;
description description
"The entPhysicalIndex for the compute node."; "The entPhysicalIndex for the compute node.";
reference reference
"RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex";
} }
leaf node-name { leaf node-name {
skipping to change at page 27, line 7 skipping to change at page 26, line 50
type string; type string;
description description
"Location of the compute node, such as slot number."; "Location of the compute node, such as slot number.";
} }
} }
} }
container tpms { container tpms {
description description
"Holds the set of TPMs within an Attester."; "Holds the set of TPMs within an Attester.";
list tpm { list tpm {
key tpm-name; key "name";
unique "tpm-path"; unique "path";
description description
"A list of TPMs in this composite device that RATS "A list of TPMs in this composite device that RATS
can be conducted with."; can be conducted with.";
uses tpm-name; uses tpm-name;
leaf hardware-based { leaf hardware-based {
type boolean; type boolean;
config false; config false;
description description
"Answers the question: is this TPM is a hardware based "Answers the question: is this TPM is a hardware based
TPM?"; TPM?";
} }
leaf tpm-physical-index { leaf physical-index {
if-feature ietfhw:entity-mib; if-feature "ietfhw:entity-mib";
type int32 { type int32 {
range "1..2147483647"; range "1..2147483647";
} }
config false; config false;
description description
"The entPhysicalIndex for the TPM."; "The entPhysicalIndex for the TPM.";
reference reference
"RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex";
} }
leaf tpm-path { leaf path {
type string; type string;
config false; config false;
description description
"Path to a unique TPM on a device. This can change across "Path to a unique TPM on a device. This can change across
reboots."; reboots.";
} }
leaf compute-node { leaf compute-node {
if-feature "tpm:TPMs"; if-feature "tpm:tpms";
type compute-node-ref; type compute-node-ref;
config false; config false;
mandatory true; mandatory true;
description description
"Indicates the compute node measured by this TPM."; "Indicates the compute node measured by this TPM.";
} }
leaf tpm-manufacturer { leaf manufacturer {
type string; type string;
config false; config false;
description description
"TPM manufacturer name."; "TPM manufacturer name.";
} }
leaf tpm-firmware-version { leaf firmware-version {
type identityref { type identityref {
base taa:cryptoprocessor; base taa:cryptoprocessor;
} }
mandatory true; mandatory true;
description description
"Identifies the cryptoprocessor API set supported. This "Identifies the cryptoprocessor API set supported. This
is automatically configured by the device and should not is automatically configured by the device and should not
be changed."; be changed.";
} }
uses TPM12-hash-algo { uses tpm12-hash-algo {
when "tpm-firmware-version = 'taa:tpm12'"; when "firmware-version = 'taa:tpm12'";
refine TPM12-hash-algo { refine "tpm12-hash-algo" {
description description
"The hash algorithm overwrites the default used for PCRs "The hash algorithm overwrites the default used for PCRs
on this TPM1.2 compliant cryptoprocessor."; on this TPM1.2 compliant cryptoprocessor.";
} }
} }
leaf-list TPM12-pcrs { leaf-list tpm12-pcrs {
when "../tpm-firmware-version = 'taa:tpm12'"; when "../firmware-version = 'taa:tpm12'";
type pcr; type pcr;
description description
"The PCRs which may be extracted from this TPM1.2 "The PCRs which may be extracted from this TPM1.2
compliant cryptoprocessor."; compliant cryptoprocessor.";
} }
list tpm20-pcr-bank { list tpm20-pcr-bank {
when "../tpm-firmware-version = 'taa:tpm20'"; when "../firmware-version = 'taa:tpm20'";
key "TPM20-hash-algo"; key "tpm20-hash-algo";
description description
"Specifies the list of PCRs that may be extracted for "Specifies the list of PCRs that may be extracted for
a specific Hash Algorithm on this TPM2 compliant a specific Hash Algorithm on this TPM2 compliant
cryptoprocessor. A bank is a set of PCRs which are cryptoprocessor. A bank is a set of PCRs which are
extended using a particular hash algorithm."; extended using a particular hash algorithm.";
reference reference
"https://www.trustedcomputinggroup.org/wp-content/uploads/ "https://www.trustedcomputinggroup.org/wp-content/uploads/
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
leaf TPM20-hash-algo { leaf tpm20-hash-algo {
type identityref { type identityref {
base taa:hash; base taa:hash;
} }
must "/tpm:rats-support-structures" must '/tpm:rats-support-structures'
+ "/tpm:attester-supported-algos" + '/tpm:attester-supported-algos'
+ "/tpm:tpm20-hash" { + '/tpm:tpm20-hash' {
error-message "Not a platform supported TPM20-hash-algo"; error-message
"This platform does not support tpm20-hash-algo";
} }
description description
"The hash scheme actively being used to hash a "The hash scheme actively being used to hash a
one or more TPM2.0 PCRs."; one or more TPM2.0 PCRs.";
} }
leaf-list pcr-index { leaf-list pcr-index {
type tpm:pcr; type tpm:pcr;
description description
"Defines what TPM2 PCRs are available to be extracted."; "Defines what TPM2 PCRs are available to be extracted.";
} }
} }
leaf tpm-status { leaf status {
type enumeration { type enumeration {
enum operational { enum operational {
value 0; value 0;
description description
"The TPM currently is currently running normally and "The TPM currently is currently running normally and
is ready to accept and process TPM quotes."; is ready to accept and process TPM quotes.";
reference reference
"TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf "TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
Section 12"; Section 12";
} }
skipping to change at page 29, line 40 skipping to change at page 29, line 35
config false; config false;
mandatory true; mandatory true;
description description
"TPM chip self-test status."; "TPM chip self-test status.";
} }
container certificates { container certificates {
description description
"The TPM's certificates, including EK certificates "The TPM's certificates, including EK certificates
and AK certificates."; and AK certificates.";
list certificate { list certificate {
key "certificate-name"; key "name";
description description
"Three types of certificates can be accessed via "Three types of certificates can be accessed via
this statement, including Initial Attestation this statement, including Initial Attestation
Key Cert, Local Attestation Key Cert or Key Certificate, Local Attestation Key Certificate or
Endorsement Key Cert."; Endorsement Key Certificate.";
leaf certificate-name { leaf name {
type string; type string;
description description
"An arbitrary name uniquely identifying a certificate "An arbitrary name uniquely identifying a certificate
associated within key within a TPM."; associated within key within a TPM.";
} }
leaf certificate-keystore-ref { leaf keystore-ref {
type leafref { type leafref {
path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key" path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
+ "/ks:certificates/ks:certificate/ks:name"; + "/ks:certificates/ks:certificate/ks:name";
} }
description description
"A reference to a specific certificate of an "A reference to a specific certificate of an
asymmetric key in the Keystore."; asymmetric key in the Keystore.";
/* Note: It is also possible to import a grouping which
allows local definition via an imported keystore
schema. */
} }
leaf certificate-type { leaf type {
type enumeration { type enumeration {
enum endorsement-cert { enum endorsement-certificate {
value 0; value 0;
description description
"Endorsement Key (EK) Certificate type."; "Endorsement Key (EK) Certificate type.";
reference
"https://trustedcomputinggroup.org/wp-content/
uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
Section 3.11";
} }
enum initial-attestation-cert { enum initial-attestation-certificate {
value 1; value 1;
description description
"Initial Attestation key (IAK) Certificate type."; "Initial Attestation key (IAK) Certificate type.";
reference
"https://trustedcomputinggroup.org/wp-content/
uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
Section 3.2";
} }
enum local-attestation-cert { enum local-attestation-certificate {
value 2; value 2;
description description
"Local Attestation Key (LAK) Certificate type."; "Local Attestation Key (LAK) Certificate type.";
reference
"https://trustedcomputinggroup.org/wp-content/
uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
Section 3.2";
} }
} }
description description
"Type of this certificate"; "Function supported by this certificate from within the
TPM.";
} }
} }
} }
} }
} }
container attester-supported-algos { container attester-supported-algos {
description description
"Identifies which TPM algorithms are available for use on an "Identifies which TPM algorithms are available for use on an
attesting platform."; attesting platform.";
leaf-list tpm12-asymmetric-signing { leaf-list tpm12-asymmetric-signing {
when "../../tpm:tpms" + when "../../tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm12']"; + "/tpm:tpm[tpm:firmware-version='taa:tpm12']";
if-feature "taa:TPM12";
type identityref { type identityref {
base taa:asymmetric; base taa:asymmetric;
} }
description description
"Platform Supported TPM12 asymmetric algorithms."; "Platform Supported TPM12 asymmetric algorithms.";
} }
leaf-list tpm12-hash { leaf-list tpm12-hash {
when "../../tpm:tpms" + when "../../tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm12']"; + "/tpm:tpm[tpm:firmware-version='taa:tpm12']";
if-feature "taa:TPM12";
type identityref { type identityref {
base taa:hash; base taa:hash;
} }
description description
"Platform supported TPM12 hash algorithms."; "Platform supported TPM12 hash algorithms.";
} }
leaf-list tpm20-asymmetric-signing { leaf-list tpm20-asymmetric-signing {
when "../../tpm:tpms" + when "../../tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm20']"; + "/tpm:tpm[tpm:firmware-version='taa:tpm20']";
if-feature "taa:TPM20";
type identityref { type identityref {
base taa:asymmetric; base taa:asymmetric;
} }
description description
"Platform Supported TPM20 asymmetric algorithms."; "Platform Supported TPM20 asymmetric algorithms.";
} }
leaf-list tpm20-hash { leaf-list tpm20-hash {
when "../../tpm:tpms" + when "../../tpm:tpms"
"/tpm:tpm[tpm:tpm-firmware-version='taa:tpm20']"; + "/tpm:tpm[tpm:firmware-version='taa:tpm20']";
if-feature "taa:TPM20";
type identityref { type identityref {
base taa:hash; base taa:hash;
} }
description description
"Platform supported TPM20 hash algorithms."; "Platform supported TPM20 hash algorithms.";
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
2.1.2. ietf-tcg-algs Figure 1
2.1.2. 'ietf-tcg-algs'
Cryptographic algorithm types were initially included within -v14 Cryptographic algorithm types were initially included within -v14
NETCONF's iana-crypto-types.yang. Unfortunately all this content NETCONF's iana-crypto-types.yang. Unfortunately, all this content
including the algorithms needed here failed to make the -v15 used including the algorithms needed here failed to make the -v15 used
WGLC. As a result this document has encoded the TCG Algorithm WGLC. As a result, this document has encoded the TCG Algorithm
definitions of [TCG-Algos], revision 1.32. By including this full definitions of [TCG-Algos], revision 1.32. By including this full
table as a separate YANG file within this document, it is possible table as a separate YANG file within this document, it is possible
for other YANG models to leverage the contents of this model. for other YANG models to leverage the contents of this model.
2.1.2.1. Features 2.1.2.1. Features
There are two types of features supported <TPM12> and <TPM20>. There are two types of features supported: 'TPM12' and 'TPM20'.
Support for either of these features indicates that a cryptoprocessor Support for either of these features indicates that a cryptoprocessor
supporting the corresponding type of TCG API is present on an supporting the corresponding type of TCG TPM API is present on an
Attester. Most commonly, only one type of cryptoprocessor will be Attester. Most commonly, only one type of cryptoprocessor will be
available on an Attester. available on an Attester.
2.1.2.2. Identities 2.1.2.2. Identities
There are three types of identities in this model. There are three types of identities in this model:
The first are the cryptographic functions supportable by a TPM 1. *Cryptographic functions* supported by a TPM algorithm; these
algorithm, these include: <asymmetric>, <symmetric>, <hash>, include: 'asymmetric', 'symmetric', 'hash', 'signing',
<signing>, <anonymous_signing>, <encryption_mode>, <method>, and 'anonymous_signing', 'encryption_mode', 'method', and
<object_type>. The definitions of each of these are in Table 2 of 'object_type'. The definitions of each of these are in Table 2
[TCG-Algos]. of [TCG-Algos].
The second are API specifications for tpms: <tpm12> and <tpm2>. 2. *API specifications* for TPMs: 'tpm12' and 'tpm20'
The third are specific algorithm types. Each algorithm type defines 3. *Specific algorithm types*: Each algorithm type defines what
what cryptographic functions may be supported, and on which type of cryptographic functions may be supported, and on which type of
API specification. It is not required that an implementation of a API specification. It is not required that an implementation of
specific TPM will support all algorithm types. The contents of each a specific TPM will support all algorithm types. The contents of
specific algorithm mirrors what is in Table 3 of [TCG-Algos]. each specific algorithm mirrors what is in Table 3 of
[TCG-Algos].
2.1.2.3. YANG Module 2.1.2.3. YANG Module
<CODE BEGINS> file "ietf-tcg-algs@2020-09-18.yang" <CODE BEGINS> file "ietf-tcg-algs@2021-05-11.yang"
module ietf-tcg-algs { module ietf-tcg-algs {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs";
prefix taa; prefix taa;
organization organization
"IETF RATS Working Group"; "IETF RATS Working Group";
contact contact
"WG Web: <http://datatracker.ietf.org/wg/rats/> "WG Web: <http://datatracker.ietf.org/wg/rats/>
WG List: <mailto:rats@ietf.org> WG List: <mailto:rats@ietf.org>
Author: Eric Voit <mailto:evoit@cisco.com>"; Author: Eric Voit <mailto:evoit@cisco.com>";
description description
"This module defines a identities for asymmetric algorithms. "This module defines a identities for asymmetric algorithms.
Copyright (c) 2020 IETF Trust and the persons identified Copyright (c) 2021 IETF Trust and the persons identified
as authors of the code. All rights reserved. as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices. itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119) are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all (RFC 8174) when, and only when, they appear in all
capitals, as shown here."; capitals, as shown here.";
revision 2020-09-18 { revision 2021-05-11 {
description description
"Initial version"; "Initial version";
reference reference
"RFC XXXX: tbd"; "RFC XXXX: tbd";
} }
/*****************/ /*****************/
/* Features */ /* Features */
/*****************/ /*****************/
feature TPM12 { feature tpm12 {
description description
"This feature indicates algorithm support for the TPM 1.2 API "This feature indicates algorithm support for the TPM 1.2 API
as per TPM-main-1.2-Rev94-part-2, Section 4.8."; as per TPM-main-1.2-Rev94-part-2, Section 4.8.";
} }
feature TPM20 { feature tpm20 {
description description
"This feature indicates algorithm support for the TPM 2.0 API "This feature indicates algorithm support for the TPM 2.0 API
as per TPM-Rev-2.0-Part-1-Architecture-01.38 Section 11.4."; as per TPM-Rev-2.0-Part-1-Architecture-01.38 Section 11.4.";
} }
/*****************/ /*****************/
/* Identities */ /* Identities */
/*****************/ /*****************/
/* There needs to be collasping/verification of some of the identity /* There needs to be collasping/verification of some of the identity
types between the various algorithm types listed below */ types between the various algorithm types listed below */
identity asymmetric { identity asymmetric {
description description
"A TCG recognized asymmetric algorithm with a public and "A TCG recognized asymmetric algorithm with a public and
skipping to change at page 35, line 20 skipping to change at page 35, line 29
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 2"; "TCG_Algorithm_Registry_r1p32_pub Table 2";
} }
identity cryptoprocessor { identity cryptoprocessor {
description description
"Base identity identifying a crytoprocessor."; "Base identity identifying a crytoprocessor.";
} }
identity tpm12 { identity tpm12 {
if-feature "TPM12"; if-feature "tpm12";
base cryptoprocessor; base cryptoprocessor;
description description
"Supportable by a TPM1.2."; "Supportable by a TPM1.2.";
reference reference
"TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf "TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf
TPM_ALGORITHM_ID values, page 18"; TPM_ALGORITHM_ID values, page 18";
} }
identity tpm20 { identity tpm20 {
if-feature "TPM12"; if-feature "tpm12";
base cryptoprocessor; base cryptoprocessor;
description description
"Supportable by a TPM2."; "Supportable by a TPM2.";
reference reference
"TPM-Rev-2.0-Part-2-Structures-01.38.pdf "TPM-Rev-2.0-Part-2-Structures-01.38.pdf
The TCG Algorithm Registry. Table 9"; The TCG Algorithm Registry. Table 9";
} }
identity TPM_ALG_RSA { identity TPM_ALG_RSA {
if-feature "TPM12 or TPM20"; if-feature "tpm12 or tpm20";
base tpm12; base tpm12;
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base object_type; base object_type;
description description
"RSA algorithm"; "RSA algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
RFC 8017. ALG_ID: 0x0001"; RFC 8017. ALG_ID: 0x0001";
} }
identity TPM_ALG_TDES { identity TPM_ALG_TDES {
if-feature "TPM12"; if-feature "tpm12";
base tpm12; base tpm12;
base symmetric; base symmetric;
description description
"Block cipher with various key sizes (Triple Data Encryption "Block cipher with various key sizes (Triple Data Encryption
Algorithm, commonly called Triple Data Encryption Standard) Algorithm, commonly called Triple Data Encryption Standard)
Note: was banned in TPM1.2 v94"; Note: was banned in TPM1.2 v94";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0003"; ISO/IEC 18033-3. ALG_ID: 0x0003";
} }
identity TPM_ALG_SHA1 { identity TPM_ALG_SHA1 {
if-feature "TPM12 or TPM20"; if-feature "tpm12 or tpm20";
base hash; base hash;
base tpm12; base tpm12;
base tpm20; base tpm20;
description description
"SHA1 algorithm - Deprecated due to insufficient cryptographic "SHA1 algorithm - Deprecated due to insufficient cryptographic
protection. However it is still useful for hash algorithms protection. However it is still useful for hash algorithms
where protection is not required."; where protection is not required.";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x0004"; ISO/IEC 10118-3. ALG_ID: 0x0004";
} }
identity TPM_ALG_HMAC { identity TPM_ALG_HMAC {
if-feature "TPM12 or TPM20"; if-feature "tpm12 or tpm20";
base tpm12; base tpm12;
base tpm20; base tpm20;
base hash; base hash;
base signing; base signing;
description description
"Hash Message Authentication Code (HMAC) algorithm"; "Hash Message Authentication Code (HMAC) algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3, "TCG_Algorithm_Registry_r1p32_pub Table 3,
ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005"; ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005";
} }
skipping to change at page 36, line 42 skipping to change at page 37, line 4
base tpm12; base tpm12;
base tpm20; base tpm20;
base hash; base hash;
base signing; base signing;
description description
"Hash Message Authentication Code (HMAC) algorithm"; "Hash Message Authentication Code (HMAC) algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3, "TCG_Algorithm_Registry_r1p32_pub Table 3,
ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005"; ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005";
} }
identity TPM_ALG_AES { identity TPM_ALG_AES {
if-feature "TPM12"; if-feature "tpm12";
base tpm12; base tpm12;
base symmetric; base symmetric;
description description
"The AES algorithm with various key sizes"; "The AES algorithm with various key sizes";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0006"; ISO/IEC 18033-3. ALG_ID: 0x0006";
} }
identity TPM_ALG_MGF1 { identity TPM_ALG_MGF1 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
base method; base method;
description description
"hash-based mask-generation function"; "hash-based mask-generation function";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3, "TCG_Algorithm_Registry_r1p32_pub Table 3,
IEEE Std 1363-2000 and IEEE Std 1363a -2004. IEEE Std 1363-2000 and IEEE Std 1363a -2004.
ALG_ID: 0x0007"; ALG_ID: 0x0007";
} }
identity TPM_ALG_KEYEDHASH { identity TPM_ALG_KEYEDHASH {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
base object_type; base object_type;
description description
"An encryption or signing algorithm using a keyed hash. These "An encryption or signing algorithm using a keyed hash. These
may use XOR for encryption or an HMAC for signing and may may use XOR for encryption or an HMAC for signing and may
also refer to a data object that is neither signing nor also refer to a data object that is neither signing nor
encrypting."; encrypting.";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. . ALG_ID: 0x0008"; TCG TPM 2.0 library specification. . ALG_ID: 0x0008";
} }
identity TPM_ALG_XOR { identity TPM_ALG_XOR {
if-feature "TPM12 or TPM20"; if-feature "tpm12 or tpm20";
base tpm12; base tpm12;
base tpm20; base tpm20;
base hash; base hash;
base symmetric; base symmetric;
description description
"The XOR encryption algorithm."; "The XOR encryption algorithm.";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x000A"; TCG TPM 2.0 library specification. ALG_ID: 0x000A";
} }
identity TPM_ALG_SHA256 { identity TPM_ALG_SHA256 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SHA 256 algorithm"; "The SHA 256 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000B"; ISO/IEC 10118-3. ALG_ID: 0x000B";
} }
identity TPM_ALG_SHA384 { identity TPM_ALG_SHA384 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SHA 384 algorithm"; "The SHA 384 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000C"; ISO/IEC 10118-3. ALG_ID: 0x000C";
} }
identity TPM_ALG_SHA512 { identity TPM_ALG_SHA512 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SHA 512 algorithm"; "The SHA 512 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000D"; ISO/IEC 10118-3. ALG_ID: 0x000D";
} }
identity TPM_ALG_NULL { identity TPM_ALG_NULL {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
description description
"NULL algorithm"; "NULL algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x0010"; TCG TPM 2.0 library specification. ALG_ID: 0x0010";
} }
identity TPM_ALG_SM3_256 { identity TPM_ALG_SM3_256 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SM3 hash algorithm."; "The SM3 hash algorithm.";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
GM/T 0004-2012 - SM3_256. ALG_ID: 0x0012"; GM/T 0004-2012 - SM3_256. ALG_ID: 0x0012";
} }
identity TPM_ALG_SM4 { identity TPM_ALG_SM4 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
description description
"SM4 symmetric block cipher"; "SM4 symmetric block cipher";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
GB/T 32907-2016. ALG_ID: 0x0013"; GB/T 32907-2016. ALG_ID: 0x0013";
} }
identity TPM_ALG_RSASSA { identity TPM_ALG_RSASSA {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
description description
"Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)"; "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0014"; ALG_ID: 0x0014";
} }
identity TPM_ALG_RSAES { identity TPM_ALG_RSAES {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base encryption_mode; base encryption_mode;
description description
"Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)"; "Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017 "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017
ALG_ID: 0x0015"; ALG_ID: 0x0015";
} }
identity TPM_ALG_RSAPSS { identity TPM_ALG_RSAPSS {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
description description
"Padding algorithm defined in section 8.1 (RSASSA PSS)"; "Padding algorithm defined in section 8.1 (RSASSA PSS)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0016"; ALG_ID: 0x0016";
} }
identity TPM_ALG_OAEP { identity TPM_ALG_OAEP {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base encryption_mode; base encryption_mode;
description description
"Padding algorithm defined in section 7.1 (RSASSA OAEP)"; "Padding algorithm defined in section 7.1 (RSASSA OAEP)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0017"; ALG_ID: 0x0017";
} }
identity TPM_ALG_ECDSA { identity TPM_ALG_ECDSA {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
description description
"Signature algorithm using elliptic curve cryptography (ECC)"; "Signature algorithm using elliptic curve cryptography (ECC)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 14888-3. ALG_ID: 0x0018"; ISO/IEC 14888-3. ALG_ID: 0x0018";
} }
identity TPM_ALG_ECDH { identity TPM_ALG_ECDH {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base method; base method;
description description
"Secret sharing using ECC"; "Secret sharing using ECC";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A and RFC 7748. ALG_ID: 0x0019"; NIST SP800-56A and RFC 7748. ALG_ID: 0x0019";
} }
identity TPM_ALG_ECDAA { identity TPM_ALG_ECDAA {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
base anonymous_signing; base anonymous_signing;
description description
"Elliptic-curve based anonymous signing scheme"; "Elliptic-curve based anonymous signing scheme";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x001A"; TCG TPM 2.0 library specification. ALG_ID: 0x001A";
} }
skipping to change at page 41, line 4 skipping to change at page 41, line 13
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
base anonymous_signing; base anonymous_signing;
description description
"Elliptic-curve based anonymous signing scheme"; "Elliptic-curve based anonymous signing scheme";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x001A"; TCG TPM 2.0 library specification. ALG_ID: 0x001A";
} }
identity TPM_ALG_SM2 { identity TPM_ALG_SM2 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
base method; base method;
description description
"SM2 - depending on context, either an elliptic-curve based, "SM2 - depending on context, either an elliptic-curve based,
signature algorithm, an encryption scheme, or a key exchange signature algorithm, an encryption scheme, or a key exchange
protocol"; protocol";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
A GM/T 0003.1-2012, GM/T 0003.2-2012, GM/T 0003.3-2012, A GM/T 0003.1-2012, GM/T 0003.2-2012, GM/T 0003.3-2012,
GM/T 0003.5-2012 SM2. ALG_ID: 0x001B"; GM/T 0003.5-2012 SM2. ALG_ID: 0x001B";
} }
identity TPM_ALG_ECSCHNORR { identity TPM_ALG_ECSCHNORR {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
description description
"Elliptic-curve based Schnorr signature"; "Elliptic-curve based Schnorr signature";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x001C"; TCG TPM 2.0 library specification. ALG_ID: 0x001C";
} }
identity TPM_ALG_ECMQV { identity TPM_ALG_ECMQV {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base method; base method;
description description
"Two-phase elliptic-curve key"; "Two-phase elliptic-curve key";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A. ALG_ID: 0x001D"; NIST SP800-56A. ALG_ID: 0x001D";
} }
identity TPM_ALG_KDF1_SP800_56A { identity TPM_ALG_KDF1_SP800_56A {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
base method; base method;
description description
"Concatenation key derivation function"; "Concatenation key derivation function";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A (approved alternative1) section 5.8.1. NIST SP800-56A (approved alternative1) section 5.8.1.
ALG_ID: 0x0020"; ALG_ID: 0x0020";
} }
identity TPM_ALG_KDF2 { identity TPM_ALG_KDF2 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
base method; base method;
description description
"Key derivation function"; "Key derivation function";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021"; IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021";
} }
identity TPM_ALG_KDF1_SP800_108 { identity TPM_ALG_KDF1_SP800_108 {
base TPM_ALG_KDF2; base TPM_ALG_KDF2;
description description
"A key derivation method"; "A key derivation method";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022"; NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022";
} }
identity TPM_ALG_ECC { identity TPM_ALG_ECC {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base object_type; base object_type;
description description
"Prime field ECC"; "Prime field ECC";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 15946-1. ALG_ID: 0x0023"; ISO/IEC 15946-1. ALG_ID: 0x0023";
} }
identity TPM_ALG_SYMCIPHER { identity TPM_ALG_SYMCIPHER {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
description description
"Object type for a symmetric block cipher"; "Object type for a symmetric block cipher";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x0025"; TCG TPM 2.0 library specification. ALG_ID: 0x0025";
} }
identity TPM_ALG_CAMELLIA { identity TPM_ALG_CAMELLIA {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
description description
"The Camellia algorithm"; "The Camellia algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0026"; ISO/IEC 18033-3. ALG_ID: 0x0026";
} }
identity TPM_ALG_SHA3_256 { identity TPM_ALG_SHA3_256 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"ISO/IEC 10118-3 - the SHA 256 algorithm"; "ISO/IEC 10118-3 - the SHA 256 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0027"; NIST PUB FIPS 202. ALG_ID: 0x0027";
} }
identity TPM_ALG_SHA3_384 { identity TPM_ALG_SHA3_384 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SHA 384 algorithm"; "The SHA 384 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0028"; NIST PUB FIPS 202. ALG_ID: 0x0028";
} }
identity TPM_ALG_SHA3_512 { identity TPM_ALG_SHA3_512 {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base hash; base hash;
description description
"The SHA 512 algorithm"; "The SHA 512 algorithm";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0029"; NIST PUB FIPS 202. ALG_ID: 0x0029";
} }
identity TPM_ALG_CMAC { identity TPM_ALG_CMAC {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
description description
"block Cipher-based Message Authentication Code (CMAC)"; "block Cipher-based Message Authentication Code (CMAC)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F"; ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F";
} }
identity TPM_ALG_CTR { identity TPM_ALG_CTR {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base encryption_mode; base encryption_mode;
description description
"Counter mode"; "Counter mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0040"; ISO/IEC 10116. ALG_ID: 0x0040";
} }
skipping to change at page 44, line 36 skipping to change at page 44, line 46
base symmetric; base symmetric;
base encryption_mode; base encryption_mode;
description description
"Output Feedback mode"; "Output Feedback mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0041"; ISO/IEC 10116. ALG_ID: 0x0041";
} }
identity TPM_ALG_CBC { identity TPM_ALG_CBC {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base encryption_mode; base encryption_mode;
description description
"Cipher Block Chaining mode"; "Cipher Block Chaining mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0042"; ISO/IEC 10116. ALG_ID: 0x0042";
} }
identity TPM_ALG_CFB { identity TPM_ALG_CFB {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base encryption_mode; base encryption_mode;
description description
"Cipher Feedback mode"; "Cipher Feedback mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0043"; ISO/IEC 10116. ALG_ID: 0x0043";
} }
identity TPM_ALG_ECB { identity TPM_ALG_ECB {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base encryption_mode; base encryption_mode;
description description
"Electronic Codebook mode"; "Electronic Codebook mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0044"; ISO/IEC 10116. ALG_ID: 0x0044";
} }
identity TPM_ALG_CCM { identity TPM_ALG_CCM {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
description description
"Counter with Cipher Block Chaining-Message Authentication "Counter with Cipher Block Chaining-Message Authentication
Code (CCM)"; Code (CCM)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38C. ALG_ID: 0x0050"; NIST SP800-38C. ALG_ID: 0x0050";
} }
identity TPM_ALG_GCM { identity TPM_ALG_GCM {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
description description
"Galois/Counter Mode (GCM)"; "Galois/Counter Mode (GCM)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38D. ALG_ID: 0x0051"; NIST SP800-38D. ALG_ID: 0x0051";
} }
identity TPM_ALG_KW { identity TPM_ALG_KW {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
description description
"AES Key Wrap (KW)"; "AES Key Wrap (KW)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0052"; NIST SP800-38F. ALG_ID: 0x0052";
} }
identity TPM_ALG_KWP { identity TPM_ALG_KWP {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
description description
"AES Key Wrap with Padding (KWP)"; "AES Key Wrap with Padding (KWP)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0053"; NIST SP800-38F. ALG_ID: 0x0053";
} }
identity TPM_ALG_EAX { identity TPM_ALG_EAX {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base symmetric; base symmetric;
base signing; base signing;
base encryption_mode; base encryption_mode;
description description
"Authenticated-Encryption Mode"; "Authenticated-Encryption Mode";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0054"; NIST SP800-38F. ALG_ID: 0x0054";
} }
identity TPM_ALG_EDDSA { identity TPM_ALG_EDDSA {
if-feature "TPM20"; if-feature "tpm20";
base tpm20; base tpm20;
base asymmetric; base asymmetric;
base signing; base signing;
description description
"Edwards-curve Digital Signature Algorithm (PureEdDSA)"; "Edwards-curve Digital Signature Algorithm (PureEdDSA)";
reference reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and "TCG_Algorithm_Registry_r1p32_pub Table 3 and
RFC 8032. ALG_ID: 0x0060"; RFC 8032. ALG_ID: 0x0060";
} }
} }
<CODE ENDS> <CODE ENDS>
Note that not all cryptographic functions are required for use by Note that not all cryptographic functions are required for use by
ietf-tpm-remote-attestation.yang. However the full definition of "ietf-tpm-remote-attestation.yang". However the full definition of
Table 3 of [TCG-Algos] will allow use by additional YANG Table 3 of [TCG-Algos] will allow use by additional YANG
specifications. specifications.
3. IANA considerations 3. IANA Considerations
This document will include requests to IANA: This document will include requests to IANA:
To be defined yet. But keeping up with changes to ietf-tcg-algs.yang To be defined yet. But keeping up with changes to "ietf-tcg-
will be necessary. algs.yang" will be necessary.
4. Security Considerations 4. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446]. [RFC8446].
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the writable/creatable/deletable (i.e., _config true_, which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config) in some network environments. Write operations (e.g., _edit-config_)
to these data nodes without proper protection can have a negative to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes effect on network operations. These are the subtrees and data nodes
and their sensitivity/vulnerability: as well as their sensitivity/vulnerability:
Container: </rats-support-structures/attester-supported-algos>
* <tpm12-asymmetric-signing>, <tpm12-hash>, <tpm20-asymmetric-
signing>, and <tpm20-hash> all could be populated with algorithms
which are not supported by the underlying physical TPM installed
by the equipment vendor.
Container: </rats-support-structures/tpms> Container '/rats-support-structures/attester-supported-algos': 'tpm1
2-asymmetric-signing', 'tpm12-hash', 'tpm20-asymmetric-signing',
and 'tpm20-hash'. All could be populated with algorithms that are
not supported by the underlying physical TPM installed by the
equipment vendor.
* <tpm-name> - Although shown as 'rw', it is system generated Container: '/rats-support-structures/tpms': 'name': Although shown
as 'rw', it is system generated. Therefore it should not be
possible for an operator to add or remove a TPM from the
configuration.
* <tpm20-pcr-bank> - It is possible to configure PCRs for extraction 'tpm20-pcr-bank': It is possible to configure PCRs for extraction
which are not being extended by system software. This could which are not being extended by system software. This could
unnecessarily use TPM resources. unnecessarily use TPM resources.
* <certificates> - It is possible to provision a certificate which 'certificates': It is possible to provision a certificate which
does not correspond to a Attestation Identity Key (AIK) within the does not correspond to an Attestation Identity Key (AIK) within
TPM. the TPM 1.2, or an Attestation Key (AK) within the TPM 2.0
respectively.
RPC: <tpm12-challenge-response-attestation> - Need to verify that the RPC 'tpm12-challenge-response-attestation': It must be verified that
certificate is for an active AIK. the certificate is for an active AIK, i. e. the certificate
provided is able to support Attestation on the targeted TPM 1.2.
RPC: <tpm20-challenge-response-attestation> - Need to verify that the RPC 'tpm20-challenge-response-attestation': It must be verified that
certificate is for an active AIK. the certificate is for an active AK, i. e. the certificate
provided is able to support Attestation on the targeted TPM 2.0.
RPC: <log-retrieval> - Pulling lots of logs can chew up system RPC 'log-retrieval': Pulling lots of logs can chew up system
resources. resources.
5. Acknowledgements 5. Acknowledgements
Not yet. Not yet.
6. Change Log 6. Change Log
Changes from version 05 to version 06:
* More YANG Dr comments covered
Changes from version 04 to version 05: Changes from version 04 to version 05:
* YANG Dr comments covered * YANG Dr comments covered
Changes from version 03 to version 04: Changes from version 03 to version 04:
* TPM1.2 Quote1 eliminated * TPM1.2 Quote1 eliminated
* YANG model simplifications so redundant info isn't exposed * YANG model simplifications so redundant info isn't exposed
skipping to change at page 49, line 35 skipping to change at page 50, line 7
* Relabeled name to tpm_name * Relabeled name to tpm_name
* Removed event-string in last-entry * Removed event-string in last-entry
7. References 7. References
7.1. Normative References 7.1. Normative References
[I-D.ietf-netconf-keystore] [I-D.ietf-netconf-keystore]
Watsen, K., "A YANG Data Model for a Keystore", Work in Watsen, K., "A YANG Data Model for a Keystore", Work in
Progress, Internet-Draft, draft-ietf-netconf-keystore-21, Progress, Internet-Draft, draft-ietf-netconf-keystore-22,
10 February 2021, <https://www.ietf.org/archive/id/draft- 18 May 2021, <https://www.ietf.org/archive/id/draft-ietf-
ietf-netconf-keystore-21.txt>. netconf-keystore-22.txt>.
[I-D.ietf-rats-architecture] [I-D.ietf-rats-architecture]
Birkholz, H., Thaler, D., Richardson, M., Smith, N., and Birkholz, H., Thaler, D., Richardson, M., Smith, N., and
W. Pan, "Remote Attestation Procedures Architecture", Work W. Pan, "Remote Attestation Procedures Architecture", Work
in Progress, Internet-Draft, draft-ietf-rats-architecture- in Progress, Internet-Draft, draft-ietf-rats-architecture-
11, 30 March 2021, <https://www.ietf.org/archive/id/draft- 12, 23 April 2021, <https://www.ietf.org/archive/id/draft-
ietf-rats-architecture-11.txt>. ietf-rats-architecture-12.txt>.
[I-D.ietf-rats-reference-interaction-models] [I-D.ietf-rats-reference-interaction-models]
Birkholz, H., Eckel, M., Newton, C., and L. Chen, Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference
"Reference Interaction Models for Remote Attestation Interaction Models for Remote Attestation Procedures",
Procedures", Work in Progress, Internet-Draft, draft-ietf- Work in Progress, Internet-Draft, draft-ietf-rats-
rats-reference-interaction-models-01, 23 October 2020, reference-interaction-models-02, 25 April 2021,
<https://www.ietf.org/archive/id/draft-ietf-rats- <https://www.ietf.org/archive/id/draft-ietf-rats-
reference-interaction-models-01.txt>. reference-interaction-models-02.txt>.
[I-D.ietf-rats-tpm-based-network-device-attest] [I-D.ietf-rats-tpm-based-network-device-attest]
Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM-
based Network Device Remote Integrity Verification", Work based Network Device Remote Integrity Verification", Work
in Progress, Internet-Draft, draft-ietf-rats-tpm-based- in Progress, Internet-Draft, draft-ietf-rats-tpm-based-
network-device-attest-06, 7 December 2020, network-device-attest-06, 7 December 2020,
<https://www.ietf.org/archive/id/draft-ietf-rats-tpm- <https://www.ietf.org/archive/id/draft-ietf-rats-tpm-
based-network-device-attest-06.txt>. based-network-device-attest-06.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
skipping to change at page 50, line 41 skipping to change at page 51, line 7
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A
YANG Data Model for Hardware Management", RFC 8348, YANG Data Model for Hardware Management", RFC 8348,
DOI 10.17487/RFC8348, March 2018, DOI 10.17487/RFC8348, March 2018,
<https://www.rfc-editor.org/info/rfc8348>. <https://www.rfc-editor.org/info/rfc8348>.
[TCG-Algos] [TCG-Algos]
"TCG_Algorithm_Registry_r1p32_pub", n.d., "TCG_Algorithm_Registry_r1p32_pub", n.d.,
<hhttp://trustedcomputinggroup.org/resource/tcg-algorithm- <https://trustedcomputinggroup.org/resource/tcg-algorithm-
registry/>. registry/>.
[TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003, [TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003,
<https://trustedcomputinggroup.org/resource/tpm-main- <https://trustedcomputinggroup.org/resource/tpm-main-
specification/>. specification/>.
[TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013,
<https://trustedcomputinggroup.org/resource/tpm-library- <https://trustedcomputinggroup.org/resource/tpm-library-
specification/>. specification/>.
[TPM2.0-Key]
TCG, ., "TPM 2.0 Keys for Device Identity and Attestation,
Rev10", 14 April 2021, <https://trustedcomputinggroup.org/
wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf>.
7.2. Informative References 7.2. Informative References
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>. <https://www.rfc-editor.org/info/rfc6242>.
 End of changes. 215 change blocks. 
498 lines changed or deleted 492 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/