rfc9684.original | rfc9684.txt | |||
---|---|---|---|---|
RATS Working Group H. Birkholz | Internet Engineering Task Force (IETF) H. Birkholz | |||
Internet-Draft M. Eckel | Request for Comments: 9684 M. Eckel | |||
Intended status: Standards Track Fraunhofer SIT | Category: Standards Track Fraunhofer SIT | |||
Expires: 30 January 2025 S. Bhandari | ISSN: 2070-1721 S. Bhandari | |||
ThoughtSpot | ThoughtSpot | |||
E. Voit | E. Voit | |||
B. Sulzen | B. Sulzen | |||
Cisco | Cisco | |||
L. Xia | L. Xia | |||
Huawei | Huawei | |||
T. Laffey | T. Laffey | |||
HPE | HPE | |||
G. Fedorkow | G. C. Fedorkow | |||
Juniper | Juniper | |||
29 July 2024 | November 2024 | |||
A YANG Data Model for Challenge-Response-based Remote Attestation | A YANG Data Model for Challenge-Response-Based Remote Attestation | |||
Procedures using TPMs | (CHARRA) Procedures Using Trusted Platform Modules (TPMs) | |||
draft-ietf-rats-yang-tpm-charra-23 | ||||
Abstract | Abstract | |||
This document defines YANG Remote Procedure Calls (RPCs) and a few | This document defines the YANG Remote Procedure Calls (RPCs) and | |||
configuration nodes required to retrieve attestation evidence about | configuration nodes that are required to retrieve attestation | |||
integrity measurements from a device, following the operational | evidence about integrity measurements from a device, following the | |||
context defined in TPM-based Network Device Remote Integrity | operational context defined in RFC 9683 "TPM-based Network Device | |||
Verification. Complementary measurement logs are also provided by | Remote Integrity Verification". Complementary measurement logs | |||
the YANG RPCs, originating from one or more roots of trust for | originating from one or more Roots of Trust for Measurement (RTMs) | |||
measurement (RTMs). The module defined requires at least one TPM 1.2 | are also provided by the YANG RPCs. The defined module requires the | |||
or TPM 2.0 as well as a corresponding TPM Software Stack (TSS), or | inclusion of the following in the device components of the composite | |||
equivalent hardware implementations that include the protected | device on which the YANG server is running: at least one Trusted | |||
capabilities as provided by TPMs as well as a corresponding software | Platform Module (TPM) of either version 1.2 or 2.0 as well as a | |||
stack, included in the device components of the composite device the | corresponding TPM Software Stack (TSS), or an equivalent hardware | |||
YANG server is running on. | implementation that includes the protected capabilities as provided | |||
by TPMs as well as a corresponding software stack. | ||||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
provisions of BCP 78 and BCP 79. | ||||
Internet-Drafts are working documents of the Internet Engineering | ||||
Task Force (IETF). Note that other groups may also distribute | ||||
working documents as Internet-Drafts. The list of current Internet- | ||||
Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
Internet Standards is available in Section 2 of RFC 7841. | ||||
This Internet-Draft will expire on 30 January 2025. | Information about the current status of this document, any errata, | |||
and how to provide feedback on it may be obtained at | ||||
https://www.rfc-editor.org/info/rfc9684. | ||||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2024 IETF Trust and the persons identified as the | Copyright (c) 2024 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
in the Revised BSD License. | ||||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction | |||
1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements Notation | |||
2. The YANG Module for Basic Remote Attestation Procedures . . . 3 | 2. The YANG Module for Basic Remote Attestation Procedures | |||
2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 | 2.1. YANG Modules | |||
2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 4 | 2.1.1. ietf-tpm-remote-attestation | |||
2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 33 | 2.1.2. ietf-tcg-algs | |||
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 49 | 3. IANA Considerations | |||
4. Security Considerations . . . . . . . . . . . . . . . . . . . 50 | 4. Security Considerations | |||
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 | 5. References | |||
5.1. Normative References . . . . . . . . . . . . . . . . . . 51 | 5.1. Normative References | |||
5.2. Informative References . . . . . . . . . . . . . . . . . 56 | 5.2. Informative References | |||
Appendix A. Integrity Measurement Architecture (IMA) . . . . . . 57 | Appendix A. Integrity Measurement Architecture (IMA) | |||
Appendix B. IMA for Network Equipment Boot Logs . . . . . . . . 58 | Appendix B. IMA for Network Equipment Boot Logs | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 59 | Authors' Addresses | |||
1. Introduction | 1. Introduction | |||
This document is based on the general terminology defined in the | This document is based on the general terminology defined in Remote | |||
[RFC9334] and uses the operational context defined in | ATtestation procedureS (RATS) architecture [RFC9334] and uses the | |||
[I-D.ietf-rats-tpm-based-network-device-attest] as well as the | operational context defined in [RFC9683] as well as the interaction | |||
interaction model and information elements defined in | model and information elements defined in [RATS-Interaction-Models]. | |||
[I-D.ietf-rats-reference-interaction-models]. The currently | The currently supported hardware security modules (HSMs) are the | |||
supported hardware security modules (HSMs) are the Trusted Platform | Trusted Platform Modules (TPMs) [TPM1.2] [TPM2.0] as specified by the | |||
Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted | Trusted Computing Group (TCG). One TPM, or multiple TPMs in the case | |||
Computing Group (TCG). One TPM, or multiple TPMs in the case of a | of a composite device, is required in order to use the YANG module | |||
Composite Device, are required in order to use the YANG module | defined in this document. Each TPM is used as a Root of Trust for | |||
defined in this document. Each TPM is used as a root of trust for | Storage (RTS) in order to store system security measurement Evidence. | |||
storage (RTS) in order to store system security measurement Evidence. | And each TPM is used as a Root of Trust for Reporting (RTR) in order | |||
And each TPM is used as a root of trust for reporting (RTR) in order | ||||
to retrieve attestation Evidence. This is done by using a YANG RPC | to retrieve attestation Evidence. This is done by using a YANG RPC | |||
to request a quote which exposes a rolling hash of the security | to request a quote that exposes a rolling hash of the security | |||
measurements held internally within the TPM. | measurements held internally within the TPM. | |||
Specific terms imported from [RFC9334] and used in this document | Specific terms imported from [RFC9334] and used in this document | |||
include: Attester, Composite Device, Evidence. | include Attester, composite device, and Evidence. | |||
Specific terms imported from [TPM2.0-Key] and used in this document | Specific terms imported from [TPM2.0-Key] and used in this document | |||
include: Endorsement Key (EK), Initial Attestation Key (IAK), | include Endorsement Key (EK), Initial Attestation Key (IAK), | |||
Attestation Identity Key (AIK), Local Attestation Key (LAK). | Attestation Identity Key (AIK), and Local Attestation Key (LAK). | |||
1.1. Requirements notation | 1.1. Requirements Notation | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
2. The YANG Module for Basic Remote Attestation Procedures | 2. The YANG Module for Basic Remote Attestation Procedures | |||
One or more TPMs MUST be embedded in a Composite Device that provides | One or more TPMs MUST be embedded in a composite device that provides | |||
attestation Evidence via the YANG module defined in this document. | attestation Evidence via the YANG module defined in this document. | |||
The ietf-tpm-remote-attestation YANG module enables a composite | The ietf-tpm-remote-attestation YANG module enables a composite | |||
device to take on the role of an Attester, in accordance with the | device to take on the role of an Attester, in accordance with the | |||
Remote Attestation Procedures (RATS) architecture [RFC9334], and the | RATS architecture [RFC9334] and the corresponding challenge-response | |||
corresponding challenge-response interaction model defined in the | interaction model defined in [RATS-Interaction-Models]. A fresh | |||
[I-D.ietf-rats-reference-interaction-models] document. A fresh nonce | nonce with an appropriate amount of entropy [NIST-915121] MUST be | |||
with an appropriate amount of entropy [NIST-915121] MUST be supplied | supplied by the YANG client in order to enable a proof-of-freshness | |||
by the YANG client in order to enable a proof-of-freshness with | with respect to the attestation Evidence provided by the Attester | |||
respect to the attestation Evidence provided by the Attester running | running the YANG datastore. Further, this nonce is used to prevent | |||
the YANG datastore. Further, this nonce is used to prevent replay | replay attacks. The method for communicating the relationship of | |||
attacks. The method for communicating the relationship of each | each individual TPM to the specific measured component within the | |||
individual TPM to specific measured component within the Composite | composite device is out of the scope of this document. | |||
Device is out of the scope of this document. | ||||
2.1. YANG Modules | 2.1. YANG Modules | |||
In this section the several YANG modules are defined. | In this section, the two YANG modules are defined. | |||
2.1.1. 'ietf-tpm-remote-attestation' | 2.1.1. ietf-tpm-remote-attestation | |||
This YANG module imports modules from [RFC6991] with prefix 'yang', | This YANG module imports modules from [RFC6991] with prefix 'yang', | |||
[RFC8348] with prefix 'hw', [I-D.ietf-netconf-keystore] with prefix | [RFC8348] with prefix 'hw', [RFC9642] with prefix 'ks', and ietf-tcg- | |||
'ks', and 'ietf-tcg-algs.yang' Section 2.1.2.3 with prefix 'taa'. | algs.yang Section 2.1.2.3 with prefix 'taa'. Additionally, | |||
Additionally, references are made to [RFC8032], [RFC8017], [RFC6933], | references are made to [RFC6933], [TPM1.2-Commands], [TPM2.0-Arch], | |||
[TPM1.2-Commands], [TPM2.0-Arch], [TPM2.0-Structures], [TPM2.0-Key], | [TPM2.0-Structures], [TPM2.0-Key], [TPM1.2-Structures], [BIOS-Log], | |||
[TPM1.2-Structures], [bios-log], [BIOS-Log-Event-Type], as well as | and [CEL], as well as Appendix B. | |||
Appendix A and Appendix B. | ||||
2.1.1.1. Features | 2.1.1.1. Features | |||
This module supports the following features: | This module supports the following features: | |||
* 'mtpm': Indicates that multiple TPMs on the device can support | 'mtpm': Indicates that multiple TPMs on the device can support | |||
remote attestation. For example, this feature could be used in | remote attestation. For example, this feature could be used in | |||
cases where multiple line cards are present, each with its own | cases where multiple line cards are present, each with its own | |||
TPM. | TPM. | |||
* 'bios': Indicates that the device supports the retrieval of BIOS/ | 'bios': Indicates that the device supports the retrieval of BIOS and | |||
UEFI event logs. [bios-log] | Unified Extensible Firmware Interface (UEFI) event logs | |||
[BIOS-Log]. | ||||
* 'ima': Indicates that the device supports the retrieval of event | 'ima': Indicates that the device supports the retrieval of event | |||
logs from the Linux Integrity Measurement Architecture (IMA, see | logs from the Linux Integrity Measurement Architecture (IMA, see | |||
Appendix A). | Appendix A). | |||
* 'netequip_boot': Indicates that the device supports the retrieval | 'netequip_boot': Indicates that the device supports the retrieval of | |||
of netequip boot event logs. See Appendix A and Appendix B. | netequip boot event logs. See Appendixes A and B. | |||
2.1.1.2. Identities | 2.1.1.2. Identities | |||
This module supports the following types of attestation event logs: | This module supports the following types of attestation event logs: | |||
'bios', 'ima', and 'netequip_boot'. | 'bios', 'ima', and 'netequip_boot'. | |||
2.1.1.3. Remote Procedure Calls (RPCs) | 2.1.1.3. Remote Procedure Calls (RPCs) | |||
In the following, RPCs for both TPM 1.2 and TPM 2.0 attestation | In the following sections, RPCs for attestation procedures for both | |||
procedures are defined. | TPM 1.2 and TPM 2.0 are defined. | |||
2.1.1.3.1. 'tpm12-challenge-response-attestation' | 2.1.1.3.1. tpm12-challenge-response-attestation | |||
This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_ | This RPC allows a Verifier to request via the _TPM Quote_ operation, | |||
operation) from a TPM 1.2 compliant cryptoprocessor. Where the | signed TPM Platform Configuration Registers (PCRs) from a | |||
feature 'mtpm' is active, and one or more 'certificate-name' is not | cryptoprocessor compliant with TPM 1.2. Where the feature 'mtpm' is | |||
provided, all TPM 1.2 compliant cryptoprocessors will respond. A | active, and one or more 'certificate-name' is not provided, all | |||
YANG tree diagram of this RPC is as follows: | cryptoprocessors compliant with TPM 1.2 will respond. The YANG tree | |||
diagram of this RPC is as follows: | ||||
+---x tpm12-challenge-response-attestation {taa:tpm12}? | +---x tpm12-challenge-response-attestation {taa:tpm12}? | |||
+---w input | +---w input | |||
| +---w tpm12-attestation-challenge | | +---w tpm12-attestation-challenge | |||
| +---w pcr-index* pcr | | +---w pcr-index* pcr | |||
| +---w nonce-value binary | | +---w nonce-value binary | |||
| +---w certificate-name* certificate-name-ref | | +---w certificate-name* certificate-name-ref | |||
| {tpm:mtpm}? | | {tpm:mtpm}? | |||
+--ro output | +--ro output | |||
+--ro tpm12-attestation-response* [] | +--ro tpm12-attestation-response* [] | |||
+--ro certificate-name certificate-name-ref | +--ro certificate-name certificate-name-ref | |||
+--ro up-time? uint32 | +--ro up-time? uint32 | |||
+--ro TPM_QUOTE2? binary | +--ro TPM_QUOTE2? binary | |||
2.1.1.3.2. 'tpm20-challenge-response-attestation' | 2.1.1.3.2. tpm20-challenge-response-attestation | |||
This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_ | This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_ | |||
operation) from a TPM 2.0 compliant cryptoprocessor. Where the | operation) from a cryptoprocessor compliant with TPM 2.0. Where the | |||
feature 'mtpm' is active, and one or more 'certificate-name' is not | feature 'mtpm' is active, and one or more 'certificate-name' is not | |||
provided, all TPM 2.0 compliant cryptoprocessors will respond. A | provided, all cryptoprocessors compliant with TPM 2.0 will respond. | |||
YANG tree diagram of this RPC is as follows: | The YANG tree diagram of this RPC is as follows: | |||
+---x tpm20-challenge-response-attestation {taa:tpm20}? | +---x tpm20-challenge-response-attestation {taa:tpm20}? | |||
+---w input | +---w input | |||
| +---w tpm20-attestation-challenge | | +---w tpm20-attestation-challenge | |||
| +---w nonce-value binary | | +---w nonce-value binary | |||
| +---w tpm20-pcr-selection* [] | | +---w tpm20-pcr-selection* [] | |||
| | +---w tpm20-hash-algo? identityref | | | +---w tpm20-hash-algo? identityref | |||
| | +---w pcr-index* pcr | | | +---w pcr-index* pcr | |||
| +---w certificate-name* certificate-name-ref | | +---w certificate-name* certificate-name-ref | |||
| {tpm:mtpm}? | | {tpm:mtpm}? | |||
skipping to change at page 6, line 5 ¶ | skipping to change at line 228 ¶ | |||
+--ro up-time? uint32 | +--ro up-time? uint32 | |||
+--ro unsigned-pcr-values* [] | +--ro unsigned-pcr-values* [] | |||
+--ro tpm20-hash-algo? identityref | +--ro tpm20-hash-algo? identityref | |||
+--ro pcr-values* [pcr-index] | +--ro pcr-values* [pcr-index] | |||
+--ro pcr-index pcr | +--ro pcr-index pcr | |||
+--ro pcr-value? binary | +--ro pcr-value? binary | |||
An example of an RPC challenge requesting PCRs 0-7 from a SHA-256 | An example of an RPC challenge requesting PCRs 0-7 from a SHA-256 | |||
bank could look like the following: | bank could look like the following: | |||
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | <rpc message-id="101" | |||
<tpm20-attestation-challenge | xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
<tpm20-attestation-challenge | ||||
xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
<certificate-name> | <certificate-name> | |||
(identifier of a TPM signature key with which the Attester is | (identifier of a TPM signature key with which the Attester is | |||
supposed to sign the attestation data) | supposed to sign the attestation data) | |||
</certificate-name> | </certificate-name> | |||
<nonce> | <nonce> | |||
0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9 | 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9 | |||
</nonce> | </nonce> | |||
<tpm20-pcr-selection> | <tpm20-pcr-selection> | |||
<tpm20-hash-algo | <tpm20-hash-algo | |||
xmlns="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | |||
TPM_ALG_SHA256 | TPM_ALG_SHA256 | |||
</tpm20-hash-algo> | </tpm20-hash-algo> | |||
<pcr-index>0</pcr-index> | <pcr-index>0</pcr-index> | |||
<pcr-index>1</pcr-index> | <pcr-index>1</pcr-index> | |||
<pcr-index>2</pcr-index> | <pcr-index>2</pcr-index> | |||
<pcr-index>3</pcr-index> | <pcr-index>3</pcr-index> | |||
<pcr-index>4</pcr-index> | <pcr-index>4</pcr-index> | |||
<pcr-index>5</pcr-index> | <pcr-index>5</pcr-index> | |||
<pcr-index>6</pcr-index> | <pcr-index>6</pcr-index> | |||
<pcr-index>7</pcr-index> | <pcr-index>7</pcr-index> | |||
</tpm20-pcr-selection> | </tpm20-pcr-selection> | |||
</tpm20-attestation-challenge> | </tpm20-attestation-challenge> | |||
</rpc> | </rpc> | |||
A successful response could be formatted as follows: | A successful response could be formatted as follows: | |||
<rpc-reply message-id="101" | <rpc-reply message-id="101" | |||
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
<tpm20-attestation-response | <tpm20-attestation-response | |||
xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
<certificate-name | <certificate-name | |||
xmlns="urn:ietf:params:xml:ns:yang:ietf-keystore"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-keystore"> | |||
(instance of Certificate name in the Keystore) | (instance of certificate name in the keystore) | |||
</certificate-name> | </certificate-name> | |||
<attestation-data> | <attestation-data> | |||
(raw attestation data, i.e., the TPM quote; this includes, | (raw attestation data, i.e., the TPM quote; this includes, | |||
among other information, a composite digest of requested PCRs, | among other information, a composite digest of requested PCRs, | |||
the nonce, and TPM 2.0 clock information.) | the nonce, and TPM 2.0 clock information.) | |||
</attestation-data> | </attestation-data> | |||
<quote-signature> | <quote-signature> | |||
(signature over attestation-data using the TPM key | (signature over attestation-data using the TPM key | |||
identified by sig-key-id) | identified by sig-key-id) | |||
</quote-signature> | </quote-signature> | |||
</tpm20-attestation-response> | </tpm20-attestation-response> | |||
</rpc-reply> | </rpc-reply> | |||
2.1.1.4. 'log-retrieval' | 2.1.1.4. log-retrieval | |||
This RPC allows a Verifier to acquire the Evidence which was extended | This RPC allows a Verifier to acquire the Evidence that was extended | |||
into specific TPM PCRs. A YANG tree diagram of this RPC is as | into specific TPM PCRs. The YANG tree diagram of this RPC is as | |||
follows: | follows: | |||
+---x log-retrieval | +---x log-retrieval | |||
+---w input | +---w input | |||
| +---w log-type identityref | | +---w log-type identityref | |||
| +---w log-selector* [] | | +---w log-selector* [] | |||
| +---w name* string | | +---w name* string | |||
| +---w (index-type)? | | +---w (index-type)? | |||
| | +--:(last-entry) | | | +--:(last-entry) | |||
| | | +---w last-entry-value? binary | | | | +---w last-entry-value? binary | |||
| | +--:(index) | | | +--:(index) | |||
| | | +---w last-index-number? uint64 | | | | +---w last-index-number? uint64 | |||
| | +--:(timestamp) | | | +--:(timestamp) | |||
| | +---w timestamp? yang:date-and-time | | | +---w timestamp? yang:date-and-time | |||
| +---w log-entry-quantity? uint16 | | +---w log-entry-quantity? uint16 | |||
+--ro output | +--ro output | |||
+--ro system-event-logs | +--ro system-event-logs | |||
+--ro node-data* [] | +--ro node-data* [] | |||
+--ro name? string | +--ro name? string | |||
+--ro up-time? uint32 | +--ro up-time? uint32 | |||
+--ro log-result | +--ro log-result | |||
+--ro (attested_event_log_type) | +--ro (attested_event_log_type) | |||
+--:(bios) {bios}? | +--:(bios) {bios}? | |||
| +--ro bios-event-logs | | +--ro bios-event-logs | |||
| +--ro bios-event-entry* [event-number] | | +--ro bios-event-entry* [event-number] | |||
| +--ro event-number uint32 | | +--ro event-number uint32 | |||
| +--ro event-type? uint32 | | +--ro event-type? uint32 | |||
| +--ro pcr-index? pcr | | +--ro pcr-index? pcr | |||
| +--ro digest-list* [] | | +--ro digest-list* [] | |||
| | +--ro hash-algo? identityref | | | +--ro hash-algo? identityref | |||
| | +--ro digest* binary | | | +--ro digest* binary | |||
| +--ro event-size? uint32 | | +--ro event-size? uint32 | |||
| +--ro event-data* binary | | +--ro event-data* binary | |||
+--:(ima) {ima}? | +--:(ima) {ima}? | |||
| +--ro ima-event-logs | | +--ro ima-event-logs | |||
| +--ro ima-event-entry* [event-number] | | +--ro ima-event-entry* [event-number] | |||
| +--ro event-number uint64 | | +--ro event-number uint64 | |||
| +--ro ima-template? string | | +--ro ima-template? string | |||
| +--ro filename-hint? string | | +--ro filename-hint? string | |||
| +--ro filedata-hash? binary | | +--ro filedata-hash? binary | |||
| +--ro filedata-hash-algorithm? string | | +--ro filedata-hash-algorithm? string | |||
| +--ro template-hash-algorithm? string | | +--ro template-hash-algorithm? string | |||
| +--ro template-hash? binary | | +--ro template-hash? binary | |||
| +--ro pcr-index? pcr | | +--ro pcr-index? pcr | |||
| +--ro signature? binary | | +--ro signature? binary | |||
+--:(netequip_boot) {netequip_boot}? | +--:(netequip_boot) {netequip_boot}? | |||
+--ro boot-event-logs | +--ro boot-event-logs | |||
+--ro boot-event-entry* [event-number] | +--ro boot-event-entry* [event-number] | |||
+--ro event-number uint64 | +--ro event-number uint64 | |||
+--ro ima-template? string | +--ro ima-template? string | |||
+--ro filename-hint? string | +--ro filename-hint? string | |||
+--ro filedata-hash? binary | +--ro filedata-hash? binary | |||
+--ro filedata-hash-algorithm? string | +--ro filedata-hash-algorithm? string | |||
+--ro template-hash-algorithm? string | +--ro template-hash-algorithm? string | |||
+--ro template-hash? binary | +--ro template-hash? binary | |||
+--ro pcr-index? pcr | +--ro pcr-index? pcr | |||
+--ro signature? binary | +--ro signature? binary | |||
2.1.1.5. Data Nodes | 2.1.1.5. Data Nodes | |||
This section provides a high level description of the data nodes | This section provides a high-level description of the data nodes that | |||
containing the configuration and operational objects with the YANG | contain the configuration and operational objects within the YANG | |||
model. For more details, please see the YANG model itself in | data model. For more details, please see the YANG module itself in | |||
Figure 1. | Figure 1. | |||
Container 'rats-support-structures': This houses the set of | Container 'rats-support-structures': This houses the set of | |||
information relating to remote attestation for a device. This | information relating to remote attestation for a device. This | |||
includes specific device TPM(s), the compute nodes (such as line | includes specific device TPM(s), the compute nodes (such as line | |||
cards) on which the TPM(s) reside, and the algorithms supported | cards) on which the TPM(s) reside, and the algorithms supported | |||
across the platform. | across the platform. | |||
Container 'tpms': Provides configuration and operational details for | Container 'tpms': This provides configuration and operational | |||
each supported TPM, including the tpm-firmware-version, PCRs which | details for each supported TPM, including the tpm-firmware- | |||
may be quoted, certificates which are associated with that TPM, | version, PCRs that may be quoted, certificates that are associated | |||
and the current operational status. Of note are the certificates | with that TPM, and the current operational status. Of note are | |||
which are associated with that TPM. As a certificate is | the certificates that are associated with that TPM. As a | |||
associated with a particular TPM attestation key, knowledge of the | certificate is associated with a particular TPM Attestation Key, | |||
certificate allows a specific TPM to be identified. | knowledge of the certificate allows a specific TPM to be | |||
identified. | ||||
+--rw tpms | +--rw tpms | |||
+--rw tpm* [name] | +--rw tpm* [name] | |||
+--rw name string | +--rw name string | |||
+--ro hardware-based boolean | +--ro hardware-based boolean | |||
+--ro physical-index? int32 {hw:entity-mib}? | +--ro physical-index? int32 {hw:entity-mib}? | |||
+--ro path? string | +--ro path? string | |||
+--ro compute-node compute-node-ref {tpm:mtpm}? | +--ro compute-node compute-node-ref {tpm:mtpm}? | |||
+--ro manufacturer? string | +--ro manufacturer? string | |||
+--rw firmware-version identityref | +--rw firmware-version identityref | |||
skipping to change at page 9, line 26 ¶ | skipping to change at line 383 ¶ | |||
+--rw tpm20-pcr-bank* [tpm20-hash-algo] {taa:tpm20}? | +--rw tpm20-pcr-bank* [tpm20-hash-algo] {taa:tpm20}? | |||
| +--rw tpm20-hash-algo identityref | | +--rw tpm20-hash-algo identityref | |||
| +--rw pcr-index* tpm:pcr | | +--rw pcr-index* tpm:pcr | |||
+--ro status enumeration | +--ro status enumeration | |||
+--rw certificates | +--rw certificates | |||
+--rw certificate* [name] | +--rw certificate* [name] | |||
+--rw name string | +--rw name string | |||
+--rw keystore-ref? leafref {ks:asymmetric-keys}? | +--rw keystore-ref? leafref {ks:asymmetric-keys}? | |||
+--rw type? enumeration | +--rw type? enumeration | |||
container 'attester-supported-algos' - Identifies which TCG hash | Container 'attester-supported-algos': This identifies which TCG hash | |||
algorithms are available for use on the Attesting platform. An | algorithms are available for use on the Attesting platform. An | |||
operator will use this information to limit algorithms available for | operator will use this information to limit algorithms available | |||
use by RPCs to just a desired set from the universe of all allowed | for use by RPCs to just a desired set from the universe of all | |||
hash algorithms by the TCG. | hash algorithms allowed by the TCG. | |||
+--rw attester-supported-algos | +--rw attester-supported-algos | |||
+--rw tpm12-asymmetric-signing* identityref {taa:tpm12}? | +--rw tpm12-asymmetric-signing* identityref {taa:tpm12}? | |||
+--rw tpm12-hash* identityref {taa:tpm12}? | +--rw tpm12-hash* identityref {taa:tpm12}? | |||
+--rw tpm20-asymmetric-signing* identityref {taa:tpm20}? | +--rw tpm20-asymmetric-signing* identityref {taa:tpm20}? | |||
+--rw tpm20-hash* identityref {taa:tpm20}? | +--rw tpm20-hash* identityref {taa:tpm20}? | |||
container 'compute-nodes' - When there is more than one TPM | Container 'compute-nodes': When there is more than one TPM | |||
supported, this container maintains the set of information related to | supported, this container maintains the set of information related | |||
the compute node associated with a specific TPM. This allows each | to the compute node associated with a specific TPM. This allows | |||
specific TPM to identify to which 'compute-node' it belongs. | each specific TPM to identify to which 'compute-node' it belongs. | |||
+--rw compute-nodes {tpm:mtpm}? | +--rw compute-nodes {tpm:mtpm}? | |||
+--ro compute-node* [node-id] | +--ro compute-node* [node-id] | |||
+--ro node-id string | +--ro node-id string | |||
+--ro node-physical-index? int32 {hw:entity-mib}? | +--ro node-physical-index? int32 {hw:entity-mib}? | |||
+--ro node-name? string | +--ro node-name? string | |||
+--ro node-location? string | +--ro node-location? string | |||
2.1.1.6. YANG Module | 2.1.1.6. YANG Module | |||
<CODE BEGINS> file "ietf-tpm-remote-attestation.yang@24-07-29.yang" | ||||
<CODE BEGINS> file "ietf-tpm-remote-attestation@2024-10-22.yang" | ||||
module ietf-tpm-remote-attestation { | module ietf-tpm-remote-attestation { | |||
yang-version 1.1; | yang-version 1.1; | |||
namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; | namespace "urn:ietf:params:xml:ns:yang" | |||
+ ":ietf-tpm-remote-attestation"; | ||||
prefix tpm; | prefix tpm; | |||
import ietf-yang-types { | import ietf-yang-types { | |||
prefix yang; | prefix yang; | |||
} | } | |||
import ietf-hardware { | import ietf-hardware { | |||
prefix hw; | prefix hw; | |||
} | } | |||
import ietf-keystore { | import ietf-keystore { | |||
prefix ks; | prefix ks; | |||
skipping to change at page 10, line 29 ¶ | skipping to change at line 435 ¶ | |||
import ietf-tcg-algs { | import ietf-tcg-algs { | |||
prefix taa; | prefix taa; | |||
} | } | |||
organization | organization | |||
"IETF RATS (Remote ATtestation procedureS) Working Group"; | "IETF RATS (Remote ATtestation procedureS) Working Group"; | |||
contact | contact | |||
"WG Web : <https://datatracker.ietf.org/wg/rats/> | "WG Web : <https://datatracker.ietf.org/wg/rats/> | |||
WG List : <mailto:rats@ietf.org> | WG List : <mailto:rats@ietf.org> | |||
Author : Eric Voit <evoit@cisco.com> | Author : Eric Voit <evoit@cisco.com> | |||
Author : Henk Birkholz <henk.birkholz@sit.fraunhofer.de> | Author : Henk Birkholz <henk.birkholz@ietf.contact> | |||
Author : Michael Eckel <michael.eckel@sit.fraunhofer.de> | Author : Michael Eckel <michael.eckel@sit.fraunhofer.de> | |||
Author : Shwetha Bhandari <shwetha.bhandari@thoughtspot.com> | Author : Shwetha Bhandari <shwetha.bhandari@thoughtspot.com> | |||
Author : Bill Sulzen <bsulzen@cisco.com> | Author : Bill Sulzen <bsulzen@cisco.com> | |||
Author : Liang Xia (Frank) <frank.xialiang@huawei.com> | Author : Liang Xia (Frank) <frank.xialiang@huawei.com> | |||
Author : Tom Laffey <tom.laffey@hpe.com> | Author : Tom Laffey <tom.laffey@hpe.com> | |||
Author : Guy Fedorkow <gfedorkow@juniper.net>"; | Author : Guy C. Fedorkow <gfedorkow@juniper.net>"; | |||
description | description | |||
"A YANG module to enable a TPM 1.2 and TPM 2.0 based | "A YANG module to enable remote attestation procedures based | |||
remote attestation procedure using a challenge-response | on TPM 1.2 and TPM 2.0 using a challenge-response | |||
interaction model and the TPM 1.2 and TPM 2.0 Quote | interaction model and the Quote primitive operations defined | |||
primitive operations. | by TPM 1.2 and TPM 2.0. | |||
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | ||||
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | ||||
'MAY', and 'OPTIONAL' in this document are to be interpreted as | ||||
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | ||||
they appear in all capitals, as shown here. | ||||
Copyright (c) 2024 IETF Trust and the persons identified as | ||||
authors of the code. All rights reserved. | ||||
Copyright (c) 2022 IETF Trust and the persons identified | ||||
as authors of the code. All rights reserved. | ||||
Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
without modification, is permitted pursuant to, and subject to | without modification, is permitted pursuant to, and subject to | |||
the license terms contained in, the Revised BSD License set | the license terms contained in, the Revised BSD License set | |||
forth in Section 4.c of the IETF Trust's Legal Provisions | forth in Section 4.c of the IETF Trust's Legal Provisions | |||
Relating to IETF Documents | Relating to IETF Documents | |||
(https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC 9684; see the | |||
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC | RFC itself for full legal notices."; | |||
itself for full legal notices. | ||||
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | ||||
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | ||||
'MAY', and 'OPTIONAL' in this document are to be interpreted as | ||||
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | ||||
they appear in all capitals, as shown here."; | ||||
revision 2022-05-17 { | revision 2024-10-22 { | |||
description | description | |||
"Initial version"; | "Initial version"; | |||
reference | reference | |||
"RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | "RFC 9684: A YANG Data Model for Challenge-Response-Based | |||
Attestation Procedures using TPMs"; | Remote Attestation (CHARRA) Procedures Using Trusted Platform | |||
Modules (TPMs)"; | ||||
} | } | |||
/*****************/ | /*****************/ | |||
/* Features */ | /* Features */ | |||
/*****************/ | /*****************/ | |||
feature mtpm { | feature mtpm { | |||
description | description | |||
"The device supports the remote attestation of multiple | "The device supports the remote attestation of multiple | |||
TPM based cryptoprocessors."; | TPM-based cryptoprocessors."; | |||
} | } | |||
feature bios { | feature bios { | |||
description | description | |||
"The device supports the bios logs."; | "The device supports the BIOS logs."; | |||
reference | reference | |||
"bios-log: | "BIOS-Log: | |||
TCG PC Client Platform Firmware Profile Specification, | ||||
https://trustedcomputinggroup.org/wp-content/uploads/ | https://trustedcomputinggroup.org/wp-content/uploads/ | |||
PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | TCG-PC-Client-Platform-Firmware-Profile-Version-1.06- | |||
Section 9.4.5.2"; | Revision-52_pub-2.pdf, Section 10.4.5.2"; | |||
} | } | |||
feature ima { | feature ima { | |||
description | description | |||
"The device supports Integrity Measurement Architecture logs. | "The device supports Integrity Measurement Architecture logs. | |||
Many variants of IMA logs exist in the deployment. Each encodes | Many variants of IMA logs exist in the deployment. Each | |||
the log entry contents as the specific measurements which get | encodes the log entry contents as the specific measurements | |||
hashed into a PCRs as Evidence. See the reference below for | that get hashed into a PCRs as Evidence. See the reference | |||
one example of such an encoding."; | below for one example of such an encoding."; | |||
reference | reference | |||
"ima-log: | "CEL: | |||
Canonical Event Log Format, | ||||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
TCG_IWG_CEL_v1_r0p41_pub.pdf Section 5.1.6"; | TCG_IWG_CEL_v1_r0p41_pub.pdf, Section 5.1.6"; | |||
} | } | |||
feature netequip_boot { | feature netequip_boot { | |||
description | description | |||
"The device supports the netequip_boot logs."; | "The device supports the netequip_boot logs."; | |||
reference | reference | |||
"netequip-boot-log: | "RFC 9684: A YANG Data Model for Challenge-Response-Based | |||
RFC XXXX Appendix B"; | Remote Attestation (CHARRA) Procedures Using Trusted Platform | |||
Modules (TPMs), Appendix B"; | ||||
} | } | |||
/*****************/ | /*****************/ | |||
/* Typedefs */ | /* Typedefs */ | |||
/*****************/ | /*****************/ | |||
typedef pcr { | typedef pcr { | |||
type uint8 { | type uint8 { | |||
range "0..31"; | range "0..31"; | |||
} | } | |||
description | description | |||
"Valid index number for a PCR. A {{TPM2.0}} compliant PCR index | "Valid index number for a PCR. A PCR index compliant with | |||
extends from 0-31. At this time a typical TPM would have no | TPM 2.0 extends from 0-31. At this time, a typical TPM would | |||
more than 32 PCRS."; | have no more than 32 PCRs."; | |||
} | } | |||
typedef compute-node-ref { | typedef compute-node-ref { | |||
type leafref { | type leafref { | |||
path "/tpm:rats-support-structures/tpm:compute-nodes" | path "/tpm:rats-support-structures/tpm:compute-nodes" | |||
+ "/tpm:compute-node/tpm:node-id"; | + "/tpm:compute-node/tpm:node-id"; | |||
} | } | |||
description | description | |||
"This type is used to reference a hardware node. Note that an | "This type is used to reference a hardware node. Note that an | |||
implementer might include an alternative leafref pointing to a | implementer might include an alternative leafref pointing to a | |||
different YANG module node specifying hardware structures."; | different YANG module node specifying hardware structures."; | |||
} | } | |||
typedef certificate-name-ref { | typedef certificate-name-ref { | |||
type leafref { | type leafref { | |||
path "/tpm:rats-support-structures/tpm:tpms/tpm:tpm" | path "/tpm:rats-support-structures/tpm:tpms/tpm:tpm" | |||
+ "/tpm:certificates/tpm:certificate/tpm:name"; | + "/tpm:certificates/tpm:certificate/tpm:name"; | |||
} | } | |||
description | description | |||
"A type which allows identification of a TPM based certificate."; | "A type that allows identification of a TPM-based | |||
certificate."; | ||||
} | } | |||
/******************/ | /******************/ | |||
/* Identities */ | /* Identities */ | |||
/******************/ | /******************/ | |||
identity attested_event_log_type { | identity attested_event_log_type { | |||
description | description | |||
"Base identity allowing categorization of the reasons why an | "Base identity allowing categorization of the reasons why an | |||
attested measurement has been taken on an Attester."; | attested measurement has been taken on an Attester."; | |||
} | } | |||
identity ima { | identity ima { | |||
base attested_event_log_type; | base attested_event_log_type; | |||
description | description | |||
"An event type recorded in IMA."; | "An event type recorded in IMA."; | |||
skipping to change at page 13, line 34 ¶ | skipping to change at line 589 ¶ | |||
description | description | |||
"An event type associated with Network Equipment Boot."; | "An event type associated with Network Equipment Boot."; | |||
} | } | |||
/*****************/ | /*****************/ | |||
/* Groupings */ | /* Groupings */ | |||
/*****************/ | /*****************/ | |||
grouping tpm20-hash-algo { | grouping tpm20-hash-algo { | |||
description | description | |||
"The cryptographic algorithm used to hash the TPM2 PCRs. This | "The cryptographic algorithm used to hash the PCRs compliant | |||
must be from the list of platform supported options."; | with TPM 2.0. This must be from the list of platform- | |||
supported options."; | ||||
leaf tpm20-hash-algo { | leaf tpm20-hash-algo { | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
must '. = /tpm:rats-support-structures' | must '. = /tpm:rats-support-structures' | |||
+ '/tpm:attester-supported-algos/tpm:tpm20-hash' { | + '/tpm:attester-supported-algos/tpm:tpm20-hash' { | |||
error-message "This platform does not support tpm20-hash-algo"; | error-message "This platform does not support " | |||
+ "tpm20-hash-algo"; | ||||
} | } | |||
description | description | |||
"The hash scheme that is used to hash a TPM2.0 PCR. This | "The hash scheme that is used to hash a PCR compliant with | |||
must be one of those supported by a platform. | TPM 2.0. This must be one of those supported by a platform. | |||
Where this object does not appear, the default value of | Where this object does not appear, the default value of | |||
'taa:TPM_ALG_SHA256' will apply."; | 'taa:TPM_ALG_SHA256' will apply."; | |||
} | } | |||
} | } | |||
grouping tpm12-hash-algo { | grouping tpm12-hash-algo { | |||
description | description | |||
"The cryptographic algorithm used to hash the TPM1.2 PCRs."; | "The cryptographic algorithm used to hash the PCRs compliant | |||
with TPM 1.2."; | ||||
leaf tpm12-hash-algo { | leaf tpm12-hash-algo { | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
must '. = /tpm:rats-support-structures' | must '. = /tpm:rats-support-structures' | |||
+ '/tpm:attester-supported-algos/tpm:tpm12-hash' { | + '/tpm:attester-supported-algos/tpm:tpm12-hash' { | |||
error-message "This platform does not support tpm12-hash-algo"; | error-message "This platform does not support " | |||
+ "tpm12-hash-algo"; | ||||
} | } | |||
description | description | |||
"The hash scheme that is used to hash a TPM1.2 PCR. This | "The hash scheme that is used to hash a PCR compliant with | |||
MUST be one of those supported by a platform. | TPM 1.2. This MUST be one of those supported by a platform. | |||
Where this object does not appear, the default value of | Where this object does not appear, the default value of | |||
'taa:TPM_ALG_SHA1' will apply."; | 'taa:TPM_ALG_SHA1' will apply."; | |||
} | } | |||
} | } | |||
grouping nonce { | grouping nonce { | |||
description | description | |||
"A random number intended to guarantee freshness and for use | "A random number intended to guarantee freshness and for use | |||
as part of a replay-detection mechanism."; | as part of a replay-detection mechanism."; | |||
leaf nonce-value { | leaf nonce-value { | |||
type binary; | type binary; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"A cryptographically generated random number which should | "A cryptographically generated random number that should | |||
not be predictable prior to its issuance from a random | not be predictable prior to its issuance from a random | |||
number generation function. The random number MUST be | number generation function. The random number MUST be | |||
derived from an entropy source external to the Attester. | derived from an entropy source external to the Attester. | |||
Note that a nonce sent into a TPM will typically be 160 or 256 | Note that a nonce sent into a TPM will typically be 160 or | |||
binary digits long. (This is 20 or 32 bytes.) So if fewer | 256 binary digits long. (This is 20 or 32 bytes.) So if | |||
binary digits are sent, this nonce object will be padded | fewer binary digits are sent, this nonce object will be | |||
with leading zeros within Quotes returned from the TPM. | padded with leading zeros within Quotes returned from the | |||
Additionally if more bytes are sent, the nonce will be trimmed | TPM. Additionally, if more bytes are sent, the nonce will | |||
to the most significant binary digits."; | be trimmed to the most significant binary digits."; | |||
} | } | |||
} | } | |||
grouping tpm12-pcr-selection { | grouping tpm12-pcr-selection { | |||
description | description | |||
"A Verifier can request one or more PCR values using its | "A Verifier can request one or more PCR values using its | |||
individually created Attestation Key Certificate (AC). | individually created Attestation Key Certificate (AC). | |||
The corresponding selection filter is represented in this | The corresponding selection filter is represented in this | |||
grouping."; | grouping."; | |||
leaf-list pcr-index { | leaf-list pcr-index { | |||
type pcr; | type pcr; | |||
description | description | |||
"The numbers/indexes of the PCRs. In addition, any selection | "The numbers/indexes of the PCRs. In addition, any selection | |||
of PCRs MUST verify that the set of PCRs requested are a | of PCRs MUST verify that the set of PCRs requested are a | |||
subset the set of PCRs exposed by in the leaf-list | subset of the set of PCRs exposed in the leaf-list | |||
/tpm:rats-support-structures | /tpm:rats-support-structures | |||
/tpm:tpms/tpm:tpm[name=current()]/tpm:tpm12-pcrs"; | /tpm:tpms/tpm:tpm[name=current()]/tpm:tpm12-pcrs"; | |||
} | } | |||
} | } | |||
grouping tpm20-pcr-selection { | grouping tpm20-pcr-selection { | |||
description | description | |||
"A Verifier can acquire one or more PCR values, which are hashed | "A Verifier can acquire one or more PCR values, which are | |||
together in a TPM2B_DIGEST coming from the TPM2. The selection | hashed together in a TPM2B_DIGEST coming from the TPM2. | |||
list of desired PCRs and the Hash Algorithm is represented in | The selection list of desired PCRs and the hash algorithm | |||
this grouping."; | is represented in this grouping."; | |||
list tpm20-pcr-selection { | list tpm20-pcr-selection { | |||
unique "tpm20-hash-algo"; | unique "tpm20-hash-algo"; | |||
description | description | |||
"Specifies the list of PCRs and Hash Algorithms that can be | "Specifies the list of PCRs and hash algorithms that can be | |||
returned within a TPM2B_DIGEST."; | returned within a TPM2B_DIGEST."; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 10.9.7"; | ||||
uses tpm20-hash-algo; | uses tpm20-hash-algo; | |||
leaf-list pcr-index { | leaf-list pcr-index { | |||
type pcr; | type pcr; | |||
description | description | |||
"The numbers of the PCRs that which are being tracked | "The numbers of the PCRs that are being tracked | |||
with a hash based on the tpm20-hash-algo. In addition, | with a hash based on the tpm20-hash-algo. In addition, | |||
any selection of PCRs MUST verify that the set of PCRs | any selection of PCRs MUST verify that the set of PCRs | |||
requested are a subset the set of PCR indexes selected | requested are a subset of the set of selected PCR indexes | |||
are available for that specific TPM."; | available for that specific TPM."; | |||
} | } | |||
} | } | |||
} | } | |||
grouping certificate-name-ref { | grouping certificate-name-ref { | |||
description | description | |||
"Identifies a certificate in a keystore."; | "Identifies a certificate in a keystore."; | |||
leaf certificate-name { | leaf certificate-name { | |||
type certificate-name-ref; | type certificate-name-ref; | |||
mandatory true; | mandatory true; | |||
skipping to change at page 16, line 4 ¶ | skipping to change at line 709 ¶ | |||
grouping certificate-name-ref { | grouping certificate-name-ref { | |||
description | description | |||
"Identifies a certificate in a keystore."; | "Identifies a certificate in a keystore."; | |||
leaf certificate-name { | leaf certificate-name { | |||
type certificate-name-ref; | type certificate-name-ref; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"Identifies a certificate in a keystore."; | "Identifies a certificate in a keystore."; | |||
} | } | |||
} | } | |||
grouping tpm-name { | grouping tpm-name { | |||
description | description | |||
"A unique TPM on a device."; | "A unique TPM on a device."; | |||
leaf name { | leaf name { | |||
type string; | type string; | |||
description | description | |||
"Unique system generated name for a TPM on a device."; | "Unique system-generated name for a TPM on a device."; | |||
} | } | |||
} | } | |||
grouping node-uptime { | grouping node-uptime { | |||
description | description | |||
"Uptime in seconds of the node."; | "Uptime in seconds of the node."; | |||
leaf up-time { | leaf up-time { | |||
type uint32; | type uint32; | |||
description | description | |||
"Uptime in seconds of this node reporting its data"; | "Uptime in seconds of this node reporting its data."; | |||
} | } | |||
} | } | |||
grouping tpm12-attestation { | grouping tpm12-attestation { | |||
description | description | |||
"Contains an instance of TPM1.2 style signed cryptoprocessor | "Contains an instance of cryptoprocessor measurements signed | |||
measurements. It is supplemented by unsigned Attester | according to TPM 1.2. It is supplemented by unsigned | |||
information."; | Attester information."; | |||
uses node-uptime; | uses node-uptime; | |||
leaf pcr-data { | leaf pcr-data { | |||
type binary; | type binary; | |||
description | description | |||
"The value created and signed for the quote (type TPM_PCR_INFO_SHORT), | "The value created and signed for the quote | |||
i.e., the 'pcrData' part of a TPM1.2 Quote2 operation result."; | (type TPM_PCR_INFO_SHORT), i.e., the 'pcrData' part of | |||
a TPM1.2 Quote2 operation result."; | ||||
reference | reference | |||
"TPM1.2-Commands: | "TPM1.2-Commands: | |||
TPM1.2 commands rev116 July 2007, Section 16.5 | TPM Main Part 3 Commands, Rev116, | |||
https://trustedcomputinggroup.org/wp-content/uploads | https://trustedcomputinggroup.org/wp-content/uploads | |||
/TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf"; | /TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf, | |||
Section 16.5"; | ||||
} | } | |||
leaf version-info { | leaf version-info { | |||
type binary; | type binary; | |||
description | description | |||
"The version info (type TPM_CAP_VERSION_INFO), | "The version info (type TPM_CAP_VERSION_INFO), | |||
i.e., the 'versionInfo' part of a TPM1.2 Quote2 operation result."; | i.e., the 'versionInfo' part of a TPM1.2 Quote2 | |||
operation result."; | ||||
reference | reference | |||
"TPM1.2-Commands: | "TPM1.2-Commands: | |||
TPM1.2 commands rev116 July 2007, Section 16.5 | TPM Main Part 3 Commands, Rev116, | |||
https://trustedcomputinggroup.org/wp-content/uploads | https://trustedcomputinggroup.org/wp-content/uploads | |||
/TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf"; | /TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf, | |||
Section 16.5"; | ||||
} | } | |||
leaf sig { | leaf sig { | |||
type binary; | type binary; | |||
description | description | |||
"The signed data blob, i.e., the signature | "The signature generated across the signed data, | |||
i.e., the 'sig' part of a TPM1.2 Quote2 operation result."; | i.e., the 'sig' part of a TPM1.2 Quote2 operation | |||
result."; | ||||
reference | reference | |||
"TPM1.2-Commands: | "TPM1.2-Commands: | |||
TPM1.2 commands rev116 July 2007, Section 16.5 | TPM Main Part 3 Commands, Rev116, | |||
https://trustedcomputinggroup.org/wp-content/uploads | https://trustedcomputinggroup.org/wp-content/uploads | |||
/TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf"; | /TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf, | |||
Section 16.5"; | ||||
} | } | |||
} | } | |||
grouping tpm20-attestation { | grouping tpm20-attestation { | |||
description | description | |||
"Contains an instance of TPM2 style signed cryptoprocessor | "Contains an instance of cryptoprocessor measurements signed | |||
measurements. It is supplemented by unsigned Attester | according to TPM 2.0. It is supplemented by unsigned | |||
information."; | Attester information."; | |||
leaf quote-data { | leaf quote-data { | |||
type binary; | type binary; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"A hash of the latest PCR values (and the hash algorithm used) | "A hash of the latest PCR values (and the hash algorithm | |||
which have been returned from an Attester for the selected PCRs | used) that have been returned from an Attester for the | |||
and Hash Algorithms."; | selected PCRs and hash algorithms."; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.12.1"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 10.12.1"; | ||||
} | } | |||
leaf quote-signature { | leaf quote-signature { | |||
type binary; | type binary; | |||
description | description | |||
"Quote signature returned by TPM Quote. The signature was | "Quote signature returned by TPM Quote. The signature was | |||
generated using the key associated with the | generated using the key associated with the | |||
certificate 'name'."; | certificate 'name'."; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 11.2.1"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 11.2.1"; | ||||
} | } | |||
uses node-uptime; | uses node-uptime; | |||
list unsigned-pcr-values { | list unsigned-pcr-values { | |||
description | description | |||
"PCR values in each PCR bank. This might appear redundant with | "PCR values in each PCR bank. This might appear redundant | |||
the TPM2B_DIGEST, but that digest is calculated across multiple | with the TPM2B_DIGEST, but that digest is calculated across | |||
PCRs. Having to verify across multiple PCRs does not | multiple PCRs. Having to verify across multiple PCRs does | |||
necessarily make it easy for a Verifier to appraise just the | not necessarily make it easy for a Verifier to appraise just | |||
minimum set of PCR information which has changed since the last | the minimum set of PCR information that has changed since | |||
received TPM2B_DIGEST. Put another way, why should a Verifier | the last received TPM2B_DIGEST. Put another way, why should | |||
reconstruct the proper value of all PCR Quotes when only a | a Verifier reconstruct the proper value of all PCR Quotes | |||
single PCR has changed? | when only a single PCR has changed? | |||
To help this happen, if the Attester does know specific PCR | To help this happen, if the Attester does know specific PCR | |||
values, the Attester can provide these individual values via | values, the Attester can provide these individual values via | |||
'unsigned-pcr-values'. By comparing this information to | 'unsigned-pcr-values'. By comparing this information to | |||
what has previously been validated, it is possible for a | what has previously been validated, it is possible for a | |||
Verifier to confirm the Attester's signature while eliminating | Verifier to confirm the Attester's signature while | |||
eliminating significant processing. Note that there should | ||||
significant processing. Note that there should never be a | never be a result where an unsigned PCR value differs from | |||
result where an unsigned PCR value differs from what may be | what may be reconstructed from within the PCR quote and | |||
reconstructed from the within the PCR quote and the event logs. | the event logs. | |||
If there is a difference, a signed result which has been | If there is a difference, a signed result that has been | |||
verified from retrieved logs is considered definitive."; | verified from retrieved logs is considered definitive."; | |||
uses tpm20-hash-algo; | uses tpm20-hash-algo; | |||
list pcr-values { | list pcr-values { | |||
key "pcr-index"; | key "pcr-index"; | |||
description | description | |||
"List of one PCR bank."; | "List of one PCR bank."; | |||
leaf pcr-index { | leaf pcr-index { | |||
type pcr; | type pcr; | |||
description | description | |||
"PCR index number."; | "PCR index number."; | |||
} | } | |||
leaf pcr-value { | leaf pcr-value { | |||
type binary; | type binary; | |||
description | description | |||
"PCR value."; | "PCR value."; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 10.9.7"; | ||||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
grouping log-identifier { | grouping log-identifier { | |||
description | description | |||
"Identifier for type of log to be retrieved."; | "Identifier for type of log to be retrieved."; | |||
leaf log-type { | leaf log-type { | |||
type identityref { | type identityref { | |||
base attested_event_log_type; | base attested_event_log_type; | |||
} | } | |||
mandatory true; | mandatory true; | |||
description | description | |||
"The corresponding measurement log type identity."; | "The corresponding identity of the measurement log type."; | |||
} | } | |||
} | } | |||
grouping boot-event-log { | grouping boot-event-log { | |||
description | description | |||
"Defines a specific instance of an event log entry | "Defines a specific instance of an event log entry | |||
and corresponding to the information used to | and corresponding to the information used to | |||
extend the PCR"; | extend the PCR."; | |||
leaf event-number { | leaf event-number { | |||
type uint32; | type uint32; | |||
description | description | |||
"Unique event number of this event which monotonically | "Unique event number of this event, which monotonically | |||
increases within a given event log. The maximum event | increases within a given event log. The maximum event | |||
number should not be reached, nor is wrapping back to | number should not be reached, nor is wrapping back to | |||
an earlier number supported."; | an earlier number supported."; | |||
} | } | |||
leaf event-type { | leaf event-type { | |||
type uint32; | type uint32; | |||
description | description | |||
"BIOS Log Event Type: | "BIOS log event type."; | |||
reference | ||||
"BIOS-Log: | ||||
TCG PC Client Platform Firmware Profile Specification, | ||||
https://trustedcomputinggroup.org/wp-content/uploads/ | https://trustedcomputinggroup.org/wp-content/uploads/ | |||
TCG_PCClient_PFP_r1p05_v23_pub.pdf Section 10.4.1"; | TCG-PC-Client-Platform-Firmware-Profile-Version-1.06- | |||
Revision-52_pub-2.pdf, Section 10.4.1"; | ||||
} | } | |||
leaf pcr-index { | leaf pcr-index { | |||
type pcr; | type pcr; | |||
description | description | |||
"Defines the PCR index that this event extended"; | "Defines the PCR index that this event extended."; | |||
} | } | |||
list digest-list { | list digest-list { | |||
description | description | |||
"Hash of event data"; | "Hash of event data."; | |||
leaf hash-algo { | leaf hash-algo { | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
description | description | |||
"The hash scheme that is used to compress the event data in | "The hash scheme that is used to compress the event data in | |||
each of the leaf-list digest items."; | each of the leaf-list digest items."; | |||
} | } | |||
leaf-list digest { | leaf-list digest { | |||
type binary; | type binary; | |||
description | description | |||
"The hash of the event data using the algorithm of the | "The hash of the event data using the algorithm of the | |||
'hash-algo' against 'event data'."; | 'hash-algo' against 'event data'."; | |||
} | } | |||
} | } | |||
leaf event-size { | leaf event-size { | |||
type uint32; | type uint32; | |||
description | description | |||
"Size of the event data"; | "Size of the event data."; | |||
} | } | |||
leaf-list event-data { | leaf-list event-data { | |||
type binary; | type binary; | |||
description | description | |||
"The event data. This is a binary structure | "The event data. This is a binary structure | |||
of size 'event-size'. For more on what | of size 'event-size'. For more on what | |||
might be recorded within this object | might be recorded within this object | |||
see [bios-log] Section 9 which details | see BIOS-Log, Section 10, which details | |||
viable events which might be recorded."; | viable events that might be recorded."; | |||
reference | ||||
"BIOS-Log: | ||||
TCG PC Client Platform Firmware Profile Specification, | ||||
https://trustedcomputinggroup.org/wp-content/uploads/ | ||||
TCG-PC-Client-Platform-Firmware-Profile-Version-1.06- | ||||
Revision-52_pub-2.pdf, Section 10"; | ||||
} | } | |||
} | } | |||
grouping bios-event-log { | grouping bios-event-log { | |||
description | description | |||
"Measurement log created by the BIOS/UEFI."; | "Measurement log created by the BIOS/UEFI."; | |||
list bios-event-entry { | list bios-event-entry { | |||
key "event-number"; | key "event-number"; | |||
description | description | |||
"Ordered list of TCG described event log | "Ordered list of the TCG-described event log | |||
that extended the PCRs in the order they | that extended the PCRs in the order they | |||
were logged"; | were logged."; | |||
uses boot-event-log; | uses boot-event-log; | |||
} | } | |||
} | } | |||
grouping ima-event { | grouping ima-event { | |||
description | description | |||
"Defines a hash log extend event for IMA measurements"; | "Defines a hash log extend event for IMA measurements."; | |||
reference | reference | |||
"ima-log: | "CEL: | |||
Canonical Event Log Format, | ||||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
TCG_IWG_CEL_v1_r0p41_pub.pdf Section 4.3"; | TCG_IWG_CEL_v1_r0p41_pub.pdf, Section 4.3"; | |||
leaf event-number { | leaf event-number { | |||
type uint64; | type uint64; | |||
description | description | |||
"Unique event number of this event which monotonically | "Unique event number of this event, which monotonically | |||
increases. The maximum event number should not be | increases. The maximum event number should not be | |||
reached, nor is wrapping back to an earlier number | reached, nor is wrapping back to an earlier number | |||
supported."; | supported."; | |||
} | } | |||
leaf ima-template { | leaf ima-template { | |||
type string; | type string; | |||
description | description | |||
"Name of the template used for event logs | "Name of the template used for event logs, | |||
for e.g. ima, ima-ng, ima-sig"; | e.g., ima, ima-ng, ima-sig."; | |||
} | } | |||
leaf filename-hint { | leaf filename-hint { | |||
type string; | type string; | |||
description | description | |||
"File name (including the path) that was measured."; | "File name (including the path) that was measured."; | |||
} | } | |||
leaf filedata-hash { | leaf filedata-hash { | |||
type binary; | type binary; | |||
description | description | |||
"Hash of filedata as updated based upon the | "Hash of filedata as updated based upon the | |||
filedata-hash-algorithm"; | filedata-hash-algorithm."; | |||
} | } | |||
leaf filedata-hash-algorithm { | leaf filedata-hash-algorithm { | |||
type string; | type string; | |||
description | description | |||
"Algorithm used for filedata-hash"; | "Algorithm used for filedata-hash."; | |||
} | } | |||
leaf template-hash-algorithm { | leaf template-hash-algorithm { | |||
type string; | type string; | |||
description | description | |||
"Algorithm used for template-hash"; | "Algorithm used for template-hash."; | |||
} | } | |||
leaf template-hash { | leaf template-hash { | |||
type binary; | type binary; | |||
description | description | |||
"hash(filedata-hash, filename-hint)"; | "hash(filedata-hash, filename-hint)"; | |||
} | } | |||
leaf pcr-index { | leaf pcr-index { | |||
type pcr; | type pcr; | |||
description | description | |||
"Defines the PCR index that this event extended"; | "Defines the PCR index that this event extended."; | |||
} | } | |||
leaf signature { | leaf signature { | |||
type binary; | type binary; | |||
description | description | |||
"Digital file signature which provides a | "Digital file signature that provides a | |||
fingerprint for the file being measured."; | fingerprint for the file being measured."; | |||
} | } | |||
} | } | |||
grouping ima-event-log { | grouping ima-event-log { | |||
description | description | |||
"Measurement log created by IMA."; | "Measurement log created by IMA."; | |||
list ima-event-entry { | list ima-event-entry { | |||
key "event-number"; | key "event-number"; | |||
description | description | |||
"Ordered list of ima event logs by event-number"; | "Ordered list of IMA event logs by event-number."; | |||
uses ima-event; | uses ima-event; | |||
} | } | |||
} | } | |||
grouping network-equipment-boot-event-log { | grouping network-equipment-boot-event-log { | |||
description | description | |||
"Measurement log created by Network Equipment Boot. The Network | "Measurement log created by Network Equipment Boot. The | |||
Equipment Boot format is identical to the IMA format. In | Network Equipment Boot format is identical to the IMA | |||
contrast to the IMA log, the Network Equipment Boot log | format. In contrast to the IMA log, the Network Equipment | |||
includes every measurable event from an Attester, including | Boot log includes every measurable event from an Attester, | |||
the boot stages of BIOS, Bootloader, etc. In essence, the scope | including the boot stages of BIOS, Bootloader, etc. In | |||
of events represented in this format combines the scope of BIOS | essence, the scope of events represented in this format | |||
events and IMA events."; | combines the scope of BIOS events and IMA events."; | |||
list boot-event-entry { | list boot-event-entry { | |||
key "event-number"; | key "event-number"; | |||
description | description | |||
"Ordered list of Network Equipment Boot event logs | "Ordered list of Network Equipment Boot event logs | |||
by event-number, using the IMA event format."; | by event-number, using the IMA event format."; | |||
uses ima-event; | uses ima-event; | |||
} | } | |||
} | } | |||
grouping event-logs { | grouping event-logs { | |||
description | description | |||
"A selector for the log and its type."; | "A selector for the log and its type."; | |||
choice attested_event_log_type { | choice attested_event_log_type { | |||
mandatory true; | mandatory true; | |||
description | description | |||
"Event log type determines the event logs content."; | "Event log type determines the event log's content."; | |||
case bios { | case bios { | |||
if-feature "bios"; | if-feature "bios"; | |||
description | description | |||
"BIOS/UEFI event logs"; | "BIOS/UEFI event logs."; | |||
container bios-event-logs { | container bios-event-logs { | |||
description | description | |||
"BIOS/UEFI event logs"; | "BIOS/UEFI event logs."; | |||
uses bios-event-log; | uses bios-event-log; | |||
} | } | |||
} | } | |||
case ima { | case ima { | |||
if-feature "ima"; | if-feature "ima"; | |||
description | description | |||
"IMA event logs."; | "IMA event logs."; | |||
container ima-event-logs { | container ima-event-logs { | |||
description | description | |||
"IMA event logs."; | "IMA event logs."; | |||
uses ima-event-log; | uses ima-event-log; | |||
} | } | |||
} | } | |||
case netequip_boot { | case netequip_boot { | |||
if-feature "netequip_boot"; | if-feature "netequip_boot"; | |||
description | description | |||
"Network Equipment Boot event logs"; | "Network Equipment Boot event logs."; | |||
container boot-event-logs { | container boot-event-logs { | |||
description | description | |||
"Network equipment boot event logs."; | "Network Equipment Boot event logs."; | |||
uses network-equipment-boot-event-log; | uses network-equipment-boot-event-log; | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
/**********************/ | /**********************/ | |||
/* RPC operations */ | /* RPC operations */ | |||
/**********************/ | /**********************/ | |||
rpc tpm12-challenge-response-attestation { | rpc tpm12-challenge-response-attestation { | |||
if-feature "taa:tpm12"; | if-feature "taa:tpm12"; | |||
description | description | |||
"This RPC accepts the input for TSS TPM 1.2 commands made to the | "This RPC accepts the input for TSS TPM 1.2 commands made to | |||
attesting device."; | the attesting device."; | |||
input { | input { | |||
container tpm12-attestation-challenge { | container tpm12-attestation-challenge { | |||
description | description | |||
"This container includes every information element defined | "This container includes every information element defined | |||
in the reference challenge-response interaction model for | in the reference challenge-response interaction model for | |||
remote attestation. Corresponding values are based on | remote attestation. Corresponding values are based on | |||
TPM 1.2 structure definitions"; | TPM 1.2 structure definitions"; | |||
uses tpm12-pcr-selection; | uses tpm12-pcr-selection; | |||
uses nonce; | uses nonce; | |||
leaf-list certificate-name { | leaf-list certificate-name { | |||
if-feature "tpm:mtpm"; | if-feature "tpm:mtpm"; | |||
type certificate-name-ref; | type certificate-name-ref; | |||
must "/tpm:rats-support-structures/tpm:tpms" | must "/tpm:rats-support-structures/tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm12']" | + "/tpm:tpm[tpm:firmware-version='taa:tpm12']" | |||
+ "/tpm:certificates/" | + "/tpm:certificates/" | |||
+ "/tpm:certificate[name=current()]" { | + "/tpm:certificate[name=current()]" { | |||
skipping to change at page 24, line 5 ¶ | skipping to change at line 1118 ¶ | |||
description | description | |||
"When populated, the RPC will only get a Quote for the | "When populated, the RPC will only get a Quote for the | |||
TPMs associated with these certificate(s)."; | TPMs associated with these certificate(s)."; | |||
} | } | |||
} | } | |||
} | } | |||
output { | output { | |||
list tpm12-attestation-response { | list tpm12-attestation-response { | |||
unique "certificate-name"; | unique "certificate-name"; | |||
description | description | |||
"The binary output of TPM 1.2 TPM_Quote/TPM_Quote2, including | "The binary output of TPM 1.2 TPM_Quote/TPM_Quote2, | |||
the PCR selection and other associated attestation evidence | including the PCR selection and other associated | |||
metadata"; | attestation evidence metadata."; | |||
uses certificate-name-ref { | uses certificate-name-ref { | |||
description | description | |||
"Certificate associated with this tpm12-attestation."; | "Certificate associated with this tpm12-attestation."; | |||
} | } | |||
uses tpm12-attestation; | uses tpm12-attestation; | |||
} | } | |||
} | } | |||
} | } | |||
rpc tpm20-challenge-response-attestation { | rpc tpm20-challenge-response-attestation { | |||
if-feature "taa:tpm20"; | if-feature "taa:tpm20"; | |||
description | description | |||
"This RPC accepts the input for TSS TPM 2.0 commands of the | "This RPC accepts the input for TSS TPM 2.0 commands of the | |||
managed device. ComponentIndex from the hardware manager YANG | managed device. Composite devices may contain several TPMs; | |||
module is used to refer to dedicated TPM in composite devices, | /hardware/component/physical-index from the hardware management | |||
e.g. smart NICs, is not covered."; | YANG module is used to refer to dedicated TPMs in composite | |||
devices; however, devices without TPMs are not covered."; | ||||
input { | input { | |||
container tpm20-attestation-challenge { | container tpm20-attestation-challenge { | |||
description | description | |||
"This container includes every information element defined | "This container includes every information element defined | |||
in the reference challenge-response interaction model for | in the reference challenge-response interaction model for | |||
remote attestation. Corresponding values are based on | remote attestation. Corresponding values are based on | |||
TPM 2.0 structure definitions"; | TPM 2.0 structure definitions."; | |||
uses nonce; | uses nonce; | |||
uses tpm20-pcr-selection; | uses tpm20-pcr-selection; | |||
leaf-list certificate-name { | leaf-list certificate-name { | |||
if-feature "tpm:mtpm"; | if-feature "tpm:mtpm"; | |||
type certificate-name-ref; | type certificate-name-ref; | |||
must "/tpm:rats-support-structures/tpm:tpms" | must "/tpm:rats-support-structures/tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm20']" | + "/tpm:tpm[tpm:firmware-version='taa:tpm20']" | |||
+ "/tpm:certificates/" | + "/tpm:certificates/" | |||
+ "/tpm:certificate[name=current()]" { | + "/tpm:certificate[name=current()]" { | |||
error-message "Not an available TPM2.0 AIK certificate."; | error-message "Not an available TPM2.0 AIK certificate."; | |||
skipping to change at page 25, line 5 ¶ | skipping to change at line 1167 ¶ | |||
"When populated, the RPC will only get a Quote for the | "When populated, the RPC will only get a Quote for the | |||
TPMs associated with the certificates."; | TPMs associated with the certificates."; | |||
} | } | |||
} | } | |||
} | } | |||
output { | output { | |||
list tpm20-attestation-response { | list tpm20-attestation-response { | |||
unique "certificate-name"; | unique "certificate-name"; | |||
description | description | |||
"The binary output of TPM2_Quote from one TPM of the | "The binary output of TPM2_Quote from one TPM of the | |||
node which identified by node-id. An TPMS_ATTEST structure | node which is identified by node-id: an attestation | |||
including a length, encapsulated in a signature"; | structure (TPMS_ATTEST), including a length, and a | |||
signature (TPMT_SIGNATURE) over that structure."; | ||||
reference | ||||
"TPM2.0-Structures: | ||||
Trusted Platform Module Library Part 2: Structures, | ||||
Revision 01.83, https://trustedcomputinggroup.org/ | ||||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 10.12.12"; | ||||
uses certificate-name-ref { | uses certificate-name-ref { | |||
description | description | |||
"Certificate associated with this tpm20-attestation."; | "Certificate associated with this tpm20-attestation."; | |||
} | } | |||
uses tpm20-attestation; | uses tpm20-attestation; | |||
} | } | |||
} | } | |||
} | } | |||
rpc log-retrieval { | rpc log-retrieval { | |||
description | description | |||
"Logs Entries are either identified via indices or via providing | "Log entries are identified either via indices or by providing | |||
the last line received. The number of lines returned can be | the last line received. The number of lines returned can be | |||
limited. The type of log is a choice that can be augmented."; | limited. The type of log is a choice that can be augmented."; | |||
input { | input { | |||
uses log-identifier; | uses log-identifier; | |||
list log-selector { | list log-selector { | |||
description | description | |||
"Only log entries which meet all the selection criteria | "Only log entries that meet all of the provided selection | |||
provided are to be returned by the RPC output."; | criteria are to be returned by the RPC output."; | |||
leaf-list name { | leaf-list name { | |||
type string; | type string; | |||
description | description | |||
"Name of one or more unique TPMs on a device. If this | "Name of one or more unique TPMs on a device. If this | |||
object exists, a selection should pull only the objects | object exists, a selection should pull only the objects | |||
related to these TPM(s). If it does not exist, all | related to these TPM(s). If it does not exist, all | |||
qualifying TPMs that are 'hardware-based' equals true | qualifying TPMs that are 'hardware-based' equals true | |||
on the device are selected. When this selection | on the device are selected. When this selection | |||
criteria is provided, it will be considered as a logical | criteria is provided, it will be considered as a logical | |||
AND with any other selection criteria provided."; | AND with any other selection criteria provided."; | |||
} | } | |||
choice index-type { | choice index-type { | |||
description | description | |||
"Last log entry received, log index number, or timestamp."; | "Last log entry received, log index number, or | |||
timestamp."; | ||||
case last-entry { | case last-entry { | |||
description | description | |||
"The last entry of the log already retrieved."; | "The last entry of the log already retrieved."; | |||
leaf last-entry-value { | leaf last-entry-value { | |||
type binary; | type binary; | |||
description | description | |||
"Content of a log event which matches 1:1 with a | "Content of a log event that matches 1:1 with a | |||
unique event record contained within the log. Log | unique event record contained within the log. Log | |||
entries after this will be passed to the | entries after this will be passed to the | |||
requester. Note: if log entry values are not unique, | requester. Note: if log entry values are not | |||
this MUST return an error."; | unique, this MUST return an error."; | |||
} | } | |||
} | } | |||
case index { | case index { | |||
description | description | |||
"Numeric index of the last log entry retrieved, or | "Numeric index of the last log entry retrieved, or | |||
zero."; | zero."; | |||
leaf last-index-number { | leaf last-index-number { | |||
type uint64; | type uint64; | |||
description | description | |||
"The last numeric index number of a log entry. | "The last numeric index number of a log entry. | |||
skipping to change at page 26, line 43 ¶ | skipping to change at line 1260 ¶ | |||
type uint16; | type uint16; | |||
description | description | |||
"The number of log entries to be returned. If omitted, it | "The number of log entries to be returned. If omitted, it | |||
means all of them."; | means all of them."; | |||
} | } | |||
} | } | |||
} | } | |||
output { | output { | |||
container system-event-logs { | container system-event-logs { | |||
description | description | |||
"The requested data of the measurement event logs"; | "The requested data of the measurement event logs."; | |||
list node-data { | list node-data { | |||
unique "name"; | unique "name"; | |||
description | description | |||
"Event logs of a node in a distributed system | "Event logs of a node in a distributed system | |||
identified by the node name"; | identified by the node name."; | |||
uses tpm-name; | uses tpm-name; | |||
uses node-uptime; | uses node-uptime; | |||
container log-result { | container log-result { | |||
description | description | |||
"The requested entries of the corresponding log."; | "The requested entries of the corresponding log."; | |||
uses event-logs; | uses event-logs; | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
/**************************************/ | /****************************************/ | |||
/* Config & Oper accessible nodes */ | /* Config and Oper accessible nodes */ | |||
/**************************************/ | /****************************************/ | |||
container rats-support-structures { | container rats-support-structures { | |||
description | description | |||
"The datastore definition enabling verifiers or relying | "The datastore definition enabling Verifiers or Relying | |||
parties to discover the information necessary to use the | Parties to discover the information necessary to use the | |||
remote attestation RPCs appropriately."; | remote attestation RPCs appropriately."; | |||
container compute-nodes { | container compute-nodes { | |||
if-feature "tpm:mtpm"; | if-feature "tpm:mtpm"; | |||
description | description | |||
"Holds the set of device subsystems/components in this | "Holds the set of device subsystems/components in this | |||
composite device that support TPM operations."; | composite device that support TPM operations."; | |||
list compute-node { | list compute-node { | |||
key "node-id"; | key "node-id"; | |||
unique "node-name"; | unique "node-name"; | |||
config false; | config false; | |||
min-elements 2; | min-elements 2; | |||
description | description | |||
"A component within this composite device which | "A component within this composite device that | |||
supports TPM operations."; | supports TPM operations."; | |||
leaf node-id { | leaf node-id { | |||
type string; | type string; | |||
description | description | |||
"ID of the compute node, such as Board Serial Number."; | "ID of the compute node, such as Board Serial Number."; | |||
} | } | |||
leaf node-physical-index { | leaf node-physical-index { | |||
if-feature "hw:entity-mib"; | if-feature "hw:entity-mib"; | |||
type int32 { | type int32 { | |||
range "1..2147483647"; | range "1..2147483647"; | |||
skipping to change at page 28, line 29 ¶ | skipping to change at line 1343 ¶ | |||
unique "path"; | unique "path"; | |||
description | description | |||
"A list of TPMs in this composite device that RATS | "A list of TPMs in this composite device that RATS | |||
can be conducted with."; | can be conducted with."; | |||
uses tpm-name; | uses tpm-name; | |||
leaf hardware-based { | leaf hardware-based { | |||
type boolean; | type boolean; | |||
config false; | config false; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"System generated indication of whether this is a | "System-generated indication of whether this is a | |||
hardware based TPM."; | hardware-based TPM."; | |||
} | } | |||
leaf physical-index { | leaf physical-index { | |||
if-feature "hw:entity-mib"; | if-feature "hw:entity-mib"; | |||
type int32 { | type int32 { | |||
range "1..2147483647"; | range "1..2147483647"; | |||
} | } | |||
config false; | config false; | |||
description | description | |||
"The entPhysicalIndex for the TPM."; | "The entPhysicalIndex for the TPM."; | |||
reference | reference | |||
"RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; | "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; | |||
} | } | |||
leaf path { | leaf path { | |||
type string; | type string; | |||
config false; | config false; | |||
description | description | |||
"Device path to a unique TPM on a device. This can change | "Device path to a unique TPM on a device. This can | |||
across reboots."; | change across reboots."; | |||
} | } | |||
leaf compute-node { | leaf compute-node { | |||
if-feature "tpm:mtpm"; | if-feature "tpm:mtpm"; | |||
type compute-node-ref; | type compute-node-ref; | |||
config false; | config false; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"Indicates the compute node measured by this TPM."; | "Indicates the compute node measured by this TPM."; | |||
} | } | |||
leaf manufacturer { | leaf manufacturer { | |||
skipping to change at page 29, line 31 ¶ | skipping to change at line 1393 ¶ | |||
description | description | |||
"Identifies the cryptoprocessor API set supported. This | "Identifies the cryptoprocessor API set supported. This | |||
is automatically configured by the device and should not | is automatically configured by the device and should not | |||
be changed."; | be changed."; | |||
} | } | |||
uses tpm12-hash-algo { | uses tpm12-hash-algo { | |||
when "derived-from-or-self(firmware-version, 'taa:tpm12')"; | when "derived-from-or-self(firmware-version, 'taa:tpm12')"; | |||
if-feature "taa:tpm12"; | if-feature "taa:tpm12"; | |||
refine "tpm12-hash-algo" { | refine "tpm12-hash-algo" { | |||
description | description | |||
"The hash algorithm overwrites the default used for PCRs | "The hash algorithm overwrites the default used for | |||
on this TPM1.2 compliant cryptoprocessor."; | PCRs on this TPM1.2-compliant cryptoprocessor."; | |||
} | } | |||
} | } | |||
leaf-list tpm12-pcrs { | leaf-list tpm12-pcrs { | |||
when | when "derived-from-or-self(../firmware-version, " | |||
"derived-from-or-self(../firmware-version, 'taa:tpm12')"; | + "'taa:tpm12')"; | |||
if-feature "taa:tpm12"; | if-feature "taa:tpm12"; | |||
type pcr; | type pcr; | |||
description | description | |||
"The PCRs which may be extracted from this TPM1.2 | "The PCRs that may be extracted from this TPM1.2- | |||
compliant cryptoprocessor."; | compliant cryptoprocessor."; | |||
} | } | |||
list tpm20-pcr-bank { | list tpm20-pcr-bank { | |||
when | when "derived-from-or-self(../firmware-version, " | |||
"derived-from-or-self(../firmware-version, 'taa:tpm20')"; | + "'taa:tpm20')"; | |||
if-feature "taa:tpm20"; | if-feature "taa:tpm20"; | |||
key "tpm20-hash-algo"; | key "tpm20-hash-algo"; | |||
description | description | |||
"Specifies the list of PCRs that may be extracted for | "Specifies the list of PCRs that may be extracted for | |||
a specific Hash Algorithm on this TPM2 compliant | a specific hash algorithm on this TPM2-compliant | |||
cryptoprocessor. A bank is a set of PCRs which are | cryptoprocessor. A bank is a set of PCRs that are | |||
extended using a particular hash algorithm."; | extended using a particular hash algorithm."; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://www.trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf, | ||||
Section 10.9.7"; | ||||
leaf tpm20-hash-algo { | leaf tpm20-hash-algo { | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
must '/tpm:rats-support-structures' | must '/tpm:rats-support-structures' | |||
+ '/tpm:attester-supported-algos' | + '/tpm:attester-supported-algos' | |||
+ '/tpm:tpm20-hash' { | + '/tpm:tpm20-hash' { | |||
error-message "This platform does not support tpm20-hash-algo"; | error-message "This platform does not support " | |||
+ "tpm20-hash-algo"; | ||||
} | } | |||
description | description | |||
"The hash scheme actively being used to hash a | "The hash scheme actively being used to hash | |||
one or more TPM2.0 PCRs."; | one or more TPM2.0 PCRs."; | |||
} | } | |||
leaf-list pcr-index { | leaf-list pcr-index { | |||
type tpm:pcr; | type tpm:pcr; | |||
description | description | |||
"Defines what TPM2 PCRs are available to be extracted."; | "Defines which TPM2.0 PCRs are available to be | |||
extracted."; | ||||
} | } | |||
} | } | |||
leaf status { | leaf status { | |||
type enumeration { | type enumeration { | |||
enum operational { | enum operational { | |||
value 0; | value 0; | |||
description | description | |||
"The TPM currently is running normally and | "The TPM currently is running normally and | |||
is ready to accept and process TPM quotes."; | is ready to accept and process TPM quotes."; | |||
reference | reference | |||
"TPM2.0-Arch: | "TPM2.0-Arch: Trusted Platform Module Library | |||
https://trustedcomputinggroup.org/wp-content/uploads/ | Part 1: Architecture, | |||
TCG_TPM2_r1p59_Part1_Architecture_pub.pdf | https://trustedcomputinggroup.org/wp-content/ | |||
uploads/TPM-2.0-1.83-Part-1-Architecture.pdf, | ||||
Section 12"; | Section 12"; | |||
} | } | |||
enum non-operational { | enum non-operational { | |||
value 1; | value 1; | |||
description | description | |||
"TPM is in a state such as startup or shutdown which | "TPM is in a state such as startup or shutdown, which | |||
precludes the processing of TPM quotes."; | precludes the processing of TPM quotes."; | |||
} | } | |||
} | } | |||
config false; | config false; | |||
mandatory true; | mandatory true; | |||
description | description | |||
"TPM chip self-test status."; | "TPM chip self-test status."; | |||
} | } | |||
container certificates { | container certificates { | |||
description | description | |||
"The TPM's certificates, including EK certificates | "The TPM's certificates, including EK Certificates | |||
and Attestation Key certificates."; | and Attestation Key Certificates."; | |||
list certificate { | list certificate { | |||
key "name"; | key "name"; | |||
description | description | |||
"Three types of certificates can be accessed via | "Three types of certificates can be accessed via | |||
this statement, including Initial Attestation | this statement, including Initial Attestation | |||
Key Certificate, Local Attestation Key Certificate or | Key Certificate, Local Attestation Key Certificate, or | |||
Endorsement Key Certificate."; | Endorsement Key Certificate."; | |||
leaf name { | leaf name { | |||
type string; | type string; | |||
description | description | |||
"An arbitrary name uniquely identifying a certificate | "An arbitrary name uniquely identifying a certificate | |||
associated within key within a TPM."; | associated with a key within a TPM."; | |||
} | } | |||
leaf keystore-ref { | leaf keystore-ref { | |||
if-feature "ks:central-keystore-supported"; | if-feature "ks:central-keystore-supported"; | |||
if-feature "ks:asymmetric-keys"; | if-feature "ks:asymmetric-keys"; | |||
type leafref { | type leafref { | |||
path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key" | path "/ks:keystore/ks:asymmetric-keys" | |||
+ "/ks:name"; | + "/ks:asymmetric-key/ks:name"; | |||
} | } | |||
description | description | |||
"A reference to a specific certificate of an | "A reference to a specific certificate of an | |||
asymmetric key in the Keystore."; | asymmetric key in the keystore."; | |||
} | } | |||
leaf type { | leaf type { | |||
type enumeration { | type enumeration { | |||
enum endorsement-certificate { | enum endorsement-certificate { | |||
value 0; | value 0; | |||
description | description | |||
"Endorsement Key (EK) Certificate type."; | "Endorsement Key (EK) Certificate type."; | |||
reference | reference | |||
"TPM2.0-Key: | "TPM2.0-Key: | |||
TPM 2.0 Keys for Device Identity and Attestation | ||||
https://trustedcomputinggroup.org/wp-content/ | https://trustedcomputinggroup.org/wp-content/ | |||
uploads/TPM-2p0-Keys-for-Device-Identity- | uploads/TPM-2p0-Keys-for-Device-Identity- | |||
and-Attestation_v1_r12_pub10082021.pdf | and-Attestation_v1_r12_pub10082021.pdf, | |||
Section 3.11"; | Section 3.11"; | |||
} | } | |||
enum initial-attestation-certificate { | enum initial-attestation-certificate { | |||
value 1; | value 1; | |||
description | description | |||
"Initial Attestation key (IAK) Certificate type."; | "Initial Attestation Key (IAK) Certificate | |||
type."; | ||||
reference | reference | |||
"TPM2.0-Key: | "TPM2.0-Key: | |||
TPM 2.0 Keys for Device Identity and Attestation | ||||
https://trustedcomputinggroup.org/wp-content/ | https://trustedcomputinggroup.org/wp-content/ | |||
uploads/TPM-2p0-Keys-for-Device-Identity- | uploads/TPM-2p0-Keys-for-Device-Identity- | |||
and-Attestation_v1_r12_pub10082021.pdf | and-Attestation_v1_r12_pub10082021.pdf, | |||
Section 3.2"; | Section 3.2"; | |||
} | } | |||
enum local-attestation-certificate { | enum local-attestation-certificate { | |||
value 2; | value 2; | |||
description | description | |||
"Local Attestation Key (LAK) Certificate type."; | "Local Attestation Key (LAK) Certificate type."; | |||
reference | reference | |||
"TPM2.0-Key: | "TPM2.0-Key: | |||
TPM 2.0 Keys for Device Identity and Attestation | ||||
https://trustedcomputinggroup.org/wp-content/ | https://trustedcomputinggroup.org/wp-content/ | |||
uploads/TPM-2p0-Keys-for-Device-Identity- | uploads/TPM-2p0-Keys-for-Device-Identity- | |||
and-Attestation_v1_r12_pub10082021.pdf | and-Attestation_v1_r12_pub10082021.pdf, | |||
Section 3.2"; | Section 3.2"; | |||
} | } | |||
} | } | |||
description | description | |||
"Function supported by this certificate from within the | "Function supported by this certificate from within | |||
TPM."; | the TPM."; | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
container attester-supported-algos { | container attester-supported-algos { | |||
description | description | |||
"Identifies which TPM algorithms are available for use on an | "Identifies which TPM algorithms are available for use on an | |||
attesting platform."; | attesting platform."; | |||
leaf-list tpm12-asymmetric-signing { | leaf-list tpm12-asymmetric-signing { | |||
when "../../tpm:tpms" | when "../../tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | |||
if-feature "taa:tpm12"; | if-feature "taa:tpm12"; | |||
type identityref { | type identityref { | |||
base taa:asymmetric; | base taa:asymmetric; | |||
} | } | |||
description | description | |||
"Platform Supported TPM12 asymmetric algorithms."; | "Platform-supported TPM1.2 asymmetric algorithms."; | |||
} | } | |||
leaf-list tpm12-hash { | leaf-list tpm12-hash { | |||
when "../../tpm:tpms" | when "../../tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | |||
if-feature "taa:tpm12"; | if-feature "taa:tpm12"; | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
description | description | |||
"Platform supported TPM12 hash algorithms."; | "Platform-supported TPM1.2 hash algorithms."; | |||
} | } | |||
leaf-list tpm20-asymmetric-signing { | leaf-list tpm20-asymmetric-signing { | |||
when "../../tpm:tpms" | when "../../tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | |||
if-feature "taa:tpm20"; | if-feature "taa:tpm20"; | |||
type identityref { | type identityref { | |||
base taa:asymmetric; | base taa:asymmetric; | |||
} | } | |||
description | description | |||
"Platform Supported TPM20 asymmetric algorithms."; | "Platform-supported TPM2.0 asymmetric algorithms."; | |||
} | } | |||
leaf-list tpm20-hash { | leaf-list tpm20-hash { | |||
when "../../tpm:tpms" | when "../../tpm:tpms" | |||
+ "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | |||
if-feature "taa:tpm20"; | if-feature "taa:tpm20"; | |||
type identityref { | type identityref { | |||
base taa:hash; | base taa:hash; | |||
} | } | |||
description | description | |||
"Platform supported TPM20 hash algorithms."; | "Platform-supported TPM2.0 hash algorithms."; | |||
} | } | |||
} | } | |||
} | } | |||
} | } | |||
<CODE ENDS> | <CODE ENDS> | |||
Figure 1 | Figure 1 | |||
2.1.2. 'ietf-tcg-algs' | 2.1.2. ietf-tcg-algs | |||
This document has encoded the TCG Algorithm definitions of | This document has encoded the TCG Algorithm definitions of Table 3 of | |||
[TCG-Algos], revision 1.32. By including this full table as a | [TCG-Algos], revision 1.32. By including this full table as a | |||
separate YANG file within this document, it is possible for other | separate YANG file within this document, it is possible for other | |||
YANG models to leverage the contents of this model. Specific | YANG modules to leverage the contents of this module. Specific | |||
references to [RFC2104], [RFC8017], [ISO-IEC-9797-1], | references to [TPM1.2-Structures], [TPM2.0], [RFC2104], [RFC8017], | |||
[ISO-IEC-9797-2], [ISO-IEC-10116], [ISO-IEC-10118-3], | [RFC8032], [ISO-IEC-9797-1], [ISO-IEC-9797-2], [ISO-IEC-10116], | |||
[ISO-IEC-14888-3], [ISO-IEC-15946-1], [ISO-IEC-18033-3], | [ISO-IEC-10118-3], [ISO-IEC-14888-3], [ISO-IEC-15946-1], | |||
[IEEE-Std-1363-2000], [IEEE-Std-1363a-2004], [NIST-PUB-FIPS-202], | [ISO-IEC-18033-3], [IEEE-Std-1363-2000], [IEEE-Std-1363a-2004], | |||
[NIST-SP800-38C], [NIST-SP800-38D], [NIST-SP800-38F], | [NIST-FIPS-202], [NIST-SP800-38C], [NIST-SP800-38D], | |||
[NIST-SP800-56A], [NIST-SP800-108], [bios-log], as well as Appendix A | [NIST-SP800-38F], [NIST-SP800-56A], and [NIST-SP800-108] exist within | |||
and Appendix B exist within the YANG Model. | the YANG module. | |||
2.1.2.1. Features | 2.1.2.1. Features | |||
There are two types of features supported: 'TPM12' and 'TPM20'. | There are two types of features supported: 'tpm12' and 'tpm20'. | |||
Support for either of these features indicates that a cryptoprocessor | Support for either of these features indicates that a cryptoprocessor | |||
supporting the corresponding type of TCG TPM API is present on an | supporting the corresponding type of TCG TPM API is present on an | |||
Attester. Most commonly, only one type of cryptoprocessor will be | Attester. Most commonly, only one type of cryptoprocessor will be | |||
available on an Attester. | available on an Attester. | |||
2.1.2.2. Identities | 2.1.2.2. Identities | |||
There are three types of identities in this model: | There are three types of identities in this model: | |||
1. Cryptographic functions supported by a TPM algorithm; these | 1. Cryptographic functions supported by a TPM algorithm; these | |||
include: 'asymmetric', 'symmetric', 'hash', 'signing', | include 'asymmetric', 'symmetric', 'hash', 'signing', | |||
'anonymous_signing', 'encryption_mode', 'method', and | 'anonymous_signing', 'encryption_mode', 'method', and | |||
'object_type'. The definitions of each of these are in Table 2 | 'object_type'. The definitions of each of these are in Table 2 | |||
of [TCG-Algos]. | of [TCG-Algos]. | |||
2. API specifications for TPM types: 'tpm12' and 'tpm20' | 2. API specifications for TPM types: 'tpm12' and 'tpm20' | |||
3. Specific algorithm types: Each algorithm type defines what | 3. Specific algorithm types: Each algorithm type defines which | |||
cryptographic functions may be supported, and on which type of | cryptographic functions may be supported, and on which type of | |||
API specification. It is not required that an implementation of | API specification. It is not required that an implementation of | |||
a specific TPM will support all algorithm types. The contents of | a specific TPM will support all algorithm types. The contents of | |||
each specific algorithm mirrors what is in Table 3 of | each specific algorithm mirrors the contents of Table 3 of | |||
[TCG-Algos]. | [TCG-Algos]. | |||
2.1.2.3. YANG Module | 2.1.2.3. YANG Module | |||
<CODE BEGINS> file "ietf-tcg-algs@2022-03-23.yang" | <CODE BEGINS> file "ietf-tcg-algs@2024-10-22.yang" | |||
module ietf-tcg-algs { | module ietf-tcg-algs { | |||
yang-version 1.1; | yang-version 1.1; | |||
namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | |||
prefix taa; | prefix taa; | |||
organization | organization | |||
"IETF RATS (Remote ATtestation procedureS) Working Group"; | "IETF RATS (Remote ATtestation procedureS) Working Group"; | |||
contact | contact | |||
"WG Web: <https://datatracker.ietf.org/wg/rats/> | "WG Web: <https://datatracker.ietf.org/wg/rats/> | |||
WG List: <mailto:rats@ietf.org> | WG List: <mailto:rats@ietf.org> | |||
Author: Eric Voit <mailto:evoit@cisco.com>"; | Author: Eric Voit <mailto:evoit@cisco.com>"; | |||
description | description | |||
"This module defines identities for asymmetric algorithms. | "This module defines identities for asymmetric algorithms. | |||
Copyright (c) 2022 IETF Trust and the persons identified as | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | |||
authors of the code. All rights reserved. | NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | |||
Redistribution and use in source and binary forms, with | 'MAY', and 'OPTIONAL' in this document are to be interpreted as | |||
or without modification, is permitted pursuant to, and | described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | |||
subject to the license terms contained in, the Revised | they appear in all capitals, as shown here. | |||
BSD License set forth in Section 4.c of the IETF Trust's | ||||
Legal Provisions Relating to IETF Documents | ||||
(https://trustee.ietf.org/license-info). | ||||
This version of this YANG module is part of RFC XXXX | Copyright (c) 2024 IETF Trust and the persons identified as | |||
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself | authors of the code. All rights reserved. | |||
for full legal notices. | ||||
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | Redistribution and use in source and binary forms, with or | |||
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | without modification, is permitted pursuant to, and subject to | |||
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | the license terms contained in, the Revised BSD License set | |||
are to be interpreted as described in BCP 14 (RFC 2119) | forth in Section 4.c of the IETF Trust's Legal Provisions | |||
(RFC 8174) when, and only when, they appear in all | Relating to IETF Documents | |||
capitals, as shown here."; | (https://trustee.ietf.org/license-info). | |||
revision 2022-03-23 { | This version of this YANG module is part of RFC 9684; see the | |||
RFC itself for full legal notices."; | ||||
revision 2024-10-22 { | ||||
description | description | |||
"Initial version"; | "Initial version"; | |||
reference | reference | |||
"RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | "RFC 9684: A YANG Data Model for Challenge-Response-Based | |||
Attestation Procedures using TPMs"; | Remote Attestation (CHARRA) Procedures Using Trusted Platform | |||
Modules (TPMs)"; | ||||
} | } | |||
/*****************/ | /*****************/ | |||
/* Features */ | /* Features */ | |||
/*****************/ | /*****************/ | |||
feature tpm12 { | feature tpm12 { | |||
description | description | |||
"This feature indicates algorithm support for the TPM 1.2 API | "This feature indicates algorithm support for the TPM 1.2 API | |||
as per Section 4.8 of TPM1.2-Structures: | per Section 4.8 of TPM1.2-Structures."; | |||
TPM Main Part 2 TPM Structures | reference | |||
https://trustedcomputinggroup.org/wp-content/uploads/TPM- | "TPM1.2-Structures: TPM Main Part 2 TPM Structures, | |||
Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf"; | https://trustedcomputinggroup.org/wp-content/uploads/ | |||
TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf | ||||
TPM_ALGORITHM_ID values, Section 4.8"; | ||||
} | } | |||
feature tpm20 { | feature tpm20 { | |||
description | description | |||
"This feature indicates algorithm support for the TPM 2.0 API | "This feature indicates algorithm support for the TPM 2.0 API | |||
as per Section 11.4 of Trusted Platform Module Library | per Section 11.4 of Trusted Platform Module Library Part 1: | |||
Part 1: Architecture. See TPM2.0-Arch: | Architecture."; | |||
https://trustedcomputinggroup.org/wp-content/uploads/ | reference | |||
TCG_TPM2_r1p59_Part1_Architecture_pub.pdf"; | "TPM2.0-Arch: Trusted Platform Module Library Part 1: | |||
Architecture, https://trustedcomputinggroup.org/wp-content/ | ||||
uploads/TPM-2.0-1.83-Part-1-Architecture.pdf, Section 11.4"; | ||||
} | } | |||
/*****************/ | /*****************/ | |||
/* Identities */ | /* Identities */ | |||
/*****************/ | /*****************/ | |||
identity asymmetric { | identity asymmetric { | |||
description | description | |||
"A TCG recognized asymmetric algorithm with a public and | "A TCG-recognized asymmetric algorithm with a public and | |||
private key."; | private key."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2, | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2, | |||
https://trustedcomputinggroup.org/resource/ | https://trustedcomputinggroup.org/resource/ | |||
tcg-algorithm-registry/TCG-_Algorithm_Registry_r1p32_pub"; | tcg-algorithm-registry/TCG-_Algorithm_Registry_r1p32_pub"; | |||
} | } | |||
identity symmetric { | identity symmetric { | |||
description | description | |||
"A TCG recognized symmetric algorithm with only a private key."; | "A TCG-recognized symmetric algorithm with only a private | |||
key."; | ||||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity hash { | identity hash { | |||
description | description | |||
"A TCG recognized hash algorithm that compresses input data to | "A TCG-recognized hash algorithm that compresses input data to | |||
a digest value or indicates a method that uses a hash."; | a digest value or indicates a method that uses a hash."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity signing { | identity signing { | |||
description | description | |||
"A TCG recognized signing algorithm"; | "A TCG-recognized signing algorithm"; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity anonymous_signing { | identity anonymous_signing { | |||
description | description | |||
"A TCG recognized anonymous signing algorithm."; | "A TCG-recognized anonymous signing algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity encryption_mode { | identity encryption_mode { | |||
description | description | |||
"A TCG recognized encryption mode."; | "A TCG-recognized encryption mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity method { | identity method { | |||
description | description | |||
"A TCG recognized method such as a mask generation function."; | "A TCG-recognized method such as a mask generation function."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity object_type { | identity object_type { | |||
description | description | |||
"A TCG recognized object type."; | "A TCG-recognized object type."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 2"; | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 2"; | |||
} | } | |||
identity cryptoprocessor { | identity cryptoprocessor { | |||
description | description | |||
"Base identity identifying a crytoprocessor."; | "Base identity identifying a crytoprocessor."; | |||
} | } | |||
identity tpm12 { | identity tpm12 { | |||
if-feature "tpm12"; | if-feature "tpm12"; | |||
base cryptoprocessor; | base cryptoprocessor; | |||
description | description | |||
"Supportable by a TPM1.2."; | "Supportable by a TPM 1.2."; | |||
reference | reference | |||
"TPM1.2-Structures: | "TPM1.2-Structures: | |||
TPM Main Part 2 TPM Structures, | ||||
https://trustedcomputinggroup.org/wp-content/uploads/ | https://trustedcomputinggroup.org/wp-content/uploads/ | |||
TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf | TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf | |||
TPM_ALGORITHM_ID values, Section 4.8"; | TPM_ALGORITHM_ID values, Section 4.8"; | |||
} | } | |||
identity tpm20 { | identity tpm20 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base cryptoprocessor; | base cryptoprocessor; | |||
description | description | |||
"Supportable by a TPM2."; | "Supportable by a TPM 2.0"; | |||
reference | reference | |||
"TPM2.0-Structures: | "TPM2.0-Structures: | |||
https://trustedcomputinggroup.org/wp-content/uploads/ | Trusted Platform Module Library Part 2: Structures, | |||
TPM-Rev-2.0-Part-2-Structures-01.38.pdf"; | Revision 01.83, https://trustedcomputinggroup.org/ | |||
wp-content/uploads/TPM-2.0-1.83-Part-2-Structures.pdf"; | ||||
} | } | |||
identity TPM_ALG_RSA { | identity TPM_ALG_RSA { | |||
if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
base tpm12; | base tpm12; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base object_type; | base object_type; | |||
description | description | |||
"RSA algorithm"; | "RSA algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8017. ALG_ID: 0x0001"; | RFC 8017. ALG_ID: 0x0001"; | |||
} | } | |||
identity TPM_ALG_TDES { | identity TPM_ALG_TDES { | |||
if-feature "tpm12"; | if-feature "tpm12"; | |||
base tpm12; | base tpm12; | |||
base symmetric; | base symmetric; | |||
description | description | |||
"Block cipher with various key sizes (Triple Data Encryption | "Block cipher with various key sizes (Triple Data Encryption | |||
Algorithm, commonly called Triple Data Encryption Standard) | Algorithm, commonly called Triple Data Encryption Standard) | |||
Note: was banned in TPM1.2 v94"; | Note: Was banned in TPM 1.2, v94"; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 18033-3. ALG_ID: 0x0003"; | ISO/IEC 18033-3. ALG_ID: 0x0003"; | |||
} | } | |||
identity TPM_ALG_SHA1 { | identity TPM_ALG_SHA1 { | |||
if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
base hash; | base hash; | |||
base tpm12; | base tpm12; | |||
base tpm20; | base tpm20; | |||
description | description | |||
"SHA1 algorithm - Deprecated due to insufficient cryptographic | "SHA1 algorithm - Deprecated due to insufficient cryptographic | |||
protection. However, it is still useful for hash algorithms | protection. However, it is still useful for hash algorithms | |||
where protection is not required."; | where protection is not required."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry Rev1.34, Table 3, and | |||
ISO/IEC 10118-3. ALG_ID: 0x0004"; | ISO/IEC 10118-3. ALG_ID: 0x0004"; | |||
} | } | |||
identity TPM_ALG_HMAC { | identity TPM_ALG_HMAC { | |||
if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
base tpm12; | base tpm12; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base signing; | base signing; | |||
description | description | |||
"Hash Message Authentication Code (HMAC) algorithm"; | "Hash Message Authentication Code (HMAC) algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3, | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 9797-2 and RFC2104. ALG_ID: 0x0005"; | ISO/IEC 9797-2, and | |||
RFC 2104. ALG_ID: 0x0005"; | ||||
} | } | |||
identity TPM_ALG_AES { | identity TPM_ALG_AES { | |||
if-feature "tpm12"; | if-feature "tpm12"; | |||
base tpm12; | base tpm12; | |||
base symmetric; | base symmetric; | |||
description | description | |||
"The AES algorithm with various key sizes"; | "The AES algorithm with various key sizes."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3, | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 18033-3. ALG_ID: 0x0006"; | ISO/IEC 18033-3. ALG_ID: 0x0006"; | |||
} | } | |||
identity TPM_ALG_MGF1 { | identity TPM_ALG_MGF1 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base method; | base method; | |||
description | description | |||
"hash-based mask-generation function"; | "Hash-based mask-generation function."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3, | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
IEEE Std 1363-2000 and IEEE Std 1363a-2004. | IEEE Std 1363-2000, and | |||
IEEE Std 1363a-2004. | ||||
ALG_ID: 0x0007"; | ALG_ID: 0x0007"; | |||
} | } | |||
identity TPM_ALG_KEYEDHASH { | identity TPM_ALG_KEYEDHASH { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base object_type; | base object_type; | |||
description | description | |||
"An encryption or signing algorithm using a keyed hash. These | "An encryption or signing algorithm using a keyed hash. These | |||
may use XOR for encryption or an HMAC for signing and may | may use XOR for encryption or an HMAC for signing and may | |||
also refer to a data object that is neither signing nor | also refer to a data object that is neither signing nor | |||
encrypting."; | encrypting."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3, | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x0008"; | ALG_ID: 0x0008"; | |||
} | } | |||
identity TPM_ALG_XOR { | identity TPM_ALG_XOR { | |||
if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
base tpm12; | base tpm12; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base symmetric; | base symmetric; | |||
description | description | |||
"The XOR encryption algorithm."; | "The XOR encryption algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3. | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x000A"; | ALG_ID: 0x000A"; | |||
} | } | |||
identity TPM_ALG_SHA256 { | identity TPM_ALG_SHA256 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SHA 256 algorithm"; | "The SHA-256 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10118-3. ALG_ID: 0x000B"; | ISO/IEC 10118-3. ALG_ID: 0x000B"; | |||
} | } | |||
identity TPM_ALG_SHA384 { | identity TPM_ALG_SHA384 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SHA 384 algorithm"; | "The SHA-384 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10118-3. ALG_ID: 0x000C"; | ISO/IEC 10118-3. ALG_ID: 0x000C"; | |||
} | } | |||
identity TPM_ALG_SHA512 { | identity TPM_ALG_SHA512 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SHA 512 algorithm"; | "The SHA-512 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10118-3. ALG_ID: 0x000D"; | ISO/IEC 10118-3. ALG_ID: 0x000D"; | |||
} | } | |||
identity TPM_ALG_NULL { | identity TPM_ALG_NULL { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
description | description | |||
"NULL algorithm"; | "Null algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3. | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x0010"; | ALG_ID: 0x0010"; | |||
} | } | |||
identity TPM_ALG_SM3_256 { | identity TPM_ALG_SM3_256 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SM3 hash algorithm."; | "The ShangMi 3 (SM3) hash algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10118-3:2018. ALG_ID: 0x0012"; | ISO/IEC 10118-3:2018. ALG_ID: 0x0012"; | |||
} | } | |||
identity TPM_ALG_SM4 { | identity TPM_ALG_SM4 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
description | description | |||
"SM4 symmetric block cipher"; | "ShangMi 4 (SM4) symmetric block cipher."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3. | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x0013"; | ALG_ID: 0x0013"; | |||
} | } | |||
identity TPM_ALG_RSASSA { | identity TPM_ALG_RSASSA { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
description | description | |||
"RFC 8017 Signature algorithm defined in section 8.2 | "Signature algorithm defined in Section 8.2 | |||
(RSASSAPKCS1-v1_5)"; | (RSASSA-PKCS1-v1_5) of RFC 8017."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8017. ALG_ID: 0x0014"; | RFC 8017. ALG_ID: 0x0014"; | |||
} | } | |||
identity TPM_ALG_RSAES { | identity TPM_ALG_RSAES { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"RFC 8017 Signature algorithm defined in section 7.2 | "Signature algorithm defined in Section 7.2 | |||
(RSAES-PKCS1-v1_5)"; | (RSAES-PKCS1-v1_5) of RFC 8017."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8017. ALG_ID: 0x0015"; | RFC 8017. ALG_ID: 0x0015"; | |||
} | } | |||
identity TPM_ALG_RSAPSS { | identity TPM_ALG_RSAPSS { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
description | description | |||
"Padding algorithm defined in section 8.1 (RSASSA PSS)"; | "Padding algorithm defined in Section 8.1 (RSASSA-PSS) | |||
of RFC 8017."; | ||||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8017. ALG_ID: 0x0016"; | RFC 8017. ALG_ID: 0x0016"; | |||
} | } | |||
identity TPM_ALG_OAEP { | identity TPM_ALG_OAEP { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Padding algorithm defined in section 7.1 (RSASSA OAEP)"; | "Padding algorithm defined in Section 7.1 (RSAES-OAEP) | |||
of RFC 8017."; | ||||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8017. ALG_ID: 0x0017"; | RFC 8017. ALG_ID: 0x0017"; | |||
} | } | |||
identity TPM_ALG_ECDSA { | identity TPM_ALG_ECDSA { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
description | description | |||
"Signature algorithm using elliptic curve cryptography (ECC)"; | "Signature algorithm using elliptic curve cryptography (ECC)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 14888-3. ALG_ID: 0x0018"; | ISO/IEC 14888-3. ALG_ID: 0x0018"; | |||
} | } | |||
identity TPM_ALG_ECDH { | identity TPM_ALG_ECDH { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base method; | base method; | |||
description | description | |||
"Secret sharing using ECC"; | "Secret sharing using ECC."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-56A. ALG_ID: 0x0019"; | NIST SP800-56A. ALG_ID: 0x0019"; | |||
} | } | |||
identity TPM_ALG_ECDAA { | identity TPM_ALG_ECDAA { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
base anonymous_signing; | base anonymous_signing; | |||
description | description | |||
"Elliptic-curve based anonymous signing scheme"; | "Elliptic-curve-based, anonymous signing scheme."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
TCG TPM 2.0 library specification. ALG_ID: 0x001A"; | TCG TPM 2.0 Library. ALG_ID: 0x001A"; | |||
} | } | |||
identity TPM_ALG_SM2 { | identity TPM_ALG_SM2 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
base method; | base method; | |||
description | description | |||
"SM2 - depending on context, either an elliptic-curve based, | "SM2 - depending on context, either an elliptic-curve based, | |||
signature algorithm, an encryption scheme, or a key exchange | signature algorithm, an encryption scheme, or a key exchange | |||
protocol"; | protocol."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3. | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x001B"; | ALG_ID: 0x001B"; | |||
} | } | |||
identity TPM_ALG_ECSCHNORR { | identity TPM_ALG_ECSCHNORR { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
description | description | |||
"Elliptic-curve based Schnorr signature"; | "Elliptic-curve-based Schnorr signature."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3. | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3. | |||
ALG_ID: 0x001C"; | ALG_ID: 0x001C"; | |||
} | } | |||
identity TPM_ALG_ECMQV { | identity TPM_ALG_ECMQV { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base method; | base method; | |||
description | description | |||
"Two-phase elliptic-curve key"; | "Two-phase elliptic-curve key."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-56A. ALG_ID: 0x001D"; | NIST SP800-56A. ALG_ID: 0x001D"; | |||
} | } | |||
identity TPM_ALG_KDF1_SP800_56A { | identity TPM_ALG_KDF1_SP800_56A { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base method; | base method; | |||
description | description | |||
"Concatenation key derivation function"; | "Concatenation key derivation function."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-56A (approved alternative1) section 5.8.1. | NIST SP800-56A (approved alternative1) Section 5.8.1. | |||
ALG_ID: 0x0020"; | ALG_ID: 0x0020"; | |||
} | } | |||
identity TPM_ALG_KDF2 { | identity TPM_ALG_KDF2 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
base method; | base method; | |||
description | description | |||
"Key derivation function"; | "Key derivation function."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021"; | IEEE 1363a-2004, KDF2, Section 13.2. ALG_ID: 0x0021"; | |||
} | } | |||
identity TPM_ALG_KDF1_SP800_108 { | identity TPM_ALG_KDF1_SP800_108 { | |||
base TPM_ALG_KDF2; | base TPM_ALG_KDF2; | |||
description | description | |||
"A key derivation method"; | "A key derivation method."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3 and | |||
NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022"; | NIST SP800-108, Section 4.1, KDF. ALG_ID: 0x0022"; | |||
} | } | |||
identity TPM_ALG_ECC { | identity TPM_ALG_ECC { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base object_type; | base object_type; | |||
description | description | |||
"Prime field ECC"; | "Prime field ECC."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 15946-1. ALG_ID: 0x0023"; | ISO/IEC 15946-1. ALG_ID: 0x0023"; | |||
} | } | |||
identity TPM_ALG_SYMCIPHER { | identity TPM_ALG_SYMCIPHER { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base object_type; | base object_type; | |||
description | description | |||
"Object type for a symmetric block cipher"; | "Object type for a symmetric block cipher."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
TCG TPM 2.0 library specification. ALG_ID: 0x0025"; | TCG TPM 2.0 Library. ALG_ID: 0x0025"; | |||
} | } | |||
identity TPM_ALG_CAMELLIA { | identity TPM_ALG_CAMELLIA { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
description | description | |||
"The Camellia algorithm"; | "The Camellia algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 18033-3. ALG_ID: 0x0026"; | ISO/IEC 18033-3. ALG_ID: 0x0026"; | |||
} | } | |||
identity TPM_ALG_SHA3_256 { | identity TPM_ALG_SHA3_256 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"ISO/IEC 10118-3 - the SHA 256 algorithm"; | "ISO/IEC 10118-3 - the SHA-256 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST PUB FIPS 202. ALG_ID: 0x0027"; | NIST FIPS 202. ALG_ID: 0x0027"; | |||
} | } | |||
identity TPM_ALG_SHA3_384 { | identity TPM_ALG_SHA3_384 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SHA 384 algorithm"; | "The SHA-384 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST PUB FIPS 202. ALG_ID: 0x0028"; | NIST FIPS 202. ALG_ID: 0x0028"; | |||
} | } | |||
identity TPM_ALG_SHA3_512 { | identity TPM_ALG_SHA3_512 { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base hash; | base hash; | |||
description | description | |||
"The SHA 512 algorithm"; | "The SHA-512 algorithm."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST PUB FIPS 202. ALG_ID: 0x0029"; | NIST FIPS 202. ALG_ID: 0x0029"; | |||
} | } | |||
identity TPM_ALG_CMAC { | identity TPM_ALG_CMAC { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
description | description | |||
"block Cipher-based Message Authentication Code (CMAC)"; | "Block Cipher-based Message Authentication Code (CMAC)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F"; | ISO/IEC 9797-1:2011, Algorithm 5. ALG_ID: 0x003F"; | |||
} | } | |||
identity TPM_ALG_CTR { | identity TPM_ALG_CTR { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Counter mode"; | "Counter mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10116. ALG_ID: 0x0040"; | ISO/IEC 10116. ALG_ID: 0x0040"; | |||
} | } | |||
identity TPM_ALG_OFB { | identity TPM_ALG_OFB { | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Output Feedback mode"; | "Output Feedback mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10116. ALG_ID: 0x0041"; | ISO/IEC 10116. ALG_ID: 0x0041"; | |||
} | } | |||
identity TPM_ALG_CBC { | identity TPM_ALG_CBC { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Cipher Block Chaining mode"; | "Cipher Block Chaining mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10116. ALG_ID: 0x0042"; | ISO/IEC 10116. ALG_ID: 0x0042"; | |||
} | } | |||
identity TPM_ALG_CFB { | identity TPM_ALG_CFB { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Cipher Feedback mode"; | "Cipher Feedback mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10116. ALG_ID: 0x0043"; | ISO/IEC 10116. ALG_ID: 0x0043"; | |||
} | } | |||
identity TPM_ALG_ECB { | identity TPM_ALG_ECB { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Electronic Codebook mode"; | "Electronic Codebook mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
ISO/IEC 10116. ALG_ID: 0x0044"; | ISO/IEC 10116. ALG_ID: 0x0044"; | |||
} | } | |||
identity TPM_ALG_CCM { | identity TPM_ALG_CCM { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Counter with Cipher Block Chaining-Message Authentication | "Counter with Cipher Block Chaining--Message Authentication | |||
Code (CCM)"; | Code (CCM)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-38C. ALG_ID: 0x0050"; | NIST SP800-38C. ALG_ID: 0x0050"; | |||
} | } | |||
identity TPM_ALG_GCM { | identity TPM_ALG_GCM { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Galois/Counter Mode (GCM)"; | "Galois/Counter Mode (GCM)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-38D. ALG_ID: 0x0051"; | NIST SP800-38D. ALG_ID: 0x0051"; | |||
} | } | |||
identity TPM_ALG_KW { | identity TPM_ALG_KW { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"AES Key Wrap (KW)"; | "AES Key Wrap (KW)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-38F. ALG_ID: 0x0052"; | NIST SP800-38F. ALG_ID: 0x0052"; | |||
} | } | |||
identity TPM_ALG_KWP { | identity TPM_ALG_KWP { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"AES Key Wrap with Padding (KWP)"; | "AES Key Wrap with Padding (KWP)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-38F. ALG_ID: 0x0053"; | NIST SP800-38F. ALG_ID: 0x0053"; | |||
} | } | |||
identity TPM_ALG_EAX { | identity TPM_ALG_EAX { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base symmetric; | base symmetric; | |||
base signing; | base signing; | |||
base encryption_mode; | base encryption_mode; | |||
description | description | |||
"Authenticated-Encryption Mode"; | "Authenticated-Encryption Mode."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
NIST SP800-38F. ALG_ID: 0x0054"; | NIST SP800-38F. ALG_ID: 0x0054"; | |||
} | } | |||
identity TPM_ALG_EDDSA { | identity TPM_ALG_EDDSA { | |||
if-feature "tpm20"; | if-feature "tpm20"; | |||
base tpm20; | base tpm20; | |||
base asymmetric; | base asymmetric; | |||
base signing; | base signing; | |||
description | description | |||
"Edwards-curve Digital Signature Algorithm (PureEdDSA)"; | "Edwards-curve Digital Signature Algorithm (PureEdDSA)."; | |||
reference | reference | |||
"TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos: TCG Algorithm Registry, Rev1.34, Table 3, and | |||
RFC 8032. ALG_ID: 0x0060"; | RFC 8032. ALG_ID: 0x0060"; | |||
} | } | |||
} | } | |||
<CODE ENDS> | <CODE ENDS> | |||
Note that not all cryptographic functions are required for use by | Note that not all cryptographic functions are required for use by | |||
ietf-tpm-remote-attestation.yang. However, the full definition of | ietf-tpm-remote-attestation.yang. However, the full definition of | |||
Table 3 of [TCG-Algos] will allow use by additional YANG | Table 3 of [TCG-Algos] will allow use by additional YANG | |||
specifications. | specifications. | |||
3. IANA Considerations | 3. IANA Considerations | |||
This document registers the following namespace URIs in the | This document registers the following namespace URIs in the | |||
[xml-registry] as per [RFC3688]: | [XML-Registry] per [RFC3688]: | |||
URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation | URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation | |||
Registrant Contact: The IESG. | Registrant Contact: The IESG. | |||
XML: N/A; the requested URI is an XML namespace. | XML: N/A; the requested URI is an XML namespace. | |||
URI: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | URI: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | |||
Registrant Contact: The IESG. | Registrant Contact: The IESG. | |||
XML: N/A; the requested URI is an XML namespace. | XML: N/A; the requested URI is an XML namespace. | |||
This document registers the following YANG modules in the registry | This document registers the following YANG modules in the registry | |||
[yang-parameters] as per Section 14 of [RFC6020]: | [YANG-Parameters] per Section 14 of [RFC6020]: | |||
Name: ietf-tpm-remote-attestation | Name: ietf-tpm-remote-attestation | |||
Namespace: urn:ietf:params:xml:ns:yang:ietf-tpm-remote- | Namespace: urn:ietf:params:xml:ns:yang:ietf-tpm-remote- | |||
attestation | attestation | |||
Prefix: tpm | Prefix: tpm | |||
Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | |||
skipping to change at page 50, line 23 ¶ | skipping to change at line 2409 ¶ | |||
4. Security Considerations | 4. Security Considerations | |||
The YANG module ietf-tpm-remote-attestation.yang specified in this | The YANG module ietf-tpm-remote-attestation.yang specified in this | |||
document defines a schema for data that is designed to be accessed | document defines a schema for data that is designed to be accessed | |||
via network management protocols such as NETCONF [RFC6241] or | via network management protocols such as NETCONF [RFC6241] or | |||
RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport | RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport | |||
layer, and the mandatory-to-implement secure transport is Secure | layer, and the mandatory-to-implement secure transport is Secure | |||
Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the | Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the | |||
mandatory-to-implement secure transport is TLS [RFC8446]. | mandatory-to-implement secure transport is TLS [RFC8446]. | |||
The Network Configuration Access Control Model (NACM) [RFC8341] | ||||
provides the means to restrict access for particular NETCONF or | ||||
RESTCONF users to a preconfigured subset of all available NETCONF or | ||||
RESTCONF protocol operations and content. | ||||
Of special consideration are the following nodes: | ||||
* In the 'tpms' container, the 'certificates' will expose | ||||
certificates used for attestation, potentially allowing selection | ||||
of a certificate that might be compromised. The 'type' could also | ||||
be misconfigured to represent a different type of key, which might | ||||
alter how a Verifier might evaluate the results. | ||||
* Within the 'attester-supported-algos' container, each leaf-list | ||||
will expose and potentially allow changing of the encryption | ||||
algorithms supported by a device. | ||||
There are a number of data nodes defined in this YANG module that are | There are a number of data nodes defined in this YANG module that are | |||
writable/creatable/deletable (i.e., _config true_, which is the | writable/creatable/deletable (i.e., _config true_, which is the | |||
default). These data nodes may be considered sensitive or vulnerable | default). These data nodes may be considered sensitive or vulnerable | |||
in some network environments. Write operations (e.g., _edit-config_) | in some network environments. Write operations (e.g., _edit-config_) | |||
to these data nodes without proper protection can have a negative | to these data nodes without proper protection can have a negative | |||
effect on network operations. These are the subtrees and data nodes | effect on network operations. These are the subtrees and data nodes | |||
as well as their sensitivity/vulnerability: | as well as their sensitivity/vulnerability: | |||
Container '/rats-support-structures/attester-supported-algos': 'tpm1 | Container '/rats-support-structures/attester-supported-algos': 'tpm1 | |||
2-asymmetric-signing', 'tpm12-hash', 'tpm20-asymmetric-signing', | 2-asymmetric-signing', 'tpm12-hash', 'tpm20-asymmetric-signing', | |||
and 'tpm20-hash'. All could be populated with algorithms that are | and 'tpm20-hash'. All could be populated with algorithms that are | |||
not supported by the underlying physical TPM installed by the | not supported by the underlying physical TPM installed by the | |||
equipment vendor. A vendor should restrict the ability to | equipment vendor. A vendor should restrict the ability to | |||
configure unsupported algorithms. | configure unsupported algorithms. | |||
Container: '/rats-support-structures/tpms': 'name': Although shown | Container: '/rats-support-structures/tpms': 'name': Although shown | |||
as 'rw', it is system generated. Therefore, it should not be | as 'rw', it is system generated. Therefore, it should not be | |||
possible for an operator to add or remove a TPM from the | possible for an operator to add or remove a TPM from the | |||
configuration. | configuration. | |||
'tpm20-pcr-bank': It is possible to configure PCRs for extraction | 'tpm20-pcr-bank': It is possible to configure PCRs that are not | |||
which are not being extended by system software. This could | being extended by system software for extraction. This could | |||
unnecessarily use TPM resources. | unnecessarily use TPM resources. | |||
'certificates': It is possible to provision a certificate which | 'certificates': It is possible to provision a certificate that | |||
does not correspond to an Attestation Identity Key (AIK) within | does not correspond to an AIK within the TPM 1.2, or to an | |||
the TPM 1.2, or an Attestation Key (AK) within the TPM 2.0 | Attestation Key (AK) within the TPM 2.0, respectively. In such a | |||
respectively. In such a case, calls to an RPC requesting this | case, calls to an RPC requesting this specific certificate could | |||
specific certificate could result in either no response or a | result in either no response or a response from an unexpected TPM. | |||
response for an unexpected TPM. | ||||
RPC 'tpm12-challenge-response-attestation': The receiver of the RPC | RPC 'tpm12-challenge-response-attestation': The receiver of the RPC | |||
response must verify that the certificate is for an active AIK, | response must verify that the certificate is for an active AIK, | |||
i.e., the certificate has been confirmed by a third party as being | i.e., the certificate has been confirmed by a third party as being | |||
able to support Attestation on the targeted TPM 1.2. | able to support Attestation on the targeted TPM 1.2. | |||
RPC 'tpm20-challenge-response-attestation': The receiver of the RPC | RPC 'tpm20-challenge-response-attestation': The receiver of the RPC | |||
response must verify that the certificate is for an active AK, | response must verify that the certificate is for an active AK, | |||
i.e., the private key confirmation of the quote signature within | i.e., the private key confirmation of the quote signature within | |||
the RPC response has been confirmed by a third party to belong to | the RPC response has been confirmed by a third party to belong to | |||
an entity legitimately able to perform Attestation on the targeted | an entity legitimately able to perform Attestation on the targeted | |||
TPM 2.0. | TPM 2.0. | |||
RPC 'log-retrieval': Requesting a large volume of logs from the | RPC 'log-retrieval': Requesting a large volume of logs from the | |||
Attester could require significant system resources and create a | Attester could require significant system resources and create a | |||
denial of service. | denial of service. | |||
Information collected through the RPCs above could reveal that | Information collected through the RPCs above could reveal specific | |||
specific versions of software and configurations of endpoints that | versions of software and configurations of endpoints that could | |||
could identify vulnerabilities on those systems. Therefore, RPCs | identify vulnerabilities on those systems. Therefore, RPCs should be | |||
should be protected by NACM [RFC8341] with a default setting of deny- | protected by NACM [RFC8341] with a default setting of deny-all to | |||
all to limit the extraction of attestation data by only authorized | limit the extraction of attestation data by only authorized | |||
Verifiers. | Verifiers. | |||
For the YANG module ietf-tcg-algs.yang, please use care when | For the YANG module ietf-tcg-algs.yang, please use care when | |||
selecting specific algorithms. The introductory section of | selecting specific algorithms. The introductory section of | |||
[TCG-Algos] highlights that some algorithms should be considered | [TCG-Algos] highlights that some algorithms should be considered | |||
legacy, and recommends implementers and adopters diligently evaluate | legacy, and recommends implementers and adopters diligently evaluate | |||
available information such as governmental, industrial, and academic | available information such as governmental, industrial, and academic | |||
research before selecting an algorithm for use. | research before selecting an algorithm for use. | |||
Some of the readable data nodes in this YANG module may be considered | ||||
sensitive or vulnerable in some network environments. It is thus | ||||
important to control read access (e.g., via get, get-config, or | ||||
notification) to these data nodes. These are the subtrees and data | ||||
nodes and their sensitivity/vulnerability: | ||||
Event logs (bios-log, ima-log, netequip-boot-log) typically contain | ||||
hash values (digests) of running boot and OS software. Passive | ||||
attackers can use these hash values to identify software versions and | ||||
thus launch targeted attacks on known vulnerabilities. Hence, bios- | ||||
log, ima-log, and netequip-boot-log are considerd sensitive. | ||||
Some of the RPC operations in this YANG module may be considered | ||||
sensitive or vulnerable in some network environments. It is thus | ||||
important to control access to these operations. These are the | ||||
operations and their sensitivity/vulnerability: | ||||
The 'log-retrieval' RPC operation is considered sensitive since it | ||||
enables retrieval of logs (bios-log, ima-log, netequip-boot-log) that | ||||
typically contain hash values (digests) of running boot and OS | ||||
software. This allows specifics of loaded software including BIOS | ||||
and operating system software to be understood externally. | ||||
The other two RPC operations, 'tpm20-challenge-response-attestation' | ||||
and 'tpm12-challenge-response-attestation', will expose values | ||||
indicating the internal operational state of the device. These | ||||
values could also be correlated to specifics of running software as | ||||
well. | ||||
5. References | 5. References | |||
5.1. Normative References | 5.1. Normative References | |||
[bios-log] "TCG PC Client Platform Firmware Profile Specification, | [BIOS-Log] Trusted Computing Group, "TCG PC Client Platform Firmware | |||
Section 9.4.5.2", n.d., | Profile Specification", Family "2.0" Level 00 Revision | |||
1.03 Version 51, 1 May 2017, | ||||
<https://trustedcomputinggroup.org/wp-content/uploads/PC-C | <https://trustedcomputinggroup.org/wp-content/uploads/PC-C | |||
lientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | lientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | |||
>. | >. | |||
[BIOS-Log-Event-Type] | [CEL] Trusted Computing Group, "Canonical Event Log Format", | |||
"TCG PC Client Platform Firmware Profile Specification", | Version 1.0 Revision 0.41, 25 February 2022, | |||
n.d., <https://trustedcomputinggroup.org/wp- | ||||
content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf>. | ||||
[cel] "Canonical Event Log Format, Section 4.3", n.d., | ||||
<https://trustedcomputinggroup.org/wp-content/uploads/ | <https://trustedcomputinggroup.org/wp-content/uploads/ | |||
TCG_IWG_CEL_v1_r0p41_pub.pdf>. | TCG_IWG_CEL_v1_r0p41_pub.pdf>. | |||
[I-D.ietf-netconf-keystore] | ||||
Watsen, K., "A YANG Data Model for a Keystore and Keystore | ||||
Operations", Work in Progress, Internet-Draft, draft-ietf- | ||||
netconf-keystore-35, 16 March 2024, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-netconf- | ||||
keystore-35>. | ||||
[I-D.ietf-rats-tpm-based-network-device-attest] | ||||
Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | ||||
based Network Device Remote Integrity Verification", Work | ||||
in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | ||||
network-device-attest-14, 22 March 2022, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-rats- | ||||
tpm-based-network-device-attest-14>. | ||||
[IEEE-Std-1363-2000] | [IEEE-Std-1363-2000] | |||
"IEEE 1363-2000 - IEEE Standard Specifications for Public- | IEEE, "IEEE Standard Specifications for Public-Key | |||
Key Cryptography", n.d., | Cryptography", IEEE Std 1363-2000, | |||
<https://standards.ieee.org/standard/1363-2000.html>. | DOI 10.1109/IEEESTD.2000.92292, August 2000, | |||
<https://ieeexplore.ieee.org/document/891000>. | ||||
[IEEE-Std-1363a-2004] | [IEEE-Std-1363a-2004] | |||
"1363a-2004 - IEEE Standard Specifications for Public-Key | IEEE, "IEEE Standard Specifications for Public-Key | |||
Cryptography - Amendment 1: Additional Techniques", n.d., | Cryptography - Amendment 1: Additional Techniques", IEEE | |||
<https://ieeexplore.ieee.org/document/1335427>. | Std 1363a-2004, DOI 10.1109/IEEESTD.2004.94612, September | |||
2004, <https://ieeexplore.ieee.org/document/1335427>. | ||||
[ISO-IEC-10116] | [ISO-IEC-10116] | |||
"ISO/IEC 10116:2017 - Information technology", n.d., | ISO/IEC, "Information technology - Security techniques - | |||
Modes of operation for an n-bit block cipher", Edition 4, | ||||
ISO/IEC 10116:2017, July 2017, | ||||
<https://www.iso.org/standard/64575.html>. | <https://www.iso.org/standard/64575.html>. | |||
[ISO-IEC-10118-3] | [ISO-IEC-10118-3] | |||
"Dedicated hash-functions - ISO/IEC 10118-3:2018", n.d., | ISO/IEC, "IT Security techniques - Hash-functions - Part | |||
3: Dedicated hash-functions", Edition 4, ISO/ | ||||
IEC 10118-3:2018, October 2018, | ||||
<https://www.iso.org/standard/67116.html>. | <https://www.iso.org/standard/67116.html>. | |||
[ISO-IEC-14888-3] | [ISO-IEC-14888-3] | |||
"ISO/IEC 14888-3:2018 - Digital signatures with appendix", | ISO/IEC, "Security techniques - Digital signatures with | |||
n.d., <https://www.iso.org/standard/76382.html>. | appendix - Part 3: Discrete logarithm based mechanisms", | |||
Edition 4, ISO/IEC 14888-3:2018, November 2018, | ||||
<https://www.iso.org/standard/76382.html>. | ||||
[ISO-IEC-15946-1] | [ISO-IEC-15946-1] | |||
"ISO/IEC 15946-1:2016 - Information technology", n.d., | ISO/IEC, "Information technology - Security techniques - | |||
Cryptographic techniques based on elliptic curves - Part | ||||
1: General", Edition 3, ISO/IEC 15946-1:2016, July 2016, | ||||
<https://www.iso.org/standard/65480.html>. | <https://www.iso.org/standard/65480.html>. | |||
[ISO-IEC-18033-3] | [ISO-IEC-18033-3] | |||
"ISO/IEC 18033-3:2010 - Encryption algorithms", n.d., | ISO/IEC, "Information technology - Security techniques - | |||
Encryption algorithms - Part 3: Block ciphers", Edition 2, | ||||
ISO/IEC 18033-3:2010, December 2010, | ||||
<https://www.iso.org/standard/54531.html>. | <https://www.iso.org/standard/54531.html>. | |||
[ISO-IEC-9797-1] | [ISO-IEC-9797-1] | |||
"Message Authentication Codes (MACs) - ISO/IEC | ISO/IEC, "Information technology - Security techniques - | |||
9797-1:2011", n.d., | Message Authentication Codes (MACs) - Part 1: Mechanisms | |||
<https://www.iso.org/standard/50375.html>. | using a block cipher", Edition 2, ISO/IEC 9797-1:2011, | |||
November 2011, <https://www.iso.org/standard/50375.html>. | ||||
[ISO-IEC-9797-2] | [ISO-IEC-9797-2] | |||
"Message Authentication Codes (MACs) - ISO/IEC | ISO/IEC, "Information security - Message authentication | |||
9797-2:2011", n.d., | codes (MACs) - Part 2: Mechanisms using a dedicated hash- | |||
<https://www.iso.org/standard/51618.html>. | function", Edition 3, ISO/IEC 9797-2:2021, June 2021, | |||
<https://www.iso.org/standard/75296.html>. | ||||
[NIST-PUB-FIPS-202] | [NIST-FIPS-202] | |||
"SHA-3 Standard: Permutation-Based Hash and Extendable- | NIST, "SHA-3 Standard: Permutation-Based Hash and | |||
Output Functions", n.d., | Extendable-Output Functions", NIST FIPS 202, | |||
DOI 10.6028/NIST.FIPS.202, August 2015, | ||||
<https://csrc.nist.gov/publications/detail/fips/202/ | <https://csrc.nist.gov/publications/detail/fips/202/ | |||
final>. | final>. | |||
[NIST-SP800-108] | [NIST-SP800-108] | |||
"Recommendation for Key Derivation Using Pseudorandom | Chen, L., "Recommendation for Key Derivation Using | |||
Functions", n.d., | Pseudorandom Functions", | |||
<https://nvlpubs.nist.gov/nistpubs/Legacy/SP/ | DOI 10.6028/NIST.SP.800-108r1-upd1, NIST | |||
nistspecialpublication800-108.pdf>. | SP 800-108r1-upd1, February 2024, | |||
<https://csrc.nist.gov/pubs/sp/800/108/r1/upd1/final>. | ||||
[NIST-SP800-38C] | [NIST-SP800-38C] | |||
"Recommendation for Block Cipher Modes of Operation: the | Dworkin, M., "Recommendation for Block Cipher Modes of | |||
CCM Mode for Authentication and Confidentiality", n.d., | Operation: the CCM Mode for Authentication and | |||
Confidentiality", NIST SP 800-38C, | ||||
DOI 10.6028/NIST.SP.800-38C, July 2007, | ||||
<https://csrc.nist.gov/publications/detail/sp/800-38c/ | <https://csrc.nist.gov/publications/detail/sp/800-38c/ | |||
final>. | final>. | |||
[NIST-SP800-38D] | [NIST-SP800-38D] | |||
"Recommendation for Block Cipher Modes of Operation: | Dworkin, M., "Recommendation for Block Cipher Modes of | |||
Galois/Counter Mode (GCM) and GMAC", n.d., | Operation: Galois/Counter Mode (GCM) and GMAC", NIST | |||
SP 800-38D, DOI 10.6028/NIST.SP.800-38D, November 2007, | ||||
<https://csrc.nist.gov/publications/detail/sp/800-38d/ | <https://csrc.nist.gov/publications/detail/sp/800-38d/ | |||
final>. | final>. | |||
[NIST-SP800-38F] | [NIST-SP800-38F] | |||
"Recommendation for Block Cipher Modes of Operation: | Dworkin, M., "Recommendation for Block Cipher Modes of | |||
Methods for Key Wrapping", n.d., | Operation: Methods for Key Wrapping", NIST SP 800-38F, | |||
DOI 10.6028/NIST.SP.800-38F, December 2012, | ||||
<https://csrc.nist.gov/publications/detail/sp/800-38f/ | <https://csrc.nist.gov/publications/detail/sp/800-38f/ | |||
final>. | final>. | |||
[NIST-SP800-56A] | [NIST-SP800-56A] | |||
"Recommendation for Pair-Wise Key-Establishment Schemes | Barker, E., Chen, L., Roginsky, A., Vassilev, A., and R. | |||
Using Discrete Logarithm Cryptography", n.d., | Davis, "Recommendation for Pair-Wise Key-Establishment | |||
<https://csrc.nist.gov/publications/detail/sp/800-56a/rev- | Schemes Using Discrete Logarithm Cryptography", NIST | |||
3/final>. | SP 800-56A Rev. 3, DOI 10.6028/NIST.SP.800-56Ar3, April | |||
2018, <https://csrc.nist.gov/publications/detail/sp/800- | ||||
56a/rev-3/final>. | ||||
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | |||
Hashing for Message Authentication", RFC 2104, | Hashing for Message Authentication", RFC 2104, | |||
DOI 10.17487/RFC2104, February 1997, | DOI 10.17487/RFC2104, February 1997, | |||
<https://doi.org/10.17487/RFC2104>. | <https://www.rfc-editor.org/info/rfc2104>. | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://doi.org/10.17487/RFC2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | |||
DOI 10.17487/RFC3688, January 2004, | DOI 10.17487/RFC3688, January 2004, | |||
<https://doi.org/10.17487/RFC3688>. | <https://www.rfc-editor.org/info/rfc3688>. | |||
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | |||
the Network Configuration Protocol (NETCONF)", RFC 6020, | the Network Configuration Protocol (NETCONF)", RFC 6020, | |||
DOI 10.17487/RFC6020, October 2010, | DOI 10.17487/RFC6020, October 2010, | |||
<https://doi.org/10.17487/RFC6020>. | <https://www.rfc-editor.org/info/rfc6020>. | |||
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | |||
and A. Bierman, Ed., "Network Configuration Protocol | and A. Bierman, Ed., "Network Configuration Protocol | |||
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | |||
<https://doi.org/10.17487/RFC6241>. | <https://www.rfc-editor.org/info/rfc6241>. | |||
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | |||
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | |||
<https://doi.org/10.17487/RFC6242>. | <https://www.rfc-editor.org/info/rfc6242>. | |||
[RFC6933] Bierman, A., Romascanu, D., Quittek, J., and M. | [RFC6933] Bierman, A., Romascanu, D., Quittek, J., and M. | |||
Chandramouli, "Entity MIB (Version 4)", RFC 6933, | Chandramouli, "Entity MIB (Version 4)", RFC 6933, | |||
DOI 10.17487/RFC6933, May 2013, | DOI 10.17487/RFC6933, May 2013, | |||
<https://doi.org/10.17487/RFC6933>. | <https://www.rfc-editor.org/info/rfc6933>. | |||
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | |||
RFC 6991, DOI 10.17487/RFC6991, July 2013, | RFC 6991, DOI 10.17487/RFC6991, July 2013, | |||
<https://doi.org/10.17487/RFC6991>. | <https://www.rfc-editor.org/info/rfc6991>. | |||
[RFC8017] Moriarty, K., Ed., Kaliski, B., Jonsson, J., and A. Rusch, | [RFC8017] Moriarty, K., Ed., Kaliski, B., Jonsson, J., and A. Rusch, | |||
"PKCS #1: RSA Cryptography Specifications Version 2.2", | "PKCS #1: RSA Cryptography Specifications Version 2.2", | |||
RFC 8017, DOI 10.17487/RFC8017, November 2016, | RFC 8017, DOI 10.17487/RFC8017, November 2016, | |||
<https://doi.org/10.17487/RFC8017>. | <https://www.rfc-editor.org/info/rfc8017>. | |||
[RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | |||
Signature Algorithm (EdDSA)", RFC 8032, | Signature Algorithm (EdDSA)", RFC 8032, | |||
DOI 10.17487/RFC8032, January 2017, | DOI 10.17487/RFC8032, January 2017, | |||
<https://doi.org/10.17487/RFC8032>. | <https://www.rfc-editor.org/info/rfc8032>. | |||
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | |||
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | |||
<https://doi.org/10.17487/RFC8040>. | <https://www.rfc-editor.org/info/rfc8040>. | |||
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
May 2017, <https://doi.org/10.17487/RFC8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | |||
Access Control Model", STD 91, RFC 8341, | Access Control Model", STD 91, RFC 8341, | |||
DOI 10.17487/RFC8341, March 2018, | DOI 10.17487/RFC8341, March 2018, | |||
<https://doi.org/10.17487/RFC8341>. | <https://www.rfc-editor.org/info/rfc8341>. | |||
[RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | |||
YANG Data Model for Hardware Management", RFC 8348, | YANG Data Model for Hardware Management", RFC 8348, | |||
DOI 10.17487/RFC8348, March 2018, | DOI 10.17487/RFC8348, March 2018, | |||
<https://doi.org/10.17487/RFC8348>. | <https://www.rfc-editor.org/info/rfc8348>. | |||
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
<https://doi.org/10.17487/RFC8446>. | <https://www.rfc-editor.org/info/rfc8446>. | |||
[RFC9334] Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | [RFC9334] Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | |||
W. Pan, "Remote ATtestation procedureS (RATS) | W. Pan, "Remote ATtestation procedureS (RATS) | |||
Architecture", RFC 9334, DOI 10.17487/RFC9334, January | Architecture", RFC 9334, DOI 10.17487/RFC9334, January | |||
2023, <https://doi.org/10.17487/RFC9334>. | 2023, <https://www.rfc-editor.org/info/rfc9334>. | |||
[RFC9642] Watsen, K., "A YANG Data Model for a Keystore", RFC 9642, | ||||
DOI 10.17487/RFC9642, October 2024, | ||||
<https://www.rfc-editor.org/info/rfc9642>. | ||||
[RFC9683] Fedorkow, G. C., Voit, E., and J. Fitzgerald-McKay, | ||||
"Remote Integrity Verification of Network Devices | ||||
Containing Trusted Platform Modules", RFC 9683, | ||||
DOI 10.17487/RFC9683, November 2024, | ||||
<https://www.rfc-editor.org/info/rfc9683>. | ||||
[TCG-Algos] | [TCG-Algos] | |||
"TCG Algorithm Registry", n.d., | Trusted Computing Group, "TCG Algorithm Registry", Family | |||
"2.0" Level 00 Revision 01.34, 24 August 2023, | ||||
<https://trustedcomputinggroup.org/wp-content/uploads/TCG- | <https://trustedcomputinggroup.org/wp-content/uploads/TCG- | |||
_Algorithm_Registry_r1p32_pub.pdf>. | Algorithm-Registry-Revision-1.34_pub-1.pdf>. | |||
[TPM1.2] TCG, "TPM 1.2 Main Specification", 2 October 2003, | [TPM1.2] Trusted Computing Group, "TPM 1.2 Main Specification", TPM | |||
<https://trustedcomputinggroup.org/resource/tpm-main- | Main Specification Level 2 Version 1.2, Revision 116, 1 | |||
specification/>. | March 2011, <https://trustedcomputinggroup.org/resource/ | |||
tpm-main-specification/>. | ||||
[TPM1.2-Commands] | [TPM1.2-Commands] | |||
"TPM Main Part 3 Commands", n.d., | Trusted Computing Group, "TPM Main Part 3 Commands", TPM | |||
<https://trustedcomputinggroup.org/wp-content/uploads/TPM- | Main Specification Level 2 Version 1.2, Revision 116, 1 | |||
Main-Part-3-Commands_v1.2_rev116_01032011.pdf>. | March 2011, <https://trustedcomputinggroup.org/wp- | |||
content/uploads/TPM-Main-Part- | ||||
3-Commands_v1.2_rev116_01032011.pdf>. | ||||
[TPM1.2-Structures] | [TPM1.2-Structures] | |||
"TPM Main Part 2 TPM Structures", n.d., | Trusted Computing Group, "TPM Main Part 2 TPM Structures", | |||
<https://trustedcomputinggroup.org/wp-content/uploads/TPM- | TPM Main Specification Level 2 Version 1.2, Revision 116, | |||
Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf>. | 1 March 2011, <https://trustedcomputinggroup.org/wp- | |||
content/uploads/TPM-Main-Part-2-TPM- | ||||
Structures_v1.2_rev116_01032011.pdf>. | ||||
[TPM2.0] TCG, "TPM 2.0 Library Specification", 15 March 2013, | [TPM2.0] Trusted Computing Group, "TPM 2.0 Library", Trusted | |||
Platform Module Library Specification, Family "2.0", Level | ||||
00, Revision 01.83, March 2024, | ||||
<https://trustedcomputinggroup.org/resource/tpm-library- | <https://trustedcomputinggroup.org/resource/tpm-library- | |||
specification/>. | specification/>. | |||
[TPM2.0-Arch] | [TPM2.0-Arch] | |||
"Trusted Platform Module Library - Part 1: Architecture", | Trusted Computing Group, "Trusted Platform Module Library | |||
n.d., <https://trustedcomputinggroup.org/wp- | Part 1: Architecture", Family "2.0", Level 00, Revision | |||
content/uploads/ | 01.83, 25 January 2024, | |||
TCG_TPM2_r1p59_Part1_Architecture_pub.pdf>. | <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | |||
2.0-1.83-Part-1-Architecture.pdf>. | ||||
[TPM2.0-Key] | [TPM2.0-Key] | |||
TCG, "TPM 2.0 Keys for Device Identity and Attestation, | Trusted Computing Group, "TPM 2.0 Keys for Device Identity | |||
Rev12", 8 October 2021, | and Attestation", Version 1.00, Revision 12, 8 October | |||
<https://trustedcomputinggroup.org/wp-content/uploads/TPM- | 2021, <https://trustedcomputinggroup.org/wp- | |||
2p0-Keys-for-Device-Identity-and- | content/uploads/TPM-2p0-Keys-for-Device-Identity-and- | |||
Attestation_v1_r12_pub10082021.pdf>. | Attestation_v1_r12_pub10082021.pdf>. | |||
[TPM2.0-Structures] | [TPM2.0-Structures] | |||
"Trusted Platform Module Library - Part 2: Structures", | Trusted Computing Group, "Trusted Platform Module Library | |||
n.d., <https://trustedcomputinggroup.org/wp- | Part 2: Structures", Family "2.0", Level 00, Revision | |||
content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf>. | 01.83, 25 January 2024, | |||
<https://trustedcomputinggroup.org/wp-content/uploads/TPM- | ||||
2.0-1.83-Part-2-Structures.pdf>. | ||||
[UEFI-Secure-Boot] | [UEFI-Secure-Boot] | |||
Unified Extensible Firmware Interface (UEFI) Forum, Inc., | ||||
"Unified Extensible Firmware Interface (UEFI) | "Unified Extensible Firmware Interface (UEFI) | |||
Specification Version 2.9 (March 2021), Section 32.1 | Specification", Section 32.1: Secure Boot, Version 2.10, | |||
(Secure Boot)", n.d., | 29 August 2022, | |||
<https://uefi.org/sites/default/files/resources/ | <https://uefi.org/sites/default/files/resources/ | |||
UEFI_Spec_2_9_2021_03_18.pdf>. | UEFI_Spec_2_10_Aug29.pdf>. | |||
5.2. Informative References | 5.2. Informative References | |||
[I-D.ietf-rats-reference-interaction-models] | [IMA-Template-Management] | |||
The kernel development community, "IMA Template Management | ||||
Mechanism", Linux Kernel 6.11, 15 September 2024, | ||||
<https://www.kernel.org/doc/html/v6.11/security/IMA- | ||||
templates.html>. | ||||
[NIST-915121] | ||||
NIST, "True Randomness Can't be Left to Chance: Why | ||||
entropy is important for information security", | ||||
<https://tsapps.nist.gov/publication/ | ||||
get_pdf.cfm?pub_id=915121>. | ||||
[RATS-Interaction-Models] | ||||
Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | |||
Interaction Models for Remote Attestation Procedures", | Interaction Models for Remote Attestation Procedures", | |||
Work in Progress, Internet-Draft, draft-ietf-rats- | Work in Progress, Internet-Draft, draft-ietf-rats- | |||
reference-interaction-models-11, 22 July 2024, | reference-interaction-models-11, 22 July 2024, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-rats- | <https://datatracker.ietf.org/doc/html/draft-ietf-rats- | |||
reference-interaction-models-11>. | reference-interaction-models-11>. | |||
[IMA-Kernel-Source] | [XML-Registry] | |||
"Linux Integrity Measurement Architecture (IMA): Kernel | IANA, "IETF XML Registry", | |||
Sourcecode", n.d., <https://github.com/torvalds/linux/blob | <https://www.iana.org/assignments/xml-registry/>. | |||
/df0cc57e057f18e44dac8e6c18aba47ab53202f9/security/ | ||||
integrity/ima/>. | ||||
[NIST-915121] | ||||
"True Randomness Can't be Left to Chance: Why entropy is | ||||
important for information security", n.d., | ||||
<https://tsapps.nist.gov/publication/ | ||||
get_pdf.cfm?pub_id=915121>. | ||||
[xml-registry] | ||||
"IETF XML Registry", n.d., | ||||
<https://www.iana.org/assignments/xml-registry/xml- | ||||
registry.xhtml>. | ||||
[yang-parameters] | [YANG-Parameters] | |||
"YANG Parameters", n.d., | IANA, "YANG Parameters", | |||
<https://www.iana.org/assignments/yang-parameters/yang- | <https://www.iana.org/assignments/yang-parameters/>. | |||
parameters.xhtml>. | ||||
Appendix A. Integrity Measurement Architecture (IMA) | Appendix A. Integrity Measurement Architecture (IMA) | |||
IMA extends the principles of Measured Boot [TPM2.0-Arch] and Secure | IMA extends the principles of Measured Boot [TPM2.0-Arch] and Secure | |||
Boot [UEFI-Secure-Boot] to the Linux operating system, applying it to | Boot [UEFI-Secure-Boot] to the Linux operating system, applying it to | |||
operating system applications and files. IMA has been part of the | operating system applications and files. IMA has been part of the | |||
Linux integrity subsystem of the Linux kernel since 2009 (kernel | Linux integrity subsystem of the Linux kernel since 2009 (kernel | |||
version 2.6.30). The IMA mechanism represented by the YANG module in | version 2.6.30). The IMA mechanism represented by the YANG module in | |||
this specification is rooted in the kernel version 5.16 | this specification is rooted in the kernel version 5.16 | |||
[IMA-Kernel-Source]. IMA enables the protection of system integrity | [IMA-Template-Management]. IMA enables the protection of system | |||
by collecting (commonly referred to as measuring) and storing | integrity by collecting (commonly referred to as measuring) and | |||
measurements (called Claims in the context of IETF RATS) of files | storing measurements (called Claims in the context of IETF RATS) of | |||
before execution so that these measurements can be used later, at | files before execution so that these measurements can be used later, | |||
system runtime, in remote attestation procedures. IMA acts in | at system runtime, in remote attestation procedures. IMA acts in | |||
support of the appraisal of Evidence (which includes measurement | support of the Appraisal of Evidence (which includes measurement | |||
Claims) by leveraging Reference Values stored in extended file | Claims) by leveraging Reference Values stored in extended file | |||
attributes. | attributes. | |||
In support of the appraisal of Evidence, IMA maintains an ordered | In support of the Appraisal of Evidence, IMA maintains an ordered | |||
list (with no duplicates) of measurements in kernel-space, the Stored | list (with no duplicates) of measurements in kernel space, the Stored | |||
Measurement Log (SML), for all files that have been measured before | Measurement Log (SML), for all files that have been measured before | |||
execution since the operating system was started. Although IMA can | execution since the operating system was started. Although IMA can | |||
be used without a TPM, it is typically used in conjunction with a TPM | be used without a TPM, it is typically used in conjunction with a TPM | |||
to anchor the integrity of the SML in a hardware-protected secure | to anchor the integrity of the SML in a hardware-protected secure | |||
storage location, i.e., Platform Configuration Registers (PCRs) | storage location, i.e., PCRs provided by TPMs. IMA provides the SML | |||
provided by TPMs. IMA provides the SML in both binary and ASCII | in both binary and ASCII representations in the Linux security file | |||
representations in the Linux security file system _securityfs_ | system _securityfs_ (/sys/kernel/security/ima/). | |||
(/sys/kernel/security/ima/). | ||||
IMA templates define the format of the SML, i.e., which fields are | IMA templates define the format of the SML, i.e., which fields are | |||
included in a log record. Examples are file path, file hash, user | included in a log record. Examples are file path, file hash, user | |||
ID, group ID, file signature, and extended file attributes. IMA | ID, group ID, file signature, and extended file attributes. IMA | |||
comes with a set of predefined template formats and also allows a | comes with a set of predefined template formats and also allows a | |||
custom format, i.e., a format consisting of template fields supported | custom format, i.e., a format consisting of template fields supported | |||
by IMA. Template usage is typically determined by boot arguments | by IMA. Template usage is typically determined by boot arguments | |||
passed to the kernel. Alternatively, the format can also be hard- | passed to the kernel. Alternatively, the format can also be hard- | |||
coded into custom kernels. IMA templates and fields are extensible | coded into custom kernels. IMA templates and fields are extensible | |||
in the kernel source code. As a result, more template fields can be | in the kernel source code. As a result, more template fields can be | |||
added in the future. | added in the future. | |||
IMA policies define which files are measured using the IMA policy | IMA policies define which files are measured using the IMA policy | |||
language. Built-in policies can be passed as boot arguments to the | language. Built-in policies can be passed as boot arguments to the | |||
kernel. Custom IMA policies can be defined once during runtime or be | kernel. Custom IMA policies can be defined once during runtime or be | |||
hard-coded into a custom kernel. If no policy is defined, no | hard-coded into a custom kernel. If no policy is defined, no | |||
measurements are taken and IMA is effectively disabled. | measurements are taken and IMA is effectively disabled. | |||
A comprehensive description of the content fields in native Linux IMA | A comprehensive description of the content fields of the Linux IMA | |||
TLV format can be found in Table 16 of the Canonical Event Log (CEL) | TLV format can be found in Table 16 of the Canonical Event Log (CEL) | |||
specification [cel]. The CEL specification also illustrates the use | specification [CEL]. The CEL specification also illustrates the use | |||
of templates to enable extended or customized IMA TLV formats in | of templates to enable extended or customized IMA TLV formats in | |||
Section 5.1.6. | Section 5.1.6. | |||
Appendix B. IMA for Network Equipment Boot Logs | Appendix B. IMA for Network Equipment Boot Logs | |||
Network equipment can generally implement similar IMA-protected | Network equipment can generally implement similar IMA-protected | |||
functions to generate measurements (Claims) about the boot process of | functions to generate measurements (Claims) about the boot process of | |||
a device and enable corresponding remote attestation. Network | a device and enable corresponding remote attestation. Network | |||
Equipment Boot Logs combine the measurement and logging of boot | Equipment Boot Logs combine the measurement and logging of boot | |||
components and operating system components (executables and files) | components and operating system components (executables and files) | |||
skipping to change at page 58, line 48 ¶ | skipping to change at line 2878 ¶ | |||
Verifier initiates a remote attestation process (e.g., challenge- | Verifier initiates a remote attestation process (e.g., challenge- | |||
response remote attestation as defined in this document), the network | response remote attestation as defined in this document), the network | |||
equipment takes on the role of an Attester and can convey to the | equipment takes on the role of an Attester and can convey to the | |||
Verifier Claims that comprise the measurement log as well as the | Verifier Claims that comprise the measurement log as well as the | |||
corresponding PCR values (Evidence) of a TPM. | corresponding PCR values (Evidence) of a TPM. | |||
The Verifier can appraise the integrity (compliance with the | The Verifier can appraise the integrity (compliance with the | |||
Reference Values) of each executed file by comparing its measured | Reference Values) of each executed file by comparing its measured | |||
value with the Reference Value. Based on the execution order, the | value with the Reference Value. Based on the execution order, the | |||
Verifier can compute a PCR Reference Value (by replaying the log) and | Verifier can compute a PCR Reference Value (by replaying the log) and | |||
compare it to the Measurement Log Claims obtained in conjunction with | compare it to the measurement log Claims obtained in conjunction with | |||
the PCR Evidence to assess their trustworthiness with respect to an | the PCR Evidence to assess their trustworthiness with respect to an | |||
intended operational state. | intended operational state. | |||
Network equipment usually executes multiple components in parallel. | Network equipment usually executes multiple components in parallel. | |||
This holds not only during the operating system loading phase, but | This holds not only during the operating system loading phase, but | |||
also even during the BIOS boot phase. With this measurement log | also even during the BIOS boot phase. With this measurement log | |||
mechanism, network equipment can take on the role of an Attester, | mechanism, network equipment can assume the role of an Attester, | |||
proving to the Verifier the trustworthiness of its boot process. | proving to the Verifier the trustworthiness of its boot process. | |||
Using the measurement log, Verifiers can precisely identify | Using the measurement log, Verifiers can precisely identify | |||
mismatching log entries to infer potentially tampered components. | mismatching log entries to infer potentially tampered components. | |||
This mechanism also supports scenarios that modify files on the | This mechanism also supports scenarios that modify files on the | |||
Attester that are subsequently executed during the boot phase (e.g., | Attester that are subsequently executed during the boot phase (e.g., | |||
updating/patching) by simply updating the appropriate Reference | updating/patching) by simply updating the appropriate Reference | |||
Values in Reference Integrity Manifests that inform Verifiers about | Values in Reference Integrity Manifests that inform Verifiers about | |||
how an Attester is composed. | how an Attester is composed. | |||
skipping to change at page 60, line 4 ¶ | skipping to change at line 2923 ¶ | |||
ThoughtSpot | ThoughtSpot | |||
Email: shwetha.bhandari@thoughtspot.com | Email: shwetha.bhandari@thoughtspot.com | |||
Eric Voit | Eric Voit | |||
Cisco Systems | Cisco Systems | |||
Email: evoit@cisco.com | Email: evoit@cisco.com | |||
Bill Sulzen | Bill Sulzen | |||
Cisco Systems | Cisco Systems | |||
Email: bsulzen@cisco.com | Email: bsulzen@cisco.com | |||
Liang Xia (Frank) | Liang Xia (Frank) | |||
Huawei Technologies | Huawei Technologies | |||
101 Software Avenue, Yuhuatai District | Yuhuatai District | |||
101 Software Avenue | ||||
Nanjing | Nanjing | |||
Jiangsu, 210012 | Jiangsu, 210012 | |||
China | China | |||
Email: Frank.Xialiang@huawei.com | Email: Frank.Xialiang@huawei.com | |||
Tom Laffey | Tom Laffey | |||
Hewlett Packard Enterprise | Hewlett Packard Enterprise | |||
Email: tom.laffey@hpe.com | Email: tom.laffey@hpe.com | |||
Guy C. Fedorkow | Guy C. Fedorkow | |||
Juniper Networks | Juniper Networks | |||
10 Technology Park Drive | 10 Technology Park Drive | |||
Westford | Westford, Massachusetts 01886 | |||
United States of America | ||||
Email: gfedorkow@juniper.net | Email: gfedorkow@juniper.net | |||
End of changes. 369 change blocks. | ||||
790 lines changed or deleted | 926 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. |