idnits 2.17.1
draft-ietf-rats-yang-tpm-charra-12.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
** There are 64 instances of too long lines in the document, the longest
one being 3 characters in excess of 72.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 184 has weird spacing: '...te-name cer...'
== Line 213 has weird spacing: '...r-index pcr...'
== Line 297 has weird spacing: '...-number uin...'
== Line 356 has weird spacing: '...version ide...'
== Line 360 has weird spacing: '...sh-algo ide...'
-- The document date (14 January 2022) is 831 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Outdated reference: A later version (-35) exists of
draft-ietf-netconf-keystore-23
== Outdated reference: A later version (-22) exists of
draft-ietf-rats-architecture-14
** Downref: Normative reference to an Informational draft:
draft-ietf-rats-architecture (ref. 'I-D.ietf-rats-architecture')
== Outdated reference: A later version (-14) exists of
draft-ietf-rats-tpm-based-network-device-attest-10
** Downref: Normative reference to an Informational draft:
draft-ietf-rats-tpm-based-network-device-attest (ref.
'I-D.ietf-rats-tpm-based-network-device-attest')
-- Possible downref: Non-RFC (?) normative reference: ref. 'TCG-Algos'
== Outdated reference: A later version (-09) exists of
draft-ietf-rats-reference-interaction-models-04
Summary: 3 errors (**), 0 flaws (~~), 10 warnings (==), 2 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 RATS Working Group H. Birkholz
3 Internet-Draft M. Eckel
4 Intended status: Standards Track Fraunhofer SIT
5 Expires: 18 July 2022 S. Bhandari
6 ThoughtSpot
7 E. Voit
8 B. Sulzen
9 Cisco
10 L. Xia
11 Huawei
12 T. Laffey
13 HPE
14 G. Fedorkow
15 Juniper
16 14 January 2022
18 A YANG Data Model for Challenge-Response-based Remote Attestation
19 Procedures using TPMs
20 draft-ietf-rats-yang-tpm-charra-12
22 Abstract
24 This document defines YANG RPCs and a small number of configuration
25 nodes required to retrieve attestation evidence about integrity
26 measurements from a device, following the operational context defined
27 in TPM-based Network Device Remote Integrity Verification.
28 Complementary measurement logs are also provided by the YANG RPCs,
29 originating from one or more roots of trust for measurement (RTMs).
30 The module defined requires at least one TPM 1.2 or TPM 2.0 as well
31 as a corresponding TPM Software Stack (TSS), included in the device
32 components of the composite device the YANG server is running on.
34 Status of This Memo
36 This Internet-Draft is submitted in full conformance with the
37 provisions of BCP 78 and BCP 79.
39 Internet-Drafts are working documents of the Internet Engineering
40 Task Force (IETF). Note that other groups may also distribute
41 working documents as Internet-Drafts. The list of current Internet-
42 Drafts is at https://datatracker.ietf.org/drafts/current/.
44 Internet-Drafts are draft documents valid for a maximum of six months
45 and may be updated, replaced, or obsoleted by other documents at any
46 time. It is inappropriate to use Internet-Drafts as reference
47 material or to cite them other than as "work in progress."
48 This Internet-Draft will expire on 18 July 2022.
50 Copyright Notice
52 Copyright (c) 2022 IETF Trust and the persons identified as the
53 document authors. All rights reserved.
55 This document is subject to BCP 78 and the IETF Trust's Legal
56 Provisions Relating to IETF Documents (https://trustee.ietf.org/
57 license-info) in effect on the date of publication of this document.
58 Please review these documents carefully, as they describe your rights
59 and restrictions with respect to this document. Code Components
60 extracted from this document must include Revised BSD License text as
61 described in Section 4.e of the Trust Legal Provisions and are
62 provided without warranty as described in the Revised BSD License.
64 Table of Contents
66 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
67 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3
68 2. The YANG Module for Basic Remote Attestation Procedures . . . 3
69 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3
70 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 3
71 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 32
72 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47
73 4. Security Considerations . . . . . . . . . . . . . . . . . . . 48
74 5. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 50
75 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 51
76 6.1. Normative References . . . . . . . . . . . . . . . . . . 51
77 6.2. Informative References . . . . . . . . . . . . . . . . . 53
78 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 54
80 1. Introduction
82 This document is based on the general terminology defined in the
83 [I-D.ietf-rats-architecture] and uses the operational context defined
84 in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the
85 interaction model and information elements defined in
86 [I-D.ietf-rats-reference-interaction-models]. The currently
87 supported hardware security modules (HSMs) are the Trusted Platform
88 Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted
89 Computing Group (TCG). One or more TPMs embedded in the components
90 of a Composite Device are required in order to use the YANG module
91 defined in this document. A TPM is used as a root of trust for
92 reporting (RTR) in order to retrieve attestation Evidence from a
93 composite device (_TPM Quote_ primitive operation). Additionally, it
94 is used as a root of trust for storage (RTS) in order to retain
95 shielded secrets and store system measurements using a folding hash
96 function (_TPM PCR Extend_ primitive operation).
98 Specific terms imported from [I-D.ietf-rats-architecture] and used in
99 this document include: Attester, Composite Device, Evidence.
101 Specific terms imported from [TPM2.0-Key] and used in this document
102 include: Endorsement Key (EK), Initial Attestation Key (IAK), Local
103 Attestation Key (LAK).
105 1.1. Requirements notation
107 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
108 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
109 "OPTIONAL" in this document are to be interpreted as described in
110 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
111 capitals, as shown here.
113 2. The YANG Module for Basic Remote Attestation Procedures
115 One or more TPMs MUST be embedded in a Composite Device that provides
116 attestation evidence via the YANG module defined in this document.
117 The ietf-basic-remote-attestation YANG module enables a composite
118 device to take on the role of an Attester, in accordance with the
119 Remote Attestation Procedures (RATS) architecture
120 [I-D.ietf-rats-architecture], and the corresponding challenge-
121 response interaction model defined in the
122 [I-D.ietf-rats-reference-interaction-models] document. A fresh nonce
123 with an appropriate amount of entropy [NIST-915121] MUST be supplied
124 by the YANG client in order to enable a proof-of-freshness with
125 respect to the attestation Evidence provided by the Attester running
126 the YANG datastore. Further, this nonce is used to prevent replay
127 attacks. The method for communicating the relationship of each
128 individual TPM to specific measured component within the Composite
129 Device is out of the scope of this document.
131 2.1. YANG Modules
133 In this section the several YANG modules are defined.
135 2.1.1. 'ietf-tpm-remote-attestation'
137 This YANG module imports modules from [RFC6991], [RFC8348],
138 [I-D.ietf-netconf-keystore], and ietf-tcg-algs.yang Section 2.1.2.3.
140 2.1.1.1. Features
142 This module supports the following features:
144 * 'TPMs': Indicates that multiple TPMs on the device can support
145 remote attestation. This feature is applicable in cases where
146 multiple line cards are present, each with its own TPM.
148 * 'bios': Indicates that the device supports the retrieval of BIOS/
149 UEFI event logs. [bios-log]
151 * 'ima': Indicates that the device supports the retrieval of event
152 logs from the Linux Integrity Measurement Architecture (IMA).
153 [ima-log]
155 * 'netequip_boot': Indicates that the device supports the retrieval
156 of netequip boot event logs. [netequip-boot-log]
158 2.1.1.2. Identities
160 This module supports the following types of attestation event logs:
161 'bios', 'ima', and 'netequip_boot'.
163 2.1.1.3. Remote Procedure Calls (RPCs)
165 In the following, RPCs for both TPM 1.2 and TPM 2.0 attestation
166 procedures are defined.
168 2.1.1.3.1. 'tpm12-challenge-response-attestation'
170 This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_
171 operation) from a TPM 1.2 compliant cryptoprocessor. Where the
172 feature 'TPMs' is active, and one or more 'certificate-name' is not
173 provided, all TPM 1.2 compliant cryptoprocessors will respond. A
174 YANG tree diagram of this RPC is as follows:
176 +---x tpm12-challenge-response-attestation {taa:TPM12}?
177 +---w input
178 | +---w tpm12-attestation-challenge
179 | +---w pcr-index* pcr
180 | +---w nonce-value binary
181 | +---w certificate-name* certificate-name-ref {tpm:TPMs}?
182 +--ro output
183 +--ro tpm12-attestation-response* []
184 +--ro certificate-name certificate-name-ref
185 +--ro up-time? uint32
186 +--ro TPM_QUOTE2? binary
188 2.1.1.3.2. 'tpm20-challenge-response-attestation'
190 This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_
191 operation) from a TPM 2.0 compliant cryptoprocessor. Where the
192 feature 'TPMs' is active, and one or more 'certificate-name' is not
193 provided, all TPM 2.0 compliant cryptoprocessors will respond. A
194 YANG tree diagram of this RPC is as follows:
196 +---x tpm20-challenge-response-attestation {taa:tpm}?
197 +---w input
198 | +---w tpm20-attestation-challenge
199 | +---w nonce-value binary
200 | +---w tpm20-pcr-selection* []
201 | | +---w TPM20-hash-algo? identityref
202 | | +---w pcr-index* tpm:pcr
203 | +---w certificate-name* certificate-name-ref {tpm:TPMs}?
204 +--ro output
205 +--ro tpm20-attestation-response* []
206 +--ro certificate-name certificate-name-ref
207 +--ro TPMS_QUOTE_INFO binary
208 +--ro quote-signature? binary
209 +--ro up-time? uint32
210 +--ro unsigned-pcr-values* []
211 +--ro TPM20-hash-algo? identityref
212 +--ro pcr-values* [pcr-index]
213 +--ro pcr-index pcr
214 +--ro pcr-value? binary
216 An example of an RPC challenge requesting PCRs 0-7 from a SHA-256
217 bank could look like the following:
219
220
221 xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation">
222
223 (identifier of a TPM signature key with which the Verifier is
224 supposed to sign the attestation data)
225
226
227 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9
228
229
230
232 TPM_ALG_SHA256
233
234 0
235 1
236 2
237 3
238 4
239 5
240 6
241 7
242
243
244
246 A successful response could be formatted as follows:
248
250
252
254 (instance of Certificate name in the Keystore)
255
256
257 (raw attestation data, i.e. the TPM quote; this includes
258 a composite digest of requested PCRs, the nonce,
259 and TPM 2.0 time information.)
260
261
262 (signature over attestation-data using the TPM key
263 identified by sig-key-id)
264
265
266
268 2.1.1.4. 'log-retrieval'
270 This RPC allows a Verifier to acquire the evidence which was extended
271 into specific TPM PCRs. A YANG tree diagram of this RPC is as
272 follows:
274 +---x log-retrieval
275 +---w input
276 | +---w log-selector* []
277 | | +---w name* string
278 | | +---w (index-type)?
279 | | | +--:(last-entry)
280 | | | | +---w last-entry-value? binary
281 | | | +--:(index)
282 | | | | +---w last-index-number? uint64
283 | | | +--:(timestamp)
284 | | | +---w timestamp? yang:date-and-time
285 | | +---w log-entry-quantity? uint16
286 | +---w log-type identityref
287 +--ro output
288 +--ro system-event-logs
289 +--ro node-data* []
290 +--ro name? string
291 +--ro up-time? uint32
292 +--ro log-result
293 +--ro (attested_event_log_type)
294 +--:(bios) {bios}?
295 | +--ro bios-event-logs
296 | +--ro bios-event-entry* [event-number]
297 | +--ro event-number uint32
298 | +--ro event-type? uint32
299 | +--ro pcr-index? pcr
300 | +--ro digest-list* []
301 | | +--ro hash-algo? identityref
302 | | +--ro digest* binary
303 | +--ro event-size? uint32
304 | +--ro event-data* uint8
305 +--:(ima) {ima}?
306 | +--ro ima-event-logs
307 | +--ro ima-event-entry* [event-number]
308 | +--ro event-number uint64
309 | +--ro ima-template? string
310 | +--ro filename-hint? string
311 | +--ro filedata-hash? binary
312 | +--ro filedata-hash-algorithm? string
313 | +--ro template-hash-algorithm? string
314 | +--ro template-hash? binary
315 | +--ro pcr-index? pcr
316 | +--ro signature? binary
317 +--:(netequip_boot) {netequip_boot}?
318 +--ro boot-event-logs
319 +--ro boot-event-entry* [event-number]
320 +--ro event-number uint64
321 +--ro ima-template? string
322 +--ro filename-hint? string
323 +--ro filedata-hash? binary
324 +--ro filedata-hash-algorithm? string
325 +--ro template-hash-algorithm? string
326 +--ro template-hash? binary
327 +--ro pcr-index? pcr
328 +--ro signature? binary
330 2.1.1.5. Data Nodes
332 This section provides a high level description of the data nodes
333 containing the configuration and operational objects with the YANG
334 model. For more details, please see the YANG model itself in
335 Figure 1.
337 Container 'rats-support-structures': This houses the set of
338 information relating to a device's TPM(s).
340 Container 'tpms': Provides configuration and operational details for
341 each supported TPM, including the tpm-firmware-version, PCRs which
342 may be quoted, certificates which are associated with that TPM,
343 and the current operational status. Of note are the certificates
344 which are associated with that TPM. As a certificate is
345 associated with a particular TPM attestation key, knowledge of the
346 certificate allows a specific TPM to be identified.
348 +--rw tpms
349 +--rw tpm* [name]
350 +--rw name string
351 +--ro hardware-based? boolean
352 +--ro physical-index? int32 {ietfhw:entity-mib}?
353 +--ro path? string
354 +--ro compute-node compute-node-ref {tpm:tpms}?
355 +--ro manufacturer? string
356 +--rw firmware-version identityref
357 +--rw tpm12-hash-algo? identityref
358 +--rw tpm12-pcrs* pcr
359 +--rw tpm20-pcr-bank* [tpm20-hash-algo]
360 | +--rw tpm20-hash-algo identityref
361 | +--rw pcr-index* tpm:pcr
362 +--ro status enumeration
363 +--rw certificates
364 +--rw certificate* [name]
365 +--rw name string
366 +--rw keystore-ref? leafref
367 +--rw type? enumeration
369 container 'attester-supported-algos' - Identifies which TCG hash
370 algorithms are available for use on the Attesting platform. This
371 allows an operator to limit algorithms available for use by RPCs to
372 just a desired set from the universe of all allowed hash algorithms
373 by the TCG.
375 +--rw attester-supported-algos
376 +--rw tpm12-asymmetric-signing* identityref
377 +--rw tpm12-hash* identityref
378 +--rw tpm20-asymmetric-signing* identityref
379 +--rw tpm20-hash* identityref
381 container 'compute-nodes' - When there is more than one TPM
382 supported, this container maintains the set of information related to
383 the compute node associated with a specific TPM. This allows each
384 specific TPM to identify to which 'compute-node' it belongs.
386 +--rw compute-nodes {tpm:TPMs}?
387 +--ro compute-node* [node-id]
388 +--ro node-id string
389 +--ro node-physical-index? int32 {ietfhw:entity-mib}?
390 +--ro node-name? string
391 +--ro node-location? string
393 2.1.1.6. YANG Module
394 file "ietf-tpm-remote-attestation@2021-05-11.yang"
395 module ietf-tpm-remote-attestation {
396 namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation";
397 prefix tpm;
399 import ietf-yang-types {
400 prefix yang;
401 }
402 import ietf-hardware {
403 prefix ietfhw;
404 }
405 import ietf-keystore {
406 prefix ks;
407 }
408 import ietf-tcg-algs {
409 prefix taa;
410 }
412 organization
413 "IETF RATS (Remote ATtestation procedureS) Working Group";
414 contact
415 "WG Web :
416 WG List :
417 Author : Eric Voit
418 Author : Henk Birkholz
419 Author : Michael Eckel
420 Author : Shwetha Bhandari
421 Author : Bill Sulzen
422 Author : Liang Xia (Frank)
423 Author : Tom Laffey
424 Author : Guy Fedorkow ";
425 description
426 "A YANG module to enable a TPM 1.2 and TPM 2.0 based
427 remote attestation procedure using a challenge-response
428 interaction model and the TPM 1.2 and TPM 2.0 Quote
429 primitive operations.
430 Copyright (c) 2021 IETF Trust and the persons identified
431 as authors of the code. All rights reserved.
432 Redistribution and use in source and binary forms, with
433 or without modification, is permitted pursuant to, and
434 subject to the license terms contained in, the Simplified
435 BSD License set forth in Section 4.c of the IETF Trust's
436 Legal Provisions Relating to IETF Documents
437 (https://trustee.ietf.org/license-info).
438 This version of this YANG module is part of RFC XXXX
439 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
440 itself for full legal notices.
442 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
443 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
444 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
445 are to be interpreted as described in BCP 14 (RFC 2119)
446 (RFC 8174) when, and only when, they appear in all
447 capitals, as shown here.";
449 revision 2021-11-16 {
450 description
451 "Initial version";
452 reference
453 "draft-ietf-rats-yang-tpm-charra";
454 }
456 /*****************/
457 /* Features */
458 /*****************/
460 feature tpms {
461 description
462 "The device supports the remote attestation of multiple
463 TPM based cryptoprocessors.";
464 }
466 feature bios {
467 description
468 "The device supports the bios logs.";
469 reference
470 "https://trustedcomputinggroup.org/wp-content/uploads/
471 PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf
472 Section 9.4.5.2 and
473 https://trustedcomputinggroup.org/resource/
474 tcg-efi-platform-specification/ Version 1.22, Revision 15";
475 }
477 feature ima {
478 description
479 "The device supports Integrity Measurement Architecture logs.
480 Many variants of IMA logs exist in the deployment. Each encodes
481 the log entry contents as the specific measurements which get
482 hashed into a PCRs as Evidence. See the reference below for
483 one example of such an encoding.";
484 reference
485 "https://www.trustedcomputinggroup.org/wp-content/uploads/
486 TCG_IWG_CEL_v1_r0p30_13feb2021.pdf Section 4.3";
487 }
489 feature netequip_boot {
490 description
491 "The device supports the netequip_boot logs.";
492 reference
493 "https://www.kernel.org/doc/Documentation/ABI/testing/ima_policy";
494 }
496 /*****************/
497 /* Typedefs */
498 /*****************/
500 typedef pcr {
501 type uint8 {
502 range "0..31";
503 }
504 description
505 "Valid index number for a PCR. At this point 0-31 is viable.";
506 }
508 typedef compute-node-ref {
509 type leafref {
510 path "/tpm:rats-support-structures/tpm:compute-nodes"
511 + "/tpm:compute-node/tpm:node-name";
512 }
513 description
514 "This type is used to reference a hardware node. It is quite
515 possible this leafref will eventually point to another YANG
516 module's node.";
517 }
519 typedef certificate-name-ref {
520 type leafref {
521 path "/tpm:rats-support-structures/tpm:tpms/tpm:tpm"
522 + "/tpm:certificates/tpm:certificate/tpm:name";
523 }
524 description
525 "A type which allows identification of a TPM based certificate.";
526 }
528 /******************/
529 /* Identities */
530 /******************/
532 identity attested_event_log_type {
533 description
534 "Base identity allowing categorization of the reasons why and
535 attested measurement has been taken on an Attester.";
536 }
537 identity ima {
538 base attested_event_log_type;
539 description
540 "An event type recorded in IMA.";
541 }
543 identity bios {
544 base attested_event_log_type;
545 description
546 "An event type associated with BIOS/UEFI.";
547 }
549 identity netequip_boot {
550 base attested_event_log_type;
551 description
552 "An event type associated with Network Equipment Boot.";
553 }
555 /*****************/
556 /* Groupings */
557 /*****************/
559 grouping tpm20-hash-algo {
560 description
561 "The cryptographic algorithm used to hash the TPM2 PCRs. This
562 must be from the list of platform supported options.";
563 leaf tpm20-hash-algo {
564 type identityref {
565 base taa:hash;
566 }
567 must '/tpm:rats-support-structures/tpm:attester-supported-algos'
568 + '/tpm:tpm20-hash' {
569 error-message "This platform does not support tpm20-hash-algo";
570 }
571 default "taa:TPM_ALG_SHA256";
572 description
573 "The hash scheme that is used to hash a TPM1.2 PCR. This
574 must be one of those supported by a platform.";
575 }
576 }
578 grouping tpm12-hash-algo {
579 description
580 "The cryptographic algorithm used to hash the TPM1.2 PCRs.";
581 leaf tpm12-hash-algo {
582 type identityref {
583 base taa:hash;
584 }
585 must '/tpm:rats-support-structures/tpm:attester-supported-algos'
586 + '/tpm:tpm12-hash' {
587 error-message "This platform does not support tpm12-hash-algo";
588 }
589 default "taa:TPM_ALG_SHA1";
590 description
591 "The hash scheme that is used to hash a TPM1.2 PCR. This
592 MUST be one of those supported by a platform. This assumes
593 that an algorithm other than SHA1 can be supported on some
594 TPM1.2 cryptoprocessor variant.";
595 }
596 }
598 grouping nonce {
599 description
600 "A random number intended to be used once to show freshness
601 and to allow the detection of replay attacks.";
602 leaf nonce-value {
603 type binary;
604 mandatory true;
605 description
606 "A cryptographically generated random number which should
607 not be predictable prior to its issuance from a random
608 number generation function. The random number MUST be
609 derived from an entropy source external to the Attester.
611 Note that a nonce sent into a TPM will typically be 160 or 256
612 binary digits long. (This is 20 or 32 bytes.) So if fewer
613 binary are sent, this nonce object will be padded
614 with leading zeros any in Quotes returned from the TPM.
615 Additionally if more bytes are sent, the nonce will be trimmed
616 to the most significant binary digits.";
617 }
618 }
620 grouping tpm12-pcr-selection {
621 description
622 "A Verifier can request one or more PCR values using its
623 individually created Attestation Key Certificate (AC).
624 The corresponding selection filter is represented in this
625 grouping.
626 Requesting a PCR value that is not in scope of the AC used,
627 detailed exposure via error msg should be avoided.";
628 leaf-list pcr-index {
629 type pcr;
630 description
631 "The numbers/indexes of the PCRs. At the moment this is limited
632 to 32. In addition, any selection of PCRs MUST verify that
633 the set of PCRs requested are a subset the set of PCRs
634 exposed by in the leaf-list /tpm:rats-support-structures
635 /tpm:tpms/tpm:tpm[name=current()]/tpm:tpm12-pcrs";
636 }
637 }
639 grouping tpm20-pcr-selection {
640 description
641 "A Verifier can acquire one or more PCR values, which are hashed
642 together in a TPM2B_DIGEST coming from the TPM2. The selection
643 list of desired PCRs and the Hash Algorithm is represented in
644 this grouping.";
645 list tpm20-pcr-selection {
646 unique "tpm20-hash-algo";
647 description
648 "Specifies the list of PCRs and Hash Algorithms that can be
649 returned within a TPM2B_DIGEST.";
650 reference
651 "https://www.trustedcomputinggroup.org/wp-content/uploads/
652 TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
653 uses tpm20-hash-algo;
654 leaf-list pcr-index {
655 type pcr;
656 must '/tpm:rats-support-structures/tpm:tpms'
657 + '/tpm:tpm[name = current()] and '
658 + '/tpm:rats-support-structures/tpm:tpms/tpm:tpm'
659 + '/tpm:tpm20-pcr-bank[pcr-index = current()]' {
660 error-message "Acquiring this PCR index is not supported";
661 }
662 description
663 "The numbers of the PCRs that which are being tracked
664 with a hash based on the tpm20-hash-algo. In addition,
665 any selection of PCRs MUST verify that the set of PCRs
666 requested are a subset the set of PCR indexes exposed
667 within /tpm:rats-support-structures/tpm:tpms
668 /tpm:tpm[name=current()]/tpm:tpm20-pcr-bank
669 /tpm:pcr-index";
670 }
671 }
672 }
674 grouping certificate-name-ref {
675 description
676 "Identifies a certificate in a keystore.";
677 leaf certificate-name {
678 type certificate-name-ref;
679 mandatory true;
680 description
681 "Identifies a certificate in a keystore.";
682 }
683 }
685 grouping tpm-name {
686 description
687 "A unique TPM on a device.";
688 leaf name {
689 type string;
690 description
691 "Unique system generated name for a TPM on a device.";
692 }
693 }
695 grouping tpm-name-selector {
696 description
697 "One or more TPM on a device.";
698 leaf-list name {
699 type string;
700 config false;
701 description
702 "Name of one or more unique TPMs on a device. If this object
703 exists, a selection should pull only the objects related to
704 these TPM(s). If it does not exist, all qualifying TPMs that
705 are 'hardware-based' equals true on the device are selected.";
706 }
707 }
709 grouping node-uptime {
710 description
711 "Uptime in seconds of the node.";
712 leaf up-time {
713 type uint32;
714 description
715 "Uptime in seconds of this node reporting its data";
716 }
717 }
719 grouping tpm12-attestation {
720 description
721 "Contains an instance of TPM1.2 style signed cryptoprocessor
722 measurements. It is supplemented by unsigned Attester
723 information.";
724 uses node-uptime;
725 leaf TPM_QUOTE2 {
726 type binary;
727 description
728 "Result of a TPM1.2 Quote2 operation. This includes PCRs,
729 signatures, locality, the provided nonce and other data which
730 can be further parsed to appraise the Attester.";
731 reference
732 "TPM1.2 commands rev116 July 2007, Section 16.5
733 https://trustedcomputinggroup.org/wp-content/uploads
734 /TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf";
735 }
736 }
738 grouping tpm20-attestation {
739 description
740 "Contains an instance of TPM2 style signed cryptoprocessor
741 measurements. It is supplemented by unsigned Attester
742 information.";
743 leaf TPMS_QUOTE_INFO {
744 type binary;
745 mandatory true;
746 description
747 "A hash of the latest PCR values (and the hash algorithm used)
748 which have been returned from a Verifier for the selected PCRs
749 and Hash Algorithms.";
750 reference
751 "https://www.trustedcomputinggroup.org/wp-content/uploads/
752 TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.12.1";
753 }
754 leaf quote-signature {
755 type binary;
756 description
757 "Quote signature returned by TPM Quote. The signature was
758 generated using the key associated with the
759 certificate 'name'.";
760 reference
761 "https://www.trustedcomputinggroup.org/wp-content/uploads/
762 TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 11.2.1";
763 }
764 uses node-uptime;
765 list unsigned-pcr-values {
766 description
767 "PCR values in each PCR bank. This might appear redundant with
768 the TPM2B_DIGEST, but that digest is calculated across multiple
769 PCRs. Having to verify across multiple PCRs does not
770 necessarily make it easy for a Verifier to appraise just the
771 minimum set of PCR information which has changed since the last
772 received TPM2B_DIGEST. Put another way, why should a Verifier
773 reconstruct the proper value of all PCR Quotes when only a
774 single PCR has changed?
775 To help this happen, if the Attester does know specific PCR
776 values, the Attester can provide these individual values via
777 'unsigned-pcr-values'. By comparing this information to the
778 what has previously been validated, it is possible for a
779 Verifier to confirm the Attester's signature while eliminating
780 significant processing. There should never be a result where
781 an unsigned PCR value is actually that that within a quote.
782 If there is a difference, a signed result which has been
783 verified from retrieved logs is considered definitive.";
784 uses tpm20-hash-algo;
785 list pcr-values {
786 key "pcr-index";
787 description
788 "List of one PCR bank.";
789 leaf pcr-index {
790 type pcr;
791 description
792 "PCR index number.";
793 }
794 leaf pcr-value {
795 type binary;
796 description
797 "PCR value.";
798 reference
799 "https://www.trustedcomputinggroup.org/wp-content/uploads/
800 TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
801 }
802 }
803 }
804 }
806 grouping log-identifier {
807 description
808 "Identifier for type of log to be retrieved.";
809 leaf log-type {
810 type identityref {
811 base attested_event_log_type;
812 }
813 mandatory true;
814 description
815 "The corresponding measurement log type identity.";
816 }
817 }
818 grouping boot-event-log {
819 description
820 "Defines an event log corresponding to the event that extended
821 the PCR";
822 leaf event-number {
823 type uint32;
824 description
825 "Unique event number of this event";
826 }
827 leaf event-type {
828 type uint32;
829 description
830 "log event type";
831 }
832 leaf pcr-index {
833 type pcr;
834 description
835 "Defines the PCR index that this event extended";
836 }
837 list digest-list {
838 description
839 "Hash of event data";
840 leaf hash-algo {
841 type identityref {
842 base taa:hash;
843 }
844 description
845 "The hash scheme that is used to compress the event data in
846 each of the leaf-list digest items.";
847 }
848 leaf-list digest {
849 type binary;
850 description
851 "The hash of the event data using the algorithm of the
852 'hash-algo' against 'event data'.";
853 }
854 }
855 leaf event-size {
856 type uint32;
857 description
858 "Size of the event data";
859 }
860 leaf-list event-data {
861 type uint8;
862 description
863 "The event data size determined by event-size";
864 }
865 }
866 grouping bios-event-log {
867 description
868 "Measurement log created by the BIOS/UEFI.";
869 list bios-event-entry {
870 key event-number;
871 description
872 "Ordered list of TCG described event log
873 that extended the PCRs in the order they
874 were logged";
875 uses boot-event-log;
876 }
877 }
878 grouping ima-event {
879 description
880 "Defines an hash log extend event for IMA measurements";
881 reference
882 "https://www.trustedcomputinggroup.org/wp-content/uploads/
883 TCG_IWG_CEL_v1_r0p30_13feb2021.pdf Section 4.3";
884 leaf event-number {
885 type uint64;
886 description
887 "Unique number for this event for sequencing";
888 }
889 leaf ima-template {
890 type string;
891 description
892 "Name of the template used for event logs
893 for e.g. ima, ima-ng, ima-sig";
894 }
895 leaf filename-hint {
896 type string;
897 description
898 "File that was measured";
899 }
900 leaf filedata-hash {
901 type binary;
902 description
903 "Hash of filedata";
904 }
905 leaf filedata-hash-algorithm {
906 type string;
907 description
908 "Algorithm used for filedata-hash";
909 }
910 leaf template-hash-algorithm {
911 type string;
912 description
913 "Algorithm used for template-hash";
914 }
915 leaf template-hash {
916 type binary;
917 description
918 "hash(filedata-hash, filename-hint)";
919 }
920 leaf pcr-index {
921 type pcr;
922 description
923 "Defines the PCR index that this event extended";
924 }
925 leaf signature {
926 type binary;
927 description
928 "The file signature";
929 }
930 }
931 grouping ima-event-log {
932 description
933 "Measurement log created by IMA.";
934 list ima-event-entry {
935 key event-number;
936 description
937 "Ordered list of ima event logs by event-number";
938 uses ima-event;
939 }
940 }
942 grouping network-equipment-boot-event-log {
943 description
944 "Measurement log created by Network Equipment Boot. The Network
945 Equipment Boot format is identical to the IMA format. In
946 contrast to the IMA log, the Network Equipment Boot log
947 includes every measurable event from an Attester, including
948 the boot stages of BIOS, Bootloader, etc. In essence, the scope
949 of events represented in this format combines the scope of BIOS
950 events and IMA events.";
951 list boot-event-entry {
952 key event-number;
953 description
954 "Ordered list of Network Equipment Boot event logs
955 by event-number, using the IMA event format.";
956 uses ima-event;
957 }
958 }
959 grouping event-logs {
960 description
961 "A selector for the log and its type.";
962 choice attested_event_log_type {
963 mandatory true;
964 description
965 "Event log type determines the event logs content.";
966 case bios {
967 if-feature "bios";
968 description
969 "BIOS/UEFI event logs";
970 container bios-event-logs {
971 description
972 "BIOS/UEFI event logs";
973 uses bios-event-log;
974 }
975 }
976 case ima {
977 if-feature "ima";
978 description
979 "IMA event logs.";
980 container ima-event-logs {
981 description
982 "IMA event logs.";
983 uses ima-event-log;
984 }
985 }
986 case netequip_boot {
987 if-feature "netequip_boot";
988 description
989 "Network Equipment Boot event logs";
990 container boot-event-logs {
991 description
992 "Network equipment boot event logs.";
993 uses network-equipment-boot-event-log;
994 }
995 }
996 }
997 }
999 /**********************/
1000 /* RPC operations */
1001 /**********************/
1003 rpc tpm12-challenge-response-attestation {
1004 if-feature "taa:tpm12";
1005 description
1006 "This RPC accepts the input for TSS TPM 1.2 commands made to the
1007 attesting device.";
1008 input {
1009 container tpm12-attestation-challenge {
1010 description
1011 "This container includes every information element defined
1012 in the reference challenge-response interaction model for
1013 remote attestation. Corresponding values are based on
1014 TPM 1.2 structure definitions";
1015 uses tpm12-pcr-selection;
1016 uses nonce;
1017 leaf-list certificate-name {
1018 if-feature "tpm:tpms";
1019 type certificate-name-ref;
1020 must "/tpm:rats-support-structures/tpm:tpms"
1021 + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"
1022 + "/tpm:certificates/"
1023 + "/tpm:certificate[name=current()]" {
1024 error-message "Not an available TPM1.2 AIK certificate.";
1025 }
1026 description
1027 "When populated, the RPC will only get a Quote for the
1028 TPMs associated with these certificate(s).";
1029 }
1030 }
1031 }
1032 output {
1033 list tpm12-attestation-response {
1034 unique "certificate-name";
1035 description
1036 "The binary output of TPM 1.2 TPM_Quote/TPM_Quote2, including
1037 the PCR selection and other associated attestation evidence
1038 metadata";
1039 uses certificate-name-ref {
1040 description
1041 "Certificate associated with this tpm12-attestation.";
1042 }
1043 uses tpm12-attestation;
1044 }
1045 }
1046 }
1048 rpc tpm20-challenge-response-attestation {
1049 if-feature "taa:tpm20";
1050 description
1051 "This RPC accepts the input for TSS TPM 2.0 commands of the
1052 managed device. ComponentIndex from the hardware manager YANG
1053 module to refer to dedicated TPM in composite devices,
1054 e.g. smart NICs, is still a TODO.";
1055 input {
1056 container tpm20-attestation-challenge {
1057 description
1058 "This container includes every information element defined
1059 in the reference challenge-response interaction model for
1060 remote attestation. Corresponding values are based on
1061 TPM 2.0 structure definitions";
1062 uses nonce;
1063 uses tpm20-pcr-selection;
1064 leaf-list certificate-name {
1065 if-feature "tpm:tpms";
1066 type certificate-name-ref;
1067 must "/tpm:rats-support-structures/tpm:tpms"
1068 + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"
1069 + "/tpm:certificates/"
1070 + "/tpm:certificate[name=current()]" {
1071 error-message "Not an available TPM2.0 AIK certificate.";
1072 }
1073 description
1074 "When populated, the RPC will only get a Quote for the
1075 TPMs associated with the certificates.";
1076 }
1077 }
1078 }
1079 output {
1080 list tpm20-attestation-response {
1081 unique "certificate-name";
1082 description
1083 "The binary output of TPM2b_Quote in one TPM chip of the
1084 node which identified by node-id. An TPMS_ATTEST structure
1085 including a length, encapsulated in a signature";
1086 uses certificate-name-ref {
1087 description
1088 "Certificate associated with this tpm20-attestation.";
1089 }
1090 uses tpm20-attestation;
1091 }
1092 }
1093 }
1095 rpc log-retrieval {
1096 description
1097 "Logs Entries are either identified via indices or via providing
1098 the last line received. The number of lines returned can be
1099 limited. The type of log is a choice that can be augmented.";
1100 input {
1101 list log-selector {
1102 description
1103 "Selection of log entries to be reported.";
1104 uses tpm-name-selector;
1105 choice index-type {
1106 description
1107 "Last log entry received, log index number, or timestamp.";
1108 case last-entry {
1109 description
1110 "The last entry of the log already retrieved.";
1111 leaf last-entry-value {
1112 type binary;
1113 description
1114 "Content of an log event which matches 1:1 with a
1115 unique event record contained within the log. Log
1116 entries subsequent to this will be passed to the
1117 requester. Note: if log entry values are not unique,
1118 this MUST return an error.";
1119 }
1120 }
1121 case index {
1122 description
1123 "Numeric index of the last log entry retrieved, or
1124 zero.";
1125 leaf last-index-number {
1126 type uint64;
1127 description
1128 "The last numeric index number of a log entry.
1129 Zero means to start at the beginning of the log.
1130 Entries subsequent to this will be passed to the
1131 requester.";
1132 }
1133 }
1134 case timestamp {
1135 leaf timestamp {
1136 type yang:date-and-time;
1137 description
1138 "Timestamp from which to start the extraction. The
1139 next log entry subsequent to this timestamp is to
1140 be sent.";
1141 }
1142 description
1143 "Timestamp from which to start the extraction.";
1144 }
1145 }
1146 leaf log-entry-quantity {
1147 type uint16;
1148 description
1149 "The number of log entries to be returned. If omitted, it
1150 means all of them.";
1151 }
1152 }
1153 uses log-identifier;
1154 }
1155 output {
1156 container system-event-logs {
1157 description
1158 "The requested data of the measurement event logs";
1159 list node-data {
1160 unique "name";
1161 description
1162 "Event logs of a node in a distributed system
1163 identified by the node name";
1164 uses tpm-name;
1165 uses node-uptime;
1166 container log-result {
1167 description
1168 "The requested entries of the corresponding log.";
1169 uses event-logs;
1170 }
1171 }
1172 }
1173 }
1174 }
1176 /**************************************/
1177 /* Config & Oper accessible nodes */
1178 /**************************************/
1180 container rats-support-structures {
1181 description
1182 "The datastore definition enabling verifiers or relying
1183 parties to discover the information necessary to use the
1184 remote attestation RPCs appropriately.";
1185 container compute-nodes {
1186 if-feature "tpm:tpms";
1187 description
1188 "Holds the set device subsystems/components in this composite
1189 device that support TPM operations.";
1190 list compute-node {
1191 key "node-id";
1192 config false;
1193 min-elements 2;
1194 description
1195 "A component within this composite device which
1196 supports TPM operations.";
1197 leaf node-id {
1198 type string;
1199 description
1200 "ID of the compute node, such as Board Serial Number.";
1201 }
1202 leaf node-physical-index {
1203 if-feature "ietfhw:entity-mib";
1204 type int32 {
1205 range "1..2147483647";
1206 }
1207 config false;
1208 description
1209 "The entPhysicalIndex for the compute node.";
1210 reference
1211 "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex";
1212 }
1213 leaf node-name {
1214 type string;
1215 description
1216 "Name of the compute node.";
1217 }
1218 leaf node-location {
1219 type string;
1220 description
1221 "Location of the compute node, such as slot number.";
1222 }
1223 }
1224 }
1225 container tpms {
1226 description
1227 "Holds the set of TPMs within an Attester.";
1228 list tpm {
1229 key "name";
1230 unique "path";
1231 description
1232 "A list of TPMs in this composite device that RATS
1233 can be conducted with.";
1234 uses tpm-name;
1235 leaf hardware-based {
1236 type boolean;
1237 config false;
1238 description
1239 "Answers the question: is this TPM is a hardware based
1240 TPM?";
1241 }
1242 leaf physical-index {
1243 if-feature "ietfhw:entity-mib";
1244 type int32 {
1245 range "1..2147483647";
1246 }
1247 config false;
1248 description
1249 "The entPhysicalIndex for the TPM.";
1250 reference
1251 "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex";
1252 }
1253 leaf path {
1254 type string;
1255 config false;
1256 description
1257 "Path to a unique TPM on a device. This can change across
1258 reboots.";
1259 }
1260 leaf compute-node {
1261 if-feature "tpm:tpms";
1262 type compute-node-ref;
1263 config false;
1264 mandatory true;
1265 description
1266 "Indicates the compute node measured by this TPM.";
1267 }
1268 leaf manufacturer {
1269 type string;
1270 config false;
1271 description
1272 "TPM manufacturer name.";
1273 }
1274 leaf firmware-version {
1275 type identityref {
1276 base taa:cryptoprocessor;
1277 }
1278 mandatory true;
1279 description
1280 "Identifies the cryptoprocessor API set supported. This
1281 is automatically configured by the device and should not
1282 be changed.";
1283 }
1284 uses tpm12-hash-algo {
1285 when "firmware-version = 'taa:tpm12'";
1286 refine "tpm12-hash-algo" {
1287 description
1288 "The hash algorithm overwrites the default used for PCRs
1289 on this TPM1.2 compliant cryptoprocessor.";
1290 }
1291 }
1292 leaf-list tpm12-pcrs {
1293 when "../firmware-version = 'taa:tpm12'";
1294 type pcr;
1295 description
1296 "The PCRs which may be extracted from this TPM1.2
1297 compliant cryptoprocessor.";
1298 }
1299 list tpm20-pcr-bank {
1300 when "../firmware-version = 'taa:tpm20'";
1301 key "tpm20-hash-algo";
1302 description
1303 "Specifies the list of PCRs that may be extracted for
1304 a specific Hash Algorithm on this TPM2 compliant
1305 cryptoprocessor. A bank is a set of PCRs which are
1306 extended using a particular hash algorithm.";
1307 reference
1308 "https://www.trustedcomputinggroup.org/wp-content/uploads/
1309 TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7";
1310 leaf tpm20-hash-algo {
1311 type identityref {
1312 base taa:hash;
1313 }
1314 must '/tpm:rats-support-structures'
1315 + '/tpm:attester-supported-algos'
1316 + '/tpm:tpm20-hash' {
1317 error-message
1318 "This platform does not support tpm20-hash-algo";
1319 }
1320 description
1321 "The hash scheme actively being used to hash a
1322 one or more TPM2.0 PCRs.";
1323 }
1324 leaf-list pcr-index {
1325 type tpm:pcr;
1326 description
1327 "Defines what TPM2 PCRs are available to be extracted.";
1328 }
1329 }
1330 leaf status {
1331 type enumeration {
1332 enum operational {
1333 value 0;
1334 description
1335 "The TPM currently is currently running normally and
1336 is ready to accept and process TPM quotes.";
1337 reference
1338 "TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
1339 Section 12";
1340 }
1341 enum non-operational {
1342 value 1;
1343 description
1344 "TPM is in a state such as startup or shutdown which
1345 precludes the processing of TPM quotes.";
1346 }
1347 }
1348 config false;
1349 mandatory true;
1350 description
1351 "TPM chip self-test status.";
1352 }
1353 container certificates {
1354 description
1355 "The TPM's certificates, including EK certificates
1356 and AK certificates.";
1357 list certificate {
1358 key "name";
1359 description
1360 "Three types of certificates can be accessed via
1361 this statement, including Initial Attestation
1362 Key Certificate, Local Attestation Key Certificate or
1363 Endorsement Key Certificate.";
1364 leaf name {
1365 type string;
1366 description
1367 "An arbitrary name uniquely identifying a certificate
1368 associated within key within a TPM.";
1369 }
1370 leaf keystore-ref {
1371 type leafref {
1372 path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
1373 + "/ks:certificates/ks:certificate/ks:name";
1374 }
1375 description
1376 "A reference to a specific certificate of an
1377 asymmetric key in the Keystore.";
1378 }
1379 leaf type {
1380 type enumeration {
1381 enum endorsement-certificate {
1382 value 0;
1383 description
1384 "Endorsement Key (EK) Certificate type.";
1385 reference
1386 "https://trustedcomputinggroup.org/wp-content/
1387 uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
1388 Section 3.11";
1389 }
1390 enum initial-attestation-certificate {
1391 value 1;
1392 description
1393 "Initial Attestation key (IAK) Certificate type.";
1394 reference
1395 "https://trustedcomputinggroup.org/wp-content/
1396 uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
1397 Section 3.2";
1398 }
1399 enum local-attestation-certificate {
1400 value 2;
1401 description
1402 "Local Attestation Key (LAK) Certificate type.";
1403 reference
1404 "https://trustedcomputinggroup.org/wp-content/
1405 uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf
1406 Section 3.2";
1407 }
1408 }
1409 description
1410 "Function supported by this certificate from within the
1411 TPM.";
1412 }
1413 }
1414 }
1415 }
1416 }
1417 container attester-supported-algos {
1418 description
1419 "Identifies which TPM algorithms are available for use on an
1420 attesting platform.";
1421 leaf-list tpm12-asymmetric-signing {
1422 when "../../tpm:tpms"
1423 + "/tpm:tpm[tpm:firmware-version='taa:tpm12']";
1424 type identityref {
1425 base taa:asymmetric;
1426 }
1427 description
1428 "Platform Supported TPM12 asymmetric algorithms.";
1429 }
1430 leaf-list tpm12-hash {
1431 when "../../tpm:tpms"
1432 + "/tpm:tpm[tpm:firmware-version='taa:tpm12']";
1433 type identityref {
1434 base taa:hash;
1435 }
1436 description
1437 "Platform supported TPM12 hash algorithms.";
1438 }
1439 leaf-list tpm20-asymmetric-signing {
1440 when "../../tpm:tpms"
1441 + "/tpm:tpm[tpm:firmware-version='taa:tpm20']";
1442 type identityref {
1443 base taa:asymmetric;
1444 }
1445 description
1446 "Platform Supported TPM20 asymmetric algorithms.";
1447 }
1448 leaf-list tpm20-hash {
1449 when "../../tpm:tpms"
1450 + "/tpm:tpm[tpm:firmware-version='taa:tpm20']";
1451 type identityref {
1452 base taa:hash;
1453 }
1454 description
1455 "Platform supported TPM20 hash algorithms.";
1456 }
1457 }
1458 }
1459 }
1460
1462 Figure 1
1464 2.1.2. 'ietf-tcg-algs'
1466 Cryptographic algorithm types were initially included within -v14
1467 NETCONF's iana-crypto-types.yang. Unfortunately, all this content
1468 including the algorithms needed here failed to make the -v15 used
1469 WGLC. As a result, this document has encoded the TCG Algorithm
1470 definitions of [TCG-Algos], revision 1.32. By including this full
1471 table as a separate YANG file within this document, it is possible
1472 for other YANG models to leverage the contents of this model.
1474 2.1.2.1. Features
1476 There are two types of features supported: 'TPM12' and 'TPM20'.
1477 Support for either of these features indicates that a cryptoprocessor
1478 supporting the corresponding type of TCG TPM API is present on an
1479 Attester. Most commonly, only one type of cryptoprocessor will be
1480 available on an Attester.
1482 2.1.2.2. Identities
1484 There are three types of identities in this model:
1486 1. *Cryptographic functions* supported by a TPM algorithm; these
1487 include: 'asymmetric', 'symmetric', 'hash', 'signing',
1488 'anonymous_signing', 'encryption_mode', 'method', and
1489 'object_type'. The definitions of each of these are in Table 2
1490 of [TCG-Algos].
1492 2. *API specifications* for TPMs: 'tpm12' and 'tpm20'
1494 3. *Specific algorithm types*: Each algorithm type defines what
1495 cryptographic functions may be supported, and on which type of
1496 API specification. It is not required that an implementation of
1497 a specific TPM will support all algorithm types. The contents of
1498 each specific algorithm mirrors what is in Table 3 of
1499 [TCG-Algos].
1501 2.1.2.3. YANG Module
1503 file "ietf-tcg-algs@2021-11-05.yang"
1504 module ietf-tcg-algs {
1505 yang-version 1.1;
1506 namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs";
1507 prefix taa;
1509 organization
1510 "IETF RATS Working Group";
1512 contact
1513 "WG Web:
1514 WG List:
1515 Author: Eric Voit ";
1517 description
1518 "This module defines a identities for asymmetric algorithms.
1520 Copyright (c) 2021 IETF Trust and the persons identified
1521 as authors of the code. All rights reserved.
1522 Redistribution and use in source and binary forms, with
1523 or without modification, is permitted pursuant to, and
1524 subject to the license terms contained in, the Simplified
1525 BSD License set forth in Section 4.c of the IETF Trust's
1526 Legal Provisions Relating to IETF Documents
1527 (https://trustee.ietf.org/license-info).
1528 This version of this YANG module is part of RFC XXXX
1529 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
1530 itself for full legal notices.
1531 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
1532 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
1533 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
1534 are to be interpreted as described in BCP 14 (RFC 2119)
1535 (RFC 8174) when, and only when, they appear in all
1536 capitals, as shown here.";
1538 revision 2021-11-05 {
1539 description
1540 "Initial version";
1541 reference
1542 "RFC XXXX: tbd";
1543 }
1544 /*****************/
1545 /* Features */
1546 /*****************/
1548 feature tpm12 {
1549 description
1550 "This feature indicates algorithm support for the TPM 1.2 API
1551 as per Section 4.8 of TPM Main Part 2 TPM Structures
1552 https://trustedcomputinggroup.org/wp-content/uploads/
1553 TPM-main-1.2-Rev94-part-2.pdf";
1554 }
1556 feature tpm20 {
1557 description
1558 "This feature indicates algorithm support for the TPM 2.0 API
1559 as per Section 11.4 of Trusted Platform Module Library
1560 Part 1: Architecture
1561 https://trustedcomputinggroup.org/wp-content/uploads/
1562 TPM-Rev-2.0-Part-1-Architecture-01.38.pdf";
1563 }
1565 /*****************/
1566 /* Identities */
1567 /*****************/
1569 identity asymmetric {
1570 description
1571 "A TCG recognized asymmetric algorithm with a public and
1572 private key.";
1573 reference
1574 "TCG Algorithm Registry Revision 01.32 Table 2
1575 http://trustedcomputinggroup.org/resource/tcg-algorithm-registry/
1576 TCG-_Algorithm_Registry_r1p32_pub";
1577 }
1579 identity symmetric {
1580 description
1581 "A TCG recognized symmetric algorithm with only a private key.";
1582 reference
1583 "TCG Algorithm Registry Revision 01.32 Table 2";
1584 }
1586 identity hash {
1587 description
1588 "A TCG recognized hash algorithm that compresses input data to
1589 a digest value or indicates a method that uses a hash.";
1590 reference
1591 "TCG Algorithm Registry Revision 01.32 Table 2";
1592 }
1594 identity signing {
1595 description
1596 "A TCG recognized signing algorithm";
1597 reference
1598 "TCG Algorithm Registry Revision 01.32 Table 2";
1599 }
1601 identity anonymous_signing {
1602 description
1603 "A TCG recognized anonymous signing algorithm.";
1604 reference
1605 "TCG Algorithm Registry Revision 01.32 Table 2";
1606 }
1608 identity encryption_mode {
1609 description
1610 "A TCG recognized encryption mode.";
1611 reference
1612 "TCG Algorithm Registry Revision 01.32 Table 2";
1613 }
1615 identity method {
1616 description
1617 "A TCG recognized method such as a mask generation function.";
1618 reference
1619 "TCG Algorithm Registry Revision 01.32 Table 2";
1620 }
1622 identity object_type {
1623 description
1624 "A TCG recognized object type.";
1625 reference
1626 "TCG Algorithm Registry Revision 01.32 Table 2";
1627 }
1629 identity cryptoprocessor {
1630 description
1631 "Base identity identifying a crytoprocessor.";
1632 }
1634 identity tpm12 {
1635 if-feature "tpm12";
1636 base cryptoprocessor;
1637 description
1638 "Supportable by a TPM1.2.";
1640 reference
1641 "TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf
1642 TPM_ALGORITHM_ID values, page 18";
1643 }
1645 identity tpm20 {
1646 if-feature "tpm12";
1647 base cryptoprocessor;
1648 description
1649 "Supportable by a TPM2.";
1650 reference
1651 "TPM-Rev-2.0-Part-2-Structures-01.38.pdf
1652 The TCG Algorithm Registry. Table 9";
1653 }
1655 identity TPM_ALG_RSA {
1656 if-feature "tpm12 or tpm20";
1657 base tpm12;
1658 base tpm20;
1659 base asymmetric;
1660 base object_type;
1661 description
1662 "RSA algorithm";
1663 reference
1664 "TCG Algorithm Registry Revision 01.32 Table 3 and
1665 RFC 8017. ALG_ID: 0x0001";
1666 }
1668 identity TPM_ALG_TDES {
1669 if-feature "tpm12";
1670 base tpm12;
1671 base symmetric;
1672 description
1673 "Block cipher with various key sizes (Triple Data Encryption
1674 Algorithm, commonly called Triple Data Encryption Standard)
1675 Note: was banned in TPM1.2 v94";
1676 reference
1677 "TCG Algorithm Registry Revision 01.32 Table 3 and
1678 ISO/IEC 18033-3. ALG_ID: 0x0003";
1679 }
1681 identity TPM_ALG_SHA1 {
1682 if-feature "tpm12 or tpm20";
1683 base hash;
1684 base tpm12;
1685 base tpm20;
1686 description
1687 "SHA1 algorithm - Deprecated due to insufficient cryptographic
1688 protection. However it is still useful for hash algorithms
1689 where protection is not required.";
1690 reference
1691 "TCG Algorithm Registry Revision 01.32 Table 3 and
1692 ISO/IEC 10118-3. ALG_ID: 0x0004";
1693 }
1695 identity TPM_ALG_HMAC {
1696 if-feature "tpm12 or tpm20";
1697 base tpm12;
1698 base tpm20;
1699 base hash;
1700 base signing;
1701 description
1702 "Hash Message Authentication Code (HMAC) algorithm";
1703 reference
1704 "TCG Algorithm Registry Revision 01.32 Table 3,
1705 ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005";
1706 }
1708 identity TPM_ALG_AES {
1709 if-feature "tpm12";
1710 base tpm12;
1711 base symmetric;
1712 description
1713 "The AES algorithm with various key sizes";
1714 reference
1715 "TCG Algorithm Registry Revision 01.32 Table 3 and
1716 ISO/IEC 18033-3. ALG_ID: 0x0006";
1717 }
1719 identity TPM_ALG_MGF1 {
1720 if-feature "tpm20";
1721 base tpm20;
1722 base hash;
1723 base method;
1724 description
1725 "hash-based mask-generation function";
1726 reference
1727 "TCG Algorithm Registry Revision 01.32 Table 3,
1728 IEEE Std 1363-2000 and IEEE Std 1363a-2004.
1729 ALG_ID: 0x0007";
1730 }
1732 identity TPM_ALG_KEYEDHASH {
1733 if-feature "tpm20";
1734 base tpm20;
1735 base hash;
1736 base object_type;
1737 description
1738 "An encryption or signing algorithm using a keyed hash. These
1739 may use XOR for encryption or an HMAC for signing and may
1740 also refer to a data object that is neither signing nor
1741 encrypting.";
1742 reference
1743 "TCG Algorithm Registry Revision 01.32 Table 3 and
1744 TCG TPM 2.0 library specification. ALG_ID: 0x0008";
1745 }
1747 identity TPM_ALG_XOR {
1748 if-feature "tpm12 or tpm20";
1749 base tpm12;
1750 base tpm20;
1751 base hash;
1752 base symmetric;
1753 description
1754 "The XOR encryption algorithm.";
1755 reference
1756 "TCG Algorithm Registry Revision 01.32 Table 3 and
1757 TCG TPM 2.0 library specification. ALG_ID: 0x000A";
1758 }
1760 identity TPM_ALG_SHA256 {
1761 if-feature "tpm20";
1762 base tpm20;
1763 base hash;
1764 description
1765 "The SHA 256 algorithm";
1766 reference
1767 "TCG Algorithm Registry Revision 01.32 Table 3 and
1768 ISO/IEC 10118-3. ALG_ID: 0x000B";
1769 }
1771 identity TPM_ALG_SHA384 {
1772 if-feature "tpm20";
1773 base tpm20;
1774 base hash;
1775 description
1776 "The SHA 384 algorithm";
1777 reference
1778 "TCG Algorithm Registry Revision 01.32 Table 3 and
1779 ISO/IEC 10118-3. ALG_ID: 0x000C";
1780 }
1782 identity TPM_ALG_SHA512 {
1783 if-feature "tpm20";
1784 base tpm20;
1785 base hash;
1786 description
1787 "The SHA 512 algorithm";
1788 reference
1789 "TCG Algorithm Registry Revision 01.32 Table 3 and
1790 ISO/IEC 10118-3. ALG_ID: 0x000D";
1791 }
1793 identity TPM_ALG_NULL {
1794 if-feature "tpm20";
1795 base tpm20;
1796 description
1797 "NULL algorithm";
1798 reference
1799 "TCG Algorithm Registry Revision 01.32 Table 3 and
1800 TCG TPM 2.0 library specification. ALG_ID: 0x0010";
1801 }
1803 identity TPM_ALG_SM3_256 {
1804 if-feature "tpm20";
1805 base tpm20;
1806 base hash;
1807 description
1808 "The SM3 hash algorithm.";
1809 reference
1810 "TCG Algorithm Registry Revision 01.32 Table 3 and
1811 ISO/IEC 10118-3:2018. ALG_ID: 0x0012";
1812 }
1814 identity TPM_ALG_SM4 {
1815 if-feature "tpm20";
1816 base tpm20;
1817 base symmetric;
1818 description
1819 "SM4 symmetric block cipher";
1820 reference
1821 "TCG Algorithm Registry Revision 01.32 Table 3 and
1822 GB/T 32907-2016. ALG_ID: 0x0013";
1823 }
1825 identity TPM_ALG_RSASSA {
1826 if-feature "tpm20";
1827 base tpm20;
1828 base asymmetric;
1829 base signing;
1830 description
1831 "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)";
1833 reference
1834 "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017.
1835 ALG_ID: 0x0014";
1836 }
1838 identity TPM_ALG_RSAES {
1839 if-feature "tpm20";
1840 base tpm20;
1841 base asymmetric;
1842 base encryption_mode;
1843 description
1844 "Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)";
1845 reference
1846 "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017
1847 ALG_ID: 0x0015";
1848 }
1850 identity TPM_ALG_RSAPSS {
1851 if-feature "tpm20";
1852 base tpm20;
1853 base asymmetric;
1854 base signing;
1855 description
1856 "Padding algorithm defined in section 8.1 (RSASSA PSS)";
1857 reference
1858 "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017.
1859 ALG_ID: 0x0016";
1860 }
1862 identity TPM_ALG_OAEP {
1863 if-feature "tpm20";
1864 base tpm20;
1865 base asymmetric;
1866 base encryption_mode;
1867 description
1868 "Padding algorithm defined in section 7.1 (RSASSA OAEP)";
1869 reference
1870 "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017.
1871 ALG_ID: 0x0017";
1872 }
1874 identity TPM_ALG_ECDSA {
1875 if-feature "tpm20";
1876 base tpm20;
1877 base asymmetric;
1878 base signing;
1879 description
1880 "Signature algorithm using elliptic curve cryptography (ECC)";
1882 reference
1883 "TCG Algorithm Registry Revision 01.32 Table 3 and
1884 ISO/IEC 14888-3. ALG_ID: 0x0018";
1885 }
1887 identity TPM_ALG_ECDH {
1888 if-feature "tpm20";
1889 base tpm20;
1890 base asymmetric;
1891 base method;
1892 description
1893 "Secret sharing using ECC";
1894 reference
1895 "TCG Algorithm Registry Revision 01.32 Table 3 and
1896 NIST SP800-56A and RFC 7748. ALG_ID: 0x0019";
1897 }
1899 identity TPM_ALG_ECDAA {
1900 if-feature "tpm20";
1901 base tpm20;
1902 base asymmetric;
1903 base signing;
1904 base anonymous_signing;
1905 description
1906 "Elliptic-curve based anonymous signing scheme";
1907 reference
1908 "TCG Algorithm Registry Revision 01.32 Table 3 and
1909 TCG TPM 2.0 library specification. ALG_ID: 0x001A";
1910 }
1912 identity TPM_ALG_SM2 {
1913 if-feature "tpm20";
1914 base tpm20;
1915 base asymmetric;
1916 base signing;
1917 base encryption_mode;
1918 base method;
1919 description
1920 "SM2 - depending on context, either an elliptic-curve based,
1921 signature algorithm, an encryption scheme, or a key exchange
1922 protocol";
1923 reference
1924 "TCG Algorithm Registry Revision 01.32 Table 3 and
1925 GB/T 32918.1-2016, GB/T 32918.2-2016, GB/T 32918.3-2016, GB/T
1926 32918.4-2016, GB/T 32918.5-2017. ALG_ID: 0x001B";
1927 }
1929 identity TPM_ALG_ECSCHNORR {
1930 if-feature "tpm20";
1931 base tpm20;
1932 base asymmetric;
1933 base signing;
1934 description
1935 "Elliptic-curve based Schnorr signature";
1936 reference
1937 "TCG Algorithm Registry Revision 01.32 Table 3 and
1938 TCG TPM 2.0 library specification. ALG_ID: 0x001C";
1939 }
1941 identity TPM_ALG_ECMQV {
1942 if-feature "tpm20";
1943 base tpm20;
1944 base asymmetric;
1945 base method;
1946 description
1947 "Two-phase elliptic-curve key";
1948 reference
1949 "TCG Algorithm Registry Revision 01.32 Table 3 and
1950 NIST SP800-56A. ALG_ID: 0x001D";
1951 }
1953 identity TPM_ALG_KDF1_SP800_56A {
1954 if-feature "tpm20";
1955 base tpm20;
1956 base hash;
1957 base method;
1958 description
1959 "Concatenation key derivation function";
1960 reference
1961 "TCG Algorithm Registry Revision 01.32 Table 3 and
1962 NIST SP800-56A (approved alternative1) section 5.8.1.
1963 ALG_ID: 0x0020";
1964 }
1966 identity TPM_ALG_KDF2 {
1967 if-feature "tpm20";
1968 base tpm20;
1969 base hash;
1970 base method;
1971 description
1972 "Key derivation function";
1973 reference
1974 "TCG Algorithm Registry Revision 01.32 Table 3 and
1975 IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021";
1976 }
1977 identity TPM_ALG_KDF1_SP800_108 {
1978 base TPM_ALG_KDF2;
1979 description
1980 "A key derivation method";
1981 reference
1982 "TCG Algorithm Registry Revision 01.32 Table 3 and
1983 NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022";
1984 }
1986 identity TPM_ALG_ECC {
1987 if-feature "tpm20";
1988 base tpm20;
1989 base asymmetric;
1990 base object_type;
1991 description
1992 "Prime field ECC";
1993 reference
1994 "TCG Algorithm Registry Revision 01.32 Table 3 and
1995 ISO/IEC 15946-1. ALG_ID: 0x0023";
1996 }
1998 identity TPM_ALG_SYMCIPHER {
1999 if-feature "tpm20";
2000 base tpm20;
2001 description
2002 "Object type for a symmetric block cipher";
2003 reference
2004 "TCG Algorithm Registry Revision 01.32 Table 3 and
2005 TCG TPM 2.0 library specification. ALG_ID: 0x0025";
2006 }
2008 identity TPM_ALG_CAMELLIA {
2009 if-feature "tpm20";
2010 base tpm20;
2011 base symmetric;
2012 description
2013 "The Camellia algorithm";
2014 reference
2015 "TCG Algorithm Registry Revision 01.32 Table 3 and
2016 ISO/IEC 18033-3. ALG_ID: 0x0026";
2017 }
2019 identity TPM_ALG_SHA3_256 {
2020 if-feature "tpm20";
2021 base tpm20;
2022 base hash;
2023 description
2024 "ISO/IEC 10118-3 - the SHA 256 algorithm";
2026 reference
2027 "TCG Algorithm Registry Revision 01.32 Table 3 and
2028 NIST PUB FIPS 202. ALG_ID: 0x0027";
2029 }
2031 identity TPM_ALG_SHA3_384 {
2032 if-feature "tpm20";
2033 base tpm20;
2034 base hash;
2035 description
2036 "The SHA 384 algorithm";
2037 reference
2038 "TCG Algorithm Registry Revision 01.32 Table 3 and
2039 NIST PUB FIPS 202. ALG_ID: 0x0028";
2040 }
2042 identity TPM_ALG_SHA3_512 {
2043 if-feature "tpm20";
2044 base tpm20;
2045 base hash;
2046 description
2047 "The SHA 512 algorithm";
2048 reference
2049 "TCG Algorithm Registry Revision 01.32 Table 3 and
2050 NIST PUB FIPS 202. ALG_ID: 0x0029";
2051 }
2053 identity TPM_ALG_CMAC {
2054 if-feature "tpm20";
2055 base tpm20;
2056 base symmetric;
2057 base signing;
2058 description
2059 "block Cipher-based Message Authentication Code (CMAC)";
2060 reference
2061 "TCG Algorithm Registry Revision 01.32 Table 3 and
2062 ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F";
2063 }
2065 identity TPM_ALG_CTR {
2066 if-feature "tpm20";
2067 base tpm20;
2068 base symmetric;
2069 base encryption_mode;
2070 description
2071 "Counter mode";
2072 reference
2073 "TCG Algorithm Registry Revision 01.32 Table 3 and
2074 ISO/IEC 10116. ALG_ID: 0x0040";
2075 }
2077 identity TPM_ALG_OFB {
2078 base tpm20;
2079 base symmetric;
2080 base encryption_mode;
2081 description
2082 "Output Feedback mode";
2083 reference
2084 "TCG Algorithm Registry Revision 01.32 Table 3 and
2085 ISO/IEC 10116. ALG_ID: 0x0041";
2086 }
2088 identity TPM_ALG_CBC {
2089 if-feature "tpm20";
2090 base tpm20;
2091 base symmetric;
2092 base encryption_mode;
2093 description
2094 "Cipher Block Chaining mode";
2095 reference
2096 "TCG Algorithm Registry Revision 01.32 Table 3 and
2097 ISO/IEC 10116. ALG_ID: 0x0042";
2098 }
2100 identity TPM_ALG_CFB {
2101 if-feature "tpm20";
2102 base tpm20;
2103 base symmetric;
2104 base encryption_mode;
2105 description
2106 "Cipher Feedback mode";
2107 reference
2108 "TCG Algorithm Registry Revision 01.32 Table 3 and
2109 ISO/IEC 10116. ALG_ID: 0x0043";
2110 }
2112 identity TPM_ALG_ECB {
2113 if-feature "tpm20";
2114 base tpm20;
2115 base symmetric;
2116 base encryption_mode;
2117 description
2118 "Electronic Codebook mode";
2119 reference
2120 "TCG Algorithm Registry Revision 01.32 Table 3 and
2121 ISO/IEC 10116. ALG_ID: 0x0044";
2123 }
2125 identity TPM_ALG_CCM {
2126 if-feature "tpm20";
2127 base tpm20;
2128 base symmetric;
2129 base signing;
2130 base encryption_mode;
2131 description
2132 "Counter with Cipher Block Chaining-Message Authentication
2133 Code (CCM)";
2134 reference
2135 "TCG Algorithm Registry Revision 01.32 Table 3 and
2136 NIST SP800-38C. ALG_ID: 0x0050";
2137 }
2139 identity TPM_ALG_GCM {
2140 if-feature "tpm20";
2141 base tpm20;
2142 base symmetric;
2143 base signing;
2144 base encryption_mode;
2145 description
2146 "Galois/Counter Mode (GCM)";
2147 reference
2148 "TCG Algorithm Registry Revision 01.32 Table 3 and
2149 NIST SP800-38D. ALG_ID: 0x0051";
2150 }
2152 identity TPM_ALG_KW {
2153 if-feature "tpm20";
2154 base tpm20;
2155 base symmetric;
2156 base signing;
2157 base encryption_mode;
2158 description
2159 "AES Key Wrap (KW)";
2160 reference
2161 "TCG Algorithm Registry Revision 01.32 Table 3 and
2162 NIST SP800-38F. ALG_ID: 0x0052";
2163 }
2165 identity TPM_ALG_KWP {
2166 if-feature "tpm20";
2167 base tpm20;
2168 base symmetric;
2169 base signing;
2170 base encryption_mode;
2171 description
2172 "AES Key Wrap with Padding (KWP)";
2173 reference
2174 "TCG Algorithm Registry Revision 01.32 Table 3 and
2175 NIST SP800-38F. ALG_ID: 0x0053";
2176 }
2178 identity TPM_ALG_EAX {
2179 if-feature "tpm20";
2180 base tpm20;
2181 base symmetric;
2182 base signing;
2183 base encryption_mode;
2184 description
2185 "Authenticated-Encryption Mode";
2186 reference
2187 "TCG Algorithm Registry Revision 01.32 Table 3 and
2188 NIST SP800-38F. ALG_ID: 0x0054";
2189 }
2191 identity TPM_ALG_EDDSA {
2192 if-feature "tpm20";
2193 base tpm20;
2194 base asymmetric;
2195 base signing;
2196 description
2197 "Edwards-curve Digital Signature Algorithm (PureEdDSA)";
2198 reference
2199 "TCG Algorithm Registry Revision 01.32 Table 3 and
2200 RFC 8032. ALG_ID: 0x0060";
2201 }
2202 }
2203
2205 Note that not all cryptographic functions are required for use by
2206 ietf-tpm-remote-attestation.yang. However the full definition of
2207 Table 3 of [TCG-Algos] will allow use by additional YANG
2208 specifications.
2210 3. IANA Considerations
2212 This document registers the following namespace URIs in the "ns"
2213 class of the IETF XML Registry [IANA.xml-registry] as per [RFC3688]:
2215 URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation
2217 Registrant Contact: The IESG.
2219 XML: N/A; the requested URI is an XML namespace.
2221 URI: urn:ietf:params:xml:ns:yang:ietf-tcg-algs
2223 Registrant Contact: The IESG.
2225 XML: N/A; the requested URI is an XML namespace.
2227 This document registers the following YANG modules in the "YANG
2228 Module Names" registry [IANA.yang-parameters] as per Section 14 of
2229 [RFC6020]:
2231 Name: ietf-tpm-remote-attestation
2233 Namespace: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-
2234 attestation
2236 Prefix: tpm
2238 Reference: draft-ietf-rats-yang-tpm-charra (RFC form)
2240 Name: ietf-tcg-algs
2242 Namespace: urn:ietf:params:xml:ns:yang:ietf-tcg-algs
2244 Prefix: taa
2246 Reference: draft-ietf-rats-yang-tpm-charra (RFC form)
2248 4. Security Considerations
2250 The YANG module ietf-tpm-remote-attestation.yang specified in this
2251 document defines a schema for data that is designed to be accessed
2252 via network management protocols such as NETCONF [RFC6241] or
2253 RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport
2254 layer, and the mandatory-to-implement secure transport is Secure
2255 Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the
2256 mandatory-to-implement secure transport is TLS [RFC8446].
2258 There are a number of data nodes defined in this YANG module that are
2259 writable/creatable/deletable (i.e., _config true_, which is the
2260 default). These data nodes may be considered sensitive or vulnerable
2261 in some network environments. Write operations (e.g., _edit-config_)
2262 to these data nodes without proper protection can have a negative
2263 effect on network operations. These are the subtrees and data nodes
2264 as well as their sensitivity/vulnerability:
2266 Container '/rats-support-structures/attester-supported-algos': 'tpm1
2267 2-asymmetric-signing', 'tpm12-hash', 'tpm20-asymmetric-signing',
2268 and 'tpm20-hash'. All could be populated with algorithms that are
2269 not supported by the underlying physical TPM installed by the
2270 equipment vendor.
2272 Container: '/rats-support-structures/tpms': 'name': Although shown
2273 as 'rw', it is system generated. Therefore it should not be
2274 possible for an operator to add or remove a TPM from the
2275 configuration.
2277 'tpm20-pcr-bank': It is possible to configure PCRs for extraction
2278 which are not being extended by system software. This could
2279 unnecessarily use TPM resources.
2281 'certificates': It is possible to provision a certificate which
2282 does not correspond to an Attestation Identity Key (AIK) within
2283 the TPM 1.2, or an Attestation Key (AK) within the TPM 2.0
2284 respectively.
2286 RPC 'tpm12-challenge-response-attestation': It must be verified that
2287 the certificate is for an active AIK, i.e., the certificate
2288 provided is able to support Attestation on the targeted TPM 1.2.
2290 RPC 'tpm20-challenge-response-attestation': It must be verified that
2291 the certificate is for an active AK, i.e., the quote signature
2292 associated with RPC response has been generated by an entity
2293 legitimately able to perform Attestation on the targeted TPM 2.0.
2295 RPC 'log-retrieval': Requesting a large volume of logs from the
2296 attester could require significant system resources and create a
2297 denial of service.
2299 Information collected through the RPCs above could reveal that
2300 specific versions of software and configurations of endpoints that
2301 could identify vulnerabilities on those systems. Therefore RPCs
2302 should be protected by NACM [RFC8341] to limit the extraction of
2303 attestation data by only authorized Verifiers.
2305 For the YANG module ietf-tcg-algs.yang, please use care when
2306 selecting specific algorithms. The introductory section of
2307 [TCG-Algos] highlights that some algorithms should be considered
2308 legacy, and recommends implementers and adopters diligently evaluate
2309 available information such as governmental, industrial, and academic
2310 research before selecting an algorithm for use.
2312 5. Change Log
2314 Changes from version 08 to version 09:
2316 * AD Review comments
2318 Changes from version 08 to version 09:
2320 * Minor formatting tweaks for shepherd. IANA registered.
2322 Changes from version 05 to version 06:
2324 * More YANG Dr comments covered
2326 Changes from version 04 to version 05:
2328 * YANG Dr comments covered
2330 Changes from version 03 to version 04:
2332 * TPM1.2 Quote1 eliminated
2334 * YANG model simplifications so redundant info isn't exposed
2336 Changes from version 02 to version 03:
2338 * moved to tcg-algs
2340 * cleaned up model to eliminate sources of errors
2342 * removed key establishment RPC
2344 * added lots of XPATH which must all be scrubbed still
2346 * Descriptive text added on model contents.
2348 Changes from version 01 to version 02:
2350 * Extracted Crypto-types into a separate YANG file
2352 * Mades the algorithms explicit, not strings
2354 * Hash Algo as key the selected TPM2 PCRs
2356 * PCR numbers are their own type
2358 * Eliminated nested keys for node-id plus tpm-name
2359 * Eliminated TPM-Name of "ALL"
2361 * Added TPM-Path
2363 Changes from version 00 to version 01:
2365 * Addressed author's comments
2367 * Extended complementary details about attestation-certificates
2369 * Relabeled chunk-size to log-entry-quantity
2371 * Relabeled location with compute-node or tpm-name where appropriate
2373 * Added a valid entity-mib physical-index to compute-node and tpm-
2374 name to map it back to hardware inventory
2376 * Relabeled name to tpm_name
2378 * Removed event-string in last-entry
2380 6. References
2382 6.1. Normative References
2384 [I-D.ietf-netconf-keystore]
2385 Watsen, K., "A YANG Data Model for a Keystore", Work in
2386 Progress, Internet-Draft, draft-ietf-netconf-keystore-23,
2387 14 December 2021, .
2390 [I-D.ietf-rats-architecture]
2391 Birkholz, H., Thaler, D., Richardson, M., Smith, N., and
2392 W. Pan, "Remote Attestation Procedures Architecture", Work
2393 in Progress, Internet-Draft, draft-ietf-rats-architecture-
2394 14, 9 December 2021, .
2397 [I-D.ietf-rats-tpm-based-network-device-attest]
2398 Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM-
2399 based Network Device Remote Integrity Verification", Work
2400 in Progress, Internet-Draft, draft-ietf-rats-tpm-based-
2401 network-device-attest-10, 30 December 2021,
2402 .
2405 [IANA.xml-registry]
2406 IANA, "IETF XML Registry",
2407 .
2409 [IANA.yang-parameters]
2410 IANA, "YANG Parameters",
2411 .
2413 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
2414 Requirement Levels", BCP 14, RFC 2119,
2415 DOI 10.17487/RFC2119, March 1997,
2416 .
2418 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
2419 DOI 10.17487/RFC3688, January 2004,
2420 .
2422 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
2423 the Network Configuration Protocol (NETCONF)", RFC 6020,
2424 DOI 10.17487/RFC6020, October 2010,
2425 .
2427 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
2428 and A. Bierman, Ed., "Network Configuration Protocol
2429 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
2430 .
2432 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
2433 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
2434 .
2436 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
2437 RFC 6991, DOI 10.17487/RFC6991, July 2013,
2438 .
2440 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
2441 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
2442 .
2444 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2445 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
2446 May 2017, .
2448 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
2449 Access Control Model", STD 91, RFC 8341,
2450 DOI 10.17487/RFC8341, March 2018,
2451 .
2453 [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A
2454 YANG Data Model for Hardware Management", RFC 8348,
2455 DOI 10.17487/RFC8348, March 2018,
2456 .
2458 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
2459 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
2460 .
2462 [TCG-Algos]
2463 "TCG_Algorithm_Registry_r1p32_pub", n.d.,
2464 .
2467 [TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003,
2468 .
2471 [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013,
2472 .
2475 [TPM2.0-Key]
2476 TCG, ., "TPM 2.0 Keys for Device Identity and Attestation,
2477 Rev10", 14 April 2021, .
2480 6.2. Informative References
2482 [bios-log] "TCG PC Client Platform Firmware Profile Specification,
2483 Section 9.4.5.2", n.d.,
2484 .
2488 [I-D.ietf-rats-reference-interaction-models]
2489 Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference
2490 Interaction Models for Remote Attestation Procedures",
2491 Work in Progress, Internet-Draft, draft-ietf-rats-
2492 reference-interaction-models-04, 26 July 2021,
2493 .
2496 [ima-log] "Canonical Event Log Format, Section 4.3", n.d.,
2497 .
2500 [netequip-boot-log]
2501 "IMA Policy Kernel Documentation", n.d.,
2502 .
2505 [NIST-915121]
2506 "True Randomness Can't be Left to Chance: Why entropy is
2507 important for information security", n.d.,
2508 .
2511 [PC-Client-EFI-TPM-1.2]
2512 Trusted Computing Group, "TCG EFI Platform Specification
2513 for TPM Family 1.1 or 1.2, Specification Version 1.22,
2514 Revision 15", 1 January 2014,
2515 .
2518 Authors' Addresses
2520 Henk Birkholz
2521 Fraunhofer SIT
2522 Rheinstrasse 75
2523 64295 Darmstadt
2524 Germany
2526 Email: henk.birkholz@sit.fraunhofer.de
2528 Michael Eckel
2529 Fraunhofer SIT
2530 Rheinstrasse 75
2531 64295 Darmstadt
2532 Germany
2534 Email: michael.eckel@sit.fraunhofer.de
2536 Shwetha Bhandari
2537 ThoughtSpot
2539 Email: shwetha.bhandari@thoughtspot.com
2541 Eric Voit
2542 Cisco Systems
2544 Email: evoit@cisco.com
2545 Bill Sulzen
2546 Cisco Systems
2548 Email: bsulzen@cisco.com
2550 Liang Xia (Frank)
2551 Huawei Technologies
2552 101 Software Avenue, Yuhuatai District
2553 Nanjing
2554 Jiangsu, 210012
2555 China
2557 Email: Frank.Xialiang@huawei.com
2559 Tom Laffey
2560 Hewlett Packard Enterprise
2562 Email: tom.laffey@hpe.com
2564 Guy C. Fedorkow
2565 Juniper Networks
2566 10 Technology Park Drive
2567 Westford
2569 Email: gfedorkow@juniper.net