| draft-ietf-rats-yang-tpm-charra-11.txt | draft-ietf-rats-yang-tpm-charra-12.txt | |||
|---|---|---|---|---|
| RATS Working Group H. Birkholz | RATS Working Group H. Birkholz | |||
| Internet-Draft M. Eckel | Internet-Draft M. Eckel | |||
| Intended status: Standards Track Fraunhofer SIT | Intended status: Standards Track Fraunhofer SIT | |||
| Expires: 27 February 2022 S. Bhandari | Expires: 18 July 2022 S. Bhandari | |||
| ThoughtSpot | ThoughtSpot | |||
| E. Voit | E. Voit | |||
| B. Sulzen | B. Sulzen | |||
| Cisco | Cisco | |||
| L. Xia | L. Xia | |||
| Huawei | Huawei | |||
| T. Laffey | T. Laffey | |||
| HPE | HPE | |||
| G. Fedorkow | G. Fedorkow | |||
| Juniper | Juniper | |||
| 26 August 2021 | 14 January 2022 | |||
| A YANG Data Model for Challenge-Response-based Remote Attestation | A YANG Data Model for Challenge-Response-based Remote Attestation | |||
| Procedures using TPMs | Procedures using TPMs | |||
| draft-ietf-rats-yang-tpm-charra-11 | draft-ietf-rats-yang-tpm-charra-12 | |||
| Abstract | Abstract | |||
| This document defines YANG RPCs and a small number of configuration | This document defines YANG RPCs and a small number of configuration | |||
| nodes required to retrieve attestation evidence about integrity | nodes required to retrieve attestation evidence about integrity | |||
| measurements from a device, following the operational context defined | measurements from a device, following the operational context defined | |||
| in TPM-based Network Device Remote Integrity Verification. | in TPM-based Network Device Remote Integrity Verification. | |||
| Complementary measurement logs are also provided by the YANG RPCs, | Complementary measurement logs are also provided by the YANG RPCs, | |||
| originating from one or more roots of trust for measurement (RTMs). | originating from one or more roots of trust for measurement (RTMs). | |||
| The module defined requires at least one TPM 1.2 or TPM 2.0 as well | The module defined requires at least one TPM 1.2 or TPM 2.0 as well | |||
| skipping to change at page 2, line 4 ¶ | skipping to change at page 2, line 4 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 27 February 2022. | This Internet-Draft will expire on 18 July 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| and restrictions with respect to this document. Code Components | and restrictions with respect to this document. Code Components | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Revised BSD License text as | |||
| as described in Section 4.e of the Trust Legal Provisions and are | described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Revised BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | |||
| 2. The YANG Module for Basic Remote Attestation Procedures . . . 4 | 2. The YANG Module for Basic Remote Attestation Procedures . . . 3 | |||
| 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 4 | 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 4 | 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 3 | |||
| 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 33 | 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 32 | |||
| 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 | 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 49 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 48 | |||
| 5. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 50 | 5. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 50 | |||
| 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 | 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 | |||
| 6.1. Normative References . . . . . . . . . . . . . . . . . . 51 | 6.1. Normative References . . . . . . . . . . . . . . . . . . 51 | |||
| 6.2. Informative References . . . . . . . . . . . . . . . . . 53 | 6.2. Informative References . . . . . . . . . . . . . . . . . 53 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 53 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 54 | |||
| 1. Introduction | 1. Introduction | |||
| This document is based on the general terminology defined in the | This document is based on the general terminology defined in the | |||
| [I-D.ietf-rats-architecture] and uses the operational context defined | [I-D.ietf-rats-architecture] and uses the operational context defined | |||
| in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | |||
| interaction model and information elements defined in | interaction model and information elements defined in | |||
| [I-D.ietf-rats-reference-interaction-models]. The currently | [I-D.ietf-rats-reference-interaction-models]. The currently | |||
| supported hardware security modules (HSMs) are the Trusted Platform | supported hardware security modules (HSMs) are the Trusted Platform | |||
| Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted | Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted | |||
| skipping to change at page 4, line 15 ¶ | skipping to change at page 3, line 31 ¶ | |||
| 2. The YANG Module for Basic Remote Attestation Procedures | 2. The YANG Module for Basic Remote Attestation Procedures | |||
| One or more TPMs MUST be embedded in a Composite Device that provides | One or more TPMs MUST be embedded in a Composite Device that provides | |||
| attestation evidence via the YANG module defined in this document. | attestation evidence via the YANG module defined in this document. | |||
| The ietf-basic-remote-attestation YANG module enables a composite | The ietf-basic-remote-attestation YANG module enables a composite | |||
| device to take on the role of an Attester, in accordance with the | device to take on the role of an Attester, in accordance with the | |||
| Remote Attestation Procedures (RATS) architecture | Remote Attestation Procedures (RATS) architecture | |||
| [I-D.ietf-rats-architecture], and the corresponding challenge- | [I-D.ietf-rats-architecture], and the corresponding challenge- | |||
| response interaction model defined in the | response interaction model defined in the | |||
| [I-D.ietf-rats-reference-interaction-models] document. A fresh nonce | [I-D.ietf-rats-reference-interaction-models] document. A fresh nonce | |||
| with an appropriate amount of entropy MUST be supplied by the YANG | with an appropriate amount of entropy [NIST-915121] MUST be supplied | |||
| client in order to enable a proof-of-freshness with respect to the | by the YANG client in order to enable a proof-of-freshness with | |||
| attestation Evidence provided by the Attester running the YANG | respect to the attestation Evidence provided by the Attester running | |||
| datastore. Further, this nonce is used to prevent replay attacks. | the YANG datastore. Further, this nonce is used to prevent replay | |||
| The functions of this YANG module are restricted to 0-1 TPMs per | attacks. The method for communicating the relationship of each | |||
| hardware component. | individual TPM to specific measured component within the Composite | |||
| Device is out of the scope of this document. | ||||
| 2.1. YANG Modules | 2.1. YANG Modules | |||
| In this section the several YANG modules are defined. | In this section the several YANG modules are defined. | |||
| 2.1.1. 'ietf-tpm-remote-attestation' | 2.1.1. 'ietf-tpm-remote-attestation' | |||
| This YANG module imports modules from [RFC6991], [RFC8348], | This YANG module imports modules from [RFC6991], [RFC8348], | |||
| [I-D.ietf-netconf-keystore], and "ietf-tcg-algs.yang" | [I-D.ietf-netconf-keystore], and ietf-tcg-algs.yang Section 2.1.2.3. | |||
| Section 2.1.2.3. | ||||
| 2.1.1.1. Features | 2.1.1.1. Features | |||
| This module supports the following features: | This module supports the following features: | |||
| * 'TPMs': Indicates that multiple TPMs on the device can support | * 'TPMs': Indicates that multiple TPMs on the device can support | |||
| remote attestation. This feature is applicable in cases where | remote attestation. This feature is applicable in cases where | |||
| multiple line cards are present, each with its own TPM. | multiple line cards are present, each with its own TPM. | |||
| * 'bios': Indicates that the device supports the retrieval of BIOS/ | * 'bios': Indicates that the device supports the retrieval of BIOS/ | |||
| UEFI event logs. | UEFI event logs. [bios-log] | |||
| * 'ima': Indicates that the device supports the retrieval of event | * 'ima': Indicates that the device supports the retrieval of event | |||
| logs from the Linux Integrity Measurement Architecture (IMA). | logs from the Linux Integrity Measurement Architecture (IMA). | |||
| [ima-log] | ||||
| * 'netequip_boot': Indicates that the device supports the retrieval | * 'netequip_boot': Indicates that the device supports the retrieval | |||
| of netequip boot event logs. | of netequip boot event logs. [netequip-boot-log] | |||
| 2.1.1.2. Identities | 2.1.1.2. Identities | |||
| This module supports the following types of attestation event logs: | This module supports the following types of attestation event logs: | |||
| 'bios', 'ima', and 'netequip_boot'. | 'bios', 'ima', and 'netequip_boot'. | |||
| 2.1.1.3. Remote Procedure Calls (RPCs) | 2.1.1.3. Remote Procedure Calls (RPCs) | |||
| In the following, RPCs for both TPM 1.2 and TPM 2.0 attestation | In the following, RPCs for both TPM 1.2 and TPM 2.0 attestation | |||
| procedures are defined. | procedures are defined. | |||
| skipping to change at page 7, line 17 ¶ | skipping to change at page 6, line 17 ¶ | |||
| xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
| <certificate-name> | <certificate-name> | |||
| (identifier of a TPM signature key with which the Verifier is | (identifier of a TPM signature key with which the Verifier is | |||
| supposed to sign the attestation data) | supposed to sign the attestation data) | |||
| </certificate-name> | </certificate-name> | |||
| <nonce> | <nonce> | |||
| 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9 | 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9 | |||
| </nonce> | </nonce> | |||
| <tpm20-pcr-selection> | <tpm20-pcr-selection> | |||
| <tpm20-hash-algo | <tpm20-hash-algo | |||
| xmlns:taa="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | |||
| taa:TPM_ALG_SHA256 | TPM_ALG_SHA256 | |||
| </tpm20-hash-algo> | </tpm20-hash-algo> | |||
| <pcr-index>0</pcr-index> | <pcr-index>0</pcr-index> | |||
| <pcr-index>1</pcr-index> | <pcr-index>1</pcr-index> | |||
| <pcr-index>2</pcr-index> | <pcr-index>2</pcr-index> | |||
| <pcr-index>3</pcr-index> | <pcr-index>3</pcr-index> | |||
| <pcr-index>4</pcr-index> | <pcr-index>4</pcr-index> | |||
| <pcr-index>5</pcr-index> | <pcr-index>5</pcr-index> | |||
| <pcr-index>6</pcr-index> | <pcr-index>6</pcr-index> | |||
| <pcr-index>7</pcr-index> | <pcr-index>7</pcr-index> | |||
| </tpm20-pcr-selection> | </tpm20-pcr-selection> | |||
| </tpm20-challenge-response-attestation> | </tpm20-challenge-response-attestation> | |||
| </rpc> | </rpc> | |||
| A successful response could be formatted as follows: | A successful response could be formatted as follows: | |||
| <rpc-reply message-id="101" | <rpc-reply message-id="101" | |||
| xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
| <tpm20-attestation-response | <tpm20-attestation-response | |||
| xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
| <certificate-name | <certificate-name | |||
| xmlns:ks=urn:ietf:params:xml:ns:yang:ietf-keystore> | xmlns="urn:ietf:params:xml:ns:yang:ietf-keystore"> | |||
| ks:(instance of Certificate name in the Keystore) | (instance of Certificate name in the Keystore) | |||
| </certificate-name> | </certificate-name> | |||
| <attestation-data> | <attestation-data> | |||
| (raw attestation data, i.e. the TPM quote; this includes | (raw attestation data, i.e. the TPM quote; this includes | |||
| a composite digest of requested PCRs, the nonce, | a composite digest of requested PCRs, the nonce, | |||
| and TPM 2.0 time information.) | and TPM 2.0 time information.) | |||
| </attestation-data> | </attestation-data> | |||
| <quote-signature> | <quote-signature> | |||
| (signature over attestation-data using the TPM key | (signature over attestation-data using the TPM key | |||
| identified by sig-key-id) | identified by sig-key-id) | |||
| </quote-signature> | </quote-signature> | |||
| skipping to change at page 12, line 12 ¶ | skipping to change at page 11, line 12 ¶ | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | |||
| itself for full legal notices. | itself for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | |||
| are to be interpreted as described in BCP 14 (RFC 2119) | are to be interpreted as described in BCP 14 (RFC 2119) | |||
| (RFC 8174) when, and only when, they appear in all | (RFC 8174) when, and only when, they appear in all | |||
| capitals, as shown here."; | capitals, as shown here."; | |||
| revision 2021-08-11 { | revision 2021-11-16 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "draft-ietf-rats-yang-tpm-charra"; | "draft-ietf-rats-yang-tpm-charra"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Features */ | /* Features */ | |||
| /*****************/ | /*****************/ | |||
| skipping to change at page 12, line 35 ¶ | skipping to change at page 11, line 35 ¶ | |||
| "The device supports the remote attestation of multiple | "The device supports the remote attestation of multiple | |||
| TPM based cryptoprocessors."; | TPM based cryptoprocessors."; | |||
| } | } | |||
| feature bios { | feature bios { | |||
| description | description | |||
| "The device supports the bios logs."; | "The device supports the bios logs."; | |||
| reference | reference | |||
| "https://trustedcomputinggroup.org/wp-content/uploads/ | "https://trustedcomputinggroup.org/wp-content/uploads/ | |||
| PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | |||
| Section 9.4.5.2"; | Section 9.4.5.2 and | |||
| https://trustedcomputinggroup.org/resource/ | ||||
| tcg-efi-platform-specification/ Version 1.22, Revision 15"; | ||||
| } | } | |||
| feature ima { | feature ima { | |||
| description | description | |||
| "The device supports Integrity Measurement Architecture logs."; | "The device supports Integrity Measurement Architecture logs. | |||
| Many variants of IMA logs exist in the deployment. Each encodes | ||||
| the log entry contents as the specific measurements which get | ||||
| hashed into a PCRs as Evidence. See the reference below for | ||||
| one example of such an encoding."; | ||||
| reference | reference | |||
| "https://www.trustedcomputinggroup.org/wp-content/uploads/ | "https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
| TCG_IWG_CEL_v1_r0p30_13feb2021.pdf Section 4.3"; | TCG_IWG_CEL_v1_r0p30_13feb2021.pdf Section 4.3"; | |||
| } | } | |||
| feature netequip_boot { | feature netequip_boot { | |||
| description | description | |||
| "The device supports the netequip_boot logs."; | "The device supports the netequip_boot logs."; | |||
| reference | ||||
| "https://www.kernel.org/doc/Documentation/ABI/testing/ima_policy"; | ||||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Typedefs */ | /* Typedefs */ | |||
| /*****************/ | /*****************/ | |||
| typedef pcr { | typedef pcr { | |||
| type uint8 { | type uint8 { | |||
| range "0..31"; | range "0..31"; | |||
| } | } | |||
| skipping to change at page 15, line 20 ¶ | skipping to change at page 14, line 28 ¶ | |||
| description | description | |||
| "A random number intended to be used once to show freshness | "A random number intended to be used once to show freshness | |||
| and to allow the detection of replay attacks."; | and to allow the detection of replay attacks."; | |||
| leaf nonce-value { | leaf nonce-value { | |||
| type binary; | type binary; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "A cryptographically generated random number which should | "A cryptographically generated random number which should | |||
| not be predictable prior to its issuance from a random | not be predictable prior to its issuance from a random | |||
| number generation function. The random number MUST be | number generation function. The random number MUST be | |||
| derived from an entropy source external to the Attester."; | derived from an entropy source external to the Attester. | |||
| Note that a nonce sent into a TPM will typically be 160 or 256 | ||||
| binary digits long. (This is 20 or 32 bytes.) So if fewer | ||||
| binary are sent, this nonce object will be padded | ||||
| with leading zeros any in Quotes returned from the TPM. | ||||
| Additionally if more bytes are sent, the nonce will be trimmed | ||||
| to the most significant binary digits."; | ||||
| } | } | |||
| } | } | |||
| grouping tpm12-pcr-selection { | grouping tpm12-pcr-selection { | |||
| description | description | |||
| "A Verifier can request one or more PCR values using its | "A Verifier can request one or more PCR values using its | |||
| individually created Attestation Key Certificate (AC). | individually created Attestation Key Certificate (AC). | |||
| The corresponding selection filter is represented in this | The corresponding selection filter is represented in this | |||
| grouping. | grouping. | |||
| Requesting a PCR value that is not in scope of the AC used, | Requesting a PCR value that is not in scope of the AC used, | |||
| skipping to change at page 17, line 40 ¶ | skipping to change at page 17, line 7 ¶ | |||
| measurements. It is supplemented by unsigned Attester | measurements. It is supplemented by unsigned Attester | |||
| information."; | information."; | |||
| uses node-uptime; | uses node-uptime; | |||
| leaf TPM_QUOTE2 { | leaf TPM_QUOTE2 { | |||
| type binary; | type binary; | |||
| description | description | |||
| "Result of a TPM1.2 Quote2 operation. This includes PCRs, | "Result of a TPM1.2 Quote2 operation. This includes PCRs, | |||
| signatures, locality, the provided nonce and other data which | signatures, locality, the provided nonce and other data which | |||
| can be further parsed to appraise the Attester."; | can be further parsed to appraise the Attester."; | |||
| reference | reference | |||
| "TPM1.2 commands rev116 July 2007, Section 16.5"; | "TPM1.2 commands rev116 July 2007, Section 16.5 | |||
| https://trustedcomputinggroup.org/wp-content/uploads | ||||
| /TPM-Main-Part-3-Commands_v1.2_rev116_01032011.pdf"; | ||||
| } | } | |||
| } | } | |||
| grouping tpm20-attestation { | grouping tpm20-attestation { | |||
| description | description | |||
| "Contains an instance of TPM2 style signed cryptoprocessor | "Contains an instance of TPM2 style signed cryptoprocessor | |||
| measurements. It is supplemented by unsigned Attester | measurements. It is supplemented by unsigned Attester | |||
| information."; | information."; | |||
| leaf TPMS_QUOTE_INFO { | leaf TPMS_QUOTE_INFO { | |||
| type binary; | type binary; | |||
| skipping to change at page 18, line 38 ¶ | skipping to change at page 18, line 7 ¶ | |||
| necessarily make it easy for a Verifier to appraise just the | necessarily make it easy for a Verifier to appraise just the | |||
| minimum set of PCR information which has changed since the last | minimum set of PCR information which has changed since the last | |||
| received TPM2B_DIGEST. Put another way, why should a Verifier | received TPM2B_DIGEST. Put another way, why should a Verifier | |||
| reconstruct the proper value of all PCR Quotes when only a | reconstruct the proper value of all PCR Quotes when only a | |||
| single PCR has changed? | single PCR has changed? | |||
| To help this happen, if the Attester does know specific PCR | To help this happen, if the Attester does know specific PCR | |||
| values, the Attester can provide these individual values via | values, the Attester can provide these individual values via | |||
| 'unsigned-pcr-values'. By comparing this information to the | 'unsigned-pcr-values'. By comparing this information to the | |||
| what has previously been validated, it is possible for a | what has previously been validated, it is possible for a | |||
| Verifier to confirm the Attester's signature while eliminating | Verifier to confirm the Attester's signature while eliminating | |||
| significant processing."; | significant processing. There should never be a result where | |||
| an unsigned PCR value is actually that that within a quote. | ||||
| If there is a difference, a signed result which has been | ||||
| verified from retrieved logs is considered definitive."; | ||||
| uses tpm20-hash-algo; | uses tpm20-hash-algo; | |||
| list pcr-values { | list pcr-values { | |||
| key "pcr-index"; | key "pcr-index"; | |||
| description | description | |||
| "List of one PCR bank."; | "List of one PCR bank."; | |||
| leaf pcr-index { | leaf pcr-index { | |||
| type pcr; | type pcr; | |||
| description | description | |||
| "PCR index number."; | "PCR index number."; | |||
| } | } | |||
| skipping to change at page 33, line 44 ¶ | skipping to change at page 33, line 10 ¶ | |||
| 3. *Specific algorithm types*: Each algorithm type defines what | 3. *Specific algorithm types*: Each algorithm type defines what | |||
| cryptographic functions may be supported, and on which type of | cryptographic functions may be supported, and on which type of | |||
| API specification. It is not required that an implementation of | API specification. It is not required that an implementation of | |||
| a specific TPM will support all algorithm types. The contents of | a specific TPM will support all algorithm types. The contents of | |||
| each specific algorithm mirrors what is in Table 3 of | each specific algorithm mirrors what is in Table 3 of | |||
| [TCG-Algos]. | [TCG-Algos]. | |||
| 2.1.2.3. YANG Module | 2.1.2.3. YANG Module | |||
| <CODE BEGINS> file "ietf-tcg-algs@2021-05-11.yang" | <CODE BEGINS> file "ietf-tcg-algs@2021-11-05.yang" | |||
| module ietf-tcg-algs { | module ietf-tcg-algs { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | |||
| prefix taa; | prefix taa; | |||
| organization | organization | |||
| "IETF RATS Working Group"; | "IETF RATS Working Group"; | |||
| contact | contact | |||
| "WG Web: <http://datatracker.ietf.org/wg/rats/> | "WG Web: <http://datatracker.ietf.org/wg/rats/> | |||
| skipping to change at page 34, line 31 ¶ | skipping to change at page 33, line 45 ¶ | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | |||
| itself for full legal notices. | itself for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | |||
| are to be interpreted as described in BCP 14 (RFC 2119) | are to be interpreted as described in BCP 14 (RFC 2119) | |||
| (RFC 8174) when, and only when, they appear in all | (RFC 8174) when, and only when, they appear in all | |||
| capitals, as shown here."; | capitals, as shown here."; | |||
| revision 2021-05-11 { | revision 2021-11-05 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC XXXX: tbd"; | "RFC XXXX: tbd"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Features */ | /* Features */ | |||
| /*****************/ | /*****************/ | |||
| feature tpm12 { | feature tpm12 { | |||
| description | description | |||
| "This feature indicates algorithm support for the TPM 1.2 API | "This feature indicates algorithm support for the TPM 1.2 API | |||
| as per TPM-main-1.2-Rev94-part-2, Section 4.8."; | as per Section 4.8 of TPM Main Part 2 TPM Structures | |||
| https://trustedcomputinggroup.org/wp-content/uploads/ | ||||
| TPM-main-1.2-Rev94-part-2.pdf"; | ||||
| } | } | |||
| feature tpm20 { | feature tpm20 { | |||
| description | description | |||
| "This feature indicates algorithm support for the TPM 2.0 API | "This feature indicates algorithm support for the TPM 2.0 API | |||
| as per TPM-Rev-2.0-Part-1-Architecture-01.38 Section 11.4."; | as per Section 11.4 of Trusted Platform Module Library | |||
| Part 1: Architecture | ||||
| https://trustedcomputinggroup.org/wp-content/uploads/ | ||||
| TPM-Rev-2.0-Part-1-Architecture-01.38.pdf"; | ||||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Identities */ | /* Identities */ | |||
| /*****************/ | /*****************/ | |||
| /* There needs to be collasping/verification of some of the identity | ||||
| types between the various algorithm types listed below */ | ||||
| identity asymmetric { | identity asymmetric { | |||
| description | description | |||
| "A TCG recognized asymmetric algorithm with a public and | "A TCG recognized asymmetric algorithm with a public and | |||
| private key."; | private key."; | |||
| reference | reference | |||
| "http://trustedcomputinggroup.org/resource/tcg-algorithm-registry/ | "TCG Algorithm Registry Revision 01.32 Table 2 | |||
| TCG_Algorithm_Registry_r1p32_pub Table 2"; | http://trustedcomputinggroup.org/resource/tcg-algorithm-registry/ | |||
| TCG-_Algorithm_Registry_r1p32_pub"; | ||||
| } | } | |||
| identity symmetric { | identity symmetric { | |||
| description | description | |||
| "A TCG recognized symmetric algorithm with only a private key."; | "A TCG recognized symmetric algorithm with only a private key."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity hash { | identity hash { | |||
| description | description | |||
| "A TCG recognized hash algorithm that compresses input data to | "A TCG recognized hash algorithm that compresses input data to | |||
| a digest value or indicates a method that uses a hash."; | a digest value or indicates a method that uses a hash."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity signing { | identity signing { | |||
| description | description | |||
| "A TCG recognized signing algorithm"; | "A TCG recognized signing algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity anonymous_signing { | identity anonymous_signing { | |||
| description | description | |||
| "A TCG recognized anonymous signing algorithm."; | "A TCG recognized anonymous signing algorithm."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity encryption_mode { | identity encryption_mode { | |||
| description | description | |||
| "A TCG recognized encryption mode."; | "A TCG recognized encryption mode."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity method { | identity method { | |||
| description | description | |||
| "A TCG recognized method such as a mask generation function."; | "A TCG recognized method such as a mask generation function."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity object_type { | identity object_type { | |||
| description | description | |||
| "A TCG recognized object type."; | "A TCG recognized object type."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 2"; | "TCG Algorithm Registry Revision 01.32 Table 2"; | |||
| } | } | |||
| identity cryptoprocessor { | identity cryptoprocessor { | |||
| description | description | |||
| "Base identity identifying a crytoprocessor."; | "Base identity identifying a crytoprocessor."; | |||
| } | } | |||
| identity tpm12 { | identity tpm12 { | |||
| if-feature "tpm12"; | if-feature "tpm12"; | |||
| base cryptoprocessor; | base cryptoprocessor; | |||
| skipping to change at page 37, line 8 ¶ | skipping to change at page 36, line 29 ¶ | |||
| identity TPM_ALG_RSA { | identity TPM_ALG_RSA { | |||
| if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
| base tpm12; | base tpm12; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base object_type; | base object_type; | |||
| description | description | |||
| "RSA algorithm"; | "RSA algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| RFC 8017. ALG_ID: 0x0001"; | RFC 8017. ALG_ID: 0x0001"; | |||
| } | } | |||
| identity TPM_ALG_TDES { | identity TPM_ALG_TDES { | |||
| if-feature "tpm12"; | if-feature "tpm12"; | |||
| base tpm12; | base tpm12; | |||
| base symmetric; | base symmetric; | |||
| description | description | |||
| "Block cipher with various key sizes (Triple Data Encryption | "Block cipher with various key sizes (Triple Data Encryption | |||
| Algorithm, commonly called Triple Data Encryption Standard) | Algorithm, commonly called Triple Data Encryption Standard) | |||
| Note: was banned in TPM1.2 v94"; | Note: was banned in TPM1.2 v94"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 18033-3. ALG_ID: 0x0003"; | ISO/IEC 18033-3. ALG_ID: 0x0003"; | |||
| } | } | |||
| identity TPM_ALG_SHA1 { | identity TPM_ALG_SHA1 { | |||
| if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
| base hash; | base hash; | |||
| base tpm12; | base tpm12; | |||
| base tpm20; | base tpm20; | |||
| description | description | |||
| "SHA1 algorithm - Deprecated due to insufficient cryptographic | "SHA1 algorithm - Deprecated due to insufficient cryptographic | |||
| protection. However it is still useful for hash algorithms | protection. However it is still useful for hash algorithms | |||
| where protection is not required."; | where protection is not required."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10118-3. ALG_ID: 0x0004"; | ISO/IEC 10118-3. ALG_ID: 0x0004"; | |||
| } | } | |||
| identity TPM_ALG_HMAC { | identity TPM_ALG_HMAC { | |||
| if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
| base tpm12; | base tpm12; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Hash Message Authentication Code (HMAC) algorithm"; | "Hash Message Authentication Code (HMAC) algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3, | "TCG Algorithm Registry Revision 01.32 Table 3, | |||
| ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005"; | ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005"; | |||
| } | } | |||
| identity TPM_ALG_AES { | identity TPM_ALG_AES { | |||
| if-feature "tpm12"; | if-feature "tpm12"; | |||
| base tpm12; | base tpm12; | |||
| base symmetric; | base symmetric; | |||
| description | description | |||
| "The AES algorithm with various key sizes"; | "The AES algorithm with various key sizes"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 18033-3. ALG_ID: 0x0006"; | ISO/IEC 18033-3. ALG_ID: 0x0006"; | |||
| } | } | |||
| identity TPM_ALG_MGF1 { | identity TPM_ALG_MGF1 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base method; | base method; | |||
| description | description | |||
| "hash-based mask-generation function"; | "hash-based mask-generation function"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3, | "TCG Algorithm Registry Revision 01.32 Table 3, | |||
| IEEE Std 1363-2000 and IEEE Std 1363a -2004. | IEEE Std 1363-2000 and IEEE Std 1363a-2004. | |||
| ALG_ID: 0x0007"; | ALG_ID: 0x0007"; | |||
| } | } | |||
| identity TPM_ALG_KEYEDHASH { | identity TPM_ALG_KEYEDHASH { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base object_type; | base object_type; | |||
| description | description | |||
| "An encryption or signing algorithm using a keyed hash. These | "An encryption or signing algorithm using a keyed hash. These | |||
| may use XOR for encryption or an HMAC for signing and may | may use XOR for encryption or an HMAC for signing and may | |||
| also refer to a data object that is neither signing nor | also refer to a data object that is neither signing nor | |||
| encrypting."; | encrypting."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. . ALG_ID: 0x0008"; | TCG TPM 2.0 library specification. ALG_ID: 0x0008"; | |||
| } | } | |||
| identity TPM_ALG_XOR { | identity TPM_ALG_XOR { | |||
| if-feature "tpm12 or tpm20"; | if-feature "tpm12 or tpm20"; | |||
| base tpm12; | base tpm12; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base symmetric; | base symmetric; | |||
| description | description | |||
| "The XOR encryption algorithm."; | "The XOR encryption algorithm."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x000A"; | TCG TPM 2.0 library specification. ALG_ID: 0x000A"; | |||
| } | } | |||
| identity TPM_ALG_SHA256 { | identity TPM_ALG_SHA256 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SHA 256 algorithm"; | "The SHA 256 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10118-3. ALG_ID: 0x000B"; | ISO/IEC 10118-3. ALG_ID: 0x000B"; | |||
| } | } | |||
| identity TPM_ALG_SHA384 { | identity TPM_ALG_SHA384 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SHA 384 algorithm"; | "The SHA 384 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10118-3. ALG_ID: 0x000C"; | ISO/IEC 10118-3. ALG_ID: 0x000C"; | |||
| } | } | |||
| identity TPM_ALG_SHA512 { | identity TPM_ALG_SHA512 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SHA 512 algorithm"; | "The SHA 512 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10118-3. ALG_ID: 0x000D"; | ISO/IEC 10118-3. ALG_ID: 0x000D"; | |||
| } | } | |||
| identity TPM_ALG_NULL { | identity TPM_ALG_NULL { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| description | description | |||
| "NULL algorithm"; | "NULL algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x0010"; | TCG TPM 2.0 library specification. ALG_ID: 0x0010"; | |||
| } | } | |||
| identity TPM_ALG_SM3_256 { | identity TPM_ALG_SM3_256 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SM3 hash algorithm."; | "The SM3 hash algorithm."; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| GM/T 0004-2012 - SM3_256. ALG_ID: 0x0012"; | ISO/IEC 10118-3:2018. ALG_ID: 0x0012"; | |||
| } | } | |||
| identity TPM_ALG_SM4 { | identity TPM_ALG_SM4 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| description | description | |||
| "SM4 symmetric block cipher"; | "SM4 symmetric block cipher"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| GB/T 32907-2016. ALG_ID: 0x0013"; | GB/T 32907-2016. ALG_ID: 0x0013"; | |||
| } | } | |||
| identity TPM_ALG_RSASSA { | identity TPM_ALG_RSASSA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)"; | "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)"; | |||
| skipping to change at page 40, line 32 ¶ | skipping to change at page 40, line 4 ¶ | |||
| GB/T 32907-2016. ALG_ID: 0x0013"; | GB/T 32907-2016. ALG_ID: 0x0013"; | |||
| } | } | |||
| identity TPM_ALG_RSASSA { | identity TPM_ALG_RSASSA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)"; | "Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. | "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017. | |||
| ALG_ID: 0x0014"; | ALG_ID: 0x0014"; | |||
| } | } | |||
| identity TPM_ALG_RSAES { | identity TPM_ALG_RSAES { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)"; | "Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017 | "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017 | |||
| ALG_ID: 0x0015"; | ALG_ID: 0x0015"; | |||
| } | } | |||
| identity TPM_ALG_RSAPSS { | identity TPM_ALG_RSAPSS { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Padding algorithm defined in section 8.1 (RSASSA PSS)"; | "Padding algorithm defined in section 8.1 (RSASSA PSS)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. | "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017. | |||
| ALG_ID: 0x0016"; | ALG_ID: 0x0016"; | |||
| } | } | |||
| identity TPM_ALG_OAEP { | identity TPM_ALG_OAEP { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Padding algorithm defined in section 7.1 (RSASSA OAEP)"; | "Padding algorithm defined in section 7.1 (RSASSA OAEP)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017. | "TCG Algorithm Registry Revision 01.32 Table 3 and RFC 8017. | |||
| ALG_ID: 0x0017"; | ALG_ID: 0x0017"; | |||
| } | } | |||
| identity TPM_ALG_ECDSA { | identity TPM_ALG_ECDSA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Signature algorithm using elliptic curve cryptography (ECC)"; | "Signature algorithm using elliptic curve cryptography (ECC)"; | |||
| skipping to change at page 41, line 32 ¶ | skipping to change at page 41, line 4 ¶ | |||
| ALG_ID: 0x0017"; | ALG_ID: 0x0017"; | |||
| } | } | |||
| identity TPM_ALG_ECDSA { | identity TPM_ALG_ECDSA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Signature algorithm using elliptic curve cryptography (ECC)"; | "Signature algorithm using elliptic curve cryptography (ECC)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 14888-3. ALG_ID: 0x0018"; | ISO/IEC 14888-3. ALG_ID: 0x0018"; | |||
| } | } | |||
| identity TPM_ALG_ECDH { | identity TPM_ALG_ECDH { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base method; | base method; | |||
| description | description | |||
| "Secret sharing using ECC"; | "Secret sharing using ECC"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-56A and RFC 7748. ALG_ID: 0x0019"; | NIST SP800-56A and RFC 7748. ALG_ID: 0x0019"; | |||
| } | } | |||
| identity TPM_ALG_ECDAA { | identity TPM_ALG_ECDAA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| base anonymous_signing; | base anonymous_signing; | |||
| description | description | |||
| "Elliptic-curve based anonymous signing scheme"; | "Elliptic-curve based anonymous signing scheme"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x001A"; | TCG TPM 2.0 library specification. ALG_ID: 0x001A"; | |||
| } | } | |||
| identity TPM_ALG_SM2 { | identity TPM_ALG_SM2 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| base method; | base method; | |||
| description | description | |||
| "SM2 - depending on context, either an elliptic-curve based, | "SM2 - depending on context, either an elliptic-curve based, | |||
| signature algorithm, an encryption scheme, or a key exchange | signature algorithm, an encryption scheme, or a key exchange | |||
| protocol"; | protocol"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| A GM/T 0003.1-2012, GM/T 0003.2-2012, GM/T 0003.3-2012, | GB/T 32918.1-2016, GB/T 32918.2-2016, GB/T 32918.3-2016, GB/T | |||
| GM/T 0003.5-2012 SM2. ALG_ID: 0x001B"; | 32918.4-2016, GB/T 32918.5-2017. ALG_ID: 0x001B"; | |||
| } | } | |||
| identity TPM_ALG_ECSCHNORR { | identity TPM_ALG_ECSCHNORR { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Elliptic-curve based Schnorr signature"; | "Elliptic-curve based Schnorr signature"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x001C"; | TCG TPM 2.0 library specification. ALG_ID: 0x001C"; | |||
| } | } | |||
| identity TPM_ALG_ECMQV { | identity TPM_ALG_ECMQV { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base method; | base method; | |||
| description | description | |||
| "Two-phase elliptic-curve key"; | "Two-phase elliptic-curve key"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-56A. ALG_ID: 0x001D"; | NIST SP800-56A. ALG_ID: 0x001D"; | |||
| } | } | |||
| identity TPM_ALG_KDF1_SP800_56A { | identity TPM_ALG_KDF1_SP800_56A { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base method; | base method; | |||
| description | description | |||
| "Concatenation key derivation function"; | "Concatenation key derivation function"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-56A (approved alternative1) section 5.8.1. | NIST SP800-56A (approved alternative1) section 5.8.1. | |||
| ALG_ID: 0x0020"; | ALG_ID: 0x0020"; | |||
| } | } | |||
| identity TPM_ALG_KDF2 { | identity TPM_ALG_KDF2 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| base method; | base method; | |||
| description | description | |||
| "Key derivation function"; | "Key derivation function"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021"; | IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021"; | |||
| } | } | |||
| identity TPM_ALG_KDF1_SP800_108 { | identity TPM_ALG_KDF1_SP800_108 { | |||
| base TPM_ALG_KDF2; | base TPM_ALG_KDF2; | |||
| description | description | |||
| "A key derivation method"; | "A key derivation method"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022"; | NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022"; | |||
| } | } | |||
| identity TPM_ALG_ECC { | identity TPM_ALG_ECC { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base object_type; | base object_type; | |||
| description | description | |||
| "Prime field ECC"; | "Prime field ECC"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 15946-1. ALG_ID: 0x0023"; | ISO/IEC 15946-1. ALG_ID: 0x0023"; | |||
| } | } | |||
| identity TPM_ALG_SYMCIPHER { | identity TPM_ALG_SYMCIPHER { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| description | description | |||
| "Object type for a symmetric block cipher"; | "Object type for a symmetric block cipher"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x0025"; | TCG TPM 2.0 library specification. ALG_ID: 0x0025"; | |||
| } | } | |||
| identity TPM_ALG_CAMELLIA { | identity TPM_ALG_CAMELLIA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| description | description | |||
| "The Camellia algorithm"; | "The Camellia algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 18033-3. ALG_ID: 0x0026"; | ISO/IEC 18033-3. ALG_ID: 0x0026"; | |||
| } | } | |||
| identity TPM_ALG_SHA3_256 { | identity TPM_ALG_SHA3_256 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "ISO/IEC 10118-3 - the SHA 256 algorithm"; | "ISO/IEC 10118-3 - the SHA 256 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST PUB FIPS 202. ALG_ID: 0x0027"; | NIST PUB FIPS 202. ALG_ID: 0x0027"; | |||
| } | } | |||
| identity TPM_ALG_SHA3_384 { | identity TPM_ALG_SHA3_384 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SHA 384 algorithm"; | "The SHA 384 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST PUB FIPS 202. ALG_ID: 0x0028"; | NIST PUB FIPS 202. ALG_ID: 0x0028"; | |||
| } | } | |||
| identity TPM_ALG_SHA3_512 { | identity TPM_ALG_SHA3_512 { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base hash; | base hash; | |||
| description | description | |||
| "The SHA 512 algorithm"; | "The SHA 512 algorithm"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST PUB FIPS 202. ALG_ID: 0x0029"; | NIST PUB FIPS 202. ALG_ID: 0x0029"; | |||
| } | } | |||
| identity TPM_ALG_CMAC { | identity TPM_ALG_CMAC { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "block Cipher-based Message Authentication Code (CMAC)"; | "block Cipher-based Message Authentication Code (CMAC)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F"; | ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F"; | |||
| } | } | |||
| identity TPM_ALG_CTR { | identity TPM_ALG_CTR { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Counter mode"; | "Counter mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10116. ALG_ID: 0x0040"; | ISO/IEC 10116. ALG_ID: 0x0040"; | |||
| } | } | |||
| identity TPM_ALG_OFB { | identity TPM_ALG_OFB { | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Output Feedback mode"; | "Output Feedback mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10116. ALG_ID: 0x0041"; | ISO/IEC 10116. ALG_ID: 0x0041"; | |||
| } | } | |||
| identity TPM_ALG_CBC { | identity TPM_ALG_CBC { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Cipher Block Chaining mode"; | "Cipher Block Chaining mode"; | |||
| skipping to change at page 46, line 4 ¶ | skipping to change at page 45, line 25 ¶ | |||
| ISO/IEC 10116. ALG_ID: 0x0041"; | ISO/IEC 10116. ALG_ID: 0x0041"; | |||
| } | } | |||
| identity TPM_ALG_CBC { | identity TPM_ALG_CBC { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Cipher Block Chaining mode"; | "Cipher Block Chaining mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10116. ALG_ID: 0x0042"; | ISO/IEC 10116. ALG_ID: 0x0042"; | |||
| } | } | |||
| identity TPM_ALG_CFB { | identity TPM_ALG_CFB { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Cipher Feedback mode"; | "Cipher Feedback mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10116. ALG_ID: 0x0043"; | ISO/IEC 10116. ALG_ID: 0x0043"; | |||
| } | } | |||
| identity TPM_ALG_ECB { | identity TPM_ALG_ECB { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Electronic Codebook mode"; | "Electronic Codebook mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| ISO/IEC 10116. ALG_ID: 0x0044"; | ISO/IEC 10116. ALG_ID: 0x0044"; | |||
| } | } | |||
| identity TPM_ALG_CCM { | identity TPM_ALG_CCM { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Counter with Cipher Block Chaining-Message Authentication | "Counter with Cipher Block Chaining-Message Authentication | |||
| skipping to change at page 46, line 44 ¶ | skipping to change at page 46, line 17 ¶ | |||
| identity TPM_ALG_CCM { | identity TPM_ALG_CCM { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Counter with Cipher Block Chaining-Message Authentication | "Counter with Cipher Block Chaining-Message Authentication | |||
| Code (CCM)"; | Code (CCM)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-38C. ALG_ID: 0x0050"; | NIST SP800-38C. ALG_ID: 0x0050"; | |||
| } | } | |||
| identity TPM_ALG_GCM { | identity TPM_ALG_GCM { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Galois/Counter Mode (GCM)"; | "Galois/Counter Mode (GCM)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-38D. ALG_ID: 0x0051"; | NIST SP800-38D. ALG_ID: 0x0051"; | |||
| } | } | |||
| identity TPM_ALG_KW { | identity TPM_ALG_KW { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "AES Key Wrap (KW)"; | "AES Key Wrap (KW)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-38F. ALG_ID: 0x0052"; | NIST SP800-38F. ALG_ID: 0x0052"; | |||
| } | } | |||
| identity TPM_ALG_KWP { | identity TPM_ALG_KWP { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "AES Key Wrap with Padding (KWP)"; | "AES Key Wrap with Padding (KWP)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-38F. ALG_ID: 0x0053"; | NIST SP800-38F. ALG_ID: 0x0053"; | |||
| } | } | |||
| identity TPM_ALG_EAX { | identity TPM_ALG_EAX { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base signing; | base signing; | |||
| base encryption_mode; | base encryption_mode; | |||
| description | description | |||
| "Authenticated-Encryption Mode"; | "Authenticated-Encryption Mode"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| NIST SP800-38F. ALG_ID: 0x0054"; | NIST SP800-38F. ALG_ID: 0x0054"; | |||
| } | } | |||
| identity TPM_ALG_EDDSA { | identity TPM_ALG_EDDSA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base asymmetric; | base asymmetric; | |||
| base signing; | base signing; | |||
| description | description | |||
| "Edwards-curve Digital Signature Algorithm (PureEdDSA)"; | "Edwards-curve Digital Signature Algorithm (PureEdDSA)"; | |||
| reference | reference | |||
| "TCG_Algorithm_Registry_r1p32_pub Table 3 and | "TCG Algorithm Registry Revision 01.32 Table 3 and | |||
| RFC 8032. ALG_ID: 0x0060"; | RFC 8032. ALG_ID: 0x0060"; | |||
| } | } | |||
| } | } | |||
| <CODE ENDS> | <CODE ENDS> | |||
| Note that not all cryptographic functions are required for use by | Note that not all cryptographic functions are required for use by | |||
| "ietf-tpm-remote-attestation.yang". However the full definition of | ietf-tpm-remote-attestation.yang. However the full definition of | |||
| Table 3 of [TCG-Algos] will allow use by additional YANG | Table 3 of [TCG-Algos] will allow use by additional YANG | |||
| specifications. | specifications. | |||
| 3. IANA Considerations | 3. IANA Considerations | |||
| This document registers the following namespace URIs in the "ns" | This document registers the following namespace URIs in the "ns" | |||
| class of the IETF XML Registry [IANA.xml-registry] as per [RFC3688]: | class of the IETF XML Registry [IANA.xml-registry] as per [RFC3688]: | |||
| URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation | URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation | |||
| skipping to change at page 49, line 15 ¶ | skipping to change at page 48, line 36 ¶ | |||
| Name: ietf-tcg-algs | Name: ietf-tcg-algs | |||
| Namespace: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | Namespace: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | |||
| Prefix: taa | Prefix: taa | |||
| Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | |||
| 4. Security Considerations | 4. Security Considerations | |||
| The YANG module specified in this document defines a schema for data | The YANG module ietf-tpm-remote-attestation.yang specified in this | |||
| that is designed to be accessed via network management protocols such | document defines a schema for data that is designed to be accessed | |||
| as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer | via network management protocols such as NETCONF [RFC6241] or | |||
| is the secure transport layer, and the mandatory-to-implement secure | RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport | |||
| transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer | layer, and the mandatory-to-implement secure transport is Secure | |||
| is HTTPS, and the mandatory-to-implement secure transport is TLS | Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the | |||
| [RFC8446]. | mandatory-to-implement secure transport is TLS [RFC8446]. | |||
| There are a number of data nodes defined in this YANG module that are | There are a number of data nodes defined in this YANG module that are | |||
| writable/creatable/deletable (i.e., _config true_, which is the | writable/creatable/deletable (i.e., _config true_, which is the | |||
| default). These data nodes may be considered sensitive or vulnerable | default). These data nodes may be considered sensitive or vulnerable | |||
| in some network environments. Write operations (e.g., _edit-config_) | in some network environments. Write operations (e.g., _edit-config_) | |||
| to these data nodes without proper protection can have a negative | to these data nodes without proper protection can have a negative | |||
| effect on network operations. These are the subtrees and data nodes | effect on network operations. These are the subtrees and data nodes | |||
| as well as their sensitivity/vulnerability: | as well as their sensitivity/vulnerability: | |||
| Container '/rats-support-structures/attester-supported-algos': 'tpm1 | Container '/rats-support-structures/attester-supported-algos': 'tpm1 | |||
| skipping to change at page 50, line 4 ¶ | skipping to change at page 49, line 24 ¶ | |||
| 'tpm20-pcr-bank': It is possible to configure PCRs for extraction | 'tpm20-pcr-bank': It is possible to configure PCRs for extraction | |||
| which are not being extended by system software. This could | which are not being extended by system software. This could | |||
| unnecessarily use TPM resources. | unnecessarily use TPM resources. | |||
| 'certificates': It is possible to provision a certificate which | 'certificates': It is possible to provision a certificate which | |||
| does not correspond to an Attestation Identity Key (AIK) within | does not correspond to an Attestation Identity Key (AIK) within | |||
| the TPM 1.2, or an Attestation Key (AK) within the TPM 2.0 | the TPM 1.2, or an Attestation Key (AK) within the TPM 2.0 | |||
| respectively. | respectively. | |||
| RPC 'tpm12-challenge-response-attestation': It must be verified that | RPC 'tpm12-challenge-response-attestation': It must be verified that | |||
| the certificate is for an active AIK, i. e. the certificate | the certificate is for an active AIK, i.e., the certificate | |||
| provided is able to support Attestation on the targeted TPM 1.2. | provided is able to support Attestation on the targeted TPM 1.2. | |||
| RPC 'tpm20-challenge-response-attestation': It must be verified that | RPC 'tpm20-challenge-response-attestation': It must be verified that | |||
| the certificate is for an active AK, i. e. the certificate | the certificate is for an active AK, i.e., the quote signature | |||
| provided is able to support Attestation on the targeted TPM 2.0. | associated with RPC response has been generated by an entity | |||
| legitimately able to perform Attestation on the targeted TPM 2.0. | ||||
| RPC 'log-retrieval': Pulling lots of logs can chew up system | RPC 'log-retrieval': Requesting a large volume of logs from the | |||
| resources. | attester could require significant system resources and create a | |||
| denial of service. | ||||
| Information collected through the RPCs above could reveal that | ||||
| specific versions of software and configurations of endpoints that | ||||
| could identify vulnerabilities on those systems. Therefore RPCs | ||||
| should be protected by NACM [RFC8341] to limit the extraction of | ||||
| attestation data by only authorized Verifiers. | ||||
| For the YANG module ietf-tcg-algs.yang, please use care when | ||||
| selecting specific algorithms. The introductory section of | ||||
| [TCG-Algos] highlights that some algorithms should be considered | ||||
| legacy, and recommends implementers and adopters diligently evaluate | ||||
| available information such as governmental, industrial, and academic | ||||
| research before selecting an algorithm for use. | ||||
| 5. Change Log | 5. Change Log | |||
| Changes from version 08 to version 09: | Changes from version 08 to version 09: | |||
| * AD Review comments | ||||
| Changes from version 08 to version 09: | ||||
| * Minor formatting tweaks for shepherd. IANA registered. | * Minor formatting tweaks for shepherd. IANA registered. | |||
| Changes from version 05 to version 06: | Changes from version 05 to version 06: | |||
| * More YANG Dr comments covered | * More YANG Dr comments covered | |||
| Changes from version 04 to version 05: | Changes from version 04 to version 05: | |||
| * YANG Dr comments covered | * YANG Dr comments covered | |||
| skipping to change at page 51, line 37 ¶ | skipping to change at page 51, line 31 ¶ | |||
| * Relabeled name to tpm_name | * Relabeled name to tpm_name | |||
| * Removed event-string in last-entry | * Removed event-string in last-entry | |||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [I-D.ietf-netconf-keystore] | [I-D.ietf-netconf-keystore] | |||
| Watsen, K., "A YANG Data Model for a Keystore", Work in | Watsen, K., "A YANG Data Model for a Keystore", Work in | |||
| Progress, Internet-Draft, draft-ietf-netconf-keystore-22, | Progress, Internet-Draft, draft-ietf-netconf-keystore-23, | |||
| 18 May 2021, <https://www.ietf.org/archive/id/draft-ietf- | 14 December 2021, <https://www.ietf.org/archive/id/draft- | |||
| netconf-keystore-22.txt>. | ietf-netconf-keystore-23.txt>. | |||
| [I-D.ietf-rats-architecture] | [I-D.ietf-rats-architecture] | |||
| Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | |||
| W. Pan, "Remote Attestation Procedures Architecture", Work | W. Pan, "Remote Attestation Procedures Architecture", Work | |||
| in Progress, Internet-Draft, draft-ietf-rats-architecture- | in Progress, Internet-Draft, draft-ietf-rats-architecture- | |||
| 12, 23 April 2021, <https://www.ietf.org/archive/id/draft- | 14, 9 December 2021, <https://www.ietf.org/archive/id/ | |||
| ietf-rats-architecture-12.txt>. | draft-ietf-rats-architecture-14.txt>. | |||
| [I-D.ietf-rats-tpm-based-network-device-attest] | [I-D.ietf-rats-tpm-based-network-device-attest] | |||
| Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | |||
| based Network Device Remote Integrity Verification", Work | based Network Device Remote Integrity Verification", Work | |||
| in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | |||
| network-device-attest-08, 26 July 2021, | network-device-attest-10, 30 December 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | |||
| based-network-device-attest-08.txt>. | based-network-device-attest-10.txt>. | |||
| [IANA.xml-registry] | [IANA.xml-registry] | |||
| IANA, "IETF XML Registry", | IANA, "IETF XML Registry", | |||
| <http://www.iana.org/assignments/xml-registry>. | <http://www.iana.org/assignments/xml-registry>. | |||
| [IANA.yang-parameters] | [IANA.yang-parameters] | |||
| IANA, "YANG Parameters", | IANA, "YANG Parameters", | |||
| <http://www.iana.org/assignments/yang-parameters>. | <http://www.iana.org/assignments/yang-parameters>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| skipping to change at page 52, line 30 ¶ | skipping to change at page 52, line 27 ¶ | |||
| [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | |||
| DOI 10.17487/RFC3688, January 2004, | DOI 10.17487/RFC3688, January 2004, | |||
| <https://www.rfc-editor.org/info/rfc3688>. | <https://www.rfc-editor.org/info/rfc3688>. | |||
| [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | |||
| the Network Configuration Protocol (NETCONF)", RFC 6020, | the Network Configuration Protocol (NETCONF)", RFC 6020, | |||
| DOI 10.17487/RFC6020, October 2010, | DOI 10.17487/RFC6020, October 2010, | |||
| <https://www.rfc-editor.org/info/rfc6020>. | <https://www.rfc-editor.org/info/rfc6020>. | |||
| [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | ||||
| and A. Bierman, Ed., "Network Configuration Protocol | ||||
| (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | ||||
| <https://www.rfc-editor.org/info/rfc6241>. | ||||
| [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | ||||
| Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | ||||
| <https://www.rfc-editor.org/info/rfc6242>. | ||||
| [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | |||
| RFC 6991, DOI 10.17487/RFC6991, July 2013, | RFC 6991, DOI 10.17487/RFC6991, July 2013, | |||
| <https://www.rfc-editor.org/info/rfc6991>. | <https://www.rfc-editor.org/info/rfc6991>. | |||
| [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | ||||
| Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | ||||
| <https://www.rfc-editor.org/info/rfc8040>. | ||||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | ||||
| Access Control Model", STD 91, RFC 8341, | ||||
| DOI 10.17487/RFC8341, March 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8341>. | ||||
| [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | |||
| YANG Data Model for Hardware Management", RFC 8348, | YANG Data Model for Hardware Management", RFC 8348, | |||
| DOI 10.17487/RFC8348, March 2018, | DOI 10.17487/RFC8348, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8348>. | <https://www.rfc-editor.org/info/rfc8348>. | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | ||||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8446>. | ||||
| [TCG-Algos] | [TCG-Algos] | |||
| "TCG_Algorithm_Registry_r1p32_pub", n.d., | "TCG_Algorithm_Registry_r1p32_pub", n.d., | |||
| <https://trustedcomputinggroup.org/resource/tcg-algorithm- | <https://trustedcomputinggroup.org/resource/tcg-algorithm- | |||
| registry/>. | registry/>. | |||
| [TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003, | [TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003, | |||
| <https://trustedcomputinggroup.org/resource/tpm-main- | <https://trustedcomputinggroup.org/resource/tpm-main- | |||
| specification/>. | specification/>. | |||
| [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, | [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, | |||
| <https://trustedcomputinggroup.org/resource/tpm-library- | <https://trustedcomputinggroup.org/resource/tpm-library- | |||
| specification/>. | specification/>. | |||
| [TPM2.0-Key] | [TPM2.0-Key] | |||
| TCG, ., "TPM 2.0 Keys for Device Identity and Attestation, | TCG, ., "TPM 2.0 Keys for Device Identity and Attestation, | |||
| Rev10", 14 April 2021, <https://trustedcomputinggroup.org/ | Rev10", 14 April 2021, <https://trustedcomputinggroup.org/ | |||
| wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf>. | wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf>. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [bios-log] "TCG PC Client Platform Firmware Profile Specification, | ||||
| Section 9.4.5.2", n.d., | ||||
| <https://trustedcomputinggroup.org/wp-content/uploads/PC-C | ||||
| lientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf | ||||
| >. | ||||
| [I-D.ietf-rats-reference-interaction-models] | [I-D.ietf-rats-reference-interaction-models] | |||
| Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | |||
| Interaction Models for Remote Attestation Procedures", | Interaction Models for Remote Attestation Procedures", | |||
| Work in Progress, Internet-Draft, draft-ietf-rats- | Work in Progress, Internet-Draft, draft-ietf-rats- | |||
| reference-interaction-models-04, 26 July 2021, | reference-interaction-models-04, 26 July 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-rats- | <https://www.ietf.org/archive/id/draft-ietf-rats- | |||
| reference-interaction-models-04.txt>. | reference-interaction-models-04.txt>. | |||
| [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | [ima-log] "Canonical Event Log Format, Section 4.3", n.d., | |||
| and A. Bierman, Ed., "Network Configuration Protocol | <https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
| (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | TCG_IWG_CEL_v1_r0p30_13feb2021.pdf>. | |||
| <https://www.rfc-editor.org/info/rfc6241>. | ||||
| [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | [netequip-boot-log] | |||
| Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | "IMA Policy Kernel Documentation", n.d., | |||
| <https://www.rfc-editor.org/info/rfc6242>. | <https://www.kernel.org/doc/Documentation/ABI/testing/ | |||
| ima_policy>. | ||||
| [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | [NIST-915121] | |||
| Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | "True Randomness Can't be Left to Chance: Why entropy is | |||
| <https://www.rfc-editor.org/info/rfc8040>. | important for information security", n.d., | |||
| <https://tsapps.nist.gov/publication/ | ||||
| get_pdf.cfm?pub_id=915121>. | ||||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [PC-Client-EFI-TPM-1.2] | |||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Trusted Computing Group, "TCG EFI Platform Specification | |||
| <https://www.rfc-editor.org/info/rfc8446>. | for TPM Family 1.1 or 1.2, Specification Version 1.22, | |||
| Revision 15", 1 January 2014, | ||||
| <https://trustedcomputinggroup.org/resource/tcg-efi- | ||||
| platform-specification/>. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Henk Birkholz | Henk Birkholz | |||
| Fraunhofer SIT | Fraunhofer SIT | |||
| Rheinstrasse 75 | Rheinstrasse 75 | |||
| 64295 Darmstadt | 64295 Darmstadt | |||
| Germany | Germany | |||
| Email: henk.birkholz@sit.fraunhofer.de | Email: henk.birkholz@sit.fraunhofer.de | |||
| End of changes. 111 change blocks. | ||||
| 139 lines changed or deleted | 218 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||