-
Notifications
You must be signed in to change notification settings - Fork 8
/
ietf-tpm-remote-attestation.tree
122 lines (121 loc) · 6.04 KB
/
ietf-tpm-remote-attestation.tree
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
module: ietf-tpm-remote-attestation
+--rw rats-support-structures
+--rw compute-nodes {tpm:mtpm}?
| +--ro compute-node* [node-id]
| +--ro node-id string
| +--ro node-physical-index? int32 {hw:entity-mib}?
| +--ro node-name? string
| +--ro node-location? string
+--rw tpms
| +--rw tpm* [name]
| +--rw name string
| +--ro hardware-based boolean
| +--ro physical-index? int32 {hw:entity-mib}?
| +--ro path? string
| +--ro compute-node compute-node-ref {tpm:mtpm}?
| +--ro manufacturer? string
| +--rw firmware-version identityref
| +--rw tpm12-hash-algo? identityref {taa:tpm12}?
| +--rw tpm12-pcrs* pcr {taa:tpm12}?
| +--rw tpm20-pcr-bank* [tpm20-hash-algo] {taa:tpm20}?
| | +--rw tpm20-hash-algo identityref
| | +--rw pcr-index* tpm:pcr
| +--ro status enumeration
| +--rw certificates
| +--rw certificate* [name]
| +--rw name string
| +--rw keystore-ref? -> /ks:keystore/asymmetric-keys/asymmetric-key/name {ks:central-keystore-supported,ks:asymmetric-keys}?
| +--rw type? enumeration
+--rw attester-supported-algos
+--rw tpm12-asymmetric-signing* identityref {taa:tpm12}?
+--rw tpm12-hash* identityref {taa:tpm12}?
+--rw tpm20-asymmetric-signing* identityref {taa:tpm20}?
+--rw tpm20-hash* identityref {taa:tpm20}?
rpcs:
+---x tpm12-challenge-response-attestation {taa:tpm12}?
| +---w input
| | +---w tpm12-attestation-challenge
| | +---w pcr-index* pcr
| | +---w nonce binary
| | +---w certificate-name* certificate-name-ref {tpm:mtpm}?
| +--ro output
| +--ro tpm12-attestation-response* []
| +--ro certificate-name certificate-name-ref
| +--ro up-time? uint32
| +--ro pcr-data? binary
| +--ro version-info? binary
| +--ro sig? binary
+---x tpm20-challenge-response-attestation {taa:tpm20}?
| +---w input
| | +---w tpm20-attestation-challenge
| | +---w nonce binary
| | +---w tpm20-pcr-selection* []
| | | +---w tpm20-hash-algo? identityref
| | | +---w pcr-index* pcr
| | +---w certificate-name* certificate-name-ref {tpm:mtpm}?
| +--ro output
| +--ro tpm20-attestation-response* []
| +--ro certificate-name certificate-name-ref
| +--ro quote-data binary
| +--ro quote-signature? binary
| +--ro up-time? uint32
| +--ro unsigned-pcr-values* []
| +--ro tpm20-hash-algo? identityref
| +--ro pcr-values* [pcr-index]
| +--ro pcr-index pcr
| +--ro pcr-value? binary
+---x log-retrieval
+---w input
| +---w log-type identityref
| +---w log-selector* []
| +---w name* string
| +---w (index-type)?
| | +--:(last-entry)
| | | +---w last-entry-value? binary
| | +--:(index)
| | | +---w last-index-number? uint64
| | +--:(timestamp)
| | +---w timestamp? yang:date-and-time
| +---w log-entry-quantity? uint16
+--ro output
+--ro system-event-logs
+--ro node-data* []
+--ro name? string
+--ro up-time? uint32
+--ro log-result
+--ro (attested_event_log_type)
+--:(bios) {bios}?
| +--ro bios-event-logs
| +--ro bios-event-entry* [event-number]
| +--ro event-number uint32
| +--ro event-type? uint32
| +--ro pcr-index? pcr
| +--ro digest-list* []
| | +--ro hash-algo? identityref
| | +--ro digest* binary
| +--ro event-size? uint32
| +--ro event-data* binary
+--:(ima) {ima}?
| +--ro ima-event-logs
| +--ro ima-event-entry* [event-number]
| +--ro event-number uint64
| +--ro ima-template? string
| +--ro filename-hint? string
| +--ro filedata-hash? binary
| +--ro filedata-hash-algorithm? string
| +--ro template-hash-algorithm? string
| +--ro template-hash? binary
| +--ro pcr-index? pcr
| +--ro signature? binary
+--:(netequip_boot) {netequip_boot}?
+--ro boot-event-logs
+--ro boot-event-entry* [event-number]
+--ro event-number uint64
+--ro ima-template? string
+--ro filename-hint? string
+--ro filedata-hash? binary
+--ro filedata-hash-algorithm? string
+--ro template-hash-algorithm? string
+--ro template-hash? binary
+--ro pcr-index? pcr
+--ro signature? binary