module ietf-tcg-algs {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs";
prefix taa;
organization
"IETF RATS Working Group";
contact
"WG Web:
WG List:
Author: Eric Voit ";
description
"This module defines a identities for asymmetric algorithms.
Copyright (c) 2021 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
revision 2021-05-11 {
description
"Initial version";
reference
"RFC XXXX: tbd";
}
/*****************/
/* Features */
/*****************/
feature tpm12 {
description
"This feature indicates algorithm support for the TPM 1.2 API
as per TPM-main-1.2-Rev94-part-2, Section 4.8.";
}
feature tpm20 {
description
"This feature indicates algorithm support for the TPM 2.0 API
as per TPM-Rev-2.0-Part-1-Architecture-01.38 Section 11.4.";
}
/*****************/
/* Identities */
/*****************/
/* There needs to be collasping/verification of some of the identity
types between the various algorithm types listed below */
identity asymmetric {
description
"A TCG recognized asymmetric algorithm with a public and
private key.";
reference
"http://trustedcomputinggroup.org/resource/tcg-algorithm-registry/
TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity symmetric {
description
"A TCG recognized symmetric algorithm with only a private key.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity hash {
description
"A TCG recognized hash algorithm that compresses input data to
a digest value or indicates a method that uses a hash.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity signing {
description
"A TCG recognized signing algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity anonymous_signing {
description
"A TCG recognized anonymous signing algorithm.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity encryption_mode {
description
"A TCG recognized encryption mode.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity method {
description
"A TCG recognized method such as a mask generation function.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity object_type {
description
"A TCG recognized object type.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 2";
}
identity cryptoprocessor {
description
"Base identity identifying a crytoprocessor.";
}
identity tpm12 {
if-feature "tpm12";
base cryptoprocessor;
description
"Supportable by a TPM1.2.";
reference
"TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf
TPM_ALGORITHM_ID values, page 18";
}
identity tpm20 {
if-feature "tpm12";
base cryptoprocessor;
description
"Supportable by a TPM2.";
reference
"TPM-Rev-2.0-Part-2-Structures-01.38.pdf
The TCG Algorithm Registry. Table 9";
}
identity TPM_ALG_RSA {
if-feature "tpm12 or tpm20";
base tpm12;
base tpm20;
base asymmetric;
base object_type;
description
"RSA algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
RFC 8017. ALG_ID: 0x0001";
}
identity TPM_ALG_TDES {
if-feature "tpm12";
base tpm12;
base symmetric;
description
"Block cipher with various key sizes (Triple Data Encryption
Algorithm, commonly called Triple Data Encryption Standard)
Note: was banned in TPM1.2 v94";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0003";
}
identity TPM_ALG_SHA1 {
if-feature "tpm12 or tpm20";
base hash;
base tpm12;
base tpm20;
description
"SHA1 algorithm - Deprecated due to insufficient cryptographic
protection. However it is still useful for hash algorithms
where protection is not required.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x0004";
}
identity TPM_ALG_HMAC {
if-feature "tpm12 or tpm20";
base tpm12;
base tpm20;
base hash;
base signing;
description
"Hash Message Authentication Code (HMAC) algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3,
ISO/IEC 9797-2 and RFC2014. ALG_ID: 0x0005";
}
identity TPM_ALG_AES {
if-feature "tpm12";
base tpm12;
base symmetric;
description
"The AES algorithm with various key sizes";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0006";
}
identity TPM_ALG_MGF1 {
if-feature "tpm20";
base tpm20;
base hash;
base method;
description
"hash-based mask-generation function";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3,
IEEE Std 1363-2000 and IEEE Std 1363a -2004.
ALG_ID: 0x0007";
}
identity TPM_ALG_KEYEDHASH {
if-feature "tpm20";
base tpm20;
base hash;
base object_type;
description
"An encryption or signing algorithm using a keyed hash. These
may use XOR for encryption or an HMAC for signing and may
also refer to a data object that is neither signing nor
encrypting.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. . ALG_ID: 0x0008";
}
identity TPM_ALG_XOR {
if-feature "tpm12 or tpm20";
base tpm12;
base tpm20;
base hash;
base symmetric;
description
"The XOR encryption algorithm.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x000A";
}
identity TPM_ALG_SHA256 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SHA 256 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000B";
}
identity TPM_ALG_SHA384 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SHA 384 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000C";
}
identity TPM_ALG_SHA512 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SHA 512 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10118-3. ALG_ID: 0x000D";
}
identity TPM_ALG_NULL {
if-feature "tpm20";
base tpm20;
description
"NULL algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x0010";
}
identity TPM_ALG_SM3_256 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SM3 hash algorithm.";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
GM/T 0004-2012 - SM3_256. ALG_ID: 0x0012";
}
identity TPM_ALG_SM4 {
if-feature "tpm20";
base tpm20;
base symmetric;
description
"SM4 symmetric block cipher";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
GB/T 32907-2016. ALG_ID: 0x0013";
}
identity TPM_ALG_RSASSA {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
description
"Signature algorithm defined in section 8.2 (RSASSAPKCS1-v1_5)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0014";
}
identity TPM_ALG_RSAES {
if-feature "tpm20";
base tpm20;
base asymmetric;
base encryption_mode;
description
"Signature algorithm defined in section 7.2 (RSAES-PKCS1-v1_5)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017
ALG_ID: 0x0015";
}
identity TPM_ALG_RSAPSS {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
description
"Padding algorithm defined in section 8.1 (RSASSA PSS)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0016";
}
identity TPM_ALG_OAEP {
if-feature "tpm20";
base tpm20;
base asymmetric;
base encryption_mode;
description
"Padding algorithm defined in section 7.1 (RSASSA OAEP)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and RFC 8017.
ALG_ID: 0x0017";
}
identity TPM_ALG_ECDSA {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
description
"Signature algorithm using elliptic curve cryptography (ECC)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 14888-3. ALG_ID: 0x0018";
}
identity TPM_ALG_ECDH {
if-feature "tpm20";
base tpm20;
base asymmetric;
base method;
description
"Secret sharing using ECC";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A and RFC 7748. ALG_ID: 0x0019";
}
identity TPM_ALG_ECDAA {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
base anonymous_signing;
description
"Elliptic-curve based anonymous signing scheme";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x001A";
}
identity TPM_ALG_SM2 {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
base encryption_mode;
base method;
description
"SM2 - depending on context, either an elliptic-curve based,
signature algorithm, an encryption scheme, or a key exchange
protocol";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
A GM/T 0003.1-2012, GM/T 0003.2-2012, GM/T 0003.3-2012,
GM/T 0003.5-2012 SM2. ALG_ID: 0x001B";
}
identity TPM_ALG_ECSCHNORR {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
description
"Elliptic-curve based Schnorr signature";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x001C";
}
identity TPM_ALG_ECMQV {
if-feature "tpm20";
base tpm20;
base asymmetric;
base method;
description
"Two-phase elliptic-curve key";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A. ALG_ID: 0x001D";
}
identity TPM_ALG_KDF1_SP800_56A {
if-feature "tpm20";
base tpm20;
base hash;
base method;
description
"Concatenation key derivation function";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-56A (approved alternative1) section 5.8.1.
ALG_ID: 0x0020";
}
identity TPM_ALG_KDF2 {
if-feature "tpm20";
base tpm20;
base hash;
base method;
description
"Key derivation function";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
IEEE 1363a-2004 KDF2 section 13.2. ALG_ID: 0x0021";
}
identity TPM_ALG_KDF1_SP800_108 {
base TPM_ALG_KDF2;
description
"A key derivation method";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-108 - Section 5.1 KDF. ALG_ID: 0x0022";
}
identity TPM_ALG_ECC {
if-feature "tpm20";
base tpm20;
base asymmetric;
base object_type;
description
"Prime field ECC";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 15946-1. ALG_ID: 0x0023";
}
identity TPM_ALG_SYMCIPHER {
if-feature "tpm20";
base tpm20;
description
"Object type for a symmetric block cipher";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
TCG TPM 2.0 library specification. ALG_ID: 0x0025";
}
identity TPM_ALG_CAMELLIA {
if-feature "tpm20";
base tpm20;
base symmetric;
description
"The Camellia algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 18033-3. ALG_ID: 0x0026";
}
identity TPM_ALG_SHA3_256 {
if-feature "tpm20";
base tpm20;
base hash;
description
"ISO/IEC 10118-3 - the SHA 256 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0027";
}
identity TPM_ALG_SHA3_384 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SHA 384 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0028";
}
identity TPM_ALG_SHA3_512 {
if-feature "tpm20";
base tpm20;
base hash;
description
"The SHA 512 algorithm";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST PUB FIPS 202. ALG_ID: 0x0029";
}
identity TPM_ALG_CMAC {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
description
"block Cipher-based Message Authentication Code (CMAC)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 9797-1:2011 Algorithm 5. ALG_ID: 0x003F";
}
identity TPM_ALG_CTR {
if-feature "tpm20";
base tpm20;
base symmetric;
base encryption_mode;
description
"Counter mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0040";
}
identity TPM_ALG_OFB {
base tpm20;
base symmetric;
base encryption_mode;
description
"Output Feedback mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0041";
}
identity TPM_ALG_CBC {
if-feature "tpm20";
base tpm20;
base symmetric;
base encryption_mode;
description
"Cipher Block Chaining mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0042";
}
identity TPM_ALG_CFB {
if-feature "tpm20";
base tpm20;
base symmetric;
base encryption_mode;
description
"Cipher Feedback mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0043";
}
identity TPM_ALG_ECB {
if-feature "tpm20";
base tpm20;
base symmetric;
base encryption_mode;
description
"Electronic Codebook mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
ISO/IEC 10116. ALG_ID: 0x0044";
}
identity TPM_ALG_CCM {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
base encryption_mode;
description
"Counter with Cipher Block Chaining-Message Authentication
Code (CCM)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38C. ALG_ID: 0x0050";
}
identity TPM_ALG_GCM {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
base encryption_mode;
description
"Galois/Counter Mode (GCM)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38D. ALG_ID: 0x0051";
}
identity TPM_ALG_KW {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
base encryption_mode;
description
"AES Key Wrap (KW)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0052";
}
identity TPM_ALG_KWP {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
base encryption_mode;
description
"AES Key Wrap with Padding (KWP)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0053";
}
identity TPM_ALG_EAX {
if-feature "tpm20";
base tpm20;
base symmetric;
base signing;
base encryption_mode;
description
"Authenticated-Encryption Mode";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
NIST SP800-38F. ALG_ID: 0x0054";
}
identity TPM_ALG_EDDSA {
if-feature "tpm20";
base tpm20;
base asymmetric;
base signing;
description
"Edwards-curve Digital Signature Algorithm (PureEdDSA)";
reference
"TCG_Algorithm_Registry_r1p32_pub Table 3 and
RFC 8032. ALG_ID: 0x0060";
}
}