Platform Configuration Registers Open Config Standard based proto definitions for External Vendors #11
Conversation
…o Definitions for External Vendors
…initions for External Vendors
proto/pcr.proto
Outdated
| message GetResponse { | ||
| string image_version = 1; // Refers to the the version of the software/firmware | ||
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| string HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. |
There was a problem hiding this comment.
Should be just HashAlgo. Please remove the leftover "string"
proto/pcr.proto
Outdated
| string image_version = 1; // Refers to the the version of the software/firmware | ||
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| string HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. | ||
| RootOfTrustMeasurement measurement = 1; // Refers to the TPM (Trusted Platform Module) version supported by each Control Card |
There was a problem hiding this comment.
nit: I think root_of_trust would better fit instead of measurement
proto/pcr.proto
Outdated
| HASH_ALGO_SHA512 = 4; | ||
| } | ||
|
|
||
| enum RootOfTrustMeasurement { |
There was a problem hiding this comment.
RootOfTrustForMeasurement would be better I think. WDYT?
| } | ||
| message PcrValues { | ||
| int32 pcr_index = 1; // Refers to the PCR index value | ||
| repeated BootStage boot_stage = 2; // Refers to a quick reference name to define PCR measurement content associated with the pcr index. eg - UEFI Boot Manager Code=pcr_4 |
There was a problem hiding this comment.
i am not clear how this is meant to be used?
There was a problem hiding this comment.
This is only for informational purpose.
| message GetRequest { | ||
| string image_version = 1; // Refers to the the version of the software/firmware | ||
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| string HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. |
There was a problem hiding this comment.
that is invalid syntax remove string
| } | ||
|
|
||
| message GetResponse { | ||
| string image_version = 1; // Refers to the the version of the software/firmware |
There was a problem hiding this comment.
since these comments are long move them to above the attributes
| string image_version = 1; // Refers to the the version of the software/firmware | ||
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. | ||
| RootOfTrustMeasurement root_of_trust = 1; // Refers to the TPM (Trusted Platform Module) version supported by each Control Card |
There was a problem hiding this comment.
i think one of these is more accurate here?
RootOfTrustType or RootOfTrustVersion
|
|
||
| // Get RPC Messages | ||
| message GetRequest { | ||
| string image_version = 1; // Refers to the the version of the software/firmware |
There was a problem hiding this comment.
Is image_version referring to a software_version retrieved from FetchSoftwareVersions? Should there be another string field under GetRequest to refer to a bootloader_version?
| CONTAINER_IMAGES = 19; | ||
| OTHER = 20; | ||
| } | ||
| message PcrValues { |
There was a problem hiding this comment.
minor nitpick but since this message type only stores a single pcr_index should it actually be message PcrValue? Correspondingly, the pcr_values field in line 67 should be the singular pcr_value?
There was a problem hiding this comment.
slight update here: I found out that in some limited cases it actually may be possible for there to be 2 different valid PCR values for the same index. To handle this it would make sense to update the pcr_values field here to be a list: repeated bytes pcr_values
In that case, you could disregard my comment about the pluralization of the message/field names.
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. | ||
| RootOfTrustMeasurement root_of_trust = 1; // Refers to the TPM (Trusted Platform Module) version supported by each Control Card | ||
| google.protobuf.Timestamp timestamp = 2; // Time of PCR Artifact Collection |
There was a problem hiding this comment.
Is this just a timestamp of when the server forms and sends a GetResponse? I would be curious how the client uses this.
| string image_version = 1; // Refers to the the version of the software/firmware | ||
| string hardware_model = 2; // Refers to hardware model for the collected PCR | ||
| HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank. |
There was a problem hiding this comment.
is it intentional for the GetResponse to repeat these exact same fields that the GetRequest has (image_version, hardware_model, hash_algorithm)?
There was a problem hiding this comment.
The response field will also be used to deliver PCRs with the image binary.
Mihir, can you create a structure for these three and use the structure here instead?
i.e.
message MeasurementIdentitifer {
string image_version = 1; // Refers to the the version of the software/firmware
string hardware_model = 2; // Refers to hardware model for the collected PCR
HashAlgo hash_algorithm = 4; // Hash algorithm of the selected PCR bank.
}
....
message GetResponse {
MeasurementIdentitifer identifier = 1;
RootOfTrustMeasurement root_of_trust = 2;
...
}
message GetRequest {
MeasurementIdentitifer identifier = 1;
}
4 participants
Description
The current lack of a unified standard for vendors to provide Platform Configuration Register (PCR) values—characterized by less secure delivery methods like Excel or JSON and disparate data formats—severely hampers the scalability and reliability of Google’s Attestation service for network infrastructure.
This fragmentation necessitates manual data entry and creates significant operational toil, ultimately slowing down the integrity verification process for network devices. To resolve this, we propose a standardized OpenConfig schema and protobuf-based framework that mandates vendors to deliver PCR values in a consistent, hex-standardized format via secure endpoints with every software release. By automating the ingestion of these measurements, the solution ensures a more reliable and efficient way to verify device trustworthiness across the network.