lamps-wg · gmandyam · Jan 2, 2025 · Jan 3, 2025 · Jan 3, 2025 · Jan 3, 2025
diff --git a/draft-ietf-lamps-csr-attestation.md b/draft-ietf-lamps-csr-attestation.md
@@ -77,6 +77,7 @@ informative:
   I-D.bft-rats-kat:
   RFC7030:
   I-D.tschofenig-rats-psa-token:
+  I-D.ffm-rats-cca-token:
   TPM20:
     author:
       org: Trusted Computing Group
@@ -1181,6 +1182,49 @@ the result of CBOR encoding the CMW collection shown below
 }
 ~~~
 
+## Confidential Compute Architecture (CCA) Platform Token in CSR
+
+The Confidential Compute Architecture (CCA) Platform Token is described in
+{{I-D.ffm-rats-cca-token}} and is also based on the EAT format.  Although the
+full CCA attestation is composed of realm and platform evidence, for the purposes
+of this example only the platform token is provided.  
-of this example only the platform token is provided.  
+of this example only the Platform token is provided.
-of this example only the platform token is provided.  
+of this example only the Platform token is provided.
+~~~
+EvidenceBundle
+   +
+   |
+   + Evidences
+   |
+   +---->  EvidenceStatement
+        +
+        |
+        +-> type: OID for CCA Platform Attestation Toekn
+        |         1 3 6 1 5 5 7 1 TBD
+        |
+        +-> stmt: CCA Platform Token
+~~~
+Although the CCA Platform Token follows the EAT/CMW format, it is untagged.
+This is because the encoding can be discerned in the CSR based on the OID alone.
+The untagged token based on a sample claim set is provided below:
+~~~
+{::include sampledata/cca.diag}
+~~~
+Realm evidence can be included in a CMW bundle, similar to the PSA token.
+In this case, the CSR is constructed as follows:
+~~~
+EvidenceBundle
+   +
+   |
+   + Evidences
+   |
+   +---->  EvidenceStatement
+        +
+        |
+        +-> type: OID for CMW Collection
+        |         1 3 6 1 5 5 7 1 TBD
+        |
+        +-> stmt: Realm Token/Platform Token CMW Collection or Realm Claim Set/Platform Token CMW collection
+~~~
+
 # ASN.1 Module
 
 ~~~

diff --git a/sampledata/cca.diag b/sampledata/cca.diag
@@ -0,0 +1,32 @@
+
+/ Sample Platform Claims Set in CDDL                          /
+{
+   / cca-platform-profile / 265:"tag:arm.com,2023:cca_platform#1.0.0"
+   / arm-platform-challenge, SHA-256 calculation of ‘RAK’ / 10: h' c9cdc457ebe981d563b19b5a8e0e3cbef5b944d58e278c9c6779f77beb65bbd5’
+   / arm-platform-lifecycle / 2395: h'3000' /secured/
+   / arm-platform-sw-components / 2399: [ {1:"ROTFMC", 2:h'903a36d3a0a511ecac4548fee8601af54247c110ce220f680a0b274441729105’, 5:h'd4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9ea’},
+      {1:"ROTFW", 2:h'59d4116525e974b5b62ffd7c4ffcbaa0b98e08263403aeb6638797132d2af959’, 5:h'd4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9ea’} ]
+   /arm-platform-id/ 256: h’ 946338159d767f9f37098a00a60f133b6d57886fc656f5f9eed13760b4893fa1’
+   /arm-platform-implementation-id/ 2396: h’0000000000000000000000000000000000000000000000000000000000000001’
+}
+
+/ This is a full CWT-format token. The payload is a sample    /
-/ This is a full CWT-format token. The payload is a sample    /
+/ This is a full CWT-formatted token. The payload is a sample
-/ This is a full CWT-format token. The payload is a sample    /
+/ This is a full CWT-formatted token. The payload is a sample
+/ platform claimset. The main structure                       /
+/ visible is that of the COSE_Sign1.                          /
+
+61( 18( [
+    h'a10126',  / protected headers  /
+    {}, / empty unprotected headers / 
+    h’a419010978237461673a61726d2e636f6d2c323032333a6363615f706c74666f726d23312e392e300a580020c9cdc457ebe981d563b19b5a8e0e3cbef5b944d58e278c9c6779f77beb65bbd519095b42300019095f82
+      a30166524f54464d4302580020903a36d3a0a511ecac4548fee8601af54247c110ce220f680a0b27444172910505580020d4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9eaae0165524f
+      5446575800200259d4116525e974b5b62ffd7c4ffcbaa0b98e08263403aeb6638797132d2af95905580020d4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9ea1901007820946338159d76
+      7f9f37098a00a60f133b6d57886fc656f5f9eed13760b4893fa11a095c58200000000000000000000000000000000000000000000000000000000000000001' /payload/
+    h'cbbfa929cb9b846cb5527d7ef9b7657256412a5f22a6e1a8d3a0c71145022100db4b1b97913b1cd9d6e11c1fadbc0869882ba6644b9db09d221f198e3286654b' /signature/
+] ) )
+
+/Untagged serialized token/
+h'8443a10126a0590141a419010978237461673a61726d2e636f6d2c323032333a6363615f706c74666f726d23312e392e300a580020c9cdc457ebe981d563b19b5a8e0e3cbef5b944d58e278c9c6779f77beb65bbd519095b42300019095f82
+  a30166524f54464d4302580020903a36d3a0a511ecac4548fee8601af54247c110ce220f680a0b27444172910505580020d4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9eaae0165524f5446575800200259d4
+  116525e974b5b62ffd7c4ffcbaa0b98e08263403aeb6638797132d2af95905580020d4cf61e472d18c8e926ce0d44496674792587c88706e8a123b294c000895d9ea1901007820946338159d767f9f37098a00a60f133b6d57886fc656f5f9
+  eed13760b4893fa11a095c582000000000000000000000000000000000000000000000000000000000000000015840cbbfa929cb9b846cb5527d7ef9b7657256412a5f22a6e1a8d3a0c71145022100db4b1b97913b1cd9d6e11c1fadbc0869
+  882ba6644b9db09d221f198e3286654b'