TNC Client with PTS-IMC

This HOWTO explains in a step-for-step fashion how a strongSwan IPsec client with integrated TNC client functionality and an attached Platform Trust Service Integrity Measurement Collector (PTS-IMC) can provide remote attestation measurement data to a TNC server via the IKEv2 EAP-TTLS protocol.

Installation and Configuration

The following steps describe the installation of the strongSwan software

  wget http://download.strongswan.org/strongswan-4.6.2.tar.bz2
  tar xjf strongswan-4.6.2.tar.bz2
  cd strongswan-4.6.2
  ./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl
              --enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc
              --enable-tnccs-20 --enable-tnc-imc --enable-imc-attestation
  make
  [sudo] make install 

The strongSwan imc-attestation.so dynamic PTS-IMC library depends on the TrouSerS libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.

The connection between IPsec client carol and IPsec gateway moon is defined in the /etc/ipsec.conf file:

# ipsec.conf - strongSwan IPsec configuration file

config setup
     charondebug="tnc 3, imc 3, pts 3" 

conn home
     left=%any
     leftid=carol@strongswan.org
     leftauth=eap
     right=192.168.0.1
     rightid=@moon.strongswan.org
     rightauth=any
     rightsendcert=never
     rightsubnet=10.1.0.0/16
     auto=start

The debug levels for the TNC, IMC, and PTS components are increased to 3, so that HEX dumps of PB-TNC (IF-TNCCS 2.0) messages and PA-TNC (IF-M) attributes will be included in the log file.

The IKEv2 client carol is going to use EAP-based authentication with the user credentials being stored in the /etc/ipsec.secrets file:

# /etc/ipsec.secrets - strongSwan IPsec secrets file

carol@strongswan.org : EAP "Ar3etTnp" 

The following IKEv2 charon and Attestation IMC options are defined in the /etc/strongswan.conf file

# strongswan.conf - strongSwan configuration file

charon {
  load = sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke
  plugins {
    eap-tnc {
      protocol = tnccs-2.0
    }
    tnc-imc {
      preferred_language = en
    }
  }
}

libimcv {
  plugins {
    imc-attestation {
      aik_cert = /home/andi/privacyca/AIK_3_Cert.der
      aik_blob = /home/andi/privacyca/AIK_3_Blob.bin

      pcr17_meas   = d537d437f058136eb3d7be517dbe7647b623c619 
      pcr17_before = 1717171717171717171717171717171717171717 
      pcr17_after  = ffffffffffffffffffffffffffffffffffffffff 

      pcr18_meas   = 160d2b04d11eb225fb148615b699081869e15b6c 
      pcr18_before = 1818181818181818181818181818181818181818 
      pcr18_after  = ffffffffffffffffffffffffffffffffffffffff 
    }
  }
}

IKEv2 Negotiation

Startup and Initialization

The command

ipsec start

starts the TNC-enabled IPsec client:

FFeb 10 09:05:16 pin1212a00 charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2)
Feb 10 09:05:16 pin1212a00 charon: 00[KNL] listening on interfaces:
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]   eth0
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     152.96.31.100
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     fe80::219:99ff:feb3:92c3
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]   umlbr0
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     192.168.0.254
Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     fe80::9cb8:adff:fe5a:270a

The file /etc/tnc_config

# IMC configuration file for strongSwan client 

IMC "Attestation" /usr/lib/ipsec/imcvs/imc-attestation.so

defines which IMCs are loaded by the TNC client:

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] loading IMCs from '/etc/tnc_config'
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA1[sha1] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA256[openssl] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS measurement algorithm HASH_SHA384[openssl] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_2048[gmp] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1536[gmp] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1024[gmp] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS DH group ECP_256[openssl] available
Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group ECP_384[openssl] available
Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added IETF attributes
Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added ITA-HSR attributes
Feb 10 09:05:16 pin1212a00 charon: 00[LIB] libimcv initialized
Feb 10 09:05:16 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" initialized
Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added TCG attributes
Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added TCG functional component namespace
Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component namespace
Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader'
Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot'
Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Linux IMA'
Feb 10 09:05:16 pin1212a00 charon: 00[LIB] libpts initialized
Feb 10 09:05:16 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" provided with bind function
Feb 10 09:05:16 pin1212a00 charon: 00[TNC] IMC 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:16 pin1212a00 charon: 00[TNC] IMC 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imc-attestation.so'

Next the IKEv2 credential,all necessary plugins and the IPsec connection definition are loaded

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Feb 10 09:05:16 pin1212a00 charon: 00[CFG]   loaded EAP secret for carol@strongswan.org
Feb 10 09:05:16 pin1212a00 charon: 00[DMN] loaded plugins: sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke
Feb 10 09:05:16 pin1212a00 charon: 00[JOB] spawning 16 worker threads
Feb 10 09:05:16 pin1212a00 charon: 08[CFG] received stroke: add connection 'home'
Feb 10 09:05:16 pin1212a00 charon: 08[CFG] left nor right host is our side, assuming left=local
Feb 10 09:05:16 pin1212a00 charon: 08[CFG] added configuration 'home'

IKEv2 Exchanges

Due to auto=start the IKEv2 negotiation automatically initiates the IKE_SA_INIT exchange

Feb 10 09:05:24 pin1212a00 charon: 10[CFG] received stroke: initiate 'home'
Feb 10 09:05:24 pin1212a00 charon: 11[IKE] initiating IKE_SA home[1] to 192.168.0.1
Feb 10 09:05:24 pin1212a00 charon: 11[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Feb 10 09:05:24 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[500] to 192.168.0.1[500]
Feb 10 09:05:24 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.254[500]
Feb 10 09:05:24 pin1212a00 charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]

followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:

Feb 10 09:05:24 pin1212a00 charon: 12[IKE] establishing CHILD_SA home
Feb 10 09:05:24 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Feb 10 09:05:24 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 pin1212a00 charon: 06[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 06[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 06[IKE] server requested EAP_TTLS authentication (id 0x16)
Feb 10 09:05:24 pin1212a00 charon: 06[TLS] EAP_TTLS version is v0
Feb 10 09:05:24 pin1212a00 charon: 06[IKE] allow mutual EAP-only authentication

IKEv2 EAP-TTLS Tunnel

The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication

Feb 10 09:05:24 pin1212a00 charon: 06[ENC] generating IKE_AUTH request 2 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 06[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 14[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Feb 10 09:05:24 pin1212a00 charon: 14[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" 
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Feb 10 09:05:24 pin1212a00 charon: 14[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" 
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   crl is valid: until Mar 09 10:28:34 2012
Feb 10 09:05:24 pin1212a00 charon: 14[CFG] certificate status is good
Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   reached self-signed root ca with a path length of 0
Feb 10 09:05:24 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Tunneled EAP-Identity

Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity

Feb 10 09:05:24 pin1212a00 charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 03[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 03[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]
Feb 10 09:05:24 pin1212a00 charon: 03[IKE] server requested EAP_IDENTITY authentication (id 0x00)
Feb 10 09:05:24 pin1212a00 charon: 03[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]
Feb 10 09:05:24 pin1212a00 charon: 03[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 03[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Tunneled EAP-MD5 Client Authentication

Next follows an EAP-MD5 client authentication

Feb 10 09:05:24 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 08[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Feb 10 09:05:24 pin1212a00 charon: 08[IKE] server requested EAP_MD5 authentication (id 0x45)
Feb 10 09:05:24 pin1212a00 charon: 08[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]
Feb 10 09:05:24 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Tunneled EAP-TNC Transport

Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:

Feb 10 09:05:24 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 pin1212a00 charon: 09[IKE] server requested EAP_TNC authentication (id 0x1B)
Feb 10 09:05:24 pin1212a00 charon: 09[TLS] EAP_TNC version is v1

PB-TNC/IF-TNCCS 2.0 Connection

A new TNCCS connection is instantiated on the TNC client and its IF-TNCCS 2.0 state machine is set to the Init state.

IF-TNCCS 2.0 State Diagram

A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch is prepared and a PB-Language-Preference message for Englisch (en) is added:

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] assigned TNCCS Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] adding PB-Language-Preference message

An instance of the Attestation PTS-IMC is created which in a first step determines the client operating systen

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] platform is 'Ubuntu 11.04 i686'

and then loads the AIK certificate and the matching AIK private key, the latter in the form of a TPM-encrypted binary blob

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] loaded AIK certificate from '/home/seclab/privacyca/AIK_Cert.der'
Feb 10 09:05:24 pin1212a00 charon: 09[PTS] loaded AIK Blob from '/home/seclab/privacyca/AIK_Blob.bin'
Feb 10 09:05:24 pin1212a00 charon: 09[PTS] AIK Blob: => 559 bytes @ 0x9b5be20
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]    0: 01 01 00 00 00 12 00 00 00 04 00 00 00 00 01 00  ................
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   16: 01 00 02 00 00 00 0C 00 00 08 00 00 00 00 02 00  ................
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   32: 00 00 00 00 00 00 00 00 00 01 00 81 E3 38 7C 4D  .............8|M
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   48: 46 70 CB D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71  Fp..3b8P...(V.nq
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   64: CF AA E3 C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB  ....1...Sj..T.|.
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   80: 00 98 80 D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67  ....}.W..$.YH..g
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   96: 30 87 4F D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0  0.O.Y......'..W.
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  112: FE 1F AB EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D  .............tM=
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  128: B5 98 6D 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F  ..mW"t..A|.h.../
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  144: 57 54 CA 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC  WT.J..=37...oP..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  160: C2 D3 83 F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51  ....K..f..z....Q
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  176: 55 A2 8A AB F4 85 09 74 24 64 03 DD 65 1C 26 2F  U......t$d..e.&/
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  192: 35 08 BF 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E  5..W.(...[...lC~
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  208: DE D3 93 F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94  ......6.1..B.z..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  224: 93 9C 8F BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D  ....m.f.0...DM.m
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  240: 35 64 A6 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD  5d.......V.(;&..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  256: 6F 7F AD 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5  o..Eh<.}8..._v..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  272: 5E 8A 4B C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70  ^.K.+..'..<....p
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  288: CC D6 EF 57 F3 EF 37 A2 E6 B5 49 00 00 01 00 4C  ...W..7...I....L
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  304: DA 76 65 D0 54 8C F9 E8 B6 C4 9E 26 37 70 B4 45  .ve.T......&7p.E
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  320: C0 42 E0 A3 7A 3E 9D 57 96 B0 C8 68 DE 6A 84 76  .B..z>.W...h.j.v
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  336: 9A 9A E3 F9 D7 44 AB E0 A2 4B D2 3E 44 BD D9 92  .....D...K.>D...
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  352: 53 AF 6A 04 26 56 04 FC F9 43 D0 68 E3 63 AD 7B  S.j.&V...C.h.c.{
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  368: 5C A2 50 B8 BA A2 F0 53 8C 8B 3A 67 35 49 CA E4  \.P....S..:g5I..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  384: 35 A3 35 4B E7 31 D0 25 10 D4 6A B9 17 32 F9 53  5.5K.1.%..j..2.S
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  400: 22 E9 13 9D 13 E9 0D F0 59 55 33 36 5C A5 28 FB  ".......YU36\.(.
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  416: 86 88 69 69 F0 93 6F 4B 62 76 B0 0E 64 E9 69 2D  ..ii..oKbv..d.i-
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  432: 7D 9E 9E ED E1 1E 62 4C 63 AA D8 FD 87 86 77 3C  }.....bLc.....w<
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  448: C1 04 E8 63 81 54 FE 75 82 D8 36 96 67 6A D1 18  ...c.T.u..6.gj..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  464: 78 6C 7D 7B 8C BB 28 A0 AC 84 D8 7B 7E D0 55 38  xl}{..(....{~.U8
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  480: 80 64 4C 3A 38 E0 B0 1A FE A7 C8 C3 A1 F9 21 A5  .dL:8.........!.
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  496: D1 6F DE C4 CE 0B 62 D6 39 DA A4 35 45 B3 B6 D2  .o....b.9..5E...
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  512: D4 73 0B 82 28 B5 C1 79 88 85 D8 7D 54 38 E0 DA  .s..(..y...}T8..
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  528: 57 2C 57 C1 34 4D 26 B8 9F A3 81 5B 4A 98 E5 E6  W,W.4M&....[J...
Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  544: 89 94 25 A0 3F 9F 5A 3E CF A3 9A 0B 55 74 02     ..%.?.Z>....Ut.
Feb 10 09:05:24 pin1212a00 charon: 09[IMC] IMC 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1

Via the IF-IMC interface the PTS-IMC receives a 'Handshake' state change from the TNC client

Feb 10 09:05:24 pin1212a00 charon: 09[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Handshake'

The PTS-IMC generates a PA-TNC message of type TCG/PTS targeted at the remote PTS-IMV, containing a single PA-TNC attribute of type 'IETF/Product Information' with the client operating system information:

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PA-TNC message with ID 0x35c9dc7b
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] => 22 bytes @ 0x9b5c120
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]    0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30  .....Ubuntu 11.0
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   16: 34 20 69 36 38 36                                4 i686
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] adding PB-PA message

The PA-TNC message is received by the TNC client via the IF-IMC SendMessage call and is inserted together with the
PB-Language-Preference message into the PB-TNC CDATA batch which is then sent via the IKEv2 EAP-TTLS tunnel to the TNC server.

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] sending PB-TNC CDATA batch (105 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 09[TNC] => 105 bytes @ 0x9b5c890
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]    0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06  .......i........
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75  ....Accept-Langu
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00  age: en.........
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01  ..B..U..........
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   64: 00 00 00 35 C9 DC 7B 00 00 00 00 00 00 00 02 00  ...5..{.........
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31  ..".....Ubuntu 1
Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   96: 31 2E 30 34 20 69 36 38 36                       1.04 i686
Feb 10 09:05:24 pin1212a00 charon: 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

PTS Capability Discovery

As a response a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch is received from the TNC server

Feb 10 09:05:24 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] received TNCCS batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 72 bytes @ 0x9b56e82
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01  .......H........
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01  ...@..U.........
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 8B 08 8D AB 80 00 55 97 01 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   64: 00 00 00 10 00 00 80 00                          ........
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PB-TNC SDATA batch

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PB-PA message (64 bytes)
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

The PA-TNC message transferred via the IF-IMC interface to the PTS-IMC contains two PA-TNC attributes from the TCG/PTS namespace:

Feb 10 09:05:24 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC message with ID 0x8b088dab
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b57b5c
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 00 0E                                      ....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b57b6c
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 80 00                                      ....

namely the requests 'Request PTS Protocol Capabilities' and 'PTS Measurement Algorithm Request'. The PTS-IMV supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities and the PTS-IMC does as well.

Feb 10 09:05:24 pin1212a00 charon: 11[PTS] supported PTS protocol capabilities: .VDT.
Feb 10 09:05:24 pin1212a00 charon: 11[PTS] selected PTS measurement algorithm is HASH_SHA1

The PTS-IMV proposes SHA-1 only for the PTS measurement algorithm which is accepted by the PTS-IMC. These two selections are sent back to the PTS-IMV in a PA-TNC message containing the TCG attributes 'PTS Protocol Capabilities' and 'PTS Measurement Algorithm":

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC message with ID 0xace91f02
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b5bdd8
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 00 0E                                      ....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b5ac98
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 80 00                                      ....

This PA-TNC message is sent as a PB-PA payload in a PB-TNC CDATA batch to the TNC server:

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] adding PB-PA message
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] sending PB-TNC CDATA batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 72 bytes @ 0x9b5ce70
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01  .......H........
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF  ...@..U.........
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 AC E9 1F 02 00 00 55 97 02 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   64: 00 00 00 10 00 00 80 00                          ........
Feb 10 09:05:24 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

DH Nonce Parameters

The next PB-TNC SDATA batch is received:

Feb 10 09:05:24 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] received TNCCS batch (56 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 56 bytes @ 0x9b56e82
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01  .......8........
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01  ...0..U.........
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 D5 D8 B7 F7 80 00 55 97 03 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 00 00 00 10 00 00 F0 00                          ........
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PB-PA message (48 bytes)
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

The PA-TNC message contains a 'DH Nonce Parameters Request' from the TCG namespace

Feb 10 09:05:24 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0xd5d8b7f7
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9b5ce8c
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 00 00 F0 00                                      ....

and offers the set of IKE DH groups {2, 5, 14, 19} from which the PTS-IMC selects ECP_256 (group 14).

Feb 10 09:05:24 pin1212a00 charon: 12[PTS] selected PTS DH group is ECP_256
Feb 10 09:05:24 pin1212a00 charon: 12[PTS] nonce length is 20

The PTS-IMC also returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value:

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PA-TNC message with ID 0x4a9b2c31
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 92 bytes @ 0x9b5d478
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 00 00 00 14 10 00 E0 00 1D 14 23 06 97 7D E7 E3  ..........#..}..
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: AF AE B6 57 FB A3 58 DA 59 6A 4C D3 77 49 6B 4B  ...W..X.YjL.wIkK
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 5E 55 C4 04  65..'?b..[n|^U..
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 04 89 B4 98 66 31 6A A2 A2 4E 5E AC DE 57 B7 3B  ....f1j..N^..W.;
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   64: 97 72 08 A6 90 7C 3C FB FD B3 45 05 C5 4D 21 10  .r...|<...E..M!.
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   80: 0E 07 CE 94 B0 61 14 9F C1 22 10 93              .....a..."..

This PA-TNC message is carried in a PB-PA message encapsulated in a PB-TNC CDATA batch:

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] adding PB-PA message
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] sending PB-TNC CDATA batch (144 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 144 bytes @ 0x9b5d410
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01  ................
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 4A 9B 2C 31 00 00 55 97 04 00 00 00  ....J.,1..U.....
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 00 00 00 68 00 00 00 14 10 00 E0 00 1D 14 23 06  ...h..........#.
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   64: 97 7D E7 E3 AF AE B6 57 FB A3 58 DA 59 6A 4C D3  .}.....W..X.YjL.
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   80: 77 49 6B 4B 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C  wIkK65..'?b..[n|
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   96: 5E 55 C4 04 04 89 B4 98 66 31 6A A2 A2 4E 5E AC  ^U......f1j..N^.
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]  112: DE 57 B7 3B 97 72 08 A6 90 7C 3C FB FD B3 45 05  .W.;.r...|<...E.
Feb 10 09:05:24 pin1212a00 charon: 12[TNC]  128: C5 4D 21 10 0E 07 CE 94 B0 61 14 9F C1 22 10 93  .M!......a..."..
Feb 10 09:05:24 pin1212a00 charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

DH Nonce Finish and TPM Version/AIK Info

The next PB-TNC SDATA batch is received:

Feb 10 09:05:24 pin1212a00 charon: 06[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 06[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 06[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] received TNCCS batch (172 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 172 bytes @ 0x9b5bd52
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01  ................
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 01 00 00 00 C7 5A 89 5F 80 00 55 97 05 00 00 00  .....Z._..U.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 00 00 00 64 00 14 80 00 19 14 23 2B 46 C9 C4 56  ...d......#+F..V
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: B5 F6 9C 18 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD  ....X.x...J. !2.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: B2 60 7F DB 0F 7B 35 53 AE FA 23 C0 65 A5 48 35  .`...{5S..#.e.H5
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: FE DF DF B9 72 C4 DD 16 8B 55 E9 84 AE 45 E0 07  ....r....U...E..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: 05 AF D6 60 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A  ...`2.X...6...%.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: EF 13 9C AC 84 1F F6 9B F1 31 95 A3 80 00 55 97  .........1....U.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97  ..............U.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 0D 00 00 00 00 00 00 10 00 00 00 00              ............
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PB-TNC SDATA batch
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PB-PA message (164 bytes)
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

containing a PA-TNC message with the 'DH Nonce Finish', 'Get TPM Version Information' and 'Get Attestation Identity Key'
attributes from the TCG namespace:

Feb 10 09:05:24 pin1212a00 charon: 06[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC message with ID 0xc75a895f
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 88 bytes @ 0x9b58114
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 14 80 00 19 14 23 2B 46 C9 C4 56 B5 F6 9C 18  ......#+F..V....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD B2 60 7F DB  X.x...J. !2..`..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FE DF DF B9  .{5S..#.e.H5....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 72 C4 DD 16 8B 55 E9 84 AE 45 E0 07 05 AF D6 60  r....U...E.....`
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC  2.X...6...%.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 84 1F F6 9B F1 31 95 A3                          .....1..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 4 bytes @ 0x9b58178
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 00 00 00                                      ....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 4 bytes @ 0x9b58188
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 00 00 00                                      ....

The PTS-IMV reports that it selected SHA-1 as the DH hash algorithm and provides its 20 byte nonce and 32 byte public DH factor
so that the share DH secret can be computed:

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] selected DH hash algorithm is HASH_SHA1
Feb 10 09:05:24 pin1212a00 charon: 06[PTS] initiator nonce: => 20 bytes @ 0x9b5d848
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 84 1F F6 9B  ..6...%.........
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: F1 31 95 A3                                      .1..
Feb 10 09:05:24 pin1212a00 charon: 06[PTS] responder nonce: => 20 bytes @ 0x9b5bd30
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: 1D 14 23 06 97 7D E7 E3 AF AE B6 57 FB A3 58 DA  ..#..}.....W..X.
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: 59 6A 4C D3                                      YjL.
Feb 10 09:05:24 pin1212a00 charon: 06[PTS] shared DH secret: => 32 bytes @ 0x9b5ce70
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: F1 6A 3B 1C 72 03 B0 18 EA 3C B6 74 D6 AD 33 E9  .j;.r....<.t..3.
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: 23 0B 3C 1C A9 5C 77 12 FE FF FF 67 E5 7F CB 04  #.<..\w....g....
Feb 10 09:05:24 pin1212a00 charon: 06[PTS] secret assessment value: => 20 bytes @ 0x9b5d208
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: 5F A0 83 5D 35 DF 3C 94 28 8B 79 6F AB 35 86 6C  _..]5.<.(.yo.5.l
Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: E2 23 4C CF                                      .#L.

Answering the 'Get TPM Version Information' request, the following TPM version info is returned in binary form:

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] TPM 1.2 Version Info: Chip Version: 1.2.3.17, Spec Level: 2, Errata Rev: 2, Vendor ID: IFX

Besides the 'TPM Version Information' attribute, also the 'Attestation Identity Key' is included in the PA-TNC message to be forwarded to the PTS-IMV:

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC message with ID 0x9eb3b685
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC attribute type 'TCG/TPM Version Information' 0x005597/0x09000000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 20 bytes @ 0x9b57ac8
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 30 01 02 03 11 00 02 02 49 46 58 00 00 05 03  .0.......IFX....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 11 00 08 00                                      ....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC attribute type 'TCG/Attestation Identity Key' 0x005597/0x0e000000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 1167 bytes @ 0x9b5e950
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 30 82 04 8A 30 82 03 72 A0 03 02 01 02 02 10  .0...0..r.......
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C9 1B 24 28  3U.....Gxt....$(
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30  0...*.H........0
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76  P1.0...U....priv
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 61 63 79 63 61 2E 63 6F 6D 31 36 30 34 06 03 55  acyca.com1604..U
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 04 03 13 2D 50 72 69 76 61 63 79 20 43 41 20 49  ...-Privacy CA I
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: 6E 73 65 63 75 72 65 2F 55 6E 63 68 65 63 6B 65  nsecure/Unchecke
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: 64 20 41 49 4B 20 43 65 72 74 69 66 69 63 61 74  d AIK Certificat
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: 65 30 1E 17 0D 31 32 30 32 30 38 31 30 34 31 32  e0...12020810412
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 30 5A 17 0D 31 33 30 32 30 38 31 30 34 31 32 30  0Z..130208104120
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 5A 30 00 30 82 01 22 30 0D 06 09 2A 86 48 86 F7  Z0.0.."0...*.H..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  176: 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02  ...........0....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  192: 82 01 01 00 81 E3 38 7C 4D 46 70 CB D5 33 62 38  ......8|MFp..3b8
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  208: 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 C8 31 BD F6  P...(V.nq....1..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  224: FE 53 6A ED C8 54 0E 7C FB 00 98 80 D6 7D C7 57  .Sj..T.|.....}.W
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  240: D4 EC 24 93 59 48 1F DA 67 30 87 4F D3 59 B2 CA  ..$.YH..g0.O.Y..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  256: A8 9D CE C9 27 9A 03 57 C0 FE 1F AB EE E5 C2 A8  ....'..W........
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  272: C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 57 22 74 02  ......tM=..mW"t.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  288: F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA 4A FB D6 3D  .A|.h.../WT.J..=
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  304: 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 F1 4B 01 FD  37...oP......K..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  320: 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A AB F4 85 09  f..z....QU......
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  336: 74 24 64 03 DD 65 1C 26 2F 35 08 BF 57 D9 28 DA  t$d..e.&/5..W.(.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  352: D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 F4 D5 D7 36  ..[...lC~......6
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  368: 1E 31 9A A8 42 10 7A F5 94 93 9C 8F BD 6D BC 66  .1..B.z......m.f
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  384: 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 08 EB D2 A6  .0...DM.m5d.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  400: 99 18 56 01 28 3B 26 94 FD 6F 7F AD 45 68 3C 8A  ..V.(;&..o..Eh<.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  416: 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B C2 2B 19 8A  }8..._v..^.K.+..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  432: 27 D9 80 3C C8 13 01 11 70 CC D6 EF 57 F3 EF 37  '..<....p...W..7
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  448: A2 E6 B5 49 02 03 01 00 01 A3 82 01 AE 30 82 01  ...I.........0..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  464: AA 30 37 06 03 55 1D 09 04 30 30 2E 30 16 06 05  .07..U...00.0...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  480: 67 81 05 02 10 31 0D 30 0B 0C 03 31 2E 31 02 01  g....1.0...1.1..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  496: 02 02 01 01 30 14 06 05 67 81 05 02 12 31 0B 30  ....0...g....1.0
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  512: 09 80 01 00 81 01 00 82 01 02 30 5D 06 03 55 1D  ..........0]..U.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  528: 11 01 01 FF 04 53 30 51 A4 42 30 40 31 16 30 14  .....S0Q.B0@1.0.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  544: 06 05 67 81 05 02 01 0C 0B 69 64 3A 30 30 30 30  ..g......id:0000
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  560: 30 30 30 30 31 12 30 10 06 05 67 81 05 02 02 0C  00001.0...g.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  576: 07 55 6E 6B 6E 6F 77 6E 31 12 30 10 06 05 67 81  .Unknown1.0...g.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  592: 05 02 03 0C 07 69 64 3A 30 30 30 30 A0 0B 06 05  .....id:0000....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  608: 67 81 05 02 0F A0 02 0C 00 30 0C 06 03 55 1D 13  g........0...U..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  624: 01 01 FF 04 02 30 00 30 81 E0 06 03 55 1D 20 01  .....0.0....U. .
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  640: 01 FF 04 81 D5 30 81 D2 30 67 06 0A 2B 06 01 04  .....0..0g..+...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  656: 01 81 E3 42 01 10 30 59 30 29 06 08 2B 06 01 05  ...B..0Y0)..+...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  672: 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 77  ......http://www
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  688: 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F 63  .privacyca.com/c
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  704: 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 30  ps/0,..+.......0
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  720: 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 20   ..TCPA Trusted 
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  736: 50 6C 61 74 66 6F 72 6D 20 49 64 65 6E 74 69 74  Platform Identit
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  752: 79 30 67 06 04 55 1D 20 00 30 5F 30 25 06 08 2B  y0g..U. .0_0%..+
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  768: 06 01 05 05 07 02 01 16 19 68 74 74 70 3A 2F 2F  .........http://
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  784: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F  www.privacyca.co
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  800: 6D 2F 30 36 06 08 2B 06 01 05 05 07 02 02 30 2A  m/06..+.......0*
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  816: 0C 28 54 43 50 41 20 54 72 75 73 74 65 64 20 50  .(TCPA Trusted P
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  832: 6C 61 74 66 6F 72 6D 20 4D 6F 64 75 6C 65 20 45  latform Module E
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  848: 6E 64 6F 72 73 65 6D 65 6E 74 30 1F 06 03 55 1D  ndorsement0...U.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  864: 23 04 18 30 16 80 14 B0 E5 97 E0 9B 23 75 B1 FD  #..0........#u..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  880: BF 01 5E 72 BA 36 D4 48 32 A0 33 30 0D 06 09 2A  ..^r.6.H2.30...*
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  896: 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 1D  .H..............
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  912: 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A 01 7F 59 8D  x7..7....=....Y.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  928: 24 A8 74 81 C9 79 A2 63 45 2C 04 0C B4 CD 7F B9  $.t..y.cE,......
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  944: 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 B7 2A 8A 74  B..gg.E...~B.*.t
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  960: 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA 49 8C 7B 12  .....w......I.{.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  976: 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 20 F9 17 8A  `U........;t ...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  992: 0F 47 2D 3C DB C4 05 67 3C F0 E0 33 A6 3C C5 0E  .G-<...g<..3.<..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1008: C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A 7A 6B 84 BA  ...n.j.;.;u.zk..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1024: 4A 69 6E AF 59 54 89 4A E5 07 D7 51 33 B9 9E AE  Jin.YT.J...Q3...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1040: F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A DC 8D 55 46  .L..6...R..j..UF
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1056: E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA 26 58 2F D2  .....I.C..E.&X/.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1072: E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC CE 75 EA 92  .l........]..u..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1088: 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99 0B C5 9F 45  =..5..<........E
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1104: 75 00 23 5F C5 B9 AB 73 D8 57 39 80 AE 6D 58 98  u.#_...s.W9..mX.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1120: CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 6C 8F 25 23  ..)k....xq..l.%#
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1136: AD A4 C5 FB 70 56 46 84 39 45 01 E9 F9 83 7D DC  ....pVF.9E....}.
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1152: 5F D9 BB BF B1 08 2A 55 94 D6 0F 76 BD 73 EE     _.....*U...v.s.

The TNC client packs this large PA-TNC message into an outgoing PB-TNC CDATA batch:

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] adding PB-PA message
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] sending PB-TNC CDATA batch (1251 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 1251 bytes @ 0x9b5eea8
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 02 00 00 01 00 00 04 E3 80 00 00 00 00 00 00 01  ................
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 00 00 04 DB 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 01 00 00 00 9E B3 B6 85 00 00 55 97 09 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 00 00 00 20 00 30 01 02 03 11 00 02 02 49 46 58  ... .0.......IFX
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00  ..........U.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 00 00 04 9B 00 30 82 04 8A 30 82 03 72 A0 03 02  .....0...0..r...
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5  ....3U.....Gxt..
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01  ..$(0...*.H.....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D  ...0P1.0...U....
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 30  privacyca.com160
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 34 06 03 55 04 03 13 2D 50 72 69 76 61 63 79 20  4..U...-Privacy 
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68  CA Insecure/Unch
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  192: 65 63 6B 65 64 20 41 49 4B 20 43 65 72 74 69 66  ecked AIK Certif
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  208: 69 63 61 74 65 30 1E 17 0D 31 32 30 32 30 38 31  icate0...1202081
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  224: 30 34 31 32 30 5A 17 0D 31 33 30 32 30 38 31 30  04120Z..13020810
Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A  4120Z0.0.."0...*
                                         ----------------- truncated batch ------------------
Feb 10 09:05:24 pin1212a00 charon: 06[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 pin1212a00 charon: 06[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 06[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

File Metadata and Measurement

This PB-TNC CDATA batch contains file metadata and measurement requests:

Feb 10 09:05:24 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 pin1212a00 charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] received TNCCS batch (263 bytes) for Connection ID 1
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 263 bytes @ 0x9b5cd7a
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 02 80 00 02 00 00 01 07 80 00 00 00 00 00 00 01  ................
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 00 00 00 FF 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 12 1C C0 C5 80 00 55 97 00 70 00 00  ..........U..p..
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   48: 00 00 00 1F 00 2F 00 00 2F 65 74 63 2F 74 6E 63  ...../../etc/tnc
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   64: 5F 63 6F 6E 66 69 67 80 00 55 97 00 C0 00 00 00  _config..U......
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   80: 00 00 32 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F  ..2.......//lib/
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   96: 69 33 38 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C  i386-linux-gnu/l
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  112: 69 62 64 6C 2E 73 6F 2E 32 80 00 55 97 00 C0 00  ibdl.so.2..U....
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  128: 00 00 00 00 22 00 00 00 02 00 00 00 2F 2F 73 62  ....".......//sb
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  144: 69 6E 2F 69 70 74 61 62 6C 65 73 80 00 55 97 00  in/iptables..U..
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  160: C0 00 00 00 00 00 28 00 00 00 03 00 00 00 2F 2F  ......(.......//
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  176: 6C 69 62 2F 6C 69 62 78 74 61 62 6C 65 73 2E 73  lib/libxtables.s
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  192: 6F 2E 35 80 00 55 97 00 C0 00 00 00 00 00 21 80  o.5..U........!.
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  208: 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61 62  ......//lib/xtab
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  224: 6C 65 73 2F 80 00 55 97 00 C0 00 00 00 00 00 23  les/..U........#
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  240: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  256: 36 74 61 62 6C 65 73                             6tables
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PB-TNC SDATA batch

Again the PTS-IMC is subscribed to this PB-PA message type:

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PB-PA message (255 bytes)
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

The PA-TNC message consists of one 'Request File Metadata' and five 'Request File Measurement' attributes:

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC message with ID 0x121cc0c5
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Metadata' 0x005597/0x00700000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 19 bytes @ 0x9b5de6c
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 2F 00 00 2F 65 74 63 2F 74 6E 63 5F 63 6F 6E  ./../etc/tnc_con
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 66 69 67                                         fig
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 38 bytes @ 0x9b5de8b
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F 69 33 38  .......//lib/i38
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C 69 62 64  6-linux-gnu/libd
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   32: 6C 2E 73 6F 2E 32                                l.so.2
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 22 bytes @ 0x9b5debd
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 02 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 74 61 62 6C 65 73                                tables
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 28 bytes @ 0x9b5dedf
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 03 00 00 00 2F 2F 6C 69 62 2F 6C 69 62  .......//lib/lib
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 78 74 61 62 6C 65 73 2E 73 6F 2E 35              xtables.so.5
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 21 bytes @ 0x9b5df07
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 80 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61  .......//lib/xta
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 62 6C 65 73 2F                                   bles/
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000
Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 23 bytes @ 0x9b5df28
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip
Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 36 74 61 62 6C 65 73                             6tables

The metadata for /etc/tnc_config is retrieved and the SHA-1 hash values for the four file measurement requests are computed.
Measurement request 4 is for the contents of a directory which generates quite some work.

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] metadata request for file '/etc/tnc_config'
Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 1 for file '/lib/i386-linux-gnu/libdl.so.2'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   40:9b:b1:a9:7e:26:ea:11:44:cd:d6:80:1b:81:59:f1:7f:37:6b:8f for 'libdl.so.2'
Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 2 for file '/sbin/iptables'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   ff:6d:ec:a0:ee:b7:a2:57:20:5c:5f:0a:b5:f5:d8:21:ea:18:40:98 for 'iptables'
Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 3 for file '/lib/libxtables.so.5'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   7a:3c:a7:21:58:e6:0b:0c:91:e4:8a:42:08:48:f1:b6:93:ae:a2:6c for 'libxtables.so.5'
Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 4 for directory '/lib/xtables/'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   18:36:41:80:9a:27:b0:8f:fe:59:c1:38:8c:da:6c:41:4b:dc:e6:d6 for 'libxt_tos.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   47:52:53:2c:b9:41:a1:fd:98:11:4c:2f:99:9e:b6:16:98:bd:df:35 for 'libip6t_eui64.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   ee:9b:c9:37:a8:db:06:d4:ba:a2:14:7b:47:8e:ac:af:fe:8c:c8:f7 for 'libipt_realm.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   32:d4:43:76:1a:af:13:ef:8b:3c:d7:86:9a:f9:0b:57:a7:44:58:25 for 'libxt_connlimit.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   20:cf:56:e5:ce:52:11:72:29:f5:5e:1e:ad:52:31:a7:66:b2:dd:5c for 'libxt_hashlimit.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19 for 'libxt_mark.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   dd:7b:c0:9b:d9:94:25:a1:e3:6b:69:a1:19:60:a9:00:37:e2:98:79 for 'libxt_TOS.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   fc:ca:5d:a6:7d:11:c7:ad:fd:f8:49:88:b0:96:b0:20:f9:0e:77:8a for 'libip6t_rt.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   24:15:12:c0:4d:81:6c:c8:91:10:f1:c0:fd:ab:39:d4:97:ad:9f:1b for 'libxt_TPROXY.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   44:92:7e:1b:2d:34:c5:d9:45:b8:13:33:8c:ca:41:98:3c:be:20:f7 for 'libxt_dscp.so'
Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   f2:b9:91:45:6c:6b:6e:55:04:03:d4:66:5c:13:d6:c2:3e:a9:f4:a3 for 'libxt_SET.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2d:0d:d5:0b:f5:10:78:05:b7:f9:35:c7:2f:94:c9:ba:a2:01:22:b0 for 'libxt_quota.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   b5:99:55:3b:bd:35:be:b4:f9:93:90:33:f4:4b:65:3d:ad:ba:5e:9c for 'libxt_statistic.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9f:b6:70:dc:86:7c:58:b5:83:ef:59:a0:c8:1b:56:35:1d:6b:2c:4b for 'libxt_IDLETIMER.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   6c:0b:2d:f4:fc:4c:91:22:b5:76:2a:e1:40:d5:3f:dd:1c:f9:e8:9b for 'libxt_conntrack.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3d:c5:69:0b:31:f0:69:93:3c:cc:14:e4:3f:7c:09:da:a3:e0:09:8d for 'libxt_mac.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f7:d6:a5:d8:5a:32:98:d2:1c:ec:71:37:d9:47:da:90:c4:55:e4:6b for 'libxt_rateest.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d0:27:a6:aa:de:8b:34:d2:72:d5:f2:23:5d:81:78:83:90:40:48:13 for 'libxt_DSCP.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   af:75:74:c5:d6:74:4d:fa:2e:2d:8c:d0:c4:f4:cc:f7:06:42:20:30 for 'libipt_NETMAP.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2c:19:75:6c:4a:35:48:68:d0:50:a6:58:32:e7:c1:36:b4:a9:94:c3 for 'libxt_LED.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e2:f7:b9:2a:bd:a7:69:f8:27:96:f5:7a:29:80:18:70:58:5d:ce:a3 for 'libipt_SNAT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   0f:c1:21:24:64:f3:b1:b9:73:eb:c0:6c:19:90:bb:b9:88:fe:cc:8a for 'libipt_CLUSTERIP.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2e:a8:67:ef:38:48:b8:a0:2d:a4:d3:99:4b:1f:0e:bc:db:5c:9e:80 for 'libxt_comment.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f9:e3:53:1a:bb:67:a0:20:cf:66:7d:46:ca:82:36:75:dd:0a:0d:d4 for 'libxt_MARK.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5a:eb:2e:92:6c:bd:3c:95:fe:82:25:e0:b3:ef:87:3a:3d:19:42:4b for 'libipt_MIRROR.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   33:9a:58:a1:b3:13:83:0c:3c:c7:4c:b3:fb:52:a5:b8:15:2f:44:e6 for 'libxt_esp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:f9:01:0e:e2:24:7c:f2:d7:64:1c:f0:4f:0c:a7:32:d0:fd:e8:68 for 'libxt_NOTRACK.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d6:c8:df:ba:ae:7a:b2:8b:5c:ef:26:26:a2:af:3f:99:a6:ea:43:65 for 'libipt_LOG.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   06:5d:f7:20:d2:c2:86:71:72:8a:96:33:53:0d:e5:94:cf:bf:e8:97 for 'libxt_recent.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2d:32:ef:93:12:6a:bf:8c:66:0d:57:c6:7e:50:76:c6:39:4c:ab:e8 for 'libxt_policy.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   71:40:3f:f1:c6:ca:92:7a:ba:1d:c6:8c:8e:52:a6:76:ae:c1:c9:70 for 'libxt_RATEEST.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   22:35:fe:d7:aa:6b:9a:8b:9b:db:7f:db:34:9a:35:9f:01:c1:b4:01 for 'libxt_u32.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   53:0e:8c:15:15:4a:da:bc:f7:39:c5:e2:46:ba:15:36:6f:05:b3:6b for 'libipt_ah.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9a:d0:87:53:a6:70:8e:1d:60:da:ce:3a:58:ef:44:00:27:70:a6:bd for 'libipt_unclean.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   aa:d3:68:ae:62:e7:d0:1d:a3:3e:a7:8e:1a:7c:1a:1f:18:2a:6a:d4 for 'libxt_dccp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ab:78:0c:51:34:7b:ff:66:9c:97:1e:f2:c7:0b:06:d9:bd:78:7b:c9 for 'libxt_connmark.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   36:1d:6f:75:96:07:ad:c4:0d:6f:e0:af:7d:3f:91:57:94:a4:db:b0 for 'libipt_ECN.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   42:4c:99:a6:21:e1:19:c8:8b:f7:0e:78:ff:b6:4c:6d:72:db:7b:51 for 'libxt_NFQUEUE.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   8f:d3:f5:95:98:1c:49:89:61:fc:94:67:83:0d:dd:37:20:08:c0:85 for 'libxt_physdev.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   38:e9:ff:af:cf:02:73:6d:6b:9c:5e:b4:03:c5:d5:26:12:a4:64:16 for 'libxt_SECMARK.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5d:93:68:d5:e3:ea:c0:93:d6:dc:ba:d5:c0:24:ed:3d:56:66:68:c2 for 'libxt_length.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7a:b7:2f:5e:8e:54:89:e6:d3:aa:3d:4f:8b:ac:d0:f9:3a:71:4b:e2 for 'libxt_TRACE.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5c:3a:42:5d:c4:25:60:8c:21:f7:3a:58:de:45:90:43:3a:e4:19:ad for 'libipt_ULOG.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d6:0e:93:16:f6:2d:46:bd:1d:6b:f9:b7:34:d3:ac:7e:40:2f:29:30 for 'libipt_ttl.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   73:d7:5e:80:9f:53:fc:84:40:73:08:db:52:89:3f:3d:31:83:53:10 for 'libxt_limit.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c for 'libipt_DNAT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   aa:9a:5b:58:cb:d0:53:5b:ce:8d:d9:e4:f2:d8:d3:25:38:ce:24:72 for 'libxt_tcpmss.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   51:f1:be:7e:59:08:62:a2:c2:5f:29:f4:c5:ef:01:f0:52:df:2a:c5 for 'libipt_REDIRECT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a0:7e:a0:ae:3d:00:8f:37:97:c5:67:e6:29:cb:73:79:cb:15:02:ed for 'libipt_addrtype.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:1c:20:2b:10:37:cc:24:54:fd:0d:cc:cc:40:e3:15:71:63:0d:9f for 'libxt_CONNMARK.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c5:22:71:d3:8f:10:56:78:d4:cd:0c:3c:04:0a:21:cc:db:24:57:e3 for 'libxt_pkttype.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   6c:f9:db:a7:25:ac:38:d3:be:ff:dc:d8:f6:65:5b:d5:f4:66:6d:25 for 'libipt_icmp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   37:d6:ae:25:19:77:21:4d:7a:d1:c2:95:80:94:24:af:1e:8e:76:b1 for 'libxt_set.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e3:58:f5:3f:5c:4b:73:df:16:22:e8:16:41:d9:18:f9:23:ab:c6:2c for 'libxt_cluster.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   11:ce:3b:45:fe:b3:e6:6a:75:49:0d:42:ba:95:07:1a:c6:f4:0a:7f for 'libxt_udp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c1:66:c2:84:d3:95:78:3a:48:d3:02:c9:61:cb:60:d7:ec:e7:68:ab for 'libxt_multiport.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   29:8a:18:85:82:22:26:dc:be:b2:e9:08:f2:b2:69:b7:a8:27:1a:66 for 'libxt_CLASSIFY.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c6:3e:0e:cc:c2:03:94:f9:3d:49:25:3b:33:0d:f3:2c:47:ff:d9:96 for 'libxt_CT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   23:29:6f:48:27:6e:16:0b:6d:99:b1:b4:2a:91:14:df:72:0b:b1:ab for 'libip6t_LOG.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   48:a5:5a:a0:dc:11:94:af:63:ba:01:62:00:1c:e1:e9:b3:77:b1:59 for 'libxt_TEE.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   86:6c:55:30:ae:45:69:1b:3c:4e:08:ba:29:3b:33:26:e8:ff:1f:b3 for 'libip6t_frag.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   39:09:5f:23:c9:34:72:21:57:5d:a8:a1:30:41:cc:7b:dc:de:73:54 for 'libxt_cpu.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   00:32:1b:d8:00:d7:08:2f:0d:ee:78:ef:a1:66:1e:24:6c:3d:aa:b4 for 'libxt_iprange.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a3:45:6c:85:20:bf:0b:c3:f0:ee:0a:1c:80:03:21:c0:19:b4:a8:82 for 'libxt_standard.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   24:f6:13:0d:e2:e5:bb:94:30:b7:1a:aa:e5:c9:42:47:b3:b6:ea:91 for 'libip6t_hl.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   56:7e:01:c5:09:23:ab:1c:19:03:b6:fb:84:9f:a6:8f:19:63:0c:a3 for 'libip6t_HL.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   fd:d2:27:82:6f:c2:9d:b7:d1:b6:ed:2b:e4:14:52:14:f3:92:16:cd for 'libipt_TTL.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   69:47:c7:94:45:0c:04:df:1c:c8:e4:17:15:ce:3d:24:7f:c5:16:c9 for 'libxt_connbytes.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f8:93:2b:81:16:dd:d4:cf:0f:d5:f5:52:88:18:f2:1a:df:90:cb:74 for 'libxt_ipvs.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:f8:a5:fd:8a:e2:28:77:84:ae:7e:dc:f8:4f:bf:b5:24:b4:97:bb for 'libxt_CONNSECMARK.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   18:fa:a3:14:df:37:fc:d0:1b:9f:1a:ea:6f:db:f0:70:c8:38:b6:a6 for 'libxt_state.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   4e:05:db:c9:87:2d:6c:6d:af:38:45:8b:35:b1:ba:6d:6a:94:d2:1f for 'libip6t_REJECT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   47:e0:cf:82:a1:21:16:d6:8a:a6:42:39:c4:9a:23:aa:b6:cb:35:f4 for 'libxt_string.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   33:d0:40:bc:0c:64:d3:8b:99:7b:fa:ee:ae:04:59:07:c5:2b:e6:70 for 'libxt_owner.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2b:07:68:91:49:e0:7c:ed:d6:d3:77:49:3d:17:68:ff:23:78:ac:b8 for 'libip6t_ipv6header.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7f:cd:3d:b6:df:87:13:c0:e7:c7:2d:ad:d7:04:55:99:a7:49:f2:a0 for 'libipt_REJECT.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   95:3b:e7:07:c1:5b:15:80:a3:bb:ed:4c:7e:4c:22:1e:2d:58:44:ff for 'libxt_CHECKSUM.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5d:32:1b:a9:90:9d:a2:38:b6:de:15:0b:0d:10:33:7c:16:cf:4c:e4 for 'libxt_TCPOPTSTRIP.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e2:db:af:67:88:9b:bd:1f:f0:fb:da:b8:4e:00:e2:87:53:9d:61:ed for 'libxt_helper.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9d:96:65:a3:38:9e:3f:67:a8:15:3f:a1:c3:7b:59:68:85:a4:09:b9 for 'libipt_SAME.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a6:06:e1:bb:12:92:88:f1:90:0d:57:88:1c:3e:ac:ee:e7:27:ec:64 for 'libxt_socket.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3b:1c:fb:8c:71:c9:04:be:b5:57:19:34:87:91:5f:f5:82:6a:33:47 for 'libipt_ecn.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   1d:74:0a:bd:38:f9:f4:bc:81:ca:43:4a:0e:25:b6:e2:17:04:24:8b for 'libxt_tcp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5a:0d:07:ab:03:66:03:a7:67:59:e5:f6:1f:7d:04:f2:d3:c0:56:cc for 'libipt_MASQUERADE.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   45:8a:e7:fc:05:34:ef:2a:eb:d5:6f:ce:4d:26:db:10:bd:7f:63:a4 for 'libip6t_hbh.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   1c:b5:30:10:26:19:6e:d1:d2:6f:9c:7f:92:f3:6f:b1:ee:39:48:41 for 'libxt_time.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   42:2c:14:1e:ab:57:e9:c9:a8:0a:3c:7b:31:c2:6a:d4:d0:b5:ed:07 for 'libip6t_ah.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c9:16:92:db:c9:06:c0:de:e9:7c:b9:6e:ba:fd:6e:f1:ff:cc:4d:1b for 'libip6t_icmp6.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   28:e0:5c:e1:9a:52:ab:16:23:71:cb:5c:14:8f:b1:6e:c7:c3:4a:d6 for 'libxt_NFLOG.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ac:87:0e:51:06:2d:69:a6:b1:9a:71:e5:1d:19:4b:9b:0c:29:51:cf for 'libip6t_dst.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   34:3d:51:24:47:fc:02:22:63:19:9f:d2:3f:7b:21:6b:46:e0:1e:b3 for 'libxt_sctp.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7f:f7:ef:5a:4e:01:de:31:18:5d:79:cc:d9:a3:14:a6:a1:2d:3a:65 for 'libxt_TCPMSS.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ca:1e:da:79:68:a9:0f:6c:c9:14:0a:bd:d1:d1:77:11:6b:69:97:e1 for 'libxt_osf.so'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   32:7f:fa:63:fc:c0:8e:14:e5:64:6b:78:ac:e3:76:94:3a:95:12:7a for 'libip6t_mh.so'
Feb 10 09:05:25 pin1212a00 charon: 14[IMC] measurement request 5 for file '/sbin/ip6tables'
Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   8a:7c:41:16:7b:c0:fc:c1:de:c8:32:9a:86:8b:a2:65:c2:38:57:f5 for 'ip6tables'

Packed into one 'Unix-Style File Metadata' and four 'File Measurement' attributes the measured file data is returned to the TNC server:

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC message with ID 0x76759cfc
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/Unix-Style File Metadata' 0x005597/0x00900000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 70 bytes @ 0x9b5d4c8
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 3E 08 00 00 00 00 00  .........>......
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 00 00 00 6C 00 00 00 00 4F 2F F3 66 00 00 00 00  ...l....O/.f....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 4F 2F F3 66 00 00 00 00 4F 33 BD 1C 00 00 00 00  O/.f....O3......
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 74 6E 63 5F  ............tnc_
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: 63 6F 6E 66 69 67                                config
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 44 bytes @ 0x9b55388
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 01 00 14 40 9B B1 A9  ............@...
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 7E 26 EA 11 44 CD D6 80 1B 81 59 F1 7F 37 6B 8F  ~&..D.....Y..7k.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0A 6C 69 62 64 6C 2E 73 6F 2E 32              ..libdl.so.2
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 42 bytes @ 0x9b5d8b0
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0  .............m..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: EE B7 A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98  ...W \_....!..@.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 08 69 70 74 61 62 6C 65 73                    ..iptables
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 49 bytes @ 0x9b5ac48
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 03 00 14 7A 3C A7 21  ............z<.!
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6 93 AE A2 6C  X......B.H.....l
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0F 6C 69 62 78 74 61 62 6C 65 73 2E 73 6F 2E  ..libxtables.so.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 35                                               5
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 3475 bytes @ 0x9b61048
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41 80  .......^.....6A.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6 D6  .'...Y.8..lAK...
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47 52  ..libxt_tos.soGR
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98 BD  S,.A....L/......
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69 36  .5..libip6t_eui6
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   80: 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14 7B  4.so...7.......{
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   96: 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70 74  G.........libipt
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  112: 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF 13  _realm.so2.Cv...
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  128: EF 8B 3C D7 86 9A F9 0B 57 A7 44 58 25 00 12 6C  ..<.....W.DX%..l
                                         --------------- truncated attribute ----------------
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 43 bytes @ 0x9b55d88
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 05 00 14 8A 7C 41 16  .............|A.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 7B C0 FC C1 DE C8 32 9A 86 8B A2 65 C2 38 57 F5  {.....2....e.8W.
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 09 69 70 36 74 61 62 6C 65 73                 ..ip6tables

All data is packed into a huge PB-TNC CDATA batch spanning four IKEv2 UDP datagrams:

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] adding PB-PA message
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] sending PB-TNC CDATA batch (3835 bytes) for Connection ID 1
Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 3835 bytes @ 0x9b5fe10
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 02 00 00 01 00 00 0E FB 80 00 00 00 00 00 00 01  ................
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 00 00 0E F3 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 76 75 9C FC 80 00 55 97 00 90 00 00  ....vu....U.....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 00 00 00 52 00 00 00 00 00 00 00 01 00 3E 08 00  ...R.........>..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: 00 00 00 00 00 00 00 6C 00 00 00 00 4F 2F F3 66  .......l....O/.f
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   80: 00 00 00 00 4F 2F F3 66 00 00 00 00 4F 33 BD 1C  ....O/.f....O3..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  112: 74 6E 63 5F 63 6F 6E 66 69 67 80 00 55 97 00 D0  tnc_config..U...
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  128: 00 00 00 00 00 38 00 00 00 00 00 00 00 01 00 01  .....8..........
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  144: 00 14 40 9B B1 A9 7E 26 EA 11 44 CD D6 80 1B 81  ..@...~&..D.....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  160: 59 F1 7F 37 6B 8F 00 0A 6C 69 62 64 6C 2E 73 6F  Y..7k...libdl.so
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  176: 2E 32 80 00 55 97 00 D0 00 00 00 00 00 36 00 00  .2..U........6..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  192: 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0 EE B7  ...........m....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  208: A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98 00 08  .W \_....!..@...
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  224: 69 70 74 61 62 6C 65 73 80 00 55 97 00 D0 00 00  iptables..U.....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  240: 00 00 00 3D 00 00 00 00 00 00 00 01 00 03 00 14  ...=............
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  256: 7A 3C A7 21 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6  z<.!X......B.H..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  272: 93 AE A2 6C 00 0F 6C 69 62 78 74 61 62 6C 65 73  ...l..libxtables
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  288: 2E 73 6F 2E 35 80 00 55 97 00 D0 00 00 00 00 0D  .so.5..U........
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  304: 9F 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41  ........^.....6A
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  320: 80 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6  ..'...Y.8..lAK..
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  336: D6 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47  ...libxt_tos.soG
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  352: 52 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98  RS,.A....L/.....
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  368: BD DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69  ..5..libip6t_eui
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  384: 36 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14  64.so...7.......
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  400: 7B 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70  {G.........libip
Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  416: 74 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF  t_realm.so2.Cv..
                                         ----------------- truncated batch ------------------
Feb 10 09:05:25 pin1212a00 charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:25 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:25 pin1212a00 charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:25 pin1212a00 charon: 03[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 03[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 03[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:25 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:25 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 13 [ EAP/REQ/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 14 [ EAP/RES/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:25 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:25 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 14 [ EAP/REQ/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 15 [ EAP/RES/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Functional Component Evidence

The final PB-TNC SDATA batch arrives from the TNC server:

Feb 10 09:05:25 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:25 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 15 [ EAP/REQ/TTLS ]
Feb 10 09:05:25 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] received TNCCS batch (92 bytes) for Connection ID 1
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] => 92 bytes @ 0x9b5c89a
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]    0: 02 80 00 02 00 00 00 5C 80 00 00 00 00 00 00 01  .......\........
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   16: 00 00 00 54 00 00 55 97 00 00 00 01 FF FF 00 01  ...T..U.........
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 B6 99 BC 94 80 00 55 97 00 10 00 00  ..........U.....
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   48: 00 00 00 24 10 00 00 00 00 90 2A 21 00 00 00 03  ...$......*!....
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   64: 10 00 00 00 00 90 2A 21 00 00 00 02 80 00 55 97  ......*!......U.
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   80: 00 20 00 00 00 00 00 10 00 00 00 00              . ..........
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] processing PB-TNC SDATA batch

Again the PTS-IMC is subscribed to this PB-PA message type:

Per subscription the PTS-IMC receives this PB-PA message type:
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] processing PB-PA message (84 bytes)
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

The PA-TNC message contains a 'Request Functional Component Evidence' and a final 'Generate Attestation Evidence' attribute from the TCG namespace:

Feb 10 09:05:25 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] processing PA-TNC message with ID 0xb699bc94
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request Functional Component Evidence' 0x005597/0x00100000
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] => 24 bytes @ 0x9b5abec
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]    0: 10 00 00 00 00 90 2A 21 00 00 00 03 10 00 00 00  ......*!........
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]   16: 00 90 2A 21 00 00 00 02                          ..*!....
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Generate Attestation Evidence' 0x005597/0x00200000
Feb 10 09:05:25 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b5ac10
Feb 10 09:05:25 pin1212a00 charon: 11[TNC]    0: 00 00 00 00                                      ....

The first of the ordered evidence request is for the Linux IMA functional component defined in the ITA-HSR namespace which verifies the 27 measurements extended into PCRs 0..11 during the pre-boot process.

Feb 10 09:05:25 pin1212a00 charon: 11[IMC] evidence requested for 2 functional components
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] * ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] loaded bios measurements '/sys/kernel/security/tpm0/binary_bios_measurements' (27 entries)
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 extended with: c4:2f:ed:ad:26:82:00:cb:1d:15:f9:78:41:c3:44:e7:9d:ae:33:20
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 after value  : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 extended with: e4:73:a3:20:09:19:84:8c:04:f5:cb:4b:32:d3:9a:55:7e:8f:87:09
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 before value : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 after value  : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 extended with: 5f:62:1b:65:d8:dc:5c:10:05:e9:ef:e2:71:42:c3:01:4a:c1:74:20
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 after value  : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 extended with: c4:44:e3:23:0e:0b:f1:f5:21:b1:b2:b3:56:fe:3e:a0:05:38:7f:f7
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 after value  : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 extended with: 13:87:18:5a:92:ca:4f:ba:8a:31:fb:b7:a4:6a:c4:57:76:0a:19:35
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 before value : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 after value  : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 extended with: 86:ac:7f:d5:c5:12:8c:3e:d6:bb:16:38:7e:53:08:ae:b5:26:18:4e
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 before value : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 after value  : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 extended with: 26:d0:e4:c7:cf:a9:20:e2:ce:26:7d:ba:86:c9:70:6e:d9:a8:6c:8d
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 before value : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 after value  : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 extended with: 05:d4:2f:27:12:07:af:f9:7d:e1:f3:12:77:4d:ac:da:95:74:74:7a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 after value  : b0:5b:cd:50:47:bf:36:0c:2d:bb:a2:7a:5d:a5:ee:66:17:72:a2:0c
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 extended with: c1:8b:03:f7:c7:b5:d6:8b:82:56:61:21:72:e8:60:df:34:cb:4d:6d
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 before value : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 after value  : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 extended with: cd:0f:db:45:31:a6:ec:41:be:27:53:ba:04:26:37:d6:e5:f7:f2:56
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 after value  : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 before value : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  0 after value  : 61:d7:c2:06:bd:93:7c:91:82:0f:76:18:c6:17:97:c2:1c:cd:13:13
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 before value : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  1 after value  : 50:0b:2f:05:3d:65:11:23:d4:bd:42:91:a6:9b:99:f3:19:c5:79:c9
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 before value : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  2 after value  : de:eb:6e:c1:78:fc:05:ad:c9:a7:fa:d8:ca:63:3a:34:a4:7e:04:da
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  3 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  3 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  3 after value  : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 after value  : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 before value : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 after value  : 60:4f:c6:60:10:07:dd:33:ff:5f:30:ab:6d:33:d0:c3:2c:c6:af:af
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 before value : b0:5b:cd:50:47:bf:36:0c:2d:bb:a2:7a:5d:a5:ee:66:17:72:a2:0c
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  6 after value  : 78:cd:77:59:86:6a:77:d0:31:03:c2:03:5b:f7:dc:7e:61:dc:19:2e
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  7 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  7 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  7 after value  : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 extended with: c1:e2:5c:3f:6b:0d:c7:8d:57:29:6a:a2:87:0c:a6:f7:82:cc:f8:0f
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 before value : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 after value  : a4:95:bd:4b:42:a1:fa:26:c3:9f:3f:24:94:08:2b:9f:e1:71:07:ab
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 extended with: 38:f3:0a:0a:96:7f:cf:2b:fe:e1:e3:b2:97:1d:e5:40:11:50:48:c8
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 before value : a4:95:bd:4b:42:a1:fa:26:c3:9f:3f:24:94:08:2b:9f:e1:71:07:ab
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 after value  : 54:09:48:d7:c0:27:e8:cc:e2:51:66:68:28:05:52:c3:92:bb:50:8b
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 extended with: 4f:41:2e:ce:7c:55:d6:ae:55:b5:a6:4f:66:01:18:7e:25:b9:af:fc
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 before value : 54:09:48:d7:c0:27:e8:cc:e2:51:66:68:28:05:52:c3:92:bb:50:8b
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 after value  : 9b:66:c2:3e:b2:e3:8b:ae:0d:ad:be:4b:fa:bc:e8:62:9e:33:6e:48
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 extended with: 43:79:a3:d4:30:19:b4:6f:a3:57:f7:dd:6a:53:b4:5a:3c:a8:fb:79
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 before value : 9b:66:c2:3e:b2:e3:8b:ae:0d:ad:be:4b:fa:bc:e8:62:9e:33:6e:48
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  4 after value  : cf:a3:54:3c:7f:39:22:69:bd:c0:d5:bf:29:05:f1:be:8b:b2:dd:7d
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 extended with: 88:55:13:eb:0e:f1:a5:0b:09:33:40:0e:4a:10:35:74:97:3b:e8:5c
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 before value : 60:4f:c6:60:10:07:dd:33:ff:5f:30:ab:6d:33:d0:c3:2c:c6:af:af
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  5 after value  : cd:eb:78:a0:cc:80:28:ba:b5:78:f2:f8:5f:3a:f9:1f:03:57:78:a4
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  8 extended with: 1a:84:80:3d:29:14:e0:3a:12:c8:33:ff:80:bc:ca:1f:b6:72:90:53
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  8 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  8 after value  : 1d:2f:36:17:44:32:ec:df:99:e8:4d:ae:e2:bc:c7:d3:13:1c:0f:bf
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  9 extended with: ee:d2:09:89:f6:f6:53:9c:d6:57:cf:a8:df:a5:d6:67:23:c4:e2:b4
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  9 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR  9 after value  : 03:c2:d5:f2:25:d1:cc:e2:38:25:ee:4d:42:37:9c:85:b8:55:a5:49
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 10 extended with: cc:db:51:f8:01:b3:39:cd:5c:b3:6b:54:19:9a:36:b0:98:d2:45:f1
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 10 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 10 after value  : c8:34:e9:1e:6c:d2:9d:77:a0:bb:d8:85:e7:70:6a:da:56:00:a6:ee
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 06 09:55:33 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 11 extended with: 90:69:ca:78:e7:45:0a:28:51:73:43:1b:3e:52:c5:c2:52:99:e4:73
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 11 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 11 after value  : b2:a8:3b:0e:bf:2f:83:74:29:9a:5b:2b:df:c3:1e:a9:55:ad:72:36

The second evidence request is for the Trusted Boot functional component also defined in the ITA-HSR namespace which verifies the MLE measurements extended into PCRs 17 and 18 by Intel's TXT instruction used by Trusted Boot. This component hasn't been fully implemented yet, so dummy measurements values defined in /etc/strongswan.conf are used.

Feb 10 09:05:25 pin1212a00 charon: 11[PTS] * ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 10 09:05:25 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 17 extended with: d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 17 before value : 17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 17 after value  : ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform'
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] measurement time: Feb 10 09:05:25 2012
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 18 extended with: 16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 18 before value : 18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18
Feb 10 09:05:25 pin1212a00 charon: 11[PTS] PCR 18 after value  : ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff

TPM Quote Signature

The latest states of all PCRs involved in the previous functional component evidence measurements are put into a 'PCR Composite' structure, hashed and then signed by the TPM with a Quote Signature operation:

Feb 10 09:05:27 pin1212a00 charon: 11[PTS] Hash of PCR Composite: 2f:74:7e:f8:bb:01:a1:ac:76:72:8f:77:4b:79:1d:90:ed:79:e1:f2
Feb 10 09:05:27 pin1212a00 charon: 11[PTS] TPM Quote Info: => 52 bytes @ 0x9b60778
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]    0: 00 36 51 55 54 32 5F A0 83 5D 35 DF 3C 94 28 8B  .6QUT2_..]5.<.(.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   16: 79 6F AB 35 86 6C E2 23 4C CF 00 03 FF 0F 06 01  yo.5.l.#L.......
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   32: 2F 74 7E F8 BB 01 A1 AC 76 72 8F 77 4B 79 1D 90  /t~.....vr.wKy..
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   48: ED 79 E1 F2                                      .y..
Feb 10 09:05:27 pin1212a00 charon: 11[PTS] TPM Quote Signature: => 256 bytes @ 0x9b60df8
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]    0: 4C F8 BE B2 17 ED 97 12 4D 86 8A 9F C6 13 55 81  L.......M.....U.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   16: 07 45 85 BF 8F 35 B7 01 0E 0A 55 FB AA 54 1B 1F  .E...5....U..T..
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   32: 34 55 AD 1C B7 FB D0 1D 05 9E 58 4B 70 FF 6E F2  4U........XKp.n.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   48: 95 90 F1 D0 E4 96 A3 38 BF A8 3F 3D 8F D8 A2 28  .......8..?=...(
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   64: AC C3 E1 3A C1 B0 3A 6F 3A A6 C6 5C 59 D2 99 8F  ...:..:o:..\Y...
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   80: 17 1E CE 96 A6 7F 01 33 58 A1 2F 52 8F 7D 90 A0  .......3X./R.}..
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]   96: 31 9A 1D 34 8A 37 BC 4D BA 9D F4 5F 26 D7 EC 45  1..4.7.M..._&..E
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  112: 16 21 C6 BC B7 D3 64 A7 04 45 16 C0 31 6C 5F 12  .!....d..E..1l_.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  128: 9C 02 CA 69 8B 8D 80 39 EB 51 74 80 8E 2A 22 09  ...i...9.Qt..*".
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  144: 35 05 20 C3 C4 E1 BC 1E 0F D1 E8 3F 89 A9 2C 0A  5. ........?..,.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  160: 55 26 43 18 22 6A 37 64 45 EA CA A4 E6 F6 8A 8C  U&C."j7dE.......
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  176: 1B D9 B2 2C 02 94 CE 10 05 7D 20 CA 2A E6 AB 4F  ...,.....} .*..O
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  192: D9 20 9D A0 B2 BF AF 77 A2 35 22 88 E7 F5 2C C0  . .....w.5"...,.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  208: 0E 83 9A 58 62 5C 2E 31 2F 2C 17 A3 96 BD 43 CF  ...Xb\.1/,....C.
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  224: ED 60 11 7E 02 7F EF D7 1B F2 32 64 C0 27 BD 42  .`.~......2d.'.B
Feb 10 09:05:27 pin1212a00 charon: 11[PTS]  240: 21 FB 6C 40 D4 39 2C 47 33 0F 6B 4A 91 07 68 F8  !.l@.9,G3.kJ..h.

The PA-TNC message created by the PTS-IMC contains 29 'Simple Component Evidence' attributes and one closing 'Simple Evidence Final' attribute both from the TCG namespace:

Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC message with ID 0x05ae83c6
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b607d0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 72  ...............r
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2 67 C9 CB 34  .K.@..6?.j..g..4
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 20 0B C4 2F ED AD 26 82 00 CB 1D 15 F9 78 41 C3   ../..&......xA.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 44 E7 9D AE 33 20                                D...3 
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b608c0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 98 72 96 4B 9B 40  8:55:33Z...r.K.@
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: CD D0 36 3F CD 6A F8 C2 67 C9 CB 34 20 0B 26 14  ..6?.j..g..4 .&.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: C8 BD 2D 1B 59 C7 6A 58 51 AC A4 39 14 7B EE 5B  ..-.Y.jXQ..9.{.[
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: F7 7D E4 73 A3 20 09 19 84 8C 04 F5 CB 4B 32 D3  .}.s. .......K2.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 9A 55 7E 8F 87 09                                .U~...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60708
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BA 15  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: BB 86 8E 1F 18 A7 EE 2A 3C 57 02 81 0E BC C3 09  .......*<W......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: A2 46 5F 62 1B 65 D8 DC 5C 10 05 E9 EF E2 71 42  .F_b.e..\.....qB
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: C3 01 4A C1 74 20                                ..J.t 
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60a98
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5D 42  ..............]B
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 68 FB 80 BF 1E 31 8D 67 B4 D0 8D 49 A1 3C 6F 3A  h....1.g...I.<o:
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: FE 93 C4 44 E3 23 0E 0B F1 F5 21 B1 B2 B3 56 FE  ...D.#....!...V.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 3E A0 05 38 7F F7                                >..8..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60b08
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 5D 42 68 FB 80 BF  8:55:33Z..]Bh...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 1E 31 8D 67 B4 D0 8D 49 A1 3C 6F 3A FE 93 7F D4  .1.g...I.<o:....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: DD 1B 15 3F D1 E9 28 B1 19 F3 7C B3 7A 0C F5 02  ...?..(...|.z...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: F4 34 13 87 18 5A 92 CA 4F BA 8A 31 FB B7 A4 6A  .4...Z..O..1...j
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: C4 57 76 0A 19 35                                .Wv..5
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b5d9b0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 7F D4 DD 1B 15 3F  8:55:33Z.......?
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: D1 E9 28 B1 19 F3 7C B3 7A 0C F5 02 F4 34 57 23  ..(...|.z....4W#
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 71 2B E6 B6 50 FF 5A 0C 2A 44 AB 03 5C 58 5A 8F  q+..P.Z.*D..\XZ.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: BC 57 86 AC 7F D5 C5 12 8C 3E D6 BB 16 38 7E 53  .W.......>...8~S
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 08 AE B5 26 18 4E                                ...&.N
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60b78
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 57 23 71 2B E6 B6  8:55:33Z..W#q+..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 50 FF 5A 0C 2A 44 AB 03 5C 58 5A 8F BC 57 7B AD  P.Z.*D..\XZ..W{.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 15 CE ED 57 AD 26 98 19 D0 72 0A 5B 89 E9 5F 3A  ...W.&...r.[.._:
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 1E 29 26 D0 E4 C7 CF A9 20 E2 CE 26 7D BA 86 C9  .)&..... ..&}...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 70 6E D9 A8 6C 8D                                pn..l.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60930
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 06  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B0 5B  ...............[
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: CD 50 47 BF 36 0C 2D BB A2 7A 5D A5 EE 66 17 72  .PG.6.-..z]..f.r
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: A2 0C 05 D4 2F 27 12 07 AF F9 7D E1 F3 12 77 4D  ..../'....}...wM
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: AC DA 95 74 74 7A                                ...ttz
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b609a0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 BA 15 BB 86 8E 1F  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 18 A7 EE 2A 3C 57 02 81 0E BC C3 09 A2 46 88 31  ...*<W.......F.1
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 7B 60 DD 25 58 40 D5 36 3B B3 98 41 18 95 C6 45  {`.%X@.6;..A...E
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 90 2A C1 8B 03 F7 C7 B5 D6 8B 82 56 61 21 72 E8  .*.........Va!r.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 60 DF 34 CB 4D 6D                                `.4.Mm
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60a10
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 EE 01  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: A0 35 29 A6 B3 8B 5D ED 18 AB 6A E8 D7 71 AA AC  .5)...]...j..q..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 19 25 CD 0F DB 45 31 A6 EC 41 BE 27 53 BA 04 26  .%...E1..A.'S..&
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 37 D6 E5 F7 F2 56                                7....V
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b603e0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 26 14 C8 BD 2D 1B  8:55:33Z..&...-.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 59 C7 6A 58 51 AC A4 39 14 7B EE 5B F7 7D 61 D7  Y.jXQ..9.{.[.}a.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: C2 06 BD 93 7C 91 82 0F 76 18 C6 17 97 C2 1C CD  ....|...v.......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 13 13 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  ....e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60450
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 88 31 7B 60 DD 25  8:55:33Z...1{`.%
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 58 40 D5 36 3B B3 98 41 18 95 C6 45 90 2A 50 0B  X@.6;..A...E.*P.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 2F 05 3D 65 11 23 D4 BD 42 91 A6 9B 99 F3 19 C5  /.=e.#..B.......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 79 C9 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  y...e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b604c0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 7B AD 15 CE ED 57  8:55:33Z..{....W
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: AD 26 98 19 D0 72 0A 5B 89 E9 5F 3A 1E 29 DE EB  .&...r.[.._:.)..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 6E C1 78 FC 05 AD C9 A7 FA D8 CA 63 3A 34 A4 7E  n.x........c:4.~
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 04 DA D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  ....e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60530
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 03  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F  ..............:?
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B  x.....i....n9W.;
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  "u..e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b605a0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F  ..............:?
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B  x.....i....n9W.;
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  "u..e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60610
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 EE 01 A0 35 29 A6  8:55:33Z.....5).
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: B3 8B 5D ED 18 AB 6A E8 D7 71 AA AC 19 25 60 4F  ..]...j..q...%`O
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: C6 60 10 07 DD 33 FF 5F 30 AB 6D 33 D0 C3 2C C6  .`...3._0.m3..,.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: AF AF D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  ....e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b5ff58
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 06  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 B0 5B CD 50 47 BF  8:55:33Z...[.PG.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 36 0C 2D BB A2 7A 5D A5 EE 66 17 72 A2 0C 78 CD  6.-..z]..f.r..x.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 77 59 86 6A 77 D0 31 03 C2 03 5B F7 DC 7E 61 DC  wY.jw.1...[..~a.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 19 2E D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  ....e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b5ffc8
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 07  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F  ..............:?
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B  x.....i....n9W.;
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3  "u..e$...}..h...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 27 78 92 A7 A3 0A                                'x....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60038
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 3A 3F 78 0F 11 A4  8:55:33Z..:?x...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75 A4 95  ..i....n9W.;"u..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: BD 4B 42 A1 FA 26 C3 9F 3F 24 94 08 2B 9F E1 71  .KB..&..?$..+..q
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 07 AB C1 E2 5C 3F 6B 0D C7 8D 57 29 6A A2 87 0C  ....\?k...W)j...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: A6 F7 82 CC F8 0F                                ......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b600a8
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 A4 95 BD 4B 42 A1  8:55:33Z.....KB.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: FA 26 C3 9F 3F 24 94 08 2B 9F E1 71 07 AB 54 09  .&..?$..+..q..T.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 48 D7 C0 27 E8 CC E2 51 66 68 28 05 52 C3 92 BB  H..'...Qfh(.R...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 50 8B 38 F3 0A 0A 96 7F CF 2B FE E1 E3 B2 97 1D  P.8......+......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: E5 40 11 50 48 C8                                .@.PH.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60118
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 54 09 48 D7 C0 27  8:55:33Z..T.H..'
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: E8 CC E2 51 66 68 28 05 52 C3 92 BB 50 8B 9B 66  ...Qfh(.R...P..f
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: C2 3E B2 E3 8B AE 0D AD BE 4B FA BC E8 62 9E 33  .>.......K...b.3
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 6E 48 4F 41 2E CE 7C 55 D6 AE 55 B5 A6 4F 66 01  nHOA..|U..U..Of.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 18 7E 25 B9 AF FC                                .~%...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60188
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 9B 66 C2 3E B2 E3  8:55:33Z...f.>..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 8B AE 0D AD BE 4B FA BC E8 62 9E 33 6E 48 CF A3  .....K...b.3nH..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 54 3C 7F 39 22 69 BD C0 D5 BF 29 05 F1 BE 8B B2  T<.9"i....).....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: DD 7D 43 79 A3 D4 30 19 B4 6F A3 57 F7 DD 6A 53  .}Cy..0..o.W..jS
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: B4 5A 3C A8 FB 79                                .Z<..y
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b601f8
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 60 4F C6 60 10 07  8:55:33Z..`O.`..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: DD 33 FF 5F 30 AB 6D 33 D0 C3 2C C6 AF AF CD EB  .3._0.m3..,.....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 78 A0 CC 80 28 BA B5 78 F2 F8 5F 3A F9 1F 03 57  x...(..x.._:...W
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 78 A4 88 55 13 EB 0E F1 A5 0B 09 33 40 0E 4A 10  x..U.......3@.J.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 35 74 97 3B E8 5C                                5t.;.\
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60268
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 08  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1D 2F  .............../
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 36 17 44 32 EC DF 99 E8 4D AE E2 BC C7 D3 13 1C  6.D2....M.......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 0F BF 1A 84 80 3D 29 14 E0 3A 12 C8 33 FF 80 BC  .....=)..:..3...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: CA 1F B6 72 90 53                                ...r.S
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b602d8
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 09  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 C2  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: D5 F2 25 D1 CC E2 38 25 EE 4D 42 37 9C 85 B8 55  ..%...8%.MB7...U
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: A5 49 EE D2 09 89 F6 F6 53 9C D6 57 CF A8 DF A5  .I......S..W....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: D6 67 23 C4 E2 B4                                .g#...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b60348
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 0A  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C8 34  ...............4
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: E9 1E 6C D2 9D 77 A0 BB D8 85 E7 70 6A DA 56 00  ..l..w.....pj.V.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: A6 EE CC DB 51 F8 01 B3 39 CD 5C B3 6B 54 19 9A  ....Q...9.\.kT..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 36 B0 98 D2 45 F1                                6...E.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b61aa8
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 0B  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30  ....2012-02-06T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00  8:55:33Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B2 A8  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 3B 0E BF 2F 83 74 29 9A 5B 2B DF C3 1E A9 55 AD  ;../.t).[+....U.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 72 36 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52  r6.i.x.E.(QsC.>R
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: C5 C2 52 99 E4 73                                ..R..s
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b62730
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 02 80 00 00 11  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 31 30 54 30  ....2012-02-10T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 30 35 3A 32 35 5A 00 14 17 17 17 17 17 17  8:05:25Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 17 17 17 17 17 17 17 17 17 17 17 17 17 17 FF FF  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: FF FF D5 37 D4 37 F0 58 13 6E B3 D7 BE 51 7D BE  ...7.7.X.n...Q}.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 76 47 B6 23 C6 19                                vG.#..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 102 bytes @ 0x9b627a0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 00 00 00 90 2A 21 00 00 00 02 80 00 00 12  ......*!........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 80 00 01 00 32 30 31 32 2D 30 32 2D 31 30 54 30  ....2012-02-10T0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 38 3A 30 35 3A 32 35 5A 00 14 18 18 18 18 18 18  8:05:25Z........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 18 18 18 18 18 18 18 18 18 18 18 18 18 18 FF FF  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: FF FF 16 0D 2B 04 D1 1E B2 25 FB 14 86 15 B6 99  ....+....%......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 08 18 69 E1 5B 6C                                ..i.[l
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Simple Evidence Final' 0x005597/0x00400000
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 288 bytes @ 0x9b62938
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 80 00 80 00 00 00 00 14 2F 74 7E F8 BB 01 A1 AC  ......../t~.....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 76 72 8F 77 4B 79 1D 90 ED 79 E1 F2 00 00 01 00  vr.wKy...y......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 4C F8 BE B2 17 ED 97 12 4D 86 8A 9F C6 13 55 81  L.......M.....U.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 07 45 85 BF 8F 35 B7 01 0E 0A 55 FB AA 54 1B 1F  .E...5....U..T..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 34 55 AD 1C B7 FB D0 1D 05 9E 58 4B 70 FF 6E F2  4U........XKp.n.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 95 90 F1 D0 E4 96 A3 38 BF A8 3F 3D 8F D8 A2 28  .......8..?=...(
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: AC C3 E1 3A C1 B0 3A 6F 3A A6 C6 5C 59 D2 99 8F  ...:..:o:..\Y...
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  112: 17 1E CE 96 A6 7F 01 33 58 A1 2F 52 8F 7D 90 A0  .......3X./R.}..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  128: 31 9A 1D 34 8A 37 BC 4D BA 9D F4 5F 26 D7 EC 45  1..4.7.M..._&..E
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  144: 16 21 C6 BC B7 D3 64 A7 04 45 16 C0 31 6C 5F 12  .!....d..E..1l_.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  160: 9C 02 CA 69 8B 8D 80 39 EB 51 74 80 8E 2A 22 09  ...i...9.Qt..*".
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  176: 35 05 20 C3 C4 E1 BC 1E 0F D1 E8 3F 89 A9 2C 0A  5. ........?..,.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  192: 55 26 43 18 22 6A 37 64 45 EA CA A4 E6 F6 8A 8C  U&C."j7dE.......
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  208: 1B D9 B2 2C 02 94 CE 10 05 7D 20 CA 2A E6 AB 4F  ...,.....} .*..O
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  224: D9 20 9D A0 B2 BF AF 77 A2 35 22 88 E7 F5 2C C0  . .....w.5"...,.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  240: 0E 83 9A 58 62 5C 2E 31 2F 2C 17 A3 96 BD 43 CF  ...Xb\.1/,....C.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  256: ED 60 11 7E 02 7F EF D7 1B F2 32 64 C0 27 BD 42  .`.~......2d.'.B
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  272: 21 FB 6C 40 D4 39 2C 47 33 0F 6B 4A 91 07 68 F8  !.l@.9,G3.kJ..h.

This is a large PB-TNC CDATA batch comprising 3646 bytes distributed over 4 IKEv2 EAP-TTLS messages:

Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] creating PB-TNC CDATA batch
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] adding PB-PA message
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] sending PB-TNC CDATA batch (3646 bytes) for Connection ID 1
Feb 10 09:05:27 pin1212a00 charon: 11[TNC] => 3646 bytes @ 0x9b5e3d0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]    0: 02 00 00 01 00 00 0E 3E 80 00 00 00 00 00 00 01  .......>........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   16: 00 00 0E 36 00 00 55 97 00 00 00 01 00 01 FF FF  ...6..U.........
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 05 AE 83 C6 00 00 55 97 00 30 00 00  ..........U..0..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   48: 00 00 00 72 80 00 00 00 00 90 2A 21 00 00 00 03  ...r......*!....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   64: 80 00 00 00 80 00 01 00 32 30 31 32 2D 30 32 2D  ........2012-02-
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   80: 30 36 54 30 38 3A 35 35 3A 33 33 5A 00 14 00 00  06T08:55:33Z....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]   96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  112: 00 00 98 72 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2  ...r.K.@..6?.j..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  128: 67 C9 CB 34 20 0B C4 2F ED AD 26 82 00 CB 1D 15  g..4 ../..&.....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  144: F9 78 41 C3 44 E7 9D AE 33 20 00 00 55 97 00 30  .xA.D...3 ..U..0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  160: 00 00 00 00 00 72 80 00 00 00 00 90 2A 21 00 00  .....r......*!..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  176: 00 03 80 00 00 00 80 00 01 00 32 30 31 32 2D 30  ..........2012-0
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  192: 32 2D 30 36 54 30 38 3A 35 35 3A 33 33 5A 00 14  2-06T08:55:33Z..
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  208: 98 72 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2 67 C9  .r.K.@..6?.j..g.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  224: CB 34 20 0B 26 14 C8 BD 2D 1B 59 C7 6A 58 51 AC  .4 .&...-.Y.jXQ.
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  240: A4 39 14 7B EE 5B F7 7D E4 73 A3 20 09 19 84 8C  .9.{.[.}.s. ....
Feb 10 09:05:27 pin1212a00 charon: 11[TNC]  256: 04 F5 CB 4B 32 D3 9A 55 7E 8F 87 09 00 00 55 97  ...K2..U~.....U.
                                         ----------------- truncated batch ------------------
Feb 10 09:05:27 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:27 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 16 [ EAP/RES/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:27 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:27 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 16 [ EAP/REQ/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 17 [ EAP/RES/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:27 pin1212a00 charon: 06[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:27 pin1212a00 charon: 06[ENC] parsed IKE_AUTH response 17 [ EAP/REQ/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 06[ENC] generating IKE_AUTH request 18 [ EAP/RES/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 06[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:27 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:27 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 18 [ EAP/REQ/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 19 [ EAP/RES/TTLS ]
Feb 10 09:05:27 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

TNC Assessment

A PB-TNC RESULT batch is received from the TNC server containing a 'PB-Assessment-Result' and a 'PB-Access-Recommendation' message
causing the IF-TNCCS 2.0 state machine to go into the 'Decided' state:

Feb 10 09:05:28 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:28 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 19 [ EAP/REQ/TTLS ]
Feb 10 09:05:28 pin1212a00 charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] received TNCCS batch (40 bytes) for Connection ID 1
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] => 40 bytes @ 0x9b5d2c2
Feb 10 09:05:28 pin1212a00 charon: 14[TNC]    0: 02 80 00 03 00 00 00 28 80 00 00 00 00 00 00 02  .......(........
Feb 10 09:05:28 pin1212a00 charon: 14[TNC]   16: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 03  ................
Feb 10 09:05:28 pin1212a00 charon: 14[TNC]   32: 00 00 00 10 00 00 00 01                          ........
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Server Working' to 'Decided'
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] processing PB-TNC RESULT batch
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] processing PB-Assessment-Result message (16 bytes)
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] processing PB-Access-Recommendation message (16 bytes)

The received TNC assessment result is 'compliant' and the access recommendation is 'Access Allowed':

Feb 10 09:05:28 pin1212a00 charon: 14[TNC] PB-TNC assessment result is 'compliant'
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] PB-TNC access recommendation is 'Access Allowed'
Feb 10 09:05:28 pin1212a00 charon: 14[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Allowed'

The IF-TNCCS 2.0 finite state machine goes into the final Close state and sends a PB-TNC CLOSE batch back to the TNC server:

Feb 10 09:05:28 pin1212a00 charon: 14[TNC] creating PB-TNC CLOSE batch
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Decided' to 'End'
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1
Feb 10 09:05:28 pin1212a00 charon: 14[TNC] => 8 bytes @ 0x9b55358
Feb 10 09:05:28 pin1212a00 charon: 14[TNC]    0: 02 00 00 06 00 00 00 08                          ........
Feb 10 09:05:28 pin1212a00 charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:28 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 20 [ EAP/RES/TTLS ]
Feb 10 09:05:28 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Final Mutual IKEv2 EAP Authentication

Based on the positive TNC assessment the IPsec gateway acting as a Policy Enforcement Point (PEP) finalizes the EAP-TTLS authentication with an EAP SUCCESS message:

Feb 10 09:05:28 pin1212a00 charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:28 pin1212a00 charon: 03[ENC] parsed IKE_AUTH response 20 [ EAP/SUCC ]
Feb 10 09:05:28 pin1212a00 charon: 03[IKE] EAP method EAP_TTLS succeeded, MSK established

The IPsec client generates its IKEv2 AUTH payload by binding it to the MSK from the EAP-TTLS tunnel:

Feb 10 09:05:28 pin1212a00 charon: 03[IKE] authentication of 'carol@strongswan.org' (myself) with EAP
Feb 10 09:05:28 pin1212a00 charon: 03[ENC] generating IKE_AUTH request 21 [ AUTH ]
Feb 10 09:05:28 pin1212a00 charon: 03[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

The IKE_AUTH response received from the IPsec gateway finalizes the IKEv2 negotiation:

Feb 10 09:05:28 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:28 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 21 [ AUTH SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ]
Feb 10 09:05:28 pin1212a00 charon: 08[IKE] authentication of 'moon.strongswan.org' with EAP successful

The Attestation IMC instance deletes itself and the PB-TNC (IF-TNCCS 2.0) connection is closed:

Feb 10 09:05:28 pin1212a00 charon: 08[IMC] IMC 1 "Attestation" deleted the state of Connection ID 1
Feb 10 09:05:28 pin1212a00 charon: 08[TNC] removed TNCCS Connection ID 1

An IPsec Security Association is established between IPsec client and IPsec gateway and payload traffic can now be securely tunneled:

Feb 10 09:05:28 pin1212a00 charon: 08[IKE] IKE_SA home[1] established between 192.168.0.254[carol@strongswan.org]...192.168.0.1[moon.strongswan.org]
Feb 10 09:05:28 pin1212a00 charon: 08[IKE] scheduling reauthentication in 10156s
Feb 10 09:05:28 pin1212a00 charon: 08[IKE] maximum IKE_SA lifetime 10696s
Feb 10 09:05:28 pin1212a00 charon: 08[IKE] CHILD_SA home{1} established with SPIs c7990694_i c4641f18_o and TS 192.168.0.254/32 === 10.1.0.0/28 

Go to UserDocumentation->TNC->PTS-IMV

IF-TNCCS-20-State-Diagram.png - IF-TNCCS 2.0 State Diagram (72.8 KB) Andreas Steffen, 29.11.2011 13:56