Project

General

Profile

Hardcopy Device Integrity Measurement Collector

Configuration of HCD IMC

The /etc/strongswan.conf configuration file of the hardcopy device carol restricts the maximum PB-TNC batch size to 16'370 bytes and as a consequence the PA-TNC message size to 16'338 bytes.

The simulation is running on a Debian virtual KVM host but some operating system parameters can be manually set in libimcv.os_info section to emulate an embedded hardcopy device.

The PA-TNC attributes of the Hardcopy Device Integrity Measurement Collectore (HCD-IMC) are defined in the libimcv.plugins.imc-hcd section of /etc/strongswan.conf:

charon {
  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

  plugins {
    eap-ttls {
      max_message_count = 0
    }
    eap-tnc {
      max_message_count = 0
    }
    tnccs-20 {
      max_batch_size = 16370
      max_message_size = 16338
    }
  }
}

libimcv {
  os_info {
    name = strongPrint OS
    version = 1.0
    default_password_enabled = yes
  }

  plugins {
    imc-hcd {
      push_info = no 
      subtypes {
        system {
          attributes_natural_language = en
          machine_type_model = strongPrint Laser X.509a
          vendor_name = ITA-HSR
          vendor_smi_code = 36906
          pstn_fax_enabled = yes
          time_source = 0.ch.pool.ntp.org
          user_application_enabled = yes
          user_application_persistence_enabled = no

          firmware {
            fw-1 {
              name = Firmware ABC 
              patches = "security patch 2014-05-08\r\nupgrade 2014-08-16\r\nsecurity patch 2015-3-22\r\n" 
              string_version = 1.0.7
              version = 00000001000000000000000700000000
            }
            fw-2 {
              name = Firmware UVW 
              string_version = 13.8.5
              version = 0000000D000000080000000500000000
            }
          }

          resident_application {
            resident-app-1 {
              name = Resident App XYZ 
              patches = "xmas patch 2014-12-24\r\nservice patch 2015-05-22\r\n" 
              string_version = 2.5
              version = 00000002000000050000000000000000
            }
          }

          user_application {
            user-app-1 {
              name = My Java Photo App
              patches =
              string_version = 5.2.3.8.1
              version = 00000005000000020000000300080001
            }
            user-app-2 {
              name = Print Your Dinosaur!
              patches =
              string_version = 1.0
              version = 00000001000000000000000000000000
            }
            user-app-3 {
              name = Label Everything App
              patches =
              string_version = 7.5.8.2.3
              version = 00000007000000050000000800020003
            }
          }

          certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
          configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf
        }

        console {
          attributes_natural_language = ru
        }

        marker {
          attributes_natural_language = fr
        }

        finisher {
          attributes_natural_language = de
        }

        interface {
          attributes_natural_language = en

          resident_application {
            resident-app-if {
              name = Resident App Interface+ 
              patches = "service patch 2015-02-09\r\n" 
              string_version = 2.5
              version = 00000002000000050000000000000000
            }
          }
        }

        scanner {
          attributes_natural_language = en

          firmware {
            fw-scanner {
              name = Scanner Firmware 
              patches = "security patch 2013-08-11\r\nsecurity patch 2015-5-30\r\n" 
              string_version = 2.5.3
              version = 00000002000000050000000300000000
            }
          }

          user_application {
            user-app-scanner {
              name = EasyScan
              patches =
              string_version = 2.2.3.5.7
              version = 00000002000000020000000300050007
            }
          }
        }
      }
    }
  }
}

Setting up PT-EAP connection from device carol

The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.

Aug  4 17:24:13 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr3, Linux 4.1.3, x86_64)
Aug  4 17:24:13 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Aug  4 17:24:13 carol charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Aug  4 17:24:13 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Aug  4 17:24:13 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Aug  4 17:24:13 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Aug  4 17:24:13 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Aug  4 17:24:13 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Aug  4 17:24:13 carol charon: 00[CFG]   loaded EAP secret for carol

Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard Operating System PA subtype and the HCD IMC to the mandatory System and the five recommended Console, Marker, Finisher, Interface and Scanner PWG HCD PA subtypes.

Aug  4 17:24:13 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config'
Aug  4 17:24:13 carol charon: 00[TNC] added IETF attributes
Aug  4 17:24:13 carol charon: 00[TNC] added ITA-HSR attributes
Aug  4 17:24:13 carol charon: 00[TNC] added PWG attributes
Aug  4 17:24:13 carol charon: 00[TNC] added TCG attributes
Aug  4 17:24:13 carol charon: 00[LIB] libimcv initialized
Aug  4 17:24:13 carol charon: 00[IMC] IMC 1 "OS" initialized
Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'
Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001
Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so'
Aug  4 17:24:13 carol charon: 00[IMC] IMC 2 "HCD" initialized
Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'
Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'
Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032
Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'

The VPN client loads the definition for the IPsec connection to the VPN gateway

Aug  4 17:24:13 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
Aug  4 17:24:13 carol charon: 00[JOB] spawning 16 worker threads
Aug  4 17:24:13 carol charon: 05[CFG] received stroke: add connection 'home'
Aug  4 17:24:13 carol charon: 05[CFG] added configuration 'home'

The VPN client carol starts the IKEv2 negotiation with the VPN gateway moon. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server alice located behind the VPN gateway.

Aug  4 17:24:14 carol charon: 10[CFG] received stroke: initiate 'home'
Aug  4 17:24:14 carol charon: 04[IKE] initiating IKE_SA home[1] to 192.168.0.1
Aug  4 17:24:14 carol charon: 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Aug  4 17:24:14 carol charon: 04[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes)
Aug  4 17:24:14 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes)
Aug  4 17:24:14 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Aug  4 17:24:14 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:14 carol charon: 12[IKE] establishing CHILD_SA home
Aug  4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ]
Aug  4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes)
Aug  4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes)
Aug  4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Aug  4 17:24:15 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" 
Aug  4 17:24:15 carol charon: 13[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" 
Aug  4 17:24:15 carol charon: 13[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" 
Aug  4 17:24:15 carol charon: 13[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Aug  4 17:24:15 carol charon: 13[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 13[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 13[CFG]   crl is valid: until Sep 03 17:23:39 2015
Aug  4 17:24:15 carol charon: 13[CFG] certificate status is good
Aug  4 17:24:15 carol charon: 13[CFG]   reached self-signed root ca with a path length of 0
Aug  4 17:24:15 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful
Aug  4 17:24:15 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol'
Aug  4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
Aug  4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 03[IKE] server requested EAP_TTLS authentication (id 0xCA)
Aug  4 17:24:15 carol charon: 03[TLS] EAP_TTLS version is v0
Aug  4 17:24:15 carol charon: 03[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Aug  4 17:24:15 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes)
Aug  4 17:24:15 carol charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes)
Aug  4 17:24:15 carol charon: 15[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 15[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Aug  4 17:24:15 carol charon: 15[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'
Aug  4 17:24:15 carol charon: 15[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" 
Aug  4 17:24:15 carol charon: 15[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" 
Aug  4 17:24:15 carol charon: 15[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 15[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
Aug  4 17:24:15 carol charon: 15[CFG]   crl is valid: until Sep 03 17:23:39 2015
Aug  4 17:24:15 carol charon: 15[CFG]   using cached crl
Aug  4 17:24:15 carol charon: 15[CFG] certificate status is good
Aug  4 17:24:15 carol charon: 15[CFG]   reached self-signed root ca with a path length of 0
Aug  4 17:24:15 carol charon: 15[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA
Aug  4 17:24:15 carol charon: 15[TLS] no TLS peer certificate found for 'carol', skipping client authentication
Aug  4 17:24:15 carol charon: 15[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes)
Aug  4 17:24:15 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes)
Aug  4 17:24:15 carol charon: 16[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]
Aug  4 17:24:15 carol charon: 16[IKE] server requested EAP_IDENTITY authentication (id 0x00)
Aug  4 17:24:15 carol charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]
Aug  4 17:24:15 carol charon: 16[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Aug  4 17:24:15 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes)
Aug  4 17:24:15 carol charon: 02[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Aug  4 17:24:15 carol charon: 02[IKE] server requested EAP_MD5 authentication (id 0x1B)
Aug  4 17:24:15 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]
Aug  4 17:24:15 carol charon: 02[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)
Aug  4 17:24:15 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)
Aug  4 17:24:15 carol charon: 01[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Aug  4 17:24:15 carol charon: 01[IKE] server requested EAP_PT_EAP authentication (id 0x33)
Aug  4 17:24:15 carol charon: 01[TLS] EAP_PT_EAP version is v1

THE PB-TNC connection between TNC client and TNC server is established. The maximum size of a PA-TNC message is limited to 16338 bytes.

Aug  4 17:24:15 carol charon: 01[TNC] TNC client is handling outbound connection
Aug  4 17:24:15 carol charon: 01[TNC] assigned TNCCS Connection ID 1
Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes
Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake'
Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'

Sending standard OS attributes

The OS IMC retrieves information on the operating system

Aug  4 17:24:15 carol charon: 01[IMC] operating system numeric version is 1.0
Aug  4 17:24:15 carol charon: 01[IMC] last boot: Aug 04 17:24:00 UTC 2015, 15 s ago
Aug  4 17:24:15 carol charon: 01[IMC] IPv4 forwarding is disabled
Aug  4 17:24:15 carol charon: 01[IMC] factory default password is enabled
Aug  4 17:24:15 carol charon: 01[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e

The OS IMC is sending operating system information using IETF standard attributes

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xfbbcb9bd
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 197 bytes @ 0x7b0b70
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 FB BC B9 BD 00 00 00 00 00 00 00 02  ................
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50  .........strongP
Aug  4 17:24:15 carol charon: 01[IMC]   32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00  rint OS.........
Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00  ....1.0.........
Aug  4 17:24:15 carol charon: 01[IMC]   64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 01[IMC]   80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00  ................
Aug  4 17:24:15 carol charon: 01[IMC]   96: 24 03 01 00 00 32 30 31 35 2D 30 38 2D 30 34 54  $....2015-08-04T
Aug  4 17:24:15 carol charon: 01[IMC]  112: 31 37 3A 32 34 3A 30 30 5A 00 00 00 00 00 00 00  17:24:00Z.......
Aug  4 17:24:15 carol charon: 01[IMC]  128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 01[IMC]  144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00  ............*...
Aug  4 17:24:15 carol charon: 01[IMC]  160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63  ....,79433e32cfc
Aug  4 17:24:15 carol charon: 01[IMC]  176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66  1d0d3e7a637c954f
Aug  4 17:24:15 carol charon: 01[IMC]  192: 30 38 37 30 65                                   0870e
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001

Sending basic HCD attributes

The HCD IMC is retrieving attributes for PA subtype PWG/HCD System. Since push_info = no was set in the imc-hcd plugin section of strongswan.conf no large
Firmware, UserApplication or ResidentApplication quadruples are sent without an explict attribute request from the HCD IMV.

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD System
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en
Aug  4 17:24:15 carol charon: 01[IMC]   HCD DefaultPasswordEnabled: yes
Aug  4 17:24:15 carol charon: 01[IMC]   HCD ForwardingEnabled: disabled
Aug  4 17:24:15 carol charon: 01[IMC]   HCD MachineTypeModel: strongPrint Laser X.509a
Aug  4 17:24:15 carol charon: 01[IMC]   HCD PSTNFaxEnabled: yes
Aug  4 17:24:15 carol charon: 01[IMC]   HCD TimeSource: 0.ch.pool.ntp.org
Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorName: ITA-HSR
Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorSMICode: 0x00902a (36906)
Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationEnabled: yes
Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationPersistenceEnabled: no

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD System

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x7add7208
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 202 bytes @ 0x7b2c70
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 7A DD 72 08 00 00 0A 8B 00 00 00 01  ....z.r.........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00  ....en..........
Aug  4 17:24:15 carol charon: 01[IMC]   32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00  ................
Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00  ................
Aug  4 17:24:15 carol charon: 01[IMC]   64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61  .$strongPrint La
Aug  4 17:24:15 carol charon: 01[IMC]   80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00  ser X.509a......
Aug  4 17:24:15 carol charon: 01[IMC]   96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .(..............
Aug  4 17:24:15 carol charon: 01[IMC]  112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E  .2....0.ch.pool.
Aug  4 17:24:15 carol charon: 01[IMC]  128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00  ntp.org.........
Aug  4 17:24:15 carol charon: 01[IMC]  144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00  ...ITA-HSR......
Aug  4 17:24:15 carol charon: 01[IMC]  160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00  .........*......
Aug  4 17:24:15 carol charon: 01[IMC]  176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .h..............
Aug  4 17:24:15 carol charon: 01[IMC]  192: 00 69 00 00 00 10 00 00 00 00                    .i........
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Console

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Console
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: ru

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Console

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xc08b37ea
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7a6de0
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 C0 8B 37 EA 00 00 0A 8B 00 00 00 01  ......7.........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 72 75                                ....ru
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Marker

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Marker
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: fr

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Marker

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xba97337a
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b3e20
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 BA 97 33 7A 00 00 0A 8B 00 00 00 01  ......3z........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 66 72                                ....fr
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Finisher

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Finisher
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: de

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Finisher

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x649b1045
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b1320
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 64 9B 10 45 00 00 0A 8B 00 00 00 01  ....d..E........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 64 65                                ....de
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Interface

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Interface
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Interface

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xa55e5dcb
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b2a10
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 A5 5E 5D CB 00 00 0A 8B 00 00 00 01  .....^].........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Scanner

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Scanner
Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Scanner

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x9b793f7a
Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001
Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b0a90
Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 9B 79 3F 7A 00 00 0A 8B 00 00 00 01  .....y?z........
Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

The first Client Data PB-TNC batch is sent to the TNC server

Aug  4 17:24:15 carol charon: 01[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Aug  4 17:24:15 carol charon: 01[TNC] creating PB-TNC CDATA batch
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-Language-Preference message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 01[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1
Aug  4 17:24:15 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Aug  4 17:24:15 carol charon: 01[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)

Sending HCD quadruples upon request

In response a Server Data PB-TNC batch is received

Aug  4 17:24:15 carol charon: 05[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes)
Aug  4 17:24:15 carol charon: 05[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Aug  4 17:24:15 carol charon: 05[TNC] received TNCCS batch (602 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] TNC client is handling inbound connection
Aug  4 17:24:15 carol charon: 05[TNC] processing PB-TNC SDATA batch for Connection ID 1
Aug  4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Aug  4 17:24:15 carol charon: 05[TNC] processing TCG/PB-PDP-Referral message (42 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (112 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)
Aug  4 17:24:15 carol charon: 05[TNC] PDP server 'aaa.strongswan.org' is listening on port 271

The first PA-TNC message of subtype PWG/HCD System contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 88 bytes @ 0x7b4ce0
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 86 16 79 E2 00 00 55 97 00 00 00 21  ......y...U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15  .......<........
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50  .......<.......P
Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8  .......d........
Aug  4 17:24:15 carol charon: 05[IMC]   80: 00 00 0A 8B 00 00 00 C9                          ........
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x861679e2
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000015 'PWG/HCD FirewallSetting'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c8 'PWG/HCD CertificationState'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[IMC] --- fw-1 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware ABC
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches:
Aug  4 17:24:15 carol charon: 05[IMC] security patch 2014-05-08#015
Aug  4 17:24:15 carol charon: 05[IMC] upgrade 2014-08-16#015
Aug  4 17:24:15 carol charon: 05[IMC] security patch 2015-3-22#015
Aug  4 17:24:15 carol charon: 05[IMC] --- fw-2 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware UVW
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches: 
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareStringVersion: 13.8.5
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00
Aug  4 17:24:15 carol charon: 05[IMC] --- resident-app-1 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationName: Resident App XYZ
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationPatches:
Aug  4 17:24:15 carol charon: 05[IMC] xmas patch 2014-12-24#015
Aug  4 17:24:15 carol charon: 05[IMC] service patch 2015-05-22#015
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationStringVersion: 2.5
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-1 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: My Java Photo App
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 5.2.3.8.1
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01
Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-2 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Print Your Dinosaur!
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 1.0
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00
Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-3 ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Label Everything App
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 7.5.8.2.3
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:07:00:00:00:05:00:00:00:08:00:02:00:03
Aug  4 17:24:15 carol charon: 05[IMC]   HCD CertificationState: => 32 bytes @ 0x7b7d50
Aug  4 17:24:15 carol charon: 05[IMC]    0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F  ................
Aug  4 17:24:15 carol charon: 05[IMC]   16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F  ................
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ConfigurationState: => 48 bytes @ 0x7b96f0
Aug  4 17:24:15 carol charon: 05[IMC]    0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF  ................
Aug  4 17:24:15 carol charon: 05[IMC]   16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF  ................
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xc1018e8f
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 770 bytes @ 0x7becc0
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 C1 01 8E 8F 00 00 55 97 00 00 00 22  ..........U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65  ...<....Firmware
Aug  4 17:24:15 carol charon: 05[IMC]   48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 55   ABC.......=...U
Aug  4 17:24:15 carol charon: 05[IMC]   64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32  security patch 2
Aug  4 17:24:15 carol charon: 05[IMC]   80: 30 31 34 2D 30 35 2D 30 38 0D 0A 75 70 67 72 61  014-05-08..upgra
Aug  4 17:24:15 carol charon: 05[IMC]   96: 64 65 20 32 30 31 34 2D 30 38 2D 31 36 0D 0A 73  de 2014-08-16..s
Aug  4 17:24:15 carol charon: 05[IMC]  112: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30  ecurity patch 20
Aug  4 17:24:15 carol charon: 05[IMC]  128: 31 35 2D 33 2D 32 32 0D 0A 00 00 0A 8B 00 00 00  15-3-22.........
Aug  4 17:24:15 carol charon: 05[IMC]  144: 3E 00 00 00 11 31 2E 30 2E 37 00 00 0A 8B 00 00  >....1.0.7......
Aug  4 17:24:15 carol charon: 05[IMC]  160: 00 3F 00 00 00 1C 00 00 00 01 00 00 00 00 00 00  .?..............
Aug  4 17:24:15 carol charon: 05[IMC]  176: 00 07 00 00 00 00 00 00 0A 8B 00 00 00 3C 00 00  .............<..
Aug  4 17:24:15 carol charon: 05[IMC]  192: 00 18 46 69 72 6D 77 61 72 65 20 55 56 57 00 00  ..Firmware UVW..
Aug  4 17:24:15 carol charon: 05[IMC]  208: 0A 8B 00 00 00 3D 00 00 00 0C 00 00 0A 8B 00 00  .....=..........
Aug  4 17:24:15 carol charon: 05[IMC]  224: 00 3E 00 00 00 12 31 33 2E 38 2E 35 00 00 0A 8B  .>....13.8.5....
Aug  4 17:24:15 carol charon: 05[IMC]  240: 00 00 00 3F 00 00 00 1C 00 00 00 0D 00 00 00 08  ...?............
Aug  4 17:24:15 carol charon: 05[IMC]  256: 00 00 00 05 00 00 00 00 00 00 0A 8B 00 00 00 50  ...............P
Aug  4 17:24:15 carol charon: 05[IMC]  272: 00 00 00 1C 52 65 73 69 64 65 6E 74 20 41 70 70  ....Resident App
Aug  4 17:24:15 carol charon: 05[IMC]  288: 20 58 59 5A 00 00 0A 8B 00 00 00 51 00 00 00 3D   XYZ.......Q...=
Aug  4 17:24:15 carol charon: 05[IMC]  304: 78 6D 61 73 20 70 61 74 63 68 20 32 30 31 34 2D  xmas patch 2014-
Aug  4 17:24:15 carol charon: 05[IMC]  320: 31 32 2D 32 34 0D 0A 73 65 72 76 69 63 65 20 70  12-24..service p
Aug  4 17:24:15 carol charon: 05[IMC]  336: 61 74 63 68 20 32 30 31 35 2D 30 35 2D 32 32 0D  atch 2015-05-22.
Aug  4 17:24:15 carol charon: 05[IMC]  352: 0A 00 00 0A 8B 00 00 00 52 00 00 00 0F 32 2E 35  ........R....2.5
Aug  4 17:24:15 carol charon: 05[IMC]  368: 00 00 0A 8B 00 00 00 53 00 00 00 1C 00 00 00 02  .......S........
Aug  4 17:24:15 carol charon: 05[IMC]  384: 00 00 00 05 00 00 00 00 00 00 00 00 00 00 0A 8B  ................
Aug  4 17:24:15 carol charon: 05[IMC]  400: 00 00 00 64 00 00 00 1D 4D 79 20 4A 61 76 61 20  ...d....My Java 
Aug  4 17:24:15 carol charon: 05[IMC]  416: 50 68 6F 74 6F 20 41 70 70 00 00 0A 8B 00 00 00  Photo App.......
Aug  4 17:24:15 carol charon: 05[IMC]  432: 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 00  e...........f...
Aug  4 17:24:15 carol charon: 05[IMC]  448: 15 35 2E 32 2E 33 2E 38 2E 31 00 00 0A 8B 00 00  .5.2.3.8.1......
Aug  4 17:24:15 carol charon: 05[IMC]  464: 00 67 00 00 00 1C 00 00 00 05 00 00 00 02 00 00  .g..............
Aug  4 17:24:15 carol charon: 05[IMC]  480: 00 03 00 08 00 01 00 00 0A 8B 00 00 00 64 00 00  .............d..
Aug  4 17:24:15 carol charon: 05[IMC]  496: 00 20 50 72 69 6E 74 20 59 6F 75 72 20 44 69 6E  . Print Your Din
Aug  4 17:24:15 carol charon: 05[IMC]  512: 6F 73 61 75 72 21 00 00 0A 8B 00 00 00 65 00 00  osaur!.......e..
Aug  4 17:24:15 carol charon: 05[IMC]  528: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 0F 31 2E  .........f....1.
Aug  4 17:24:15 carol charon: 05[IMC]  544: 30 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 00 00  0.......g.......
Aug  4 17:24:15 carol charon: 05[IMC]  560: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A  ................
Aug  4 17:24:15 carol charon: 05[IMC]  576: 8B 00 00 00 64 00 00 00 20 4C 61 62 65 6C 20 45  ....d... Label E
Aug  4 17:24:15 carol charon: 05[IMC]  592: 76 65 72 79 74 68 69 6E 67 20 41 70 70 00 00 0A  verything App...
Aug  4 17:24:15 carol charon: 05[IMC]  608: 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 00 00  ....e...........
Aug  4 17:24:15 carol charon: 05[IMC]  624: 66 00 00 00 15 37 2E 35 2E 38 2E 32 2E 33 00 00  f....7.5.8.2.3..
Aug  4 17:24:15 carol charon: 05[IMC]  640: 0A 8B 00 00 00 67 00 00 00 1C 00 00 00 07 00 00  .....g..........
Aug  4 17:24:15 carol charon: 05[IMC]  656: 00 05 00 00 00 08 00 02 00 03 00 00 0A 8B 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]  672: 00 C8 00 00 00 2C 00 01 02 03 04 05 06 07 08 09  .....,..........
Aug  4 17:24:15 carol charon: 05[IMC]  688: 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19  ................
Aug  4 17:24:15 carol charon: 05[IMC]  704: 1A 1B 1C 1D 1E 1F 00 00 0A 8B 00 00 00 C9 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]  720: 00 3C F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD  .<..............
Aug  4 17:24:15 carol charon: 05[IMC]  736: FE FF E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED  ................
Aug  4 17:24:15 carol charon: 05[IMC]  752: EE EF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD  ................
Aug  4 17:24:15 carol charon: 05[IMC]  768: DE DF                                            ..
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

The next PA-TNC message of subtype PWG/HCD Console also contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7730
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 F4 04 56 EE 00 00 55 97 00 00 00 21  ......V...U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf40456ee
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x0076a4b4
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b61e0
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 00 76 A4 B4 00 00 55 97 00 00 00 22  .....v....U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

The next PA-TNC message of subtype PWG/HCD Marker also contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 17 E7 9B 01 00 00 55 97 00 00 00 21  ..........U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x17e79b01
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x206fbf0c
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b4d10
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 20 6F BF 0C 00 00 55 97 00 00 00 22  .... o....U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

The next PA-TNC message of subtype PWG/HCD Finisher also contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 F8 29 1D 74 00 00 55 97 00 00 00 21  .....).t..U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf8291d74
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x9f1c93d6
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b6630
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 9F 1C 93 D6 00 00 55 97 00 00 00 22  ..........U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

The next PA-TNC message of subtype PWG/HCD Interface also contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7bef80
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 4A BC 71 FC 00 00 55 97 00 00 00 21  ....J.q...U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x4abc71fc
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[IMC] --- resident-app-if ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationName: Resident App Interface+
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationPatches:
Aug  4 17:24:15 carol charon: 05[IMC] service patch 2015-02-09#015
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationStringVersion: 2.5
Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xcd4397f4
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 144 bytes @ 0x7b4ec0
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 CD 43 97 F4 00 00 55 97 00 00 00 22  .....C....U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 50 00 00 00 23 52 65 73 69 64 65 6E 74  ...P...#Resident
Aug  4 17:24:15 carol charon: 05[IMC]   48: 20 41 70 70 20 49 6E 74 65 72 66 61 63 65 2B 00   App Interface+.
Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 0A 8B 00 00 00 51 00 00 00 26 73 65 72 76 69  ......Q...&servi
Aug  4 17:24:15 carol charon: 05[IMC]   80: 63 65 20 70 61 74 63 68 20 32 30 31 35 2D 30 32  ce patch 2015-02
Aug  4 17:24:15 carol charon: 05[IMC]   96: 2D 30 39 0D 0A 00 00 0A 8B 00 00 00 52 00 00 00  -09.........R...
Aug  4 17:24:15 carol charon: 05[IMC]  112: 0F 32 2E 35 00 00 0A 8B 00 00 00 53 00 00 00 1C  .2.5.......S....
Aug  4 17:24:15 carol charon: 05[IMC]  128: 00 00 00 02 00 00 00 05 00 00 00 00 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

The next PA-TNC message of subtype PWG/HCD Scanner also contains attribute requests for missing attributes

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1
Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b8db0
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 CB B4 70 D2 00 00 55 97 00 00 00 21  ......p...U....!
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<
Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xcbb470d2
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021
Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'
Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes
Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes
Aug  4 17:24:15 carol charon: 05[IMC] --- fw-scanner ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Scanner Firmware
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches:
Aug  4 17:24:15 carol charon: 05[IMC] security patch 2013-08-11#015
Aug  4 17:24:15 carol charon: 05[IMC] security patch 2015-5-30#015
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareStringVersion: 2.5.3
Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareVersion: 00:00:00:02:00:00:00:05:00:00:00:03:00:00:00:00
Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-scanner ---
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: EasyScan
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 2.2.3.5.7
Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:02:00:00:00:02:00:00:00:03:00:05:00:07
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x6238a2db
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066
Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067
Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 247 bytes @ 0x7b9d60
Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 62 38 A2 DB 00 00 55 97 00 00 00 22  ....b8....U...." 
Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....
Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 3C 00 00 00 1C 53 63 61 6E 6E 65 72 20  ...<....Scanner 
Aug  4 17:24:15 carol charon: 05[IMC]   48: 46 69 72 6D 77 61 72 65 00 00 0A 8B 00 00 00 3D  Firmware.......=
Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 00 00 41 73 65 63 75 72 69 74 79 20 70 61 74  ...Asecurity pat
Aug  4 17:24:15 carol charon: 05[IMC]   80: 63 68 20 32 30 31 33 2D 30 38 2D 31 31 0D 0A 73  ch 2013-08-11..s
Aug  4 17:24:15 carol charon: 05[IMC]   96: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30  ecurity patch 20
Aug  4 17:24:15 carol charon: 05[IMC]  112: 31 35 2D 35 2D 33 30 0D 0A 00 00 0A 8B 00 00 00  15-5-30.........
Aug  4 17:24:15 carol charon: 05[IMC]  128: 3E 00 00 00 11 32 2E 35 2E 33 00 00 0A 8B 00 00  >....2.5.3......
Aug  4 17:24:15 carol charon: 05[IMC]  144: 00 3F 00 00 00 1C 00 00 00 02 00 00 00 05 00 00  .?..............
Aug  4 17:24:15 carol charon: 05[IMC]  160: 00 03 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00  .............d..
Aug  4 17:24:15 carol charon: 05[IMC]  176: 00 14 45 61 73 79 53 63 61 6E 00 00 0A 8B 00 00  ..EasyScan......
Aug  4 17:24:15 carol charon: 05[IMC]  192: 00 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00  .e...........f..
Aug  4 17:24:15 carol charon: 05[IMC]  208: 00 15 32 2E 32 2E 33 2E 35 2E 37 00 00 0A 8B 00  ..2.2.3.5.7.....
Aug  4 17:24:15 carol charon: 05[IMC]  224: 00 00 67 00 00 00 1C 00 00 00 02 00 00 00 02 00  ..g.............
Aug  4 17:24:15 carol charon: 05[IMC]  240: 00 00 03 00 05 00 07                             .......
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032
Aug  4 17:24:15 carol charon: 05[TNC] TNC client is handling outbound connection
Aug  4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Aug  4 17:24:15 carol charon: 05[TNC] creating PB-TNC CDATA batch
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message
Aug  4 17:24:15 carol charon: 05[TNC] sending PB-TNC CDATA batch (1397 bytes) for Connection ID 1
Aug  4 17:24:15 carol charon: 05[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Aug  4 17:24:15 carol charon: 05[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 05[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1100 bytes)

No more attributes to send

Aug  4 17:24:15 carol charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 11[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 11[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (524 bytes)
Aug  4 17:24:15 carol charon: 04[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)
Aug  4 17:24:15 carol charon: 04[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 04[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Aug  4 17:24:15 carol charon: 04[TNC] received TNCCS batch (8 bytes)
Aug  4 17:24:15 carol charon: 04[TNC] TNC client is handling inbound connection
Aug  4 17:24:15 carol charon: 04[TNC] processing PB-TNC SDATA batch for Connection ID 1
Aug  4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Aug  4 17:24:15 carol charon: 04[TNC] TNC client is handling outbound connection
Aug  4 17:24:15 carol charon: 04[TNC] no client data to send, sending empty PB-TNC CDATA batch
Aug  4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Aug  4 17:24:15 carol charon: 04[TNC] creating PB-TNC CDATA batch
Aug  4 17:24:15 carol charon: 04[TNC] sending PB-TNC CDATA batch (8 bytes) for Connection ID 1
Aug  4 17:24:15 carol charon: 04[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Aug  4 17:24:15 carol charon: 04[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 04[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

Receiving assessment result

Aug  4 17:24:15 carol charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (188 bytes)
Aug  4 17:24:15 carol charon: 12[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]
Aug  4 17:24:15 carol charon: 12[TNC] received TNCCS batch (40 bytes)
Aug  4 17:24:15 carol charon: 12[TNC] TNC client is handling inbound connection
Aug  4 17:24:15 carol charon: 12[TNC] processing PB-TNC RESULT batch for Connection ID 1
Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Decided'
Aug  4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Assessment-Result message (16 bytes)
Aug  4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Access-Recommendation message (16 bytes)
Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC assessment result is 'don't know'
Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC access recommendation is 'Access Denied'
Aug  4 17:24:15 carol charon: 12[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'None'
Aug  4 17:24:15 carol charon: 12[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'None'
Aug  4 17:24:15 carol charon: 12[TNC] TNC client is handling outbound connection
Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Decided' to 'End'
Aug  4 17:24:15 carol charon: 12[TNC] creating PB-TNC CLOSE batch
Aug  4 17:24:15 carol charon: 12[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1
Aug  4 17:24:15 carol charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]
Aug  4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)
Aug  4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (140 bytes)
Aug  4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]
Aug  4 17:24:15 carol charon: 13[TLS] received TLS close notify
Aug  4 17:24:15 carol charon: 13[TLS] sending TLS close notify
Aug  4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]
Aug  4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (140 bytes)
Aug  4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 13 [ EAP/FAIL ]
Aug  4 17:24:15 carol charon: 03[IKE] received EAP_FAILURE, EAP authentication failed
Aug  4 17:24:15 carol charon: 03[ENC] generating INFORMATIONAL request 14 [ N(AUTH_FAILED) ]
Aug  4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)
Aug  4 17:24:15 carol charon: 03[TNC] TODO: setup PT-TLS connection to aaa.strongswan.org:271
Aug  4 17:24:15 carol charon: 03[IMC] IMC 1 "OS" deleted the state of Connection ID 1
Aug  4 17:24:15 carol charon: 03[IMC] IMC 2 "HCD" deleted the state of Connection ID 1
Aug  4 17:24:15 carol charon: 03[TNC] removed TNCCS Connection ID 1
Aug  4 17:24:59 carol charon: 00[DMN] signal of type SIGINT received. Shutting down
Aug  4 17:24:59 carol charon: 00[IMC] IMC 2 "HCD" terminated
Aug  4 17:24:59 carol charon: 00[IMC] IMC 1 "OS" terminated
Aug  4 17:24:59 carol charon: 00[TNC] removed IETF attributes
Aug  4 17:24:59 carol charon: 00[TNC] removed ITA-HSR attributes
Aug  4 17:24:59 carol charon: 00[TNC] removed PWG attributes
Aug  4 17:24:59 carol charon: 00[TNC] removed TCG attributes
Aug  4 17:24:59 carol charon: 00[LIB] libimcv terminated