strongSwan

h1. Hardcopy Device Integrity Measurement Collector

The PA-TNC attributes of the HCD *carol* are defined in the *libimcv.plugins.imc-hcd* section of /etc/strongswan.conf:

<pre>

charon {

  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

  plugins {

    eap-ttls {

      max_message_count = 0

    }

    eap-tnc {

      max_message_count = 0

    }

    tnccs-20 {

      max_batch_size = 16370

      max_message_size = 16338

    }

  }

}

libimcv {

  os_info {

    name = strongPrint OS

    version = 1.0

    default_password_enabled = yes

  }

  plugins {

    imc-hcd {

      push_info = no 

      subtypes {

        system {

          attributes_natural_language = en

          machine_type_model = strongPrint Laser X.509a

          vendor_name = ITA-HSR

          vendor_smi_code = 36906

          pstn_fax_enabled = yes

          time_source = 0.ch.pool.ntp.org

          user_application_enabled = yes

          user_application_persistence_enabled = no

          firmware {

	    fw-1 {

              name = Firmware ABC 

              patches = "security patch 2014-05-08\r\nupgrade 2014-08-16\r\nsecurity patch 2015-3-22\r\n"

              string_version = 1.0.7

              version = 00000001000000000000000700000000

            }

	    fw-2 {

              name = Firmware UVW 

              string_version = 13.8.5

              version = 0000000D000000080000000500000000

            }

          }

          resident_application {

            resident-app-1 {

              name = Resident App XYZ 

              patches = "xmas patch 2014-12-24\r\nservice patch 2015-05-22\r\n"

              string_version = 2.5

              version = 00000002000000050000000000000000

            }

          }

          user_application {

            user-app-1 {

              name = My Java Photo App

              patches =

              string_version = 5.2.3.8.1

              version = 00000005000000020000000300080001

            }

            user-app-2 {

              name = Print Your Dinosaur!

              patches =

              string_version = 1.0

              version = 00000001000000000000000000000000

            }

            user-app-3 {

              name = Label Everything App

              patches =

              string_version = 7.5.8.2.3

              version = 00000007000000050000000800020003

            }

          }

          certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f

          configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf

        }

        console {

          attributes_natural_language = ru

        }

        marker {

          attributes_natural_language = fr

        }

        finisher {

          attributes_natural_language = de

        }

        interface {

          attributes_natural_language = en

          resident_application {

	    resident-app-if {

              name = Resident App Interface+ 

              patches = "service patch 2015-02-09\r\n"

              string_version = 2.5

              version = 00000002000000050000000000000000

            }

          }

        }

        scanner {

          attributes_natural_language = en

          firmware {

            fw-scanner {

              name = Scanner Firmware 

              patches = "security patch 2013-08-11\r\nsecurity patch 2015-5-30\r\n"

              string_version = 2.5.3

              version = 00000002000000050000000300000000

            }

          }

          user_application {

            user-app-scanner {

              name = EasyScan

              patches =

              string_version = 2.2.3.5.7

              version = 00000002000000020000000300050007

            }

          }

        }

      }

    }

  }

}

</pre>

The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.

<pre>

Aug  4 17:24:13 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr3, Linux 4.1.3, x86_64)

Aug  4 17:24:13 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'

Aug  4 17:24:13 carol charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'

Aug  4 17:24:13 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'

Aug  4 17:24:13 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'

Aug  4 17:24:13 carol charon: 00[CFG]   loaded EAP secret for carol

</pre>

Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard *Operating System* PA subtype and the HCD IMC to the mandatory  *System* and the five recommended *Console*, *Marker*, *Finisher*, *Interface* and *Scanner* PWG HCD PA subtypes. 

<pre>

Aug  4 17:24:13 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config'

Aug  4 17:24:13 carol charon: 00[TNC] added IETF attributes

Aug  4 17:24:13 carol charon: 00[TNC] added ITA-HSR attributes

Aug  4 17:24:13 carol charon: 00[TNC] added PWG attributes

Aug  4 17:24:13 carol charon: 00[TNC] added TCG attributes

Aug  4 17:24:13 carol charon: 00[LIB] libimcv initialized

Aug  4 17:24:13 carol charon: 00[IMC] IMC 1 "OS" initialized

Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'

Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'

Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001

Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so'

Aug  4 17:24:13 carol charon: 00[IMC] IMC 2 "HCD" initialized

Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'

Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'

Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032

Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'

</pre>

The VPN client loads the definition for the IPsec connection to the VPN gateway

<pre>

Aug  4 17:24:13 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

Aug  4 17:24:13 carol charon: 00[JOB] spawning 16 worker threads

Aug  4 17:24:13 carol charon: 05[CFG] received stroke: add connection 'home'

Aug  4 17:24:13 carol charon: 05[CFG] added configuration 'home'

</pre>

The VPN client *carol* starts the IKEv2 negotiation with the VPN gateway *moon*. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server *alice* located behind the VPN gateway.

<pre>

Aug  4 17:24:14 carol charon: 10[CFG] received stroke: initiate 'home'

Aug  4 17:24:14 carol charon: 04[IKE] initiating IKE_SA home[1] to 192.168.0.1

Aug  4 17:24:14 carol charon: 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]

Aug  4 17:24:14 carol charon: 04[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes)

Aug  4 17:24:14 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes)

Aug  4 17:24:14 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]

Aug  4 17:24:14 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:14 carol charon: 12[IKE] establishing CHILD_SA home

Aug  4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ]

Aug  4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes)

Aug  4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes)

Aug  4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]

Aug  4 17:24:15 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...

Aug  4 17:24:15 carol charon: 13[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG]   crl is valid: until Sep 03 17:23:39 2015

Aug  4 17:24:15 carol charon: 13[CFG] certificate status is good

Aug  4 17:24:15 carol charon: 13[CFG]   reached self-signed root ca with a path length of 0

Aug  4 17:24:15 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful

Aug  4 17:24:15 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol'

Aug  4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]

Aug  4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 03[IKE] server requested EAP_TTLS authentication (id 0xCA)

Aug  4 17:24:15 carol charon: 03[TLS] EAP_TTLS version is v0

Aug  4 17:24:15 carol charon: 03[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes)

Aug  4 17:24:15 carol charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes)

Aug  4 17:24:15 carol charon: 15[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 15[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA

Aug  4 17:24:15 carol charon: 15[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'

Aug  4 17:24:15 carol charon: 15[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"

Aug  4 17:24:15 carol charon: 15[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"

Aug  4 17:24:15 carol charon: 15[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG]   crl is valid: until Sep 03 17:23:39 2015

Aug  4 17:24:15 carol charon: 15[CFG]   using cached crl

Aug  4 17:24:15 carol charon: 15[CFG] certificate status is good

Aug  4 17:24:15 carol charon: 15[CFG]   reached self-signed root ca with a path length of 0

Aug  4 17:24:15 carol charon: 15[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA

Aug  4 17:24:15 carol charon: 15[TLS] no TLS peer certificate found for 'carol', skipping client authentication

Aug  4 17:24:15 carol charon: 15[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes)

Aug  4 17:24:15 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes)

Aug  4 17:24:15 carol charon: 16[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]

Aug  4 17:24:15 carol charon: 16[IKE] server requested EAP_IDENTITY authentication (id 0x00)

Aug  4 17:24:15 carol charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]

Aug  4 17:24:15 carol charon: 16[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

Aug  4 17:24:15 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 02[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]

Aug  4 17:24:15 carol charon: 02[IKE] server requested EAP_MD5 authentication (id 0x1B)

Aug  4 17:24:15 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]

Aug  4 17:24:15 carol charon: 02[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)

Aug  4 17:24:15 carol charon: 01[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 01[IKE] server requested EAP_PT_EAP authentication (id 0x33)

Aug  4 17:24:15 carol charon: 01[TLS] EAP_PT_EAP version is v1

</pre>

THE PB-TNC connection between TNC client and TNC server is established. The maximum size of  a PA-TNC message is limited to 16338 bytes.

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] TNC client is handling outbound connection

Aug  4 17:24:15 carol charon: 01[TNC] assigned TNCCS Connection ID 1

Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh

Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes

Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh

Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes

Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake'

Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'

</pre>

The OS IMC retrieves information on the operating system

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] operating system numeric version is 1.0

Aug  4 17:24:15 carol charon: 01[IMC] last boot: Aug 04 17:24:00 UTC 2015, 15 s ago

Aug  4 17:24:15 carol charon: 01[IMC] IPv4 forwarding is disabled

Aug  4 17:24:15 carol charon: 01[IMC] factory default password is enabled

Aug  4 17:24:15 carol charon: 01[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e

</pre>

The OS IMC is sending operating system information using IETF standard attributes

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xfbbcb9bd

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 197 bytes @ 0x7b0b70

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 FB BC B9 BD 00 00 00 00 00 00 00 02  ................

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50  .........strongP

Aug  4 17:24:15 carol charon: 01[IMC]   32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00  rint OS.........

Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00  ....1.0.........

Aug  4 17:24:15 carol charon: 01[IMC]   64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   96: 24 03 01 00 00 32 30 31 35 2D 30 38 2D 30 34 54  $....2015-08-04T

Aug  4 17:24:15 carol charon: 01[IMC]  112: 31 37 3A 32 34 3A 30 30 5A 00 00 00 00 00 00 00  17:24:00Z.......

Aug  4 17:24:15 carol charon: 01[IMC]  128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]  144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00  ............*...

Aug  4 17:24:15 carol charon: 01[IMC]  160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63  ....,79433e32cfc

Aug  4 17:24:15 carol charon: 01[IMC]  176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66  1d0d3e7a637c954f

Aug  4 17:24:15 carol charon: 01[IMC]  192: 30 38 37 30 65                                   0870e

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD System. Since _push_info = no_ was set in the *imc-hcd* plugin section of _strongswan.conf_ no large

_Firmware_, _UserApplication_ or _ResidentApplication_ quadruples are sent without an explict attribute request from the HCD IMV.

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD System

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

Aug  4 17:24:15 carol charon: 01[IMC]   HCD DefaultPasswordEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD ForwardingEnabled: disabled

Aug  4 17:24:15 carol charon: 01[IMC]   HCD MachineTypeModel: strongPrint Laser X.509a

Aug  4 17:24:15 carol charon: 01[IMC]   HCD PSTNFaxEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD TimeSource: 0.ch.pool.ntp.org

Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorName: ITA-HSR

Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorSMICode: 0x00902a (36906)

Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationPersistenceEnabled: no

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD System

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x7add7208

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 202 bytes @ 0x7b2c70

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 7A DD 72 08 00 00 0A 8B 00 00 00 01  ....z.r.........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00  ....en..........

Aug  4 17:24:15 carol charon: 01[IMC]   32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61  .$strongPrint La

Aug  4 17:24:15 carol charon: 01[IMC]   80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00  ser X.509a......

Aug  4 17:24:15 carol charon: 01[IMC]   96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .(..............

Aug  4 17:24:15 carol charon: 01[IMC]  112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E  .2....0.ch.pool.

Aug  4 17:24:15 carol charon: 01[IMC]  128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00  ntp.org.........

Aug  4 17:24:15 carol charon: 01[IMC]  144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00  ...ITA-HSR......

Aug  4 17:24:15 carol charon: 01[IMC]  160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00  .........*......

Aug  4 17:24:15 carol charon: 01[IMC]  176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .h..............

Aug  4 17:24:15 carol charon: 01[IMC]  192: 00 69 00 00 00 10 00 00 00 00                    .i........

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Console

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Console

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: ru

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Console

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xc08b37ea

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7a6de0

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 C0 8B 37 EA 00 00 0A 8B 00 00 00 01  ......7.........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 72 75                                ....ru

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Marker

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Marker

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: fr

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Marker

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xba97337a

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b3e20

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 BA 97 33 7A 00 00 0A 8B 00 00 00 01  ......3z........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 66 72                                ....fr

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Finisher

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Finisher

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: de

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Finisher

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x649b1045

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b1320

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 64 9B 10 45 00 00 0A 8B 00 00 00 01  ....d..E........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 64 65                                ....de

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Interface

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Interface

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Interface

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xa55e5dcb

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b2a10

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 A5 5E 5D CB 00 00 0A 8B 00 00 00 01  .....^].........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Scanner

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Scanner

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Scanner

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x9b793f7a

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b0a90

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 9B 79 3F 7A 00 00 0A 8B 00 00 00 01  .....y?z........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

</pre>

The first Client Data PB-TNC batch is sent to the TNC server

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] PB-TNC state transition from 'Init' to 'Server Working'

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-TNC CDATA batch

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-Language-Preference message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1

Aug  4 17:24:15 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Aug  4 17:24:15 carol charon: 01[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)

</pre>

In response a Server Data PB-TNC batch is received

<pre>

Aug  4 17:24:15 carol charon: 05[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes)

Aug  4 17:24:15 carol charon: 05[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 05[TNC] received TNCCS batch (602 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] TNC client is handling inbound connection

Aug  4 17:24:15 carol charon: 05[TNC] processing PB-TNC SDATA batch for Connection ID 1

Aug  4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Aug  4 17:24:15 carol charon: 05[TNC] processing TCG/PB-PDP-Referral message (42 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (112 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] PDP server 'aaa.strongswan.org' is listening on port 271

</pre>

The first PA-TNC message of subtype PWG/HCD System contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 88 bytes @ 0x7b4ce0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 86 16 79 E2 00 00 55 97 00 00 00 21  ......y...U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15  .......<........

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50  .......<.......P

Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8  .......d........

Aug  4 17:24:15 carol charon: 05[IMC]   80: 00 00 0A 8B 00 00 00 C9                          ........

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x861679e2

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000015 'PWG/HCD FirewallSetting'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c8 'PWG/HCD CertificationState'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- fw-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware ABC

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches:

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2014-05-08#015

Aug  4 17:24:15 carol charon: 05[IMC] upgrade 2014-08-16#015

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2015-3-22#015

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- fw-2 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware UVW

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareStringVersion: 13.8.5

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- resident-app-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationName: Resident App XYZ

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationPatches:

Aug  4 17:24:15 carol charon: 05[IMC] xmas patch 2014-12-24#015

Aug  4 17:24:15 carol charon: 05[IMC] service patch 2015-05-22#015

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationStringVersion: 2.5

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: My Java Photo App

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 5.2.3.8.1

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-2 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Print Your Dinosaur!

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 1.0

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-3 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Label Everything App

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 7.5.8.2.3

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:07:00:00:00:05:00:00:00:08:00:02:00:03

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC]   HCD CertificationState: => 32 bytes @ 0x7b7d50

Aug  4 17:24:15 carol charon: 05[IMC]    0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F  ................

Aug  4 17:24:15 carol charon: 05[IMC]   16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F  ................

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ConfigurationState: => 48 bytes @ 0x7b96f0

Aug  4 17:24:15 carol charon: 05[IMC]    0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF  ................

Aug  4 17:24:15 carol charon: 05[IMC]   16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF  ................

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xc1018e8f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 770 bytes @ 0x7becc0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 C1 01 8E 8F 00 00 55 97 00 00 00 22  ..........U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65  ...<....Firmware

Aug  4 17:24:15 carol charon: 05[IMC]   48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 55   ABC.......=...U

Aug  4 17:24:15 carol charon: 05[IMC]   64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32  security patch 2

Aug  4 17:24:15 carol charon: 05[IMC]   80: 30 31 34 2D 30 35 2D 30 38 0D 0A 75 70 67 72 61  014-05-08..upgra

Aug  4 17:24:15 carol charon: 05[IMC]   96: 64 65 20 32 30 31 34 2D 30 38 2D 31 36 0D 0A 73  de 2014-08-16..s

Aug  4 17:24:15 carol charon: 05[IMC]  112: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30  ecurity patch 20

Aug  4 17:24:15 carol charon: 05[IMC]  128: 31 35 2D 33 2D 32 32 0D 0A 00 00 0A 8B 00 00 00  15-3-22.........

Aug  4 17:24:15 carol charon: 05[IMC]  144: 3E 00 00 00 11 31 2E 30 2E 37 00 00 0A 8B 00 00  >....1.0.7......

Aug  4 17:24:15 carol charon: 05[IMC]  160: 00 3F 00 00 00 1C 00 00 00 01 00 00 00 00 00 00  .?..............

Aug  4 17:24:15 carol charon: 05[IMC]  176: 00 07 00 00 00 00 00 00 0A 8B 00 00 00 3C 00 00  .............<..

Aug  4 17:24:15 carol charon: 05[IMC]  192: 00 18 46 69 72 6D 77 61 72 65 20 55 56 57 00 00  ..Firmware UVW..

Aug  4 17:24:15 carol charon: 05[IMC]  208: 0A 8B 00 00 00 3D 00 00 00 0C 00 00 0A 8B 00 00  .....=..........

Aug  4 17:24:15 carol charon: 05[IMC]  224: 00 3E 00 00 00 12 31 33 2E 38 2E 35 00 00 0A 8B  .>....13.8.5....

Aug  4 17:24:15 carol charon: 05[IMC]  240: 00 00 00 3F 00 00 00 1C 00 00 00 0D 00 00 00 08  ...?............

Aug  4 17:24:15 carol charon: 05[IMC]  256: 00 00 00 05 00 00 00 00 00 00 0A 8B 00 00 00 50  ...............P

Aug  4 17:24:15 carol charon: 05[IMC]  272: 00 00 00 1C 52 65 73 69 64 65 6E 74 20 41 70 70  ....Resident App

Aug  4 17:24:15 carol charon: 05[IMC]  288: 20 58 59 5A 00 00 0A 8B 00 00 00 51 00 00 00 3D   XYZ.......Q...=

Aug  4 17:24:15 carol charon: 05[IMC]  304: 78 6D 61 73 20 70 61 74 63 68 20 32 30 31 34 2D  xmas patch 2014-

Aug  4 17:24:15 carol charon: 05[IMC]  320: 31 32 2D 32 34 0D 0A 73 65 72 76 69 63 65 20 70  12-24..service p

Aug  4 17:24:15 carol charon: 05[IMC]  336: 61 74 63 68 20 32 30 31 35 2D 30 35 2D 32 32 0D  atch 2015-05-22.

Aug  4 17:24:15 carol charon: 05[IMC]  352: 0A 00 00 0A 8B 00 00 00 52 00 00 00 0F 32 2E 35  ........R....2.5

Aug  4 17:24:15 carol charon: 05[IMC]  368: 00 00 0A 8B 00 00 00 53 00 00 00 1C 00 00 00 02  .......S........

Aug  4 17:24:15 carol charon: 05[IMC]  384: 00 00 00 05 00 00 00 00 00 00 00 00 00 00 0A 8B  ................

Aug  4 17:24:15 carol charon: 05[IMC]  400: 00 00 00 64 00 00 00 1D 4D 79 20 4A 61 76 61 20  ...d....My Java 

Aug  4 17:24:15 carol charon: 05[IMC]  416: 50 68 6F 74 6F 20 41 70 70 00 00 0A 8B 00 00 00  Photo App.......

Aug  4 17:24:15 carol charon: 05[IMC]  432: 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 00  e...........f...

Aug  4 17:24:15 carol charon: 05[IMC]  448: 15 35 2E 32 2E 33 2E 38 2E 31 00 00 0A 8B 00 00  .5.2.3.8.1......

Aug  4 17:24:15 carol charon: 05[IMC]  464: 00 67 00 00 00 1C 00 00 00 05 00 00 00 02 00 00  .g..............

Aug  4 17:24:15 carol charon: 05[IMC]  480: 00 03 00 08 00 01 00 00 0A 8B 00 00 00 64 00 00  .............d..

Aug  4 17:24:15 carol charon: 05[IMC]  496: 00 20 50 72 69 6E 74 20 59 6F 75 72 20 44 69 6E  . Print Your Din

Aug  4 17:24:15 carol charon: 05[IMC]  512: 6F 73 61 75 72 21 00 00 0A 8B 00 00 00 65 00 00  osaur!.......e..

Aug  4 17:24:15 carol charon: 05[IMC]  528: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 0F 31 2E  .........f....1.

Aug  4 17:24:15 carol charon: 05[IMC]  544: 30 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 00 00  0.......g.......

Aug  4 17:24:15 carol charon: 05[IMC]  560: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A  ................

Aug  4 17:24:15 carol charon: 05[IMC]  576: 8B 00 00 00 64 00 00 00 20 4C 61 62 65 6C 20 45  ....d... Label E

Aug  4 17:24:15 carol charon: 05[IMC]  592: 76 65 72 79 74 68 69 6E 67 20 41 70 70 00 00 0A  verything App...

Aug  4 17:24:15 carol charon: 05[IMC]  608: 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 00 00  ....e...........

Aug  4 17:24:15 carol charon: 05[IMC]  624: 66 00 00 00 15 37 2E 35 2E 38 2E 32 2E 33 00 00  f....7.5.8.2.3..

Aug  4 17:24:15 carol charon: 05[IMC]  640: 0A 8B 00 00 00 67 00 00 00 1C 00 00 00 07 00 00  .....g..........

Aug  4 17:24:15 carol charon: 05[IMC]  656: 00 05 00 00 00 08 00 02 00 03 00 00 0A 8B 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]  672: 00 C8 00 00 00 2C 00 01 02 03 04 05 06 07 08 09  .....,..........

Aug  4 17:24:15 carol charon: 05[IMC]  688: 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19  ................

Aug  4 17:24:15 carol charon: 05[IMC]  704: 1A 1B 1C 1D 1E 1F 00 00 0A 8B 00 00 00 C9 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]  720: 00 3C F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD  .<..............

Aug  4 17:24:15 carol charon: 05[IMC]  736: FE FF E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED  ................

Aug  4 17:24:15 carol charon: 05[IMC]  752: EE EF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD  ................

Aug  4 17:24:15 carol charon: 05[IMC]  768: DE DF                                            ..

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

</pre>

The next PA-TNC message of subtype PWG/HCD Console also contains attribute requests for missing attributes

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b6af0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 44 55 6E 76 00 00 55 97 00 00 00 21  ....DUnv..U....!

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Jul 25 16:12:41 carol charon: 09[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x44556e76

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

Jul 25 16:12:41 carol charon: 09[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Jul 25 16:12:41 carol charon: 09[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x10f5116c

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b54d0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 10 F5 11 6C 00 00 55 97 00 00 00 22  .......l..U...."

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

</pre>

The next PA-TNC message of subtype PWG/HCD Marker also contains attribute requests for missing attributes

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b37d0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 CE 8C F5 6C 00 00 55 97 00 00 00 21  .......l..U....!

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Jul 25 16:12:41 carol charon: 09[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0xce8cf56c

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

Jul 25 16:12:41 carol charon: 09[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Jul 25 16:12:41 carol charon: 09[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0xcf94b8d7

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b67e0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 CF 94 B8 D7 00 00 55 97 00 00 00 22  ..........U...."

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b3c90

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 1E FC 7B AE 00 00 55 97 00 00 00 21  ......{...U....!

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Jul 25 16:12:41 carol charon: 09[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x1efc7bae

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

Jul 25 16:12:41 carol charon: 09[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Jul 25 16:12:41 carol charon: 09[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x19f5d207

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 28 bytes @ 0x7b4980

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 19 F5 D2 07 00 00 55 97 00 00 00 22  ..........U...."

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7b3f30

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 7D 20 74 EA 00 00 55 97 00 00 00 21  ....} t...U....!

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Jul 25 16:12:41 carol charon: 09[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0x7d2074ea

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

Jul 25 16:12:41 carol charon: 09[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Jul 25 16:12:41 carol charon: 09[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] --- resident-app-if ---

Jul 25 16:12:41 carol charon: 09[IMC]   HCD ResidentApplicationName: Resident App Interface+

Jul 25 16:12:41 carol charon: 09[IMC]   HCD ResidentApplicationPatches: service patch 2015-02-09

Jul 25 16:12:41 carol charon: 09[IMC]   HCD ResidentApplicationStringVersion: 2.5

Jul 25 16:12:41 carol charon: 09[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x7d45c764

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053

Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 142 bytes @ 0x7b7960

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 7D 45 C7 64 00 00 55 97 00 00 00 22  ....}E.d..U...."

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 50 00 00 00 23 52 65 73 69 64 65 6E 74  ...P...#Resident

Jul 25 16:12:41 carol charon: 09[IMC]   48: 20 41 70 70 20 49 6E 74 65 72 66 61 63 65 2B 00   App Interface+.

Jul 25 16:12:41 carol charon: 09[IMC]   64: 00 0A 8B 00 00 00 51 00 00 00 24 73 65 72 76 69  ......Q...$servi

Jul 25 16:12:41 carol charon: 09[IMC]   80: 63 65 20 70 61 74 63 68 20 32 30 31 35 2D 30 32  ce patch 2015-02

Jul 25 16:12:41 carol charon: 09[IMC]   96: 2D 30 39 00 00 0A 8B 00 00 00 52 00 00 00 0F 32  -09.......R....2

Jul 25 16:12:41 carol charon: 09[IMC]  112: 2E 35 00 00 0A 8B 00 00 00 53 00 00 00 1C 00 00  .5.......S......

Jul 25 16:12:41 carol charon: 09[IMC]  128: 00 02 00 00 00 05 00 00 00 00 00 00 00 00        ..............

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] handling PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Jul 25 16:12:41 carol charon: 09[IMC] => 64 bytes @ 0x7bccf0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 B9 C7 45 3D 00 00 55 97 00 00 00 21  ......E=..U....!

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Jul 25 16:12:41 carol charon: 09[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC message with ID 0xb9c7453d

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Jul 25 16:12:41 carol charon: 09[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Jul 25 16:12:41 carol charon: 09[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

Jul 25 16:12:41 carol charon: 09[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Jul 25 16:12:41 carol charon: 09[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] --- fw-scanner ---

Jul 25 16:12:41 carol charon: 09[IMC]   HCD FirmwareName: Scanner Firmware

Jul 25 16:12:41 carol charon: 09[IMC]   HCD FirmwarePatches: security patch 2013-08-11

Jul 25 16:12:41 carol charon: 09[IMC] security patch 2015-5-30

Jul 25 16:12:41 carol charon: 09[IMC]   HCD FirmwareStringVersion: 2.5.3

Jul 25 16:12:41 carol charon: 09[IMC]   HCD FirmwareVersion: 00:00:00:02:00:00:00:05:00:00:00:03:00:00:00:00

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[IMC] --- user-app-scanner ---

Jul 25 16:12:41 carol charon: 09[IMC]   HCD UserApplicationName: EasyScan

Jul 25 16:12:41 carol charon: 09[IMC]   HCD UserApplicationPatches: 

Jul 25 16:12:41 carol charon: 09[IMC]   HCD UserApplicationStringVersion: 2.2.3.5.7

Jul 25 16:12:41 carol charon: 09[IMC]   HCD UserApplicationVersion: 00:00:00:02:00:00:00:02:00:00:00:03:00:05:00:07

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC message with ID 0x56f7464e

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Jul 25 16:12:41 carol charon: 09[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Jul 25 16:12:41 carol charon: 09[IMC] created PA-TNC message: => 244 bytes @ 0x7bd5e0

Jul 25 16:12:41 carol charon: 09[IMC]    0: 01 00 00 00 56 F7 46 4E 00 00 55 97 00 00 00 22  ....V.FN..U...."

Jul 25 16:12:41 carol charon: 09[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Jul 25 16:12:41 carol charon: 09[IMC]   32: 00 00 00 3C 00 00 00 1C 53 63 61 6E 6E 65 72 20  ...<....Scanner 

Jul 25 16:12:41 carol charon: 09[IMC]   48: 46 69 72 6D 77 61 72 65 00 00 0A 8B 00 00 00 3D  Firmware.......=

Jul 25 16:12:41 carol charon: 09[IMC]   64: 00 00 00 3E 73 65 63 75 72 69 74 79 20 70 61 74  ...>security pat

Jul 25 16:12:41 carol charon: 09[IMC]   80: 63 68 20 32 30 31 33 2D 30 38 2D 31 31 0A 73 65  ch 2013-08-11.se

Jul 25 16:12:41 carol charon: 09[IMC]   96: 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30 31  curity patch 201

Jul 25 16:12:41 carol charon: 09[IMC]  112: 35 2D 35 2D 33 30 00 00 0A 8B 00 00 00 3E 00 00  5-5-30.......>..

Jul 25 16:12:41 carol charon: 09[IMC]  128: 00 11 32 2E 35 2E 33 00 00 0A 8B 00 00 00 3F 00  ..2.5.3.......?.

Jul 25 16:12:41 carol charon: 09[IMC]  144: 00 00 1C 00 00 00 02 00 00 00 05 00 00 00 03 00  ................

Jul 25 16:12:41 carol charon: 09[IMC]  160: 00 00 00 00 00 0A 8B 00 00 00 64 00 00 00 14 45  ..........d....E

Jul 25 16:12:41 carol charon: 09[IMC]  176: 61 73 79 53 63 61 6E 00 00 0A 8B 00 00 00 65 00  asyScan.......e.

Jul 25 16:12:41 carol charon: 09[IMC]  192: 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 15 32  ..........f....2

Jul 25 16:12:41 carol charon: 09[IMC]  208: 2E 32 2E 33 2E 35 2E 37 00 00 0A 8B 00 00 00 67  .2.3.5.7.......g

Jul 25 16:12:41 carol charon: 09[IMC]  224: 00 00 00 1C 00 00 00 02 00 00 00 02 00 00 00 03  ................

Jul 25 16:12:41 carol charon: 09[IMC]  240: 00 05 00 07                                      ....

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

</pre>

<pre>

Jul 25 16:12:41 carol charon: 09[TNC] TNC client is handling outbound connection

Jul 25 16:12:41 carol charon: 09[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Jul 25 16:12:41 carol charon: 09[TNC] creating PB-TNC CDATA batch

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] adding IETF/PB-PA message

Jul 25 16:12:41 carol charon: 09[TNC] sending PB-TNC CDATA batch (1385 bytes) for Connection ID 1

Jul 25 16:12:41 carol charon: 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Jul 25 16:12:41 carol charon: 09[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]

Jul 25 16:12:41 carol charon: 09[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1100 bytes)

</pre>

<pre>

Jul 25 16:12:41 carol charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Jul 25 16:12:41 carol charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]

Jul 25 16:12:41 carol charon: 11[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]

Jul 25 16:12:41 carol charon: 11[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (508 bytes)

Jul 25 16:12:41 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)

Jul 25 16:12:41 carol charon: 03[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]

Jul 25 16:12:41 carol charon: 03[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Jul 25 16:12:41 carol charon: 03[TNC] received TNCCS batch (8 bytes)

Jul 25 16:12:41 carol charon: 03[TNC] TNC client is handling inbound connection

Jul 25 16:12:41 carol charon: 03[TNC] processing PB-TNC SDATA batch for Connection ID 1

Jul 25 16:12:41 carol charon: 03[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Jul 25 16:12:41 carol charon: 03[TNC] TNC client is handling outbound connection

Jul 25 16:12:41 carol charon: 03[TNC] no client data to send, sending empty PB-TNC CDATA batch

Jul 25 16:12:41 carol charon: 03[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Jul 25 16:12:41 carol charon: 03[TNC] creating PB-TNC CDATA batch

Jul 25 16:12:41 carol charon: 03[TNC] sending PB-TNC CDATA batch (8 bytes) for Connection ID 1

Jul 25 16:12:41 carol charon: 03[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Jul 25 16:12:41 carol charon: 03[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]

Jul 25 16:12:41 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

</pre>

<pre>

Jul 25 16:12:41 carol charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (188 bytes)

Jul 25 16:12:41 carol charon: 12[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]

Jul 25 16:12:41 carol charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Jul 25 16:12:41 carol charon: 12[TNC] received TNCCS batch (40 bytes)

Jul 25 16:12:41 carol charon: 12[TNC] TNC client is handling inbound connection

Jul 25 16:12:41 carol charon: 12[TNC] processing PB-TNC RESULT batch for Connection ID 1

Jul 25 16:12:41 carol charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Decided'

Jul 25 16:12:41 carol charon: 12[TNC] processing IETF/PB-Assessment-Result message (16 bytes)

Jul 25 16:12:41 carol charon: 12[TNC] processing IETF/PB-Access-Recommendation message (16 bytes)

Jul 25 16:12:41 carol charon: 12[TNC] PB-TNC assessment result is 'don't know'

Jul 25 16:12:41 carol charon: 12[TNC] PB-TNC access recommendation is 'Access Denied'

Jul 25 16:12:41 carol charon: 12[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'None'

Jul 25 16:12:41 carol charon: 12[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'None'

Jul 25 16:12:41 carol charon: 12[TNC] TNC client is handling outbound connection

Jul 25 16:12:41 carol charon: 12[TNC] PB-TNC state transition from 'Decided' to 'End'

Jul 25 16:12:41 carol charon: 12[TNC] creating PB-TNC CLOSE batch

Jul 25 16:12:41 carol charon: 12[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1

Jul 25 16:12:41 carol charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Jul 25 16:12:41 carol charon: 12[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]

Jul 25 16:12:41 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

</pre>

<pre>

Jul 25 16:12:41 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (140 bytes)

Jul 25 16:12:41 carol charon: 13[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]

Jul 25 16:12:41 carol charon: 13[TLS] received TLS close notify

Jul 25 16:12:41 carol charon: 13[TLS] sending TLS close notify

Jul 25 16:12:41 carol charon: 13[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]

Jul 25 16:12:41 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (140 bytes)

Jul 25 16:12:41 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Jul 25 16:12:41 carol charon: 14[ENC] parsed IKE_AUTH response 13 [ EAP/FAIL ]

Jul 25 16:12:41 carol charon: 14[IKE] received EAP_FAILURE, EAP authentication failed

Jul 25 16:12:41 carol charon: 14[ENC] generating INFORMATIONAL request 14 [ N(AUTH_FAILED) ]

Jul 25 16:12:41 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

</pre>

<pre>

Jul 25 16:12:41 carol charon: 14[TNC] TODO: setup PT-TLS connection to aaa.strongswan.org:271

Jul 25 16:12:41 carol charon: 14[IMC] IMC 1 "OS" deleted the state of Connection ID 1

Jul 25 16:12:41 carol charon: 14[IMC] IMC 2 "HCD" deleted the state of Connection ID 1

Jul 25 16:12:41 carol charon: 14[TNC] removed TNCCS Connection ID 1

Jul 25 16:13:25 carol charon: 00[DMN] signal of type SIGINT received. Shutting down

Jul 25 16:13:25 carol charon: 00[IMC] IMC 2 "HCD" terminated

Jul 25 16:13:25 carol charon: 00[IMC] IMC 1 "OS" terminated

Jul 25 16:13:25 carol charon: 00[TNC] removed IETF attributes

Jul 25 16:13:25 carol charon: 00[TNC] removed ITA-HSR attributes

Jul 25 16:13:25 carol charon: 00[TNC] removed PWG attributes

Jul 25 16:13:25 carol charon: 00[TNC] removed TCG attributes

Jul 25 16:13:25 carol charon: 00[LIB] libimcv terminated

</pre>