strongSwan

h1. Hardcopy Device Integrity Measurement Collector

{{>toc}}

h2. Configuration of HCD IMC

The _/etc/strongswan.conf_ configuration file of the hardcopy device *carol* restricts the maximum PB-TNC batch size  to 16'370 bytes and as a consequence the PA-TNC message size to 16'338 bytes.

The simulation is running on a Debian virtual KVM host but some operating system parameters can be manually set in *libimcv.os_info* section to emulate an embedded hardcopy device.

The PA-TNC attributes of the Hardcopy Device Integrity Measurement Collectore (HCD-IMC) are defined in the *libimcv.plugins.imc-hcd* section of /etc/strongswan.conf:

<pre>

charon {

  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

  plugins {

    eap-ttls {

      max_message_count = 0

    }

    eap-tnc {

      max_message_count = 0

    }

    tnccs-20 {

      max_batch_size = 16370

      max_message_size = 16338

    }

  }

}

libimcv {

  os_info {

    name = strongPrint OS

    version = 1.0

    default_password_enabled = yes

  }

  plugins {

    imc-hcd {

      push_info = no 

      subtypes {

        system {

          attributes_natural_language = en

          machine_type_model = strongPrint Laser X.509a

          vendor_name = ITA-HSR

          vendor_smi_code = 36906

          pstn_fax_enabled = yes

          time_source = 0.ch.pool.ntp.org

          user_application_enabled = yes

          user_application_persistence_enabled = no

          firmware {

            fw-1 {

              name = Firmware ABC 

              patches = "security patch 2014-05-08\r\nupgrade 2014-08-16\r\nsecurity patch 2015-3-22\r\n"

              string_version = 1.0.7

              version = 00000001000000000000000700000000

            }

            fw-2 {

              name = Firmware UVW 

              string_version = 13.8.5

              version = 0000000D000000080000000500000000

            }

          }

          resident_application {

            resident-app-1 {

              name = Resident App XYZ 

              patches = "xmas patch 2014-12-24\r\nservice patch 2015-05-22\r\n"

              string_version = 2.5

              version = 00000002000000050000000000000000

            }

          }

          user_application {

            user-app-1 {

              name = My Java Photo App

              patches =

              string_version = 5.2.3.8.1

              version = 00000005000000020000000300080001

            }

            user-app-2 {

              name = Print Your Dinosaur!

              patches =

              string_version = 1.0

              version = 00000001000000000000000000000000

            }

            user-app-3 {

              name = Label Everything App

              patches =

              string_version = 7.5.8.2.3

              version = 00000007000000050000000800020003

            }

          }

          certification_state = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f

          configuration_state = f0f1f2f3f4f5f6f7f8f9fafbfcfdfeffe0e1e2e3e4e5e6e7e8e9eaebecedeeefd0d1d2d3d4d5d6d7d8d9dadbdcdddedf

        }

        console {

          attributes_natural_language = ru

        }

        marker {

          attributes_natural_language = fr

        }

        finisher {

          attributes_natural_language = de

        }

        interface {

          attributes_natural_language = en

          resident_application {

            resident-app-if {

              name = Resident App Interface+ 

              patches = "service patch 2015-02-09\r\n"

              string_version = 2.5

              version = 00000002000000050000000000000000

            }

          }

        }

        scanner {

          attributes_natural_language = en

          firmware {

            fw-scanner {

              name = Scanner Firmware 

              patches = "security patch 2013-08-11\r\nsecurity patch 2015-5-30\r\n"

              string_version = 2.5.3

              version = 00000002000000050000000300000000

            }

          }

          user_application {

            user-app-scanner {

              name = EasyScan

              patches =

              string_version = 2.2.3.5.7

              version = 00000002000000020000000300050007

            }

          }

        }

      }

    }

  }

}

</pre>

h2. Setting up PT-EAP connection from device carol

The TNC transport protocol is PT-EAP over IKEv2-EAP. In a first step the IKEv2 charon daemon is started up.

<pre>

Aug  4 17:24:13 carol charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.3dr3, Linux 4.1.3, x86_64)

Aug  4 17:24:13 carol charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'

Aug  4 17:24:13 carol charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'

Aug  4 17:24:13 carol charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'

Aug  4 17:24:13 carol charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'

Aug  4 17:24:13 carol charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'

Aug  4 17:24:13 carol charon: 00[CFG]   loaded EAP secret for carol

</pre>

Next the OS and HCD IMCs are loaded. The OS IMC subscribes to the IETF standard *Operating System* PA subtype and the HCD IMC to the mandatory  *System* and the five recommended *Console*, *Marker*, *Finisher*, *Interface* and *Scanner* PWG HCD PA subtypes. 

<pre>

Aug  4 17:24:13 carol charon: 00[TNC] loading IMCs from '/etc/tnc_config'

Aug  4 17:24:13 carol charon: 00[TNC] added IETF attributes

Aug  4 17:24:13 carol charon: 00[TNC] added ITA-HSR attributes

Aug  4 17:24:13 carol charon: 00[TNC] added PWG attributes

Aug  4 17:24:13 carol charon: 00[TNC] added TCG attributes

Aug  4 17:24:13 carol charon: 00[LIB] libimcv initialized

Aug  4 17:24:13 carol charon: 00[IMC] IMC 1 "OS" initialized

Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'

Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'

Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001

Aug  4 17:24:13 carol charon: 00[TNC] IMC 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imc-os.so'

Aug  4 17:24:13 carol charon: 00[IMC] IMC 2 "HCD" initialized

Aug  4 17:24:13 carol charon: 00[IMC] operating system name is 'strongPrint OS'

Aug  4 17:24:13 carol charon: 00[IMC] operating system version is '1.0'

Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 supports 6 message types: 'PWG/HCD System' 0x000a8b/0x00000005 'PWG/HCD Console' 0x000a8b/0x00000004 'PWG/HCD Marker' 0x000a8b/0x0000000a 'PWG/HCD Finisher' 0x000a8b/0x0000001e 'PWG/HCD Interface' 0x000a8b/0x00000028 'PWG/HCD Scanner' 0x000a8b/0x00000032

Aug  4 17:24:13 carol charon: 00[TNC] IMC 2 "HCD" loaded from '/usr/local/lib/ipsec/imcvs/imc-hcd.so'

</pre>

The VPN client loads the definition for the IPsec connection to the VPN gateway

<pre>

Aug  4 17:24:13 carol charon: 00[LIB] loaded plugins: charon aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown

Aug  4 17:24:13 carol charon: 00[JOB] spawning 16 worker threads

Aug  4 17:24:13 carol charon: 05[CFG] received stroke: add connection 'home'

Aug  4 17:24:13 carol charon: 05[CFG] added configuration 'home'

</pre>

The VPN client *carol* starts the IKEv2 negotiation with the VPN gateway *moon*. The user authentication and the subsequent PT-EAP setup takes place with the RADIUS server *alice* located behind the VPN gateway.

<pre>

Aug  4 17:24:14 carol charon: 10[CFG] received stroke: initiate 'home'

Aug  4 17:24:14 carol charon: 04[IKE] initiating IKE_SA home[1] to 192.168.0.1

Aug  4 17:24:14 carol charon: 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]

Aug  4 17:24:14 carol charon: 04[NET] sending packet: from 192.168.0.100[500] to 192.168.0.1[500] (692 bytes)

Aug  4 17:24:14 carol charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.100[500] (448 bytes)

Aug  4 17:24:14 carol charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]

Aug  4 17:24:14 carol charon: 12[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:14 carol charon: 12[IKE] establishing CHILD_SA home

Aug  4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) ]

Aug  4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (412 bytes)

Aug  4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1452 bytes)

Aug  4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]

Aug  4 17:24:15 carol charon: 13[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Aug  4 17:24:15 carol charon: 13[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...

Aug  4 17:24:15 carol charon: 13[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 13[CFG]   crl is valid: until Sep 03 17:23:39 2015

Aug  4 17:24:15 carol charon: 13[CFG] certificate status is good

Aug  4 17:24:15 carol charon: 13[CFG]   reached self-signed root ca with a path length of 0

Aug  4 17:24:15 carol charon: 13[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful

Aug  4 17:24:15 carol charon: 13[IKE] server requested EAP_IDENTITY (id 0x00), sending 'carol'

Aug  4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]

Aug  4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 03[IKE] server requested EAP_TTLS authentication (id 0xCA)

Aug  4 17:24:15 carol charon: 03[TLS] EAP_TTLS version is v0

Aug  4 17:24:15 carol charon: 03[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1100 bytes)

Aug  4 17:24:15 carol charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 14[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (1084 bytes)

Aug  4 17:24:15 carol charon: 15[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 15[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA

Aug  4 17:24:15 carol charon: 15[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'

Aug  4 17:24:15 carol charon: 15[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"

Aug  4 17:24:15 carol charon: 15[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"

Aug  4 17:24:15 carol charon: 15[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Aug  4 17:24:15 carol charon: 15[CFG]   crl is valid: until Sep 03 17:23:39 2015

Aug  4 17:24:15 carol charon: 15[CFG]   using cached crl

Aug  4 17:24:15 carol charon: 15[CFG] certificate status is good

Aug  4 17:24:15 carol charon: 15[CFG]   reached self-signed root ca with a path length of 0

Aug  4 17:24:15 carol charon: 15[TLS] received TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA

Aug  4 17:24:15 carol charon: 15[TLS] no TLS peer certificate found for 'carol', skipping client authentication

Aug  4 17:24:15 carol charon: 15[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 15[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (428 bytes)

Aug  4 17:24:15 carol charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (220 bytes)

Aug  4 17:24:15 carol charon: 16[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]

Aug  4 17:24:15 carol charon: 16[IKE] server requested EAP_IDENTITY authentication (id 0x00)

Aug  4 17:24:15 carol charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]

Aug  4 17:24:15 carol charon: 16[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 16[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

Aug  4 17:24:15 carol charon: 02[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 02[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 02[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]

Aug  4 17:24:15 carol charon: 02[IKE] server requested EAP_MD5 authentication (id 0x1B)

Aug  4 17:24:15 carol charon: 02[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]

Aug  4 17:24:15 carol charon: 02[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 02[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (172 bytes)

Aug  4 17:24:15 carol charon: 01[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)

Aug  4 17:24:15 carol charon: 01[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 01[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 01[IKE] server requested EAP_PT_EAP authentication (id 0x33)

Aug  4 17:24:15 carol charon: 01[TLS] EAP_PT_EAP version is v1

</pre>

THE PB-TNC connection between TNC client and TNC server is established. The maximum size of  a PA-TNC message is limited to 16338 bytes.

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] TNC client is handling outbound connection

Aug  4 17:24:15 carol charon: 01[TNC] assigned TNCCS Connection ID 1

Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh

Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes

Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh

Aug  4 17:24:15 carol charon: 01[IMC]   over IF-T for Tunneled EAP 2.0 with maximum PA-TNC message size of 16338 bytes

Aug  4 17:24:15 carol charon: 01[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'Handshake'

Aug  4 17:24:15 carol charon: 01[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'Handshake'

</pre>

h2. Sending standard OS attributes

The OS IMC retrieves information on the operating system

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] operating system numeric version is 1.0

Aug  4 17:24:15 carol charon: 01[IMC] last boot: Aug 04 17:24:00 UTC 2015, 15 s ago

Aug  4 17:24:15 carol charon: 01[IMC] IPv4 forwarding is disabled

Aug  4 17:24:15 carol charon: 01[IMC] factory default password is enabled

Aug  4 17:24:15 carol charon: 01[IMC] device ID is 79433e32cfc1d0d3e7a637c954f0870e

</pre>

The OS IMC is sending operating system information using IETF standard attributes

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xfbbcb9bd

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 197 bytes @ 0x7b0b70

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 FB BC B9 BD 00 00 00 00 00 00 00 02  ................

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 1F 00 00 00 00 00 73 74 72 6F 6E 67 50  .........strongP

Aug  4 17:24:15 carol charon: 01[IMC]   32: 72 69 6E 74 20 4F 53 00 00 00 00 00 00 00 04 00  rint OS.........

Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 00 12 03 31 2E 30 00 00 00 00 00 00 00 00 00  ....1.0.........

Aug  4 17:24:15 carol charon: 01[IMC]   64: 03 00 00 00 1C 00 00 00 01 00 00 00 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   80: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   96: 24 03 01 00 00 32 30 31 35 2D 30 38 2D 30 34 54  $....2015-08-04T

Aug  4 17:24:15 carol charon: 01[IMC]  112: 31 37 3A 32 34 3A 30 30 5A 00 00 00 00 00 00 00  17:24:00Z.......

Aug  4 17:24:15 carol charon: 01[IMC]  128: 0B 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]  144: 0C 00 00 00 10 00 00 00 01 00 00 90 2A 00 00 00  ............*...

Aug  4 17:24:15 carol charon: 01[IMC]  160: 08 00 00 00 2C 37 39 34 33 33 65 33 32 63 66 63  ....,79433e32cfc

Aug  4 17:24:15 carol charon: 01[IMC]  176: 31 64 30 64 33 65 37 61 36 33 37 63 39 35 34 66  1d0d3e7a637c954f

Aug  4 17:24:15 carol charon: 01[IMC]  192: 30 38 37 30 65                                   0870e

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001

</pre>

h2. Sending basic HCD attributes

The HCD IMC is retrieving attributes for PA subtype PWG/HCD System. Since _push_info = no_ was set in the *imc-hcd* plugin section of _strongswan.conf_ no large

_Firmware_, _UserApplication_ or _ResidentApplication_ quadruples are sent without an explict attribute request from the HCD IMV.

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD System

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

Aug  4 17:24:15 carol charon: 01[IMC]   HCD DefaultPasswordEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD ForwardingEnabled: disabled

Aug  4 17:24:15 carol charon: 01[IMC]   HCD MachineTypeModel: strongPrint Laser X.509a

Aug  4 17:24:15 carol charon: 01[IMC]   HCD PSTNFaxEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD TimeSource: 0.ch.pool.ntp.org

Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorName: ITA-HSR

Aug  4 17:24:15 carol charon: 01[IMC]   HCD VendorSMICode: 0x00902a (36906)

Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationEnabled: yes

Aug  4 17:24:15 carol charon: 01[IMC]   HCD UserApplicationPersistenceEnabled: no

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD System

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x7add7208

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD DefaultPasswordEnabled' 0x000a8b/0x00000014

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD ForwardingEnabled' 0x000a8b/0x00000016

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD MachineTypeModel' 0x000a8b/0x00000002

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD PSTNFaxEnabled' 0x000a8b/0x00000028

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD TimeSource' 0x000a8b/0x00000032

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorName' 0x000a8b/0x00000003

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD VendorSMICode' 0x000a8b/0x00000004

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationEnabled' 0x000a8b/0x00000068

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPersistenceEnabled' 0x000a8b/0x00000069

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 202 bytes @ 0x7b2c70

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 7A DD 72 08 00 00 0A 8B 00 00 00 01  ....z.r.........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E 00 00 0A 8B 00 00 00 14 00 00  ....en..........

Aug  4 17:24:15 carol charon: 01[IMC]   32: 00 10 00 00 00 01 00 00 0A 8B 00 00 00 16 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   48: 00 10 00 00 00 00 00 00 0A 8B 00 00 00 02 00 00  ................

Aug  4 17:24:15 carol charon: 01[IMC]   64: 00 24 73 74 72 6F 6E 67 50 72 69 6E 74 20 4C 61  .$strongPrint La

Aug  4 17:24:15 carol charon: 01[IMC]   80: 73 65 72 20 58 2E 35 30 39 61 00 00 0A 8B 00 00  ser X.509a......

Aug  4 17:24:15 carol charon: 01[IMC]   96: 00 28 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .(..............

Aug  4 17:24:15 carol charon: 01[IMC]  112: 00 32 00 00 00 1D 30 2E 63 68 2E 70 6F 6F 6C 2E  .2....0.ch.pool.

Aug  4 17:24:15 carol charon: 01[IMC]  128: 6E 74 70 2E 6F 72 67 00 00 0A 8B 00 00 00 03 00  ntp.org.........

Aug  4 17:24:15 carol charon: 01[IMC]  144: 00 00 13 49 54 41 2D 48 53 52 00 00 0A 8B 00 00  ...ITA-HSR......

Aug  4 17:24:15 carol charon: 01[IMC]  160: 00 04 00 00 00 10 00 00 90 2A 00 00 0A 8B 00 00  .........*......

Aug  4 17:24:15 carol charon: 01[IMC]  176: 00 68 00 00 00 10 00 00 00 01 00 00 0A 8B 00 00  .h..............

Aug  4 17:24:15 carol charon: 01[IMC]  192: 00 69 00 00 00 10 00 00 00 00                    .i........

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Console

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Console

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: ru

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Console

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xc08b37ea

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7a6de0

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 C0 8B 37 EA 00 00 0A 8B 00 00 00 01  ......7.........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 72 75                                ....ru

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Marker

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Marker

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: fr

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Marker

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xba97337a

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b3e20

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 BA 97 33 7A 00 00 0A 8B 00 00 00 01  ......3z........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 66 72                                ....fr

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Finisher

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Finisher

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: de

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Finisher

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x649b1045

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b1320

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 64 9B 10 45 00 00 0A 8B 00 00 00 01  ....d..E........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 64 65                                ....de

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Interface

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Interface

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Interface

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0xa55e5dcb

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b2a10

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 A5 5E 5D CB 00 00 0A 8B 00 00 00 01  .....^].........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

</pre>

The HCD IMC is retrieving attributes for PA subtype PWG/HCD Scanner

<pre>

Aug  4 17:24:15 carol charon: 01[IMC] retrieving attributes for PA subtype PWG/HCD Scanner

Aug  4 17:24:15 carol charon: 01[IMC]   HCD AttributesNaturalLanguage: en

</pre>

The HCD IMC is sending the retrieved PA-TNC attributes in a PA-TNC message of subtype PWG/HCD Scanner

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC message with ID 0x9b793f7a

Aug  4 17:24:15 carol charon: 01[TNC] creating PA-TNC attribute type 'PWG/HCD AttributesNaturalLanguage' 0x000a8b/0x00000001

Aug  4 17:24:15 carol charon: 01[IMC] created PA-TNC message: => 22 bytes @ 0x7b0a90

Aug  4 17:24:15 carol charon: 01[IMC]    0: 01 00 00 00 9B 79 3F 7A 00 00 0A 8B 00 00 00 01  .....y?z........

Aug  4 17:24:15 carol charon: 01[IMC]   16: 00 00 00 0E 65 6E                                ....en

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

</pre>

The first Client Data PB-TNC batch is sent to the TNC server

<pre>

Aug  4 17:24:15 carol charon: 01[TNC] PB-TNC state transition from 'Init' to 'Server Working'

Aug  4 17:24:15 carol charon: 01[TNC] creating PB-TNC CDATA batch

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-Language-Preference message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 01[TNC] sending PB-TNC CDATA batch (716 bytes) for Connection ID 1

Aug  4 17:24:15 carol charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Aug  4 17:24:15 carol charon: 01[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 01[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (876 bytes)

</pre>

h2. Sending HCD quadruples upon request

In response a Server Data PB-TNC batch is received

<pre>

Aug  4 17:24:15 carol charon: 05[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (748 bytes)

Aug  4 17:24:15 carol charon: 05[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 05[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 05[TNC] received TNCCS batch (602 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] TNC client is handling inbound connection

Aug  4 17:24:15 carol charon: 05[TNC] processing PB-TNC SDATA batch for Connection ID 1

Aug  4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Aug  4 17:24:15 carol charon: 05[TNC] processing TCG/PB-PDP-Referral message (42 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (112 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] processing IETF/PB-PA message (88 bytes)

Aug  4 17:24:15 carol charon: 05[TNC] PDP server 'aaa.strongswan.org' is listening on port 271

</pre>

The first PA-TNC message of subtype PWG/HCD System contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 88 bytes @ 0x7b4ce0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 86 16 79 E2 00 00 55 97 00 00 00 21  ......y...U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 3C 00 00 0A 8B 00 00 00 15  .......<........

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 3C 00 00 0A 8B 00 00 00 50  .......<.......P

Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 00 0A 8B 00 00 00 64 00 00 0A 8B 00 00 00 C8  .......d........

Aug  4 17:24:15 carol charon: 05[IMC]   80: 00 00 0A 8B 00 00 00 C9                          ........

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x861679e2

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000015 'PWG/HCD FirewallSetting'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c8 'PWG/HCD CertificationState'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x000000c9 'PWG/HCD ConfigurationState'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD System' 0x000a8b/0x00000005

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- fw-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware ABC

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches:

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2014-05-08#015

Aug  4 17:24:15 carol charon: 05[IMC] upgrade 2014-08-16#015

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2015-3-22#015

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- fw-2 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Firmware UVW

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareStringVersion: 13.8.5

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareVersion: 00:00:00:0d:00:00:00:08:00:00:00:05:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- resident-app-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationName: Resident App XYZ

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationPatches:

Aug  4 17:24:15 carol charon: 05[IMC] xmas patch 2014-12-24#015

Aug  4 17:24:15 carol charon: 05[IMC] service patch 2015-05-22#015

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationStringVersion: 2.5

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-1 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: My Java Photo App

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 5.2.3.8.1

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:05:00:00:00:02:00:00:00:03:00:08:00:01

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-2 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Print Your Dinosaur!

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 1.0

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:01:00:00:00:00:00:00:00:00:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-3 ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: Label Everything App

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 7.5.8.2.3

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:07:00:00:00:05:00:00:00:08:00:02:00:03

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC]   HCD CertificationState: => 32 bytes @ 0x7b7d50

Aug  4 17:24:15 carol charon: 05[IMC]    0: 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F  ................

Aug  4 17:24:15 carol charon: 05[IMC]   16: 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F  ................

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ConfigurationState: => 48 bytes @ 0x7b96f0

Aug  4 17:24:15 carol charon: 05[IMC]    0: F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF  ................

Aug  4 17:24:15 carol charon: 05[IMC]   16: E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF  ................

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xc1018e8f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD CertificationState' 0x000a8b/0x000000c8

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ConfigurationState' 0x000a8b/0x000000c9

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 770 bytes @ 0x7becc0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 C1 01 8E 8F 00 00 55 97 00 00 00 22  ..........U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 3C 00 00 00 18 46 69 72 6D 77 61 72 65  ...<....Firmware

Aug  4 17:24:15 carol charon: 05[IMC]   48: 20 41 42 43 00 00 0A 8B 00 00 00 3D 00 00 00 55   ABC.......=...U

Aug  4 17:24:15 carol charon: 05[IMC]   64: 73 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32  security patch 2

Aug  4 17:24:15 carol charon: 05[IMC]   80: 30 31 34 2D 30 35 2D 30 38 0D 0A 75 70 67 72 61  014-05-08..upgra

Aug  4 17:24:15 carol charon: 05[IMC]   96: 64 65 20 32 30 31 34 2D 30 38 2D 31 36 0D 0A 73  de 2014-08-16..s

Aug  4 17:24:15 carol charon: 05[IMC]  112: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30  ecurity patch 20

Aug  4 17:24:15 carol charon: 05[IMC]  128: 31 35 2D 33 2D 32 32 0D 0A 00 00 0A 8B 00 00 00  15-3-22.........

Aug  4 17:24:15 carol charon: 05[IMC]  144: 3E 00 00 00 11 31 2E 30 2E 37 00 00 0A 8B 00 00  >....1.0.7......

Aug  4 17:24:15 carol charon: 05[IMC]  160: 00 3F 00 00 00 1C 00 00 00 01 00 00 00 00 00 00  .?..............

Aug  4 17:24:15 carol charon: 05[IMC]  176: 00 07 00 00 00 00 00 00 0A 8B 00 00 00 3C 00 00  .............<..

Aug  4 17:24:15 carol charon: 05[IMC]  192: 00 18 46 69 72 6D 77 61 72 65 20 55 56 57 00 00  ..Firmware UVW..

Aug  4 17:24:15 carol charon: 05[IMC]  208: 0A 8B 00 00 00 3D 00 00 00 0C 00 00 0A 8B 00 00  .....=..........

Aug  4 17:24:15 carol charon: 05[IMC]  224: 00 3E 00 00 00 12 31 33 2E 38 2E 35 00 00 0A 8B  .>....13.8.5....

Aug  4 17:24:15 carol charon: 05[IMC]  240: 00 00 00 3F 00 00 00 1C 00 00 00 0D 00 00 00 08  ...?............

Aug  4 17:24:15 carol charon: 05[IMC]  256: 00 00 00 05 00 00 00 00 00 00 0A 8B 00 00 00 50  ...............P

Aug  4 17:24:15 carol charon: 05[IMC]  272: 00 00 00 1C 52 65 73 69 64 65 6E 74 20 41 70 70  ....Resident App

Aug  4 17:24:15 carol charon: 05[IMC]  288: 20 58 59 5A 00 00 0A 8B 00 00 00 51 00 00 00 3D   XYZ.......Q...=

Aug  4 17:24:15 carol charon: 05[IMC]  304: 78 6D 61 73 20 70 61 74 63 68 20 32 30 31 34 2D  xmas patch 2014-

Aug  4 17:24:15 carol charon: 05[IMC]  320: 31 32 2D 32 34 0D 0A 73 65 72 76 69 63 65 20 70  12-24..service p

Aug  4 17:24:15 carol charon: 05[IMC]  336: 61 74 63 68 20 32 30 31 35 2D 30 35 2D 32 32 0D  atch 2015-05-22.

Aug  4 17:24:15 carol charon: 05[IMC]  352: 0A 00 00 0A 8B 00 00 00 52 00 00 00 0F 32 2E 35  ........R....2.5

Aug  4 17:24:15 carol charon: 05[IMC]  368: 00 00 0A 8B 00 00 00 53 00 00 00 1C 00 00 00 02  .......S........

Aug  4 17:24:15 carol charon: 05[IMC]  384: 00 00 00 05 00 00 00 00 00 00 00 00 00 00 0A 8B  ................

Aug  4 17:24:15 carol charon: 05[IMC]  400: 00 00 00 64 00 00 00 1D 4D 79 20 4A 61 76 61 20  ...d....My Java 

Aug  4 17:24:15 carol charon: 05[IMC]  416: 50 68 6F 74 6F 20 41 70 70 00 00 0A 8B 00 00 00  Photo App.......

Aug  4 17:24:15 carol charon: 05[IMC]  432: 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00 00  e...........f...

Aug  4 17:24:15 carol charon: 05[IMC]  448: 15 35 2E 32 2E 33 2E 38 2E 31 00 00 0A 8B 00 00  .5.2.3.8.1......

Aug  4 17:24:15 carol charon: 05[IMC]  464: 00 67 00 00 00 1C 00 00 00 05 00 00 00 02 00 00  .g..............

Aug  4 17:24:15 carol charon: 05[IMC]  480: 00 03 00 08 00 01 00 00 0A 8B 00 00 00 64 00 00  .............d..

Aug  4 17:24:15 carol charon: 05[IMC]  496: 00 20 50 72 69 6E 74 20 59 6F 75 72 20 44 69 6E  . Print Your Din

Aug  4 17:24:15 carol charon: 05[IMC]  512: 6F 73 61 75 72 21 00 00 0A 8B 00 00 00 65 00 00  osaur!.......e..

Aug  4 17:24:15 carol charon: 05[IMC]  528: 00 0C 00 00 0A 8B 00 00 00 66 00 00 00 0F 31 2E  .........f....1.

Aug  4 17:24:15 carol charon: 05[IMC]  544: 30 00 00 0A 8B 00 00 00 67 00 00 00 1C 00 00 00  0.......g.......

Aug  4 17:24:15 carol charon: 05[IMC]  560: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A  ................

Aug  4 17:24:15 carol charon: 05[IMC]  576: 8B 00 00 00 64 00 00 00 20 4C 61 62 65 6C 20 45  ....d... Label E

Aug  4 17:24:15 carol charon: 05[IMC]  592: 76 65 72 79 74 68 69 6E 67 20 41 70 70 00 00 0A  verything App...

Aug  4 17:24:15 carol charon: 05[IMC]  608: 8B 00 00 00 65 00 00 00 0C 00 00 0A 8B 00 00 00  ....e...........

Aug  4 17:24:15 carol charon: 05[IMC]  624: 66 00 00 00 15 37 2E 35 2E 38 2E 32 2E 33 00 00  f....7.5.8.2.3..

Aug  4 17:24:15 carol charon: 05[IMC]  640: 0A 8B 00 00 00 67 00 00 00 1C 00 00 00 07 00 00  .....g..........

Aug  4 17:24:15 carol charon: 05[IMC]  656: 00 05 00 00 00 08 00 02 00 03 00 00 0A 8B 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]  672: 00 C8 00 00 00 2C 00 01 02 03 04 05 06 07 08 09  .....,..........

Aug  4 17:24:15 carol charon: 05[IMC]  688: 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19  ................

Aug  4 17:24:15 carol charon: 05[IMC]  704: 1A 1B 1C 1D 1E 1F 00 00 0A 8B 00 00 00 C9 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]  720: 00 3C F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD  .<..............

Aug  4 17:24:15 carol charon: 05[IMC]  736: FE FF E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED  ................

Aug  4 17:24:15 carol charon: 05[IMC]  752: EE EF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD  ................

Aug  4 17:24:15 carol charon: 05[IMC]  768: DE DF                                            ..

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD System' 0x000a8b/0x00000005

</pre>

The next PA-TNC message of subtype PWG/HCD Console also contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7730

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 F4 04 56 EE 00 00 55 97 00 00 00 21  ......V...U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf40456ee

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x0076a4b4

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b61e0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 00 76 A4 B4 00 00 55 97 00 00 00 22  .....v....U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Console' 0x000a8b/0x00000004

</pre>

The next PA-TNC message of subtype PWG/HCD Marker also contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 17 E7 9B 01 00 00 55 97 00 00 00 21  ..........U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x17e79b01

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x206fbf0c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b4d10

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 20 6F BF 0C 00 00 55 97 00 00 00 22  .... o....U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Marker' 0x000a8b/0x0000000a

</pre>

The next PA-TNC message of subtype PWG/HCD Finisher also contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b7470

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 F8 29 1D 74 00 00 55 97 00 00 00 21  .....).t..U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xf8291d74

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x9f1c93d6

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 28 bytes @ 0x7b6630

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 9F 1C 93 D6 00 00 55 97 00 00 00 22  ..........U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6              ..........?.

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Finisher' 0x000a8b/0x0000001e

</pre>

The next PA-TNC message of subtype PWG/HCD Interface also contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7bef80

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 4A BC 71 FC 00 00 55 97 00 00 00 21  ....J.q...U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0x4abc71fc

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- resident-app-if ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationName: Resident App Interface+

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationPatches:

Aug  4 17:24:15 carol charon: 05[IMC] service patch 2015-02-09#015

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationStringVersion: 2.5

Aug  4 17:24:15 carol charon: 05[IMC]   HCD ResidentApplicationVersion: 00:00:00:02:00:00:00:05:00:00:00:00:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0xcd4397f4

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationName' 0x000a8b/0x00000050

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationPatches' 0x000a8b/0x00000051

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationStringVersion' 0x000a8b/0x00000052

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD ResidentApplicationVersion' 0x000a8b/0x00000053

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 144 bytes @ 0x7b4ec0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 CD 43 97 F4 00 00 55 97 00 00 00 22  .....C....U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 50 00 00 00 23 52 65 73 69 64 65 6E 74  ...P...#Resident

Aug  4 17:24:15 carol charon: 05[IMC]   48: 20 41 70 70 20 49 6E 74 65 72 66 61 63 65 2B 00   App Interface+.

Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 0A 8B 00 00 00 51 00 00 00 26 73 65 72 76 69  ......Q...&servi

Aug  4 17:24:15 carol charon: 05[IMC]   80: 63 65 20 70 61 74 63 68 20 32 30 31 35 2D 30 32  ce patch 2015-02

Aug  4 17:24:15 carol charon: 05[IMC]   96: 2D 30 39 0D 0A 00 00 0A 8B 00 00 00 52 00 00 00  -09.........R...

Aug  4 17:24:15 carol charon: 05[IMC]  112: 0F 32 2E 35 00 00 0A 8B 00 00 00 53 00 00 00 1C  .2.5.......S....

Aug  4 17:24:15 carol charon: 05[IMC]  128: 00 00 00 02 00 00 00 05 00 00 00 00 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Interface' 0x000a8b/0x00000028

</pre>

The next PA-TNC message of subtype PWG/HCD Scanner also contains attribute requests for missing attributes

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] handling PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 "HCD" received message for Connection ID 1 from IMV 1

Aug  4 17:24:15 carol charon: 05[IMC] => 64 bytes @ 0x7b8db0

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 CB B4 70 D2 00 00 55 97 00 00 00 21  ......p...U....!

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 FF A6 00 00 00 00  ................

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 01 00 00 00 24 00 00 0A 8B 00 00 00 3C  .......$.......<

Aug  4 17:24:15 carol charon: 05[IMC]   48: 00 00 0A 8B 00 00 00 50 00 00 0A 8B 00 00 00 64  .......P.......d

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC message with ID 0xcbb470d2

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'TCG/Max Attribute Size Request' 0x005597/0x00000021

Aug  4 17:24:15 carol charon: 05[TNC] processing PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x0000003c 'PWG/HCD FirmwareName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000050 'PWG/HCD ResidentApplicationName'

Aug  4 17:24:15 carol charon: 05[TNC]   0x000a8b/0x00000064 'PWG/HCD UserApplicationName'

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] IMC 2 received a segmentation contract request from IMV 1 for PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

Aug  4 17:24:15 carol charon: 05[IMC]   maximum attribute size of 10000000 bytes with maximum segment size of 65446 bytes

Aug  4 17:24:15 carol charon: 05[IMC]   lowered maximum segment size to 16294 bytes

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- fw-scanner ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareName: Scanner Firmware

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwarePatches:

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2013-08-11#015

Aug  4 17:24:15 carol charon: 05[IMC] security patch 2015-5-30#015

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareStringVersion: 2.5.3

Aug  4 17:24:15 carol charon: 05[IMC]   HCD FirmwareVersion: 00:00:00:02:00:00:00:05:00:00:00:03:00:00:00:00

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[IMC] --- user-app-scanner ---

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationName: EasyScan

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationPatches: 

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationStringVersion: 2.2.3.5.7

Aug  4 17:24:15 carol charon: 05[IMC]   HCD UserApplicationVersion: 00:00:00:02:00:00:00:02:00:00:00:03:00:05:00:07

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC message with ID 0x6238a2db

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'TCG/Max Attribute Size Response' 0x005597/0x00000022

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareName' 0x000a8b/0x0000003c

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwarePatches' 0x000a8b/0x0000003d

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareStringVersion' 0x000a8b/0x0000003e

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD FirmwareVersion' 0x000a8b/0x0000003f

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationName' 0x000a8b/0x00000064

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationPatches' 0x000a8b/0x00000065

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationStringVersion' 0x000a8b/0x00000066

Aug  4 17:24:15 carol charon: 05[TNC] creating PA-TNC attribute type 'PWG/HCD UserApplicationVersion' 0x000a8b/0x00000067

Aug  4 17:24:15 carol charon: 05[IMC] created PA-TNC message: => 247 bytes @ 0x7b9d60

Aug  4 17:24:15 carol charon: 05[IMC]    0: 01 00 00 00 62 38 A2 DB 00 00 55 97 00 00 00 22  ....b8....U...."

Aug  4 17:24:15 carol charon: 05[IMC]   16: 00 00 00 14 00 98 96 80 00 00 3F A6 00 00 0A 8B  ..........?.....

Aug  4 17:24:15 carol charon: 05[IMC]   32: 00 00 00 3C 00 00 00 1C 53 63 61 6E 6E 65 72 20  ...<....Scanner 

Aug  4 17:24:15 carol charon: 05[IMC]   48: 46 69 72 6D 77 61 72 65 00 00 0A 8B 00 00 00 3D  Firmware.......=

Aug  4 17:24:15 carol charon: 05[IMC]   64: 00 00 00 41 73 65 63 75 72 69 74 79 20 70 61 74  ...Asecurity pat

Aug  4 17:24:15 carol charon: 05[IMC]   80: 63 68 20 32 30 31 33 2D 30 38 2D 31 31 0D 0A 73  ch 2013-08-11..s

Aug  4 17:24:15 carol charon: 05[IMC]   96: 65 63 75 72 69 74 79 20 70 61 74 63 68 20 32 30  ecurity patch 20

Aug  4 17:24:15 carol charon: 05[IMC]  112: 31 35 2D 35 2D 33 30 0D 0A 00 00 0A 8B 00 00 00  15-5-30.........

Aug  4 17:24:15 carol charon: 05[IMC]  128: 3E 00 00 00 11 32 2E 35 2E 33 00 00 0A 8B 00 00  >....2.5.3......

Aug  4 17:24:15 carol charon: 05[IMC]  144: 00 3F 00 00 00 1C 00 00 00 02 00 00 00 05 00 00  .?..............

Aug  4 17:24:15 carol charon: 05[IMC]  160: 00 03 00 00 00 00 00 00 0A 8B 00 00 00 64 00 00  .............d..

Aug  4 17:24:15 carol charon: 05[IMC]  176: 00 14 45 61 73 79 53 63 61 6E 00 00 0A 8B 00 00  ..EasyScan......

Aug  4 17:24:15 carol charon: 05[IMC]  192: 00 65 00 00 00 0C 00 00 0A 8B 00 00 00 66 00 00  .e...........f..

Aug  4 17:24:15 carol charon: 05[IMC]  208: 00 15 32 2E 32 2E 33 2E 35 2E 37 00 00 0A 8B 00  ..2.2.3.5.7.....

Aug  4 17:24:15 carol charon: 05[IMC]  224: 00 00 67 00 00 00 1C 00 00 00 02 00 00 00 02 00  ..g.............

Aug  4 17:24:15 carol charon: 05[IMC]  240: 00 00 03 00 05 00 07                             .......

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-PA message type 'PWG/HCD Scanner' 0x000a8b/0x00000032

</pre>

<pre>

Aug  4 17:24:15 carol charon: 05[TNC] TNC client is handling outbound connection

Aug  4 17:24:15 carol charon: 05[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Aug  4 17:24:15 carol charon: 05[TNC] creating PB-TNC CDATA batch

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] adding IETF/PB-PA message

Aug  4 17:24:15 carol charon: 05[TNC] sending PB-TNC CDATA batch (1397 bytes) for Connection ID 1

Aug  4 17:24:15 carol charon: 05[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Aug  4 17:24:15 carol charon: 05[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 05[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (1100 bytes)

</pre>

h2. No more attributes to send

<pre>

Aug  4 17:24:15 carol charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 11[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 11[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (524 bytes)

Aug  4 17:24:15 carol charon: 04[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (156 bytes)

Aug  4 17:24:15 carol charon: 04[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 04[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 04[TNC] received TNCCS batch (8 bytes)

Aug  4 17:24:15 carol charon: 04[TNC] TNC client is handling inbound connection

Aug  4 17:24:15 carol charon: 04[TNC] processing PB-TNC SDATA batch for Connection ID 1

Aug  4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Aug  4 17:24:15 carol charon: 04[TNC] TNC client is handling outbound connection

Aug  4 17:24:15 carol charon: 04[TNC] no client data to send, sending empty PB-TNC CDATA batch

Aug  4 17:24:15 carol charon: 04[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Aug  4 17:24:15 carol charon: 04[TNC] creating PB-TNC CDATA batch

Aug  4 17:24:15 carol charon: 04[TNC] sending PB-TNC CDATA batch (8 bytes) for Connection ID 1

Aug  4 17:24:15 carol charon: 04[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Aug  4 17:24:15 carol charon: 04[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 04[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

</pre>

h2. Receiving assessment result

<pre>

Aug  4 17:24:15 carol charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (188 bytes)

Aug  4 17:24:15 carol charon: 12[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/PT]

Aug  4 17:24:15 carol charon: 12[TNC] received TNCCS batch (40 bytes)

Aug  4 17:24:15 carol charon: 12[TNC] TNC client is handling inbound connection

Aug  4 17:24:15 carol charon: 12[TNC] processing PB-TNC RESULT batch for Connection ID 1

Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Decided'

Aug  4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Assessment-Result message (16 bytes)

Aug  4 17:24:15 carol charon: 12[TNC] processing IETF/PB-Access-Recommendation message (16 bytes)

Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC assessment result is 'don't know'

Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC access recommendation is 'Access Denied'

Aug  4 17:24:15 carol charon: 12[IMC] IMC 1 "OS" changed state of Connection ID 1 to 'None'

Aug  4 17:24:15 carol charon: 12[IMC] IMC 2 "HCD" changed state of Connection ID 1 to 'None'

Aug  4 17:24:15 carol charon: 12[TNC] TNC client is handling outbound connection

Aug  4 17:24:15 carol charon: 12[TNC] PB-TNC state transition from 'Decided' to 'End'

Aug  4 17:24:15 carol charon: 12[TNC] creating PB-TNC CLOSE batch

Aug  4 17:24:15 carol charon: 12[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1

Aug  4 17:24:15 carol charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/PT]

Aug  4 17:24:15 carol charon: 12[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 12[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (156 bytes)

</pre>

<pre>

Aug  4 17:24:15 carol charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (140 bytes)

Aug  4 17:24:15 carol charon: 13[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]

Aug  4 17:24:15 carol charon: 13[TLS] received TLS close notify

Aug  4 17:24:15 carol charon: 13[TLS] sending TLS close notify

Aug  4 17:24:15 carol charon: 13[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]

Aug  4 17:24:15 carol charon: 13[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (140 bytes)

Aug  4 17:24:15 carol charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.100[4500] (76 bytes)

Aug  4 17:24:15 carol charon: 03[ENC] parsed IKE_AUTH response 13 [ EAP/FAIL ]

Aug  4 17:24:15 carol charon: 03[IKE] received EAP_FAILURE, EAP authentication failed

Aug  4 17:24:15 carol charon: 03[ENC] generating INFORMATIONAL request 14 [ N(AUTH_FAILED) ]

Aug  4 17:24:15 carol charon: 03[NET] sending packet: from 192.168.0.100[4500] to 192.168.0.1[4500] (76 bytes)

</pre>

<pre>

Aug  4 17:24:15 carol charon: 03[TNC] TODO: setup PT-TLS connection to aaa.strongswan.org:271

Aug  4 17:24:15 carol charon: 03[IMC] IMC 1 "OS" deleted the state of Connection ID 1

Aug  4 17:24:15 carol charon: 03[IMC] IMC 2 "HCD" deleted the state of Connection ID 1

Aug  4 17:24:15 carol charon: 03[TNC] removed TNCCS Connection ID 1

</pre>

<pre>

Aug  4 17:24:59 carol charon: 00[DMN] signal of type SIGINT received. Shutting down

Aug  4 17:24:59 carol charon: 00[IMC] IMC 2 "HCD" terminated

Aug  4 17:24:59 carol charon: 00[IMC] IMC 1 "OS" terminated

Aug  4 17:24:59 carol charon: 00[TNC] removed IETF attributes

Aug  4 17:24:59 carol charon: 00[TNC] removed ITA-HSR attributes

Aug  4 17:24:59 carol charon: 00[TNC] removed PWG attributes

Aug  4 17:24:59 carol charon: 00[TNC] removed TCG attributes

Aug  4 17:24:59 carol charon: 00[LIB] libimcv terminated</pre>