Endpoint Compliance via PT-TLS Protocol » History » Version 3

« Previous - Version 3/21 (diff) - Next » - Current version
Andreas Steffen, 16.08.2013 00:21

SWID Tag Requests via the PT-TLS Transport Protocol¶

Table of contents
SWID Tag Requests via the PT-TLS Transport Protocol

Starting the strongSwan Policy Decision Point (PDP)¶

The strongSwan PDP starts and loads its server certificate and the client credentials

00[DMN] Starting IKE charon daemon (strongSwan 5.1.0, Linux 3.10.5, x86_64)
00[LIB] openssl FIPS mode(0) - disabled 
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/aaaKey.pem'
00[CFG]   loaded EAP secret for carol
00[CFG]   loaded EAP secret for dave

Next the OS and SWID IMVs are loaded

 
00[TNC] TNC recommendation policy is 'default'
00[TNC] loading IMVs from '/etc/tnc_config'
00[TNC] added IETF attributes
00[TNC] added ITA-HSR attributes
00[LIB] libimcv initialized
00[IMV] IMV 1 "OS" initialized
00[TNC] IMV 1 supports 1 message type: 'IETF/Operating System' 0x000000/0x00000001
00[TNC] IMV 1 "OS" loaded from '/usr/local/lib/ipsec/imcvs/imv-os.so'
00[IMV] IMV 2 "SWID" initialized
00[TNC] added TCG attributes
00[LIB] libpts initialized
00[TNC] IMV 2 supports 1 message type: 'TCG/SWID' 0x005597/0x00000003
00[TNC] IMV 2 "SWID" loaded from '/usr/local/lib/ipsec/imcvs/imv-swid.so'

The PDP loads all plugins needed to communicate via its EAP-RADIUS and PT-TLS interfaces and spawns 16 worker threads

00[IKE] eap method EAP_TTLS selected
00[LIB] loaded plugins: charon curl pem pkcs1 nonce x509 revocation openssl socket-default kernel-netlink stroke tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
00[JOB] spawning 16 worker threads
05[CFG] received stroke: add connection 'aaa'
05[CFG]   loaded certificate "C=CH, O=Linux strongSwan, CN=aaa.strongswan.org" from 'aaaCert.pem'
05[CFG] added configuration 'aaa'

PT-TLS Connection by Access Requestor "carol"¶

11[TNC] accepting PT-TLS stream from 192.168.0.100

TLS Connection Setup¶

12[TNC] entering PT-TLS negotiation phase
12[TLS] processing TLS Handshake record (176 bytes)
12[TLS] received TLS ClientHello handshake (172 bytes)
12[TLS] received TLS 'signature algorithms' extension
12[TLS] received TLS 'elliptic curves' extension
12[TLS] received TLS 'ec point formats' extension
12[TLS] received TLS 'server name' extension
12[TLS] received 28 TLS cipher suites:
12[TLS]   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
12[TLS]   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
12[TLS]   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
12[TLS]   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
12[TLS]   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
12[TLS]   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
12[TLS]   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
12[TLS]   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
12[TLS]   TLS_DHE_RSA_WITH_AES_128_CBC_SHA
12[TLS]   TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
12[TLS]   TLS_DHE_RSA_WITH_AES_256_CBC_SHA
12[TLS]   TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
12[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
12[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
12[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
12[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
12[TLS]   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
12[TLS]   TLS_RSA_WITH_AES_128_CBC_SHA
12[TLS]   TLS_RSA_WITH_AES_128_CBC_SHA256 
12[TLS]   TLS_RSA_WITH_AES_256_CBC_SHA
12[TLS]   TLS_RSA_WITH_AES_256_CBC_SHA256
12[TLS]   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
12[TLS]   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
12[TLS]   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
12[TLS]   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
12[TLS]   TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
12[TLS]   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
12[TLS]   TLS_RSA_WITH_3DES_EDE_CBC_SHA
12[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
12[TLS] sending TLS ServerHello handshake (54 bytes)
12[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'
12[TLS] sending TLS Certificate handshake (1066 bytes)
12[TLS] selected ECDH group SECP256R1
12[TLS] created signature with MD5/RSA
12[TLS] sending TLS ServerKeyExchange handshake (329 bytes)
12[TLS] sending TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
12[TLS] sending TLS CertificateRequest handshake (102 bytes)
12[TLS] sending TLS ServerHelloDone handshake (0 bytes)
12[TLS] sending TLS Handshake record (1571 bytes)
12[TLS] processing TLS Handshake record (77 bytes)
12[TLS] received TLS Certificate handshake (3 bytes)
12[TLS] received TLS ClientKeyExchange handshake (66 bytes)
12[TLS] processing TLS ChangeCipherSpec record (1 bytes)
12[TLS] processing TLS Handshake record (64 bytes)
12[TLS] received TLS Finished handshake (12 bytes)
12[TLS] sending TLS ChangeCipherSpec record (1 bytes)
12[TLS] sending TLS Finished handshake (12 bytes)
12[TLS] sending TLS Handshake record (64 bytes)

PT-TLS Negotiation¶

12[TLS] processing TLS ApplicationData record (64 bytes)
12[TNC] received PT-TLS message #0 of type 'Version Request' (20 bytes)
12[TNC] sending PT-TLS message #0 of type 'Version Response' (20 bytes)
12[TLS] sending TLS ApplicationData record (64 bytes)
12[TNC] negotiated PT-TLS version 1

SASL Password-based Client Authentication¶

12[TNC] doing SASL client authentication
12[TNC] offering SASL PLAIN
12[TNC] sending PT-TLS message #1 of type 'SASL Mechanisms' (22 bytes)
12[TLS] sending TLS ApplicationData record (64 bytes)
12[TLS] processing TLS ApplicationData record (80 bytes)
12[TNC] received PT-TLS message #1 of type 'SASL Mechanism Selection' (37 bytes)
12[TNC] client starts SASL PLAIN authentication
12[TNC] SASL PLAIN authentication successful
12[TNC] SASL client identity is 'carol'
12[TNC] sending PT-TLS message #2 of type 'SASL Result' (17 bytes)
12[TLS] sending TLS ApplicationData record (64 bytes)
12[TNC] sending PT-TLS message #3 of type 'SASL Mechanisms' (16 bytes)
12[TLS] sending TLS ApplicationData record (64 bytes)

04[TNC] entering PT-TLS data transport phase
04[TNC] no PB-TNC batch to send
04[TLS] processing TLS ApplicationData record (320 bytes)
04[TNC] received PT-TLS message #2 of type 'PB-TNC Batch' (275 bytes)
04[TNC] assigned TNCCS Connection ID 1
04[IMV] IMV 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
04[IMV]   over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes
04[IMV]   user AR identity 'carol' authenticated by password
04[IMV]   assigned session ID 2
04[IMV] IMV 2 "SWID" created a state for IF-TNCCS 2.0 Connection ID 1: +long +excl -soh
04[IMV]   over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes
04[IMV]   user AR identity 'carol' authenticated by password
04[IMV]   assigned session ID 2
04[IMV] IMV 1 "OS" changed state of Connection ID 1 to 'Handshake'
04[IMV] IMV 2 "SWID" changed state of Connection ID 1 to 'Handshake'

04[TNC] received TNCCS batch (259 bytes) for Connection ID 1
04[TNC] => 259 bytes @ 0x6dcd80
04[TNC]    0: 02 00 00 01 00 00 01 03 00 00 00 00 00 00 00 06  ................
04[TNC]   16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75  ....Accept-Langu
04[TNC]   32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00  age: en.........
04[TNC]   48: 00 00 DC 00 00 00 00 00 00 00 01 00 01 FF FF 01  ................
04[TNC]   64: 00 00 00 B6 BB C4 99 00 00 00 00 00 00 00 02 00  ................
04[TNC]   80: 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00 00  ....%r..Debian..
04[TNC]   96: 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20 78  ...........7.0 x
04[TNC]  112: 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03 00  86_64...........
04[TNC]  128: 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
04[TNC]  144: 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24 03  ..............$.
04[TNC]  160: 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32 30  ...2013-08-15T20
04[TNC]  176: 3A 34 35 3A 30 36 5A 00 00 00 00 00 00 00 0B 00  :45:06Z.........
04[TNC]  192: 00 00 10 00 00 00 00 00 00 00 00 00 00 00 0C 00  ................
04[TNC]  208: 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08 00  ..........*.....
04[TNC]  224: 00 00 2C 37 37 38 31 62 33 38 39 34 66 30 31 66  ..,7781b3894f01f
04[TNC]  240: 34 30 62 38 36 35 64 33 38 36 36 35 31 37 30 32  40b865d386651702
04[TNC]  256: 65 30 62                                         e0b
04[TNC] PB-TNC state transition from 'Init' to 'Server Working'
04[TNC] processing PB-TNC CDATA batch
04[TNC] processing PB-Language-Preference message (31 bytes)
04[TNC] processing PB-PA message (220 bytes)
04[TNC] setting language preference to 'en'

04[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
04[IMV] IMV 1 "OS" received message for Connection ID 1 from IMC 1
04[IMV] => 196 bytes @ 0x6ee790
04[IMV]    0: 01 00 00 00 B6 BB C4 99 00 00 00 00 00 00 00 02  ................
04[IMV]   16: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00  .....%r..Debian.
04[IMV]   32: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20  ............7.0 
04[IMV]   48: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03  x86_64..........
04[IMV]   64: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00  ................
04[IMV]   80: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24  ...............$
04[IMV]   96: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32  ....2013-08-15T2
04[IMV]  112: 30 3A 34 35 3A 30 36 5A 00 00 00 00 00 00 00 0B  0:45:06Z........
04[IMV]  128: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 0C  ................
04[IMV]  144: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08  ...........*....
04[IMV]  160: 00 00 00 2C 37 37 38 31 62 33 38 39 34 66 30 31  ...,7781b3894f01
04[IMV]  176: 66 34 30 62 38 36 35 64 33 38 36 36 35 31 37 30  f40b865d38665170
04[IMV]  192: 32 65 30 62                                      2e0b
04[TNC] processing PA-TNC message with ID 0xb6bbc499
04[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
04[TNC] => 11 bytes @ 0x6ee7a4
04[TNC]    0: 00 25 72 00 00 44 65 62 69 61 6E                 .%r..Debian
04[TNC] processing PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004
04[TNC] => 13 bytes @ 0x6ee7bb
04[TNC]    0: 0A 37 2E 30 20 78 38 36 5F 36 34 00 00           .7.0 x86_64..
04[TNC] processing PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003
04[TNC] => 16 bytes @ 0x6ee7d4
04[TNC]    0: 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00  ................
04[TNC] processing PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005
04[TNC] => 24 bytes @ 0x6ee7f0
04[TNC]    0: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32  ....2013-08-15T2
04[TNC]   16: 30 3A 34 35 3A 30 36 5A                          0:45:06Z
04[TNC] processing PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b
04[TNC] => 4 bytes @ 0x6ee814
04[TNC]    0: 00 00 00 00                                      ....
04[TNC] processing PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c
04[TNC] => 4 bytes @ 0x6ee824
04[TNC]    0: 00 00 00 00                                      ....
04[TNC] processing PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008
04[TNC] => 32 bytes @ 0x6ee834
04[TNC]    0: 37 37 38 31 62 33 38 39 34 66 30 31 66 34 30 62  7781b3894f01f40b
04[TNC]   16: 38 36 35 64 33 38 36 36 35 31 37 30 32 65 30 62  865d386651702e0b

04[IMV] operating system name is 'Debian' from vendor Debian Project
04[IMV] operating system version is '7.0 x86_64'
04[IMV] operating system numeric version is 7.0
04[IMV] operational status: operational, result: successful
04[IMV] last boot: Aug 15 20:45:06 UTC 2013
04[IMV] IPv4 forwarding is disabled
04[IMV] factory default password is disabled

Device Identity¶

04[IMV] device ID is 7781b3894f01f40b865d386651702e0b

04[IMV] running policy script: 2>&1 TNC_SESSION_ID='2' ipsec imv_policy_manager start
04[IMV] policy: imv_policy_manager start successful

04[IMV] IMV 1 handled FWDEN workitem 3: allow - forwarding not enabled
04[TNC] creating PA-TNC message with ID 0x13044192
04[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009
04[TNC] => 4 bytes @ 0x6e35f0
04[TNC]    0: 00 00 00 00                                      ....
04[IMV] created PA-TNC message: => 24 bytes @ 0x6fba00
04[IMV]    0: 01 00 00 00 13 04 41 92 00 00 00 00 00 00 00 09  ......A.........
04[IMV]   16: 00 00 00 10 00 00 00 00                          ........
04[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
04[TNC] IMV 1 provides recommendation 'allow' and evaluation 'compliant'

Sending SWID Request¶

04[IMV] IMV 2 issues SWID tag request 6
04[TNC] creating PA-TNC message with ID 0x6bc52772
04[TNC] creating PA-TNC attribute type 'TCG/SWID Request' 0x005597/0x00000011
04[TNC] => 12 bytes @ 0x7150a0
04[TNC]    0: 01 00 00 00 00 00 00 06 00 00 00 00              ............
04[IMV] created PA-TNC message: => 32 bytes @ 0x6ebcc0
04[IMV]    0: 01 00 00 00 6B C5 27 72 00 00 55 97 00 00 00 11  ....k.'r..U.....
04[IMV]   16: 00 00 00 18 01 00 00 00 00 00 00 06 00 00 00 00  ................
04[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003
04[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
04[TNC] creating PB-TNC SDATA batch
04[TNC] adding PB-PA message
04[TNC] adding PB-PA message
04[TNC] sending PB-TNC SDATA batch (112 bytes) for Connection ID 1
04[TNC] => 112 bytes @ 0x6fc950
04[TNC]    0: 02 80 00 02 00 00 00 70 80 00 00 00 00 00 00 01  .......p........
04[TNC]   16: 00 00 00 30 00 00 00 00 00 00 00 01 FF FF 00 01  ...0............
04[TNC]   32: 01 00 00 00 13 04 41 92 00 00 00 00 00 00 00 09  ......A.........
04[TNC]   48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 01  ................
04[TNC]   64: 00 00 00 38 00 00 55 97 00 00 00 03 FF FF 00 02  ...8..U.........
04[TNC]   80: 01 00 00 00 6B C5 27 72 00 00 55 97 00 00 00 11  ....k.'r..U.....
04[TNC]   96: 00 00 00 18 01 00 00 00 00 00 00 06 00 00 00 00  ................
04[TNC] sending PT-TLS message #4 of type 'PB-TNC Batch' (128 bytes)
04[TLS] sending TLS ApplicationData record (176 bytes)

Receiving SWID Tag Identifier Inventory¶

04[TLS] processing TLS ApplicationData record (176 bytes)
04[TNC] received PT-TLS message #3 of type 'PB-TNC Batch' (134 bytes)
04[TNC] received TNCCS batch (118 bytes) for Connection ID 1
04[TNC] => 118 bytes @ 0x714f30
04[TNC]    0: 02 00 00 01 00 00 00 76 80 00 00 00 00 00 00 01  .......v........
04[TNC]   16: 00 00 00 6E 80 00 55 97 00 00 00 03 00 02 00 02  ...n..U.........
04[TNC]   32: 01 00 00 00 0C 84 EC 82 00 00 55 97 00 00 00 12  ..........U.....
04[TNC]   48: 00 00 00 4E 00 00 00 01 00 00 00 06 12 31 7A 21  ...N.........1z!
04[TNC]   64: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34  ......regid.2004
04[TNC]   80: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77  -03.org.strongsw
04[TNC]   96: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35  an..strongSwan-5
04[TNC]  112: 2D 31 2D 30 00 00                                -1-0..
04[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
04[TNC] processing PB-TNC CDATA batch
04[TNC] processing PB-PA message (110 bytes)

04[TNC] handling PB-PA message type 'TCG/SWID' 0x005597/0x00000003
04[IMV] IMV 2 "SWID" received message for Connection ID 1 from IMC 2 to IMV 2
04[IMV] => 86 bytes @ 0x6fbdc0
04[IMV]    0: 01 00 00 00 0C 84 EC 82 00 00 55 97 00 00 00 12  ..........U.....
04[IMV]   16: 00 00 00 4E 00 00 00 01 00 00 00 06 12 31 7A 21  ...N.........1z!
04[IMV]   32: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34  ......regid.2004
04[IMV]   48: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77  -03.org.strongsw
04[IMV]   64: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35  an..strongSwan-5
04[IMV]   80: 2D 31 2D 30 00 00                                -1-0..
04[TNC] processing PA-TNC message with ID 0x0c84ec82
04[TNC] processing PA-TNC attribute type 'TCG/SWID Tag Identifier Inventory' 0x005597/0x00000012
04[TNC] => 66 bytes @ 0x6fbdd4
04[TNC]    0: 00 00 00 01 00 00 00 06 12 31 7A 21 00 00 00 01  .........1z!....
04[TNC]   16: 00 1C 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E  ..regid.2004-03.
04[TNC]   32: 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 00 10  org.strongswan..
04[TNC]   48: 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 31 2D 30  strongSwan-5-1-0
04[TNC]   64: 00 00

                                            ..
04[IMV] received SWID tag ID inventory for request 6
04[IMV]   regid.2004-03.org.strongswan_strongSwan-5-1-0.swidtag

04[IMV] IMV 2 handled SWIDT workitem 6: allow - received SWID tag ID inventory
04[TNC] creating PA-TNC message with ID 0x51257e2e
04[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009
04[TNC] => 4 bytes @ 0x6e9e50
04[TNC]    0: 00 00 00 00                                      ....
04[IMV] created PA-TNC message: => 24 bytes @ 0x6ed440
04[IMV]    0: 01 00 00 00 51 25 7E 2E 00 00 00 00 00 00 00 09  ....Q%~.........
04[IMV]   16: 00 00 00 10 00 00 00 00                          ........
04[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003
04[TNC] IMV 2 provides recommendation 'allow' and evaluation 'compliant'

04[IMV] running policy script: 2>&1 TNC_SESSION_ID='2' ipsec imv_policy_manager stop
04[IMV] policy: imv_policy_manager stop successful

04[IMV] IMV 1 "OS" changed state of Connection ID 1 to 'Allowed'
04[IMV] IMV 2 "SWID" changed state of Connection ID 1 to 'Allowed'
04[TNC] PB-TNC state transition from 'Server Working' to 'Decided'
04[TNC] creating PB-TNC RESULT batch
04[TNC] adding PB-PA message
04[TNC] adding PB-Assessment-Result message
04[TNC] adding PB-Access-Recommendation message
04[TNC] sending PB-TNC RESULT batch (88 bytes) for Connection ID 1
04[TNC] => 88 bytes @ 0x6ea730
04[TNC]    0: 02 80 00 03 00 00 00 58 80 00 00 00 00 00 00 01  .......X........
04[TNC]   16: 00 00 00 30 00 00 55 97 00 00 00 03 FF FF 00 02  ...0..U.........
04[TNC]   32: 01 00 00 00 51 25 7E 2E 00 00 00 00 00 00 00 09  ....Q%~.........
04[TNC]   48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 02  ................
04[TNC]   64: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 03  ................
04[TNC]   80: 00 00 00 10 00 00 00 01                          ........
04[TNC] sending PT-TLS message #5 of type 'PB-TNC Batch' (104 bytes)
04[TLS] sending TLS ApplicationData record (144 bytes)

04[TLS] processing TLS ApplicationData record (64 bytes)
04[TNC] received PT-TLS message #4 of type 'PB-TNC Batch' (24 bytes)
04[TNC] received TNCCS batch (8 bytes) for Connection ID 1
04[TNC] => 8 bytes @ 0x7150a0
04[TNC]    0: 02 00 00 06 00 00 00 08                          ........
04[TNC] PB-TNC state transition from 'Decided' to 'End'
04[TNC] processing PB-TNC CLOSE batch
04[TNC] final recommendation is 'allow' and evaluation is 'compliant'
04[TNC] PT-TLS connection terminates
04[IMV] IMV 1 "OS" deleted the state of Connection ID 1
04[IMV] IMV 2 "SWID" deleted the state of Connection ID 1
04[TNC] removed TNCCS Connection ID 1
04[TLS] sending TLS close notify
04[TLS] sending TLS Alert record (48 bytes)

PT-TLS Connection by Access Requestor "dave"¶

13[TNC] accepting PT-TLS stream from 192.168.0.200

TLS Connection Setup¶

14[TNC] entering PT-TLS negotiation phase
14[TLS] processing TLS Handshake record (176 bytes)
14[TLS] received TLS ClientHello handshake (172 bytes)
14[TLS] received TLS 'signature algorithms' extension
14[TLS] received TLS 'elliptic curves' extension
14[TLS] received TLS 'ec point formats' extension
14[TLS] received TLS 'server name' extension
14[TLS] received 28 TLS cipher suites:
14[TLS]   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
14[TLS]   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
14[TLS]   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
14[TLS]   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
14[TLS]   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
14[TLS]   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
14[TLS]   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
14[TLS]   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
14[TLS]   TLS_DHE_RSA_WITH_AES_128_CBC_SHA
14[TLS]   TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
14[TLS]   TLS_DHE_RSA_WITH_AES_256_CBC_SHA
14[TLS]   TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
14[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
14[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
14[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
14[TLS]   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
14[TLS]   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
14[TLS]   TLS_RSA_WITH_AES_128_CBC_SHA
14[TLS]   TLS_RSA_WITH_AES_128_CBC_SHA256 
14[TLS]   TLS_RSA_WITH_AES_256_CBC_SHA
14[TLS]   TLS_RSA_WITH_AES_256_CBC_SHA256
14[TLS]   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
14[TLS]   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
14[TLS]   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
14[TLS]   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
14[TLS]   TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
14[TLS]   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
14[TLS]   TLS_RSA_WITH_3DES_EDE_CBC_SHA
14[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
14[TLS] sending TLS ServerHello handshake (54 bytes)
14[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=aaa.strongswan.org'
14[TLS] sending TLS Certificate handshake (1066 bytes)
14[TLS] selected ECDH group SECP256R1
14[TLS] created signature with MD5/RSA
14[TLS] sending TLS ServerKeyExchange handshake (329 bytes)
14[TLS] sending TLS cert request for 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
14[TLS] sending TLS CertificateRequest handshake (102 bytes)
14[TLS] sending TLS ServerHelloDone handshake (0 bytes)
14[TLS] sending TLS Handshake record (1571 bytes)
14[TLS] processing TLS Handshake record (1406 bytes)
14[TLS] received TLS Certificate handshake (1068 bytes)
14[TLS] received TLS peer certificate 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org'
14[TLS] received TLS ClientKeyExchange handshake (66 bytes)
14[TLS] received TLS CertificateVerify handshake (260 bytes)
14[CFG]   using certificate "C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org" 
14[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
14[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org" 
14[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
14[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
14[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" 
14[CFG]   crl is valid: until Sep 14 20:44:55 2013
14[CFG] certificate status is good
14[CFG]   reached self-signed root ca with a path length of 0
14[TLS] verified signature with SHA1/RSA
14[TLS] processing TLS ChangeCipherSpec record (1 bytes)
14[TLS] processing TLS Handshake record (64 bytes)
14[TLS] received TLS Finished handshake (12 bytes)
14[TLS] sending TLS ChangeCipherSpec record (1 bytes)
14[TLS] sending TLS Finished handshake (12 bytes)
14[TLS] sending TLS Handshake record (64 bytes)

PT-TLS Negotiation¶

14[TLS] processing TLS ApplicationData record (64 bytes)
14[TNC] received PT-TLS message #0 of type 'Version Request' (20 bytes)
14[TNC] sending PT-TLS message #0 of type 'Version Response' (20 bytes)
14[TLS] sending TLS ApplicationData record (64 bytes)
14[TNC] negotiated PT-TLS version 1

TLS Certificate-based Client Authentication¶

14[TNC] doing SASL client authentication
14[TNC] skipping SASL, client already authenticated by TLS certificate
14[TNC] sending PT-TLS message #1 of type 'SASL Mechanisms' (16 bytes)
14[TLS] sending TLS ApplicationData record (64 bytes)

15[TNC] entering PT-TLS data transport phase
15[TNC] no PB-TNC batch to send
15[TLS] processing TLS ApplicationData record (96 bytes)
15[TNC] received PT-TLS message #1 of type 'PB-TNC Batch' (55 bytes)
15[TNC] assigned TNCCS Connection ID 2
15[IMV] IMV 1 "OS" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh
15[IMV]   over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes
15[IMV]   user AR identity 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' authenticated by certificate
15[IMV]   assigned session ID 3
15[IMV] IMV 2 "SWID" created a state for IF-TNCCS 2.0 Connection ID 2: +long +excl -soh
15[IMV]   over IF-T for TLS 2.0 with maximum PA-TNC message size of 131024 bytes
15[IMV]   user AR identity 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' authenticated by certificate
15[IMV]   assigned session ID 3
15[IMV] IMV 1 "OS" changed state of Connection ID 2 to 'Handshake'
15[IMV] IMV 2 "SWID" changed state of Connection ID 2 to 'Handshake'

15[TNC] received TNCCS batch (39 bytes) for Connection ID 2
15[TNC] => 39 bytes @ 0x6e87f0
15[TNC]    0: 02 00 00 01 00 00 00 27 00 00 00 00 00 00 00 06  .......'........
15[TNC]   16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75  ....Accept-Langu
15[TNC]   32: 61 67 65 3A 20 65 6E                             age: en
15[TNC] PB-TNC state transition from 'Init' to 'Server Working'
15[TNC] processing PB-TNC CDATA batch
15[TNC] processing PB-Language-Preference message (31 bytes)
15[TNC] setting language preference to 'en'

15[TNC] creating PA-TNC message with ID 0xdf43848c
15[TNC] creating PA-TNC attribute type 'IETF/Attribute Request' 0x000000/0x00000001
15[TNC] => 56 bytes @ 0x6ec8d0
15[TNC]    0: 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 04  ................
15[TNC]   16: 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 05  ................
15[TNC]   32: 00 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 0C  ................
15[TNC]   48: 00 00 90 2A 00 00 00 08                          ...*....
15[IMV] created PA-TNC message: => 76 bytes @ 0x739a80
15[IMV]    0: 01 00 00 00 DF 43 84 8C 00 00 00 00 00 00 00 01  .....C..........
15[IMV]   16: 00 00 00 44 00 00 00 00 00 00 00 02 00 00 00 00  ...D............
15[IMV]   32: 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 00  ................
15[IMV]   48: 00 00 00 05 00 00 00 00 00 00 00 0B 00 00 00 00  ................
15[IMV]   64: 00 00 00 0C 00 00 90 2A 00 00 00 08              .......*....
15[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
15[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
15[TNC] creating PB-TNC SDATA batch
15[TNC] adding PB-PA message
15[TNC] sending PB-TNC SDATA batch (108 bytes) for Connection ID 2
15[TNC] => 108 bytes @ 0x6e7820
15[TNC]    0: 02 80 00 02 00 00 00 6C 80 00 00 00 00 00 00 01  .......l........
15[TNC]   16: 00 00 00 64 00 00 00 00 00 00 00 01 FF FF 00 01  ...d............
15[TNC]   32: 01 00 00 00 DF 43 84 8C 00 00 00 00 00 00 00 01  .....C..........
15[TNC]   48: 00 00 00 44 00 00 00 00 00 00 00 02 00 00 00 00  ...D............
15[TNC]   64: 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 00  ................
15[TNC]   80: 00 00 00 05 00 00 00 00 00 00 00 0B 00 00 00 00  ................
15[TNC]   96: 00 00 00 0C 00 00 90 2A 00 00 00 08              .......*....
15[TNC] sending PT-TLS message #2 of type 'PB-TNC Batch' (124 bytes)
15[TLS] sending TLS ApplicationData record (176 bytes)

15[TLS] processing TLS ApplicationData record (288 bytes)
15[TNC] received PT-TLS message #2 of type 'PB-TNC Batch' (244 bytes)
15[TNC] received TNCCS batch (228 bytes) for Connection ID 2
15[TNC] => 228 bytes @ 0x714a00
15[TNC]    0: 02 00 00 01 00 00 00 E4 80 00 00 00 00 00 00 01  ................
15[TNC]   16: 00 00 00 DC 80 00 00 00 00 00 00 01 00 01 00 01  ................
15[TNC]   32: 01 00 00 00 D5 CA 70 3D 00 00 00 00 00 00 00 02  ......p=........
15[TNC]   48: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00  .....%r..Debian.
15[TNC]   64: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20  ............7.0 
15[TNC]   80: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03  x86_64..........
15[TNC]   96: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00  ................
15[TNC]  112: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24  ...............$
15[TNC]  128: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32  ....2013-08-15T2
15[TNC]  144: 30 3A 34 35 3A 30 37 5A 00 00 00 00 00 00 00 0B  0:45:07Z........
15[TNC]  160: 00 00 00 10 00 00 00 01 00 00 00 00 00 00 00 0C  ................
15[TNC]  176: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08  ...........*....
15[TNC]  192: 00 00 00 2C 61 61 62 62 63 63 64 64 65 65 66 66  ...,aabbccddeeff
15[TNC]  208: 31 31 32 32 33 33 34 34 35 35 36 36 37 37 38 38  1122334455667788
15[TNC]  224: 39 39 30 30                                      9900
15[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
15[TNC] processing PB-TNC CDATA batch
15[TNC] processing PB-PA message (220 bytes)
15[TNC] handling PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
15[IMV] IMV 1 "OS" received message for Connection ID 2 from IMC 1 to IMV 1
15[IMV] => 196 bytes @ 0x738ac0
15[IMV]    0: 01 00 00 00 D5 CA 70 3D 00 00 00 00 00 00 00 02  ......p=........
15[IMV]   16: 00 00 00 17 00 25 72 00 00 44 65 62 69 61 6E 00  .....%r..Debian.
15[IMV]   32: 00 00 00 00 00 00 04 00 00 00 19 0A 37 2E 30 20  ............7.0 
15[IMV]   48: 78 38 36 5F 36 34 00 00 00 00 00 00 00 00 00 03  x86_64..........
15[IMV]   64: 00 00 00 1C 00 00 00 07 00 00 00 00 00 00 00 00  ................
15[IMV]   80: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 24  ...............$
15[IMV]   96: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32  ....2013-08-15T2
15[IMV]  112: 30 3A 34 35 3A 30 37 5A 00 00 00 00 00 00 00 0B  0:45:07Z........
15[IMV]  128: 00 00 00 10 00 00 00 01 00 00 00 00 00 00 00 0C  ................
15[IMV]  144: 00 00 00 10 00 00 00 00 00 00 90 2A 00 00 00 08  ...........*....
15[IMV]  160: 00 00 00 2C 61 61 62 62 63 63 64 64 65 65 66 66  ...,aabbccddeeff
15[IMV]  176: 31 31 32 32 33 33 34 34 35 35 36 36 37 37 38 38  1122334455667788
15[IMV]  192: 39 39 30 30                                      9900
15[TNC] processing PA-TNC message with ID 0xd5ca703d
15[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
15[TNC] => 11 bytes @ 0x738ad4
15[TNC]    0: 00 25 72 00 00 44 65 62 69 61 6E                 .%r..Debian
15[TNC] processing PA-TNC attribute type 'IETF/String Version' 0x000000/0x00000004
15[TNC] => 13 bytes @ 0x738aeb
15[TNC]    0: 0A 37 2E 30 20 78 38 36 5F 36 34 00 00           .7.0 x86_64..
15[TNC] processing PA-TNC attribute type 'IETF/Numeric Version' 0x000000/0x00000003
15[TNC] => 16 bytes @ 0x738b04
15[TNC]    0: 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00  ................
15[TNC] processing PA-TNC attribute type 'IETF/Operational Status' 0x000000/0x00000005
15[TNC] => 24 bytes @ 0x738b20
15[TNC]    0: 03 01 00 00 32 30 31 33 2D 30 38 2D 31 35 54 32  ....2013-08-15T2
15[TNC]   16: 30 3A 34 35 3A 30 37 5A                          0:45:07Z
15[TNC] processing PA-TNC attribute type 'IETF/Forwarding Enabled' 0x000000/0x0000000b
15[TNC] => 4 bytes @ 0x738b44
15[TNC]    0: 00 00 00 01                                      ....
15[TNC] processing PA-TNC attribute type 'IETF/Factory Default Password Enabled' 0x000000/0x0000000c
15[TNC] => 4 bytes @ 0x738b54
15[TNC]    0: 00 00 00 00                                      ....
15[TNC] processing PA-TNC attribute type 'ITA-HSR/Device ID' 0x00902a/0x00000008
15[TNC] => 32 bytes @ 0x738b64
15[TNC]    0: 61 61 62 62 63 63 64 64 65 65 66 66 31 31 32 32  aabbccddeeff1122
15[TNC]   16: 33 33 34 34 35 35 36 36 37 37 38 38 39 39 30 30  3344556677889900

15[IMV] operating system name is 'Debian' from vendor Debian Project
15[IMV] operating system version is '7.0 x86_64'
15[IMV] operating system numeric version is 7.0
15[IMV] operational status: operational, result: successful
15[IMV] last boot: Aug 15 20:45:07 UTC 2013
15[IMV] IPv4 forwarding is enabled
15[IMV] factory default password is disabled

Device Identity¶

15[IMV] device ID is aabbccddeeff11223344556677889900

15[IMV] running policy script: 2>&1 TNC_SESSION_ID='3' ipsec imv_policy_manager start
15[IMV] policy: imv_policy_manager start successful

15[IMV] IMV 1 handled FWDEN workitem 11: isolate - forwarding enabled
15[TNC] creating PA-TNC message with ID 0x43672a51
15[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009
15[TNC] => 4 bytes @ 0x6edbd0
15[TNC]    0: 00 00 00 02                                      ....
15[TNC] creating PA-TNC attribute type 'IETF/Remediation Instructions' 0x000000/0x0000000a
15[TNC] => 81 bytes @ 0x731850
15[TNC]    0: 00 00 00 00 00 00 00 02 00 00 00 42 49 50 20 50  ...........BIP P
15[TNC]   16: 61 63 6B 65 74 20 46 6F 72 77 61 72 64 69 6E 67  acket Forwarding
15[TNC]   32: 0A 20 20 50 6C 65 61 73 65 20 64 69 73 61 62 6C  .  Please disabl
15[TNC]   48: 65 20 74 68 65 20 66 6F 72 77 61 72 64 69 6E 67  e the forwarding
15[TNC]   64: 20 6F 66 20 49 50 20 70 61 63 6B 65 74 73 02 65   of IP packets.e
15[TNC]   80: 6E                                               n
15[IMV] created PA-TNC message: => 117 bytes @ 0x738620
15[IMV]    0: 01 00 00 00 43 67 2A 51 00 00 00 00 00 00 00 09  ....Cg*Q........
15[IMV]   16: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 0A  ................
15[IMV]   32: 00 00 00 5D 00 00 00 00 00 00 00 02 00 00 00 42  ...]...........B
15[IMV]   48: 49 50 20 50 61 63 6B 65 74 20 46 6F 72 77 61 72  IP Packet Forwar
15[IMV]   64: 64 69 6E 67 0A 20 20 50 6C 65 61 73 65 20 64 69  ding.  Please di
15[IMV]   80: 73 61 62 6C 65 20 74 68 65 20 66 6F 72 77 61 72  sable the forwar
15[IMV]   96: 64 69 6E 67 20 6F 66 20 49 50 20 70 61 63 6B 65  ding of IP packe
15[IMV]  112: 74 73 02 65 6E                                   ts.en
15[TNC] creating PB-PA message type 'IETF/Operating System' 0x000000/0x00000001
15[TNC] IMV 1 is setting reason string to 'Improper OS settings were detected'
15[TNC] IMV 1 is setting reason language to 'en'
15[TNC] IMV 1 provides recommendation 'isolate' and evaluation 'non-compliant major'

Sending SWID Request¶

15[IMV] IMV 2 issues SWID tag request 14
15[TNC] creating PA-TNC message with ID 0xc9837a03
15[TNC] creating PA-TNC attribute type 'TCG/SWID Request' 0x005597/0x00000011
15[TNC] => 12 bytes @ 0x6f1400
15[TNC]    0: 01 00 00 00 00 00 00 0E 00 00 00 00              ............
15[IMV] created PA-TNC message: => 32 bytes @ 0x731cd0
15[IMV]    0: 01 00 00 00 C9 83 7A 03 00 00 55 97 00 00 00 11  ......z...U.....
15[IMV]   16: 00 00 00 18 01 00 00 00 00 00 00 0E 00 00 00 00  ................
15[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003

15[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
15[TNC] creating PB-TNC SDATA batch
15[TNC] adding PB-PA message
15[TNC] adding PB-PA message
15[TNC] sending PB-TNC SDATA batch (205 bytes) for Connection ID 2
15[TNC] => 205 bytes @ 0x738620
15[TNC]    0: 02 80 00 02 00 00 00 CD 80 00 00 00 00 00 00 01  ................
15[TNC]   16: 00 00 00 8D 00 00 00 00 00 00 00 01 FF FF 00 01  ................
15[TNC]   32: 01 00 00 00 43 67 2A 51 00 00 00 00 00 00 00 09  ....Cg*Q........
15[TNC]   48: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 0A  ................
15[TNC]   64: 00 00 00 5D 00 00 00 00 00 00 00 02 00 00 00 42  ...]...........B
15[TNC]   80: 49 50 20 50 61 63 6B 65 74 20 46 6F 72 77 61 72  IP Packet Forwar
15[TNC]   96: 64 69 6E 67 0A 20 20 50 6C 65 61 73 65 20 64 69  ding.  Please di
15[TNC]  112: 73 61 62 6C 65 20 74 68 65 20 66 6F 72 77 61 72  sable the forwar
15[TNC]  128: 64 69 6E 67 20 6F 66 20 49 50 20 70 61 63 6B 65  ding of IP packe
15[TNC]  144: 74 73 02 65 6E 80 00 00 00 00 00 00 01 00 00 00  ts.en...........
15[TNC]  160: 38 00 00 55 97 00 00 00 03 FF FF 00 02 01 00 00  8..U............
15[TNC]  176: 00 C9 83 7A 03 00 00 55 97 00 00 00 11 00 00 00  ...z...U........
15[TNC]  192: 18 01 00 00 00 00 00 00 0E 00 00 00 00           .............
15[TNC] sending PT-TLS message #3 of type 'PB-TNC Batch' (221 bytes)
15[TLS] sending TLS ApplicationData record (272 bytes)

15[TLS] processing TLS ApplicationData record (176 bytes)
15[TNC] received PT-TLS message #3 of type 'PB-TNC Batch' (134 bytes)
15[TNC] received TNCCS batch (118 bytes) for Connection ID 2
15[TNC] => 118 bytes @ 0x724380
15[TNC]    0: 02 00 00 01 00 00 00 76 80 00 00 00 00 00 00 01  .......v........
15[TNC]   16: 00 00 00 6E 80 00 55 97 00 00 00 03 00 02 00 02  ...n..U.........
15[TNC]   32: 01 00 00 00 0E 1E BE 66 00 00 55 97 00 00 00 12  .......f..U.....
15[TNC]   48: 00 00 00 4E 00 00 00 01 00 00 00 0E D5 98 C7 9E  ...N............
15[TNC]   64: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34  ......regid.2004
15[TNC]   80: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77  -03.org.strongsw
15[TNC]   96: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35  an..strongSwan-5
15[TNC]  112: 2D 31 2D 30 00 00                                -1-0..
15[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
15[TNC] processing PB-TNC CDATA batch
15[TNC] processing PB-PA message (110 bytes)

Receiving SWID Tag Identifier Inventory¶

15[TNC] handling PB-PA message type 'TCG/SWID' 0x005597/0x00000003
15[IMV] IMV 2 "SWID" received message for Connection ID 2 from IMC 2 to IMV 2
15[IMV] => 86 bytes @ 0x738880
15[IMV]    0: 01 00 00 00 0E 1E BE 66 00 00 55 97 00 00 00 12  .......f..U.....
15[IMV]   16: 00 00 00 4E 00 00 00 01 00 00 00 0E D5 98 C7 9E  ...N............
15[IMV]   32: 00 00 00 01 00 1C 72 65 67 69 64 2E 32 30 30 34  ......regid.2004
15[IMV]   48: 2D 30 33 2E 6F 72 67 2E 73 74 72 6F 6E 67 73 77  -03.org.strongsw
15[IMV]   64: 61 6E 00 10 73 74 72 6F 6E 67 53 77 61 6E 2D 35  an..strongSwan-5
15[IMV]   80: 2D 31 2D 30 00 00                                -1-0..
15[TNC] processing PA-TNC message with ID 0x0e1ebe66
15[TNC] processing PA-TNC attribute type 'TCG/SWID Tag Identifier Inventory' 0x005597/0x00000012
15[TNC] => 66 bytes @ 0x738894
15[TNC]    0: 00 00 00 01 00 00 00 0E D5 98 C7 9E 00 00 00 01  ................
15[TNC]   16: 00 1C 72 65 67 69 64 2E 32 30 30 34 2D 30 33 2E  ..regid.2004-03.
15[TNC]   32: 6F 72 67 2E 73 74 72 6F 6E 67 73 77 61 6E 00 10  org.strongswan..
15[TNC]   48: 73 74 72 6F 6E 67 53 77 61 6E 2D 35 2D 31 2D 30  strongSwan-5-1-0
15[TNC]   64: 00 00                                            ..

15[IMV] received SWID tag ID inventory for request 14
15[IMV]   regid.2004-03.org.strongswan_strongSwan-5-1-0.swidtag

15[IMV] IMV 2 handled SWIDT workitem 14: allow - received SWID tag ID inventory
15[TNC] creating PA-TNC message with ID 0xfd87492d
15[TNC] creating PA-TNC attribute type 'IETF/Assessment Result' 0x000000/0x00000009
15[TNC] => 4 bytes @ 0x6f9fe0
15[TNC]    0: 00 00 00 00                                      ....
15[IMV] created PA-TNC message: => 24 bytes @ 0x7391d0
15[IMV]    0: 01 00 00 00 FD 87 49 2D 00 00 00 00 00 00 00 09  ......I-........
15[IMV]   16: 00 00 00 10 00 00 00 00                          ........
15[TNC] creating PB-PA message type 'TCG/SWID' 0x005597/0x00000003
15[TNC] IMV 2 provides recommendation 'allow' and evaluation 'compliant'

15[IMV] running policy script: 2>&1 TNC_SESSION_ID='3' ipsec imv_policy_manager stop
15[IMV] policy: imv_policy_manager stop successful

15[IMV] IMV 1 "OS" changed state of Connection ID 2 to 'Isolated'
15[IMV] IMV 2 "SWID" changed state of Connection ID 2 to 'Isolated'
15[TNC] PB-TNC state transition from 'Server Working' to 'Decided'
15[TNC] creating PB-TNC RESULT batch
15[TNC] adding PB-PA message
15[TNC] adding PB-Assessment-Result message
15[TNC] adding PB-Access-Recommendation message
15[TNC] adding PB-Reason-String message
15[TNC] sending PB-TNC RESULT batch (141 bytes) for Connection ID 2
15[TNC] => 141 bytes @ 0x714aa0
15[TNC]    0: 02 80 00 03 00 00 00 8D 80 00 00 00 00 00 00 01  ................
15[TNC]   16: 00 00 00 30 00 00 55 97 00 00 00 03 FF FF 00 02  ...0..U.........
15[TNC]   32: 01 00 00 00 FD 87 49 2D 00 00 00 00 00 00 00 09  ......I-........
15[TNC]   48: 00 00 00 10 00 00 00 00 80 00 00 00 00 00 00 02  ................
15[TNC]   64: 00 00 00 10 00 00 00 02 00 00 00 00 00 00 00 03  ................
15[TNC]   80: 00 00 00 10 00 00 00 03 00 00 00 00 00 00 00 07  ................
15[TNC]   96: 00 00 00 35 00 00 00 22 49 6D 70 72 6F 70 65 72  ...5..."Improper
15[TNC]  112: 20 4F 53 20 73 65 74 74 69 6E 67 73 20 77 65 72   OS settings wer
15[TNC]  128: 65 20 64 65 74 65 63 74 65 64 02 65 6E           e detected.en
15[TNC] sending PT-TLS message #4 of type 'PB-TNC Batch' (157 bytes)
15[TLS] sending TLS ApplicationData record (208 bytes)

15[TLS] processing TLS ApplicationData record (64 bytes)
15[TNC] received PT-TLS message #4 of type 'PB-TNC Batch' (24 bytes)
15[TNC] received TNCCS batch (8 bytes) for Connection ID 2
15[TNC] => 8 bytes @ 0x6f1400
15[TNC]    0: 02 00 00 06 00 00 00 08                          ........
15[TNC] PB-TNC state transition from 'Decided' to 'End'
15[TNC] processing PB-TNC CLOSE batch
15[TNC] final recommendation is 'isolate' and evaluation is 'non-compliant major'
15[TNC] PT-TLS connection terminates
15[IMV] IMV 1 "OS" deleted the state of Connection ID 2
15[IMV] IMV 2 "SWID" deleted the state of Connection ID 2
15[TNC] removed TNCCS Connection ID 2
15[TLS] sending TLS close notify
15[TLS] sending TLS Alert record (48 bytes)

Terminating the strongSwan Policy Decision Point¶

00[DMN] signal of type SIGINT received. Shutting down
00[IMV] IMV 2 "SWID" terminated
00[TNC] removed TCG attributes
00[LIB] libpts terminated
00[IMV] IMV 1 "OS" terminated
00[TNC] removed IETF attributes
00[TNC] removed ITA-HSR attributes
00[LIB] libimcv terminated

Files (0)

Project

General

Profile

strongSwan

Documentation¶

Resources¶

Wiki

Endpoint Compliance via PT-TLS Protocol » History » Version 3

SWID Tag Requests via the PT-TLS Transport Protocol¶

Starting the strongSwan Policy Decision Point (PDP)¶

PT-TLS Connection by Access Requestor "carol"¶

TLS Connection Setup¶

PT-TLS Negotiation¶

SASL Password-based Client Authentication¶

Device Identity¶

Sending SWID Request¶

Receiving SWID Tag Identifier Inventory¶

PT-TLS Connection by Access Requestor "dave"¶

TLS Connection Setup¶

PT-TLS Negotiation¶

TLS Certificate-based Client Authentication¶

Device Identity¶

Sending SWID Request¶

Receiving SWID Tag Identifier Inventory¶

Terminating the strongSwan Policy Decision Point¶