strongSwan

h1. TNC Client with PTS-IMC

This HOWTO explains in a step-for-step fashion how a strongSwan IPsec client with integrated TNC client functionality and an attached Platform Trust Service Integrity Measurement Collector (PTS-IMC) can provide remote attestation measurement data to a TNC server via the IKEv2 EAP-TTLS protocol. 

{{>toc}}

h2. Installation and Configuration

The following steps describe the installation of the strongSwan software

<pre>

  wget http://download.strongswan.org/strongswan-4.6.2rc1.tar.bz2

  tar xjf strongswan-4.6.2rc1.tar.bz2

  cd strongswan-4.6.2rc1

  ./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl

              --enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc

              --enable-tnccs-20 --enable-tnc-imc --enable-imc-attestation

  make

  [sudo] make install 

</pre>

The strongSwan *imc-attestation.so* dynamic PTS-IMC library depends on the "TrouSerS":http://sourceforge.net/projects/trousers/ libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.

The connection between IPsec client *carol* and IPsec gateway *moon* is defined in the /etc/ipsec.conf file:

<pre>

# ipsec.conf - strongSwan IPsec configuration file

config setup

     charondebug="tnc 3, imc 3, pts 3"

conn home

     left=%any

     leftid=carol@strongswan.org

     leftauth=eap

     right=192.168.0.1

     rightid=@moon.strongswan.org

     rightsendcert=never

     rightsubnet=10.1.0.0/16

     auto=start

</pre>

The debug levels for the TNC, IMC, and PTS components are increased to 3, so that HEX dumps of PB-TNC (IF-TNCCS 2.0) messages and PA-TNC (IF-M) attributes will be included in the log file.

The IKEv2 client *carol* is going to use EAP-based authentication with the user credentials being stored in the /etc/ipsec.secrets file:

<pre>

# /etc/ipsec.secrets - strongSwan IPsec secrets file

carol@strongswan.org : EAP "Ar3etTnp"

</pre>

The following IKEv2 charon and Attestation IMC options are defined in the /etc/strongswan.conf file

<pre>

# strongswan.conf - strongSwan configuration file

charon {

  load = sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke

  plugins {

    eap-tnc {

      protocol = tnccs-2.0

    }

    tnc-imc {

      preferred_language = en

    }

  }

}

libimcv {

  plugins {

    imc-attestation {

      aik_cert = /home/andi/privacyca/AIK_3_Cert.der

      aik_blob = /home/andi/privacyca/AIK_3_Blob.bin

      pcr17_meas   = d537d437f058136eb3d7be517dbe7647b623c619 

      pcr17_before = 1717171717171717171717171717171717171717 

      pcr17_after  = ffffffffffffffffffffffffffffffffffffffff 

      pcr18_meas   = 160d2b04d11eb225fb148615b699081869e15b6c 

      pcr18_before = 1818181818181818181818181818181818181818 

      pcr18_after  = ffffffffffffffffffffffffffffffffffffffff 

    }

  }

}

</pre>

h2. IKEv2 Negotiation

h3. Startup and Initialization

The command

<pre>

ipsec start

</pre>

starts the TNC-enabled IPsec client:

<pre>

Feb  9 14:53:42 pin1212a00 charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2rc1)

Feb  9 14:53:42 pin1212a00 charon: 00[KNL] listening on interfaces:

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]   eth0

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]     152.96.31.100

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]     fe80::219:99ff:feb3:92c3

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]   umlbr0

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]     192.168.0.254

Feb  9 14:53:42 pin1212a00 charon: 00[KNL]     fe80::9cb8:adff:fe5a:270a

</pre>

The file /etc/tnc_config

<pre>

# IMC configuration file for strongSwan client 

IMC "Attestation" /usr/lib/ipsec/imcvs/imc-attestation.so

</pre>

defines which IMCs are loaded by the TNC client:

<pre>

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] loading IMCs from '/etc/tnc_config'

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA1[sha1] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA256[openssl] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   optional  PTS measurement algorithm HASH_SHA384[openssl] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_2048[gmp] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1536[gmp] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1024[gmp] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   mandatory PTS DH group ECP_256[openssl] available

Feb  9 14:53:42 pin1212a00 charon: 00[PTS]   optional  PTS DH group ECP_384[openssl] available

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] added IETF attributes

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] added ITA-HSR attributes

Feb  9 14:53:42 pin1212a00 charon: 00[LIB] libimcv initialized

Feb  9 14:53:42 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" initialized

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] added TCG attributes

Feb  9 14:53:42 pin1212a00 charon: 00[PTS] added TCG functional component namespace

Feb  9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component namespace

Feb  9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader'

Feb  9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot'

Feb  9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Linux IMA'

Feb  9 14:53:42 pin1212a00 charon: 00[LIB] libpts initialized

Feb  9 14:53:42 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" provided with bind function

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] IMC 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:42 pin1212a00 charon: 00[TNC] IMC 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imc-attestation.so'

</pre>

Next the IKEv2 credential,all necessary plugins and the IPsec connection definition are loaded

<pre>

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'

Feb  9 14:53:42 pin1212a00 charon: 00[CFG]   loaded EAP secret for carol@strongswan.org

Feb  9 14:53:42 pin1212a00 charon: 00[DMN] loaded plugins: sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke

Feb  9 14:53:42 pin1212a00 charon: 00[JOB] spawning 16 worker threads

Feb  9 14:53:42 pin1212a00 charon: 09[CFG] received stroke: add connection 'home'

Feb  9 14:53:42 pin1212a00 charon: 09[CFG] left nor right host is our side, assuming left=local

Feb  9 14:53:42 pin1212a00 charon: 09[CFG] added configuration 'home'

</pre>

h3. IKEv2 Exchanges 

Due to auto=start the IKEv2 negotiation automatically initiates the IKE_SA_INIT exchange

<pre>

Feb  9 14:53:48 pin1212a00 charon: 07[CFG] received stroke: initiate 'home'

Feb  9 14:53:48 pin1212a00 charon: 12[IKE] initiating IKE_SA home[1] to 192.168.0.1

Feb  9 14:53:48 pin1212a00 charon: 12[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]

Feb  9 14:53:48 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[500] to 192.168.0.1[500]

Feb  9 14:53:48 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[500] to 192.168.0.254[500]

Feb  9 14:53:48 pin1212a00 charon: 13[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]

</pre>

followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[IKE] establishing CHILD_SA home

Feb  9 14:53:48 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]

Feb  9 14:53:48 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 14[IKE] server requested EAP_TTLS authentication (id 0x0A)

Feb  9 14:53:48 pin1212a00 charon: 14[TLS] EAP_TTLS version is v0

Feb  9 14:53:48 pin1212a00 charon: 14[IKE] allow mutual EAP-only authentication

</pre>

h3. IKEv2 EAP-TTLS Tunnel

The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 2 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 15[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 11[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

Feb  9 14:53:48 pin1212a00 charon: 11[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb  9 14:53:48 pin1212a00 charon: 11[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   crl is valid: until Mar 09 10:28:34 2012

Feb  9 14:53:48 pin1212a00 charon: 11[CFG] certificate status is good

Feb  9 14:53:48 pin1212a00 charon: 11[CFG]   reached self-signed root ca with a path length of 0

Feb  9 14:53:48 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-Identity

Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity

<pre>

Feb  9 14:53:48 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 08[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]

Feb  9 14:53:48 pin1212a00 charon: 08[IKE] server requested EAP_IDENTITY authentication (id 0x00)

Feb  9 14:53:48 pin1212a00 charon: 08[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]

Feb  9 14:53:48 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-MD5 Client Authentication

Next follows an EAP-MD5 client authentication

<pre>

Feb  9 14:53:48 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]

Feb  9 14:53:48 pin1212a00 charon: 09[IKE] server requested EAP_MD5 authentication (id 0x29)

Feb  9 14:53:48 pin1212a00 charon: 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]

Feb  9 14:53:48 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-TNC Transport

Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 10[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 10[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 10[IKE] server requested EAP_TNC authentication (id 0xC5)

Feb  9 14:53:48 pin1212a00 charon: 10[TLS] EAP_TNC version is v1

</pre>

h2. PB-TNC/IF-TNCCS 2.0 Connection

A new TNCCS connection is instantiated on the TNC client and its IF-TNCCS 2.0 state machine is set to the Init state.

!IF-TNCCS-20-State-Diagram.png!

A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch is prepared and a PB-Language-Preference message for Englisch (en) is added: 

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] assigned TNCCS Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] creating PB-TNC CDATA batch

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] adding PB-Language-Preference message

</pre>

An instance of the Attestation PTS-IMC is created which in a first step determines the client operating systen

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[PTS] platform is 'Ubuntu 11.04 i686'

</pre>

and then loads the AIK certificate and the matching AIK private key, the latter in the form of a TPM-encrypted binary blob

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[PTS] loaded AIK certificate from '/home/seclab/privacyca/AIK_Cert.der'

Feb  9 14:53:48 pin1212a00 charon: 10[PTS] loaded AIK Blob from '/home/seclab/privacyca/AIK_Blob.bin'

Feb  9 14:53:48 pin1212a00 charon: 10[PTS] AIK Blob: => 559 bytes @ 0x9136e08

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]    0: 01 01 00 00 00 12 00 00 00 04 00 00 00 00 01 00  ................

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   16: 01 00 02 00 00 00 0C 00 00 08 00 00 00 00 02 00  ................

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   32: 00 00 00 00 00 00 00 00 00 01 00 81 E3 38 7C 4D  .............8|M

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   48: 46 70 CB D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71  Fp..3b8P...(V.nq

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   64: CF AA E3 C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB  ....1...Sj..T.|.

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   80: 00 98 80 D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67  ....}.W..$.YH..g

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]   96: 30 87 4F D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0  0.O.Y......'..W.

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  112: FE 1F AB EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D  .............tM=

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  128: B5 98 6D 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F  ..mW"t..A|.h.../

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  144: 57 54 CA 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC  WT.J..=37...oP..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  160: C2 D3 83 F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51  ....K..f..z....Q

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  176: 55 A2 8A AB F4 85 09 74 24 64 03 DD 65 1C 26 2F  U......t$d..e.&/

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  192: 35 08 BF 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E  5..W.(...[...lC~

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  208: DE D3 93 F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94  ......6.1..B.z..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  224: 93 9C 8F BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D  ....m.f.0...DM.m

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  240: 35 64 A6 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD  5d.......V.(;&..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  256: 6F 7F AD 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5  o..Eh<.}8..._v..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  272: 5E 8A 4B C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70  ^.K.+..'..<....p

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  288: CC D6 EF 57 F3 EF 37 A2 E6 B5 49 00 00 01 00 4C  ...W..7...I....L

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  304: DA 76 65 D0 54 8C F9 E8 B6 C4 9E 26 37 70 B4 45  .ve.T......&7p.E

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  320: C0 42 E0 A3 7A 3E 9D 57 96 B0 C8 68 DE 6A 84 76  .B..z>.W...h.j.v

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  336: 9A 9A E3 F9 D7 44 AB E0 A2 4B D2 3E 44 BD D9 92  .....D...K.>D...

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  352: 53 AF 6A 04 26 56 04 FC F9 43 D0 68 E3 63 AD 7B  S.j.&V...C.h.c.{

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  368: 5C A2 50 B8 BA A2 F0 53 8C 8B 3A 67 35 49 CA E4  \.P....S..:g5I..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  384: 35 A3 35 4B E7 31 D0 25 10 D4 6A B9 17 32 F9 53  5.5K.1.%..j..2.S

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  400: 22 E9 13 9D 13 E9 0D F0 59 55 33 36 5C A5 28 FB  ".......YU36\.(.

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  416: 86 88 69 69 F0 93 6F 4B 62 76 B0 0E 64 E9 69 2D  ..ii..oKbv..d.i-

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  432: 7D 9E 9E ED E1 1E 62 4C 63 AA D8 FD 87 86 77 3C  }.....bLc.....w<

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  448: C1 04 E8 63 81 54 FE 75 82 D8 36 96 67 6A D1 18  ...c.T.u..6.gj..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  464: 78 6C 7D 7B 8C BB 28 A0 AC 84 D8 7B 7E D0 55 38  xl}{..(....{~.U8

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  480: 80 64 4C 3A 38 E0 B0 1A FE A7 C8 C3 A1 F9 21 A5  .dL:8.........!.

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  496: D1 6F DE C4 CE 0B 62 D6 39 DA A4 35 45 B3 B6 D2  .o....b.9..5E...

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  512: D4 73 0B 82 28 B5 C1 79 88 85 D8 7D 54 38 E0 DA  .s..(..y...}T8..

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  528: 57 2C 57 C1 34 4D 26 B8 9F A3 81 5B 4A 98 E5 E6  W,W.4M&....[J...

Feb  9 14:53:48 pin1212a00 charon: 10[PTS]  544: 89 94 25 A0 3F 9F 5A 3E CF A3 9A 0B 55 74 02     ..%.?.Z>....Ut.

Feb  9 14:53:48 pin1212a00 charon: 10[IMC] IMC 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1

</pre> 

Via the IF-IMC interface the PTS-IMC receives a 'Handshake' state change from the TNC client 

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Handshake'

</pre>

The PTS-IMC generates a PA-TNC message of type TCG/PTS targeted at the remote PTS-IMV, containing a single PA-TNC attribute of type 'IETF/Product Information' with the client operating system information:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] creating PA-TNC message with ID 0xf6c4bd2b

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] => 22 bytes @ 0x91322a0

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]    0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30  .....Ubuntu 11.0

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   16: 34 20 69 36 38 36                                4 i686

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] adding PB-PA message

</pre>

The PA-TNC message is received by the TNC client via the IF-IMC SendMessage call and is inserted together with the

PB-Language-Preference message into the PB-TNC CDATA batch which is then sent via the IKEv2 EAP-TTLS tunnel to the TNC server.

<pre>

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] PB-TNC state transition from 'Init' to 'Server Working'

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] sending PB-TNC CDATA batch (105 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 10[TNC] => 105 bytes @ 0x9137040

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]    0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06  .......i........

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75  ....Accept-Langu

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00  age: en.........

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01  ..B..U..........

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   64: 00 00 00 F6 C4 BD 2B 00 00 00 00 00 00 00 02 00  ......+.........

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31  ..".....Ubuntu 1

Feb  9 14:53:48 pin1212a00 charon: 10[TNC]   96: 31 2E 30 34 20 69 36 38 36                       1.04 i686

Feb  9 14:53:48 pin1212a00 charon: 10[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb  9 14:53:48 pin1212a00 charon: 10[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 10[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. PTS Capability Discovery

As a response a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch is received from the TNC server

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] received TNCCS batch (72 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 72 bytes @ 0x9131442

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01  .......H........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01  ...@..U.........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 4B 21 AF FF 80 00 55 97 01 00 00 00  ....K!....U.....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00  ..........U.....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   64: 00 00 00 10 00 00 80 00                          ........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch

</pre>

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-PA message (64 bytes)

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message transferred via the IF-IMC interface to the PTS-IMC contains two PA-TNC attributes from the TCG/PTS namespace:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0x4b21afff

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9135bdc

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 00 00 00 0E                                      ....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9135bec

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 00 00 80 00                                      ....

</pre>

namely the requests 'Request PTS Protocol Capabilities' and 'PTS Measurement Algorithm Request'. The PTS-IMV supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities and the PTS-IMC does as well.

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] supported PTS protocol capabilities: .VDT.

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] selected PTS measurement algorithm is HASH_SHA1

</pre>

The PTS-IMV proposes SHA-1 only for the PTS measurement algorithm which is accepted by the PTS-IMC. These two selections are sent back to the PTS-IMV in a PA-TNC message containing the TCG attributes 'PTS Protocol Capabilities' and 'PTS Measurement Algorithm":

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC message with ID 0x349421bb

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9136df8

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 00 00 00 0E                                      ....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x91314e0

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 00 00 80 00                                      ....

</pre>

This PA-TNC message is sent as a PB-PA payload in a PB-TNC CDATA batch to the TNC server:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] creating PB-TNC CDATA batch

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] adding PB-PA message

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] sending PB-TNC CDATA batch (72 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 72 bytes @ 0x9135b58

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01  .......H........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF  ...@..U.........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 34 94 21 BB 00 00 55 97 02 00 00 00  ....4.!...U.....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00  ..........U.....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   64: 00 00 00 10 00 00 80 00                          ........

Feb  9 14:53:48 pin1212a00 charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb  9 14:53:48 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. DH Nonce Parameters

The next PB-TNC SDATA batch is received:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 13[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] received TNCCS batch (56 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] => 56 bytes @ 0x9135bd2

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]    0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01  .......8........

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01  ...0..U.........

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   32: 01 00 00 00 BD 1F 9F 28 80 00 55 97 03 00 00 00  .......(..U.....

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   48: 00 00 00 10 00 00 F0 00                          ........

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] processing PB-TNC SDATA batch

</pre>

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] processing PB-PA message (48 bytes)

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message contains a 'DH Nonce Parameters Request' from the TCG namespace

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] processing PA-TNC message with ID 0xbd1f9f28

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] => 4 bytes @ 0x9135fc4

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]    0: 00 00 F0 00                                      ....

</pre>

and offers the set of IKE DH groups {2, 5, 14, 19} from which the PTS-IMC selects ECP_256 (group 14).

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[PTS] selected PTS DH group is ECP_256

Feb  9 14:53:48 pin1212a00 charon: 13[PTS] nonce length is 20

</pre>

The PTS-IMC also returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] creating PA-TNC message with ID 0x144b8472

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] => 92 bytes @ 0x9132b50

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]    0: 00 00 00 14 10 00 E0 00 B9 FD DB 13 D2 BE 4E BA  ..............N.

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   16: E2 FF 33 25 CD A0 C8 79 AE 1A 51 D8 91 D3 11 77  ..3%...y..Q....w

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   32: 82 E6 F0 31 67 A7 5C EB 76 E5 BD 3E E8 62 A8 F6  ...1g.\.v..>.b..

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   48: D7 2B 58 3B 1F F4 79 9D E9 DB 99 6A F0 A8 3E 0C  .+X;..y....j..>.

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   64: 83 1B 6E 36 F7 93 7C CE 75 04 90 D7 DB 73 5F C8  ..n6..|.u....s_.

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   80: 74 F4 FF B3 64 CF 82 90 2A 32 EA C8              t...d...*2..

</pre>

This PA-TNC message is carried in a PB-PA message encapsulated in a PB-TNC CDATA batch:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] creating PB-TNC CDATA batch

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] adding PB-PA message

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] sending PB-TNC CDATA batch (144 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 13[TNC] => 144 bytes @ 0x9132de0

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]    0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01  ................

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   32: 01 00 00 00 14 4B 84 72 00 00 55 97 04 00 00 00  .....K.r..U.....

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   48: 00 00 00 68 00 00 00 14 10 00 E0 00 B9 FD DB 13  ...h............

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   64: D2 BE 4E BA E2 FF 33 25 CD A0 C8 79 AE 1A 51 D8  ..N...3%...y..Q.

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   80: 91 D3 11 77 82 E6 F0 31 67 A7 5C EB 76 E5 BD 3E  ...w...1g.\.v..>

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]   96: E8 62 A8 F6 D7 2B 58 3B 1F F4 79 9D E9 DB 99 6A  .b...+X;..y....j

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]  112: F0 A8 3E 0C 83 1B 6E 36 F7 93 7C CE 75 04 90 D7  ..>...n6..|.u...

Feb  9 14:53:48 pin1212a00 charon: 13[TNC]  128: DB 73 5F C8 74 F4 FF B3 64 CF 82 90 2A 32 EA C8  .s_.t...d...*2..

Feb  9 14:53:48 pin1212a00 charon: 13[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb  9 14:53:48 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. DH Nonce Finish and TPM Version/AIK Info

The next PB-TNC SDATA batch is received:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] received TNCCS batch (172 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 172 bytes @ 0x9138a1a

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01  ................

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 7B 50 C7 13 80 00 55 97 05 00 00 00  ....{P....U.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   48: 00 00 00 64 00 14 80 00 3B FF C4 8E 14 94 F3 24  ...d....;......$

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   64: 19 1B A7 7B 7D FB 99 CE 06 96 CD AC 23 D3 17 57  ...{}.......#..W

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   80: 50 20 20 22 85 9C BA 47 CF C6 F0 13 AD 40 38 4B  P  "...G.....@8K

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   96: AA 99 1D 6B 2A C0 0E 20 93 49 29 86 FE 22 FC B9  ...k*.. .I).."..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  112: 10 B3 87 97 53 AD 1A 9E 7D 9E 5C A0 75 4E D5 9E  ....S...}.\.uN..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  128: 92 FE A4 8D 4F 34 D3 1B 4D 04 9D 12 80 00 55 97  ....O4..M.....U.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97  ..............U.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  160: 0D 00 00 00 00 00 00 10 00 00 00 00              ............

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PB-TNC SDATA batch

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PB-PA message (164 bytes)

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

containing a PA-TNC message with the 'DH Nonce Finish', 'Get TPM Version Information' and 'Get Attestation Identity Key'

attributes from the TCG namespace:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC message with ID 0x7b50c713

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 88 bytes @ 0x9137fdc

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 00 14 80 00 3B FF C4 8E 14 94 F3 24 19 1B A7 7B  ....;......$...{

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   16: 7D FB 99 CE 06 96 CD AC 23 D3 17 57 50 20 20 22  }.......#..WP  "

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   32: 85 9C BA 47 CF C6 F0 13 AD 40 38 4B AA 99 1D 6B  ...G.....@8K...k

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   48: 2A C0 0E 20 93 49 29 86 FE 22 FC B9 10 B3 87 97  *.. .I).."......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   64: 53 AD 1A 9E 7D 9E 5C A0 75 4E D5 9E 92 FE A4 8D  S...}.\.uN......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   80: 4F 34 D3 1B 4D 04 9D 12                          O4..M...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 4 bytes @ 0x9138040

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 00 00 00 00                                      ....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 4 bytes @ 0x9138050

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 00 00 00 00                                      ....

</pre>

The PTS-IMV reports that it selected SHA-1 as the DH hash algorithm and provides its 20 byte nonce and 32 byte public DH factor

so that the share DH secret can be computed:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] selected DH hash algorithm is HASH_SHA1

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] initiator nonce: => 20 bytes @ 0x9138668

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]    0: 7D 9E 5C A0 75 4E D5 9E 92 FE A4 8D 4F 34 D3 1B  }.\.uN......O4..

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]   16: 4D 04 9D 12                                      M...

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] responder nonce: => 20 bytes @ 0x91370d8

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]    0: B9 FD DB 13 D2 BE 4E BA E2 FF 33 25 CD A0 C8 79  ......N...3%...y

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]   16: AE 1A 51 D8                                      ..Q.

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] shared DH secret: => 32 bytes @ 0x9138ad0

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]    0: 17 DE 46 03 F0 0F 07 4F E4 E5 07 1B A5 0C 35 36  ..F....O......56

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]   16: F6 6B 7B EA A4 AF 4A E8 E2 BD 5E 19 C6 F5 AA 73  .k{...J...^....s

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] secret assessment value: => 20 bytes @ 0x9138250

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]    0: CE 50 79 31 50 D6 FC 62 0F 99 D3 B8 C6 42 D0 B1  .Py1P..b.....B..

Feb  9 14:53:48 pin1212a00 charon: 14[PTS]   16: 6E 06 C0 FB                                      n...

</pre>

Answering the 'Get TPM Version Information' request, the following TPM version info is returned in binary form:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[PTS] TPM 1.2 Version Info: Chip Version: 1.2.3.17, Spec Level: 2, Errata Rev: 2, Vendor ID: IFX

</pre>

Besides the 'TPM Version Information' attribute, also the 'Attestation Identity Key' is included in the PA-TNC message to be forwarded to the PTS-IMV:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC message with ID 0x9a1a8df2

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/TPM Version Information' 0x005597/0x09000000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 20 bytes @ 0x9138038

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 00 30 01 02 03 11 00 02 02 49 46 58 00 00 05 03  .0.......IFX....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   16: 11 00 08 00                                      ....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/Attestation Identity Key' 0x005597/0x0e000000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 1167 bytes @ 0x91398c8

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 00 30 82 04 8A 30 82 03 72 A0 03 02 01 02 02 10  .0...0..r.......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   16: 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C9 1B 24 28  3U.....Gxt....$(

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   32: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30  0...*.H........0

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   48: 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76  P1.0...U....priv

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   64: 61 63 79 63 61 2E 63 6F 6D 31 36 30 34 06 03 55  acyca.com1604..U

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   80: 04 03 13 2D 50 72 69 76 61 63 79 20 43 41 20 49  ...-Privacy CA I

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   96: 6E 73 65 63 75 72 65 2F 55 6E 63 68 65 63 6B 65  nsecure/Unchecke

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  112: 64 20 41 49 4B 20 43 65 72 74 69 66 69 63 61 74  d AIK Certificat

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  128: 65 30 1E 17 0D 31 32 30 32 30 38 31 30 34 31 32  e0...12020810412

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  144: 30 5A 17 0D 31 33 30 32 30 38 31 30 34 31 32 30  0Z..130208104120

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  160: 5A 30 00 30 82 01 22 30 0D 06 09 2A 86 48 86 F7  Z0.0.."0...*.H..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  176: 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02  ...........0....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  192: 82 01 01 00 81 E3 38 7C 4D 46 70 CB D5 33 62 38  ......8|MFp..3b8

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  208: 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 C8 31 BD F6  P...(V.nq....1..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  224: FE 53 6A ED C8 54 0E 7C FB 00 98 80 D6 7D C7 57  .Sj..T.|.....}.W

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  240: D4 EC 24 93 59 48 1F DA 67 30 87 4F D3 59 B2 CA  ..$.YH..g0.O.Y..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  256: A8 9D CE C9 27 9A 03 57 C0 FE 1F AB EE E5 C2 A8  ....'..W........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  272: C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 57 22 74 02  ......tM=..mW"t.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  288: F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA 4A FB D6 3D  .A|.h.../WT.J..=

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  304: 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 F1 4B 01 FD  37...oP......K..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  320: 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A AB F4 85 09  f..z....QU......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  336: 74 24 64 03 DD 65 1C 26 2F 35 08 BF 57 D9 28 DA  t$d..e.&/5..W.(.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  352: D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 F4 D5 D7 36  ..[...lC~......6

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  368: 1E 31 9A A8 42 10 7A F5 94 93 9C 8F BD 6D BC 66  .1..B.z......m.f

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  384: 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 08 EB D2 A6  .0...DM.m5d.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  400: 99 18 56 01 28 3B 26 94 FD 6F 7F AD 45 68 3C 8A  ..V.(;&..o..Eh<.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  416: 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B C2 2B 19 8A  }8..._v..^.K.+..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  432: 27 D9 80 3C C8 13 01 11 70 CC D6 EF 57 F3 EF 37  '..<....p...W..7

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  448: A2 E6 B5 49 02 03 01 00 01 A3 82 01 AE 30 82 01  ...I.........0..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  464: AA 30 37 06 03 55 1D 09 04 30 30 2E 30 16 06 05  .07..U...00.0...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  480: 67 81 05 02 10 31 0D 30 0B 0C 03 31 2E 31 02 01  g....1.0...1.1..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  496: 02 02 01 01 30 14 06 05 67 81 05 02 12 31 0B 30  ....0...g....1.0

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  512: 09 80 01 00 81 01 00 82 01 02 30 5D 06 03 55 1D  ..........0]..U.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  528: 11 01 01 FF 04 53 30 51 A4 42 30 40 31 16 30 14  .....S0Q.B0@1.0.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  544: 06 05 67 81 05 02 01 0C 0B 69 64 3A 30 30 30 30  ..g......id:0000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  560: 30 30 30 30 31 12 30 10 06 05 67 81 05 02 02 0C  00001.0...g.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  576: 07 55 6E 6B 6E 6F 77 6E 31 12 30 10 06 05 67 81  .Unknown1.0...g.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  592: 05 02 03 0C 07 69 64 3A 30 30 30 30 A0 0B 06 05  .....id:0000....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  608: 67 81 05 02 0F A0 02 0C 00 30 0C 06 03 55 1D 13  g........0...U..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  624: 01 01 FF 04 02 30 00 30 81 E0 06 03 55 1D 20 01  .....0.0....U. .

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  640: 01 FF 04 81 D5 30 81 D2 30 67 06 0A 2B 06 01 04  .....0..0g..+...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  656: 01 81 E3 42 01 10 30 59 30 29 06 08 2B 06 01 05  ...B..0Y0)..+...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  672: 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 77  ......http://www

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  688: 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F 63  .privacyca.com/c

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  704: 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 30  ps/0,..+.......0

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  720: 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 20   ..TCPA Trusted 

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  736: 50 6C 61 74 66 6F 72 6D 20 49 64 65 6E 74 69 74  Platform Identit

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  752: 79 30 67 06 04 55 1D 20 00 30 5F 30 25 06 08 2B  y0g..U. .0_0%..+

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  768: 06 01 05 05 07 02 01 16 19 68 74 74 70 3A 2F 2F  .........http://

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  784: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F  www.privacyca.co

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  800: 6D 2F 30 36 06 08 2B 06 01 05 05 07 02 02 30 2A  m/06..+.......0*

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  816: 0C 28 54 43 50 41 20 54 72 75 73 74 65 64 20 50  .(TCPA Trusted P

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  832: 6C 61 74 66 6F 72 6D 20 4D 6F 64 75 6C 65 20 45  latform Module E

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  848: 6E 64 6F 72 73 65 6D 65 6E 74 30 1F 06 03 55 1D  ndorsement0...U.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  864: 23 04 18 30 16 80 14 B0 E5 97 E0 9B 23 75 B1 FD  #..0........#u..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  880: BF 01 5E 72 BA 36 D4 48 32 A0 33 30 0D 06 09 2A  ..^r.6.H2.30...*

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  896: 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 1D  .H..............

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  912: 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A 01 7F 59 8D  x7..7....=....Y.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  928: 24 A8 74 81 C9 79 A2 63 45 2C 04 0C B4 CD 7F B9  $.t..y.cE,......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  944: 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 B7 2A 8A 74  B..gg.E...~B.*.t

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  960: 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA 49 8C 7B 12  .....w......I.{.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  976: 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 20 F9 17 8A  `U........;t ...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  992: 0F 47 2D 3C DB C4 05 67 3C F0 E0 33 A6 3C C5 0E  .G-<...g<..3.<..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1008: C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A 7A 6B 84 BA  ...n.j.;.;u.zk..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1024: 4A 69 6E AF 59 54 89 4A E5 07 D7 51 33 B9 9E AE  Jin.YT.J...Q3...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1040: F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A DC 8D 55 46  .L..6...R..j..UF

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1056: E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA 26 58 2F D2  .....I.C..E.&X/.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1072: E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC CE 75 EA 92  .l........]..u..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1088: 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99 0B C5 9F 45  =..5..<........E

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1104: 75 00 23 5F C5 B9 AB 73 D8 57 39 80 AE 6D 58 98  u.#_...s.W9..mX.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1120: CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 6C 8F 25 23  ..)k....xq..l.%#

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1136: AD A4 C5 FB 70 56 46 84 39 45 01 E9 F9 83 7D DC  ....pVF.9E....}.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1152: 5F D9 BB BF B1 08 2A 55 94 D6 0F 76 BD 73 EE     _.....*U...v.s.

</pre>

The TNC client packs this large PA-TNC message into an outgoing PB-TNC CDATA batch:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] creating PB-TNC CDATA batch

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] adding PB-PA message

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] sending PB-TNC CDATA batch (1251 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] => 1251 bytes @ 0x9139e20

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]    0: 02 00 00 01 00 00 04 E3 80 00 00 00 00 00 00 01  ................

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   16: 00 00 04 DB 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 9A 1A 8D F2 00 00 55 97 09 00 00 00  ..........U.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   48: 00 00 00 20 00 30 01 02 03 11 00 02 02 49 46 58  ... .0.......IFX

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00  ..........U.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   80: 00 00 04 9B 00 30 82 04 8A 30 82 03 72 A0 03 02  .....0...0..r...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]   96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5  ....3U.....Gxt..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01  ..$(0...*.H.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D  ...0P1.0...U....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 30  privacyca.com160

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  160: 34 06 03 55 04 03 13 2D 50 72 69 76 61 63 79 20  4..U...-Privacy 

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68  CA Insecure/Unch

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  192: 65 63 6B 65 64 20 41 49 4B 20 43 65 72 74 69 66  ecked AIK Certif

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  208: 69 63 61 74 65 30 1E 17 0D 31 32 30 32 30 38 31  icate0...1202081

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  224: 30 34 31 32 30 5A 17 0D 31 33 30 32 30 38 31 30  04120Z..13020810

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A  4120Z0.0.."0...*

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  256: 86 48 86 F7 0D 01 01 01 05 00 03 82 01 0F 00 30  .H.............0

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  272: 82 01 0A 02 82 01 01 00 81 E3 38 7C 4D 46 70 CB  ..........8|MFp.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  288: D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71 CF AA E3  .3b8P...(V.nq...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  304: C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB 00 98 80  .1...Sj..T.|....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  320: D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 30 87 4F  .}.W..$.YH..g0.O

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  336: D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0 FE 1F AB  .Y......'..W....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  352: EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D  ..........tM=..m

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  368: 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA  W"t..A|.h.../WT.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  384: 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC C2 D3 83  J..=37...oP.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  400: F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A  .K..f..z....QU..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  416: AB F4 85 09 74 24 64 03 DD 65 1C 26 2F 35 08 BF  ....t$d..e.&/5..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  432: 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E DE D3 93  W.(...[...lC~...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  448: F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94 93 9C 8F  ...6.1..B.z.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  464: BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6  .m.f.0...DM.m5d.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  480: 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD 6F 7F AD  ......V.(;&..o..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  496: 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B  Eh<.}8..._v..^.K

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  512: C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70 CC D6 EF  .+..'..<....p...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  528: 57 F3 EF 37 A2 E6 B5 49 02 03 01 00 01 A3 82 01  W..7...I........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  544: AE 30 82 01 AA 30 37 06 03 55 1D 09 04 30 30 2E  .0...07..U...00.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  560: 30 16 06 05 67 81 05 02 10 31 0D 30 0B 0C 03 31  0...g....1.0...1

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  576: 2E 31 02 01 02 02 01 01 30 14 06 05 67 81 05 02  .1......0...g...

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  592: 12 31 0B 30 09 80 01 00 81 01 00 82 01 02 30 5D  .1.0..........0]

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  608: 06 03 55 1D 11 01 01 FF 04 53 30 51 A4 42 30 40  ..U......S0Q.B0@

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  624: 31 16 30 14 06 05 67 81 05 02 01 0C 0B 69 64 3A  1.0...g......id:

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  640: 30 30 30 30 30 30 30 30 31 12 30 10 06 05 67 81  000000001.0...g.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  656: 05 02 02 0C 07 55 6E 6B 6E 6F 77 6E 31 12 30 10  .....Unknown1.0.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  672: 06 05 67 81 05 02 03 0C 07 69 64 3A 30 30 30 30  ..g......id:0000

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  688: A0 0B 06 05 67 81 05 02 0F A0 02 0C 00 30 0C 06  ....g........0..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  704: 03 55 1D 13 01 01 FF 04 02 30 00 30 81 E0 06 03  .U.......0.0....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  720: 55 1D 20 01 01 FF 04 81 D5 30 81 D2 30 67 06 0A  U. ......0..0g..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  736: 2B 06 01 04 01 81 E3 42 01 10 30 59 30 29 06 08  +......B..0Y0)..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  752: 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 3A 2F  +.........http:/

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  768: 2F 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63  /www.privacyca.c

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  784: 6F 6D 2F 63 70 73 2F 30 2C 06 08 2B 06 01 05 05  om/cps/0,..+....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  800: 07 02 02 30 20 0C 1E 54 43 50 41 20 54 72 75 73  ...0 ..TCPA Trus

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  816: 74 65 64 20 50 6C 61 74 66 6F 72 6D 20 49 64 65  ted Platform Ide

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  832: 6E 74 69 74 79 30 67 06 04 55 1D 20 00 30 5F 30  ntity0g..U. .0_0

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  848: 25 06 08 2B 06 01 05 05 07 02 01 16 19 68 74 74  %..+.........htt

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  864: 70 3A 2F 2F 77 77 77 2E 70 72 69 76 61 63 79 63  p://www.privacyc

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  880: 61 2E 63 6F 6D 2F 30 36 06 08 2B 06 01 05 05 07  a.com/06..+.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  896: 02 02 30 2A 0C 28 54 43 50 41 20 54 72 75 73 74  ..0*.(TCPA Trust

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  912: 65 64 20 50 6C 61 74 66 6F 72 6D 20 4D 6F 64 75  ed Platform Modu

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  928: 6C 65 20 45 6E 64 6F 72 73 65 6D 65 6E 74 30 1F  le Endorsement0.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  944: 06 03 55 1D 23 04 18 30 16 80 14 B0 E5 97 E0 9B  ..U.#..0........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  960: 23 75 B1 FD BF 01 5E 72 BA 36 D4 48 32 A0 33 30  #u....^r.6.H2.30

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  976: 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82  ...*.H..........

Feb  9 14:53:48 pin1212a00 charon: 14[TNC]  992: 01 01 00 1D 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A  ....x7..7....=..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1008: 01 7F 59 8D 24 A8 74 81 C9 79 A2 63 45 2C 04 0C  ..Y.$.t..y.cE,..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1024: B4 CD 7F B9 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42  ....B..gg.E...~B

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1040: B7 2A 8A 74 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA  .*.t.....w......

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1056: 49 8C 7B 12 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74  I.{.`U........;t

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1072: 20 F9 17 8A 0F 47 2D 3C DB C4 05 67 3C F0 E0 33   ....G-<...g<..3

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1088: A6 3C C5 0E C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A  .<.....n.j.;.;u.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1104: 7A 6B 84 BA 4A 69 6E AF 59 54 89 4A E5 07 D7 51  zk..Jin.YT.J...Q

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1120: 33 B9 9E AE F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A  3....L..6...R..j

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1136: DC 8D 55 46 E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA  ..UF.....I.C..E.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1152: 26 58 2F D2 E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC  &X/..l........].

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1168: CE 75 EA 92 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99  .u..=..5..<.....

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1184: 0B C5 9F 45 75 00 23 5F C5 B9 AB 73 D8 57 39 80  ...Eu.#_...s.W9.

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1200: AE 6D 58 98 CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0  .mX...)k....xq..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1216: 6C 8F 25 23 AD A4 C5 FB 70 56 46 84 39 45 01 E9  l.%#....pVF.9E..

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1232: F9 83 7D DC 5F D9 BB BF B1 08 2A 55 94 D6 0F 76  ..}._.....*U...v

Feb  9 14:53:48 pin1212a00 charon: 14[TNC] 1248: BD 73 EE                                         .s.

Feb  9 14:53:48 pin1212a00 charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb  9 14:53:48 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. File Metadata and Measurement

This PB-TNC CDATA batch contains file metadata and measurement requests:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 15[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 15[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 15[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] received TNCCS batch (263 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 263 bytes @ 0x9137b82

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 02 80 00 02 00 00 01 07 80 00 00 00 00 00 00 01  ................

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 00 00 00 FF 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 BE 57 A3 36 80 00 55 97 00 70 00 00  .....W.6..U..p..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   48: 00 00 00 1F 00 2F 00 00 2F 65 74 63 2F 74 6E 63  ...../../etc/tnc

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   64: 5F 63 6F 6E 66 69 67 80 00 55 97 00 C0 00 00 00  _config..U......

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   80: 00 00 32 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F  ..2.......//lib/

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   96: 69 33 38 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C  i386-linux-gnu/l

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  112: 69 62 64 6C 2E 73 6F 2E 32 80 00 55 97 00 C0 00  ibdl.so.2..U....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  128: 00 00 00 00 22 00 00 00 02 00 00 00 2F 2F 73 62  ....".......//sb

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  144: 69 6E 2F 69 70 74 61 62 6C 65 73 80 00 55 97 00  in/iptables..U..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  160: C0 00 00 00 00 00 28 00 00 00 03 00 00 00 2F 2F  ......(.......//

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  176: 6C 69 62 2F 6C 69 62 78 74 61 62 6C 65 73 2E 73  lib/libxtables.s

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  192: 6F 2E 35 80 00 55 97 00 C0 00 00 00 00 00 21 80  o.5..U........!.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  208: 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61 62  ......//lib/xtab

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  224: 6C 65 73 2F 80 00 55 97 00 C0 00 00 00 00 00 23  les/..U........#

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  240: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  256: 36 74 61 62 6C 65 73                             6tables

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PB-TNC SDATA batch

</pre>

Again the PTS-IMC is subscribed to this PB-PA message type:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PB-PA message (255 bytes)

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message consists of one 'Request File Metadata' and five 'Request File Measurement' attributes:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC message with ID 0xbe57a336

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Metadata' 0x005597/0x00700000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 19 bytes @ 0x9138714

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 2F 00 00 2F 65 74 63 2F 74 6E 63 5F 63 6F 6E  ./../etc/tnc_con

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 66 69 67                                         fig

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 38 bytes @ 0x9138733

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F 69 33 38  .......//lib/i38

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C 69 62 64  6-linux-gnu/libd

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 6C 2E 73 6F 2E 32                                l.so.2

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 22 bytes @ 0x9138765

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 02 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 74 61 62 6C 65 73                                tables

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 28 bytes @ 0x9138787

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 03 00 00 00 2F 2F 6C 69 62 2F 6C 69 62  .......//lib/lib

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 78 74 61 62 6C 65 73 2E 73 6F 2E 35              xtables.so.5

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 21 bytes @ 0x91387af

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 80 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61  .......//lib/xta

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 62 6C 65 73 2F                                   bles/

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 23 bytes @ 0x91387d0

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 36 74 61 62 6C 65 73                             6tables

</pre>

The metadata for /etc/tnc_config is retrieved and the SHA-1 hash values for the four file measurement requests are computed.

Measurement request 4 is for the contents of a directory which generates quite some work.

<pre>

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] metadata request for file '/etc/tnc_config'

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 1 for file '/lib/i386-linux-gnu/libdl.so.2'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   40:9b:b1:a9:7e:26:ea:11:44:cd:d6:80:1b:81:59:f1:7f:37:6b:8f for 'libdl.so.2'

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 2 for file '/sbin/iptables'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   ff:6d:ec:a0:ee:b7:a2:57:20:5c:5f:0a:b5:f5:d8:21:ea:18:40:98 for 'iptables'

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 3 for file '/lib/libxtables.so.5'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   7a:3c:a7:21:58:e6:0b:0c:91:e4:8a:42:08:48:f1:b6:93:ae:a2:6c for 'libxtables.so.5'

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 4 for directory '/lib/xtables/'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   18:36:41:80:9a:27:b0:8f:fe:59:c1:38:8c:da:6c:41:4b:dc:e6:d6 for 'libxt_tos.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   47:52:53:2c:b9:41:a1:fd:98:11:4c:2f:99:9e:b6:16:98:bd:df:35 for 'libip6t_eui64.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   ee:9b:c9:37:a8:db:06:d4:ba:a2:14:7b:47:8e:ac:af:fe:8c:c8:f7 for 'libipt_realm.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   32:d4:43:76:1a:af:13:ef:8b:3c:d7:86:9a:f9:0b:57:a7:44:58:25 for 'libxt_connlimit.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   20:cf:56:e5:ce:52:11:72:29:f5:5e:1e:ad:52:31:a7:66:b2:dd:5c for 'libxt_hashlimit.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19 for 'libxt_mark.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   dd:7b:c0:9b:d9:94:25:a1:e3:6b:69:a1:19:60:a9:00:37:e2:98:79 for 'libxt_TOS.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   fc:ca:5d:a6:7d:11:c7:ad:fd:f8:49:88:b0:96:b0:20:f9:0e:77:8a for 'libip6t_rt.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   24:15:12:c0:4d:81:6c:c8:91:10:f1:c0:fd:ab:39:d4:97:ad:9f:1b for 'libxt_TPROXY.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   44:92:7e:1b:2d:34:c5:d9:45:b8:13:33:8c:ca:41:98:3c:be:20:f7 for 'libxt_dscp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   f2:b9:91:45:6c:6b:6e:55:04:03:d4:66:5c:13:d6:c2:3e:a9:f4:a3 for 'libxt_SET.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   2d:0d:d5:0b:f5:10:78:05:b7:f9:35:c7:2f:94:c9:ba:a2:01:22:b0 for 'libxt_quota.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   b5:99:55:3b:bd:35:be:b4:f9:93:90:33:f4:4b:65:3d:ad:ba:5e:9c for 'libxt_statistic.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   9f:b6:70:dc:86:7c:58:b5:83:ef:59:a0:c8:1b:56:35:1d:6b:2c:4b for 'libxt_IDLETIMER.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   6c:0b:2d:f4:fc:4c:91:22:b5:76:2a:e1:40:d5:3f:dd:1c:f9:e8:9b for 'libxt_conntrack.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   3d:c5:69:0b:31:f0:69:93:3c:cc:14:e4:3f:7c:09:da:a3:e0:09:8d for 'libxt_mac.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   f7:d6:a5:d8:5a:32:98:d2:1c:ec:71:37:d9:47:da:90:c4:55:e4:6b for 'libxt_rateest.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   d0:27:a6:aa:de:8b:34:d2:72:d5:f2:23:5d:81:78:83:90:40:48:13 for 'libxt_DSCP.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   af:75:74:c5:d6:74:4d:fa:2e:2d:8c:d0:c4:f4:cc:f7:06:42:20:30 for 'libipt_NETMAP.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   2c:19:75:6c:4a:35:48:68:d0:50:a6:58:32:e7:c1:36:b4:a9:94:c3 for 'libxt_LED.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   e2:f7:b9:2a:bd:a7:69:f8:27:96:f5:7a:29:80:18:70:58:5d:ce:a3 for 'libipt_SNAT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   0f:c1:21:24:64:f3:b1:b9:73:eb:c0:6c:19:90:bb:b9:88:fe:cc:8a for 'libipt_CLUSTERIP.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   2e:a8:67:ef:38:48:b8:a0:2d:a4:d3:99:4b:1f:0e:bc:db:5c:9e:80 for 'libxt_comment.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   f9:e3:53:1a:bb:67:a0:20:cf:66:7d:46:ca:82:36:75:dd:0a:0d:d4 for 'libxt_MARK.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   5a:eb:2e:92:6c:bd:3c:95:fe:82:25:e0:b3:ef:87:3a:3d:19:42:4b for 'libipt_MIRROR.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   33:9a:58:a1:b3:13:83:0c:3c:c7:4c:b3:fb:52:a5:b8:15:2f:44:e6 for 'libxt_esp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   3e:f9:01:0e:e2:24:7c:f2:d7:64:1c:f0:4f:0c:a7:32:d0:fd:e8:68 for 'libxt_NOTRACK.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   d6:c8:df:ba:ae:7a:b2:8b:5c:ef:26:26:a2:af:3f:99:a6:ea:43:65 for 'libipt_LOG.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   06:5d:f7:20:d2:c2:86:71:72:8a:96:33:53:0d:e5:94:cf:bf:e8:97 for 'libxt_recent.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   2d:32:ef:93:12:6a:bf:8c:66:0d:57:c6:7e:50:76:c6:39:4c:ab:e8 for 'libxt_policy.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   71:40:3f:f1:c6:ca:92:7a:ba:1d:c6:8c:8e:52:a6:76:ae:c1:c9:70 for 'libxt_RATEEST.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   22:35:fe:d7:aa:6b:9a:8b:9b:db:7f:db:34:9a:35:9f:01:c1:b4:01 for 'libxt_u32.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   53:0e:8c:15:15:4a:da:bc:f7:39:c5:e2:46:ba:15:36:6f:05:b3:6b for 'libipt_ah.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   9a:d0:87:53:a6:70:8e:1d:60:da:ce:3a:58:ef:44:00:27:70:a6:bd for 'libipt_unclean.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   aa:d3:68:ae:62:e7:d0:1d:a3:3e:a7:8e:1a:7c:1a:1f:18:2a:6a:d4 for 'libxt_dccp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   ab:78:0c:51:34:7b:ff:66:9c:97:1e:f2:c7:0b:06:d9:bd:78:7b:c9 for 'libxt_connmark.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   36:1d:6f:75:96:07:ad:c4:0d:6f:e0:af:7d:3f:91:57:94:a4:db:b0 for 'libipt_ECN.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   42:4c:99:a6:21:e1:19:c8:8b:f7:0e:78:ff:b6:4c:6d:72:db:7b:51 for 'libxt_NFQUEUE.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   8f:d3:f5:95:98:1c:49:89:61:fc:94:67:83:0d:dd:37:20:08:c0:85 for 'libxt_physdev.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   38:e9:ff:af:cf:02:73:6d:6b:9c:5e:b4:03:c5:d5:26:12:a4:64:16 for 'libxt_SECMARK.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   5d:93:68:d5:e3:ea:c0:93:d6:dc:ba:d5:c0:24:ed:3d:56:66:68:c2 for 'libxt_length.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   7a:b7:2f:5e:8e:54:89:e6:d3:aa:3d:4f:8b:ac:d0:f9:3a:71:4b:e2 for 'libxt_TRACE.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   5c:3a:42:5d:c4:25:60:8c:21:f7:3a:58:de:45:90:43:3a:e4:19:ad for 'libipt_ULOG.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   d6:0e:93:16:f6:2d:46:bd:1d:6b:f9:b7:34:d3:ac:7e:40:2f:29:30 for 'libipt_ttl.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   73:d7:5e:80:9f:53:fc:84:40:73:08:db:52:89:3f:3d:31:83:53:10 for 'libxt_limit.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c for 'libipt_DNAT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   aa:9a:5b:58:cb:d0:53:5b:ce:8d:d9:e4:f2:d8:d3:25:38:ce:24:72 for 'libxt_tcpmss.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   51:f1:be:7e:59:08:62:a2:c2:5f:29:f4:c5:ef:01:f0:52:df:2a:c5 for 'libipt_REDIRECT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   a0:7e:a0:ae:3d:00:8f:37:97:c5:67:e6:29:cb:73:79:cb:15:02:ed for 'libipt_addrtype.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   3e:1c:20:2b:10:37:cc:24:54:fd:0d:cc:cc:40:e3:15:71:63:0d:9f for 'libxt_CONNMARK.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   c5:22:71:d3:8f:10:56:78:d4:cd:0c:3c:04:0a:21:cc:db:24:57:e3 for 'libxt_pkttype.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   6c:f9:db:a7:25:ac:38:d3:be:ff:dc:d8:f6:65:5b:d5:f4:66:6d:25 for 'libipt_icmp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   37:d6:ae:25:19:77:21:4d:7a:d1:c2:95:80:94:24:af:1e:8e:76:b1 for 'libxt_set.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   e3:58:f5:3f:5c:4b:73:df:16:22:e8:16:41:d9:18:f9:23:ab:c6:2c for 'libxt_cluster.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   11:ce:3b:45:fe:b3:e6:6a:75:49:0d:42:ba:95:07:1a:c6:f4:0a:7f for 'libxt_udp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   c1:66:c2:84:d3:95:78:3a:48:d3:02:c9:61:cb:60:d7:ec:e7:68:ab for 'libxt_multiport.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   29:8a:18:85:82:22:26:dc:be:b2:e9:08:f2:b2:69:b7:a8:27:1a:66 for 'libxt_CLASSIFY.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   c6:3e:0e:cc:c2:03:94:f9:3d:49:25:3b:33:0d:f3:2c:47:ff:d9:96 for 'libxt_CT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   23:29:6f:48:27:6e:16:0b:6d:99:b1:b4:2a:91:14:df:72:0b:b1:ab for 'libip6t_LOG.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   48:a5:5a:a0:dc:11:94:af:63:ba:01:62:00:1c:e1:e9:b3:77:b1:59 for 'libxt_TEE.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   86:6c:55:30:ae:45:69:1b:3c:4e:08:ba:29:3b:33:26:e8:ff:1f:b3 for 'libip6t_frag.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   39:09:5f:23:c9:34:72:21:57:5d:a8:a1:30:41:cc:7b:dc:de:73:54 for 'libxt_cpu.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   00:32:1b:d8:00:d7:08:2f:0d:ee:78:ef:a1:66:1e:24:6c:3d:aa:b4 for 'libxt_iprange.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   a3:45:6c:85:20:bf:0b:c3:f0:ee:0a:1c:80:03:21:c0:19:b4:a8:82 for 'libxt_standard.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   24:f6:13:0d:e2:e5:bb:94:30:b7:1a:aa:e5:c9:42:47:b3:b6:ea:91 for 'libip6t_hl.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   56:7e:01:c5:09:23:ab:1c:19:03:b6:fb:84:9f:a6:8f:19:63:0c:a3 for 'libip6t_HL.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   fd:d2:27:82:6f:c2:9d:b7:d1:b6:ed:2b:e4:14:52:14:f3:92:16:cd for 'libipt_TTL.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   69:47:c7:94:45:0c:04:df:1c:c8:e4:17:15:ce:3d:24:7f:c5:16:c9 for 'libxt_connbytes.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   f8:93:2b:81:16:dd:d4:cf:0f:d5:f5:52:88:18:f2:1a:df:90:cb:74 for 'libxt_ipvs.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   3e:f8:a5:fd:8a:e2:28:77:84:ae:7e:dc:f8:4f:bf:b5:24:b4:97:bb for 'libxt_CONNSECMARK.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   18:fa:a3:14:df:37:fc:d0:1b:9f:1a:ea:6f:db:f0:70:c8:38:b6:a6 for 'libxt_state.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   4e:05:db:c9:87:2d:6c:6d:af:38:45:8b:35:b1:ba:6d:6a:94:d2:1f for 'libip6t_REJECT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   47:e0:cf:82:a1:21:16:d6:8a:a6:42:39:c4:9a:23:aa:b6:cb:35:f4 for 'libxt_string.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   33:d0:40:bc:0c:64:d3:8b:99:7b:fa:ee:ae:04:59:07:c5:2b:e6:70 for 'libxt_owner.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   2b:07:68:91:49:e0:7c:ed:d6:d3:77:49:3d:17:68:ff:23:78:ac:b8 for 'libip6t_ipv6header.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   7f:cd:3d:b6:df:87:13:c0:e7:c7:2d:ad:d7:04:55:99:a7:49:f2:a0 for 'libipt_REJECT.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   95:3b:e7:07:c1:5b:15:80:a3:bb:ed:4c:7e:4c:22:1e:2d:58:44:ff for 'libxt_CHECKSUM.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   5d:32:1b:a9:90:9d:a2:38:b6:de:15:0b:0d:10:33:7c:16:cf:4c:e4 for 'libxt_TCPOPTSTRIP.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   e2:db:af:67:88:9b:bd:1f:f0:fb:da:b8:4e:00:e2:87:53:9d:61:ed for 'libxt_helper.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   9d:96:65:a3:38:9e:3f:67:a8:15:3f:a1:c3:7b:59:68:85:a4:09:b9 for 'libipt_SAME.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   a6:06:e1:bb:12:92:88:f1:90:0d:57:88:1c:3e:ac:ee:e7:27:ec:64 for 'libxt_socket.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   3b:1c:fb:8c:71:c9:04:be:b5:57:19:34:87:91:5f:f5:82:6a:33:47 for 'libipt_ecn.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   1d:74:0a:bd:38:f9:f4:bc:81:ca:43:4a:0e:25:b6:e2:17:04:24:8b for 'libxt_tcp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   5a:0d:07:ab:03:66:03:a7:67:59:e5:f6:1f:7d:04:f2:d3:c0:56:cc for 'libipt_MASQUERADE.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   45:8a:e7:fc:05:34:ef:2a:eb:d5:6f:ce:4d:26:db:10:bd:7f:63:a4 for 'libip6t_hbh.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   1c:b5:30:10:26:19:6e:d1:d2:6f:9c:7f:92:f3:6f:b1:ee:39:48:41 for 'libxt_time.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   42:2c:14:1e:ab:57:e9:c9:a8:0a:3c:7b:31:c2:6a:d4:d0:b5:ed:07 for 'libip6t_ah.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   c9:16:92:db:c9:06:c0:de:e9:7c:b9:6e:ba:fd:6e:f1:ff:cc:4d:1b for 'libip6t_icmp6.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   28:e0:5c:e1:9a:52:ab:16:23:71:cb:5c:14:8f:b1:6e:c7:c3:4a:d6 for 'libxt_NFLOG.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   ac:87:0e:51:06:2d:69:a6:b1:9a:71:e5:1d:19:4b:9b:0c:29:51:cf for 'libip6t_dst.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   34:3d:51:24:47:fc:02:22:63:19:9f:d2:3f:7b:21:6b:46:e0:1e:b3 for 'libxt_sctp.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   7f:f7:ef:5a:4e:01:de:31:18:5d:79:cc:d9:a3:14:a6:a1:2d:3a:65 for 'libxt_TCPMSS.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   ca:1e:da:79:68:a9:0f:6c:c9:14:0a:bd:d1:d1:77:11:6b:69:97:e1 for 'libxt_osf.so'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   32:7f:fa:63:fc:c0:8e:14:e5:64:6b:78:ac:e3:76:94:3a:95:12:7a for 'libip6t_mh.so'

Feb  9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 5 for file '/sbin/ip6tables'

Feb  9 14:53:48 pin1212a00 charon: 11[PTS]   8a:7c:41:16:7b:c0:fc:c1:de:c8:32:9a:86:8b:a2:65:c2:38:57:f5 for 'ip6tables'

</pre>

Packed into one 'Unix-Style File Metadata' and four 'File Measurement' attributes the measured file data is returned to the TNC server:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC message with ID 0x9fbf7882

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Unix-Style File Metadata' 0x005597/0x00900000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 70 bytes @ 0x9132e30

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 01 00 3E 08 00 00 00 00 00  .........>......

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 00 00 00 6C 00 00 00 00 4F 2F F3 66 00 00 00 00  ...l....O/.f....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 4F 2F F3 66 00 00 00 00 4F 33 BD 1C 00 00 00 00  O/.f....O3......

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 74 6E 63 5F  ............tnc_

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   64: 63 6F 6E 66 69 67                                config

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 44 bytes @ 0x9138680

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 01 00 01 00 14 40 9B B1 A9  ............@...

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 7E 26 EA 11 44 CD D6 80 1B 81 59 F1 7F 37 6B 8F  ~&..D.....Y..7k.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 00 0A 6C 69 62 64 6C 2E 73 6F 2E 32              ..libdl.so.2

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 42 bytes @ 0x91323d0

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0  .............m..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: EE B7 A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98  ...W \_....!..@.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 00 08 69 70 74 61 62 6C 65 73                    ..iptables

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 49 bytes @ 0x91387b8

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 01 00 03 00 14 7A 3C A7 21  ............z<.!

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6 93 AE A2 6C  X......B.H.....l

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 00 0F 6C 69 62 78 74 61 62 6C 65 73 2E 73 6F 2E  ..libxtables.so.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   48: 35                                               5

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 3475 bytes @ 0x9139510

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41 80  .......^.....6A.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6 D6  .'...Y.8..lAK...

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47 52  ..libxt_tos.soGR

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   48: 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98 BD  S,.A....L/......

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   64: DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69 36  .5..libip6t_eui6

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   80: 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14 7B  4.so...7.......{

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   96: 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70 74  G.........libipt

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  112: 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF 13  _realm.so2.Cv...

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  128: EF 8B 3C D7 86 9A F9 0B 57 A7 44 58 25 00 12 6C  ..<.....W.DX%..l

                                         --------------- truncated attribute ----------------

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 43 bytes @ 0x913a2a8

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 00 00 00 00 00 00 00 01 00 05 00 14 8A 7C 41 16  .............|A.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 7B C0 FC C1 DE C8 32 9A 86 8B A2 65 C2 38 57 F5  {.....2....e.8W.

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 00 09 69 70 36 74 61 62 6C 65 73                 ..ip6tables

</pre>

All data is packed into a huge PB-TNC CDATA batch spanning four IKEv2 UDP datagrams:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] creating PB-TNC CDATA batch

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] adding PB-PA message

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] sending PB-TNC CDATA batch (3835 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 11[TNC] => 3835 bytes @ 0x9139e98

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]    0: 02 00 00 01 00 00 0E FB 80 00 00 00 00 00 00 01  ................

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   16: 00 00 0E F3 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 9F BF 78 82 80 00 55 97 00 90 00 00  ......x...U.....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   48: 00 00 00 52 00 00 00 00 00 00 00 01 00 3E 08 00  ...R.........>..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   64: 00 00 00 00 00 00 00 6C 00 00 00 00 4F 2F F3 66  .......l....O/.f

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   80: 00 00 00 00 4F 2F F3 66 00 00 00 00 4F 33 BD 1C  ....O/.f....O3..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]   96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  112: 74 6E 63 5F 63 6F 6E 66 69 67 80 00 55 97 00 D0  tnc_config..U...

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  128: 00 00 00 00 00 38 00 00 00 00 00 00 00 01 00 01  .....8..........

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  144: 00 14 40 9B B1 A9 7E 26 EA 11 44 CD D6 80 1B 81  ..@...~&..D.....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  160: 59 F1 7F 37 6B 8F 00 0A 6C 69 62 64 6C 2E 73 6F  Y..7k...libdl.so

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  176: 2E 32 80 00 55 97 00 D0 00 00 00 00 00 36 00 00  .2..U........6..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  192: 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0 EE B7  ...........m....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  208: A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98 00 08  .W \_....!..@...

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  224: 69 70 74 61 62 6C 65 73 80 00 55 97 00 D0 00 00  iptables..U.....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  240: 00 00 00 3D 00 00 00 00 00 00 00 01 00 03 00 14  ...=............

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  256: 7A 3C A7 21 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6  z<.!X......B.H..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  272: 93 AE A2 6C 00 0F 6C 69 62 78 74 61 62 6C 65 73  ...l..libxtables

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  288: 2E 73 6F 2E 35 80 00 55 97 00 D0 00 00 00 00 0D  .so.5..U........

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  304: 9F 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41  ........^.....6A

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  320: 80 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6  ..'...Y.8..lAK..

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  336: D6 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47  ...libxt_tos.soG

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  352: 52 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98  RS,.A....L/.....

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  368: BD DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69  ..5..libip6t_eui

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  384: 36 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14  64.so...7.......

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  400: 7B 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70  {G.........libip

Feb  9 14:53:48 pin1212a00 charon: 11[TNC]  416: 74 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF  t_realm.so2.Cv..

                                         ----------------- truncated batch ------------------

Feb  9 14:53:48 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb  9 14:53:48 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 13 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 14 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb  9 14:53:48 pin1212a00 charon: 10[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 10[ENC] parsed IKE_AUTH response 14 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 10[ENC] generating IKE_AUTH request 15 [ EAP/RES/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 10[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Functional Component Evidence

The final PB-TNC SDATA batch arrives from the TNC server:

<pre>

Nov 29 07:39:24 merthyr charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Nov 29 07:39:24 merthyr charon: 03[ENC] parsed IKE_AUTH response 15 [ EAP/REQ/TTLS ]

Nov 29 07:39:24 merthyr charon: 03[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Nov 29 07:39:24 merthyr charon: 03[TNC] received TNCCS batch (92 bytes) for Connection ID 1

Nov 29 07:39:24 merthyr charon: 03[TNC] => 92 bytes @ 0x826a546

Nov 29 07:39:24 merthyr charon: 03[TNC]    0: 02 80 00 02 00 00 00 5C 80 00 00 00 00 00 00 01  .......\........

Nov 29 07:39:24 merthyr charon: 03[TNC]   16: 00 00 00 54 00 00 55 97 00 00 00 01 FF FF 00 01  ...T..U.........

Nov 29 07:39:24 merthyr charon: 03[TNC]   32: 01 00 00 00 AA 37 58 07 80 00 55 97 00 10 00 00  .....7X...U.....

Nov 29 07:39:24 merthyr charon: 03[TNC]   48: 00 00 00 24 10 00 00 00 00 90 2A 21 00 00 00 03  ...$......*!....

Nov 29 07:39:24 merthyr charon: 03[TNC]   64: 10 00 00 00 00 90 2A 21 00 00 00 02 80 00 55 97  ......*!......U.

Nov 29 07:39:24 merthyr charon: 03[TNC]   80: 00 20 00 00 00 00 00 10 00 00 00 00              . ..........

Nov 29 07:39:24 merthyr charon: 03[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Nov 29 07:39:24 merthyr charon: 03[TNC] processing PB-TNC SDATA batch

</pre>

Again the PTS-IMC is subscribed to this PB-PA message type:

<pre>

Per subscription the PTS-IMC receives this PB-PA message type:

Nov 29 07:39:24 merthyr charon: 03[TNC] processing PB-PA message (84 bytes)

Nov 29 07:39:24 merthyr charon: 03[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x01

</pre>

The PA-TNC message contains a 'Request Functional Component Evidence' and a final 'Generate Attestation Evidence' attribute from the TCG namespace:<pre>

Nov 29 07:39:24 merthyr charon: 03[TNC] processing PA-TNC message with ID 0xaa375807

Nov 29 07:39:24 merthyr charon: 03[TNC] processing PA-TNC attribute type 'TCG/Request Functional Component Evidence' 0x005597/0x00100000

Nov 29 07:39:24 merthyr charon: 03[TNC] => 24 bytes @ 0x826bc50

Nov 29 07:39:24 merthyr charon: 03[TNC]    0: 10 00 00 00 00 90 2A 21 00 00 00 03 10 00 00 00  ......*!........

Nov 29 07:39:24 merthyr charon: 03[TNC]   16: 00 90 2A 21 00 00 00 02                          ..*!....

Nov 29 07:39:24 merthyr charon: 03[TNC] processing PA-TNC attribute type 'TCG/Generate Attestation Evidence' 0x005597/0x00200000

Nov 29 07:39:24 merthyr charon: 03[TNC] => 4 bytes @ 0x826bc74

Nov 29 07:39:24 merthyr charon: 03[TNC]    0: 00 00 00 00

</pre>

The first of the ordered evidence request is for the "Linux IMA":http://linux-ima.sourceforge.net/ functional component defined in the ITA-HSR namespace which verifies the 126 measurements extended into PCRs 0..7 during the pre-boot process.

<pre>

Nov 29 07:39:24 merthyr charon: 03[IMC] evidence requested for 2 functional components

Nov 29 07:39:24 merthyr charon: 03[PTS] * ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] loaded bios measurements '/sys/kernel/security/tpm0/binary_bios_measurements' (126 entries)

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 extended with: 4d:89:4e:ef:0a:e7:cb:12:47:40:df:4f:6c:5c:35:aa:0f:e7:da:e8

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 after value  : 53:2d:3c:15:48:a8:56:f0:68:a9:dd:63:8f:b2:ed:6a:f2:f3:c7:90

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 extended with: f2:c8:46:e7:f3:35:f7:b9:e9:dd:0a:44:f4:8c:48:e1:98:67:50:c7

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 before value : 53:2d:3c:15:48:a8:56:f0:68:a9:dd:63:8f:b2:ed:6a:f2:f3:c7:90

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 after value  : 9c:69:c6:4a:1b:13:fc:27:4b:45:1e:c1:b5:65:49:77:88:da:f4:7a

                                        --------------------- omitted another 54 PCR 0 measurements ---------------------

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 extended with: a2:3b:27:98:83:91:5b:0d:c3:31:30:81:92:43:66:ea:5e:75:bd:c1

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 before value : 69:f8:2a:f1:0a:82:a2:57:37:ed:b6:bd:29:19:a0:cc:89:7c:2b:2c

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 after value  : 83:2b:c0:fd:f5:cd:ab:86:fe:8f:c5:88:54:75:8f:40:0f:ff:58:f5

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: ef:75:11:b5:24:85:57:ae:63:7f:46:b5:52:f8:af:59:02:0f:2b:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : e9:6e:49:77:ac:62:c8:e9:1f:c2:83:23:36:02:b3:b4:55:09:f0:5e

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: 62:40:c5:88:a2:d7:74:0f:5c:2c:95:23:bf:f7:d9:83:34:99:8d:77

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : e9:6e:49:77:ac:62:c8:e9:1f:c2:83:23:36:02:b3:b4:55:09:f0:5e

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : a4:d1:b9:c6:e4:fa:28:96:1f:38:fa:1c:16:a6:8a:36:ec:9e:b3:f0

                                        --------------------- omitted another 8 PCR 2 measurements ----------------------

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: 64:61:d3:77:19:99:c3:a4:b3:c1:5b:f4:e3:8d:a3:0b:91:bc:1b:17

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : d7:e7:4d:8a:31:27:fe:7f:56:90:f5:32:87:93:dd:ce:d7:d8:8f:2b

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : dc:a3:35:e6:4e:b3:32:00:4f:7b:fd:52:37:3a:2e:66:8b:94:20:6d

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  6 extended with: fc:ad:78:7f:77:71:63:7d:65:96:38:d9:2b:5e:ee:93:85:b3:d7:b9

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  6 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  6 after value  : e9:ee:75:26:27:c1:99:88:cc:8b:3e:c7:58:8a:6d:80:f5:e9:d5:07

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 extended with: 4b:90:d9:17:8e:fc:5c:f9:a9:dd:f4:f8:bc:c4:90:08:78:5d:76:ec

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 before value : 83:2b:c0:fd:f5:cd:ab:86:fe:8f:c5:88:54:75:8f:40:0f:ff:58:f5

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  0 after value  : ea:7d:5a:f1:39:6d:a6:35:23:cf:5c:97:49:89:7d:e4:c5:49:ae:a1

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: e7:9e:46:8b:19:21:b2:29:3a:80:c5:91:7e:fa:6a:45:c3:79:e8:10

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : dc:a3:35:e6:4e:b3:32:00:4f:7b:fd:52:37:3a:2e:66:8b:94:20:6d

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : 7b:83:a8:ab:51:ce:93:7b:6a:ea:c9:ec:cc:82:18:36:eb:7b:d2:de

                                        --------------------- omitted another 5 PCR 2 measurements ----------------------

ov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: 0b:a6:11:dd:45:de:9a:cb:e3:d0:da:0d:2e:47:8e:4a:a7:7f:f5:15

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : c8:cd:82:14:ee:b8:9d:e7:e4:98:9d:4f:52:0f:b2:6c:8a:4a:bf:50

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : 05:21:91:68:2b:2d:00:ec:d9:33:44:8f:4a:08:bc:03:aa:86:55:8a

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  4 extended with: 9b:4d:80:cf:ef:c7:d5:57:6c:4d:9f:22:48:72:50:58:96:ef:27:98

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  4 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  4 after value  : da:6f:12:b6:2d:5c:71:56:5d:1b:5d:4d:88:82:db:51:76:25:18:56

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: e7:9e:46:8b:19:21:b2:29:3a:80:c5:91:7e:fa:6a:45:c3:79:e8:10

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : 05:21:91:68:2b:2d:00:ec:d9:33:44:8f:4a:08:bc:03:aa:86:55:8a

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : 20:4b:04:96:e8:ec:2a:9f:4e:c6:84:07:bd:ce:92:53:3b:24:1a:b3

                                        --------------------- omitted another 2 PCR 2 measurements ----------------------

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 extended with: be:1b:de:c0:aa:74:b4:dc:b0:79:94:3e:70:52:80:96:cc:a9:85:f8

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 before value : b6:78:09:53:5b:5d:f5:bc:d0:7a:0a:8a:65:7f:30:45:0e:a1:53:0d

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  2 after value  : 67:96:0d:ff:44:36:09:47:39:fe:34:34:33:c6:b9:cb:03:3e:7b:83

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 extended with: 23:0b:3b:f1:3c:75:28:34:de:cf:47:f5:a8:6a:75:58:2a:be:e5:1c

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 after value  : 22:ac:e7:ca:d4:3d:e8:b8:1b:5f:e0:37:9f:87:24:20:66:ed:6d:20

Nov 29 07:39:24 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Nov 29 07:39:24 merthyr charon: 03[PTS] measurement time: Nov 29 07:23:21 2011

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 extended with: 61:f5:9f:77:82:bb:39:61:0d:bb:6b:1f:57:03:3c:16:18:10:a2:67

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 before value : 22:ac:e7:ca:d4:3d:e8:b8:1b:5f:e0:37:9f:87:24:20:66:ed:6d:20

Nov 29 07:39:24 merthyr charon: 03[PTS] PCR  1 after value  : bb:3a:e5:9e:da:fd:3f:c8:be:a9:7c:ac:3a:6a:eb:49:18:bd:0c:b5

                                        --------------------- omitted another 4 PCR 1 measurements ----------------------

Nov 29 07:39:25 merthyr charon: 03[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'