TNC Client with PTS-IMC » History » Version 61
« Previous -
Version 61/69
(diff) -
Next » -
Current version
Andreas Steffen, 09.02.2012 15:45
updated PTS-IMC example scenario output
TNC Client with PTS-IMC¶
This HOWTO explains in a step-for-step fashion how a strongSwan IPsec client with integrated TNC client functionality and an attached Platform Trust Service Integrity Measurement Collector (PTS-IMC) can provide remote attestation measurement data to a TNC server via the IKEv2 EAP-TTLS protocol.
- Table of contents
- TNC Client with PTS-IMC
Installation and Configuration¶
The following steps describe the installation of the strongSwan software
wget http://download.strongswan.org/strongswan-4.6.2rc1.tar.bz2
tar xjf strongswan-4.6.2rc1.tar.bz2
cd strongswan-4.6.2rc1
./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl
--enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc
--enable-tnccs-20 --enable-tnc-imc --enable-imc-attestation
make
[sudo] make install
The strongSwan imc-attestation.so dynamic PTS-IMC library depends on the TrouSerS libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.
The connection between IPsec client carol and IPsec gateway moon is defined in the /etc/ipsec.conf file:
# ipsec.conf - strongSwan IPsec configuration file
config setup
charondebug="tnc 3, imc 3, pts 3"
conn home
left=%any
leftid=carol@strongswan.org
leftauth=eap
right=192.168.0.1
rightid=@moon.strongswan.org
rightsendcert=never
rightsubnet=10.1.0.0/16
auto=start
The debug levels for the TNC, IMC, and PTS components are increased to 3, so that HEX dumps of PB-TNC (IF-TNCCS 2.0) messages and PA-TNC (IF-M) attributes will be included in the log file.
The IKEv2 client carol is going to use EAP-based authentication with the user credentials being stored in the /etc/ipsec.secrets file:
# /etc/ipsec.secrets - strongSwan IPsec secrets file carol@strongswan.org : EAP "Ar3etTnp"
The following IKEv2 charon and Attestation IMC options are defined in the /etc/strongswan.conf file
# strongswan.conf - strongSwan configuration file
charon {
load = sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke
plugins {
eap-tnc {
protocol = tnccs-2.0
}
tnc-imc {
preferred_language = en
}
}
}
libimcv {
plugins {
imc-attestation {
aik_cert = /home/andi/privacyca/AIK_3_Cert.der
aik_blob = /home/andi/privacyca/AIK_3_Blob.bin
pcr17_meas = d537d437f058136eb3d7be517dbe7647b623c619
pcr17_before = 1717171717171717171717171717171717171717
pcr17_after = ffffffffffffffffffffffffffffffffffffffff
pcr18_meas = 160d2b04d11eb225fb148615b699081869e15b6c
pcr18_before = 1818181818181818181818181818181818181818
pcr18_after = ffffffffffffffffffffffffffffffffffffffff
}
}
}
IKEv2 Negotiation¶
Startup and Initialization¶
The command
ipsec start
starts the TNC-enabled IPsec client:
Feb 9 14:53:42 pin1212a00 charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2rc1) Feb 9 14:53:42 pin1212a00 charon: 00[KNL] listening on interfaces: Feb 9 14:53:42 pin1212a00 charon: 00[KNL] eth0 Feb 9 14:53:42 pin1212a00 charon: 00[KNL] 152.96.31.100 Feb 9 14:53:42 pin1212a00 charon: 00[KNL] fe80::219:99ff:feb3:92c3 Feb 9 14:53:42 pin1212a00 charon: 00[KNL] umlbr0 Feb 9 14:53:42 pin1212a00 charon: 00[KNL] 192.168.0.254 Feb 9 14:53:42 pin1212a00 charon: 00[KNL] fe80::9cb8:adff:fe5a:270a
The file /etc/tnc_config
# IMC configuration file for strongSwan client IMC "Attestation" /usr/lib/ipsec/imcvs/imc-attestation.so
defines which IMCs are loaded by the TNC client:
Feb 9 14:53:42 pin1212a00 charon: 00[TNC] loading IMCs from '/etc/tnc_config' Feb 9 14:53:42 pin1212a00 charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA1[sha1] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA256[openssl] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] optional PTS measurement algorithm HASH_SHA384[openssl] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] optional PTS DH group MODP_2048[gmp] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] optional PTS DH group MODP_1536[gmp] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] optional PTS DH group MODP_1024[gmp] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] mandatory PTS DH group ECP_256[openssl] available Feb 9 14:53:42 pin1212a00 charon: 00[PTS] optional PTS DH group ECP_384[openssl] available Feb 9 14:53:42 pin1212a00 charon: 00[TNC] added IETF attributes Feb 9 14:53:42 pin1212a00 charon: 00[TNC] added ITA-HSR attributes Feb 9 14:53:42 pin1212a00 charon: 00[LIB] libimcv initialized Feb 9 14:53:42 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" initialized Feb 9 14:53:42 pin1212a00 charon: 00[TNC] added TCG attributes Feb 9 14:53:42 pin1212a00 charon: 00[PTS] added TCG functional component namespace Feb 9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component namespace Feb 9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader' Feb 9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot' Feb 9 14:53:42 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Linux IMA' Feb 9 14:53:42 pin1212a00 charon: 00[LIB] libpts initialized Feb 9 14:53:42 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" provided with bind function Feb 9 14:53:42 pin1212a00 charon: 00[TNC] IMC 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001 Feb 9 14:53:42 pin1212a00 charon: 00[TNC] IMC 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imc-attestation.so'
Next the IKEv2 credential,all necessary plugins and the IPsec connection definition are loaded
Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets' Feb 9 14:53:42 pin1212a00 charon: 00[CFG] loaded EAP secret for carol@strongswan.org Feb 9 14:53:42 pin1212a00 charon: 00[DMN] loaded plugins: sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke Feb 9 14:53:42 pin1212a00 charon: 00[JOB] spawning 16 worker threads Feb 9 14:53:42 pin1212a00 charon: 09[CFG] received stroke: add connection 'home' Feb 9 14:53:42 pin1212a00 charon: 09[CFG] left nor right host is our side, assuming left=local Feb 9 14:53:42 pin1212a00 charon: 09[CFG] added configuration 'home'
IKEv2 Exchanges¶
Due to auto=start the IKEv2 negotiation automatically initiates the IKE_SA_INIT exchange
Feb 9 14:53:48 pin1212a00 charon: 07[CFG] received stroke: initiate 'home' Feb 9 14:53:48 pin1212a00 charon: 12[IKE] initiating IKE_SA home[1] to 192.168.0.1 Feb 9 14:53:48 pin1212a00 charon: 12[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Feb 9 14:53:48 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[500] to 192.168.0.1[500] Feb 9 14:53:48 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[500] to 192.168.0.254[500] Feb 9 14:53:48 pin1212a00 charon: 13[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:
Feb 9 14:53:48 pin1212a00 charon: 13[IKE] establishing CHILD_SA home Feb 9 14:53:48 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ] Feb 9 14:53:48 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500] Feb 9 14:53:48 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 14[IKE] server requested EAP_TTLS authentication (id 0x0A) Feb 9 14:53:48 pin1212a00 charon: 14[TLS] EAP_TTLS version is v0 Feb 9 14:53:48 pin1212a00 charon: 14[IKE] allow mutual EAP-only authentication
IKEv2 EAP-TTLS Tunnel¶
The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication
Feb 9 14:53:48 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 2 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500] Feb 9 14:53:48 pin1212a00 charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 15[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500] Feb 9 14:53:48 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 11[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Feb 9 14:53:48 pin1212a00 charon: 11[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' Feb 9 14:53:48 pin1212a00 charon: 11[CFG] using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" Feb 9 14:53:48 pin1212a00 charon: 11[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Feb 9 14:53:48 pin1212a00 charon: 11[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" Feb 9 14:53:48 pin1212a00 charon: 11[CFG] fetching crl from 'http://crl.strongswan.org/strongswan.crl' ... Feb 9 14:53:48 pin1212a00 charon: 11[CFG] using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Feb 9 14:53:48 pin1212a00 charon: 11[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" Feb 9 14:53:48 pin1212a00 charon: 11[CFG] crl is valid: until Mar 09 10:28:34 2012 Feb 9 14:53:48 pin1212a00 charon: 11[CFG] certificate status is good Feb 9 14:53:48 pin1212a00 charon: 11[CFG] reached self-signed root ca with a path length of 0 Feb 9 14:53:48 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Tunneled EAP-Identity¶
Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity
Feb 9 14:53:48 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 08[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID] Feb 9 14:53:48 pin1212a00 charon: 08[IKE] server requested EAP_IDENTITY authentication (id 0x00) Feb 9 14:53:48 pin1212a00 charon: 08[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID] Feb 9 14:53:48 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Tunneled EAP-MD5 Client Authentication¶
Next follows an EAP-MD5 client authentication
Feb 9 14:53:48 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5] Feb 9 14:53:48 pin1212a00 charon: 09[IKE] server requested EAP_MD5 authentication (id 0x29) Feb 9 14:53:48 pin1212a00 charon: 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5] Feb 9 14:53:48 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Tunneled EAP-TNC Transport¶
Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:
Feb 9 14:53:48 pin1212a00 charon: 10[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 10[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 10[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:48 pin1212a00 charon: 10[IKE] server requested EAP_TNC authentication (id 0xC5) Feb 9 14:53:48 pin1212a00 charon: 10[TLS] EAP_TNC version is v1
PB-TNC/IF-TNCCS 2.0 Connection¶
A new TNCCS connection is instantiated on the TNC client and its IF-TNCCS 2.0 state machine is set to the Init state.
A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch is prepared and a PB-Language-Preference message for Englisch (en) is added:
Feb 9 14:53:48 pin1212a00 charon: 10[TNC] assigned TNCCS Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] creating PB-TNC CDATA batch Feb 9 14:53:48 pin1212a00 charon: 10[TNC] adding PB-Language-Preference message
An instance of the Attestation PTS-IMC is created which in a first step determines the client operating systen
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] platform is 'Ubuntu 11.04 i686'
and then loads the AIK certificate and the matching AIK private key, the latter in the form of a TPM-encrypted binary blob
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] loaded AIK certificate from '/home/seclab/privacyca/AIK_Cert.der'
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] loaded AIK Blob from '/home/seclab/privacyca/AIK_Blob.bin'
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] AIK Blob: => 559 bytes @ 0x9136e08
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 0: 01 01 00 00 00 12 00 00 00 04 00 00 00 00 01 00 ................
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 16: 01 00 02 00 00 00 0C 00 00 08 00 00 00 00 02 00 ................
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 32: 00 00 00 00 00 00 00 00 00 01 00 81 E3 38 7C 4D .............8|M
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 48: 46 70 CB D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71 Fp..3b8P...(V.nq
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 64: CF AA E3 C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB ....1...Sj..T.|.
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 80: 00 98 80 D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 ....}.W..$.YH..g
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 96: 30 87 4F D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0 0.O.Y......'..W.
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 112: FE 1F AB EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D .............tM=
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 128: B5 98 6D 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F ..mW"t..A|.h.../
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 144: 57 54 CA 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC WT.J..=37...oP..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 160: C2 D3 83 F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 ....K..f..z....Q
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 176: 55 A2 8A AB F4 85 09 74 24 64 03 DD 65 1C 26 2F U......t$d..e.&/
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 192: 35 08 BF 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E 5..W.(...[...lC~
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 208: DE D3 93 F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94 ......6.1..B.z..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 224: 93 9C 8F BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D ....m.f.0...DM.m
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 240: 35 64 A6 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD 5d.......V.(;&..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 256: 6F 7F AD 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5 o..Eh<.}8..._v..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 272: 5E 8A 4B C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70 ^.K.+..'..<....p
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 288: CC D6 EF 57 F3 EF 37 A2 E6 B5 49 00 00 01 00 4C ...W..7...I....L
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 304: DA 76 65 D0 54 8C F9 E8 B6 C4 9E 26 37 70 B4 45 .ve.T......&7p.E
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 320: C0 42 E0 A3 7A 3E 9D 57 96 B0 C8 68 DE 6A 84 76 .B..z>.W...h.j.v
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 336: 9A 9A E3 F9 D7 44 AB E0 A2 4B D2 3E 44 BD D9 92 .....D...K.>D...
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 352: 53 AF 6A 04 26 56 04 FC F9 43 D0 68 E3 63 AD 7B S.j.&V...C.h.c.{
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 368: 5C A2 50 B8 BA A2 F0 53 8C 8B 3A 67 35 49 CA E4 \.P....S..:g5I..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 384: 35 A3 35 4B E7 31 D0 25 10 D4 6A B9 17 32 F9 53 5.5K.1.%..j..2.S
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 400: 22 E9 13 9D 13 E9 0D F0 59 55 33 36 5C A5 28 FB ".......YU36\.(.
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 416: 86 88 69 69 F0 93 6F 4B 62 76 B0 0E 64 E9 69 2D ..ii..oKbv..d.i-
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 432: 7D 9E 9E ED E1 1E 62 4C 63 AA D8 FD 87 86 77 3C }.....bLc.....w<
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 448: C1 04 E8 63 81 54 FE 75 82 D8 36 96 67 6A D1 18 ...c.T.u..6.gj..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 464: 78 6C 7D 7B 8C BB 28 A0 AC 84 D8 7B 7E D0 55 38 xl}{..(....{~.U8
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 480: 80 64 4C 3A 38 E0 B0 1A FE A7 C8 C3 A1 F9 21 A5 .dL:8.........!.
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 496: D1 6F DE C4 CE 0B 62 D6 39 DA A4 35 45 B3 B6 D2 .o....b.9..5E...
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 512: D4 73 0B 82 28 B5 C1 79 88 85 D8 7D 54 38 E0 DA .s..(..y...}T8..
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 528: 57 2C 57 C1 34 4D 26 B8 9F A3 81 5B 4A 98 E5 E6 W,W.4M&....[J...
Feb 9 14:53:48 pin1212a00 charon: 10[PTS] 544: 89 94 25 A0 3F 9F 5A 3E CF A3 9A 0B 55 74 02 ..%.?.Z>....Ut.
Feb 9 14:53:48 pin1212a00 charon: 10[IMC] IMC 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1
Via the IF-IMC interface the PTS-IMC receives a 'Handshake' state change from the TNC client
Feb 9 14:53:48 pin1212a00 charon: 10[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Handshake'
The PTS-IMC generates a PA-TNC message of type TCG/PTS targeted at the remote PTS-IMV, containing a single PA-TNC attribute of type 'IETF/Product Information' with the client operating system information:
Feb 9 14:53:48 pin1212a00 charon: 10[TNC] creating PA-TNC message with ID 0xf6c4bd2b Feb 9 14:53:48 pin1212a00 charon: 10[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] => 22 bytes @ 0x91322a0 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30 .....Ubuntu 11.0 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 16: 34 20 69 36 38 36 4 i686 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] adding PB-PA message
The PA-TNC message is received by the TNC client via the IF-IMC SendMessage call and is inserted together with the
PB-Language-Preference message into the PB-TNC CDATA batch which is then sent via the IKEv2 EAP-TTLS tunnel to the TNC server.
Feb 9 14:53:48 pin1212a00 charon: 10[TNC] PB-TNC state transition from 'Init' to 'Server Working' Feb 9 14:53:48 pin1212a00 charon: 10[TNC] sending PB-TNC CDATA batch (105 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] => 105 bytes @ 0x9137040 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06 .......i........ Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75 ....Accept-Langu Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00 age: en......... Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01 ..B..U.......... Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 64: 00 00 00 F6 C4 BD 2B 00 00 00 00 00 00 00 02 00 ......+......... Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31 ..".....Ubuntu 1 Feb 9 14:53:48 pin1212a00 charon: 10[TNC] 96: 31 2E 30 34 20 69 36 38 36 1.04 i686 Feb 9 14:53:48 pin1212a00 charon: 10[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC] Feb 9 14:53:48 pin1212a00 charon: 10[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 10[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
PTS Capability Discovery¶
As a response a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch is received from the TNC server
Feb 9 14:53:48 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:48 pin1212a00 charon: 12[TNC] received TNCCS batch (72 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 72 bytes @ 0x9131442 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01 .......H........ Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01 ...@..U......... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 32: 01 00 00 00 4B 21 AF FF 80 00 55 97 01 00 00 00 ....K!....U..... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00 ..........U..... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 64: 00 00 00 10 00 00 80 00 ........ Feb 9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch
containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:
Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-PA message (64 bytes) Feb 9 14:53:48 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
The PA-TNC message transferred via the IF-IMC interface to the PTS-IMC contains two PA-TNC attributes from the TCG/PTS namespace:
Feb 9 14:53:48 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0x4b21afff Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9135bdc Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 00 00 00 0E .... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9135bec Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 00 00 80 00 ....
namely the requests 'Request PTS Protocol Capabilities' and 'PTS Measurement Algorithm Request'. The PTS-IMV supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities and the PTS-IMC does as well.
Feb 9 14:53:48 pin1212a00 charon: 12[PTS] supported PTS protocol capabilities: .VDT. Feb 9 14:53:48 pin1212a00 charon: 12[PTS] selected PTS measurement algorithm is HASH_SHA1
The PTS-IMV proposes SHA-1 only for the PTS measurement algorithm which is accepted by the PTS-IMC. These two selections are sent back to the PTS-IMV in a PA-TNC message containing the TCG attributes 'PTS Protocol Capabilities' and 'PTS Measurement Algorithm":
Feb 9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC message with ID 0x349421bb Feb 9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9136df8 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 00 00 00 0E .... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x91314e0 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 00 00 80 00 ....
This PA-TNC message is sent as a PB-PA payload in a PB-TNC CDATA batch to the TNC server:
Feb 9 14:53:48 pin1212a00 charon: 12[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] creating PB-TNC CDATA batch Feb 9 14:53:48 pin1212a00 charon: 12[TNC] adding PB-PA message Feb 9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' Feb 9 14:53:48 pin1212a00 charon: 12[TNC] sending PB-TNC CDATA batch (72 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 72 bytes @ 0x9135b58 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01 .......H........ Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF ...@..U......... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 32: 01 00 00 00 34 94 21 BB 00 00 55 97 02 00 00 00 ....4.!...U..... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00 ..........U..... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 64: 00 00 00 10 00 00 80 00 ........ Feb 9 14:53:48 pin1212a00 charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC] Feb 9 14:53:48 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
DH Nonce Parameters¶
The next PB-TNC SDATA batch is received:
Feb 9 14:53:48 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 13[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:48 pin1212a00 charon: 13[TNC] received TNCCS batch (56 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] => 56 bytes @ 0x9135bd2 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01 .......8........ Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01 ...0..U......... Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 32: 01 00 00 00 BD 1F 9F 28 80 00 55 97 03 00 00 00 .......(..U..... Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 48: 00 00 00 10 00 00 F0 00 ........ Feb 9 14:53:48 pin1212a00 charon: 13[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Feb 9 14:53:48 pin1212a00 charon: 13[TNC] processing PB-TNC SDATA batch
containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:
Feb 9 14:53:48 pin1212a00 charon: 13[TNC] processing PB-PA message (48 bytes) Feb 9 14:53:48 pin1212a00 charon: 13[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
The PA-TNC message contains a 'DH Nonce Parameters Request' from the TCG namespace
Feb 9 14:53:48 pin1212a00 charon: 13[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] processing PA-TNC message with ID 0xbd1f9f28 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] => 4 bytes @ 0x9135fc4 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 0: 00 00 F0 00 ....
and offers the set of IKE DH groups {2, 5, 14, 19} from which the PTS-IMC selects ECP_256 (group 14).
Feb 9 14:53:48 pin1212a00 charon: 13[PTS] selected PTS DH group is ECP_256 Feb 9 14:53:48 pin1212a00 charon: 13[PTS] nonce length is 20
The PTS-IMC also returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value:
Feb 9 14:53:48 pin1212a00 charon: 13[TNC] creating PA-TNC message with ID 0x144b8472 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] => 92 bytes @ 0x9132b50 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 0: 00 00 00 14 10 00 E0 00 B9 FD DB 13 D2 BE 4E BA ..............N. Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 16: E2 FF 33 25 CD A0 C8 79 AE 1A 51 D8 91 D3 11 77 ..3%...y..Q....w Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 32: 82 E6 F0 31 67 A7 5C EB 76 E5 BD 3E E8 62 A8 F6 ...1g.\.v..>.b.. Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 48: D7 2B 58 3B 1F F4 79 9D E9 DB 99 6A F0 A8 3E 0C .+X;..y....j..>. Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 64: 83 1B 6E 36 F7 93 7C CE 75 04 90 D7 DB 73 5F C8 ..n6..|.u....s_. Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 80: 74 F4 FF B3 64 CF 82 90 2A 32 EA C8 t...d...*2..
This PA-TNC message is carried in a PB-PA message encapsulated in a PB-TNC CDATA batch:
Feb 9 14:53:48 pin1212a00 charon: 13[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] creating PB-TNC CDATA batch Feb 9 14:53:48 pin1212a00 charon: 13[TNC] adding PB-PA message Feb 9 14:53:48 pin1212a00 charon: 13[TNC] PB-TNC state transition from 'Client Working' to 'Server Working' Feb 9 14:53:48 pin1212a00 charon: 13[TNC] sending PB-TNC CDATA batch (144 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] => 144 bytes @ 0x9132de0 Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01 ................ Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF ......U......... Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 32: 01 00 00 00 14 4B 84 72 00 00 55 97 04 00 00 00 .....K.r..U..... Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 48: 00 00 00 68 00 00 00 14 10 00 E0 00 B9 FD DB 13 ...h............ Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 64: D2 BE 4E BA E2 FF 33 25 CD A0 C8 79 AE 1A 51 D8 ..N...3%...y..Q. Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 80: 91 D3 11 77 82 E6 F0 31 67 A7 5C EB 76 E5 BD 3E ...w...1g.\.v..> Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 96: E8 62 A8 F6 D7 2B 58 3B 1F F4 79 9D E9 DB 99 6A .b...+X;..y....j Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 112: F0 A8 3E 0C 83 1B 6E 36 F7 93 7C CE 75 04 90 D7 ..>...n6..|.u... Feb 9 14:53:48 pin1212a00 charon: 13[TNC] 128: DB 73 5F C8 74 F4 FF B3 64 CF 82 90 2A 32 EA C8 .s_.t...d...*2.. Feb 9 14:53:48 pin1212a00 charon: 13[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC] Feb 9 14:53:48 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
DH Nonce Finish and TPM Version/AIK Info¶
The next PB-TNC SDATA batch is received:
Feb 9 14:53:48 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:48 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] received TNCCS batch (172 bytes) for Connection ID 1
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 172 bytes @ 0x9138a1a
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01 ................
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01 ......U.........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 32: 01 00 00 00 7B 50 C7 13 80 00 55 97 05 00 00 00 ....{P....U.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 48: 00 00 00 64 00 14 80 00 3B FF C4 8E 14 94 F3 24 ...d....;......$
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 64: 19 1B A7 7B 7D FB 99 CE 06 96 CD AC 23 D3 17 57 ...{}.......#..W
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 80: 50 20 20 22 85 9C BA 47 CF C6 F0 13 AD 40 38 4B P "...G.....@8K
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 96: AA 99 1D 6B 2A C0 0E 20 93 49 29 86 FE 22 FC B9 ...k*.. .I).."..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 112: 10 B3 87 97 53 AD 1A 9E 7D 9E 5C A0 75 4E D5 9E ....S...}.\.uN..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 128: 92 FE A4 8D 4F 34 D3 1B 4D 04 9D 12 80 00 55 97 ....O4..M.....U.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97 ..............U.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 160: 0D 00 00 00 00 00 00 10 00 00 00 00 ............
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PB-TNC SDATA batch
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PB-PA message (164 bytes)
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
containing a PA-TNC message with the 'DH Nonce Finish', 'Get TPM Version Information' and 'Get Attestation Identity Key'
attributes from the TCG namespace:
Feb 9 14:53:48 pin1212a00 charon: 14[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC message with ID 0x7b50c713
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 88 bytes @ 0x9137fdc
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 00 14 80 00 3B FF C4 8E 14 94 F3 24 19 1B A7 7B ....;......$...{
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 16: 7D FB 99 CE 06 96 CD AC 23 D3 17 57 50 20 20 22 }.......#..WP "
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 32: 85 9C BA 47 CF C6 F0 13 AD 40 38 4B AA 99 1D 6B ...G.....@8K...k
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 48: 2A C0 0E 20 93 49 29 86 FE 22 FC B9 10 B3 87 97 *.. .I).."......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 64: 53 AD 1A 9E 7D 9E 5C A0 75 4E D5 9E 92 FE A4 8D S...}.\.uN......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 80: 4F 34 D3 1B 4D 04 9D 12 O4..M...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 4 bytes @ 0x9138040
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 00 00 00 00 ....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 4 bytes @ 0x9138050
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 00 00 00 00 ....
The PTS-IMV reports that it selected SHA-1 as the DH hash algorithm and provides its 20 byte nonce and 32 byte public DH factor
so that the share DH secret can be computed:
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] selected DH hash algorithm is HASH_SHA1
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] initiator nonce: => 20 bytes @ 0x9138668
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 0: 7D 9E 5C A0 75 4E D5 9E 92 FE A4 8D 4F 34 D3 1B }.\.uN......O4..
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 16: 4D 04 9D 12 M...
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] responder nonce: => 20 bytes @ 0x91370d8
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 0: B9 FD DB 13 D2 BE 4E BA E2 FF 33 25 CD A0 C8 79 ......N...3%...y
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 16: AE 1A 51 D8 ..Q.
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] shared DH secret: => 32 bytes @ 0x9138ad0
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 0: 17 DE 46 03 F0 0F 07 4F E4 E5 07 1B A5 0C 35 36 ..F....O......56
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 16: F6 6B 7B EA A4 AF 4A E8 E2 BD 5E 19 C6 F5 AA 73 .k{...J...^....s
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] secret assessment value: => 20 bytes @ 0x9138250
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 0: CE 50 79 31 50 D6 FC 62 0F 99 D3 B8 C6 42 D0 B1 .Py1P..b.....B..
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] 16: 6E 06 C0 FB n...
Answering the 'Get TPM Version Information' request, the following TPM version info is returned in binary form:
Feb 9 14:53:48 pin1212a00 charon: 14[PTS] TPM 1.2 Version Info: Chip Version: 1.2.3.17, Spec Level: 2, Errata Rev: 2, Vendor ID: IFX
Besides the 'TPM Version Information' attribute, also the 'Attestation Identity Key' is included in the PA-TNC message to be forwarded to the PTS-IMV:
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC message with ID 0x9a1a8df2
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/TPM Version Information' 0x005597/0x09000000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 20 bytes @ 0x9138038
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 00 30 01 02 03 11 00 02 02 49 46 58 00 00 05 03 .0.......IFX....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 16: 11 00 08 00 ....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/Attestation Identity Key' 0x005597/0x0e000000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 1167 bytes @ 0x91398c8
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 00 30 82 04 8A 30 82 03 72 A0 03 02 01 02 02 10 .0...0..r.......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 16: 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C9 1B 24 28 3U.....Gxt....$(
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 32: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 0...*.H........0
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 48: 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76 P1.0...U....priv
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 64: 61 63 79 63 61 2E 63 6F 6D 31 36 30 34 06 03 55 acyca.com1604..U
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 80: 04 03 13 2D 50 72 69 76 61 63 79 20 43 41 20 49 ...-Privacy CA I
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 96: 6E 73 65 63 75 72 65 2F 55 6E 63 68 65 63 6B 65 nsecure/Unchecke
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 112: 64 20 41 49 4B 20 43 65 72 74 69 66 69 63 61 74 d AIK Certificat
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 128: 65 30 1E 17 0D 31 32 30 32 30 38 31 30 34 31 32 e0...12020810412
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 144: 30 5A 17 0D 31 33 30 32 30 38 31 30 34 31 32 30 0Z..130208104120
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 160: 5A 30 00 30 82 01 22 30 0D 06 09 2A 86 48 86 F7 Z0.0.."0...*.H..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 176: 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02 ...........0....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 192: 82 01 01 00 81 E3 38 7C 4D 46 70 CB D5 33 62 38 ......8|MFp..3b8
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 208: 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 C8 31 BD F6 P...(V.nq....1..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 224: FE 53 6A ED C8 54 0E 7C FB 00 98 80 D6 7D C7 57 .Sj..T.|.....}.W
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 240: D4 EC 24 93 59 48 1F DA 67 30 87 4F D3 59 B2 CA ..$.YH..g0.O.Y..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 256: A8 9D CE C9 27 9A 03 57 C0 FE 1F AB EE E5 C2 A8 ....'..W........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 272: C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 57 22 74 02 ......tM=..mW"t.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 288: F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA 4A FB D6 3D .A|.h.../WT.J..=
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 304: 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 F1 4B 01 FD 37...oP......K..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 320: 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A AB F4 85 09 f..z....QU......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 336: 74 24 64 03 DD 65 1C 26 2F 35 08 BF 57 D9 28 DA t$d..e.&/5..W.(.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 352: D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 F4 D5 D7 36 ..[...lC~......6
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 368: 1E 31 9A A8 42 10 7A F5 94 93 9C 8F BD 6D BC 66 .1..B.z......m.f
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 384: 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 08 EB D2 A6 .0...DM.m5d.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 400: 99 18 56 01 28 3B 26 94 FD 6F 7F AD 45 68 3C 8A ..V.(;&..o..Eh<.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 416: 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B C2 2B 19 8A }8..._v..^.K.+..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 432: 27 D9 80 3C C8 13 01 11 70 CC D6 EF 57 F3 EF 37 '..<....p...W..7
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 448: A2 E6 B5 49 02 03 01 00 01 A3 82 01 AE 30 82 01 ...I.........0..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 464: AA 30 37 06 03 55 1D 09 04 30 30 2E 30 16 06 05 .07..U...00.0...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 480: 67 81 05 02 10 31 0D 30 0B 0C 03 31 2E 31 02 01 g....1.0...1.1..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 496: 02 02 01 01 30 14 06 05 67 81 05 02 12 31 0B 30 ....0...g....1.0
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 512: 09 80 01 00 81 01 00 82 01 02 30 5D 06 03 55 1D ..........0]..U.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 528: 11 01 01 FF 04 53 30 51 A4 42 30 40 31 16 30 14 .....S0Q.B0@1.0.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 544: 06 05 67 81 05 02 01 0C 0B 69 64 3A 30 30 30 30 ..g......id:0000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 560: 30 30 30 30 31 12 30 10 06 05 67 81 05 02 02 0C 00001.0...g.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 576: 07 55 6E 6B 6E 6F 77 6E 31 12 30 10 06 05 67 81 .Unknown1.0...g.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 592: 05 02 03 0C 07 69 64 3A 30 30 30 30 A0 0B 06 05 .....id:0000....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 608: 67 81 05 02 0F A0 02 0C 00 30 0C 06 03 55 1D 13 g........0...U..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 624: 01 01 FF 04 02 30 00 30 81 E0 06 03 55 1D 20 01 .....0.0....U. .
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 640: 01 FF 04 81 D5 30 81 D2 30 67 06 0A 2B 06 01 04 .....0..0g..+...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 656: 01 81 E3 42 01 10 30 59 30 29 06 08 2B 06 01 05 ...B..0Y0)..+...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 672: 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 77 ......http://www
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 688: 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F 63 .privacyca.com/c
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 704: 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 30 ps/0,..+.......0
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 720: 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 20 ..TCPA Trusted
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 736: 50 6C 61 74 66 6F 72 6D 20 49 64 65 6E 74 69 74 Platform Identit
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 752: 79 30 67 06 04 55 1D 20 00 30 5F 30 25 06 08 2B y0g..U. .0_0%..+
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 768: 06 01 05 05 07 02 01 16 19 68 74 74 70 3A 2F 2F .........http://
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 784: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F www.privacyca.co
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 800: 6D 2F 30 36 06 08 2B 06 01 05 05 07 02 02 30 2A m/06..+.......0*
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 816: 0C 28 54 43 50 41 20 54 72 75 73 74 65 64 20 50 .(TCPA Trusted P
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 832: 6C 61 74 66 6F 72 6D 20 4D 6F 64 75 6C 65 20 45 latform Module E
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 848: 6E 64 6F 72 73 65 6D 65 6E 74 30 1F 06 03 55 1D ndorsement0...U.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 864: 23 04 18 30 16 80 14 B0 E5 97 E0 9B 23 75 B1 FD #..0........#u..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 880: BF 01 5E 72 BA 36 D4 48 32 A0 33 30 0D 06 09 2A ..^r.6.H2.30...*
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 896: 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 1D .H..............
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 912: 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A 01 7F 59 8D x7..7....=....Y.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 928: 24 A8 74 81 C9 79 A2 63 45 2C 04 0C B4 CD 7F B9 $.t..y.cE,......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 944: 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 B7 2A 8A 74 B..gg.E...~B.*.t
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 960: 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA 49 8C 7B 12 .....w......I.{.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 976: 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 20 F9 17 8A `U........;t ...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 992: 0F 47 2D 3C DB C4 05 67 3C F0 E0 33 A6 3C C5 0E .G-<...g<..3.<..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1008: C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A 7A 6B 84 BA ...n.j.;.;u.zk..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1024: 4A 69 6E AF 59 54 89 4A E5 07 D7 51 33 B9 9E AE Jin.YT.J...Q3...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1040: F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A DC 8D 55 46 .L..6...R..j..UF
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1056: E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA 26 58 2F D2 .....I.C..E.&X/.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1072: E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC CE 75 EA 92 .l........]..u..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1088: 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99 0B C5 9F 45 =..5..<........E
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1104: 75 00 23 5F C5 B9 AB 73 D8 57 39 80 AE 6D 58 98 u.#_...s.W9..mX.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1120: CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 6C 8F 25 23 ..)k....xq..l.%#
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1136: AD A4 C5 FB 70 56 46 84 39 45 01 E9 F9 83 7D DC ....pVF.9E....}.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1152: 5F D9 BB BF B1 08 2A 55 94 D6 0F 76 BD 73 EE _.....*U...v.s.
The TNC client packs this large PA-TNC message into an outgoing PB-TNC CDATA batch:
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] creating PB-TNC CDATA batch
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] adding PB-PA message
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] sending PB-TNC CDATA batch (1251 bytes) for Connection ID 1
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] => 1251 bytes @ 0x9139e20
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 0: 02 00 00 01 00 00 04 E3 80 00 00 00 00 00 00 01 ................
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 16: 00 00 04 DB 00 00 55 97 00 00 00 01 00 01 FF FF ......U.........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 32: 01 00 00 00 9A 1A 8D F2 00 00 55 97 09 00 00 00 ..........U.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 48: 00 00 00 20 00 30 01 02 03 11 00 02 02 49 46 58 ... .0.......IFX
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00 ..........U.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 80: 00 00 04 9B 00 30 82 04 8A 30 82 03 72 A0 03 02 .....0...0..r...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5 ....3U.....Gxt..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01 ..$(0...*.H.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D ...0P1.0...U....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 30 privacyca.com160
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 160: 34 06 03 55 04 03 13 2D 50 72 69 76 61 63 79 20 4..U...-Privacy
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68 CA Insecure/Unch
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 192: 65 63 6B 65 64 20 41 49 4B 20 43 65 72 74 69 66 ecked AIK Certif
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 208: 69 63 61 74 65 30 1E 17 0D 31 32 30 32 30 38 31 icate0...1202081
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 224: 30 34 31 32 30 5A 17 0D 31 33 30 32 30 38 31 30 04120Z..13020810
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A 4120Z0.0.."0...*
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 256: 86 48 86 F7 0D 01 01 01 05 00 03 82 01 0F 00 30 .H.............0
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 272: 82 01 0A 02 82 01 01 00 81 E3 38 7C 4D 46 70 CB ..........8|MFp.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 288: D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 .3b8P...(V.nq...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 304: C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB 00 98 80 .1...Sj..T.|....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 320: D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 30 87 4F .}.W..$.YH..g0.O
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 336: D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0 FE 1F AB .Y......'..W....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 352: EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D ..........tM=..m
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 368: 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA W"t..A|.h.../WT.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 384: 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 J..=37...oP.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 400: F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A .K..f..z....QU..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 416: AB F4 85 09 74 24 64 03 DD 65 1C 26 2F 35 08 BF ....t$d..e.&/5..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 432: 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 W.(...[...lC~...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 448: F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94 93 9C 8F ...6.1..B.z.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 464: BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 .m.f.0...DM.m5d.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 480: 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD 6F 7F AD ......V.(;&..o..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 496: 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B Eh<.}8..._v..^.K
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 512: C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70 CC D6 EF .+..'..<....p...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 528: 57 F3 EF 37 A2 E6 B5 49 02 03 01 00 01 A3 82 01 W..7...I........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 544: AE 30 82 01 AA 30 37 06 03 55 1D 09 04 30 30 2E .0...07..U...00.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 560: 30 16 06 05 67 81 05 02 10 31 0D 30 0B 0C 03 31 0...g....1.0...1
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 576: 2E 31 02 01 02 02 01 01 30 14 06 05 67 81 05 02 .1......0...g...
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 592: 12 31 0B 30 09 80 01 00 81 01 00 82 01 02 30 5D .1.0..........0]
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 608: 06 03 55 1D 11 01 01 FF 04 53 30 51 A4 42 30 40 ..U......S0Q.B0@
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 624: 31 16 30 14 06 05 67 81 05 02 01 0C 0B 69 64 3A 1.0...g......id:
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 640: 30 30 30 30 30 30 30 30 31 12 30 10 06 05 67 81 000000001.0...g.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 656: 05 02 02 0C 07 55 6E 6B 6E 6F 77 6E 31 12 30 10 .....Unknown1.0.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 672: 06 05 67 81 05 02 03 0C 07 69 64 3A 30 30 30 30 ..g......id:0000
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 688: A0 0B 06 05 67 81 05 02 0F A0 02 0C 00 30 0C 06 ....g........0..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 704: 03 55 1D 13 01 01 FF 04 02 30 00 30 81 E0 06 03 .U.......0.0....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 720: 55 1D 20 01 01 FF 04 81 D5 30 81 D2 30 67 06 0A U. ......0..0g..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 736: 2B 06 01 04 01 81 E3 42 01 10 30 59 30 29 06 08 +......B..0Y0)..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 752: 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 3A 2F +.........http:/
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 768: 2F 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 /www.privacyca.c
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 784: 6F 6D 2F 63 70 73 2F 30 2C 06 08 2B 06 01 05 05 om/cps/0,..+....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 800: 07 02 02 30 20 0C 1E 54 43 50 41 20 54 72 75 73 ...0 ..TCPA Trus
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 816: 74 65 64 20 50 6C 61 74 66 6F 72 6D 20 49 64 65 ted Platform Ide
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 832: 6E 74 69 74 79 30 67 06 04 55 1D 20 00 30 5F 30 ntity0g..U. .0_0
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 848: 25 06 08 2B 06 01 05 05 07 02 01 16 19 68 74 74 %..+.........htt
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 864: 70 3A 2F 2F 77 77 77 2E 70 72 69 76 61 63 79 63 p://www.privacyc
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 880: 61 2E 63 6F 6D 2F 30 36 06 08 2B 06 01 05 05 07 a.com/06..+.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 896: 02 02 30 2A 0C 28 54 43 50 41 20 54 72 75 73 74 ..0*.(TCPA Trust
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 912: 65 64 20 50 6C 61 74 66 6F 72 6D 20 4D 6F 64 75 ed Platform Modu
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 928: 6C 65 20 45 6E 64 6F 72 73 65 6D 65 6E 74 30 1F le Endorsement0.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 944: 06 03 55 1D 23 04 18 30 16 80 14 B0 E5 97 E0 9B ..U.#..0........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 960: 23 75 B1 FD BF 01 5E 72 BA 36 D4 48 32 A0 33 30 #u....^r.6.H2.30
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 976: 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 ...*.H..........
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 992: 01 01 00 1D 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A ....x7..7....=..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1008: 01 7F 59 8D 24 A8 74 81 C9 79 A2 63 45 2C 04 0C ..Y.$.t..y.cE,..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1024: B4 CD 7F B9 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 ....B..gg.E...~B
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1040: B7 2A 8A 74 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA .*.t.....w......
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1056: 49 8C 7B 12 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 I.{.`U........;t
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1072: 20 F9 17 8A 0F 47 2D 3C DB C4 05 67 3C F0 E0 33 ....G-<...g<..3
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1088: A6 3C C5 0E C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A .<.....n.j.;.;u.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1104: 7A 6B 84 BA 4A 69 6E AF 59 54 89 4A E5 07 D7 51 zk..Jin.YT.J...Q
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1120: 33 B9 9E AE F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A 3....L..6...R..j
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1136: DC 8D 55 46 E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA ..UF.....I.C..E.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1152: 26 58 2F D2 E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC &X/..l........].
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1168: CE 75 EA 92 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99 .u..=..5..<.....
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1184: 0B C5 9F 45 75 00 23 5F C5 B9 AB 73 D8 57 39 80 ...Eu.#_...s.W9.
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1200: AE 6D 58 98 CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 .mX...)k....xq..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1216: 6C 8F 25 23 AD A4 C5 FB 70 56 46 84 39 45 01 E9 l.%#....pVF.9E..
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1232: F9 83 7D DC 5F D9 BB BF B1 08 2A 55 94 D6 0F 76 ..}._.....*U...v
Feb 9 14:53:48 pin1212a00 charon: 14[TNC] 1248: BD 73 EE .s.
Feb 9 14:53:48 pin1212a00 charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 9 14:53:48 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
File Metadata and Measurement¶
This PB-TNC CDATA batch contains file metadata and measurement requests:
Feb 9 14:53:48 pin1212a00 charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 15[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 15[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 15[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500] Feb 9 14:53:48 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:48 pin1212a00 charon: 11[TNC] received TNCCS batch (263 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 263 bytes @ 0x9137b82 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 02 80 00 02 00 00 01 07 80 00 00 00 00 00 00 01 ................ Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 00 00 00 FF 00 00 55 97 00 00 00 01 FF FF 00 01 ......U......... Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 01 00 00 00 BE 57 A3 36 80 00 55 97 00 70 00 00 .....W.6..U..p.. Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 48: 00 00 00 1F 00 2F 00 00 2F 65 74 63 2F 74 6E 63 ...../../etc/tnc Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 64: 5F 63 6F 6E 66 69 67 80 00 55 97 00 C0 00 00 00 _config..U...... Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 80: 00 00 32 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F ..2.......//lib/ Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 96: 69 33 38 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C i386-linux-gnu/l Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 112: 69 62 64 6C 2E 73 6F 2E 32 80 00 55 97 00 C0 00 ibdl.so.2..U.... Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 128: 00 00 00 00 22 00 00 00 02 00 00 00 2F 2F 73 62 ....".......//sb Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 144: 69 6E 2F 69 70 74 61 62 6C 65 73 80 00 55 97 00 in/iptables..U.. Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 160: C0 00 00 00 00 00 28 00 00 00 03 00 00 00 2F 2F ......(.......// Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 176: 6C 69 62 2F 6C 69 62 78 74 61 62 6C 65 73 2E 73 lib/libxtables.s Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 192: 6F 2E 35 80 00 55 97 00 C0 00 00 00 00 00 21 80 o.5..U........!. Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 208: 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61 62 ......//lib/xtab Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 224: 6C 65 73 2F 80 00 55 97 00 C0 00 00 00 00 00 23 les/..U........# Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 240: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70 .......//sbin/ip Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 256: 36 74 61 62 6C 65 73 6tables Feb 9 14:53:48 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PB-TNC SDATA batch
Again the PTS-IMC is subscribed to this PB-PA message type:
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PB-PA message (255 bytes) Feb 9 14:53:48 pin1212a00 charon: 11[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
The PA-TNC message consists of one 'Request File Metadata' and five 'Request File Measurement' attributes:
Feb 9 14:53:48 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC message with ID 0xbe57a336 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Metadata' 0x005597/0x00700000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 19 bytes @ 0x9138714 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 2F 00 00 2F 65 74 63 2F 74 6E 63 5F 63 6F 6E ./../etc/tnc_con Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 66 69 67 fig Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 38 bytes @ 0x9138733 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F 69 33 38 .......//lib/i38 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C 69 62 64 6-linux-gnu/libd Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 6C 2E 73 6F 2E 32 l.so.2 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 22 bytes @ 0x9138765 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 02 00 00 00 2F 2F 73 62 69 6E 2F 69 70 .......//sbin/ip Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 74 61 62 6C 65 73 tables Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 28 bytes @ 0x9138787 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 03 00 00 00 2F 2F 6C 69 62 2F 6C 69 62 .......//lib/lib Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 78 74 61 62 6C 65 73 2E 73 6F 2E 35 xtables.so.5 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 21 bytes @ 0x91387af Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 80 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61 .......//lib/xta Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 62 6C 65 73 2F bles/ Feb 9 14:53:48 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 23 bytes @ 0x91387d0 Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70 .......//sbin/ip Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 36 74 61 62 6C 65 73 6tables
The metadata for /etc/tnc_config is retrieved and the SHA-1 hash values for the four file measurement requests are computed.
Measurement request 4 is for the contents of a directory which generates quite some work.
Feb 9 14:53:48 pin1212a00 charon: 11[IMC] metadata request for file '/etc/tnc_config' Feb 9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 1 for file '/lib/i386-linux-gnu/libdl.so.2' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 40:9b:b1:a9:7e:26:ea:11:44:cd:d6:80:1b:81:59:f1:7f:37:6b:8f for 'libdl.so.2' Feb 9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 2 for file '/sbin/iptables' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] ff:6d:ec:a0:ee:b7:a2:57:20:5c:5f:0a:b5:f5:d8:21:ea:18:40:98 for 'iptables' Feb 9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 3 for file '/lib/libxtables.so.5' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 7a:3c:a7:21:58:e6:0b:0c:91:e4:8a:42:08:48:f1:b6:93:ae:a2:6c for 'libxtables.so.5' Feb 9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 4 for directory '/lib/xtables/' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 18:36:41:80:9a:27:b0:8f:fe:59:c1:38:8c:da:6c:41:4b:dc:e6:d6 for 'libxt_tos.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 47:52:53:2c:b9:41:a1:fd:98:11:4c:2f:99:9e:b6:16:98:bd:df:35 for 'libip6t_eui64.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] ee:9b:c9:37:a8:db:06:d4:ba:a2:14:7b:47:8e:ac:af:fe:8c:c8:f7 for 'libipt_realm.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 32:d4:43:76:1a:af:13:ef:8b:3c:d7:86:9a:f9:0b:57:a7:44:58:25 for 'libxt_connlimit.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 20:cf:56:e5:ce:52:11:72:29:f5:5e:1e:ad:52:31:a7:66:b2:dd:5c for 'libxt_hashlimit.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19 for 'libxt_mark.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] dd:7b:c0:9b:d9:94:25:a1:e3:6b:69:a1:19:60:a9:00:37:e2:98:79 for 'libxt_TOS.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] fc:ca:5d:a6:7d:11:c7:ad:fd:f8:49:88:b0:96:b0:20:f9:0e:77:8a for 'libip6t_rt.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 24:15:12:c0:4d:81:6c:c8:91:10:f1:c0:fd:ab:39:d4:97:ad:9f:1b for 'libxt_TPROXY.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 44:92:7e:1b:2d:34:c5:d9:45:b8:13:33:8c:ca:41:98:3c:be:20:f7 for 'libxt_dscp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] f2:b9:91:45:6c:6b:6e:55:04:03:d4:66:5c:13:d6:c2:3e:a9:f4:a3 for 'libxt_SET.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 2d:0d:d5:0b:f5:10:78:05:b7:f9:35:c7:2f:94:c9:ba:a2:01:22:b0 for 'libxt_quota.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] b5:99:55:3b:bd:35:be:b4:f9:93:90:33:f4:4b:65:3d:ad:ba:5e:9c for 'libxt_statistic.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 9f:b6:70:dc:86:7c:58:b5:83:ef:59:a0:c8:1b:56:35:1d:6b:2c:4b for 'libxt_IDLETIMER.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 6c:0b:2d:f4:fc:4c:91:22:b5:76:2a:e1:40:d5:3f:dd:1c:f9:e8:9b for 'libxt_conntrack.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 3d:c5:69:0b:31:f0:69:93:3c:cc:14:e4:3f:7c:09:da:a3:e0:09:8d for 'libxt_mac.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] f7:d6:a5:d8:5a:32:98:d2:1c:ec:71:37:d9:47:da:90:c4:55:e4:6b for 'libxt_rateest.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] d0:27:a6:aa:de:8b:34:d2:72:d5:f2:23:5d:81:78:83:90:40:48:13 for 'libxt_DSCP.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] af:75:74:c5:d6:74:4d:fa:2e:2d:8c:d0:c4:f4:cc:f7:06:42:20:30 for 'libipt_NETMAP.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 2c:19:75:6c:4a:35:48:68:d0:50:a6:58:32:e7:c1:36:b4:a9:94:c3 for 'libxt_LED.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] e2:f7:b9:2a:bd:a7:69:f8:27:96:f5:7a:29:80:18:70:58:5d:ce:a3 for 'libipt_SNAT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 0f:c1:21:24:64:f3:b1:b9:73:eb:c0:6c:19:90:bb:b9:88:fe:cc:8a for 'libipt_CLUSTERIP.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 2e:a8:67:ef:38:48:b8:a0:2d:a4:d3:99:4b:1f:0e:bc:db:5c:9e:80 for 'libxt_comment.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] f9:e3:53:1a:bb:67:a0:20:cf:66:7d:46:ca:82:36:75:dd:0a:0d:d4 for 'libxt_MARK.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 5a:eb:2e:92:6c:bd:3c:95:fe:82:25:e0:b3:ef:87:3a:3d:19:42:4b for 'libipt_MIRROR.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 33:9a:58:a1:b3:13:83:0c:3c:c7:4c:b3:fb:52:a5:b8:15:2f:44:e6 for 'libxt_esp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 3e:f9:01:0e:e2:24:7c:f2:d7:64:1c:f0:4f:0c:a7:32:d0:fd:e8:68 for 'libxt_NOTRACK.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] d6:c8:df:ba:ae:7a:b2:8b:5c:ef:26:26:a2:af:3f:99:a6:ea:43:65 for 'libipt_LOG.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 06:5d:f7:20:d2:c2:86:71:72:8a:96:33:53:0d:e5:94:cf:bf:e8:97 for 'libxt_recent.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 2d:32:ef:93:12:6a:bf:8c:66:0d:57:c6:7e:50:76:c6:39:4c:ab:e8 for 'libxt_policy.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 71:40:3f:f1:c6:ca:92:7a:ba:1d:c6:8c:8e:52:a6:76:ae:c1:c9:70 for 'libxt_RATEEST.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 22:35:fe:d7:aa:6b:9a:8b:9b:db:7f:db:34:9a:35:9f:01:c1:b4:01 for 'libxt_u32.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 53:0e:8c:15:15:4a:da:bc:f7:39:c5:e2:46:ba:15:36:6f:05:b3:6b for 'libipt_ah.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 9a:d0:87:53:a6:70:8e:1d:60:da:ce:3a:58:ef:44:00:27:70:a6:bd for 'libipt_unclean.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] aa:d3:68:ae:62:e7:d0:1d:a3:3e:a7:8e:1a:7c:1a:1f:18:2a:6a:d4 for 'libxt_dccp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] ab:78:0c:51:34:7b:ff:66:9c:97:1e:f2:c7:0b:06:d9:bd:78:7b:c9 for 'libxt_connmark.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 36:1d:6f:75:96:07:ad:c4:0d:6f:e0:af:7d:3f:91:57:94:a4:db:b0 for 'libipt_ECN.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 42:4c:99:a6:21:e1:19:c8:8b:f7:0e:78:ff:b6:4c:6d:72:db:7b:51 for 'libxt_NFQUEUE.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 8f:d3:f5:95:98:1c:49:89:61:fc:94:67:83:0d:dd:37:20:08:c0:85 for 'libxt_physdev.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 38:e9:ff:af:cf:02:73:6d:6b:9c:5e:b4:03:c5:d5:26:12:a4:64:16 for 'libxt_SECMARK.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 5d:93:68:d5:e3:ea:c0:93:d6:dc:ba:d5:c0:24:ed:3d:56:66:68:c2 for 'libxt_length.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 7a:b7:2f:5e:8e:54:89:e6:d3:aa:3d:4f:8b:ac:d0:f9:3a:71:4b:e2 for 'libxt_TRACE.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 5c:3a:42:5d:c4:25:60:8c:21:f7:3a:58:de:45:90:43:3a:e4:19:ad for 'libipt_ULOG.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] d6:0e:93:16:f6:2d:46:bd:1d:6b:f9:b7:34:d3:ac:7e:40:2f:29:30 for 'libipt_ttl.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 73:d7:5e:80:9f:53:fc:84:40:73:08:db:52:89:3f:3d:31:83:53:10 for 'libxt_limit.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c for 'libipt_DNAT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] aa:9a:5b:58:cb:d0:53:5b:ce:8d:d9:e4:f2:d8:d3:25:38:ce:24:72 for 'libxt_tcpmss.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 51:f1:be:7e:59:08:62:a2:c2:5f:29:f4:c5:ef:01:f0:52:df:2a:c5 for 'libipt_REDIRECT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] a0:7e:a0:ae:3d:00:8f:37:97:c5:67:e6:29:cb:73:79:cb:15:02:ed for 'libipt_addrtype.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 3e:1c:20:2b:10:37:cc:24:54:fd:0d:cc:cc:40:e3:15:71:63:0d:9f for 'libxt_CONNMARK.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] c5:22:71:d3:8f:10:56:78:d4:cd:0c:3c:04:0a:21:cc:db:24:57:e3 for 'libxt_pkttype.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 6c:f9:db:a7:25:ac:38:d3:be:ff:dc:d8:f6:65:5b:d5:f4:66:6d:25 for 'libipt_icmp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 37:d6:ae:25:19:77:21:4d:7a:d1:c2:95:80:94:24:af:1e:8e:76:b1 for 'libxt_set.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] e3:58:f5:3f:5c:4b:73:df:16:22:e8:16:41:d9:18:f9:23:ab:c6:2c for 'libxt_cluster.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 11:ce:3b:45:fe:b3:e6:6a:75:49:0d:42:ba:95:07:1a:c6:f4:0a:7f for 'libxt_udp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] c1:66:c2:84:d3:95:78:3a:48:d3:02:c9:61:cb:60:d7:ec:e7:68:ab for 'libxt_multiport.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 29:8a:18:85:82:22:26:dc:be:b2:e9:08:f2:b2:69:b7:a8:27:1a:66 for 'libxt_CLASSIFY.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] c6:3e:0e:cc:c2:03:94:f9:3d:49:25:3b:33:0d:f3:2c:47:ff:d9:96 for 'libxt_CT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 23:29:6f:48:27:6e:16:0b:6d:99:b1:b4:2a:91:14:df:72:0b:b1:ab for 'libip6t_LOG.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 48:a5:5a:a0:dc:11:94:af:63:ba:01:62:00:1c:e1:e9:b3:77:b1:59 for 'libxt_TEE.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 86:6c:55:30:ae:45:69:1b:3c:4e:08:ba:29:3b:33:26:e8:ff:1f:b3 for 'libip6t_frag.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 39:09:5f:23:c9:34:72:21:57:5d:a8:a1:30:41:cc:7b:dc:de:73:54 for 'libxt_cpu.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 00:32:1b:d8:00:d7:08:2f:0d:ee:78:ef:a1:66:1e:24:6c:3d:aa:b4 for 'libxt_iprange.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] a3:45:6c:85:20:bf:0b:c3:f0:ee:0a:1c:80:03:21:c0:19:b4:a8:82 for 'libxt_standard.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 24:f6:13:0d:e2:e5:bb:94:30:b7:1a:aa:e5:c9:42:47:b3:b6:ea:91 for 'libip6t_hl.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 56:7e:01:c5:09:23:ab:1c:19:03:b6:fb:84:9f:a6:8f:19:63:0c:a3 for 'libip6t_HL.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] fd:d2:27:82:6f:c2:9d:b7:d1:b6:ed:2b:e4:14:52:14:f3:92:16:cd for 'libipt_TTL.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 69:47:c7:94:45:0c:04:df:1c:c8:e4:17:15:ce:3d:24:7f:c5:16:c9 for 'libxt_connbytes.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] f8:93:2b:81:16:dd:d4:cf:0f:d5:f5:52:88:18:f2:1a:df:90:cb:74 for 'libxt_ipvs.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 3e:f8:a5:fd:8a:e2:28:77:84:ae:7e:dc:f8:4f:bf:b5:24:b4:97:bb for 'libxt_CONNSECMARK.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 18:fa:a3:14:df:37:fc:d0:1b:9f:1a:ea:6f:db:f0:70:c8:38:b6:a6 for 'libxt_state.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 4e:05:db:c9:87:2d:6c:6d:af:38:45:8b:35:b1:ba:6d:6a:94:d2:1f for 'libip6t_REJECT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 47:e0:cf:82:a1:21:16:d6:8a:a6:42:39:c4:9a:23:aa:b6:cb:35:f4 for 'libxt_string.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 33:d0:40:bc:0c:64:d3:8b:99:7b:fa:ee:ae:04:59:07:c5:2b:e6:70 for 'libxt_owner.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 2b:07:68:91:49:e0:7c:ed:d6:d3:77:49:3d:17:68:ff:23:78:ac:b8 for 'libip6t_ipv6header.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 7f:cd:3d:b6:df:87:13:c0:e7:c7:2d:ad:d7:04:55:99:a7:49:f2:a0 for 'libipt_REJECT.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 95:3b:e7:07:c1:5b:15:80:a3:bb:ed:4c:7e:4c:22:1e:2d:58:44:ff for 'libxt_CHECKSUM.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 5d:32:1b:a9:90:9d:a2:38:b6:de:15:0b:0d:10:33:7c:16:cf:4c:e4 for 'libxt_TCPOPTSTRIP.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] e2:db:af:67:88:9b:bd:1f:f0:fb:da:b8:4e:00:e2:87:53:9d:61:ed for 'libxt_helper.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 9d:96:65:a3:38:9e:3f:67:a8:15:3f:a1:c3:7b:59:68:85:a4:09:b9 for 'libipt_SAME.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] a6:06:e1:bb:12:92:88:f1:90:0d:57:88:1c:3e:ac:ee:e7:27:ec:64 for 'libxt_socket.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 3b:1c:fb:8c:71:c9:04:be:b5:57:19:34:87:91:5f:f5:82:6a:33:47 for 'libipt_ecn.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 1d:74:0a:bd:38:f9:f4:bc:81:ca:43:4a:0e:25:b6:e2:17:04:24:8b for 'libxt_tcp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 5a:0d:07:ab:03:66:03:a7:67:59:e5:f6:1f:7d:04:f2:d3:c0:56:cc for 'libipt_MASQUERADE.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 45:8a:e7:fc:05:34:ef:2a:eb:d5:6f:ce:4d:26:db:10:bd:7f:63:a4 for 'libip6t_hbh.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 1c:b5:30:10:26:19:6e:d1:d2:6f:9c:7f:92:f3:6f:b1:ee:39:48:41 for 'libxt_time.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 42:2c:14:1e:ab:57:e9:c9:a8:0a:3c:7b:31:c2:6a:d4:d0:b5:ed:07 for 'libip6t_ah.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] c9:16:92:db:c9:06:c0:de:e9:7c:b9:6e:ba:fd:6e:f1:ff:cc:4d:1b for 'libip6t_icmp6.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 28:e0:5c:e1:9a:52:ab:16:23:71:cb:5c:14:8f:b1:6e:c7:c3:4a:d6 for 'libxt_NFLOG.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] ac:87:0e:51:06:2d:69:a6:b1:9a:71:e5:1d:19:4b:9b:0c:29:51:cf for 'libip6t_dst.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 34:3d:51:24:47:fc:02:22:63:19:9f:d2:3f:7b:21:6b:46:e0:1e:b3 for 'libxt_sctp.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 7f:f7:ef:5a:4e:01:de:31:18:5d:79:cc:d9:a3:14:a6:a1:2d:3a:65 for 'libxt_TCPMSS.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] ca:1e:da:79:68:a9:0f:6c:c9:14:0a:bd:d1:d1:77:11:6b:69:97:e1 for 'libxt_osf.so' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 32:7f:fa:63:fc:c0:8e:14:e5:64:6b:78:ac:e3:76:94:3a:95:12:7a for 'libip6t_mh.so' Feb 9 14:53:48 pin1212a00 charon: 11[IMC] measurement request 5 for file '/sbin/ip6tables' Feb 9 14:53:48 pin1212a00 charon: 11[PTS] 8a:7c:41:16:7b:c0:fc:c1:de:c8:32:9a:86:8b:a2:65:c2:38:57:f5 for 'ip6tables'
Packed into one 'Unix-Style File Metadata' and four 'File Measurement' attributes the measured file data is returned to the TNC server:
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC message with ID 0x9fbf7882
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/Unix-Style File Metadata' 0x005597/0x00900000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 70 bytes @ 0x9132e30
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 01 00 3E 08 00 00 00 00 00 .........>......
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 00 00 00 6C 00 00 00 00 4F 2F F3 66 00 00 00 00 ...l....O/.f....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 4F 2F F3 66 00 00 00 00 4F 33 BD 1C 00 00 00 00 O/.f....O3......
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 74 6E 63 5F ............tnc_
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 64: 63 6F 6E 66 69 67 config
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 44 bytes @ 0x9138680
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 01 00 01 00 14 40 9B B1 A9 ............@...
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 7E 26 EA 11 44 CD D6 80 1B 81 59 F1 7F 37 6B 8F ~&..D.....Y..7k.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 00 0A 6C 69 62 64 6C 2E 73 6F 2E 32 ..libdl.so.2
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 42 bytes @ 0x91323d0
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0 .............m..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: EE B7 A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98 ...W \_....!..@.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 00 08 69 70 74 61 62 6C 65 73 ..iptables
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 49 bytes @ 0x91387b8
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 01 00 03 00 14 7A 3C A7 21 ............z<.!
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6 93 AE A2 6C X......B.H.....l
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 00 0F 6C 69 62 78 74 61 62 6C 65 73 2E 73 6F 2E ..libxtables.so.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 48: 35 5
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 3475 bytes @ 0x9139510
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41 80 .......^.....6A.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6 D6 .'...Y.8..lAK...
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47 52 ..libxt_tos.soGR
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 48: 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98 BD S,.A....L/......
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 64: DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69 36 .5..libip6t_eui6
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 80: 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14 7B 4.so...7.......{
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 96: 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70 74 G.........libipt
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 112: 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF 13 _realm.so2.Cv...
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 128: EF 8B 3C D7 86 9A F9 0B 57 A7 44 58 25 00 12 6C ..<.....W.DX%..l
--------------- truncated attribute ----------------
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 43 bytes @ 0x913a2a8
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 00 00 00 00 00 00 00 01 00 05 00 14 8A 7C 41 16 .............|A.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 7B C0 FC C1 DE C8 32 9A 86 8B A2 65 C2 38 57 F5 {.....2....e.8W.
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 00 09 69 70 36 74 61 62 6C 65 73 ..ip6tables
All data is packed into a huge PB-TNC CDATA batch spanning four IKEv2 UDP datagrams:
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] creating PB-TNC CDATA batch
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] adding PB-PA message
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] sending PB-TNC CDATA batch (3835 bytes) for Connection ID 1
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] => 3835 bytes @ 0x9139e98
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 0: 02 00 00 01 00 00 0E FB 80 00 00 00 00 00 00 01 ................
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 16: 00 00 0E F3 00 00 55 97 00 00 00 01 00 01 FF FF ......U.........
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 32: 01 00 00 00 9F BF 78 82 80 00 55 97 00 90 00 00 ......x...U.....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 48: 00 00 00 52 00 00 00 00 00 00 00 01 00 3E 08 00 ...R.........>..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 64: 00 00 00 00 00 00 00 6C 00 00 00 00 4F 2F F3 66 .......l....O/.f
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 80: 00 00 00 00 4F 2F F3 66 00 00 00 00 4F 33 BD 1C ....O/.f....O3..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 112: 74 6E 63 5F 63 6F 6E 66 69 67 80 00 55 97 00 D0 tnc_config..U...
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 128: 00 00 00 00 00 38 00 00 00 00 00 00 00 01 00 01 .....8..........
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 144: 00 14 40 9B B1 A9 7E 26 EA 11 44 CD D6 80 1B 81 ..@...~&..D.....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 160: 59 F1 7F 37 6B 8F 00 0A 6C 69 62 64 6C 2E 73 6F Y..7k...libdl.so
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 176: 2E 32 80 00 55 97 00 D0 00 00 00 00 00 36 00 00 .2..U........6..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 192: 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0 EE B7 ...........m....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 208: A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98 00 08 .W \_....!..@...
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 224: 69 70 74 61 62 6C 65 73 80 00 55 97 00 D0 00 00 iptables..U.....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 240: 00 00 00 3D 00 00 00 00 00 00 00 01 00 03 00 14 ...=............
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 256: 7A 3C A7 21 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6 z<.!X......B.H..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 272: 93 AE A2 6C 00 0F 6C 69 62 78 74 61 62 6C 65 73 ...l..libxtables
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 288: 2E 73 6F 2E 35 80 00 55 97 00 D0 00 00 00 00 0D .so.5..U........
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 304: 9F 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41 ........^.....6A
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 320: 80 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6 ..'...Y.8..lAK..
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 336: D6 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47 ...libxt_tos.soG
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 352: 52 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98 RS,.A....L/.....
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 368: BD DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69 ..5..libip6t_eui
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 384: 36 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14 64.so...7.......
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 400: 7B 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70 {G.........libip
Feb 9 14:53:48 pin1212a00 charon: 11[TNC] 416: 74 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF t_realm.so2.Cv..
----------------- truncated batch ------------------
Feb 9 14:53:48 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 9 14:53:48 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:48 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:48 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:48 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:48 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 13 [ EAP/REQ/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 14 [ EAP/RES/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:48 pin1212a00 charon: 10[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:48 pin1212a00 charon: 10[ENC] parsed IKE_AUTH response 14 [ EAP/REQ/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 10[ENC] generating IKE_AUTH request 15 [ EAP/RES/TTLS ]
Feb 9 14:53:48 pin1212a00 charon: 10[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Functional Component Evidence¶
The final PB-TNC SDATA batch arrives from the TNC server:
Feb 9 14:53:48 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:48 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 15 [ EAP/REQ/TTLS ] Feb 9 14:53:48 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:48 pin1212a00 charon: 12[TNC] received TNCCS batch (92 bytes) for Connection ID 1 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 92 bytes @ 0x9132af2 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 02 80 00 02 00 00 00 5C 80 00 00 00 00 00 00 01 .......\........ Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 16: 00 00 00 54 00 00 55 97 00 00 00 01 FF FF 00 01 ...T..U......... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 32: 01 00 00 00 DA 91 A1 B4 80 00 55 97 00 10 00 00 ..........U..... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 48: 00 00 00 24 10 00 00 00 00 90 2A 21 00 00 00 03 ...$......*!.... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 64: 10 00 00 00 00 90 2A 21 00 00 00 02 80 00 55 97 ......*!......U. Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 80: 00 20 00 00 00 00 00 10 00 00 00 00 . .......... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working' Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch
Again the PTS-IMC is subscribed to this PB-PA message type:
Per subscription the PTS-IMC receives this PB-PA message type: Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-PA message (84 bytes) Feb 9 14:53:48 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
The PA-TNC message contains a 'Request Functional Component Evidence' and a final 'Generate Attestation Evidence' attribute from the TCG namespace:
Feb 9 14:53:48 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0xda91a1b4 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Request Functional Component Evidence' 0x005597/0x00100000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 24 bytes @ 0x91384bc Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 10 00 00 00 00 90 2A 21 00 00 00 03 10 00 00 00 ......*!........ Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 16: 00 90 2A 21 00 00 00 02 ..*!.... Feb 9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Generate Attestation Evidence' 0x005597/0x00200000 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x91384e0 Feb 9 14:53:48 pin1212a00 charon: 12[TNC] 0: 00 00 00 00 ....
The first of the ordered evidence request is for the Linux IMA functional component defined in the ITA-HSR namespace which verifies the 27 measurements extended into PCRs 0..11 during the pre-boot process.
Feb 9 14:53:48 pin1212a00 charon: 12[IMC] evidence requested for 2 functional components Feb 9 14:53:48 pin1212a00 charon: 12[PTS] * ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] loaded bios measurements '/sys/kernel/security/tpm0/binary_bios_measurements' (27 entries) Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 extended with: c4:2f:ed:ad:26:82:00:cb:1d:15:f9:78:41:c3:44:e7:9d:ae:33:20 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 after value : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 extended with: e4:73:a3:20:09:19:84:8c:04:f5:cb:4b:32:d3:9a:55:7e:8f:87:09 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 before value : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 after value : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 extended with: 5f:62:1b:65:d8:dc:5c:10:05:e9:ef:e2:71:42:c3:01:4a:c1:74:20 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 after value : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 extended with: c4:44:e3:23:0e:0b:f1:f5:21:b1:b2:b3:56:fe:3e:a0:05:38:7f:f7 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 after value : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 extended with: 13:87:18:5a:92:ca:4f:ba:8a:31:fb:b7:a4:6a:c4:57:76:0a:19:35 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 before value : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 after value : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 extended with: 86:ac:7f:d5:c5:12:8c:3e:d6:bb:16:38:7e:53:08:ae:b5:26:18:4e Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 before value : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 after value : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 extended with: 26:d0:e4:c7:cf:a9:20:e2:ce:26:7d:ba:86:c9:70:6e:d9:a8:6c:8d Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 before value : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 after value : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 extended with: 05:d4:2f:27:12:07:af:f9:7d:e1:f3:12:77:4d:ac:da:95:74:74:7a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 after value : b0:5b:cd:50:47:bf:36:0c:2d:bb:a2:7a:5d:a5:ee:66:17:72:a2:0c Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 extended with: c1:8b:03:f7:c7:b5:d6:8b:82:56:61:21:72:e8:60:df:34:cb:4d:6d Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 before value : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 after value : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 extended with: cd:0f:db:45:31:a6:ec:41:be:27:53:ba:04:26:37:d6:e5:f7:f2:56 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 after value : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 before value : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 0 after value : 61:d7:c2:06:bd:93:7c:91:82:0f:76:18:c6:17:97:c2:1c:cd:13:13 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 before value : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 1 after value : 50:0b:2f:05:3d:65:11:23:d4:bd:42:91:a6:9b:99:f3:19:c5:79:c9 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 before value : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 2 after value : de:eb:6e:c1:78:fc:05:ad:c9:a7:fa:d8:ca:63:3a:34:a4:7e:04:da Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 3 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 3 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 3 after value : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 after value : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 before value : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 after value : 60:4f:c6:60:10:07:dd:33:ff:5f:30:ab:6d:33:d0:c3:2c:c6:af:af Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 before value : b0:5b:cd:50:47:bf:36:0c:2d:bb:a2:7a:5d:a5:ee:66:17:72:a2:0c Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 6 after value : 78:cd:77:59:86:6a:77:d0:31:03:c2:03:5b:f7:dc:7e:61:dc:19:2e Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 7 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 7 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 7 after value : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 extended with: c1:e2:5c:3f:6b:0d:c7:8d:57:29:6a:a2:87:0c:a6:f7:82:cc:f8:0f Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 before value : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 after value : a4:95:bd:4b:42:a1:fa:26:c3:9f:3f:24:94:08:2b:9f:e1:71:07:ab Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 extended with: 38:f3:0a:0a:96:7f:cf:2b:fe:e1:e3:b2:97:1d:e5:40:11:50:48:c8 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 before value : a4:95:bd:4b:42:a1:fa:26:c3:9f:3f:24:94:08:2b:9f:e1:71:07:ab Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 after value : 54:09:48:d7:c0:27:e8:cc:e2:51:66:68:28:05:52:c3:92:bb:50:8b Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 extended with: 4f:41:2e:ce:7c:55:d6:ae:55:b5:a6:4f:66:01:18:7e:25:b9:af:fc Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 before value : 54:09:48:d7:c0:27:e8:cc:e2:51:66:68:28:05:52:c3:92:bb:50:8b Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 after value : 9b:66:c2:3e:b2:e3:8b:ae:0d:ad:be:4b:fa:bc:e8:62:9e:33:6e:48 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 extended with: 43:79:a3:d4:30:19:b4:6f:a3:57:f7:dd:6a:53:b4:5a:3c:a8:fb:79 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 before value : 9b:66:c2:3e:b2:e3:8b:ae:0d:ad:be:4b:fa:bc:e8:62:9e:33:6e:48 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 4 after value : cf:a3:54:3c:7f:39:22:69:bd:c0:d5:bf:29:05:f1:be:8b:b2:dd:7d Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 extended with: 88:55:13:eb:0e:f1:a5:0b:09:33:40:0e:4a:10:35:74:97:3b:e8:5c Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 before value : 60:4f:c6:60:10:07:dd:33:ff:5f:30:ab:6d:33:d0:c3:2c:c6:af:af Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 5 after value : cd:eb:78:a0:cc:80:28:ba:b5:78:f2:f8:5f:3a:f9:1f:03:57:78:a4 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 8 extended with: 1a:84:80:3d:29:14:e0:3a:12:c8:33:ff:80:bc:ca:1f:b6:72:90:53 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 8 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 8 after value : 1d:2f:36:17:44:32:ec:df:99:e8:4d:ae:e2:bc:c7:d3:13:1c:0f:bf Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 9 extended with: ee:d2:09:89:f6:f6:53:9c:d6:57:cf:a8:df:a5:d6:67:23:c4:e2:b4 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 9 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 9 after value : 03:c2:d5:f2:25:d1:cc:e2:38:25:ee:4d:42:37:9c:85:b8:55:a5:49 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 10 extended with: cc:db:51:f8:01:b3:39:cd:5c:b3:6b:54:19:9a:36:b0:98:d2:45:f1 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 10 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 10 after value : c8:34:e9:1e:6c:d2:9d:77:a0:bb:d8:85:e7:70:6a:da:56:00:a6:ee Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 11 extended with: 90:69:ca:78:e7:45:0a:28:51:73:43:1b:3e:52:c5:c2:52:99:e4:73 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 11 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 11 after value : b2:a8:3b:0e:bf:2f:83:74:29:9a:5b:2b:df:c3:1e:a9:55:ad:72:36
The second evidence request is for the Trusted Boot functional component also defined in the ITA-HSR namespace which verifies the MLE measurements extended into PCRs 17 and 18 by Intel's TXT instruction used by Trusted Boot. This component hasn't been fully implemented yet, so dummy measurements values defined in /etc/strongswan.conf are used.
Feb 9 14:53:48 pin1212a00 charon: 12[PTS] * ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 09 14:53:48 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 17 extended with: d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 17 before value : 17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17:17 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 17 after value : ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff Feb 9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Trusted Boot' [K.] 'Trusted Platform' Feb 9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 09 14:53:48 2012 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 18 extended with: 16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 18 before value : 18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18:18 Feb 9 14:53:48 pin1212a00 charon: 12[PTS] PCR 18 after value : ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff
TPM Quote Signature¶
The latest states of all PCRs involved in the previous functional component evidence measurements are put into a 'PCR Composite' structure, hashed and then signed by the TPM with a Quote Signature operation:
Feb 9 14:53:51 pin1212a00 charon: 12[PTS] Hash of PCR Composite: 2f:74:7e:f8:bb:01:a1:ac:76:72:8f:77:4b:79:1d:90:ed:79:e1:f2 Feb 9 14:53:51 pin1212a00 charon: 12[PTS] TPM Quote Info: => 52 bytes @ 0x913b758 Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 0: 00 36 51 55 54 32 CE 50 79 31 50 D6 FC 62 0F 99 .6QUT2.Py1P..b.. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 16: D3 B8 C6 42 D0 B1 6E 06 C0 FB 00 03 FF 0F 06 01 ...B..n......... Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 32: 2F 74 7E F8 BB 01 A1 AC 76 72 8F 77 4B 79 1D 90 /t~.....vr.wKy.. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 48: ED 79 E1 F2 .y.. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] TPM Quote Signature: => 256 bytes @ 0x913bdf0 Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 0: 15 15 A4 25 DB 19 B5 77 29 5B 55 CE 13 8A 4F 13 ...%...w)[U...O. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 16: D9 A9 F4 DB 00 3E 9E FA D3 4A 8C DB 97 50 6B 57 .....>...J...PkW Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 32: 52 65 04 8E AD 0F F6 BC C1 61 13 C0 60 38 DA 56 Re.......a..`8.V Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 48: C8 9B 8C 24 8C 36 20 97 C4 95 CD A4 0E C1 C4 54 ...$.6 ........T Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 64: 3A 20 5E 86 D1 B9 B7 D8 85 77 77 D3 50 D2 90 0D : ^......ww.P... Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 80: D8 34 7D 12 03 DC 7A D1 C9 AB 26 0B 64 74 A5 F4 .4}...z...&.dt.. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 96: B5 9D 20 31 DA 68 BA 9E BC 60 D5 B8 0D E8 E4 EE .. 1.h...`...... Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 112: 67 E4 63 FB C8 8F 99 B4 45 99 EB F8 C7 60 93 95 g.c.....E....`.. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 128: BD 29 F0 5C 29 9E 03 C1 78 19 31 F1 84 C1 57 23 .).\)...x.1...W# Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 144: D9 DA E9 D8 B1 61 AC AD FF 4B 37 6F 6D D8 27 11 .....a...K7om.'. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 160: 35 FD 5F 9B 65 A5 BA DF B9 2F 52 DE 49 BF B4 B0 5._.e..../R.I... Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 176: 9A 22 00 71 1C 1F 16 9C 68 96 D3 36 02 30 91 52 .".q....h..6.0.R Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 192: 5C 49 88 EC BC 26 4F C4 C1 3D 16 79 AF 2A 97 5C \I...&O..=.y.*.\ Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 208: 88 F8 58 DD FD 6C 9A 66 98 68 69 F2 25 5A 5D C4 ..X..l.f.hi.%Z]. Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 224: 7C 0A DD 7E 6C E3 1D 75 A0 FA 3B 9E BE 63 D3 64 |..~l..u..;..c.d Feb 9 14:53:51 pin1212a00 charon: 12[PTS] 240: 3B 82 40 D3 F8 F4 5F E7 65 40 5E 73 2B E8 57 12 ;.@..._.e@^s+.W.
The PA-TNC message created by the PTS-IMC contains 29 'Simple Component Evidence' attributes and one closing 'Simple Evidence Final' attribute both from the TCG namespace:
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC message with ID 0x37d4fe05
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b828
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 72 ...............r
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2 67 C9 CB 34 .K.@..6?.j..g..4
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 20 0B C4 2F ED AD 26 82 00 CB 1D 15 F9 78 41 C3 ../..&......xA.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 44 E7 9D AE 33 20 D...3
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b700
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 98 72 96 4B 9B 40 8:55:33Z...r.K.@
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: CD D0 36 3F CD 6A F8 C2 67 C9 CB 34 20 0B 26 14 ..6?.j..g..4 .&.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: C8 BD 2D 1B 59 C7 6A 58 51 AC A4 39 14 7B EE 5B ..-.Y.jXQ..9.{.[
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: F7 7D E4 73 A3 20 09 19 84 8C 04 F5 CB 4B 32 D3 .}.s. .......K2.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 9A 55 7E 8F 87 09 .U~...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913ba10
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BA 15 ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: BB 86 8E 1F 18 A7 EE 2A 3C 57 02 81 0E BC C3 09 .......*<W......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: A2 46 5F 62 1B 65 D8 DC 5C 10 05 E9 EF E2 71 42 .F_b.e..\.....qB
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: C3 01 4A C1 74 20 ..J.t
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b918
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5D 42 ..............]B
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 68 FB 80 BF 1E 31 8D 67 B4 D0 8D 49 A1 3C 6F 3A h....1.g...I.<o:
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: FE 93 C4 44 E3 23 0E 0B F1 F5 21 B1 B2 B3 56 FE ...D.#....!...V.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 3E A0 05 38 7F F7 >..8..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b988
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 5D 42 68 FB 80 BF 8:55:33Z..]Bh...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 1E 31 8D 67 B4 D0 8D 49 A1 3C 6F 3A FE 93 7F D4 .1.g...I.<o:....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: DD 1B 15 3F D1 E9 28 B1 19 F3 7C B3 7A 0C F5 02 ...?..(...|.z...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: F4 34 13 87 18 5A 92 CA 4F BA 8A 31 FB B7 A4 6A .4...Z..O..1...j
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: C4 57 76 0A 19 35 .Wv..5
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913ba80
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 7F D4 DD 1B 15 3F 8:55:33Z.......?
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: D1 E9 28 B1 19 F3 7C B3 7A 0C F5 02 F4 34 57 23 ..(...|.z....4W#
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 71 2B E6 B6 50 FF 5A 0C 2A 44 AB 03 5C 58 5A 8F q+..P.Z.*D..\XZ.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: BC 57 86 AC 7F D5 C5 12 8C 3E D6 BB 16 38 7E 53 .W.......>...8~S
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 08 AE B5 26 18 4E ...&.N
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913baf0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 57 23 71 2B E6 B6 8:55:33Z..W#q+..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 50 FF 5A 0C 2A 44 AB 03 5C 58 5A 8F BC 57 7B AD P.Z.*D..\XZ..W{.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 15 CE ED 57 AD 26 98 19 D0 72 0A 5B 89 E9 5F 3A ...W.&...r.[.._:
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 1E 29 26 D0 E4 C7 CF A9 20 E2 CE 26 7D BA 86 C9 .)&..... ..&}...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 70 6E D9 A8 6C 8D pn..l.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913bb60
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 06 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B0 5B ...............[
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: CD 50 47 BF 36 0C 2D BB A2 7A 5D A5 EE 66 17 72 .PG.6.-..z]..f.r
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: A2 0C 05 D4 2F 27 12 07 AF F9 7D E1 F3 12 77 4D ..../'....}...wM
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: AC DA 95 74 74 7A ...ttz
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b2f0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 BA 15 BB 86 8E 1F 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 18 A7 EE 2A 3C 57 02 81 0E BC C3 09 A2 46 88 31 ...*<W.......F.1
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 7B 60 DD 25 58 40 D5 36 3B B3 98 41 18 95 C6 45 {`.%X@.6;..A...E
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 90 2A C1 8B 03 F7 C7 B5 D6 8B 82 56 61 21 72 E8 .*.........Va!r.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 60 DF 34 CB 4D 6D `.4.Mm
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b360
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 EE 01 ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: A0 35 29 A6 B3 8B 5D ED 18 AB 6A E8 D7 71 AA AC .5)...]...j..q..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 19 25 CD 0F DB 45 31 A6 EC 41 BE 27 53 BA 04 26 .%...E1..A.'S..&
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 37 D6 E5 F7 F2 56 7....V
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b3d0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 00 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 26 14 C8 BD 2D 1B 8:55:33Z..&...-.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 59 C7 6A 58 51 AC A4 39 14 7B EE 5B F7 7D 61 D7 Y.jXQ..9.{.[.}a.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: C2 06 BD 93 7C 91 82 0F 76 18 C6 17 97 C2 1C CD ....|...v.......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 13 13 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 ....e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b440
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 01 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 88 31 7B 60 DD 25 8:55:33Z...1{`.%
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 58 40 D5 36 3B B3 98 41 18 95 C6 45 90 2A 50 0B X@.6;..A...E.*P.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 2F 05 3D 65 11 23 D4 BD 42 91 A6 9B 99 F3 19 C5 /.=e.#..B.......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 79 C9 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 y...e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b4b0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 02 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 7B AD 15 CE ED 57 8:55:33Z..{....W
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: AD 26 98 19 D0 72 0A 5B 89 E9 5F 3A 1E 29 DE EB .&...r.[.._:.)..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 6E C1 78 FC 05 AD C9 A7 FA D8 CA 63 3A 34 A4 7E n.x........c:4.~
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 04 DA D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 ....e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b520
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 03 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F ..............:?
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B x.....i....n9W.;
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 "u..e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b590
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F ..............:?
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B x.....i....n9W.;
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 "u..e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b600
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 EE 01 A0 35 29 A6 8:55:33Z.....5).
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: B3 8B 5D ED 18 AB 6A E8 D7 71 AA AC 19 25 60 4F ..]...j..q...%`O
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: C6 60 10 07 DD 33 FF 5F 30 AB 6D 33 D0 C3 2C C6 .`...3._0.m3..,.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: AF AF D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 ....e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913af50
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 06 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 B0 5B CD 50 47 BF 8:55:33Z...[.PG.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 36 0C 2D BB A2 7A 5D A5 EE 66 17 72 A2 0C 78 CD 6.-..z]..f.r..x.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 77 59 86 6A 77 D0 31 03 C2 03 5B F7 DC 7E 61 DC wY.jw.1...[..~a.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 19 2E D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 ....e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913afc0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 07 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A 3F ..............:?
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B x.....i....n9W.;
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 22 75 D9 BE 65 24 A5 F5 04 7D B5 86 68 13 AC F3 "u..e$...}..h...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 27 78 92 A7 A3 0A 'x....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b030
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 3A 3F 78 0F 11 A4 8:55:33Z..:?x...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75 A4 95 ..i....n9W.;"u..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: BD 4B 42 A1 FA 26 C3 9F 3F 24 94 08 2B 9F E1 71 .KB..&..?$..+..q
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 07 AB C1 E2 5C 3F 6B 0D C7 8D 57 29 6A A2 87 0C ....\?k...W)j...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: A6 F7 82 CC F8 0F ......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b0a0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 A4 95 BD 4B 42 A1 8:55:33Z.....KB.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: FA 26 C3 9F 3F 24 94 08 2B 9F E1 71 07 AB 54 09 .&..?$..+..q..T.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 48 D7 C0 27 E8 CC E2 51 66 68 28 05 52 C3 92 BB H..'...Qfh(.R...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 50 8B 38 F3 0A 0A 96 7F CF 2B FE E1 E3 B2 97 1D P.8......+......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: E5 40 11 50 48 C8 .@.PH.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b110
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 54 09 48 D7 C0 27 8:55:33Z..T.H..'
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: E8 CC E2 51 66 68 28 05 52 C3 92 BB 50 8B 9B 66 ...Qfh(.R...P..f
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: C2 3E B2 E3 8B AE 0D AD BE 4B FA BC E8 62 9E 33 .>.......K...b.3
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 6E 48 4F 41 2E CE 7C 55 D6 AE 55 B5 A6 4F 66 01 nHOA..|U..U..Of.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 18 7E 25 B9 AF FC .~%...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b180
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 04 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 9B 66 C2 3E B2 E3 8:55:33Z...f.>..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 8B AE 0D AD BE 4B FA BC E8 62 9E 33 6E 48 CF A3 .....K...b.3nH..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 54 3C 7F 39 22 69 BD C0 D5 BF 29 05 F1 BE 8B B2 T<.9"i....).....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: DD 7D 43 79 A3 D4 30 19 B4 6F A3 57 F7 DD 6A 53 .}Cy..0..o.W..jS
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: B4 5A 3C A8 FB 79 .Z<..y
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b1f0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 05 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 60 4F C6 60 10 07 8:55:33Z..`O.`..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: DD 33 FF 5F 30 AB 6D 33 D0 C3 2C C6 AF AF CD EB .3._0.m3..,.....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 78 A0 CC 80 28 BA B5 78 F2 F8 5F 3A F9 1F 03 57 x...(..x.._:...W
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 78 A4 88 55 13 EB 0E F1 A5 0B 09 33 40 0E 4A 10 x..U.......3@.J.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 35 74 97 3B E8 5C 5t.;.\
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913b260
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 08 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1D 2F .............../
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 36 17 44 32 EC DF 99 E8 4D AE E2 BC C7 D3 13 1C 6.D2....M.......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 0F BF 1A 84 80 3D 29 14 E0 3A 12 C8 33 FF 80 BC .....=)..:..3...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: CA 1F B6 72 90 53 ...r.S
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913c9b8
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 09 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 C2 ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: D5 F2 25 D1 CC E2 38 25 EE 4D 42 37 9C 85 B8 55 ..%...8%.MB7...U
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: A5 49 EE D2 09 89 F6 F6 53 9C D6 57 CF A8 DF A5 .I......S..W....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: D6 67 23 C4 E2 B4 .g#...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913bef8
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 0A ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C8 34 ...............4
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: E9 1E 6C D2 9D 77 A0 BB D8 85 E7 70 6A DA 56 00 ..l..w.....pj.V.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: A6 EE CC DB 51 F8 01 B3 39 CD 5C B3 6B 54 19 9A ....Q...9.\.kT..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 36 B0 98 D2 45 F1 6...E.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913bf68
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 03 80 00 00 0B ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 36 54 30 ....2012-02-06T0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 38 3A 35 35 3A 33 33 5A 00 14 00 00 00 00 00 00 8:55:33Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B2 A8 ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 3B 0E BF 2F 83 74 29 9A 5B 2B DF C3 1E A9 55 AD ;../.t).[+....U.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 72 36 90 69 CA 78 E7 45 0A 28 51 73 43 1B 3E 52 r6.i.x.E.(QsC.>R
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: C5 C2 52 99 E4 73 ..R..s
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913bfd8
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 02 80 00 00 11 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 39 54 31 ....2012-02-09T1
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 33 3A 35 33 3A 34 38 5A 00 14 17 17 17 17 17 17 3:53:48Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 17 17 17 17 17 17 17 17 17 17 17 17 17 17 FF FF ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: FF FF D5 37 D4 37 F0 58 13 6E B3 D7 BE 51 7D BE ...7.7.X.n...Q}.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 76 47 B6 23 C6 19 vG.#..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Component Evidence' 0x005597/0x00300000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 102 bytes @ 0x913c048
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 00 00 00 90 2A 21 00 00 00 02 80 00 00 12 ......*!........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 80 00 01 00 32 30 31 32 2D 30 32 2D 30 39 54 31 ....2012-02-09T1
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 33 3A 35 33 3A 34 38 5A 00 14 18 18 18 18 18 18 3:53:48Z........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 18 18 18 18 18 18 18 18 18 18 18 18 18 18 FF FF ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: FF FF 16 0D 2B 04 D1 1E B2 25 FB 14 86 15 B6 99 ....+....%......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 08 18 69 E1 5B 6C ..i.[l
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/Simple Evidence Final' 0x005597/0x00400000
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 288 bytes @ 0x913c1e0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 80 00 80 00 00 00 00 14 2F 74 7E F8 BB 01 A1 AC ......../t~.....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 76 72 8F 77 4B 79 1D 90 ED 79 E1 F2 00 00 01 00 vr.wKy...y......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 15 15 A4 25 DB 19 B5 77 29 5B 55 CE 13 8A 4F 13 ...%...w)[U...O.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: D9 A9 F4 DB 00 3E 9E FA D3 4A 8C DB 97 50 6B 57 .....>...J...PkW
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 52 65 04 8E AD 0F F6 BC C1 61 13 C0 60 38 DA 56 Re.......a..`8.V
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: C8 9B 8C 24 8C 36 20 97 C4 95 CD A4 0E C1 C4 54 ...$.6 ........T
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 3A 20 5E 86 D1 B9 B7 D8 85 77 77 D3 50 D2 90 0D : ^......ww.P...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 112: D8 34 7D 12 03 DC 7A D1 C9 AB 26 0B 64 74 A5 F4 .4}...z...&.dt..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 128: B5 9D 20 31 DA 68 BA 9E BC 60 D5 B8 0D E8 E4 EE .. 1.h...`......
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 144: 67 E4 63 FB C8 8F 99 B4 45 99 EB F8 C7 60 93 95 g.c.....E....`..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 160: BD 29 F0 5C 29 9E 03 C1 78 19 31 F1 84 C1 57 23 .).\)...x.1...W#
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 176: D9 DA E9 D8 B1 61 AC AD FF 4B 37 6F 6D D8 27 11 .....a...K7om.'.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 192: 35 FD 5F 9B 65 A5 BA DF B9 2F 52 DE 49 BF B4 B0 5._.e..../R.I...
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 208: 9A 22 00 71 1C 1F 16 9C 68 96 D3 36 02 30 91 52 .".q....h..6.0.R
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 224: 5C 49 88 EC BC 26 4F C4 C1 3D 16 79 AF 2A 97 5C \I...&O..=.y.*.\
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 240: 88 F8 58 DD FD 6C 9A 66 98 68 69 F2 25 5A 5D C4 ..X..l.f.hi.%Z].
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 256: 7C 0A DD 7E 6C E3 1D 75 A0 FA 3B 9E BE 63 D3 64 |..~l..u..;..c.d
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 272: 3B 82 40 D3 F8 F4 5F E7 65 40 5E 73 2B E8 57 12 ;.@..._.e@^s+.W.
This is a large PB-TNC CDATA batch comprising 3646 bytes distributed over 4 IKEv2 EAP-TTLS messages:
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] creating PB-TNC CDATA batch
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] adding PB-PA message
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] sending PB-TNC CDATA batch (3646 bytes) for Connection ID 1
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] => 3646 bytes @ 0x913eb38
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 0: 02 00 00 01 00 00 0E 3E 80 00 00 00 00 00 00 01 .......>........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 16: 00 00 0E 36 00 00 55 97 00 00 00 01 00 01 FF FF ...6..U.........
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 32: 01 00 00 00 37 D4 FE 05 00 00 55 97 00 30 00 00 ....7.....U..0..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 48: 00 00 00 72 80 00 00 00 00 90 2A 21 00 00 00 03 ...r......*!....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 64: 80 00 00 00 80 00 01 00 32 30 31 32 2D 30 32 2D ........2012-02-
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 80: 30 36 54 30 38 3A 35 35 3A 33 33 5A 00 14 00 00 06T08:55:33Z....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 112: 00 00 98 72 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2 ...r.K.@..6?.j..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 128: 67 C9 CB 34 20 0B C4 2F ED AD 26 82 00 CB 1D 15 g..4 ../..&.....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 144: F9 78 41 C3 44 E7 9D AE 33 20 00 00 55 97 00 30 .xA.D...3 ..U..0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 160: 00 00 00 00 00 72 80 00 00 00 00 90 2A 21 00 00 .....r......*!..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 176: 00 03 80 00 00 00 80 00 01 00 32 30 31 32 2D 30 ..........2012-0
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 192: 32 2D 30 36 54 30 38 3A 35 35 3A 33 33 5A 00 14 2-06T08:55:33Z..
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 208: 98 72 96 4B 9B 40 CD D0 36 3F CD 6A F8 C2 67 C9 .r.K.@..6?.j..g.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 224: CB 34 20 0B 26 14 C8 BD 2D 1B 59 C7 6A 58 51 AC .4 .&...-.Y.jXQ.
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 240: A4 39 14 7B EE 5B F7 7D E4 73 A3 20 09 19 84 8C .9.{.[.}.s. ....
Feb 9 14:53:51 pin1212a00 charon: 12[TNC] 256: 04 F5 CB 4B 32 D3 9A 55 7E 8F 87 09 00 00 55 97 ...K2..U~.....U.
----------------- truncated batch ------------------
Feb 9 14:53:51 pin1212a00 charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 9 14:53:51 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 16 [ EAP/RES/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:51 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:51 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 16 [ EAP/REQ/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 17 [ EAP/RES/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:51 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:51 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 17 [ EAP/REQ/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 18 [ EAP/RES/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 9 14:53:51 pin1212a00 charon: 15[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 9 14:53:51 pin1212a00 charon: 15[ENC] parsed IKE_AUTH response 18 [ EAP/REQ/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 15[ENC] generating IKE_AUTH request 19 [ EAP/RES/TTLS ]
Feb 9 14:53:51 pin1212a00 charon: 15[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
TNC Assessment¶
A PB-TNC RESULT batch is received from the TNC server containing a 'PB-Assessment-Result' and a 'PB-Access-Recommendation' message
causing the IF-TNCCS 2.0 state machine to go into the 'Decided' state:
Feb 9 14:53:51 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:51 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 19 [ EAP/REQ/TTLS ] Feb 9 14:53:51 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC] Feb 9 14:53:51 pin1212a00 charon: 11[TNC] received TNCCS batch (40 bytes) for Connection ID 1 Feb 9 14:53:51 pin1212a00 charon: 11[TNC] => 40 bytes @ 0x913863a Feb 9 14:53:51 pin1212a00 charon: 11[TNC] 0: 02 80 00 03 00 00 00 28 80 00 00 00 00 00 00 02 .......(........ Feb 9 14:53:51 pin1212a00 charon: 11[TNC] 16: 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 03 ................ Feb 9 14:53:51 pin1212a00 charon: 11[TNC] 32: 00 00 00 10 00 00 00 01 ........ Feb 9 14:53:51 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Decided' Feb 9 14:53:51 pin1212a00 charon: 11[TNC] processing PB-TNC RESULT batch Feb 9 14:53:51 pin1212a00 charon: 11[TNC] processing PB-Assessment-Result message (16 bytes) Feb 9 14:53:51 pin1212a00 charon: 11[TNC] processing PB-Access-Recommendation message (16 bytes)
The received TNC assessment result is 'compliant' and the access recommendation is 'Access Allowed':
Feb 9 14:53:51 pin1212a00 charon: 11[TNC] PB-TNC assessment result is 'compliant' Feb 9 14:53:51 pin1212a00 charon: 11[TNC] PB-TNC access recommendation is 'Access Allowed' Feb 9 14:53:51 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Allowed'
The IF-TNCCS 2.0 finite state machine goes into the final Close state and sends a PB-TNC CLOSE batch back to the TNC server:
Feb 9 14:53:51 pin1212a00 charon: 11[TNC] creating PB-TNC CLOSE batch Feb 9 14:53:51 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Decided' to 'End' Feb 9 14:53:51 pin1212a00 charon: 11[TNC] sending PB-TNC CLOSE batch (8 bytes) for Connection ID 1 Feb 9 14:53:51 pin1212a00 charon: 11[TNC] => 8 bytes @ 0x9136cf8 Feb 9 14:53:51 pin1212a00 charon: 11[TNC] 0: 02 00 00 06 00 00 00 08 ........ Feb 9 14:53:51 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC] Feb 9 14:53:51 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 20 [ EAP/RES/TTLS ] Feb 9 14:53:51 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Final Mutual IKEv2 EAP Authentication¶
Based on the positive TNC assessment the IPsec gateway acting as a Policy Enforcement Point (PEP) finalizes the EAP-TTLS authentication with an EAP SUCCESS message:
Feb 9 14:53:51 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:51 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 20 [ EAP/SUCC ] Feb 9 14:53:51 pin1212a00 charon: 08[IKE] EAP method EAP_TTLS succeeded, MSK established
The IPsec client generates its IKEv2 AUTH payload by binding it to the MSK from the EAP-TTLS tunnel:
Feb 9 14:53:51 pin1212a00 charon: 08[IKE] authentication of 'carol@strongswan.org' (myself) with EAP Feb 9 14:53:51 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 21 [ AUTH ] Feb 9 14:53:51 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
The IKE_AUTH response received from the IPsec gateway finalizes the IKEv2 negotiation:
Feb 9 14:53:51 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500] Feb 9 14:53:51 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 21 [ AUTH SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ] Feb 9 14:53:51 pin1212a00 charon: 09[IKE] authentication of 'moon.strongswan.org' with EAP successful
The Attestation IMC instance deletes itself and the PB-TNC (IF-TNCCS 2.0) connection is closed:
Feb 9 14:53:51 pin1212a00 charon: 09[IMC] IMC 1 "Attestation" deleted the state of Connection ID 1 Feb 9 14:53:51 pin1212a00 charon: 09[TNC] removed TNCCS Connection ID 1
An IPsec Security Association is established between IPsec client and IPsec gateway and payload traffic can now be securely tunneled:
Feb 9 14:53:51 pin1212a00 charon: 09[IKE] IKE_SA home[1] established between 192.168.0.254[carol@strongswan.org]...192.168.0.1[moon.strongswan.org]
Feb 9 14:53:51 pin1212a00 charon: 09[IKE] scheduling reauthentication in 9821s
Feb 9 14:53:51 pin1212a00 charon: 09[IKE] maximum IKE_SA lifetime 10361s
Feb 9 14:53:51 pin1212a00 charon: 09[IKE] CHILD_SA home{1} established with SPIs cf6c9ae9_i c220f8ed_o and TS 192.168.0.254/32 === 10.1.0.0/28
Go to UserDocumentation->TNC->PTS-IMV