strongSwan

h1. TNC Client with PTS-IMC

This HOWTO explains in a step-for-step fashion how a strongSwan IPsec client with integrated TNC client functionality and an attached Platform Trust Service Integrity Measurement Collector (PTS-IMC) can provide remote attestation measurement data to a TNC server via the IKEv2 EAP-TTLS protocol. 

{{>toc}}

h2. Installation and Configuration

The following steps describe the installation of the strongSwan software

<pre>

  wget http://download.strongswan.org/strongswan-4.6.2rc1.tar.bz2

  tar xjf strongswan-4.6.2rc1.tar.bz2

  cd strongswan-4.6.2rc1

  ./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl

              --enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc

              --enable-tnccs-20 --enable-tnc-imc --enable-imc-attestation

  make

  [sudo] make install 

</pre>

The strongSwan *imc-attestation.so* dynamic PTS-IMC library depends on the "TrouSerS":http://sourceforge.net/projects/trousers/ libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.

The connection between IPsec client *carol* and IPsec gateway *moon* is defined in the /etc/ipsec.conf file:

<pre>

# ipsec.conf - strongSwan IPsec configuration file

config setup

     charondebug="tnc 3, imc 3, pts 3"

conn home

     left=%any

     leftid=carol@strongswan.org

     leftauth=eap

     right=192.168.0.1

     rightid=@moon.strongswan.org

     rightsendcert=never

     rightsubnet=10.1.0.0/16

     auto=start

</pre>

The debug levels for the TNC, IMC, and PTS components are increased to 3, so that HEX dumps of PB-TNC (IF-TNCCS 2.0) messages and PA-TNC (IF-M) attributes will be included in the log file.

The IKEv2 client *carol* is going to use EAP-based authentication with the user credentials being stored in the /etc/ipsec.secrets file:

<pre>

# /etc/ipsec.secrets - strongSwan IPsec secrets file

carol@strongswan.org : EAP "Ar3etTnp"

</pre>

The following IKEv2 charon and Attestation IMC options are defined in the /etc/strongswan.conf file

<pre>

# strongswan.conf - strongSwan configuration file

charon {

  load = sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke

  plugins {

    eap-tnc {

      protocol = tnccs-2.0

    }

    tnc-imc {

      preferred_language = en

    }

  }

}

libimcv {

  plugins {

    imc-attestation {

      aik_cert = /home/andi/privacyca/AIK_3_Cert.der

      aik_blob = /home/andi/privacyca/AIK_3_Blob.bin

      pcr17_meas   = d537d437f058136eb3d7be517dbe7647b623c619 

      pcr17_before = 1717171717171717171717171717171717171717 

      pcr17_after  = ffffffffffffffffffffffffffffffffffffffff 

      pcr18_meas   = 160d2b04d11eb225fb148615b699081869e15b6c 

      pcr18_before = 1818181818181818181818181818181818181818 

      pcr18_after  = ffffffffffffffffffffffffffffffffffffffff 

    }

  }

}

</pre>

h2. IKEv2 Negotiation

h3. Startup and Initialization

The command

<pre>

ipsec start

</pre>

starts the TNC-enabled IPsec client:

<pre>

FFeb 10 09:05:16 pin1212a00 charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2rc1)

Feb 10 09:05:16 pin1212a00 charon: 00[KNL] listening on interfaces:

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]   eth0

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     152.96.31.100

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     fe80::219:99ff:feb3:92c3

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]   umlbr0

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     192.168.0.254

Feb 10 09:05:16 pin1212a00 charon: 00[KNL]     fe80::9cb8:adff:fe5a:270a

</pre>

The file /etc/tnc_config

<pre>

# IMC configuration file for strongSwan client 

IMC "Attestation" /usr/lib/ipsec/imcvs/imc-attestation.so

</pre>

defines which IMCs are loaded by the TNC client:

<pre>

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] loading IMCs from '/etc/tnc_config'

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA1[sha1] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS measurement algorithm HASH_SHA256[openssl] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS measurement algorithm HASH_SHA384[openssl] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_2048[gmp] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1536[gmp] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group MODP_1024[gmp] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   mandatory PTS DH group ECP_256[openssl] available

Feb 10 09:05:16 pin1212a00 charon: 00[PTS]   optional  PTS DH group ECP_384[openssl] available

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added IETF attributes

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added ITA-HSR attributes

Feb 10 09:05:16 pin1212a00 charon: 00[LIB] libimcv initialized

Feb 10 09:05:16 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" initialized

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] added TCG attributes

Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added TCG functional component namespace

Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component namespace

Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader'

Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot'

Feb 10 09:05:16 pin1212a00 charon: 00[PTS] added ITA-HSR functional component 'Linux IMA'

Feb 10 09:05:16 pin1212a00 charon: 00[LIB] libpts initialized

Feb 10 09:05:16 pin1212a00 charon: 00[IMC] IMC 1 "Attestation" provided with bind function

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] IMC 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:16 pin1212a00 charon: 00[TNC] IMC 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imc-attestation.so'

</pre>

Next the IKEv2 credential,all necessary plugins and the IPsec connection definition are loaded

<pre>

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'

Feb 10 09:05:16 pin1212a00 charon: 00[CFG]   loaded EAP secret for carol@strongswan.org

Feb 10 09:05:16 pin1212a00 charon: 00[DMN] loaded plugins: sha1 random gmp pkcs1 pkcs8 pem x509 pubkey openssl hmac revocation curl kernel-netlink socket-default eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 eap-identity resolve stroke

Feb 10 09:05:16 pin1212a00 charon: 00[JOB] spawning 16 worker threads

Feb 10 09:05:16 pin1212a00 charon: 08[CFG] received stroke: add connection 'home'

Feb 10 09:05:16 pin1212a00 charon: 08[CFG] left nor right host is our side, assuming left=local

Feb 10 09:05:16 pin1212a00 charon: 08[CFG] added configuration 'home'

</pre>

h3. IKEv2 Exchanges 

Due to auto=start the IKEv2 negotiation automatically initiates the IKE_SA_INIT exchange

<pre>

Feb 10 09:05:24 pin1212a00 charon: 10[CFG] received stroke: initiate 'home'

Feb 10 09:05:24 pin1212a00 charon: 11[IKE] initiating IKE_SA home[1] to 192.168.0.1

Feb 10 09:05:24 pin1212a00 charon: 11[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]

Feb 10 09:05:24 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[500] to 192.168.0.1[500]

Feb 10 09:05:24 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[500] to 192.168.0.254[500]

Feb 10 09:05:24 pin1212a00 charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]

</pre>

followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[IKE] establishing CHILD_SA home

Feb 10 09:05:24 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]

Feb 10 09:05:24 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:24 pin1212a00 charon: 06[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 06[ENC] parsed IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 06[IKE] server requested EAP_TTLS authentication (id 0x16)

Feb 10 09:05:24 pin1212a00 charon: 06[TLS] EAP_TTLS version is v0

Feb 10 09:05:24 pin1212a00 charon: 06[IKE] allow mutual EAP-only authentication

</pre>

h3. IKEv2 EAP-TTLS Tunnel

The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[ENC] generating IKE_AUTH request 2 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 06[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:24 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 3 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:24 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 14[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

Feb 10 09:05:24 pin1212a00 charon: 14[TLS] received TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb 10 09:05:24 pin1212a00 charon: 14[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   crl is valid: until Mar 09 10:28:34 2012

Feb 10 09:05:24 pin1212a00 charon: 14[CFG] certificate status is good

Feb 10 09:05:24 pin1212a00 charon: 14[CFG]   reached self-signed root ca with a path length of 0

Feb 10 09:05:24 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 4 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-Identity

Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity

<pre>

Feb 10 09:05:24 pin1212a00 charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 03[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 03[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/ID]

Feb 10 09:05:24 pin1212a00 charon: 03[IKE] server requested EAP_IDENTITY authentication (id 0x00)

Feb 10 09:05:24 pin1212a00 charon: 03[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/ID]

Feb 10 09:05:24 pin1212a00 charon: 03[ENC] generating IKE_AUTH request 5 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 03[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-MD5 Client Authentication

Next follows an EAP-MD5 client authentication

<pre>

Feb 10 09:05:24 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 08[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/MD5]

Feb 10 09:05:24 pin1212a00 charon: 08[IKE] server requested EAP_MD5 authentication (id 0x45)

Feb 10 09:05:24 pin1212a00 charon: 08[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/MD5]

Feb 10 09:05:24 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Tunneled EAP-TNC Transport

Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 09[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb 10 09:05:24 pin1212a00 charon: 09[IKE] server requested EAP_TNC authentication (id 0x1B)

Feb 10 09:05:24 pin1212a00 charon: 09[TLS] EAP_TNC version is v1

</pre>

h2. PB-TNC/IF-TNCCS 2.0 Connection

A new TNCCS connection is instantiated on the TNC client and its IF-TNCCS 2.0 state machine is set to the Init state.

!IF-TNCCS-20-State-Diagram.png!

A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch is prepared and a PB-Language-Preference message for Englisch (en) is added: 

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] assigned TNCCS Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PB-TNC CDATA batch

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] adding PB-Language-Preference message

</pre>

An instance of the Attestation PTS-IMC is created which in a first step determines the client operating systen

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] platform is 'Ubuntu 11.04 i686'

</pre>

and then loads the AIK certificate and the matching AIK private key, the latter in the form of a TPM-encrypted binary blob

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] loaded AIK certificate from '/home/seclab/privacyca/AIK_Cert.der'

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] loaded AIK Blob from '/home/seclab/privacyca/AIK_Blob.bin'

Feb 10 09:05:24 pin1212a00 charon: 09[PTS] AIK Blob: => 559 bytes @ 0x9b5be20

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]    0: 01 01 00 00 00 12 00 00 00 04 00 00 00 00 01 00  ................

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   16: 01 00 02 00 00 00 0C 00 00 08 00 00 00 00 02 00  ................

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   32: 00 00 00 00 00 00 00 00 00 01 00 81 E3 38 7C 4D  .............8|M

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   48: 46 70 CB D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71  Fp..3b8P...(V.nq

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   64: CF AA E3 C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB  ....1...Sj..T.|.

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   80: 00 98 80 D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67  ....}.W..$.YH..g

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]   96: 30 87 4F D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0  0.O.Y......'..W.

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  112: FE 1F AB EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D  .............tM=

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  128: B5 98 6D 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F  ..mW"t..A|.h.../

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  144: 57 54 CA 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC  WT.J..=37...oP..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  160: C2 D3 83 F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51  ....K..f..z....Q

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  176: 55 A2 8A AB F4 85 09 74 24 64 03 DD 65 1C 26 2F  U......t$d..e.&/

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  192: 35 08 BF 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E  5..W.(...[...lC~

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  208: DE D3 93 F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94  ......6.1..B.z..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  224: 93 9C 8F BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D  ....m.f.0...DM.m

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  240: 35 64 A6 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD  5d.......V.(;&..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  256: 6F 7F AD 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5  o..Eh<.}8..._v..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  272: 5E 8A 4B C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70  ^.K.+..'..<....p

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  288: CC D6 EF 57 F3 EF 37 A2 E6 B5 49 00 00 01 00 4C  ...W..7...I....L

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  304: DA 76 65 D0 54 8C F9 E8 B6 C4 9E 26 37 70 B4 45  .ve.T......&7p.E

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  320: C0 42 E0 A3 7A 3E 9D 57 96 B0 C8 68 DE 6A 84 76  .B..z>.W...h.j.v

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  336: 9A 9A E3 F9 D7 44 AB E0 A2 4B D2 3E 44 BD D9 92  .....D...K.>D...

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  352: 53 AF 6A 04 26 56 04 FC F9 43 D0 68 E3 63 AD 7B  S.j.&V...C.h.c.{

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  368: 5C A2 50 B8 BA A2 F0 53 8C 8B 3A 67 35 49 CA E4  \.P....S..:g5I..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  384: 35 A3 35 4B E7 31 D0 25 10 D4 6A B9 17 32 F9 53  5.5K.1.%..j..2.S

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  400: 22 E9 13 9D 13 E9 0D F0 59 55 33 36 5C A5 28 FB  ".......YU36\.(.

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  416: 86 88 69 69 F0 93 6F 4B 62 76 B0 0E 64 E9 69 2D  ..ii..oKbv..d.i-

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  432: 7D 9E 9E ED E1 1E 62 4C 63 AA D8 FD 87 86 77 3C  }.....bLc.....w<

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  448: C1 04 E8 63 81 54 FE 75 82 D8 36 96 67 6A D1 18  ...c.T.u..6.gj..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  464: 78 6C 7D 7B 8C BB 28 A0 AC 84 D8 7B 7E D0 55 38  xl}{..(....{~.U8

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  480: 80 64 4C 3A 38 E0 B0 1A FE A7 C8 C3 A1 F9 21 A5  .dL:8.........!.

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  496: D1 6F DE C4 CE 0B 62 D6 39 DA A4 35 45 B3 B6 D2  .o....b.9..5E...

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  512: D4 73 0B 82 28 B5 C1 79 88 85 D8 7D 54 38 E0 DA  .s..(..y...}T8..

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  528: 57 2C 57 C1 34 4D 26 B8 9F A3 81 5B 4A 98 E5 E6  W,W.4M&....[J...

Feb 10 09:05:24 pin1212a00 charon: 09[PTS]  544: 89 94 25 A0 3F 9F 5A 3E CF A3 9A 0B 55 74 02     ..%.?.Z>....Ut.

Feb 10 09:05:24 pin1212a00 charon: 09[IMC] IMC 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1

</pre> 

Via the IF-IMC interface the PTS-IMC receives a 'Handshake' state change from the TNC client 

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[IMC] IMC 1 "Attestation" changed state of Connection ID 1 to 'Handshake'

</pre>

The PTS-IMC generates a PA-TNC message of type TCG/PTS targeted at the remote PTS-IMV, containing a single PA-TNC attribute of type 'IETF/Product Information' with the client operating system information:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PA-TNC message with ID 0x35c9dc7b

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] => 22 bytes @ 0x9b5c120

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]    0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30  .....Ubuntu 11.0

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   16: 34 20 69 36 38 36                                4 i686

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] adding PB-PA message

</pre>

The PA-TNC message is received by the TNC client via the IF-IMC SendMessage call and is inserted together with the

PB-Language-Preference message into the PB-TNC CDATA batch which is then sent via the IKEv2 EAP-TTLS tunnel to the TNC server.

<pre>

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] PB-TNC state transition from 'Init' to 'Server Working'

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] sending PB-TNC CDATA batch (105 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 09[TNC] => 105 bytes @ 0x9b5c890

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]    0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06  .......i........

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75  ....Accept-Langu

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00  age: en.........

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01  ..B..U..........

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   64: 00 00 00 35 C9 DC 7B 00 00 00 00 00 00 00 02 00  ...5..{.........

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31  ..".....Ubuntu 1

Feb 10 09:05:24 pin1212a00 charon: 09[TNC]   96: 31 2E 30 34 20 69 36 38 36                       1.04 i686

Feb 10 09:05:24 pin1212a00 charon: 09[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb 10 09:05:24 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 7 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. PTS Capability Discovery

As a response a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch is received from the TNC server

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 11[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 11[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] received TNCCS batch (72 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 72 bytes @ 0x9b56e82

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01  .......H........

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01  ...@..U.........

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 8B 08 8D AB 80 00 55 97 01 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   64: 00 00 00 10 00 00 80 00                          ........

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PB-TNC SDATA batch

</pre>

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PB-PA message (64 bytes)

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message transferred via the IF-IMC interface to the PTS-IMC contains two PA-TNC attributes from the TCG/PTS namespace:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC message with ID 0x8b088dab

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b57b5c

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 00 0E                                      ....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b57b6c

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 80 00                                      ....

</pre>

namely the requests 'Request PTS Protocol Capabilities' and 'PTS Measurement Algorithm Request'. The PTS-IMV supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities and the PTS-IMC does as well.

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[PTS] supported PTS protocol capabilities: .VDT.

Feb 10 09:05:24 pin1212a00 charon: 11[PTS] selected PTS measurement algorithm is HASH_SHA1

</pre>

The PTS-IMV proposes SHA-1 only for the PTS measurement algorithm which is accepted by the PTS-IMC. These two selections are sent back to the PTS-IMV in a PA-TNC message containing the TCG attributes 'PTS Protocol Capabilities' and 'PTS Measurement Algorithm":

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC message with ID 0xace91f02

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b5bdd8

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 00 0E                                      ....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 4 bytes @ 0x9b5ac98

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 00 00 80 00                                      ....

</pre>

This PA-TNC message is sent as a PB-PA payload in a PB-TNC CDATA batch to the TNC server:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] creating PB-TNC CDATA batch

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] adding PB-PA message

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] sending PB-TNC CDATA batch (72 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 11[TNC] => 72 bytes @ 0x9b5ce70

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]    0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01  .......H........

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF  ...@..U.........

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   32: 01 00 00 00 AC E9 1F 02 00 00 55 97 02 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 11[TNC]   64: 00 00 00 10 00 00 80 00                          ........

Feb 10 09:05:24 pin1212a00 charon: 11[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb 10 09:05:24 pin1212a00 charon: 11[ENC] generating IKE_AUTH request 8 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 11[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. DH Nonce Parameters

The next PB-TNC SDATA batch is received:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] received TNCCS batch (56 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 56 bytes @ 0x9b56e82

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01  .......8........

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01  ...0..U.........

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 D5 D8 B7 F7 80 00 55 97 03 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 00 00 00 10 00 00 F0 00                          ........

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch

</pre>

containing a PB-PA message of type TCG/PTS to which the PTS-IMC is subscribed:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PB-PA message (48 bytes)

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message contains a 'DH Nonce Parameters Request' from the TCG namespace

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0xd5d8b7f7

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x9b5ce8c

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 00 00 F0 00                                      ....

</pre>

and offers the set of IKE DH groups {2, 5, 14, 19} from which the PTS-IMC selects ECP_256 (group 14).

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[PTS] selected PTS DH group is ECP_256

Feb 10 09:05:24 pin1212a00 charon: 12[PTS] nonce length is 20

</pre>

The PTS-IMC also returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PA-TNC message with ID 0x4a9b2c31

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 92 bytes @ 0x9b5d478

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 00 00 00 14 10 00 E0 00 1D 14 23 06 97 7D E7 E3  ..........#..}..

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: AF AE B6 57 FB A3 58 DA 59 6A 4C D3 77 49 6B 4B  ...W..X.YjL.wIkK

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 5E 55 C4 04  65..'?b..[n|^U..

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 04 89 B4 98 66 31 6A A2 A2 4E 5E AC DE 57 B7 3B  ....f1j..N^..W.;

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   64: 97 72 08 A6 90 7C 3C FB FD B3 45 05 C5 4D 21 10  .r...|<...E..M!.

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   80: 0E 07 CE 94 B0 61 14 9F C1 22 10 93              .....a..."..

</pre>

This PA-TNC message is carried in a PB-PA message encapsulated in a PB-TNC CDATA batch:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] creating PB-TNC CDATA batch

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] adding PB-PA message

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] sending PB-TNC CDATA batch (144 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 12[TNC] => 144 bytes @ 0x9b5d410

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]    0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01  ................

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 4A 9B 2C 31 00 00 55 97 04 00 00 00  ....J.,1..U.....

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   48: 00 00 00 68 00 00 00 14 10 00 E0 00 1D 14 23 06  ...h..........#.

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   64: 97 7D E7 E3 AF AE B6 57 FB A3 58 DA 59 6A 4C D3  .}.....W..X.YjL.

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   80: 77 49 6B 4B 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C  wIkK65..'?b..[n|

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]   96: 5E 55 C4 04 04 89 B4 98 66 31 6A A2 A2 4E 5E AC  ^U......f1j..N^.

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]  112: DE 57 B7 3B 97 72 08 A6 90 7C 3C FB FD B3 45 05  .W.;.r...|<...E.

Feb 10 09:05:24 pin1212a00 charon: 12[TNC]  128: C5 4D 21 10 0E 07 CE 94 B0 61 14 9F C1 22 10 93  .M!......a..."..

Feb 10 09:05:24 pin1212a00 charon: 12[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb 10 09:05:24 pin1212a00 charon: 12[ENC] generating IKE_AUTH request 9 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 12[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. DH Nonce Finish and TPM Version/AIK Info

The next PB-TNC SDATA batch is received:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 06[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 06[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] received TNCCS batch (172 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 172 bytes @ 0x9b5bd52

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01  ................

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 01 00 00 00 C7 5A 89 5F 80 00 55 97 05 00 00 00  .....Z._..U.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 00 00 00 64 00 14 80 00 19 14 23 2B 46 C9 C4 56  ...d......#+F..V

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: B5 F6 9C 18 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD  ....X.x...J. !2.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: B2 60 7F DB 0F 7B 35 53 AE FA 23 C0 65 A5 48 35  .`...{5S..#.e.H5

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: FE DF DF B9 72 C4 DD 16 8B 55 E9 84 AE 45 E0 07  ....r....U...E..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: 05 AF D6 60 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A  ...`2.X...6...%.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: EF 13 9C AC 84 1F F6 9B F1 31 95 A3 80 00 55 97  .........1....U.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97  ..............U.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 0D 00 00 00 00 00 00 10 00 00 00 00              ............

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PB-TNC SDATA batch

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PB-PA message (164 bytes)

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

containing a PA-TNC message with the 'DH Nonce Finish', 'Get TPM Version Information' and 'Get Attestation Identity Key'

attributes from the TCG namespace:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC message with ID 0xc75a895f

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 88 bytes @ 0x9b58114

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 14 80 00 19 14 23 2B 46 C9 C4 56 B5 F6 9C 18  ......#+F..V....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD B2 60 7F DB  X.x...J. !2..`..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FE DF DF B9  .{5S..#.e.H5....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 72 C4 DD 16 8B 55 E9 84 AE 45 E0 07 05 AF D6 60  r....U...E.....`

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC  2.X...6...%.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 84 1F F6 9B F1 31 95 A3                          .....1..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 4 bytes @ 0x9b58178

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 00 00 00                                      ....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] processing PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 4 bytes @ 0x9b58188

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 00 00 00                                      ....

</pre>

The PTS-IMV reports that it selected SHA-1 as the DH hash algorithm and provides its 20 byte nonce and 32 byte public DH factor

so that the share DH secret can be computed:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] selected DH hash algorithm is HASH_SHA1

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] initiator nonce: => 20 bytes @ 0x9b5d848

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 84 1F F6 9B  ..6...%.........

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: F1 31 95 A3                                      .1..

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] responder nonce: => 20 bytes @ 0x9b5bd30

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: 1D 14 23 06 97 7D E7 E3 AF AE B6 57 FB A3 58 DA  ..#..}.....W..X.

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: 59 6A 4C D3                                      YjL.

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] shared DH secret: => 32 bytes @ 0x9b5ce70

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: F1 6A 3B 1C 72 03 B0 18 EA 3C B6 74 D6 AD 33 E9  .j;.r....<.t..3.

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: 23 0B 3C 1C A9 5C 77 12 FE FF FF 67 E5 7F CB 04  #.<..\w....g....

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] secret assessment value: => 20 bytes @ 0x9b5d208

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]    0: 5F A0 83 5D 35 DF 3C 94 28 8B 79 6F AB 35 86 6C  _..]5.<.(.yo.5.l

Feb 10 09:05:24 pin1212a00 charon: 06[PTS]   16: E2 23 4C CF                                      .#L.

</pre>

Answering the 'Get TPM Version Information' request, the following TPM version info is returned in binary form:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[PTS] TPM 1.2 Version Info: Chip Version: 1.2.3.17, Spec Level: 2, Errata Rev: 2, Vendor ID: IFX

</pre>

Besides the 'TPM Version Information' attribute, also the 'Attestation Identity Key' is included in the PA-TNC message to be forwarded to the PTS-IMV:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC message with ID 0x9eb3b685

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC attribute type 'TCG/TPM Version Information' 0x005597/0x09000000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 20 bytes @ 0x9b57ac8

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 30 01 02 03 11 00 02 02 49 46 58 00 00 05 03  .0.......IFX....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 11 00 08 00                                      ....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PA-TNC attribute type 'TCG/Attestation Identity Key' 0x005597/0x0e000000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 1167 bytes @ 0x9b5e950

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 00 30 82 04 8A 30 82 03 72 A0 03 02 01 02 02 10  .0...0..r.......

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C9 1B 24 28  3U.....Gxt....$(

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30  0...*.H........0

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76  P1.0...U....priv

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 61 63 79 63 61 2E 63 6F 6D 31 36 30 34 06 03 55  acyca.com1604..U

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 04 03 13 2D 50 72 69 76 61 63 79 20 43 41 20 49  ...-Privacy CA I

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: 6E 73 65 63 75 72 65 2F 55 6E 63 68 65 63 6B 65  nsecure/Unchecke

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: 64 20 41 49 4B 20 43 65 72 74 69 66 69 63 61 74  d AIK Certificat

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: 65 30 1E 17 0D 31 32 30 32 30 38 31 30 34 31 32  e0...12020810412

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 30 5A 17 0D 31 33 30 32 30 38 31 30 34 31 32 30  0Z..130208104120

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 5A 30 00 30 82 01 22 30 0D 06 09 2A 86 48 86 F7  Z0.0.."0...*.H..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  176: 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02  ...........0....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  192: 82 01 01 00 81 E3 38 7C 4D 46 70 CB D5 33 62 38  ......8|MFp..3b8

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  208: 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 C8 31 BD F6  P...(V.nq....1..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  224: FE 53 6A ED C8 54 0E 7C FB 00 98 80 D6 7D C7 57  .Sj..T.|.....}.W

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  240: D4 EC 24 93 59 48 1F DA 67 30 87 4F D3 59 B2 CA  ..$.YH..g0.O.Y..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  256: A8 9D CE C9 27 9A 03 57 C0 FE 1F AB EE E5 C2 A8  ....'..W........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  272: C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 57 22 74 02  ......tM=..mW"t.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  288: F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA 4A FB D6 3D  .A|.h.../WT.J..=

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  304: 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 F1 4B 01 FD  37...oP......K..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  320: 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A AB F4 85 09  f..z....QU......

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  336: 74 24 64 03 DD 65 1C 26 2F 35 08 BF 57 D9 28 DA  t$d..e.&/5..W.(.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  352: D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 F4 D5 D7 36  ..[...lC~......6

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  368: 1E 31 9A A8 42 10 7A F5 94 93 9C 8F BD 6D BC 66  .1..B.z......m.f

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  384: 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 08 EB D2 A6  .0...DM.m5d.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  400: 99 18 56 01 28 3B 26 94 FD 6F 7F AD 45 68 3C 8A  ..V.(;&..o..Eh<.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  416: 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B C2 2B 19 8A  }8..._v..^.K.+..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  432: 27 D9 80 3C C8 13 01 11 70 CC D6 EF 57 F3 EF 37  '..<....p...W..7

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  448: A2 E6 B5 49 02 03 01 00 01 A3 82 01 AE 30 82 01  ...I.........0..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  464: AA 30 37 06 03 55 1D 09 04 30 30 2E 30 16 06 05  .07..U...00.0...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  480: 67 81 05 02 10 31 0D 30 0B 0C 03 31 2E 31 02 01  g....1.0...1.1..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  496: 02 02 01 01 30 14 06 05 67 81 05 02 12 31 0B 30  ....0...g....1.0

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  512: 09 80 01 00 81 01 00 82 01 02 30 5D 06 03 55 1D  ..........0]..U.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  528: 11 01 01 FF 04 53 30 51 A4 42 30 40 31 16 30 14  .....S0Q.B0@1.0.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  544: 06 05 67 81 05 02 01 0C 0B 69 64 3A 30 30 30 30  ..g......id:0000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  560: 30 30 30 30 31 12 30 10 06 05 67 81 05 02 02 0C  00001.0...g.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  576: 07 55 6E 6B 6E 6F 77 6E 31 12 30 10 06 05 67 81  .Unknown1.0...g.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  592: 05 02 03 0C 07 69 64 3A 30 30 30 30 A0 0B 06 05  .....id:0000....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  608: 67 81 05 02 0F A0 02 0C 00 30 0C 06 03 55 1D 13  g........0...U..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  624: 01 01 FF 04 02 30 00 30 81 E0 06 03 55 1D 20 01  .....0.0....U. .

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  640: 01 FF 04 81 D5 30 81 D2 30 67 06 0A 2B 06 01 04  .....0..0g..+...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  656: 01 81 E3 42 01 10 30 59 30 29 06 08 2B 06 01 05  ...B..0Y0)..+...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  672: 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 77  ......http://www

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  688: 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F 63  .privacyca.com/c

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  704: 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 30  ps/0,..+.......0

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  720: 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 20   ..TCPA Trusted 

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  736: 50 6C 61 74 66 6F 72 6D 20 49 64 65 6E 74 69 74  Platform Identit

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  752: 79 30 67 06 04 55 1D 20 00 30 5F 30 25 06 08 2B  y0g..U. .0_0%..+

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  768: 06 01 05 05 07 02 01 16 19 68 74 74 70 3A 2F 2F  .........http://

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  784: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F  www.privacyca.co

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  800: 6D 2F 30 36 06 08 2B 06 01 05 05 07 02 02 30 2A  m/06..+.......0*

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  816: 0C 28 54 43 50 41 20 54 72 75 73 74 65 64 20 50  .(TCPA Trusted P

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  832: 6C 61 74 66 6F 72 6D 20 4D 6F 64 75 6C 65 20 45  latform Module E

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  848: 6E 64 6F 72 73 65 6D 65 6E 74 30 1F 06 03 55 1D  ndorsement0...U.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  864: 23 04 18 30 16 80 14 B0 E5 97 E0 9B 23 75 B1 FD  #..0........#u..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  880: BF 01 5E 72 BA 36 D4 48 32 A0 33 30 0D 06 09 2A  ..^r.6.H2.30...*

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  896: 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 1D  .H..............

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  912: 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A 01 7F 59 8D  x7..7....=....Y.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  928: 24 A8 74 81 C9 79 A2 63 45 2C 04 0C B4 CD 7F B9  $.t..y.cE,......

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  944: 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 B7 2A 8A 74  B..gg.E...~B.*.t

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  960: 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA 49 8C 7B 12  .....w......I.{.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  976: 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 20 F9 17 8A  `U........;t ...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  992: 0F 47 2D 3C DB C4 05 67 3C F0 E0 33 A6 3C C5 0E  .G-<...g<..3.<..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1008: C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A 7A 6B 84 BA  ...n.j.;.;u.zk..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1024: 4A 69 6E AF 59 54 89 4A E5 07 D7 51 33 B9 9E AE  Jin.YT.J...Q3...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1040: F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A DC 8D 55 46  .L..6...R..j..UF

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1056: E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA 26 58 2F D2  .....I.C..E.&X/.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1072: E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC CE 75 EA 92  .l........]..u..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1088: 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99 0B C5 9F 45  =..5..<........E

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1104: 75 00 23 5F C5 B9 AB 73 D8 57 39 80 AE 6D 58 98  u.#_...s.W9..mX.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1120: CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 6C 8F 25 23  ..)k....xq..l.%#

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1136: AD A4 C5 FB 70 56 46 84 39 45 01 E9 F9 83 7D DC  ....pVF.9E....}.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1152: 5F D9 BB BF B1 08 2A 55 94 D6 0F 76 BD 73 EE     _.....*U...v.s.

</pre>

The TNC client packs this large PA-TNC message into an outgoing PB-TNC CDATA batch:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] creating PB-TNC CDATA batch

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] adding PB-PA message

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] sending PB-TNC CDATA batch (1251 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] => 1251 bytes @ 0x9b5eea8

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]    0: 02 00 00 01 00 00 04 E3 80 00 00 00 00 00 00 01  ................

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   16: 00 00 04 DB 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   32: 01 00 00 00 9E B3 B6 85 00 00 55 97 09 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   48: 00 00 00 20 00 30 01 02 03 11 00 02 02 49 46 58  ... .0.......IFX

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00  ..........U.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   80: 00 00 04 9B 00 30 82 04 8A 30 82 03 72 A0 03 02  .....0...0..r...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]   96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5  ....3U.....Gxt..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01  ..$(0...*.H.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D  ...0P1.0...U....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 30  privacyca.com160

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  160: 34 06 03 55 04 03 13 2D 50 72 69 76 61 63 79 20  4..U...-Privacy 

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68  CA Insecure/Unch

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  192: 65 63 6B 65 64 20 41 49 4B 20 43 65 72 74 69 66  ecked AIK Certif

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  208: 69 63 61 74 65 30 1E 17 0D 31 32 30 32 30 38 31  icate0...1202081

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  224: 30 34 31 32 30 5A 17 0D 31 33 30 32 30 38 31 30  04120Z..13020810

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A  4120Z0.0.."0...*

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  256: 86 48 86 F7 0D 01 01 01 05 00 03 82 01 0F 00 30  .H.............0

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  272: 82 01 0A 02 82 01 01 00 81 E3 38 7C 4D 46 70 CB  ..........8|MFp.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  288: D5 33 62 38 50 AD 98 D1 28 56 D3 6E 71 CF AA E3  .3b8P...(V.nq...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  304: C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB 00 98 80  .1...Sj..T.|....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  320: D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 30 87 4F  .}.W..$.YH..g0.O

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  336: D3 59 B2 CA A8 9D CE C9 27 9A 03 57 C0 FE 1F AB  .Y......'..W....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  352: EE E5 C2 A8 C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D  ..........tM=..m

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  368: 57 22 74 02 F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA  W"t..A|.h.../WT.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  384: 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC C2 D3 83  J..=37...oP.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  400: F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A  .K..f..z....QU..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  416: AB F4 85 09 74 24 64 03 DD 65 1C 26 2F 35 08 BF  ....t$d..e.&/5..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  432: 57 D9 28 DA D3 D7 5B ED C8 C6 6C 43 7E DE D3 93  W.(...[...lC~...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  448: F4 D5 D7 36 1E 31 9A A8 42 10 7A F5 94 93 9C 8F  ...6.1..B.z.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  464: BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6  .m.f.0...DM.m5d.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  480: 08 EB D2 A6 99 18 56 01 28 3B 26 94 FD 6F 7F AD  ......V.(;&..o..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  496: 45 68 3C 8A 7D 38 8C DB D8 5F 76 16 F5 5E 8A 4B  Eh<.}8..._v..^.K

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  512: C2 2B 19 8A 27 D9 80 3C C8 13 01 11 70 CC D6 EF  .+..'..<....p...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  528: 57 F3 EF 37 A2 E6 B5 49 02 03 01 00 01 A3 82 01  W..7...I........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  544: AE 30 82 01 AA 30 37 06 03 55 1D 09 04 30 30 2E  .0...07..U...00.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  560: 30 16 06 05 67 81 05 02 10 31 0D 30 0B 0C 03 31  0...g....1.0...1

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  576: 2E 31 02 01 02 02 01 01 30 14 06 05 67 81 05 02  .1......0...g...

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  592: 12 31 0B 30 09 80 01 00 81 01 00 82 01 02 30 5D  .1.0..........0]

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  608: 06 03 55 1D 11 01 01 FF 04 53 30 51 A4 42 30 40  ..U......S0Q.B0@

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  624: 31 16 30 14 06 05 67 81 05 02 01 0C 0B 69 64 3A  1.0...g......id:

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  640: 30 30 30 30 30 30 30 30 31 12 30 10 06 05 67 81  000000001.0...g.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  656: 05 02 02 0C 07 55 6E 6B 6E 6F 77 6E 31 12 30 10  .....Unknown1.0.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  672: 06 05 67 81 05 02 03 0C 07 69 64 3A 30 30 30 30  ..g......id:0000

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  688: A0 0B 06 05 67 81 05 02 0F A0 02 0C 00 30 0C 06  ....g........0..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  704: 03 55 1D 13 01 01 FF 04 02 30 00 30 81 E0 06 03  .U.......0.0....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  720: 55 1D 20 01 01 FF 04 81 D5 30 81 D2 30 67 06 0A  U. ......0..0g..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  736: 2B 06 01 04 01 81 E3 42 01 10 30 59 30 29 06 08  +......B..0Y0)..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  752: 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 3A 2F  +.........http:/

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  768: 2F 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63  /www.privacyca.c

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  784: 6F 6D 2F 63 70 73 2F 30 2C 06 08 2B 06 01 05 05  om/cps/0,..+....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  800: 07 02 02 30 20 0C 1E 54 43 50 41 20 54 72 75 73  ...0 ..TCPA Trus

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  816: 74 65 64 20 50 6C 61 74 66 6F 72 6D 20 49 64 65  ted Platform Ide

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  832: 6E 74 69 74 79 30 67 06 04 55 1D 20 00 30 5F 30  ntity0g..U. .0_0

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  848: 25 06 08 2B 06 01 05 05 07 02 01 16 19 68 74 74  %..+.........htt

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  864: 70 3A 2F 2F 77 77 77 2E 70 72 69 76 61 63 79 63  p://www.privacyc

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  880: 61 2E 63 6F 6D 2F 30 36 06 08 2B 06 01 05 05 07  a.com/06..+.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  896: 02 02 30 2A 0C 28 54 43 50 41 20 54 72 75 73 74  ..0*.(TCPA Trust

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  912: 65 64 20 50 6C 61 74 66 6F 72 6D 20 4D 6F 64 75  ed Platform Modu

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  928: 6C 65 20 45 6E 64 6F 72 73 65 6D 65 6E 74 30 1F  le Endorsement0.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  944: 06 03 55 1D 23 04 18 30 16 80 14 B0 E5 97 E0 9B  ..U.#..0........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  960: 23 75 B1 FD BF 01 5E 72 BA 36 D4 48 32 A0 33 30  #u....^r.6.H2.30

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  976: 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82  ...*.H..........

Feb 10 09:05:24 pin1212a00 charon: 06[TNC]  992: 01 01 00 1D 78 37 95 C3 37 C6 09 C4 1C 3D C3 0A  ....x7..7....=..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1008: 01 7F 59 8D 24 A8 74 81 C9 79 A2 63 45 2C 04 0C  ..Y.$.t..y.cE,..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1024: B4 CD 7F B9 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42  ....B..gg.E...~B

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1040: B7 2A 8A 74 14 B7 BE FF EB 77 0E 99 E7 ED 9D EA  .*.t.....w......

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1056: 49 8C 7B 12 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74  I.{.`U........;t

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1072: 20 F9 17 8A 0F 47 2D 3C DB C4 05 67 3C F0 E0 33   ....G-<...g<..3

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1088: A6 3C C5 0E C6 0B DB 6E 08 6A 09 3B C6 3B 75 1A  .<.....n.j.;.;u.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1104: 7A 6B 84 BA 4A 69 6E AF 59 54 89 4A E5 07 D7 51  zk..Jin.YT.J...Q

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1120: 33 B9 9E AE F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A  3....L..6...R..j

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1136: DC 8D 55 46 E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA  ..UF.....I.C..E.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1152: 26 58 2F D2 E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC  &X/..l........].

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1168: CE 75 EA 92 3D 9C CF 35 C1 F2 3C 87 D6 D5 04 99  .u..=..5..<.....

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1184: 0B C5 9F 45 75 00 23 5F C5 B9 AB 73 D8 57 39 80  ...Eu.#_...s.W9.

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1200: AE 6D 58 98 CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0  .mX...)k....xq..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1216: 6C 8F 25 23 AD A4 C5 FB 70 56 46 84 39 45 01 E9  l.%#....pVF.9E..

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1232: F9 83 7D DC 5F D9 BB BF B1 08 2A 55 94 D6 0F 76  ..}._.....*U...v

Feb 10 09:05:24 pin1212a00 charon: 06[TNC] 1248: BD 73 EE                                         .s.

Feb 10 09:05:24 pin1212a00 charon: 06[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb 10 09:05:24 pin1212a00 charon: 06[ENC] generating IKE_AUTH request 10 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 06[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:24 pin1212a00 charon: 13[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 13[ENC] parsed IKE_AUTH response 10 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 13[ENC] generating IKE_AUTH request 11 [ EAP/RES/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 13[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. File Metadata and Measurement

This PB-TNC CDATA batch contains file metadata and measurement requests:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 14[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:24 pin1212a00 charon: 14[ENC] parsed IKE_AUTH response 11 [ EAP/REQ/TTLS ]

Feb 10 09:05:24 pin1212a00 charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] received TNCCS batch (263 bytes) for Connection ID 1

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 263 bytes @ 0x9b5cd7a

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 02 80 00 02 00 00 01 07 80 00 00 00 00 00 00 01  ................

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 00 00 00 FF 00 00 55 97 00 00 00 01 FF FF 00 01  ......U.........

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 12 1C C0 C5 80 00 55 97 00 70 00 00  ..........U..p..

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   48: 00 00 00 1F 00 2F 00 00 2F 65 74 63 2F 74 6E 63  ...../../etc/tnc

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   64: 5F 63 6F 6E 66 69 67 80 00 55 97 00 C0 00 00 00  _config..U......

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   80: 00 00 32 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F  ..2.......//lib/

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   96: 69 33 38 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C  i386-linux-gnu/l

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  112: 69 62 64 6C 2E 73 6F 2E 32 80 00 55 97 00 C0 00  ibdl.so.2..U....

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  128: 00 00 00 00 22 00 00 00 02 00 00 00 2F 2F 73 62  ....".......//sb

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  144: 69 6E 2F 69 70 74 61 62 6C 65 73 80 00 55 97 00  in/iptables..U..

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  160: C0 00 00 00 00 00 28 00 00 00 03 00 00 00 2F 2F  ......(.......//

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  176: 6C 69 62 2F 6C 69 62 78 74 61 62 6C 65 73 2E 73  lib/libxtables.s

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  192: 6F 2E 35 80 00 55 97 00 C0 00 00 00 00 00 21 80  o.5..U........!.

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  208: 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61 62  ......//lib/xtab

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  224: 6C 65 73 2F 80 00 55 97 00 C0 00 00 00 00 00 23  les/..U........#

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  240: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]  256: 36 74 61 62 6C 65 73                             6tables

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PB-TNC SDATA batch

</pre>

Again the PTS-IMC is subscribed to this PB-PA message type:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PB-PA message (255 bytes)

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message consists of one 'Request File Metadata' and five 'Request File Measurement' attributes:

<pre>

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC message with ID 0x121cc0c5

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Metadata' 0x005597/0x00700000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 19 bytes @ 0x9b5de6c

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 2F 00 00 2F 65 74 63 2F 74 6E 63 5F 63 6F 6E  ./../etc/tnc_con

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 66 69 67                                         fig

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 38 bytes @ 0x9b5de8b

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 01 00 00 00 2F 2F 6C 69 62 2F 69 33 38  .......//lib/i38

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 36 2D 6C 69 6E 75 78 2D 67 6E 75 2F 6C 69 62 64  6-linux-gnu/libd

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   32: 6C 2E 73 6F 2E 32                                l.so.2

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 22 bytes @ 0x9b5debd

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 02 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 74 61 62 6C 65 73                                tables

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 28 bytes @ 0x9b5dedf

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 03 00 00 00 2F 2F 6C 69 62 2F 6C 69 62  .......//lib/lib

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 78 74 61 62 6C 65 73 2E 73 6F 2E 35              xtables.so.5

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 21 bytes @ 0x9b5df07

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 80 00 00 04 00 00 00 2F 2F 6C 69 62 2F 78 74 61  .......//lib/xta

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 62 6C 65 73 2F                                   bles/

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] processing PA-TNC attribute type 'TCG/Request File Measurement' 0x005597/0x00c00000

Feb 10 09:05:24 pin1212a00 charon: 14[TNC] => 23 bytes @ 0x9b5df28

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]    0: 00 00 00 05 00 00 00 2F 2F 73 62 69 6E 2F 69 70  .......//sbin/ip

Feb 10 09:05:24 pin1212a00 charon: 14[TNC]   16: 36 74 61 62 6C 65 73                             6tables

</pre>

The metadata for /etc/tnc_config is retrieved and the SHA-1 hash values for the four file measurement requests are computed.

Measurement request 4 is for the contents of a directory which generates quite some work.

<pre>

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] metadata request for file '/etc/tnc_config'

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 1 for file '/lib/i386-linux-gnu/libdl.so.2'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   40:9b:b1:a9:7e:26:ea:11:44:cd:d6:80:1b:81:59:f1:7f:37:6b:8f for 'libdl.so.2'

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 2 for file '/sbin/iptables'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   ff:6d:ec:a0:ee:b7:a2:57:20:5c:5f:0a:b5:f5:d8:21:ea:18:40:98 for 'iptables'

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 3 for file '/lib/libxtables.so.5'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   7a:3c:a7:21:58:e6:0b:0c:91:e4:8a:42:08:48:f1:b6:93:ae:a2:6c for 'libxtables.so.5'

Feb 10 09:05:24 pin1212a00 charon: 14[IMC] measurement request 4 for directory '/lib/xtables/'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   18:36:41:80:9a:27:b0:8f:fe:59:c1:38:8c:da:6c:41:4b:dc:e6:d6 for 'libxt_tos.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   47:52:53:2c:b9:41:a1:fd:98:11:4c:2f:99:9e:b6:16:98:bd:df:35 for 'libip6t_eui64.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   ee:9b:c9:37:a8:db:06:d4:ba:a2:14:7b:47:8e:ac:af:fe:8c:c8:f7 for 'libipt_realm.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   32:d4:43:76:1a:af:13:ef:8b:3c:d7:86:9a:f9:0b:57:a7:44:58:25 for 'libxt_connlimit.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   20:cf:56:e5:ce:52:11:72:29:f5:5e:1e:ad:52:31:a7:66:b2:dd:5c for 'libxt_hashlimit.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   d5:37:d4:37:f0:58:13:6e:b3:d7:be:51:7d:be:76:47:b6:23:c6:19 for 'libxt_mark.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   dd:7b:c0:9b:d9:94:25:a1:e3:6b:69:a1:19:60:a9:00:37:e2:98:79 for 'libxt_TOS.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   fc:ca:5d:a6:7d:11:c7:ad:fd:f8:49:88:b0:96:b0:20:f9:0e:77:8a for 'libip6t_rt.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   24:15:12:c0:4d:81:6c:c8:91:10:f1:c0:fd:ab:39:d4:97:ad:9f:1b for 'libxt_TPROXY.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   44:92:7e:1b:2d:34:c5:d9:45:b8:13:33:8c:ca:41:98:3c:be:20:f7 for 'libxt_dscp.so'

Feb 10 09:05:24 pin1212a00 charon: 14[PTS]   f2:b9:91:45:6c:6b:6e:55:04:03:d4:66:5c:13:d6:c2:3e:a9:f4:a3 for 'libxt_SET.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2d:0d:d5:0b:f5:10:78:05:b7:f9:35:c7:2f:94:c9:ba:a2:01:22:b0 for 'libxt_quota.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   b5:99:55:3b:bd:35:be:b4:f9:93:90:33:f4:4b:65:3d:ad:ba:5e:9c for 'libxt_statistic.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9f:b6:70:dc:86:7c:58:b5:83:ef:59:a0:c8:1b:56:35:1d:6b:2c:4b for 'libxt_IDLETIMER.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   6c:0b:2d:f4:fc:4c:91:22:b5:76:2a:e1:40:d5:3f:dd:1c:f9:e8:9b for 'libxt_conntrack.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3d:c5:69:0b:31:f0:69:93:3c:cc:14:e4:3f:7c:09:da:a3:e0:09:8d for 'libxt_mac.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f7:d6:a5:d8:5a:32:98:d2:1c:ec:71:37:d9:47:da:90:c4:55:e4:6b for 'libxt_rateest.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d0:27:a6:aa:de:8b:34:d2:72:d5:f2:23:5d:81:78:83:90:40:48:13 for 'libxt_DSCP.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   af:75:74:c5:d6:74:4d:fa:2e:2d:8c:d0:c4:f4:cc:f7:06:42:20:30 for 'libipt_NETMAP.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2c:19:75:6c:4a:35:48:68:d0:50:a6:58:32:e7:c1:36:b4:a9:94:c3 for 'libxt_LED.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e2:f7:b9:2a:bd:a7:69:f8:27:96:f5:7a:29:80:18:70:58:5d:ce:a3 for 'libipt_SNAT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   0f:c1:21:24:64:f3:b1:b9:73:eb:c0:6c:19:90:bb:b9:88:fe:cc:8a for 'libipt_CLUSTERIP.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2e:a8:67:ef:38:48:b8:a0:2d:a4:d3:99:4b:1f:0e:bc:db:5c:9e:80 for 'libxt_comment.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f9:e3:53:1a:bb:67:a0:20:cf:66:7d:46:ca:82:36:75:dd:0a:0d:d4 for 'libxt_MARK.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5a:eb:2e:92:6c:bd:3c:95:fe:82:25:e0:b3:ef:87:3a:3d:19:42:4b for 'libipt_MIRROR.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   33:9a:58:a1:b3:13:83:0c:3c:c7:4c:b3:fb:52:a5:b8:15:2f:44:e6 for 'libxt_esp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:f9:01:0e:e2:24:7c:f2:d7:64:1c:f0:4f:0c:a7:32:d0:fd:e8:68 for 'libxt_NOTRACK.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d6:c8:df:ba:ae:7a:b2:8b:5c:ef:26:26:a2:af:3f:99:a6:ea:43:65 for 'libipt_LOG.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   06:5d:f7:20:d2:c2:86:71:72:8a:96:33:53:0d:e5:94:cf:bf:e8:97 for 'libxt_recent.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2d:32:ef:93:12:6a:bf:8c:66:0d:57:c6:7e:50:76:c6:39:4c:ab:e8 for 'libxt_policy.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   71:40:3f:f1:c6:ca:92:7a:ba:1d:c6:8c:8e:52:a6:76:ae:c1:c9:70 for 'libxt_RATEEST.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   22:35:fe:d7:aa:6b:9a:8b:9b:db:7f:db:34:9a:35:9f:01:c1:b4:01 for 'libxt_u32.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   53:0e:8c:15:15:4a:da:bc:f7:39:c5:e2:46:ba:15:36:6f:05:b3:6b for 'libipt_ah.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9a:d0:87:53:a6:70:8e:1d:60:da:ce:3a:58:ef:44:00:27:70:a6:bd for 'libipt_unclean.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   aa:d3:68:ae:62:e7:d0:1d:a3:3e:a7:8e:1a:7c:1a:1f:18:2a:6a:d4 for 'libxt_dccp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ab:78:0c:51:34:7b:ff:66:9c:97:1e:f2:c7:0b:06:d9:bd:78:7b:c9 for 'libxt_connmark.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   36:1d:6f:75:96:07:ad:c4:0d:6f:e0:af:7d:3f:91:57:94:a4:db:b0 for 'libipt_ECN.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   42:4c:99:a6:21:e1:19:c8:8b:f7:0e:78:ff:b6:4c:6d:72:db:7b:51 for 'libxt_NFQUEUE.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   8f:d3:f5:95:98:1c:49:89:61:fc:94:67:83:0d:dd:37:20:08:c0:85 for 'libxt_physdev.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   38:e9:ff:af:cf:02:73:6d:6b:9c:5e:b4:03:c5:d5:26:12:a4:64:16 for 'libxt_SECMARK.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5d:93:68:d5:e3:ea:c0:93:d6:dc:ba:d5:c0:24:ed:3d:56:66:68:c2 for 'libxt_length.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7a:b7:2f:5e:8e:54:89:e6:d3:aa:3d:4f:8b:ac:d0:f9:3a:71:4b:e2 for 'libxt_TRACE.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5c:3a:42:5d:c4:25:60:8c:21:f7:3a:58:de:45:90:43:3a:e4:19:ad for 'libipt_ULOG.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   d6:0e:93:16:f6:2d:46:bd:1d:6b:f9:b7:34:d3:ac:7e:40:2f:29:30 for 'libipt_ttl.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   73:d7:5e:80:9f:53:fc:84:40:73:08:db:52:89:3f:3d:31:83:53:10 for 'libxt_limit.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   16:0d:2b:04:d1:1e:b2:25:fb:14:86:15:b6:99:08:18:69:e1:5b:6c for 'libipt_DNAT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   aa:9a:5b:58:cb:d0:53:5b:ce:8d:d9:e4:f2:d8:d3:25:38:ce:24:72 for 'libxt_tcpmss.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   51:f1:be:7e:59:08:62:a2:c2:5f:29:f4:c5:ef:01:f0:52:df:2a:c5 for 'libipt_REDIRECT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a0:7e:a0:ae:3d:00:8f:37:97:c5:67:e6:29:cb:73:79:cb:15:02:ed for 'libipt_addrtype.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:1c:20:2b:10:37:cc:24:54:fd:0d:cc:cc:40:e3:15:71:63:0d:9f for 'libxt_CONNMARK.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c5:22:71:d3:8f:10:56:78:d4:cd:0c:3c:04:0a:21:cc:db:24:57:e3 for 'libxt_pkttype.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   6c:f9:db:a7:25:ac:38:d3:be:ff:dc:d8:f6:65:5b:d5:f4:66:6d:25 for 'libipt_icmp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   37:d6:ae:25:19:77:21:4d:7a:d1:c2:95:80:94:24:af:1e:8e:76:b1 for 'libxt_set.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e3:58:f5:3f:5c:4b:73:df:16:22:e8:16:41:d9:18:f9:23:ab:c6:2c for 'libxt_cluster.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   11:ce:3b:45:fe:b3:e6:6a:75:49:0d:42:ba:95:07:1a:c6:f4:0a:7f for 'libxt_udp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c1:66:c2:84:d3:95:78:3a:48:d3:02:c9:61:cb:60:d7:ec:e7:68:ab for 'libxt_multiport.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   29:8a:18:85:82:22:26:dc:be:b2:e9:08:f2:b2:69:b7:a8:27:1a:66 for 'libxt_CLASSIFY.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c6:3e:0e:cc:c2:03:94:f9:3d:49:25:3b:33:0d:f3:2c:47:ff:d9:96 for 'libxt_CT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   23:29:6f:48:27:6e:16:0b:6d:99:b1:b4:2a:91:14:df:72:0b:b1:ab for 'libip6t_LOG.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   48:a5:5a:a0:dc:11:94:af:63:ba:01:62:00:1c:e1:e9:b3:77:b1:59 for 'libxt_TEE.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   86:6c:55:30:ae:45:69:1b:3c:4e:08:ba:29:3b:33:26:e8:ff:1f:b3 for 'libip6t_frag.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   39:09:5f:23:c9:34:72:21:57:5d:a8:a1:30:41:cc:7b:dc:de:73:54 for 'libxt_cpu.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   00:32:1b:d8:00:d7:08:2f:0d:ee:78:ef:a1:66:1e:24:6c:3d:aa:b4 for 'libxt_iprange.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a3:45:6c:85:20:bf:0b:c3:f0:ee:0a:1c:80:03:21:c0:19:b4:a8:82 for 'libxt_standard.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   24:f6:13:0d:e2:e5:bb:94:30:b7:1a:aa:e5:c9:42:47:b3:b6:ea:91 for 'libip6t_hl.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   56:7e:01:c5:09:23:ab:1c:19:03:b6:fb:84:9f:a6:8f:19:63:0c:a3 for 'libip6t_HL.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   fd:d2:27:82:6f:c2:9d:b7:d1:b6:ed:2b:e4:14:52:14:f3:92:16:cd for 'libipt_TTL.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   69:47:c7:94:45:0c:04:df:1c:c8:e4:17:15:ce:3d:24:7f:c5:16:c9 for 'libxt_connbytes.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   f8:93:2b:81:16:dd:d4:cf:0f:d5:f5:52:88:18:f2:1a:df:90:cb:74 for 'libxt_ipvs.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3e:f8:a5:fd:8a:e2:28:77:84:ae:7e:dc:f8:4f:bf:b5:24:b4:97:bb for 'libxt_CONNSECMARK.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   18:fa:a3:14:df:37:fc:d0:1b:9f:1a:ea:6f:db:f0:70:c8:38:b6:a6 for 'libxt_state.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   4e:05:db:c9:87:2d:6c:6d:af:38:45:8b:35:b1:ba:6d:6a:94:d2:1f for 'libip6t_REJECT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   47:e0:cf:82:a1:21:16:d6:8a:a6:42:39:c4:9a:23:aa:b6:cb:35:f4 for 'libxt_string.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   33:d0:40:bc:0c:64:d3:8b:99:7b:fa:ee:ae:04:59:07:c5:2b:e6:70 for 'libxt_owner.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   2b:07:68:91:49:e0:7c:ed:d6:d3:77:49:3d:17:68:ff:23:78:ac:b8 for 'libip6t_ipv6header.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7f:cd:3d:b6:df:87:13:c0:e7:c7:2d:ad:d7:04:55:99:a7:49:f2:a0 for 'libipt_REJECT.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   95:3b:e7:07:c1:5b:15:80:a3:bb:ed:4c:7e:4c:22:1e:2d:58:44:ff for 'libxt_CHECKSUM.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5d:32:1b:a9:90:9d:a2:38:b6:de:15:0b:0d:10:33:7c:16:cf:4c:e4 for 'libxt_TCPOPTSTRIP.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   e2:db:af:67:88:9b:bd:1f:f0:fb:da:b8:4e:00:e2:87:53:9d:61:ed for 'libxt_helper.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   9d:96:65:a3:38:9e:3f:67:a8:15:3f:a1:c3:7b:59:68:85:a4:09:b9 for 'libipt_SAME.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   a6:06:e1:bb:12:92:88:f1:90:0d:57:88:1c:3e:ac:ee:e7:27:ec:64 for 'libxt_socket.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   3b:1c:fb:8c:71:c9:04:be:b5:57:19:34:87:91:5f:f5:82:6a:33:47 for 'libipt_ecn.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   1d:74:0a:bd:38:f9:f4:bc:81:ca:43:4a:0e:25:b6:e2:17:04:24:8b for 'libxt_tcp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   5a:0d:07:ab:03:66:03:a7:67:59:e5:f6:1f:7d:04:f2:d3:c0:56:cc for 'libipt_MASQUERADE.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   45:8a:e7:fc:05:34:ef:2a:eb:d5:6f:ce:4d:26:db:10:bd:7f:63:a4 for 'libip6t_hbh.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   1c:b5:30:10:26:19:6e:d1:d2:6f:9c:7f:92:f3:6f:b1:ee:39:48:41 for 'libxt_time.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   42:2c:14:1e:ab:57:e9:c9:a8:0a:3c:7b:31:c2:6a:d4:d0:b5:ed:07 for 'libip6t_ah.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   c9:16:92:db:c9:06:c0:de:e9:7c:b9:6e:ba:fd:6e:f1:ff:cc:4d:1b for 'libip6t_icmp6.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   28:e0:5c:e1:9a:52:ab:16:23:71:cb:5c:14:8f:b1:6e:c7:c3:4a:d6 for 'libxt_NFLOG.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ac:87:0e:51:06:2d:69:a6:b1:9a:71:e5:1d:19:4b:9b:0c:29:51:cf for 'libip6t_dst.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   34:3d:51:24:47:fc:02:22:63:19:9f:d2:3f:7b:21:6b:46:e0:1e:b3 for 'libxt_sctp.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   7f:f7:ef:5a:4e:01:de:31:18:5d:79:cc:d9:a3:14:a6:a1:2d:3a:65 for 'libxt_TCPMSS.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   ca:1e:da:79:68:a9:0f:6c:c9:14:0a:bd:d1:d1:77:11:6b:69:97:e1 for 'libxt_osf.so'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   32:7f:fa:63:fc:c0:8e:14:e5:64:6b:78:ac:e3:76:94:3a:95:12:7a for 'libip6t_mh.so'

Feb 10 09:05:25 pin1212a00 charon: 14[IMC] measurement request 5 for file '/sbin/ip6tables'

Feb 10 09:05:25 pin1212a00 charon: 14[PTS]   8a:7c:41:16:7b:c0:fc:c1:de:c8:32:9a:86:8b:a2:65:c2:38:57:f5 for 'ip6tables'

</pre>

Packed into one 'Unix-Style File Metadata' and four 'File Measurement' attributes the measured file data is returned to the TNC server:

<pre>

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC message with ID 0x76759cfc

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/Unix-Style File Metadata' 0x005597/0x00900000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 70 bytes @ 0x9b5d4c8

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 3E 08 00 00 00 00 00  .........>......

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 00 00 00 6C 00 00 00 00 4F 2F F3 66 00 00 00 00  ...l....O/.f....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 4F 2F F3 66 00 00 00 00 4F 33 BD 1C 00 00 00 00  O/.f....O3......

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 00 00 00 00 00 00 00 00 00 00 00 00 74 6E 63 5F  ............tnc_

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: 63 6F 6E 66 69 67                                config

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 44 bytes @ 0x9b55388

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 01 00 14 40 9B B1 A9  ............@...

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 7E 26 EA 11 44 CD D6 80 1B 81 59 F1 7F 37 6B 8F  ~&..D.....Y..7k.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0A 6C 69 62 64 6C 2E 73 6F 2E 32              ..libdl.so.2

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 42 bytes @ 0x9b5d8b0

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0  .............m..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: EE B7 A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98  ...W \_....!..@.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 08 69 70 74 61 62 6C 65 73                    ..iptables

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 49 bytes @ 0x9b5ac48

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 03 00 14 7A 3C A7 21  ............z<.!

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6 93 AE A2 6C  X......B.H.....l

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0F 6C 69 62 78 74 61 62 6C 65 73 2E 73 6F 2E  ..libxtables.so.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 35                                               5

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 3475 bytes @ 0x9b61048

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41 80  .......^.....6A.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6 D6  .'...Y.8..lAK...

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47 52  ..libxt_tos.soGR

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98 BD  S,.A....L/......

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69 36  .5..libip6t_eui6

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   80: 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14 7B  4.so...7.......{

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   96: 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70 74  G.........libipt

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  112: 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF 13  _realm.so2.Cv...

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  128: EF 8B 3C D7 86 9A F9 0B 57 A7 44 58 25 00 12 6C  ..<.....W.DX%..l

                                         --------------- truncated attribute ----------------

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PA-TNC attribute type 'TCG/File Measurement' 0x005597/0x00d00000

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 43 bytes @ 0x9b55d88

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 00 00 00 00 00 00 00 01 00 05 00 14 8A 7C 41 16  .............|A.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 7B C0 FC C1 DE C8 32 9A 86 8B A2 65 C2 38 57 F5  {.....2....e.8W.

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 00 09 69 70 36 74 61 62 6C 65 73                 ..ip6tables

</pre>

All data is packed into a huge PB-TNC CDATA batch spanning four IKEv2 UDP datagrams:

<pre>

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] creating PB-TNC CDATA batch

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] adding PB-PA message

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] sending PB-TNC CDATA batch (3835 bytes) for Connection ID 1

Feb 10 09:05:25 pin1212a00 charon: 14[TNC] => 3835 bytes @ 0x9b5fe10

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]    0: 02 00 00 01 00 00 0E FB 80 00 00 00 00 00 00 01  ................

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   16: 00 00 0E F3 00 00 55 97 00 00 00 01 00 01 FF FF  ......U.........

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   32: 01 00 00 00 76 75 9C FC 80 00 55 97 00 90 00 00  ....vu....U.....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   48: 00 00 00 52 00 00 00 00 00 00 00 01 00 3E 08 00  ...R.........>..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   64: 00 00 00 00 00 00 00 6C 00 00 00 00 4F 2F F3 66  .......l....O/.f

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   80: 00 00 00 00 4F 2F F3 66 00 00 00 00 4F 33 BD 1C  ....O/.f....O3..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]   96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  112: 74 6E 63 5F 63 6F 6E 66 69 67 80 00 55 97 00 D0  tnc_config..U...

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  128: 00 00 00 00 00 38 00 00 00 00 00 00 00 01 00 01  .....8..........

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  144: 00 14 40 9B B1 A9 7E 26 EA 11 44 CD D6 80 1B 81  ..@...~&..D.....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  160: 59 F1 7F 37 6B 8F 00 0A 6C 69 62 64 6C 2E 73 6F  Y..7k...libdl.so

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  176: 2E 32 80 00 55 97 00 D0 00 00 00 00 00 36 00 00  .2..U........6..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  192: 00 00 00 00 00 01 00 02 00 14 FF 6D EC A0 EE B7  ...........m....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  208: A2 57 20 5C 5F 0A B5 F5 D8 21 EA 18 40 98 00 08  .W \_....!..@...

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  224: 69 70 74 61 62 6C 65 73 80 00 55 97 00 D0 00 00  iptables..U.....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  240: 00 00 00 3D 00 00 00 00 00 00 00 01 00 03 00 14  ...=............

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  256: 7A 3C A7 21 58 E6 0B 0C 91 E4 8A 42 08 48 F1 B6  z<.!X......B.H..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  272: 93 AE A2 6C 00 0F 6C 69 62 78 74 61 62 6C 65 73  ...l..libxtables

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  288: 2E 73 6F 2E 35 80 00 55 97 00 D0 00 00 00 00 0D  .so.5..U........

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  304: 9F 00 00 00 00 00 00 00 5E 00 04 00 14 18 36 41  ........^.....6A

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  320: 80 9A 27 B0 8F FE 59 C1 38 8C DA 6C 41 4B DC E6  ..'...Y.8..lAK..

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  336: D6 00 0C 6C 69 62 78 74 5F 74 6F 73 2E 73 6F 47  ...libxt_tos.soG

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  352: 52 53 2C B9 41 A1 FD 98 11 4C 2F 99 9E B6 16 98  RS,.A....L/.....

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  368: BD DF 35 00 10 6C 69 62 69 70 36 74 5F 65 75 69  ..5..libip6t_eui

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  384: 36 34 2E 73 6F EE 9B C9 37 A8 DB 06 D4 BA A2 14  64.so...7.......

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  400: 7B 47 8E AC AF FE 8C C8 F7 00 0F 6C 69 62 69 70  {G.........libip

Feb 10 09:05:25 pin1212a00 charon: 14[TNC]  416: 74 5F 72 65 61 6C 6D 2E 73 6F 32 D4 43 76 1A AF  t_realm.so2.Cv..

                                         ----------------- truncated batch ------------------

Feb 10 09:05:25 pin1212a00 charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/RES/TNC]

Feb 10 09:05:25 pin1212a00 charon: 14[ENC] generating IKE_AUTH request 12 [ EAP/RES/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 14[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:25 pin1212a00 charon: 03[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:25 pin1212a00 charon: 03[ENC] parsed IKE_AUTH response 12 [ EAP/REQ/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 03[ENC] generating IKE_AUTH request 13 [ EAP/RES/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 03[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:25 pin1212a00 charon: 08[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:25 pin1212a00 charon: 08[ENC] parsed IKE_AUTH response 13 [ EAP/REQ/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 08[ENC] generating IKE_AUTH request 14 [ EAP/RES/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 08[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

Feb 10 09:05:25 pin1212a00 charon: 09[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb 10 09:05:25 pin1212a00 charon: 09[ENC] parsed IKE_AUTH response 14 [ EAP/REQ/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 09[ENC] generating IKE_AUTH request 15 [ EAP/RES/TTLS ]

Feb 10 09:05:25 pin1212a00 charon: 09[NET] sending packet: from 192.168.0.254[4500] to 192.168.0.1[4500]

</pre>

h3. Functional Component Evidence

The final PB-TNC SDATA batch arrives from the TNC server:

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[NET] received packet: from 192.168.0.1[4500] to 192.168.0.254[4500]

Feb  9 14:53:48 pin1212a00 charon: 12[ENC] parsed IKE_AUTH response 15 [ EAP/REQ/TTLS ]

Feb  9 14:53:48 pin1212a00 charon: 12[IKE] received tunneled EAP-TTLS AVP [EAP/REQ/TNC]

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] received TNCCS batch (92 bytes) for Connection ID 1

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 92 bytes @ 0x9132af2

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 02 80 00 02 00 00 00 5C 80 00 00 00 00 00 00 01  .......\........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   16: 00 00 00 54 00 00 55 97 00 00 00 01 FF FF 00 01  ...T..U.........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   32: 01 00 00 00 DA 91 A1 B4 80 00 55 97 00 10 00 00  ..........U.....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   48: 00 00 00 24 10 00 00 00 00 90 2A 21 00 00 00 03  ...$......*!....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   64: 10 00 00 00 00 90 2A 21 00 00 00 02 80 00 55 97  ......*!......U.

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   80: 00 20 00 00 00 00 00 10 00 00 00 00              . ..........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-TNC SDATA batch

</pre>

Again the PTS-IMC is subscribed to this PB-PA message type:

<pre>

Per subscription the PTS-IMC receives this PB-PA message type:

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PB-PA message (84 bytes)

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001

</pre>

The PA-TNC message contains a 'Request Functional Component Evidence' and a final 'Generate Attestation Evidence' attribute from the TCG namespace:<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[IMC] IMC 1 "Attestation" received message for Connection ID 1 from IMV 1

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC message with ID 0xda91a1b4

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Request Functional Component Evidence' 0x005597/0x00100000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 24 bytes @ 0x91384bc

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 10 00 00 00 00 90 2A 21 00 00 00 03 10 00 00 00  ......*!........

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]   16: 00 90 2A 21 00 00 00 02                          ..*!....

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] processing PA-TNC attribute type 'TCG/Generate Attestation Evidence' 0x005597/0x00200000

Feb  9 14:53:48 pin1212a00 charon: 12[TNC] => 4 bytes @ 0x91384e0

Feb  9 14:53:48 pin1212a00 charon: 12[TNC]    0: 00 00 00 00                                      ....

</pre>

The first of the ordered evidence request is for the "Linux IMA":http://linux-ima.sourceforge.net/ functional component defined in the ITA-HSR namespace which verifies the 27 measurements extended into PCRs 0..11 during the pre-boot process.

<pre>

Feb  9 14:53:48 pin1212a00 charon: 12[IMC] evidence requested for 2 functional components

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] * ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] loaded bios measurements '/sys/kernel/security/tpm0/binary_bios_measurements' (27 entries)

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 extended with: c4:2f:ed:ad:26:82:00:cb:1d:15:f9:78:41:c3:44:e7:9d:ae:33:20

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 after value  : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 extended with: e4:73:a3:20:09:19:84:8c:04:f5:cb:4b:32:d3:9a:55:7e:8f:87:09

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 before value : 98:72:96:4b:9b:40:cd:d0:36:3f:cd:6a:f8:c2:67:c9:cb:34:20:0b

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 after value  : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 extended with: 5f:62:1b:65:d8:dc:5c:10:05:e9:ef:e2:71:42:c3:01:4a:c1:74:20

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 after value  : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 extended with: c4:44:e3:23:0e:0b:f1:f5:21:b1:b2:b3:56:fe:3e:a0:05:38:7f:f7

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 after value  : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 extended with: 13:87:18:5a:92:ca:4f:ba:8a:31:fb:b7:a4:6a:c4:57:76:0a:19:35

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 before value : 5d:42:68:fb:80:bf:1e:31:8d:67:b4:d0:8d:49:a1:3c:6f:3a:fe:93

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 after value  : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 extended with: 86:ac:7f:d5:c5:12:8c:3e:d6:bb:16:38:7e:53:08:ae:b5:26:18:4e

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 before value : 7f:d4:dd:1b:15:3f:d1:e9:28:b1:19:f3:7c:b3:7a:0c:f5:02:f4:34

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 after value  : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 extended with: 26:d0:e4:c7:cf:a9:20:e2:ce:26:7d:ba:86:c9:70:6e:d9:a8:6c:8d

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 before value : 57:23:71:2b:e6:b6:50:ff:5a:0c:2a:44:ab:03:5c:58:5a:8f:bc:57

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 after value  : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  6 extended with: 05:d4:2f:27:12:07:af:f9:7d:e1:f3:12:77:4d:ac:da:95:74:74:7a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  6 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  6 after value  : b0:5b:cd:50:47:bf:36:0c:2d:bb:a2:7a:5d:a5:ee:66:17:72:a2:0c

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 extended with: c1:8b:03:f7:c7:b5:d6:8b:82:56:61:21:72:e8:60:df:34:cb:4d:6d

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 before value : ba:15:bb:86:8e:1f:18:a7:ee:2a:3c:57:02:81:0e:bc:c3:09:a2:46

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 after value  : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  5 extended with: cd:0f:db:45:31:a6:ec:41:be:27:53:ba:04:26:37:d6:e5:f7:f2:56

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  5 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  5 after value  : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 before value : 26:14:c8:bd:2d:1b:59:c7:6a:58:51:ac:a4:39:14:7b:ee:5b:f7:7d

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  0 after value  : 61:d7:c2:06:bd:93:7c:91:82:0f:76:18:c6:17:97:c2:1c:cd:13:13

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 before value : 88:31:7b:60:dd:25:58:40:d5:36:3b:b3:98:41:18:95:c6:45:90:2a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  1 after value  : 50:0b:2f:05:3d:65:11:23:d4:bd:42:91:a6:9b:99:f3:19:c5:79:c9

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 before value : 7b:ad:15:ce:ed:57:ad:26:98:19:d0:72:0a:5b:89:e9:5f:3a:1e:29

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  2 after value  : de:eb:6e:c1:78:fc:05:ad:c9:a7:fa:d8:ca:63:3a:34:a4:7e:04:da

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  3 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  3 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  3 after value  : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  4 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  4 before value : 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  4 after value  : 3a:3f:78:0f:11:a4:b4:99:69:fc:aa:80:cd:6e:39:57:c3:3b:22:75

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] ITA-HSR functional component 'Linux IMA' [K.] 'Trusted Platform'

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] measurement time: Feb 06 09:55:33 2012

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  5 extended with: d9:be:65:24:a5:f5:04:7d:b5:86:68:13:ac:f3:27:78:92:a7:a3:0a

Feb  9 14:53:48 pin1212a00 charon: 12[PTS] PCR  5 before value : ee:01:a0:35:29:a6:b3:8b:5d:ed:18:ab:6a:e8:d7:71:aa:ac:19:25