TNC Server with PTS-IMV » History » Version 45
Version 44 (Andreas Steffen, 10.02.2012 09:16) → Version 45/57 (Andreas Steffen, 10.02.2012 09:21)
h1. TNC Server with PTS-IMV
This HOWTO explains in a step-for-step fashion how a strongSwan IPsec gateway with integrated TNC server functionality and an attached Platform Trust Service Integrity Measurement Verifier (PTS-IMV) can verify remote attestation measurement data provided by a TNC client via the IKEv2 EAP-TTLS protocol.
{{>toc}}
h2. Installation and Configuration
h3. Installing the strongSwan Software
The following steps describe the installation of the strongSwan software
<pre>
wget http://download.strongswan.org/strongswan-4.6.2rc1.tar.bz2
tar xjf strongswan-4.6.2rc1.tar.bz2
cd strongswan-4.6.2rc1
./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl
--enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc
--enable-tnccs-20 --enable-tnc-imv --enable-imv-attestation
make
[sudo] make install
</pre>
The strongSwan *imv-attestation.so* dynamic PTS-IMV library depends on the "TrouSerS":http://sourceforge.net/projects/trousers/ libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.
h3. Configuring the strongSwan Software
The /etc/ipsec.conf file defines an IPsec remote access policy either allowing access to the production network (rw-allow) or to a remediation network (rw-isolate):
<pre>
# ipsec.conf - strongSwan IPsec configuration file
config setup
charondebug="tnc 3, imv 3, pts 3"
conn rw-allow
rightgroups=allow
leftsubnet=10.1.0.0/28
also=rw-eap
auto=add
conn rw-isolate
rightgroups=isolate
leftsubnet=10.1.0.16/28
also=rw-eap
auto=add
conn rw-eap
left=192.168.0.1
leftcert=moonCert.pem
leftid=@moon.strongswan.org
leftauth=eap-ttls
rightauth=eap-ttls
rightid=*@strongswan.org
rightsendcert=never
right=%any
</pre>
The IKEv2 server *moon* is going to use public key based authentication with the location of the private key defined in the /etc/ipsec.secrets file:
<pre>
# /etc/ipsec.secrets - strongSwan IPsec secrets file
: RSA moonKey.pem
carol@strongswan.org : EAP "Ar3etTnp"
</pre>
The following IKEv2 charon and Attestation IMV options are defined in the /etc/strongswan.conf file. Among the options there is an SQLite URI pointing to the PTS measurement database and the path to the directory where the Privacy CA certificates are stored:
<pre>
# /etc/strongswan.conf - strongSwan configuration file
charon {
load = curl sha1 pem pkcs1 pkcs8 gmp random pubkey x509 openssl revocation hmac kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 sqlite tnc-imv stroke
plugins {
eap-ttls {
phase2_method = md5
phase2_piggyback = yes
phase2_tnc = yes
}
eap-tnc {
protocol = tnccs-2.0
}
}
}
libimcv {
plugins {
imv-attestation {
database = sqlite:///etc/pts/config.db
cadir = /etc/pts/cacerts
hash_algorithm = sha1
}
}
}
attest {
database = sqlite:///etc/pts/config.db
}
</pre>
h3. Initializing the PTS Measurement Database
The SQLite database is initialized using the *tables.sql* and *data.sql* files from the strongSwan src/libpts/plugins/imv_attestation source directory:
<pre>
cat tables.sql data.sql | sqlite3 /etc/pts/config.db
</pre>
The following query lists the PTS component functional names defined in the database which currently are all from the ITA-HSR namespace.
<pre>
moon# ipsec attest --components
1: 0x00902a/0x00000001-0x21 ITA-HSR/Trusted GRUB Boot Loader [K.] Trusted Platform
2: 0x00902a/0x00000002-0x21 ITA-HSR/Trusted Boot [K.] Trusted Platform
3: 0x00902a/0x00000003-0x21 ITA-HSR/Linux IMA [K.] Trusted Platform
3 components found
</pre>
In order to authorize the PTS functional component measurements, the fingerprint of TNC client *carol*'s AIK certificate AIK_Cert.der must be entered into the database and must be linked to the component measurements to be executed:
<pre>
moon# ipsec attest --add --owner "Carol, pin1212a00 (Fujitsu Siemens Celsius W510)" --aik AIK_Cert.der --cid 3
key '78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3' inserted into database
key/component pair (2/3) inserted into database
moon# ipsec attest --add --kid 2 --cid 2
key/component pair (2/2) inserted into database
</pre>
The entered data can be checked with the commands
<pre>
moon# ipsec attest --keys
2: 78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3 'Carol, pin1212a00 (Fujitsu Siemens Celsius W510)'
1: b7:72:a6:73:07:76:b9:f0:28:e5:ad:fc:cd:40:b5:5c:32:0a:13:b6 'Andreas, merthyr (Fujitsu Siemens Lifebook S6420)'
2 keys found
moon ~ # ipsec attest --components --kid 2
2: 0x00902a/0x00000002-0x21 ITA-HSR/Trusted Boot [K.] Trusted Platform
3: 0x00902a/0x00000003-0x21 ITA-HSR/Linux IMA [K.] Trusted Platform
2 components found for key 78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3
</pre>
h2. IKEv2 Negotiation
h3. Startup and Initialization
The command
<pre>
ipsec start
</pre>
starts the TNC-enabled IPsec gateway:
<pre>
Feb 10 09:04:59 moon charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2rc1)
Feb 10 09:04:59 moon charon: 00[KNL] listening on interfaces:
Feb 10 09:04:59 moon charon: 00[KNL] eth0
Feb 10 09:04:59 moon charon: 00[KNL] 192.168.0.1
Feb 10 09:04:59 moon charon: 00[KNL] fec0::1
Feb 10 09:04:59 moon charon: 00[KNL] fe80::fcfd:c0ff:fea8:1
Feb 10 09:04:59 moon charon: 00[KNL] eth1
Feb 10 09:04:59 moon charon: 00[KNL] 10.1.0.1
Feb 10 09:04:59 moon charon: 00[KNL] fec1::1
Feb 10 09:04:59 moon charon: 00[KNL] fe80::fcfd:aff:fe01:1
</pre>
The file /etc/tnc_config
<pre>
# IMV configuration file for strongSwan client
IMV "Attestation" /usr/lib/ipsec/imcvs/imv-attestation.so
</pre>
defines which IMVs are loaded by the TNC server. Also the Privacy CA certificates which are required to establish trust in the AIK certificates are loaded:
<pre>
Feb 10 09:04:59 moon charon: 00[TNC] TNC recommendation policy is 'default'
Feb 10 09:04:59 moon charon: 00[TNC] loading IMVs from '/etc/tnc_config'
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA1[sha1] available
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA256[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS measurement algorithm HASH_SHA384[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_2048[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_1536[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_1024[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS DH group ECP_256[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group ECP_384[openssl] available
Feb 10 09:04:59 moon charon: 00[TNC] added IETF attributes
Feb 10 09:04:59 moon charon: 00[TNC] added ITA-HSR attributes
Feb 10 09:04:59 moon charon: 00[LIB] libimcv initialized
Feb 10 09:04:59 moon charon: 00[IMV] IMV 1 "Attestation" initialized
Feb 10 09:04:59 moon charon: 00[TNC] added TCG attributes
Feb 10 09:04:59 moon charon: 00[PTS] added TCG functional component namespace
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component namespace
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader'
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot'
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Linux IMA'
Feb 10 09:04:59 moon charon: 00[LIB] libpts initialized
Feb 10 09:04:59 moon charon: 00[PTS] loading PTS ca certificates from '/etc/pts/cacerts'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA EK+Platform-Cert-Checked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_2_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA Insecure/Unchecked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_0_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA Root Certificate" from '/etc/pts/cacerts/privacy_ca_root_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA EK-Cert-Checked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_1_cert.pem'
Feb 10 09:04:59 moon charon: 00[IMV] IMV 1 "Attestation" provided with bind function
Feb 10 09:04:59 moon charon: 00[TNC] IMV 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:04:59 moon charon: 00[TNC] IMV 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imv-attestation.so'
</pre>
Next the IKEv2 credentials, all necessary plugins and the IPsec connection definitions are loaded
<pre>
Feb 10 09:04:59 moon charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Feb 10 09:04:59 moon charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Feb 10 09:04:59 moon charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Feb 10 09:04:59 moon charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Feb 10 09:04:59 moon charon: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/moonKey.pem'
Feb 10 09:04:59 moon charon: 00[CFG] loaded EAP secret for carol@strongswan.org
Feb 10 09:04:59 moon charon: 00[DMN] loaded plugins: curl sha1 pem pkcs1 pkcs8 gmp random pubkey x509 openssl revocation hmac kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 sqlite tnc-imv stroke
Feb 10 09:04:59 moon charon: 00[JOB] spawning 16 worker threads
Feb 10 09:04:59 moon charon: 14[CFG] received stroke: add connection 'rw-allow'
Feb 10 09:04:59 moon charon: 14[CFG] loaded certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" from 'moonCert.pem'
Feb 10 09:04:59 moon charon: 14[CFG] added configuration 'rw-allow'
Feb 10 09:04:59 moon charon: 15[CFG] received stroke: add connection 'rw-isolate'
Feb 10 09:04:59 moon charon: 15[CFG] loaded certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" from 'moonCert.pem'
Feb 10 09:04:59 moon charon: 15[CFG] added configuration 'rw-isolate'
</pre>
h3. IKEv2 Exchanges
The IPsec gateway *moon* is passively waiting for IPsec clients to initiate an IKEv2 negotiation starting with an IKE_SA_INIT exchange:
<pre>
Feb 10 09:05:24 moon charon: 05[NET] received packet: from 192.168.0.254[500] to 192.168.0.1[500]
Feb 10 09:05:24 moon charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Feb 10 09:05:24 moon charon: 05[IKE] 192.168.0.254 is initiating an IKE_SA
Feb 10 09:05:24 moon charon: 05[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
Feb 10 09:05:24 moon charon: 05[NET] sending packet: from 192.168.0.1[500] to 192.168.0.254[500]
</pre>
followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:
<pre>
Feb 10 09:05:24 moon charon: 04[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 04[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Feb 10 09:05:24 moon charon: 04[CFG] looking for peer configs matching 192.168.0.1[moon.strongswan.org]...192.168.0.254[carol@strongswan.org]
Feb 10 09:05:24 moon charon: 04[CFG] selected peer config 'rw-allow'
Feb 10 09:05:24 moon charon: 04[IKE] initiating EAP_TTLS method (id 0x16)
Feb 10 09:05:24 moon charon: 04[IKE] peer supports MOBIKE
Feb 10 09:05:24 moon charon: 04[ENC] generating IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 04[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
h3. IKEv2 EAP-TTLS Tunnel
The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication
<pre>
Feb 10 09:05:24 moon charon: 03[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 03[ENC] parsed IKE_AUTH request 2 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 03[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Feb 10 09:05:24 moon charon: 03[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'
Feb 10 09:05:24 moon charon: 03[ENC] generating IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 03[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 02[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 02[ENC] parsed IKE_AUTH request 3 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 02[ENC] generating IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 02[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 01[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 01[ENC] parsed IKE_AUTH request 4 [ EAP/RES/TTLS ]
</pre>
h3. Tunneled EAP-Identity
Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity
<pre>
Feb 10 09:05:24 moon charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/ID]
Feb 10 09:05:24 moon charon: 01[ENC] generating IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 01[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 14[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 14[ENC] parsed IKE_AUTH request 5 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/RES/ID]
Feb 10 09:05:24 moon charon: 14[IKE] received EAP identity 'carol@strongswan.org'
</pre>
h3. Tunneled EAP-MD5 Client Authentication
Next follows an EAP-MD5 client authentication
<pre>
Feb 10 09:05:24 moon charon: 14[IKE] phase2 method EAP_MD5 selected
Feb 10 09:05:24 moon charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Feb 10 09:05:24 moon charon: 14[ENC] generating IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 14[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 15[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 15[ENC] parsed IKE_AUTH request 6 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 15[IKE] received tunneled EAP-TTLS AVP [EAP/RES/MD5]
Feb 10 09:05:24 moon charon: 15[IKE] EAP_TTLS phase2 authentication of 'carol@strongswan.org' with EAP_MD5 successful
</pre>
h3. Tunneled EAP-TNC Transport
Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:
<pre>
Feb 10 09:05:24 moon charon: 15[IKE] phase2 method EAP_TNC selected
Feb 10 09:05:24 moon charon: 15[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 15[ENC] generating IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 15[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
h2. PB-TNC/IF-TNCCS 2.0 Connection
A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch from the TNC client is received
<pre>
Feb 10 09:05:24 moon charon: 16[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 16[ENC] parsed IKE_AUTH request 7 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 moon charon: 16[TNC] assigned TNCCS Connection ID 1
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" changed state of Connection ID 1 to 'Handshake'
Feb 10 09:05:24 moon charon: 16[TNC] received TNCCS batch (105 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 16[TNC] => 105 bytes @ 0x807dd82
Feb 10 09:05:24 moon charon: 16[TNC] 0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06 .......i........
Feb 10 09:05:24 moon charon: 16[TNC] 16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75 ....Accept-Langu
Feb 10 09:05:24 moon charon: 16[TNC] 32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00 age: en.........
Feb 10 09:05:24 moon charon: 16[TNC] 48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01 ..B..U..........
Feb 10 09:05:24 moon charon: 16[TNC] 64: 00 00 00 35 C9 DC 7B 00 00 00 00 00 00 00 02 00 ...5..{.........
Feb 10 09:05:24 moon charon: 16[TNC] 80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31 ..".....Ubuntu 1
Feb 10 09:05:24 moon charon: 16[TNC] 96: 31 2E 30 34 20 69 36 38 36 1.04 i686
Feb 10 09:05:24 moon charon: 16[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-TNC CDATA batch
</pre>
containing a 'PB-Language-Preference' and a 'PB-PA' message
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-Language-Preference message (31 bytes)
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-PA message (66 bytes)
</pre>
This causes a new TNCCS connection to be instantiated on the TNC server. Its IF-TNCCS 2.0 state machine immediately transitions from the Init to the ServerWorking state.
!IF-TNCCS-20-State-Diagram.png!
The language preference is set to English (en) and the PB-PA message is forwarded to the PTS-IMV which subscribed to this PA message type:
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] setting language preference to 'en'
Feb 10 09:05:24 moon charon: 16[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
</pre>
The PA-TNC message contains an 'IETF/Product Information' attribute which carries information about the operating system the PTS-IMC is running on:
<pre>
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" received message for Connection ID 1 from IMC 1
Feb 10 09:05:24 moon charon: 16[TNC] processing PA-TNC message with ID 0x35c9dc7b
Feb 10 09:05:24 moon charon: 16[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Feb 10 09:05:24 moon charon: 16[TNC] => 22 bytes @ 0x808021c
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30 .....Ubuntu 11.0
Feb 10 09:05:24 moon charon: 16[TNC] 16: 34 20 69 36 38 36 4 i686
</pre>
h3. PTS Capability Discovery
The PTS-IMV creates a PA-TNC message containing a 'Request PTS Protocol Capabilities' and a 'PTS Measurement Algorithm Request' attribute from the TCG namespace. SHA-1 is the only PTS measurement algorithm proposed by the PTS-IMV.
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC message with ID 0x8b088dab
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000
Feb 10 09:05:24 moon charon: 16[TNC] => 4 bytes @ 0x8080198
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 00 0E ....
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000
Feb 10 09:05:24 moon charon: 16[TNC] => 4 bytes @ 0x8080228
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 80 00 ....
</pre>
The PB-PA message is sent in a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch to the TNC client:
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 moon charon: 16[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 moon charon: 16[TNC] adding PB-PA message
Feb 10 09:05:24 moon charon: 16[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 moon charon: 16[TNC] sending PB-TNC SDATA batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 16[TNC] => 72 bytes @ 0x807d518
Feb 10 09:05:24 moon charon: 16[TNC] 0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01 .......H........
Feb 10 09:05:24 moon charon: 16[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01 ...@..U.........
Feb 10 09:05:24 moon charon: 16[TNC] 32: 01 00 00 00 8B 08 8D AB 80 00 55 97 01 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 16[TNC] 48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 16[TNC] 64: 00 00 00 10 00 00 80 00 ........
Feb 10 09:05:24 moon charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 16[ENC] generating IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 16[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
As a response a PB-TNC CDATA batch is received from the TNC client
<pre>
Feb 10 09:05:24 moon charon: 06[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 06[ENC] parsed IKE_AUTH request 8 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 06[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 moon charon: 06[TNC] received TNCCS batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 06[TNC] => 72 bytes @ 0x807ddd2
Feb 10 09:05:24 moon charon: 06[TNC] 0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01 .......H........
Feb 10 09:05:24 moon charon: 06[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF ...@..U.........
Feb 10 09:05:24 moon charon: 06[TNC] 32: 01 00 00 00 AC E9 1F 02 00 00 55 97 02 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 64: 00 00 00 10 00 00 80 00 ........
Feb 10 09:05:24 moon charon: 06[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 moon charon: 06[TNC] processing PB-TNC CDATA batch
</pre>
containing a PB-PA message with PA message type TCG/PTS to which the PTS-IMV is subscribed:
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] processing PB-PA message (64 bytes)
Feb 10 09:05:24 moon charon: 06[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
</pre>
The PA-TNC message contains a 'PTS Protocol Capabilities' and a 'PTS Measurement Algorithm' attribute from the TCG namespace:
<pre>
Feb 10 09:05:24 moon charon: 06[IMV] IMV 1 "Attestation" received message for Connection ID 1 from IMC 1
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC message with ID 0xace91f02
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x80808dc
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 00 0E ....
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x80808ec
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 80 00 ....
</pre>
The PTS-IMC supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities all of which the PTS-IMV proposed in the capabilities request. Also SHA-1 is confirmed by the PTS-IMC to be used as PTS measurement algorithm.
<pre>
Feb 10 09:05:24 moon charon: 06[PTS] supported PTS protocol capabilities: .VDT.
Feb 10 09:05:24 moon charon: 06[PTS] selected PTS measurement algorithm is HASH_SHA1
</pre>
h3. DH Nonce Parameters
The PTS-IMV creates a PA-TNC message containing the 'DH Nonce Parameters Request' from the TCG namespace which offers the set of IKE DH groups {2, 5, 14, 19}:
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] creating PA-TNC message with ID 0xd5d8b7f7
Feb 10 09:05:24 moon charon: 06[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x8081760
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 F0 00 ....
</pre>
The corresponding PB-PA message is embedded into a PB-TNC SDATA batch and sent to the TNC client
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 moon charon: 06[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 moon charon: 06[TNC] adding PB-PA message
Feb 10 09:05:24 moon charon: 06[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 moon charon: 06[TNC] sending PB-TNC SDATA batch (56 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 06[TNC] => 56 bytes @ 0x807da30
Feb 10 09:05:24 moon charon: 06[TNC] 0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01 .......8........
Feb 10 09:05:24 moon charon: 06[TNC] 16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01 ...0..U.........
Feb 10 09:05:24 moon charon: 06[TNC] 32: 01 00 00 00 D5 D8 B7 F7 80 00 55 97 03 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 48: 00 00 00 10 00 00 F0 00 ........
Feb 10 09:05:24 moon charon: 06[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 06[ENC] generating IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 06[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
/pre>
In response a PB-TNC CDATA batch is received from the TNC client
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[NET] 13[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[ENC] 13[ENC] parsed IKE_AUTH request 9 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IKE] 13[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] received TNCCS batch (144 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 144 bytes @ 0x807c79a 0x80bb0e6
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF ......U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 01 00 00 00 4A 9B 2C 31 A6 9F 8B 02 00 00 55 97 04 00 00 00 ....J.,1..U..... ..........U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 00 00 00 68 00 00 00 14 10 00 E0 00 1D 14 23 06 AA B1 9A 5C ...h..........#. ...h...........\
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 97 7D E7 E3 AF AE B6 57 FB A3 58 9B 47 D0 0D EF 3B F4 48 7A 55 EF DA 59 6A 4C 89 55 D3 74 .}.....W..X.YjL. .G...;.HzU...U.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 77 49 6B 4B DF CE B2 FB 44 16 FD 98 44 1D 79 1F 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 7A A5 67 wIkK65..'?b..[n| ....D...D.y.6z.g
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 96: 5E 94 30 81 C8 38 A8 1A AD 99 55 C4 04 04 89 B4 98 66 31 6A A2 A2 4E 5E AC 0E 91 2F E4 36 62 ^U......f1j..N^. .0..8....U../.6b
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 112: DE 57 B7 3B 97 72 FA C2 08 A6 90 7C 3C FB FD B3 45 05 63 88 69 41 79 35 D4 64 8C 4C D4 CB E9 .W.;.r...|<...E. ...c.iAy5.d.L...
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 128: C5 4D 21 10 0E 07 CE 94 B0 61 14 9F C1 22 10 93 7B 5E CF 0A E0 E9 74 66 4C BB 06 3B F8 DE 96 2E .M!......a...".. {^....tfL..;....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PB-TNC CDATA batch
</pre>
containing a PB-PA message with PA message type TCG/PTS to which the PTS-IMV is subscribed:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PB-PA message (136 bytes)
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001 0x005597/0x01
</pre>
The PA-TNC message contains a 'DH Nonce Parameters Response' from the TGC namespace
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IMV] 13[IMV] IMV 1 "Attestation" received message type 0x00559701 for Connection ID 1 from IMC 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PA-TNC message with ID 0x4a9b2c31 0xa69f8b02
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 92 bytes @ 0x807d614 0x80b4c38
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 14 10 00 E0 00 1D 14 23 06 97 7D E7 E3 AA B1 9A 5C 9B 47 D0 0D ..........#..}.. ...........\.G..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: AF AE B6 57 FB A3 58 EF 3B F4 48 7A 55 EF DA 59 6A 4C 89 55 D3 77 49 6B 4B 74 DF CE B2 FB ...W..X.YjL.wIkK .;.HzU...U.t....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 44 16 FD 98 44 1D 79 1F 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 5E 55 C4 04 7A A5 67 94 30 81 C8 65..'?b..[n|^U.. D...D.y.6z.g.0..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 04 89 B4 98 66 31 6A A2 A2 4E 5E AC DE 57 B7 3B 38 A8 1A AD 99 55 0E 91 2F E4 36 62 FA C2 08 63 ....f1j..N^..W.; 8....U../.6b...c
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 97 72 08 A6 90 7C 3C FB FD B3 45 05 C5 4D 21 10 88 69 41 79 35 D4 64 8C 4C D4 CB E9 7B 5E CF 0A .r...|<...E..M!. .iAy5.d.L...{^..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 0E 07 CE 94 B0 61 14 9F C1 22 10 93 E0 E9 74 66 4C BB 06 3B F8 DE 96 2E .....a...".. ..tfL..;....
</pre>
The PTS-IMC selected ECP_256 (IKE DH group 14) as the PTS DH group and returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value from which together with the PTS-IMV's private DH value the shared DH secret can be derived:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] selected DH hash algorithm is HASH_SHA1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] selected PTS DH group is ECP_256
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] nonce length is 20
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] initiator nonce: => 20 bytes @ 0x8080198 0x80be424
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 84 1F F6 9B 46 C4 11 FB 33 64 F3 27 1D 62 3D C4 83 73 AE AE ..6...%......... F...3d.'.b=..s..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: F1 31 95 A3 8B 36 E4 F5 .1.. .6..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] responder nonce: => 20 bytes @ 0x807d740 0x80bbd24
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: 1D 14 23 06 97 7D E7 E3 AF AE B6 57 FB A3 58 AA B1 9A 5C 9B 47 D0 0D EF 3B F4 48 7A 55 EF DA ..#..}.....W..X. ...\.G...;.HzU..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: 59 6A 4C 89 55 D3 74 YjL. .U.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] shared DH secret: => 32 bytes @ 0x8081f60 0x80c1f84
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: F1 6A 3B 1C 72 03 B0 18 EA 3C B6 74 D6 AD 33 E9 61 E8 7D D7 8C C8 DF 4E 5C 5A B7 48 75 38 0C B8 .j;.r....<.t..3. a.}....N\Z.Hu8..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: 2D 23 0B 3C 1C A9 5C 77 12 FE FF FF 67 E5 7F CB 08 8E E2 D5 B9 25 04 F8 03 BA 35 9F 3A 52 #.<..\w....g.... -#.....%....5.:R
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] secret assessment value: => 20 bytes @ 0x8081fd8 0x80b2afc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: 5F A0 E1 1B 01 B4 FF 2B 56 83 5D 35 DF 3C 94 28 24 AD AD AD 8B 79 6F AB 35 86 6C 7B 36 B7 _..]5.<.(.yo.5.l .....+V.$....{6.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: E2 23 4C CF FF CA D9 59 .#L. ...Y
</pre>
h3. DH Nonce Finish and TPM Version/AIK Info
The PTS-IMV sends its 32 byte ECP_256 DH initiator public value and its 20 byte initiator nonce in the 'DH Nonce Finish' attribute. Additionally the 'Get TPM Version Information' and a 'Get Attestation Identity Key' attributes are include in the PA-TNC message:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC message with ID 0xc75a895f 0x8345bdd1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 88 bytes @ 0x80821e0 0x80c26cc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 14 80 00 19 14 23 2B 46 C9 C4 B1 E2 2D 2D 11 80 E2 BC 83 5A 56 B5 F6 9C 18 DC ......#+F..V.... ......--.....ZV.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD B2 60 7F DB 1B 18 3F 91 3B 63 E0 E9 09 2A 67 0D AE FB D6 94 X.x...J. !2..`.. ..?.;c...*g.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FE DF DF B9 32 39 5A 2C D2 2C 58 2C 5F 3E B4 00 25 68 E8 EB .{5S..#.e.H5.... 29Z,.,X,_>..%h..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 72 C4 DD 16 8B 55 E9 84 9E 46 93 B3 C7 AE 45 E0 07 05 AF D6 5C 57 26 92 D7 4E F2 14 08 60 r....U...E.....` .F....\W&..N...`
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 96 A4 74 78 46 C4 11 FB 33 64 F3 27 1D 62 3D C4 2.X...6...%..... ..txF...3d.'.b=.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 84 1F F6 9B F1 31 95 A3 83 73 AE AE 8B 36 E4 F5 .....1.. .s...6..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 4 bytes @ 0x80808e8 0x80b6fd4
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 00 ....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 4 bytes @ 0x807c830 0x80c2e34
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 00 ....
</pre>
The PA-TNC message transfered via the IF-IMV SendMessage function call is inserted as a PB-PA message in an outbound PB-TNC SDATA batch:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001 0x005597/0x01
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] adding PB-PA message
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] sending PB-TNC SDATA batch (172 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 172 bytes @ 0x807d518 0x80bf50c
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01 ......U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 01 00 00 00 C7 5A 89 5F 83 45 BD D1 80 00 55 97 05 00 00 00 .....Z._..U..... .....E....U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 00 00 00 64 00 14 80 00 19 14 23 2B 46 C9 C4 56 B1 E2 2D 2D 11 80 E2 BC ...d......#+F..V ...d......--....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: B5 F6 9C 83 5A 56 DC 1B 18 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD 3F 91 3B 63 E0 E9 09 2A 67 0D ....X.x...J. !2. .ZV...?.;c...*g.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: B2 60 7F DB 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FB D6 94 32 39 5A 2C D2 2C 58 2C 5F 3E B4 00 .`...{5S..#.e.H5 ....29Z,.,X,_>..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 96: FE DF DF B9 72 C4 DD 16 8B 55 E9 84 25 68 E8 EB 9E 46 93 B3 C7 AE 45 E0 07 5C 57 26 92 D7 4E ....r....U...E.. %h...F....\W&..N
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 112: 05 AF D6 F2 14 08 60 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A 96 A4 74 78 46 C4 11 FB 33 64 F3 27 ...`2.X...6...%. ...`..txF...3d.'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 128: EF 13 9C AC 84 1F F6 9B F1 31 95 A3 1D 62 3D C4 83 73 AE AE 8B 36 E4 F5 80 00 55 97 .........1....U. .b=..s...6....U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97 ..............U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 160: 0D 00 00 00 00 00 00 10 00 00 00 00 ............
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IKE] 13[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[ENC] 13[ENC] generating IKE_AUTH response 9 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[NET] 13[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
In response a PB-TNC CDATA batch is received
<pre>
Feb 10 09:05:24 ov 29 07:39:23 moon charon: 04[NET] 16[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[ENC] 16[ENC] parsed IKE_AUTH request 10 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[ENC] 16[ENC] generating IKE_AUTH response 10 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[NET] 16[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[NET] 08[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[ENC] 08[ENC] parsed IKE_AUTH request 11 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[IKE] 08[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] received TNCCS batch (1251 (1413 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] => 1251 1413 bytes @ 0x80837c2 0x80c3bbe
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 0: 02 00 00 01 00 00 04 E3 05 85 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 16: 00 00 04 DB 05 7D 00 00 55 97 00 00 00 01 00 01 FF FF ......U......... ...}..U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 32: 01 00 00 00 9E B3 B6 85 1E 82 D8 06 00 00 55 97 09 00 00 00 ..........U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 48: 00 00 00 20 1B 00 30 01 02 03 11 01 02 00 02 02 00 49 46 58 ... .0.......IFX .....0.......IFX
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00 00 00 05 42 00 ..........U..... .....U........B.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 80: 00 00 04 9B 00 30 82 04 8A 05 31 30 82 03 72 04 19 A0 03 02 01 02 02 10 15 .....0...0..r... 0..10...........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C8 E6 07 AD F7 B6 3C 0A F2 87 51 0C 34 F7 BA 30 ....3U.....Gxt.. ......<...Q.4..0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 4D ..$(0...*.H..... ...*.H........0M
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76 61 ...0P1.0...U.... 1.0...U....priva
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 33 30 31 06 03 55 04 privacyca.com160 cyca.com1301..U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 160: 34 06 03 55 04 03 13 2D 2A 50 72 69 76 61 63 79 20 4..U...-Privacy
Feb 10 09:05:24 moon charon: 03[TNC] 176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68 45 4B ..*Privacy CA Insecure/Unch EK
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 192: 176: 2D 43 65 72 74 2D 43 68 65 63 6B 65 64 20 41 49 -Cert-Checked AI
Nov 29 07:39:23 moon charon: 08[TNC] 192: 4B 20 43 65 72 74 69 66 ecked AIK Certif
Feb 10 09:05:24 moon charon: 03[TNC] 208: 69 63 61 74 65 30 1E 17 K Certificate0..
Nov 29 07:39:23 moon charon: 08[TNC] 208: 0D 31 32 31 31 31 30 32 30 38 37 35 30 35 31 5A 17 0D icate0...1202081 .111102075051Z..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 224: 30 34 31 32 30 5A 17 0D 31 33 31 30 32 30 38 37 35 30 35 31 5A 30 00 30 04120Z..13020810 121102075051Z0.0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A 4120Z0.0.."0...*
Feb 10 09:05:24 moon charon: 03[TNC] 256: 86 48 86 F7 0D 01 01 01 .."0...*.H......
Nov 29 07:39:23 moon charon: 08[TNC] 256: 05 00 03 82 01 0F 00 30 .H.............0
Feb 10 09:05:24 moon charon: 03[TNC] 272: 82 01 0A 02 82 01 01 00 81 E3 38 7C 4D 46 70 CB ..........8|MFp. .......0........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 272: E9 1C 5F 57 5B 73 5F 35 15 BD AF 29 89 13 F1 F9 .._W[s_5...)....
Nov 29 07:39:23 moon charon: 08[TNC] 288: D5 33 8D 83 62 38 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 6C 73 C0 5F 8B 90 5A B8 1A 72 B9 D2 51 .3b8P...(V.nq... ..bls._..Z..r..Q
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 304: C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB 00 98 80 F8 DC 24 CF 0D 9E E2 0B F8 8D 11 CD B2 E5 6B CB .1...Sj..T.|.... ..$...........k.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 320: D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 30 87 4F C2 AB FA BD F4 74 D2 25 B3 AE CE 47 66 58 A6 65 .}.W..$.YH..g0.O .....t.%...GfX.e
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 336: D3 59 B2 A4 CA A8 9D CE C9 27 9A 03 57 C0 FE 1F AB 36 24 1E 6E 22 A4 9F 88 C5 63 78 AD 53 33 .Y......'..W.... ..6$.n"....cx.S3
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 352: EE E5 C2 90 22 91 6F 83 8F 2A A8 C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 0C 15 3E 89 19 48 63 ..........tM=..m .".o..*....>..Hc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 368: 57 22 74 BE 4C 35 02 F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA F4 03 7E 10 8E 4D DB 5A D1 63 9A 3C W"t..A|.h.../WT. .L5...~..M.Z.c.<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 384: 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 D9 63 F5 7B C6 73 0F 23 05 B6 00 30 3B 34 6C 3C J..=37...oP..... .c.{.s.#...0;4l<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 400: F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A 10 A9 A5 4A 79 2E 62 88 E3 CC 7F 7B A7 5A E3 6F .K..f..z....QU.. ...Jy.b....{.Z.o
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 416: AB F4 85 09 74 24 64 03 DD 65 1C 26 2F 35 08 13 7A BD BF 86 1D 3C E3 12 3A 8C 0E 7D 47 55 C6 ....t$d..e.&/5.. .z....<..:..}GU.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 432: 57 D9 28 DA 76 A9 D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 61 16 22 8A 32 C5 E7 CD 17 DB 5F A1 67 W.(...[...lC~... v..a.".2....._.g
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 448: F4 D5 D7 36 CC 1D F5 D9 25 51 01 33 1E 31 9A A8 42 10 7A F5 94 93 9C 8F 05 45 85 53 2E 2C 2B ...6.1..B.z..... ....%Q.3..E.S.,+
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 464: BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 59 E5 FE C2 61 26 36 12 05 F2 5C 95 F8 70 E6 .m.f.0...DM.m5d. .Y...a&6...\..p.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 480: 08 EB D2 A6 99 18 56 01 28 3B 26 6A DB BF 30 1E 46 05 E6 0E 94 FD 6F 7F AD 3C 0C C6 1C 96 B4 ......V.(;&..o.. j..0.F....<.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 496: 59 AC 5C 63 15 8C 77 E8 45 68 3C 8A 7D 38 8C 91 6B 8B B1 0D DB D8 5F 76 16 F5 5E 8A 4B 26 Eh<.}8..._v..^.K Y.\c..w.E.k....&
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 512: C2 3C E5 34 1C E8 B9 B5 6E 7F 9B 6E 7D 24 82 6E 2B 19 8A 27 D9 80 3C C8 13 01 11 70 CC D6 EF .+..'..<....p... <.4....n..n}$.n+
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 528: 57 F3 EF 37 A2 E6 B5 49 02 03 01 00 01 A3 82 01 02 58 30 82 02 54 30 81 93 W..7...I........ ........X0..T0..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 544: AE 30 82 01 AA 30 37 06 03 55 1D 09 04 81 8B 30 81 88 30 2E 3A 06 03 55 .0...07..U...00. ..U.....0..0:..U
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 560: 04 34 31 33 30 0B 30 09 06 05 2B 0E 03 02 1A 05 .4130.0...+.....
Nov 29 07:39:23 moon charon: 08[TNC] 576: 00 30 24 30 22 06 09 2A 86 48 86 F7 0D 01 01 07 .0$0"..*.H......
Nov 29 07:39:23 moon charon: 08[TNC] 592: 30 15 A2 13 30 11 06 09 2A 86 48 86 F7 0D 01 01 0...0...*.H.....
Nov 29 07:39:23 moon charon: 08[TNC] 608: 09 04 04 54 43 50 41 30 16 06 05 67 81 05 02 10 ...TCPA0...g....
Nov 29 07:39:23 moon charon: 08[TNC] 624: 31 0D 30 0B 0C 03 31 0...g....1.0...1
Feb 10 09:05:24 moon charon: 03[TNC] 576: 2E 31 32 02 01 02 02 01 01 00 30 14 1.0...1.2......0
Nov 29 07:39:23 moon charon: 08[TNC] 640: 32 06 05 67 81 05 02 12 31 29 30 27 01 01 FF A0 .1......0...g... 2..g....1)0'....
Feb Nov 29 07:39:23 moon charon: 08[TNC] 656: 03 0A 01 01 A1 03 0A 01 00 A2 03 0A 01 00 A3 10 09:05:24 ................
Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 592: 12 31 0B 672: 30 09 80 0E 16 03 33 2E 30 0A 01 00 81 04 0A 01 00 82 01 02 30 5D 01 FF .1.0..........0] 0...3.0.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 608: 688: 01 01 FF 30 62 06 03 55 1D 11 01 01 FF 04 53 58 30 51 A4 42 30 40 ..U......S0Q.B0@ ...0b..U......X0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 624: 704: 56 A4 47 30 45 31 16 30 14 06 05 67 81 05 02 01 V.G0E1.0...g....
Nov 29 07:39:23 moon charon: 08[TNC] 720: 0C 0B 69 64 3A 34 39 34 36 35 38 30 30 31 17 30 1.0...g......id: ..id:494658001.0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 640: 30 30 30 30 30 30 30 30 31 12 30 10 736: 15 06 05 67 81 05 02 02 0C 0C 53 4C 42 39 36 33 000000001.0...g. ...g......SLB963
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 656: 05 02 02 0C 07 55 6E 6B 6E 6F 77 6E 752: 35 54 54 31 2E 32 31 12 30 10 .....Unknown1.0.
Feb 10 09:05:24 moon charon: 03[TNC] 672: 06 05 67 81 05 02 5TT1.21.0...g...
Nov 29 07:39:23 moon charon: 08[TNC] 768: 03 0C 07 69 64 3A 30 31 30 30 30 ..g......id:0000
Feb 10 09:05:24 moon charon: 03[TNC] 688: 32 A0 0B 06 05 67 81 ...id:0102....g.
Nov 29 07:39:23 moon charon: 08[TNC] 784: 05 02 0F A0 02 0C 00 30 0C 06 ....g........0..
Feb 10 09:05:24 moon charon: 03[TNC] 704: 03 55 1D 13 01 01 .......0...U....
Nov 29 07:39:23 moon charon: 08[TNC] 800: FF 04 02 30 00 30 81 E0 82 01 27 06 03 55 1D 20 01 01 .U.......0.0.... ...0.0..'..U. ..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 720: 55 1D 20 01 01 816: FF 04 81 D5 82 01 1B 30 81 D2 82 01 17 30 67 06 0A 2B 06 01 U. ......0..0g.. .....0...0g..+..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 736: 2B 06 01 832: 04 01 81 E3 42 01 10 11 30 59 30 29 06 08 2B 06 01 +......B..0Y0).. ....B..0Y0)..+..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 752: 2B 06 01 848: 05 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 +.........http:/ .......http://ww
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 768: 2F 864: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F /www.privacyca.c w.privacyca.com/
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 784: 6F 6D 2F 880: 63 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 om/cps/0,..+.... cps/0,..+.......
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 800: 07 02 02 896: 30 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 ...0 0 ..TCPA Trus Trusted
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 816: 74 65 64 912: 20 50 6C 61 74 66 6F 72 6D 20 49 64 65 ted 6E 74 69 Platform Ide Identi
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 832: 6E 928: 74 69 74 79 30 67 81 AB 06 04 55 1D 20 00 30 5F 30 0B 60 86 48 01 86 F8 45 01 07 ntity0g..U. .0_0 ty0....`.H...E..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 848: 25 944: 2F 01 30 81 9B 30 39 06 08 2B 06 01 05 05 07 02 /.0..09..+......
Nov 29 07:39:23 moon charon: 08[TNC] 960: 01 16 19 2D 68 74 74 %..+.........htt
Feb 10 09:05:24 moon charon: 03[TNC] 864: 70 3A 2F 2F 77 77 77 2E 70 72 69 76 61 63 79 63 65 p://www.privacyc ..-http://www.ve
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 880: 61 976: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 risign.com/repos
Nov 29 07:39:23 moon charon: 08[TNC] 992: 69 74 6F 72 79 2F 69 6E 64 65 78 2E 68 74 6D 6C itory/index.html
Nov 29 07:39:23 moon charon: 08[TNC] 1008: 30 36 5E 06 08 2B 06 01 05 05 07 02 02 30 52 1E 50 a.com/06..+..... 0^..+.......0R.P
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 896: 02 02 30 2A 0C 28 08[TNC] 1024: 00 54 00 43 00 50 00 41 00 20 00 54 00 72 00 75 73 74 ..0*.(TCPA Trust .T.C.P.A. .T.r.u
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 912: 08[TNC] 1040: 00 73 00 74 00 65 00 64 00 20 00 50 00 6C 00 61 .s.t.e.d. .P.l.a
Nov 29 07:39:23 moon charon: 08[TNC] 1056: 00 74 00 66 00 6F 00 72 00 6D 00 20 00 4D 00 6F 64 75 ed Platform Modu .t.f.o.r.m. .M.o
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 928: 08[TNC] 1072: 00 64 00 75 00 6C 00 65 00 20 00 45 00 6E 00 64 .d.u.l.e. .E.n.d
Nov 29 07:39:23 moon charon: 08[TNC] 1088: 00 6F 00 72 00 73 00 65 00 6D 00 65 00 6E 00 74 30 1F le Endorsement0. .o.r.s.e.m.e.n.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 944: 08[TNC] 1104: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 B0 E5 97 E0 9B 66 FF 3C ..U.#..0........ 0...U.#..0...f.<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 1120: C0 41 02 0A 60 27 4C BE 29 81 F0 58 DC B2 A3 3E 960: 23 75 B1 FD BF 01 5E 72 BA 36 D4 48 32 A0 33 30 #u....^r.6.H2.30 .A..`'L.)..X...>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 976: 08[TNC] 1136: A2 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 ...*.H.......... .0...*.H........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 992: 08[TNC] 1152: 03 82 01 01 00 1D 78 37 17 95 C3 37 C6 09 C4 1C 3D C3 0A ....x7..7....=..
Feb 10 09:05:24 moon charon: 03[TNC] 1008: 01 7F 59 8D 24 A8 74 81 C9 79 A2 63 45 2C 04 0C ..Y.$.t..y.cE,..
Feb 10 09:05:24 moon charon: 03[TNC] 1024: B4 CD 7F B9 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 ....B..gg.E...~B
Feb 10 09:05:24 moon charon: 03[TNC] 1040: B7 2A 8A 74 14 B7 BE FF EB 77 0E B0 D1 B5 99 E7 ED 9D EA AE 90 DF 4A .*.t.....w...... .....x.........J
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1056: 49 8C 7B 12 08[TNC] 1168: AA 02 38 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 I.{.`U........;t
Feb 10 09:05:24 moon charon: 03[TNC] 1072: 20 F9 17 8A 0F 47 2D 3C DB C4 9A 05 67 3C F0 E0 33 ....G-<...g<..3
Feb 10 09:05:24 moon charon: 03[TNC] 1088: A6 3C C5 0E C6 0B DB 6E 7A 53 08 6A 09 3B C6 3B 75 1A 00 E9 4B F8 0F 01 A7 .<.....n.j.;.;u. ..8`..zS...K....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1104: 7A 6B 84 BA 4A 69 6E AF 59 54 89 4A E5 07 D7 51 zk..Jin.YT.J...Q
Feb 10 09:05:24 moon charon: 03[TNC] 1120: 33 B9 9E AE F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A 3....L..6...R..j
Feb 10 09:05:24 moon charon: 03[TNC] 1136: DC 8D 55 46 E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA ..UF.....I.C..E.
Feb 10 09:05:24 moon charon: 03[TNC] 1152: 08[TNC] 1184: 26 58 2F D2 E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC &X/..l........].
Feb 10 09:05:24 moon charon: 03[TNC] 1168: 54 B0 8E F8 9C 64 B1 CE 75 EA 92 3D 9C CF 35 C1 F2 9B D1 F5 D6 C2 3C 87 D6 D5 04 99 .u..=..5..<..... &.T....d.......<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1184: 0B C5 9F 45 75 00 23 5F C5 08[TNC] 1200: 4A 20 56 FC 64 B0 21 58 B9 AB 73 D8 57 39 80 7B 5B FB 65 0C 2A BE ...Eu.#_...s.W9. J V.d.!X.{[.e.*.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1200: AE 6D 58 98 CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 .mX...)k....xq..
Feb [ Incomplete diff, document too large... ]
This HOWTO explains in a step-for-step fashion how a strongSwan IPsec gateway with integrated TNC server functionality and an attached Platform Trust Service Integrity Measurement Verifier (PTS-IMV) can verify remote attestation measurement data provided by a TNC client via the IKEv2 EAP-TTLS protocol.
{{>toc}}
h2. Installation and Configuration
h3. Installing the strongSwan Software
The following steps describe the installation of the strongSwan software
<pre>
wget http://download.strongswan.org/strongswan-4.6.2rc1.tar.bz2
tar xjf strongswan-4.6.2rc1.tar.bz2
cd strongswan-4.6.2rc1
./configure --prefix=/usr --sysconfdir=/etc --disable-pluto --enable-openssl --enable-curl
--enable-eap-identity --enable-eap-md5 --enable-eap-ttls --enable-eap-tnc
--enable-tnccs-20 --enable-tnc-imv --enable-imv-attestation
make
[sudo] make install
</pre>
The strongSwan *imv-attestation.so* dynamic PTS-IMV library depends on the "TrouSerS":http://sourceforge.net/projects/trousers/ libtspi library. For compilation additionally the /usr/include/trousers/ header files are required.
h3. Configuring the strongSwan Software
The /etc/ipsec.conf file defines an IPsec remote access policy either allowing access to the production network (rw-allow) or to a remediation network (rw-isolate):
<pre>
# ipsec.conf - strongSwan IPsec configuration file
config setup
charondebug="tnc 3, imv 3, pts 3"
conn rw-allow
rightgroups=allow
leftsubnet=10.1.0.0/28
also=rw-eap
auto=add
conn rw-isolate
rightgroups=isolate
leftsubnet=10.1.0.16/28
also=rw-eap
auto=add
conn rw-eap
left=192.168.0.1
leftcert=moonCert.pem
leftid=@moon.strongswan.org
leftauth=eap-ttls
rightauth=eap-ttls
rightid=*@strongswan.org
rightsendcert=never
right=%any
</pre>
The IKEv2 server *moon* is going to use public key based authentication with the location of the private key defined in the /etc/ipsec.secrets file:
<pre>
# /etc/ipsec.secrets - strongSwan IPsec secrets file
: RSA moonKey.pem
carol@strongswan.org : EAP "Ar3etTnp"
</pre>
The following IKEv2 charon and Attestation IMV options are defined in the /etc/strongswan.conf file. Among the options there is an SQLite URI pointing to the PTS measurement database and the path to the directory where the Privacy CA certificates are stored:
<pre>
# /etc/strongswan.conf - strongSwan configuration file
charon {
load = curl sha1 pem pkcs1 pkcs8 gmp random pubkey x509 openssl revocation hmac kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 sqlite tnc-imv stroke
plugins {
eap-ttls {
phase2_method = md5
phase2_piggyback = yes
phase2_tnc = yes
}
eap-tnc {
protocol = tnccs-2.0
}
}
}
libimcv {
plugins {
imv-attestation {
database = sqlite:///etc/pts/config.db
cadir = /etc/pts/cacerts
hash_algorithm = sha1
}
}
}
attest {
database = sqlite:///etc/pts/config.db
}
</pre>
h3. Initializing the PTS Measurement Database
The SQLite database is initialized using the *tables.sql* and *data.sql* files from the strongSwan src/libpts/plugins/imv_attestation source directory:
<pre>
cat tables.sql data.sql | sqlite3 /etc/pts/config.db
</pre>
The following query lists the PTS component functional names defined in the database which currently are all from the ITA-HSR namespace.
<pre>
moon# ipsec attest --components
1: 0x00902a/0x00000001-0x21 ITA-HSR/Trusted GRUB Boot Loader [K.] Trusted Platform
2: 0x00902a/0x00000002-0x21 ITA-HSR/Trusted Boot [K.] Trusted Platform
3: 0x00902a/0x00000003-0x21 ITA-HSR/Linux IMA [K.] Trusted Platform
3 components found
</pre>
In order to authorize the PTS functional component measurements, the fingerprint of TNC client *carol*'s AIK certificate AIK_Cert.der must be entered into the database and must be linked to the component measurements to be executed:
<pre>
moon# ipsec attest --add --owner "Carol, pin1212a00 (Fujitsu Siemens Celsius W510)" --aik AIK_Cert.der --cid 3
key '78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3' inserted into database
key/component pair (2/3) inserted into database
moon# ipsec attest --add --kid 2 --cid 2
key/component pair (2/2) inserted into database
</pre>
The entered data can be checked with the commands
<pre>
moon# ipsec attest --keys
2: 78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3 'Carol, pin1212a00 (Fujitsu Siemens Celsius W510)'
1: b7:72:a6:73:07:76:b9:f0:28:e5:ad:fc:cd:40:b5:5c:32:0a:13:b6 'Andreas, merthyr (Fujitsu Siemens Lifebook S6420)'
2 keys found
moon ~ # ipsec attest --components --kid 2
2: 0x00902a/0x00000002-0x21 ITA-HSR/Trusted Boot [K.] Trusted Platform
3: 0x00902a/0x00000003-0x21 ITA-HSR/Linux IMA [K.] Trusted Platform
2 components found for key 78:6a:c9:86:11:42:72:af:a1:6b:72:3d:36:5a:81:57:88:7b:47:f3
</pre>
h2. IKEv2 Negotiation
h3. Startup and Initialization
The command
<pre>
ipsec start
</pre>
starts the TNC-enabled IPsec gateway:
<pre>
Feb 10 09:04:59 moon charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.2rc1)
Feb 10 09:04:59 moon charon: 00[KNL] listening on interfaces:
Feb 10 09:04:59 moon charon: 00[KNL] eth0
Feb 10 09:04:59 moon charon: 00[KNL] 192.168.0.1
Feb 10 09:04:59 moon charon: 00[KNL] fec0::1
Feb 10 09:04:59 moon charon: 00[KNL] fe80::fcfd:c0ff:fea8:1
Feb 10 09:04:59 moon charon: 00[KNL] eth1
Feb 10 09:04:59 moon charon: 00[KNL] 10.1.0.1
Feb 10 09:04:59 moon charon: 00[KNL] fec1::1
Feb 10 09:04:59 moon charon: 00[KNL] fe80::fcfd:aff:fe01:1
</pre>
The file /etc/tnc_config
<pre>
# IMV configuration file for strongSwan client
IMV "Attestation" /usr/lib/ipsec/imcvs/imv-attestation.so
</pre>
defines which IMVs are loaded by the TNC server. Also the Privacy CA certificates which are required to establish trust in the AIK certificates are loaded:
<pre>
Feb 10 09:04:59 moon charon: 00[TNC] TNC recommendation policy is 'default'
Feb 10 09:04:59 moon charon: 00[TNC] loading IMVs from '/etc/tnc_config'
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA1[sha1] available
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS measurement algorithm HASH_SHA256[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS measurement algorithm HASH_SHA384[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_2048[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_1536[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group MODP_1024[gmp] available
Feb 10 09:04:59 moon charon: 00[PTS] mandatory PTS DH group ECP_256[openssl] available
Feb 10 09:04:59 moon charon: 00[PTS] optional PTS DH group ECP_384[openssl] available
Feb 10 09:04:59 moon charon: 00[TNC] added IETF attributes
Feb 10 09:04:59 moon charon: 00[TNC] added ITA-HSR attributes
Feb 10 09:04:59 moon charon: 00[LIB] libimcv initialized
Feb 10 09:04:59 moon charon: 00[IMV] IMV 1 "Attestation" initialized
Feb 10 09:04:59 moon charon: 00[TNC] added TCG attributes
Feb 10 09:04:59 moon charon: 00[PTS] added TCG functional component namespace
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component namespace
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Trusted GRUB Boot Loader'
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Trusted Boot'
Feb 10 09:04:59 moon charon: 00[PTS] added ITA-HSR functional component 'Linux IMA'
Feb 10 09:04:59 moon charon: 00[LIB] libpts initialized
Feb 10 09:04:59 moon charon: 00[PTS] loading PTS ca certificates from '/etc/pts/cacerts'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA EK+Platform-Cert-Checked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_2_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA Insecure/Unchecked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_0_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA Root Certificate" from '/etc/pts/cacerts/privacy_ca_root_cert.pem'
Feb 10 09:04:59 moon charon: 00[PTS] loaded ca certificate "O=privacyca.com, CN=Privacy CA EK-Cert-Checked AIK Certificate" from '/etc/pts/cacerts/privacy_ca_level_1_cert.pem'
Feb 10 09:04:59 moon charon: 00[IMV] IMV 1 "Attestation" provided with bind function
Feb 10 09:04:59 moon charon: 00[TNC] IMV 1 supports 1 message type: 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:04:59 moon charon: 00[TNC] IMV 1 "Attestation" loaded from '/usr/lib/ipsec/imcvs/imv-attestation.so'
</pre>
Next the IKEv2 credentials, all necessary plugins and the IPsec connection definitions are loaded
<pre>
Feb 10 09:04:59 moon charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Feb 10 09:04:59 moon charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Feb 10 09:04:59 moon charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Feb 10 09:04:59 moon charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Feb 10 09:04:59 moon charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Feb 10 09:04:59 moon charon: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/moonKey.pem'
Feb 10 09:04:59 moon charon: 00[CFG] loaded EAP secret for carol@strongswan.org
Feb 10 09:04:59 moon charon: 00[DMN] loaded plugins: curl sha1 pem pkcs1 pkcs8 gmp random pubkey x509 openssl revocation hmac kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 sqlite tnc-imv stroke
Feb 10 09:04:59 moon charon: 00[JOB] spawning 16 worker threads
Feb 10 09:04:59 moon charon: 14[CFG] received stroke: add connection 'rw-allow'
Feb 10 09:04:59 moon charon: 14[CFG] loaded certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" from 'moonCert.pem'
Feb 10 09:04:59 moon charon: 14[CFG] added configuration 'rw-allow'
Feb 10 09:04:59 moon charon: 15[CFG] received stroke: add connection 'rw-isolate'
Feb 10 09:04:59 moon charon: 15[CFG] loaded certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" from 'moonCert.pem'
Feb 10 09:04:59 moon charon: 15[CFG] added configuration 'rw-isolate'
</pre>
h3. IKEv2 Exchanges
The IPsec gateway *moon* is passively waiting for IPsec clients to initiate an IKEv2 negotiation starting with an IKE_SA_INIT exchange:
<pre>
Feb 10 09:05:24 moon charon: 05[NET] received packet: from 192.168.0.254[500] to 192.168.0.1[500]
Feb 10 09:05:24 moon charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Feb 10 09:05:24 moon charon: 05[IKE] 192.168.0.254 is initiating an IKE_SA
Feb 10 09:05:24 moon charon: 05[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
Feb 10 09:05:24 moon charon: 05[NET] sending packet: from 192.168.0.1[500] to 192.168.0.254[500]
</pre>
followed by the IKE_AUTH exchange where the IKEv2 gateway proposes a mutual IKEv2 EAP-TTLS only authentication:
<pre>
Feb 10 09:05:24 moon charon: 04[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 04[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Feb 10 09:05:24 moon charon: 04[CFG] looking for peer configs matching 192.168.0.1[moon.strongswan.org]...192.168.0.254[carol@strongswan.org]
Feb 10 09:05:24 moon charon: 04[CFG] selected peer config 'rw-allow'
Feb 10 09:05:24 moon charon: 04[IKE] initiating EAP_TTLS method (id 0x16)
Feb 10 09:05:24 moon charon: 04[IKE] peer supports MOBIKE
Feb 10 09:05:24 moon charon: 04[ENC] generating IKE_AUTH response 1 [ IDr EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 04[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
h3. IKEv2 EAP-TTLS Tunnel
The IKEv2 EAP-TTLS tunnel is set up with certificate-based server authentication
<pre>
Feb 10 09:05:24 moon charon: 03[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 03[ENC] parsed IKE_AUTH request 2 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 03[TLS] negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Feb 10 09:05:24 moon charon: 03[TLS] sending TLS server certificate 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'
Feb 10 09:05:24 moon charon: 03[ENC] generating IKE_AUTH response 2 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 03[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 02[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 02[ENC] parsed IKE_AUTH request 3 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 02[ENC] generating IKE_AUTH response 3 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 02[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 01[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 01[ENC] parsed IKE_AUTH request 4 [ EAP/RES/TTLS ]
</pre>
h3. Tunneled EAP-Identity
Via the IKEv2 EAP-TTLS tunnel the server requests the EAP client identity
<pre>
Feb 10 09:05:24 moon charon: 01[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/ID]
Feb 10 09:05:24 moon charon: 01[ENC] generating IKE_AUTH response 4 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 01[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 14[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 14[ENC] parsed IKE_AUTH request 5 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 14[IKE] received tunneled EAP-TTLS AVP [EAP/RES/ID]
Feb 10 09:05:24 moon charon: 14[IKE] received EAP identity 'carol@strongswan.org'
</pre>
h3. Tunneled EAP-MD5 Client Authentication
Next follows an EAP-MD5 client authentication
<pre>
Feb 10 09:05:24 moon charon: 14[IKE] phase2 method EAP_MD5 selected
Feb 10 09:05:24 moon charon: 14[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/MD5]
Feb 10 09:05:24 moon charon: 14[ENC] generating IKE_AUTH response 5 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 14[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 moon charon: 15[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 15[ENC] parsed IKE_AUTH request 6 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 15[IKE] received tunneled EAP-TTLS AVP [EAP/RES/MD5]
Feb 10 09:05:24 moon charon: 15[IKE] EAP_TTLS phase2 authentication of 'carol@strongswan.org' with EAP_MD5 successful
</pre>
h3. Tunneled EAP-TNC Transport
Now the EAP-TNC transport protocol connecting the TNC client with the TNC server is started:
<pre>
Feb 10 09:05:24 moon charon: 15[IKE] phase2 method EAP_TNC selected
Feb 10 09:05:24 moon charon: 15[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 15[ENC] generating IKE_AUTH response 6 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 15[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
h2. PB-TNC/IF-TNCCS 2.0 Connection
A first PB-TNC CDATA (IF-TNCCS 2.0 ClientData) batch from the TNC client is received
<pre>
Feb 10 09:05:24 moon charon: 16[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 16[ENC] parsed IKE_AUTH request 7 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 16[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 moon charon: 16[TNC] assigned TNCCS Connection ID 1
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" created a state for Connection ID 1: IF-TNCCS 2.0 with +long +excl -soh over IF-T for Tunneled EAP 1.1
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" changed state of Connection ID 1 to 'Handshake'
Feb 10 09:05:24 moon charon: 16[TNC] received TNCCS batch (105 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 16[TNC] => 105 bytes @ 0x807dd82
Feb 10 09:05:24 moon charon: 16[TNC] 0: 02 00 00 01 00 00 00 69 00 00 00 00 00 00 00 06 .......i........
Feb 10 09:05:24 moon charon: 16[TNC] 16: 00 00 00 1F 41 63 63 65 70 74 2D 4C 61 6E 67 75 ....Accept-Langu
Feb 10 09:05:24 moon charon: 16[TNC] 32: 61 67 65 3A 20 65 6E 80 00 00 00 00 00 00 01 00 age: en.........
Feb 10 09:05:24 moon charon: 16[TNC] 48: 00 00 42 00 00 55 97 00 00 00 01 00 01 FF FF 01 ..B..U..........
Feb 10 09:05:24 moon charon: 16[TNC] 64: 00 00 00 35 C9 DC 7B 00 00 00 00 00 00 00 02 00 ...5..{.........
Feb 10 09:05:24 moon charon: 16[TNC] 80: 00 00 22 00 00 00 00 00 55 62 75 6E 74 75 20 31 ..".....Ubuntu 1
Feb 10 09:05:24 moon charon: 16[TNC] 96: 31 2E 30 34 20 69 36 38 36 1.04 i686
Feb 10 09:05:24 moon charon: 16[TNC] PB-TNC state transition from 'Init' to 'Server Working'
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-TNC CDATA batch
</pre>
containing a 'PB-Language-Preference' and a 'PB-PA' message
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-Language-Preference message (31 bytes)
Feb 10 09:05:24 moon charon: 16[TNC] processing PB-PA message (66 bytes)
</pre>
This causes a new TNCCS connection to be instantiated on the TNC server. Its IF-TNCCS 2.0 state machine immediately transitions from the Init to the ServerWorking state.
!IF-TNCCS-20-State-Diagram.png!
The language preference is set to English (en) and the PB-PA message is forwarded to the PTS-IMV which subscribed to this PA message type:
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] setting language preference to 'en'
Feb 10 09:05:24 moon charon: 16[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
</pre>
The PA-TNC message contains an 'IETF/Product Information' attribute which carries information about the operating system the PTS-IMC is running on:
<pre>
Feb 10 09:05:24 moon charon: 16[IMV] IMV 1 "Attestation" received message for Connection ID 1 from IMC 1
Feb 10 09:05:24 moon charon: 16[TNC] processing PA-TNC message with ID 0x35c9dc7b
Feb 10 09:05:24 moon charon: 16[TNC] processing PA-TNC attribute type 'IETF/Product Information' 0x000000/0x00000002
Feb 10 09:05:24 moon charon: 16[TNC] => 22 bytes @ 0x808021c
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 00 00 00 55 62 75 6E 74 75 20 31 31 2E 30 .....Ubuntu 11.0
Feb 10 09:05:24 moon charon: 16[TNC] 16: 34 20 69 36 38 36 4 i686
</pre>
h3. PTS Capability Discovery
The PTS-IMV creates a PA-TNC message containing a 'Request PTS Protocol Capabilities' and a 'PTS Measurement Algorithm Request' attribute from the TCG namespace. SHA-1 is the only PTS measurement algorithm proposed by the PTS-IMV.
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC message with ID 0x8b088dab
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC attribute type 'TCG/Request PTS Protocol Capabilities' 0x005597/0x01000000
Feb 10 09:05:24 moon charon: 16[TNC] => 4 bytes @ 0x8080198
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 00 0E ....
Feb 10 09:05:24 moon charon: 16[TNC] creating PA-TNC attribute type 'TCG/PTS Measurement Algorithm Request' 0x005597/0x06000000
Feb 10 09:05:24 moon charon: 16[TNC] => 4 bytes @ 0x8080228
Feb 10 09:05:24 moon charon: 16[TNC] 0: 00 00 80 00 ....
</pre>
The PB-PA message is sent in a PB-TNC SDATA (IF-TNCCS 2.0 ServerData) batch to the TNC client:
<pre>
Feb 10 09:05:24 moon charon: 16[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 moon charon: 16[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 moon charon: 16[TNC] adding PB-PA message
Feb 10 09:05:24 moon charon: 16[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 moon charon: 16[TNC] sending PB-TNC SDATA batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 16[TNC] => 72 bytes @ 0x807d518
Feb 10 09:05:24 moon charon: 16[TNC] 0: 02 80 00 02 00 00 00 48 80 00 00 00 00 00 00 01 .......H........
Feb 10 09:05:24 moon charon: 16[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 FF FF 00 01 ...@..U.........
Feb 10 09:05:24 moon charon: 16[TNC] 32: 01 00 00 00 8B 08 8D AB 80 00 55 97 01 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 16[TNC] 48: 00 00 00 10 00 00 00 0E 80 00 55 97 06 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 16[TNC] 64: 00 00 00 10 00 00 80 00 ........
Feb 10 09:05:24 moon charon: 16[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 16[ENC] generating IKE_AUTH response 7 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 16[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
As a response a PB-TNC CDATA batch is received from the TNC client
<pre>
Feb 10 09:05:24 moon charon: 06[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 moon charon: 06[ENC] parsed IKE_AUTH request 8 [ EAP/RES/TTLS ]
Feb 10 09:05:24 moon charon: 06[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 moon charon: 06[TNC] received TNCCS batch (72 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 06[TNC] => 72 bytes @ 0x807ddd2
Feb 10 09:05:24 moon charon: 06[TNC] 0: 02 00 00 01 00 00 00 48 80 00 00 00 00 00 00 01 .......H........
Feb 10 09:05:24 moon charon: 06[TNC] 16: 00 00 00 40 00 00 55 97 00 00 00 01 00 01 FF FF ...@..U.........
Feb 10 09:05:24 moon charon: 06[TNC] 32: 01 00 00 00 AC E9 1F 02 00 00 55 97 02 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 48: 00 00 00 10 00 00 00 0E 00 00 55 97 07 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 64: 00 00 00 10 00 00 80 00 ........
Feb 10 09:05:24 moon charon: 06[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 moon charon: 06[TNC] processing PB-TNC CDATA batch
</pre>
containing a PB-PA message with PA message type TCG/PTS to which the PTS-IMV is subscribed:
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] processing PB-PA message (64 bytes)
Feb 10 09:05:24 moon charon: 06[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001
</pre>
The PA-TNC message contains a 'PTS Protocol Capabilities' and a 'PTS Measurement Algorithm' attribute from the TCG namespace:
<pre>
Feb 10 09:05:24 moon charon: 06[IMV] IMV 1 "Attestation" received message for Connection ID 1 from IMC 1
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC message with ID 0xace91f02
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC attribute type 'TCG/PTS Protocol Capabilities' 0x005597/0x02000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x80808dc
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 00 0E ....
Feb 10 09:05:24 moon charon: 06[TNC] processing PA-TNC attribute type 'TCG/PTS Measurement Algorithm' 0x005597/0x07000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x80808ec
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 80 00 ....
</pre>
The PTS-IMC supports the Verification (V), DH Nonce Negotiation (D) and Trusted Platform Evidence (T) PTS protocol capabilities all of which the PTS-IMV proposed in the capabilities request. Also SHA-1 is confirmed by the PTS-IMC to be used as PTS measurement algorithm.
<pre>
Feb 10 09:05:24 moon charon: 06[PTS] supported PTS protocol capabilities: .VDT.
Feb 10 09:05:24 moon charon: 06[PTS] selected PTS measurement algorithm is HASH_SHA1
</pre>
h3. DH Nonce Parameters
The PTS-IMV creates a PA-TNC message containing the 'DH Nonce Parameters Request' from the TCG namespace which offers the set of IKE DH groups {2, 5, 14, 19}:
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] creating PA-TNC message with ID 0xd5d8b7f7
Feb 10 09:05:24 moon charon: 06[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Parameters Request' 0x005597/0x03000000
Feb 10 09:05:24 moon charon: 06[TNC] => 4 bytes @ 0x8081760
Feb 10 09:05:24 moon charon: 06[TNC] 0: 00 00 F0 00 ....
</pre>
The corresponding PB-PA message is embedded into a PB-TNC SDATA batch and sent to the TNC client
<pre>
Feb 10 09:05:24 moon charon: 06[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001
Feb 10 09:05:24 moon charon: 06[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 moon charon: 06[TNC] adding PB-PA message
Feb 10 09:05:24 moon charon: 06[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 moon charon: 06[TNC] sending PB-TNC SDATA batch (56 bytes) for Connection ID 1
Feb 10 09:05:24 moon charon: 06[TNC] => 56 bytes @ 0x807da30
Feb 10 09:05:24 moon charon: 06[TNC] 0: 02 80 00 02 00 00 00 38 80 00 00 00 00 00 00 01 .......8........
Feb 10 09:05:24 moon charon: 06[TNC] 16: 00 00 00 30 00 00 55 97 00 00 00 01 FF FF 00 01 ...0..U.........
Feb 10 09:05:24 moon charon: 06[TNC] 32: 01 00 00 00 D5 D8 B7 F7 80 00 55 97 03 00 00 00 ..........U.....
Feb 10 09:05:24 moon charon: 06[TNC] 48: 00 00 00 10 00 00 F0 00 ........
Feb 10 09:05:24 moon charon: 06[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 moon charon: 06[ENC] generating IKE_AUTH response 8 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 moon charon: 06[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
/pre>
In response a PB-TNC CDATA batch is received from the TNC client
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[NET] 13[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[ENC] 13[ENC] parsed IKE_AUTH request 9 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IKE] 13[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] received TNCCS batch (144 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 144 bytes @ 0x807c79a 0x80bb0e6
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 02 00 00 01 00 00 00 90 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 00 00 00 88 00 00 55 97 00 00 00 01 00 01 FF FF ......U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 01 00 00 00 4A 9B 2C 31 A6 9F 8B 02 00 00 55 97 04 00 00 00 ....J.,1..U..... ..........U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 00 00 00 68 00 00 00 14 10 00 E0 00 1D 14 23 06 AA B1 9A 5C ...h..........#. ...h...........\
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 97 7D E7 E3 AF AE B6 57 FB A3 58 9B 47 D0 0D EF 3B F4 48 7A 55 EF DA 59 6A 4C 89 55 D3 74 .}.....W..X.YjL. .G...;.HzU...U.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 77 49 6B 4B DF CE B2 FB 44 16 FD 98 44 1D 79 1F 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 7A A5 67 wIkK65..'?b..[n| ....D...D.y.6z.g
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 96: 5E 94 30 81 C8 38 A8 1A AD 99 55 C4 04 04 89 B4 98 66 31 6A A2 A2 4E 5E AC 0E 91 2F E4 36 62 ^U......f1j..N^. .0..8....U../.6b
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 112: DE 57 B7 3B 97 72 FA C2 08 A6 90 7C 3C FB FD B3 45 05 63 88 69 41 79 35 D4 64 8C 4C D4 CB E9 .W.;.r...|<...E. ...c.iAy5.d.L...
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 128: C5 4D 21 10 0E 07 CE 94 B0 61 14 9F C1 22 10 93 7B 5E CF 0A E0 E9 74 66 4C BB 06 3B F8 DE 96 2E .M!......a...".. {^....tfL..;....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] PB-TNC state transition from 'Client Working' to 'Server Working'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PB-TNC CDATA batch
</pre>
containing a PB-PA message with PA message type TCG/PTS to which the PTS-IMV is subscribed:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PB-PA message (136 bytes)
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] handling PB-PA message type 'TCG/PTS' 0x005597/0x00000001 0x005597/0x01
</pre>
The PA-TNC message contains a 'DH Nonce Parameters Response' from the TGC namespace
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IMV] 13[IMV] IMV 1 "Attestation" received message type 0x00559701 for Connection ID 1 from IMC 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PA-TNC message with ID 0x4a9b2c31 0xa69f8b02
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] processing PA-TNC attribute type 'TCG/DH Nonce Parameters Response' 0x005597/0x04000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 92 bytes @ 0x807d614 0x80b4c38
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 14 10 00 E0 00 1D 14 23 06 97 7D E7 E3 AA B1 9A 5C 9B 47 D0 0D ..........#..}.. ...........\.G..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: AF AE B6 57 FB A3 58 EF 3B F4 48 7A 55 EF DA 59 6A 4C 89 55 D3 77 49 6B 4B 74 DF CE B2 FB ...W..X.YjL.wIkK .;.HzU...U.t....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 44 16 FD 98 44 1D 79 1F 36 35 DF BB 27 3F 62 E7 EA 5B 6E 7C 5E 55 C4 04 7A A5 67 94 30 81 C8 65..'?b..[n|^U.. D...D.y.6z.g.0..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 04 89 B4 98 66 31 6A A2 A2 4E 5E AC DE 57 B7 3B 38 A8 1A AD 99 55 0E 91 2F E4 36 62 FA C2 08 63 ....f1j..N^..W.; 8....U../.6b...c
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 97 72 08 A6 90 7C 3C FB FD B3 45 05 C5 4D 21 10 88 69 41 79 35 D4 64 8C 4C D4 CB E9 7B 5E CF 0A .r...|<...E..M!. .iAy5.d.L...{^..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 0E 07 CE 94 B0 61 14 9F C1 22 10 93 E0 E9 74 66 4C BB 06 3B F8 DE 96 2E .....a...".. ..tfL..;....
</pre>
The PTS-IMC selected ECP_256 (IKE DH group 14) as the PTS DH group and returns a 20 byte DH responder nonce and the 32 byte ECP_256 DH responder public value from which together with the PTS-IMV's private DH value the shared DH secret can be derived:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] selected DH hash algorithm is HASH_SHA1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] selected PTS DH group is ECP_256
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] nonce length is 20
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] initiator nonce: => 20 bytes @ 0x8080198 0x80be424
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 84 1F F6 9B 46 C4 11 FB 33 64 F3 27 1D 62 3D C4 83 73 AE AE ..6...%......... F...3d.'.b=..s..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: F1 31 95 A3 8B 36 E4 F5 .1.. .6..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] responder nonce: => 20 bytes @ 0x807d740 0x80bbd24
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: 1D 14 23 06 97 7D E7 E3 AF AE B6 57 FB A3 58 AA B1 9A 5C 9B 47 D0 0D EF 3B F4 48 7A 55 EF DA ..#..}.....W..X. ...\.G...;.HzU..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: 59 6A 4C 89 55 D3 74 YjL. .U.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] shared DH secret: => 32 bytes @ 0x8081f60 0x80c1f84
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: F1 6A 3B 1C 72 03 B0 18 EA 3C B6 74 D6 AD 33 E9 61 E8 7D D7 8C C8 DF 4E 5C 5A B7 48 75 38 0C B8 .j;.r....<.t..3. a.}....N\Z.Hu8..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: 2D 23 0B 3C 1C A9 5C 77 12 FE FF FF 67 E5 7F CB 08 8E E2 D5 B9 25 04 F8 03 BA 35 9F 3A 52 #.<..\w....g.... -#.....%....5.:R
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] secret assessment value: => 20 bytes @ 0x8081fd8 0x80b2afc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 0: 5F A0 E1 1B 01 B4 FF 2B 56 83 5D 35 DF 3C 94 28 24 AD AD AD 8B 79 6F AB 35 86 6C 7B 36 B7 _..]5.<.(.yo.5.l .....+V.$....{6.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[PTS] 13[PTS] 16: E2 23 4C CF FF CA D9 59 .#L. ...Y
</pre>
h3. DH Nonce Finish and TPM Version/AIK Info
The PTS-IMV sends its 32 byte ECP_256 DH initiator public value and its 20 byte initiator nonce in the 'DH Nonce Finish' attribute. Additionally the 'Get TPM Version Information' and a 'Get Attestation Identity Key' attributes are include in the PA-TNC message:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC message with ID 0xc75a895f 0x8345bdd1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/DH Nonce Finish' 0x005597/0x05000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 88 bytes @ 0x80821e0 0x80c26cc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 14 80 00 19 14 23 2B 46 C9 C4 B1 E2 2D 2D 11 80 E2 BC 83 5A 56 B5 F6 9C 18 DC ......#+F..V.... ......--.....ZV.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD B2 60 7F DB 1B 18 3F 91 3B 63 E0 E9 09 2A 67 0D AE FB D6 94 X.x...J. !2..`.. ..?.;c...*g.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FE DF DF B9 32 39 5A 2C D2 2C 58 2C 5F 3E B4 00 25 68 E8 EB .{5S..#.e.H5.... 29Z,.,X,_>..%h..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 72 C4 DD 16 8B 55 E9 84 9E 46 93 B3 C7 AE 45 E0 07 05 AF D6 5C 57 26 92 D7 4E F2 14 08 60 r....U...E.....` .F....\W&..N...`
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A EF 13 9C AC 96 A4 74 78 46 C4 11 FB 33 64 F3 27 1D 62 3D C4 2.X...6...%..... ..txF...3d.'.b=.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: 84 1F F6 9B F1 31 95 A3 83 73 AE AE 8B 36 E4 F5 .....1.. .s...6..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/Get TPM Version Information' 0x005597/0x08000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 4 bytes @ 0x80808e8 0x80b6fd4
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 00 ....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PA-TNC attribute type 'TCG/Get Attestation Identity Key' 0x005597/0x0d000000
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 4 bytes @ 0x807c830 0x80c2e34
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 00 00 00 00 ....
</pre>
The PA-TNC message transfered via the IF-IMV SendMessage function call is inserted as a PB-PA message in an outbound PB-TNC SDATA batch:
<pre>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PB-PA message type 'TCG/PTS' 0x005597/0x00000001 0x005597/0x01
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] creating PB-TNC SDATA batch
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] adding PB-PA message
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] PB-TNC state transition from 'Server Working' to 'Client Working'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] sending PB-TNC SDATA batch (172 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] => 172 bytes @ 0x807d518 0x80bf50c
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 0: 02 80 00 02 00 00 00 AC 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 16: 00 00 00 A4 00 00 55 97 00 00 00 01 FF FF 00 01 ......U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 32: 01 00 00 00 C7 5A 89 5F 83 45 BD D1 80 00 55 97 05 00 00 00 .....Z._..U..... .....E....U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 48: 00 00 00 64 00 14 80 00 19 14 23 2B 46 C9 C4 56 B1 E2 2D 2D 11 80 E2 BC ...d......#+F..V ...d......--....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 64: B5 F6 9C 83 5A 56 DC 1B 18 58 A2 78 B0 E4 A7 4A C7 20 21 32 CD 3F 91 3B 63 E0 E9 09 2A 67 0D ....X.x...J. !2. .ZV...?.;c...*g.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 80: B2 60 7F DB 0F 7B 35 53 AE FA 23 C0 65 A5 48 35 FB D6 94 32 39 5A 2C D2 2C 58 2C 5F 3E B4 00 .`...{5S..#.e.H5 ....29Z,.,X,_>..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 96: FE DF DF B9 72 C4 DD 16 8B 55 E9 84 25 68 E8 EB 9E 46 93 B3 C7 AE 45 E0 07 5C 57 26 92 D7 4E ....r....U...E.. %h...F....\W&..N
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 112: 05 AF D6 F2 14 08 60 32 95 58 81 A6 CA 36 F6 A1 CC 25 1A 96 A4 74 78 46 C4 11 FB 33 64 F3 27 ...`2.X...6...%. ...`..txF...3d.'
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 128: EF 13 9C AC 84 1F F6 9B F1 31 95 A3 1D 62 3D C4 83 73 AE AE 8B 36 E4 F5 80 00 55 97 .........1....U. .b=..s...6....U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 144: 08 00 00 00 00 00 00 10 00 00 00 00 80 00 55 97 ..............U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[TNC] 13[TNC] 160: 0D 00 00 00 00 00 00 10 00 00 00 00 ............
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[IKE] 13[IKE] sending tunneled EAP-TTLS AVP [EAP/REQ/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[ENC] 13[ENC] generating IKE_AUTH response 9 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 05[NET] 13[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
</pre>
In response a PB-TNC CDATA batch is received
<pre>
Feb 10 09:05:24 ov 29 07:39:23 moon charon: 04[NET] 16[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[ENC] 16[ENC] parsed IKE_AUTH request 10 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[ENC] 16[ENC] generating IKE_AUTH response 10 [ EAP/REQ/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 04[NET] 16[NET] sending packet: from 192.168.0.1[4500] to 192.168.0.254[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[NET] 08[NET] received packet: from 192.168.0.254[4500] to 192.168.0.1[4500]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[ENC] 08[ENC] parsed IKE_AUTH request 11 [ EAP/RES/TTLS ]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[IKE] 08[IKE] received tunneled EAP-TTLS AVP [EAP/RES/TNC]
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] received TNCCS batch (1251 (1413 bytes) for Connection ID 1
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] => 1251 1413 bytes @ 0x80837c2 0x80c3bbe
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 0: 02 00 00 01 00 00 04 E3 05 85 80 00 00 00 00 00 00 01 ................
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 16: 00 00 04 DB 05 7D 00 00 55 97 00 00 00 01 00 01 FF FF ......U......... ...}..U.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 32: 01 00 00 00 9E B3 B6 85 1E 82 D8 06 00 00 55 97 09 00 00 00 ..........U.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 48: 00 00 00 20 1B 00 30 01 02 03 11 01 02 00 02 02 00 49 46 58 ... .0.......IFX .....0.......IFX
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 64: 00 00 05 03 11 00 08 00 00 00 55 97 0E 00 00 00 00 00 05 42 00 ..........U..... .....U........B.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 80: 00 00 04 9B 00 30 82 04 8A 05 31 30 82 03 72 04 19 A0 03 02 01 02 02 10 15 .....0...0..r... 0..10...........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 96: 01 02 02 10 33 55 8F BC AE 0F D9 47 78 74 D6 E5 C8 E6 07 AD F7 B6 3C 0A F2 87 51 0C 34 F7 BA 30 ....3U.....Gxt.. ......<...Q.4..0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 112: C9 1B 24 28 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 4D ..$(0...*.H..... ...*.H........0M
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 128: 05 05 00 30 50 31 16 30 14 06 03 55 04 0A 13 0D 70 72 69 76 61 ...0P1.0...U.... 1.0...U....priva
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 144: 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 31 36 33 30 31 06 03 55 04 privacyca.com160 cyca.com1301..U.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 160: 34 06 03 55 04 03 13 2D 2A 50 72 69 76 61 63 79 20 4..U...-Privacy
Feb 10 09:05:24 moon charon: 03[TNC] 176: 43 41 20 49 6E 73 65 63 75 72 65 2F 55 6E 63 68 45 4B ..*Privacy CA Insecure/Unch EK
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 192: 176: 2D 43 65 72 74 2D 43 68 65 63 6B 65 64 20 41 49 -Cert-Checked AI
Nov 29 07:39:23 moon charon: 08[TNC] 192: 4B 20 43 65 72 74 69 66 ecked AIK Certif
Feb 10 09:05:24 moon charon: 03[TNC] 208: 69 63 61 74 65 30 1E 17 K Certificate0..
Nov 29 07:39:23 moon charon: 08[TNC] 208: 0D 31 32 31 31 31 30 32 30 38 37 35 30 35 31 5A 17 0D icate0...1202081 .111102075051Z..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 224: 30 34 31 32 30 5A 17 0D 31 33 31 30 32 30 38 37 35 30 35 31 5A 30 00 30 04120Z..13020810 121102075051Z0.0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 240: 34 31 32 30 5A 30 00 30 82 01 22 30 0D 06 09 2A 4120Z0.0.."0...*
Feb 10 09:05:24 moon charon: 03[TNC] 256: 86 48 86 F7 0D 01 01 01 .."0...*.H......
Nov 29 07:39:23 moon charon: 08[TNC] 256: 05 00 03 82 01 0F 00 30 .H.............0
Feb 10 09:05:24 moon charon: 03[TNC] 272: 82 01 0A 02 82 01 01 00 81 E3 38 7C 4D 46 70 CB ..........8|MFp. .......0........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 272: E9 1C 5F 57 5B 73 5F 35 15 BD AF 29 89 13 F1 F9 .._W[s_5...)....
Nov 29 07:39:23 moon charon: 08[TNC] 288: D5 33 8D 83 62 38 50 AD 98 D1 28 56 D3 6E 71 CF AA E3 6C 73 C0 5F 8B 90 5A B8 1A 72 B9 D2 51 .3b8P...(V.nq... ..bls._..Z..r..Q
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 304: C8 31 BD F6 FE 53 6A ED C8 54 0E 7C FB 00 98 80 F8 DC 24 CF 0D 9E E2 0B F8 8D 11 CD B2 E5 6B CB .1...Sj..T.|.... ..$...........k.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 320: D6 7D C7 57 D4 EC 24 93 59 48 1F DA 67 30 87 4F C2 AB FA BD F4 74 D2 25 B3 AE CE 47 66 58 A6 65 .}.W..$.YH..g0.O .....t.%...GfX.e
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 336: D3 59 B2 A4 CA A8 9D CE C9 27 9A 03 57 C0 FE 1F AB 36 24 1E 6E 22 A4 9F 88 C5 63 78 AD 53 33 .Y......'..W.... ..6$.n"....cx.S3
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 352: EE E5 C2 90 22 91 6F 83 8F 2A A8 C6 D5 DC C7 1E 81 74 4D 3D B5 98 6D 0C 15 3E 89 19 48 63 ..........tM=..m .".o..*....>..Hc
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 368: 57 22 74 BE 4C 35 02 F1 41 7C E3 68 C1 1C 1C 2F 57 54 CA F4 03 7E 10 8E 4D DB 5A D1 63 9A 3C W"t..A|.h.../WT. .L5...~..M.Z.c.<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 384: 4A FB D6 3D 33 37 A9 BC FF 6F 50 13 CC C2 D3 83 D9 63 F5 7B C6 73 0F 23 05 B6 00 30 3B 34 6C 3C J..=37...oP..... .c.{.s.#...0;4l<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 400: F1 4B 01 FD 66 A6 EE 7A D3 E0 E2 C0 51 55 A2 8A 10 A9 A5 4A 79 2E 62 88 E3 CC 7F 7B A7 5A E3 6F .K..f..z....QU.. ...Jy.b....{.Z.o
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 416: AB F4 85 09 74 24 64 03 DD 65 1C 26 2F 35 08 13 7A BD BF 86 1D 3C E3 12 3A 8C 0E 7D 47 55 C6 ....t$d..e.&/5.. .z....<..:..}GU.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 432: 57 D9 28 DA 76 A9 D3 D7 5B ED C8 C6 6C 43 7E DE D3 93 61 16 22 8A 32 C5 E7 CD 17 DB 5F A1 67 W.(...[...lC~... v..a.".2....._.g
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 448: F4 D5 D7 36 CC 1D F5 D9 25 51 01 33 1E 31 9A A8 42 10 7A F5 94 93 9C 8F 05 45 85 53 2E 2C 2B ...6.1..B.z..... ....%Q.3..E.S.,+
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 464: BD 6D BC 66 1D 30 A5 B3 B3 44 4D DA 6D 35 64 A6 59 E5 FE C2 61 26 36 12 05 F2 5C 95 F8 70 E6 .m.f.0...DM.m5d. .Y...a&6...\..p.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 480: 08 EB D2 A6 99 18 56 01 28 3B 26 6A DB BF 30 1E 46 05 E6 0E 94 FD 6F 7F AD 3C 0C C6 1C 96 B4 ......V.(;&..o.. j..0.F....<.....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 496: 59 AC 5C 63 15 8C 77 E8 45 68 3C 8A 7D 38 8C 91 6B 8B B1 0D DB D8 5F 76 16 F5 5E 8A 4B 26 Eh<.}8..._v..^.K Y.\c..w.E.k....&
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 512: C2 3C E5 34 1C E8 B9 B5 6E 7F 9B 6E 7D 24 82 6E 2B 19 8A 27 D9 80 3C C8 13 01 11 70 CC D6 EF .+..'..<....p... <.4....n..n}$.n+
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 528: 57 F3 EF 37 A2 E6 B5 49 02 03 01 00 01 A3 82 01 02 58 30 82 02 54 30 81 93 W..7...I........ ........X0..T0..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 544: AE 30 82 01 AA 30 37 06 03 55 1D 09 04 81 8B 30 81 88 30 2E 3A 06 03 55 .0...07..U...00. ..U.....0..0:..U
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 560: 04 34 31 33 30 0B 30 09 06 05 2B 0E 03 02 1A 05 .4130.0...+.....
Nov 29 07:39:23 moon charon: 08[TNC] 576: 00 30 24 30 22 06 09 2A 86 48 86 F7 0D 01 01 07 .0$0"..*.H......
Nov 29 07:39:23 moon charon: 08[TNC] 592: 30 15 A2 13 30 11 06 09 2A 86 48 86 F7 0D 01 01 0...0...*.H.....
Nov 29 07:39:23 moon charon: 08[TNC] 608: 09 04 04 54 43 50 41 30 16 06 05 67 81 05 02 10 ...TCPA0...g....
Nov 29 07:39:23 moon charon: 08[TNC] 624: 31 0D 30 0B 0C 03 31 0...g....1.0...1
Feb 10 09:05:24 moon charon: 03[TNC] 576: 2E 31 32 02 01 02 02 01 01 00 30 14 1.0...1.2......0
Nov 29 07:39:23 moon charon: 08[TNC] 640: 32 06 05 67 81 05 02 12 31 29 30 27 01 01 FF A0 .1......0...g... 2..g....1)0'....
Feb Nov 29 07:39:23 moon charon: 08[TNC] 656: 03 0A 01 01 A1 03 0A 01 00 A2 03 0A 01 00 A3 10 09:05:24 ................
Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 592: 12 31 0B 672: 30 09 80 0E 16 03 33 2E 30 0A 01 00 81 04 0A 01 00 82 01 02 30 5D 01 FF .1.0..........0] 0...3.0.........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 608: 688: 01 01 FF 30 62 06 03 55 1D 11 01 01 FF 04 53 58 30 51 A4 42 30 40 ..U......S0Q.B0@ ...0b..U......X0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 624: 704: 56 A4 47 30 45 31 16 30 14 06 05 67 81 05 02 01 V.G0E1.0...g....
Nov 29 07:39:23 moon charon: 08[TNC] 720: 0C 0B 69 64 3A 34 39 34 36 35 38 30 30 31 17 30 1.0...g......id: ..id:494658001.0
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 640: 30 30 30 30 30 30 30 30 31 12 30 10 736: 15 06 05 67 81 05 02 02 0C 0C 53 4C 42 39 36 33 000000001.0...g. ...g......SLB963
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 656: 05 02 02 0C 07 55 6E 6B 6E 6F 77 6E 752: 35 54 54 31 2E 32 31 12 30 10 .....Unknown1.0.
Feb 10 09:05:24 moon charon: 03[TNC] 672: 06 05 67 81 05 02 5TT1.21.0...g...
Nov 29 07:39:23 moon charon: 08[TNC] 768: 03 0C 07 69 64 3A 30 31 30 30 30 ..g......id:0000
Feb 10 09:05:24 moon charon: 03[TNC] 688: 32 A0 0B 06 05 67 81 ...id:0102....g.
Nov 29 07:39:23 moon charon: 08[TNC] 784: 05 02 0F A0 02 0C 00 30 0C 06 ....g........0..
Feb 10 09:05:24 moon charon: 03[TNC] 704: 03 55 1D 13 01 01 .......0...U....
Nov 29 07:39:23 moon charon: 08[TNC] 800: FF 04 02 30 00 30 81 E0 82 01 27 06 03 55 1D 20 01 01 .U.......0.0.... ...0.0..'..U. ..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 720: 55 1D 20 01 01 816: FF 04 81 D5 82 01 1B 30 81 D2 82 01 17 30 67 06 0A 2B 06 01 U. ......0..0g.. .....0...0g..+..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 736: 2B 06 01 832: 04 01 81 E3 42 01 10 11 30 59 30 29 06 08 2B 06 01 +......B..0Y0).. ....B..0Y0)..+..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 752: 2B 06 01 848: 05 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 77 77 +.........http:/ .......http://ww
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 768: 2F 864: 77 77 77 2E 70 72 69 76 61 63 79 63 61 2E 63 6F 6D 2F /www.privacyca.c w.privacyca.com/
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 784: 6F 6D 2F 880: 63 70 73 2F 30 2C 06 08 2B 06 01 05 05 07 02 02 om/cps/0,..+.... cps/0,..+.......
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 800: 07 02 02 896: 30 20 0C 1E 54 43 50 41 20 54 72 75 73 74 65 64 ...0 0 ..TCPA Trus Trusted
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 816: 74 65 64 912: 20 50 6C 61 74 66 6F 72 6D 20 49 64 65 ted 6E 74 69 Platform Ide Identi
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 832: 6E 928: 74 69 74 79 30 67 81 AB 06 04 55 1D 20 00 30 5F 30 0B 60 86 48 01 86 F8 45 01 07 ntity0g..U. .0_0 ty0....`.H...E..
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 848: 25 944: 2F 01 30 81 9B 30 39 06 08 2B 06 01 05 05 07 02 /.0..09..+......
Nov 29 07:39:23 moon charon: 08[TNC] 960: 01 16 19 2D 68 74 74 %..+.........htt
Feb 10 09:05:24 moon charon: 03[TNC] 864: 70 3A 2F 2F 77 77 77 2E 70 72 69 76 61 63 79 63 65 p://www.privacyc ..-http://www.ve
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 880: 61 976: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 risign.com/repos
Nov 29 07:39:23 moon charon: 08[TNC] 992: 69 74 6F 72 79 2F 69 6E 64 65 78 2E 68 74 6D 6C itory/index.html
Nov 29 07:39:23 moon charon: 08[TNC] 1008: 30 36 5E 06 08 2B 06 01 05 05 07 02 02 30 52 1E 50 a.com/06..+..... 0^..+.......0R.P
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 896: 02 02 30 2A 0C 28 08[TNC] 1024: 00 54 00 43 00 50 00 41 00 20 00 54 00 72 00 75 73 74 ..0*.(TCPA Trust .T.C.P.A. .T.r.u
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 912: 08[TNC] 1040: 00 73 00 74 00 65 00 64 00 20 00 50 00 6C 00 61 .s.t.e.d. .P.l.a
Nov 29 07:39:23 moon charon: 08[TNC] 1056: 00 74 00 66 00 6F 00 72 00 6D 00 20 00 4D 00 6F 64 75 ed Platform Modu .t.f.o.r.m. .M.o
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 928: 08[TNC] 1072: 00 64 00 75 00 6C 00 65 00 20 00 45 00 6E 00 64 .d.u.l.e. .E.n.d
Nov 29 07:39:23 moon charon: 08[TNC] 1088: 00 6F 00 72 00 73 00 65 00 6D 00 65 00 6E 00 74 30 1F le Endorsement0. .o.r.s.e.m.e.n.t
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 944: 08[TNC] 1104: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 B0 E5 97 E0 9B 66 FF 3C ..U.#..0........ 0...U.#..0...f.<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 08[TNC] 1120: C0 41 02 0A 60 27 4C BE 29 81 F0 58 DC B2 A3 3E 960: 23 75 B1 FD BF 01 5E 72 BA 36 D4 48 32 A0 33 30 #u....^r.6.H2.30 .A..`'L.)..X...>
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 976: 08[TNC] 1136: A2 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 ...*.H.......... .0...*.H........
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 992: 08[TNC] 1152: 03 82 01 01 00 1D 78 37 17 95 C3 37 C6 09 C4 1C 3D C3 0A ....x7..7....=..
Feb 10 09:05:24 moon charon: 03[TNC] 1008: 01 7F 59 8D 24 A8 74 81 C9 79 A2 63 45 2C 04 0C ..Y.$.t..y.cE,..
Feb 10 09:05:24 moon charon: 03[TNC] 1024: B4 CD 7F B9 42 DC FE 67 67 E7 45 C9 F6 CB 7E 42 ....B..gg.E...~B
Feb 10 09:05:24 moon charon: 03[TNC] 1040: B7 2A 8A 74 14 B7 BE FF EB 77 0E B0 D1 B5 99 E7 ED 9D EA AE 90 DF 4A .*.t.....w...... .....x.........J
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1056: 49 8C 7B 12 08[TNC] 1168: AA 02 38 60 55 0B 1D 1A 03 0E BA AF 9E 3B 74 I.{.`U........;t
Feb 10 09:05:24 moon charon: 03[TNC] 1072: 20 F9 17 8A 0F 47 2D 3C DB C4 9A 05 67 3C F0 E0 33 ....G-<...g<..3
Feb 10 09:05:24 moon charon: 03[TNC] 1088: A6 3C C5 0E C6 0B DB 6E 7A 53 08 6A 09 3B C6 3B 75 1A 00 E9 4B F8 0F 01 A7 .<.....n.j.;.;u. ..8`..zS...K....
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1104: 7A 6B 84 BA 4A 69 6E AF 59 54 89 4A E5 07 D7 51 zk..Jin.YT.J...Q
Feb 10 09:05:24 moon charon: 03[TNC] 1120: 33 B9 9E AE F2 4C 0D 81 36 14 FD 82 52 C3 BF 6A 3....L..6...R..j
Feb 10 09:05:24 moon charon: 03[TNC] 1136: DC 8D 55 46 E0 DE B9 A6 A0 49 BB 43 0A F3 45 EA ..UF.....I.C..E.
Feb 10 09:05:24 moon charon: 03[TNC] 1152: 08[TNC] 1184: 26 58 2F D2 E4 6C 87 F3 B7 F7 E9 16 E5 0B 5D DC &X/..l........].
Feb 10 09:05:24 moon charon: 03[TNC] 1168: 54 B0 8E F8 9C 64 B1 CE 75 EA 92 3D 9C CF 35 C1 F2 9B D1 F5 D6 C2 3C 87 D6 D5 04 99 .u..=..5..<..... &.T....d.......<
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1184: 0B C5 9F 45 75 00 23 5F C5 08[TNC] 1200: 4A 20 56 FC 64 B0 21 58 B9 AB 73 D8 57 39 80 7B 5B FB 65 0C 2A BE ...Eu.#_...s.W9. J V.d.!X.{[.e.*.
Feb 10 09:05:24 Nov 29 07:39:23 moon charon: 03[TNC] 1200: AE 6D 58 98 CE F3 29 6B 1B 8A A2 0B 78 71 C3 B0 .mX...)k....xq..
Feb [ Incomplete diff, document too large... ]