Version 126 - History - Trusted Platform Module 2.0 - strongSwan

Trusted Platform Module 2.0 » History » Version 126

Andreas Steffen, 02.01.2021 13:14

-Andreas Steffen
+h1. Trusted Platform Module 2.0
 Andreas Steffen
-Andreas Steffen
+{{>toc}}
 Andreas Steffen
-Andreas Steffen
+h2. Connect to a TPM 2.0 Device
 Andreas Steffen
-Andreas Steffen
+h3. Install the tpm2-tss Software Stack and the tpm2-tools Command Set
 Andreas Steffen
-Andreas Steffen
+In order to connect to a TPM 2.0 hardware or firmware device a software stack implementing the "TCG TSS 2.0 System Level API":https://trustedcomputinggroup.org/resource/tcg-tss-2-0-system-level-api-sapi-specification/ is needed. An excellent open source "tpm2-tss":https://github.com/tpm2-software/tpm2-tss library is available from the "tpm2-software":https://github.com/tpm2-software project which also offers a set of "tpm2-tools":https://github.com/tpm2-software/tpm2-tools which itself uses the "TCG TSS 2.0 Enhanced System Level API":https://trustedcomputinggroup.org/resource/tcg-tss-2-0-enhanced-system-api-esapi-specification/.
 Andreas Steffen
-Andreas Steffen
+When using the latest *strongswan-5.9.1* version with a *Linux 5.4* kernel or newer, we recommend these latest versions:
 Andreas Steffen
-Andreas Steffen
+* *tpm2-tss* version 3.0.3: https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.3
 Andreas Steffen
-Andreas Steffen
+* *tpm2-tools* version 5.0: https://github.com/tpm2-software/tpm2-tools/releases/tag/5.0
 Andreas Steffen
-Andreas Steffen
+Support for earlier strongSwan versions and Linux kernels can be found [[TpmPluginOld|here]].
 Andreas Steffen
-Andreas Steffen
+In order to test if we can connect to the TPM 2.0 device we list all persistent keys stored in the Non-Volatile (NV) RAM:
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_getcap handles-persistent
-Andreas Steffen
+- 0x81000001
-Andreas Steffen
+- 0x81000002
-Andreas Steffen
+- 0x81010001
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+A manual showing all *tpm2-tools* functions with their arguments can be found "here":https://github.com/tpm2-software/tpm2-tools/tree/5.0/man. The access to the */dev/tpmrm0* TPM resource manager device requires *root* rights on most Linux platforms. But e.g. with Ubuntu, adding the user to the *tss* group enables direct access to the TPM device:
-Andreas Steffen
+<pre>
-Andreas Steffen
+sudo usermod -a -G tss <username>
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h3. Enable the strongSwan tpm Plugin
 Andreas Steffen
-Andreas Steffen
+The strongSwan libtpmtss *tpm* plugin and the TSS2 interface are enabled and built with the following options
 Andreas Steffen
-Andreas Steffen
+  ./configure --enable-tss-tss2 --enable-tpm  ...
 Andreas Steffen
-Andreas Steffen
+With the strongSwan [[IpsecPki|pki]] tool we can now list the persistent key stored under the handle *0x81010001*
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type priv --keyid 0x81010001 --debug 2
-Andreas Steffen
+</pre>
-Andreas Steffen
+With debug level 2 some basic information on the TPM device is shown; A second generation Intel firmware TPM running on the Intel Management Engine is employed. Both SHA1 and SHA256 PCR banks are available:
-Andreas Steffen
+<pre>
-Andreas Steffen
+TPM 2.0 - manufacturer: INTC (Intel) rev: 01.38 2018
-Andreas Steffen
+TPM 2.0 - algorithms: RSA SHA1 HMAC AES MGF1 KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH ECDAA ECSCHNORR KDF1_SP800_56A KDF1_SP800_108 ECC SYMCIPHER CTR OFB CBC CFB ECB
-Andreas Steffen
+TPM 2.0 - ECC curves: NIST_P256 BN_P256
-Andreas Steffen
+TPM 2.0 - PCR banks: SHA1 SHA256
-Andreas Steffen
+</pre>
-Andreas Steffen
+Apparently the analyzed persistent key can be used for encryption only because no signature algorithm is defined:
-Andreas Steffen
+<pre>
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+signature algorithm is NULL with ERROR hash
-Andreas Steffen
+</pre>
-Andreas Steffen
+Debug level 2 shows that [[IpsecPki|pki]] extracts the public key from the TPM and converts it into a standard PKCS#1 format:
-Andreas Steffen
+<pre>
-Andreas Steffen
+L0 - subjectPublicKeyInfo:
-Andreas Steffen
+L1 - algorithm:
-Andreas Steffen
+L2 - algorithmIdentifier:
-Andreas Steffen
+L3 - algorithm:
-Andreas Steffen
+  'rsaEncryption'
-Andreas Steffen
+L1 - subjectPublicKey:
-Andreas Steffen
+-- > --
-Andreas Steffen
+L0 - RSAPublicKey:
-Andreas Steffen
+L1 - modulus:
-Andreas Steffen
+L1 - publicExponent:
-Andreas Steffen
+-- < --
-Andreas Steffen
+</pre>
-Andreas Steffen
+At the end of the output the fingerprint of the 2048 bit RSA key is listed:
-Andreas Steffen
+<pre>
-Andreas Steffen
+  privkey:   RSA 2048 bits
-Andreas Steffen
+  keyid:     ee:c7:bf:5a:de:0f:11:84:2c:86:2b:69:84:ba:65:b9:81:d2:a9:45
-Andreas Steffen
+  subjkey:   df:f2:e9:e7:79:98:f0:d2:0b:62:db:c0:5c:2c:eb:45:73:85:e9:79
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Derive a Persistent RSA Endorsement Key
 Andreas Steffen
-Andreas Steffen
+The "tpm2_createek":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_createek.1.md command derives a 2048 bit RSA Endorsement Key (EK) in a deterministic way from the secret _Endorsement Primary Seed_ *unique* to each TPM device and makes the key persistent in the non-volatile memory of the TPM under the object handle *0x81010002*
 Andreas Steffen
-Andreas Steffen
+ tpm2_createek -G rsa -c 0x81010002
 Andreas Steffen
-Andreas Steffen
+Using the "tpm2_getcap":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_getcap.1.md command we can check that the newly derived Endorsement Key has been persisted in the NV RAM
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_getcap handles-persistent
-Andreas Steffen
+- 0x81000001
-Andreas Steffen
+- 0x81000002
-Andreas Steffen
+- 0x81010001
-Andreas Steffen
+- 0x81010002
-Andreas Steffen
+</pre>
-Andreas Steffen
+Listing the key properties shows that the 2048 bit Endorsement Key already exists under the handle *0x81010001* analyzed in the previous section
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type priv --keyid 0x81010002
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+signature algorithm is NULL with ERROR hash
-Andreas Steffen
+  privkey:   RSA 2048 bits
-Andreas Steffen
+  keyid:     ee:c7:bf:5a:de:0f:11:84:2c:86:2b:69:84:ba:65:b9:81:d2:a9:45
-Andreas Steffen
+  subjkey:   df:f2:e9:e7:79:98:f0:d2:0b:62:db:c0:5c:2c:eb:45:73:85:e9:79
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h3. Delete Persisted Keys
 Andreas Steffen
-Andreas Steffen
+We therefore delete the duplicate key with the following "tpm2_evictcontrol":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_evictcontrol.1.md command
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_evictcontrol -c 0x81010002
-Andreas Steffen
+persistent-handle: 0x81010002
-Andreas Steffen
+action: evicted
-Andreas Steffen
+</pre>
-Andreas Steffen
+The key removal can be verified with
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_getcap handles-persistent
-Andreas Steffen
+- 0x81000001
-Andreas Steffen
+- 0x81000002
-Andreas Steffen
+- 0x81010001
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Derive a Persistent ECC Endorsement Key
 Andreas Steffen
-Andreas Steffen
+Again using the "tpm2_createek":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_createek.1.md command we derive a 256 bit ECC Endorsement Key (EK) in a deterministic way from the secret _Endorsement Primary Seed_ *unique* to each TPM device and make the key persistent in the non-volatile memory of the TPM under the object handle *0x81010002*:
 Andreas Steffen
-Andreas Steffen
+ tpm2_createek -G ecc -c 0x81010002 -u ek_ecc.pub
 Andreas Steffen
-Andreas Steffen
+Optionally we saved the public key in a TPM 2.0 proprietary format in the file *ek_ecc.pub*. The fingerprint of the ECC EK private key can be directly displayed with the command
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type priv --keyid 0x81010002
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+signature algorithm is NULL with ERROR hash
-Andreas Steffen
+  privkey:   ECDSA 256 bits
-Andreas Steffen
+  keyid:     25:db:73:13:0f:c9:c8:91:68:30:8e:02:89:c1:0d:65:bd:ad:69:2a
-Andreas Steffen
+  subjkey:   9c:b9:fb:b0:32:81:24:82:a7:07:b2:bd:bd:d3:7c:2b:22:7f:74:bf
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Endorsement Key Certificates
 Andreas Steffen
-Andreas Steffen
+h3. Fetched via URL
 Andreas Steffen
-Andreas Steffen
+Endorsement Key certificates issued for Intel firmware TPMs can be automatically downloaded from an Intel web server using the "tpm2_getcertificate":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_getekcertificate.1.md command:
 Andreas Steffen
-Andreas Steffen
+ tpm2_getekcertificate -o ek_ecc.crt -u ek_ecc.pub
 Andreas Steffen
-Andreas Steffen
+For successful retrieval the public key *ek_ecc.pub* in the TPM 2.0 proprietary format is required. Using the [[IpsecPki|pki]] tool we can list the downloaded EK certificate belonging to the ECC key:
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type x509 --in ek_ecc.crt
-Andreas Steffen
+  subject:  ""
-Andreas Steffen
+  issuer:   "C=US, ST=CA, L=Santa Clara, O=Intel Corporation, OU=TPM EK intermediate for CNL_EPID_POST_B1LP_PROD_2 pid:9, CN=www.intel.com"
-Andreas Steffen
+  validity:  not before Sep 04 02:00:00 2019, ok
-Andreas Steffen
+             not after  Jan 01 00:59:59 2050, ok (expires in 10600 days)
-Andreas Steffen
+  serial:    07:99:3b:c6:88:aa:7d:72:b0:24:24:05:09:01:bb:42:55:70:1a:43
-Andreas Steffen
+  altNames:  tcg-at-tpmManufacturer=id:494E5443, tcg-at-tpmModel=CNL, tcg-at-tpmVersion=id:00020000
-Andreas Steffen
+  CRL URIs:  https://trustedservices.intel.com/content/CRL/ekcert/CNLEPIDPOSTB1LPPROD2_EK_Device.crl
-Andreas Steffen
+  certificatePolicies:
-Andreas Steffen
+.2.840.113741.1.5.2.1
-Andreas Steffen
+             CPS: https://trustedservices.intel.com/content/CRL/ekcert/EKcertPolicyStatement.pdf
-Andreas Steffen
+  authkeyId: 17:a0:05:75:d0:5e:58:e3:88:12:10:bb:98:b1:04:5b:b4:c3:06:39
-Andreas Steffen
+  subjkeyId: 9c:b9:fb:b0:32:81:24:82:a7:07:b2:bd:bd:d3:7c:2b:22:7f:74:bf
-Andreas Steffen
+  pubkey:    ECDSA 256 bits
-Andreas Steffen
+  keyid:     25:db:73:13:0f:c9:c8:91:68:30:8e:02:89:c1:0d:65:bd:ad:69:2a
-Andreas Steffen
+  subjkey:   9c:b9:fb:b0:32:81:24:82:a7:07:b2:bd:bd:d3:7c:2b:22:7f:74:bf
-Andreas Steffen
+</pre>
-Andreas Steffen
+For the RSA 2048 Endorsement Key we first have to extract the public keyfile *ek_rsa.pub* in the TPM 2.0 proprietary format using the "tpm2_readpublic":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_readpublic.1.md command because we forgot to do this in the first place:
 Andreas Steffen
-Andreas Steffen
+ tpm2_readpublic -Q -c 0x81010001 -o ek_rsa.pub
 Andreas Steffen
-Andreas Steffen
+Now we can retrieve the RSA EK certificate, too:
 Andreas Steffen
-Andreas Steffen
+ tpm2_getekcertificate -o ek_rsa.crt -u ek_rsa.pub
 Andreas Steffen
-Andreas Steffen
+and view the contents with
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type x509 --in ek_rsa.crt
-Andreas Steffen
+  subject:  ""
-Andreas Steffen
+  issuer:   "C=US, ST=CA, L=Santa Clara, O=Intel Corporation, OU=TPM EK intermediate for CNL_EPID_POST_B1LP_PROD_2 pid:9, CN=www.intel.com"
-Andreas Steffen
+  validity:  not before Sep 04 02:00:00 2019, ok
-Andreas Steffen
+             not after  Jan 01 00:59:59 2050, ok (expires in 10600 days)
-Andreas Steffen
+  serial:    14:26:0b:eb:12:a2:82:87:af:3b:75:e0:a1:a4:87:60:72:95:55:92
-Andreas Steffen
+  altNames:  tcg-at-tpmManufacturer=id:494E5443, tcg-at-tpmModel=CNL, tcg-at-tpmVersion=id:00020000
-Andreas Steffen
+  CRL URIs:  https://trustedservices.intel.com/content/CRL/ekcert/CNLEPIDPOSTB1LPPROD2_EK_Device.crl
-Andreas Steffen
+  certificatePolicies:
-Andreas Steffen
+.2.840.113741.1.5.2.1
-Andreas Steffen
+             CPS: https://trustedservices.intel.com/content/CRL/ekcert/EKcertPolicyStatement.pdf
-Andreas Steffen
+  authkeyId: 17:a0:05:75:d0:5e:58:e3:88:12:10:bb:98:b1:04:5b:b4:c3:06:39
-Andreas Steffen
+  subjkeyId: df:f2:e9:e7:79:98:f0:d2:0b:62:db:c0:5c:2c:eb:45:73:85:e9:79
-Andreas Steffen
+  pubkey:    RSA 2048 bits
-Andreas Steffen
+  keyid:     ee:c7:bf:5a:de:0f:11:84:2c:86:2b:69:84:ba:65:b9:81:d2:a9:45
-Andreas Steffen
+  subjkey:   df:f2:e9:e7:79:98:f0:d2:0b:62:db:c0:5c:2c:eb:45:73:85:e9:79
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+We can easily check that in both EK certificates the key fingerprints (__keyid__ and __subjkey__) match with those of the EK keys persisted in the TPM.
 Andreas Steffen
-Andreas Steffen
+h3. Stored in Non-Volatile RAM
 Andreas Steffen
-Andreas Steffen
+Most hardware TPMs are shipped with their Endorsement Key Certificates stored in NV RAM. E.g. on an STMicroelectronics TPM device the following data objects are stored in an NV index:
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_getcap handles-nv-index
-Andreas Steffen
+- 0x1410001
-Andreas Steffen
+- 0x1410002
-Andreas Steffen
+- 0x1410004
-Andreas Steffen
+- 0x1880001
-Andreas Steffen
+- 0x1880011
-Andreas Steffen
+- 0x1C00002
-Andreas Steffen
+- 0x1C0000A
-Andreas Steffen
+- 0x1C00012
-Andreas Steffen
+- 0x1C10102
-Andreas Steffen
+- 0x1C10103
-Andreas Steffen
+- 0x1C10104
-Andreas Steffen
+- 0x1C101C0
-Andreas Steffen
+</pre>
-Andreas Steffen
+Using the "tpm2_nvreadpublic":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_nvreadpublic.1.md command we can look for large data objects which are prime candidates for X.509 certificates:
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_nvreadpublic
-Andreas Steffen
+  ...
-Andreas Steffen
+x1c00002:
-Andreas Steffen
+  name: 000b5c112bd5f410d0abe96a50e94ff721a005c32567e4b1112ab0a8fb7e0289b7f2
-Andreas Steffen
+  hash algorithm:
-Andreas Steffen
+    friendly: sha256
-Andreas Steffen
+    value: 0xB
-Andreas Steffen
+  attributes:
-Andreas Steffen
+    friendly: ppwrite|writedefine|write_stclear|ppread|ownerread|authread|no_da|written|platformcreate
-Andreas Steffen
+    value: 0x1600762
-Andreas Steffen
+  size: 1033
 Andreas Steffen
-Andreas Steffen
+x1c0000a:
-Andreas Steffen
+  name: 000b1948300e66afad594b7a8e8368d53ddd36908fb2b46dd7b5a88051b50e4047ab
-Andreas Steffen
+  hash algorithm:
-Andreas Steffen
+    friendly: sha256
-Andreas Steffen
+    value: 0xB
-Andreas Steffen
+  attributes:
-Andreas Steffen
+    friendly: ppwrite|writedefine|write_stclear|ppread|ownerread|authread|no_da|written|platformcreate
-Andreas Steffen
+    value: 0x1600762
-Andreas Steffen
+  size: 639
 Andreas Steffen
-Andreas Steffen
+x1c00012:
-Andreas Steffen
+  name: 000cde411e123085083eedb1c9312e08dd8d229df6a5e16996035a2e3000d860b372c924de0354a6af4c7886656d2065814f
-Andreas Steffen
+  hash algorithm:
-Andreas Steffen
+    friendly: sha384
-Andreas Steffen
+    value: 0xC
-Andreas Steffen
+  attributes:
-Andreas Steffen
+    friendly: ppwrite|writedefine|write_stclear|ppread|ownerread|authread|no_da|written|platformcreate
-Andreas Steffen
+    value: 0x1600762
-Andreas Steffen
+  size: 707
-Andreas Steffen
+  ...
-Andreas Steffen
+</pre>
-Andreas Steffen
+We can use the pki tool to directly list the properties of the EK certificates:
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type x509 --keyid 0x01c00002
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+loaded certificate from TPM NV index 0x01c00002
-Andreas Steffen
+  subject:  ""
-Andreas Steffen
+  issuer:   "C=CH, O=STMicroelectronics NV, CN=STM TPM EK Intermediate CA 06"
-Andreas Steffen
+  validity:  not before Feb 11 01:00:00 2020, ok
-Andreas Steffen
+             not after  Jan 01 01:00:00 2031, ok (expires in 3650 days)
-Andreas Steffen
+  serial:    72:78:a1:2c:87:b6:aa:45:c4:1f:57:ff:d1:3d:cf:93:42:34:b9:c9
-Andreas Steffen
+  altNames:  tcg-at-tpmManufacturer=id:53544D20, tcg-at-tpmModel=ST33HTPHAHD4, tcg-at-tpmVersion=id:00010101
-Andreas Steffen
+  authkeyId: fb:17:d7:0d:73:48:70:e9:19:c4:e8:e6:03:97:5e:66:4e:0e:43:de
-Andreas Steffen
+  subjkeyId: e9:3d:51:32:04:42:73:3e:fc:bb:9e:f8:0c:21:9a:53:ec:73:80:94
-Andreas Steffen
+  pubkey:    RSA 2048 bits
-Andreas Steffen
+  keyid:     d3:e3:71:79:df:32:53:34:60:0f:1f:38:dc:d4:6d:53:59:1b:c5:3c
-Andreas Steffen
+  subjkey:   e9:3d:51:32:04:42:73:3e:fc:bb:9e:f8:0c:21:9a:53:ec:73:80:94
-Andreas Steffen
+</pre>
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type x509 --keyid 0x01c0000a
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+loaded certificate from TPM NV index 0x01c0000a
-Andreas Steffen
+  subject:  ""
-Andreas Steffen
+  issuer:   "C=CH, O=STMicroelectronics NV, CN=STM TPM ECC Intermediate CA 02"
-Andreas Steffen
+  validity:  not before Mar 09 01:00:00 2020, ok
-Andreas Steffen
+             not after  Jan 01 01:00:00 2031, ok (expires in 3650 days)
-Andreas Steffen
+  serial:    51:e8:fc:b2:64:8d:1d:36:a5:bc:d7:c9:63:c1:d6:de:e7:25:09:a4
-Andreas Steffen
+  altNames:  tcg-at-tpmManufacturer=id:53544D20, tcg-at-tpmModel=ST33HTPHAHD4, tcg-at-tpmVersion=id:00010101
-Andreas Steffen
+  authkeyId: 66:2d:8f:1c:ec:df:f1:47:a8:b6:f0:ea:29:6a:f7:f2:4c:ad:f9:cf
-Andreas Steffen
+  subjkeyId: d1:e8:fc:b2:64:8d:1d:36:a5:bc:d7:c9:63:c1:d6:de:e7:25:09:a4
-Andreas Steffen
+  pubkey:    ECDSA 256 bits
-Andreas Steffen
+  keyid:     8b:62:31:bf:08:9d:39:74:6d:05:fd:35:eb:2e:13:64:12:86:03:16
-Andreas Steffen
+  subjkey:   d1:e8:fc:b2:64:8d:1d:36:a5:bc:d7:c9:63:c1:d6:de:e7:25:09:a4
-Andreas Steffen
+</pre>
-Andreas Steffen
+or we can first retrieve the binary certificate blob from the NV RAM using the "tpm2_nvread":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_nvread.1.md command:
 Andreas Steffen
-Andreas Steffen
+ tpm2_nvread 0x01c00012 -C o -o ek_ecc384.crt
 Andreas Steffen
-Andreas Steffen
+and then list the properties of the EK certificate file:
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type x509 --in ek_ecc384.crt
-Andreas Steffen
+  subject:  ""
-Andreas Steffen
+  issuer:   "C=CH, O=STMicroelectronics NV, CN=STM TPM ECC384 Intermediate CA 01"
-Andreas Steffen
+  validity:  not before Feb 08 01:00:00 2020, ok
-Andreas Steffen
+             not after  Jan 01 01:00:00 2031, ok (expires in 3650 days)
-Andreas Steffen
+  serial:    39:ed:ae:d4:89:9e:52:08:9f:42:8a:f5:d5:58:7b:50:a6:24:f3:63
-Andreas Steffen
+  altNames:  tcg-at-tpmManufacturer=id:53544D20, tcg-at-tpmModel=ST33HTPHAHD4, tcg-at-tpmVersion=id:00010101
-Andreas Steffen
+  authkeyId: bd:96:3e:9a:d5:74:aa:d9:4f:ad:6c:bf:41:6d:d8:5b:4a:55:99:42
-Andreas Steffen
+  subjkeyId: b9:ed:ae:d4:89:9e:52:08:9f:42:8a:f5:d5:58:7b:50:a6:24:f3:63
-Andreas Steffen
+  pubkey:    ECDSA 384 bits
-Andreas Steffen
+  keyid:     04:68:52:c4:00:ab:10:75:82:57:99:45:1e:7c:12:01:5a:8e:50:c9
-Andreas Steffen
+  subjkey:   b9:ed:ae:d4:89:9e:52:08:9f:42:8a:f5:d5:58:7b:50:a6:24:f3:63
-Andreas Steffen
+</pre>
-Andreas Steffen
+We see that the STMicroelectronics devices supports 384 bit ECC keys.
 Andreas Steffen
-Andreas Steffen
+h2. Generate a Persistent RSA Attestation Key
 Andreas Steffen
-Andreas Steffen
+A 2048 bit RSA Attestation Key (AK) bound to the EK with handle *0x81010001* can be created with the "tpm2_createak":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_createak.1.md command:
 Andreas Steffen
-Andreas Steffen
+  tpm2_createak -C 0x81010001 -G rsa -g sha256 -s rsassa -c ak_rsa.ctx -u ak_rsa.pub -n ak_rsa.name
 Andreas Steffen
-Andreas Steffen
+and made persistent under the handle *0x81010003* with the "tpm2_evictcontrol":https://github.com/tpm2-software/tpm2-tools/blob/5.0/man/tpm2_evictcontrol.1.md command:
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_evictcontrol -C o -c ak_rsa.ctx 0x81010003
-Andreas Steffen
+persistent-handle: 0x81010003
-Andreas Steffen
+action: persisted
-Andreas Steffen
+</pre>
-Andreas Steffen
+The properties of the RSA AK which is a signing key can be displayed with the command
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --print --type priv --keyid 0x81010003
-Andreas Steffen
+TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+signature algorithm is RSASSA with SHA256 hash
-Andreas Steffen
+  privkey:   RSA 2048 bits
-Andreas Steffen
+  keyid:     df:b7:8f:95:61:8f:70:84:f4:03:e8:7e:83:a6:dd:5f:c5:ff:72:b5
-Andreas Steffen
+  subjkey:   48:82:62:15:74:a2:10:c5:75:70:c2:d6:7d:59:9f:22:d9:4f:9c:07
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Generate a Persistent ECC Attestation Key
 Andreas Steffen
-Andreas Steffen
+A 256 bit ECC Attestation Key (AK) bound to the EK with handle 0x81010003 can be created and made persistent under the handle 0x81010004 with the following tpm2-tools command
 Andreas Steffen
-Andreas Steffen
+ tpm2_getpubak -E 0x81010003 -g ecc -D sha256 -s ecdsa -k 0x81010004 -f ak_ecc4.pub -n ak_ecc4.name
 Andreas Steffen
-Andreas Steffen
+The AK public key can be exported in PKCS#1 format from the TPM using the *pki* tool
 Andreas Steffen
-Andreas Steffen
+ pki --pub --keyid 0x81010004 > ak_ecc_pub.der
 Andreas Steffen
-Andreas Steffen
+The fingerprint of the ECC AK public key can be displayed with the command
 Andreas Steffen
-Andreas Steffen
+ pki --print --type pub --in ak_ecc_pub.der
-Andreas Steffen
+  pubkey:    ECDSA 256 bits
-Andreas Steffen
+  keyid:     71:49:7c:42:41:e7:c6:81:bc:31:73:f0:0f:7e:4a:e1:2d:53:00:38
-Andreas Steffen
+  subjkey:   c7:0e:63:f8:7f:6f:f6:55:00:e5:05:7f:5a:3e:6b:6c:e7:d2:d5:13
 Andreas Steffen
-Andreas Steffen
+h2. Generate Another ECC Attestation Key
 Andreas Steffen
-Andreas Steffen
+Multiple AK keys bound to a common EK key can be generated
 Andreas Steffen
-Andreas Steffen
+ tpm2_getpubak -E 0x81010003 -g ecc -D sha256 -s ecdsa -k 0x81010005 -f ak_ecc5.pub -n ak_ecc5.name
 Andreas Steffen
-Andreas Steffen
+The fingerprint of the second ECC AK private key can be displayed with the command
 Andreas Steffen
-Andreas Steffen
+ pki --print --type priv --in 0x81010005
-Andreas Steffen
+  pubkey:    ECDSA 256 bits
-Andreas Steffen
+  keyid:     c4:b4:9c:95:27:9e:ce:81:2f:98:42:c8:1b:f0:54:ff:d4:d1:24:34
-Andreas Steffen
+  subjkey:   cf:44:f4:f7:9d:97:09:ad:b1:09:3a:8e:6f:23:eb:9f:2c:35:94:c9
 Andreas Steffen
-Andreas Steffen
+h2. Remove a Persistent Key Object
 Andreas Steffen
-Andreas Steffen
+Since the non-volatile memory of the TPM is limited any persistent key object can be removed to free storage space.
-Andreas Steffen
+The following tpm2-tools command removes the ECC AK key with persistent handle 0x81010005
 Andreas Steffen
-Andreas Steffen
+ tpm2_evictcontrol -A o -H 0x81010005 -S 0x81010005
 Andreas Steffen
-Andreas Steffen
+h2. List Persistent Objects
 Andreas Steffen
-Andreas Steffen
+The following tpm2-tools command lists all persistent objects stored by the TPM in non-volatile memory
 Andreas Steffen
-Andreas Steffen
+ tpm2_listpersistent
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+persistent objects defined.
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81000001
 Andreas Steffen
-Andreas Steffen
+        Type: 0x23
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x30072
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81000002
 Andreas Steffen
-Andreas Steffen
+        Type: 0x23
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x60072
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81010001
 Andreas Steffen
-Andreas Steffen
+        Type: 0x1
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x300b2
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81010002
 Andreas Steffen
-Andreas Steffen
+        Type: 0x1
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x50072
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81010003
 Andreas Steffen
-Andreas Steffen
+        Type: 0x23
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x300b2
 Andreas Steffen
-Andreas Steffen
+. Persistent handle: 0x81010004
 Andreas Steffen
-Andreas Steffen
+        Type: 0x23
-Andreas Steffen
+        Hash algorithm(nameAlg): 0xb
-Andreas Steffen
+        Attributes: 0x50072
 Andreas Steffen
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Create a Demo Root CA
 Andreas Steffen
-Andreas Steffen
+The following *pki* command creates a 256 bit ECDSA private key for the Demo CA
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --gen --type ecdsa --size 256 --outform pem > demoCaKey.pem
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+Next we create a self-signed Root CA certificate
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --self --ca --type ecdsa --in demoCaKey.pem --dn="C=US, O=TNC Demo, CN=TNC Demo CA" --lifetime 3652 --outform pem > demoCaCert.pem
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Issue an RSA AIK Certificate
 Andreas Steffen
-Andreas Steffen
+Based on the RSA AK public key exported from the TPM, the following *pki* command generates an Attestation Identity Key (AIK) certificate signed by the Demo CA
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --issue --cacert demoCaCert.pem --cakey demoCaKey.pem --type pub --in ak_rsa_pub.der --dn "C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com" --san raspi5.example.com --lifetime 3651 > raspi5_ak_rsa_Cert.der
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Issue an ECC AIK Certificate
 Andreas Steffen
-Andreas Steffen
+Based on the ECC AK public key exported from the TPM, the following *pki* command generates an Attestation Identity Key (AIK) certificate signed by the Demo CA
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --issue --cacert demoCaCert.pem --cakey demoCaKey.pem --type pub --in ak_ecc_pub.der --dn "C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com" --san raspi5.example.com --lifetime 3651 > raspi5_ak_ecc_Cert.der
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+Many certification authorities issue certificates based on PKCS#10 certificate requests. This approach is also possible. First a certificate request is generated on the host the TPM resides on
-Andreas Steffen
+<pre>
-Andreas Steffen
+ pki --req --keyid 0x81010004 --dn "C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com" --san raspi5.example.com > ak_ecc_req.der
-Andreas Steffen
+</pre>
-Andreas Steffen
+When you are prompted for a smartcard PIN just press <enter> since this TPM private key is not protected by a PIN. In a second step the CA issues the AIK certificate based on the PKCS#10 certificate request
-Andreas Steffen
+<pre>
-Andreas Steffen
+pki --issue --cacert demoCaCert.pem --cakey demoCaKey.pem --type pkcs10 --in ak_ecc_req.der --lifetime 3651 > raspi5_ak_ecc_Cert.der
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Store the ECC AIK Certificate in the NV RAM of the TPM
 Andreas Steffen
-Andreas Steffen
+A TPM 2.0 has a certain amount of Non Volatile Random Access Memory (NV RAM) that can be used to store arbitrary data, e.g. the X.509 certificates matching the persistent keys. IF both the certificates and keys are persisted in the TPM then the system disk of the host can be reformatted at any time without loosing the machine or user credentials.As with smartcards the needed amount of memory must be reserved first so we check the size of the X.509 ECC certificate
-Andreas Steffen
+<pre>
-Andreas Steffen
+ls -l raspi5_ak_ecc_Cert.der
-Andreas Steffen
+-rw-r--r-- 1 root root 449 Feb 17  2017 raspi5_ak_ecc_Cert.der
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+We then define a memory location with a size of 449 bytes that can be accessed via the handle 0x01800004 which is also called the NV index
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_nvdefine -x 0x01800004 -a 0x40000001 -s 449 -t 0x2000A
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+Then we write the certificate file to the NV RAM destination
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_nvwrite -x 0x01800004 -a 0x40000001 raspi5_ak_ecc_Cert.der
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. List of NV Indexes
 Andreas Steffen
-Andreas Steffen
+A list of all defined NV indexes can be obtained with
 Andreas Steffen
-Andreas Steffen
+ tpm2_nvlist
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+NV indexes defined.
 Andreas Steffen
-Andreas Steffen
+. NV Index: 0x1500015
 Andreas Steffen
-Andreas Steffen
+	Hash algorithm(nameAlg):4
-Andreas Steffen
+ 	The Index attributes(attributes):0x44040004
-Andreas Steffen
+ 	The size of the data area(dataSize):4
 Andreas Steffen
-Andreas Steffen
+. NV Index: 0x1800004
 Andreas Steffen
-Andreas Steffen
+	Hash algorithm(nameAlg):11
-Andreas Steffen
+ 	The Index attributes(attributes):0x2002000a
-Andreas Steffen
+ 	The size of the data area(dataSize):449
 Andreas Steffen
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Remove NV Index
 Andreas Steffen
-Andreas Steffen
+The memory assigned to a given NV index can be released with the command
-Andreas Steffen
+<pre>
-Andreas Steffen
+tpm2_nvrelease -x 0x01800001 -a 0x40000001
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Configure TPM Private Key Access via VICI Interface
 Andreas Steffen
-Andreas Steffen
+Configuration of TPM private key access as tokens in the secrets section of *swanctl.conf*
 Andreas Steffen
-Andreas Steffen
+ secrets {
-Andreas Steffen
+    token_ak_rsa {
-Andreas Steffen
+       handle = 81010002
-Andreas Steffen
+       pin = 123456
 Andreas Steffen
-Andreas Steffen
+    token_ak_ecc {
-Andreas Steffen
+       handle = 81010004
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+Since the use of the RSA AK private key is password-protected, the PIN *123456* is added.
 Andreas Steffen
-Andreas Steffen
+h2. Define IPsec Connection with RSA AK Client Key
 Andreas Steffen
-Andreas Steffen
+This connection configuration in *swanctl.conf* uses the RSA AK certificate for client authentication
-Andreas Steffen
+<pre>
-Andreas Steffen
+connections {
-Andreas Steffen
+   rsa {
-Andreas Steffen
+      local_addrs  = 10.10.0.105
-Andreas Steffen
+      remote_addrs = 10.10.0.104
 Andreas Steffen
-Andreas Steffen
+      local {
-Andreas Steffen
+         auth = pubkey
-Andreas Steffen
+         certs = raspi5_ak_rsa_Cert.der
 Andreas Steffen
-Andreas Steffen
+      remote {
-Andreas Steffen
+         auth = pubkey
-Andreas Steffen
+         id = raspi4.example.com
 Andreas Steffen
-Andreas Steffen
+      children {
-Andreas Steffen
+         rsa {
-Andreas Steffen
+            mode = transport
-Andreas Steffen
+            esp_proposals = aes128-sha256-curve25519
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+      version = 2
-Andreas Steffen
+      proposals = aes128-sha256-curve25519
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Define IPsec Connection with ECC AK Client Key
 Andreas Steffen
-Andreas Steffen
+This connection configuration in *swanctl.conf* references the ECC AK certificate used for client authentication via its handle, i.e. the NV index
-Andreas Steffen
+<pre>
-Andreas Steffen
+connections {
-Andreas Steffen
+   ecc {
-Andreas Steffen
+      local_addrs  = 10.10.0.105
-Andreas Steffen
+      remote_addrs = 10.10.0.104
 Andreas Steffen
-Andreas Steffen
+      local {
-Andreas Steffen
+         auth = pubkey
-Andreas Steffen
+         cert-tpm {
-Andreas Steffen
+            handle = 0x01800004
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+      remote {
-Andreas Steffen
+         auth = pubkey
-Andreas Steffen
+         id = raspi4.example.com
 Andreas Steffen
-Andreas Steffen
+      children {
-Andreas Steffen
+         ecc {
-Andreas Steffen
+            mode = transport
-Andreas Steffen
+            esp_proposals = aes128-sha256-curve25519
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+      version = 2
-Andreas Steffen
+      proposals = aes128-sha256-curve25519
 Andreas Steffen
 Andreas Steffen
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. Starting the strongSwan Daemon
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+systemctl start strongswan-swanctl
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:01 raspi5 systemd[1]: Starting strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: loaded plugins: charon-systemd charon-systemd random nonce x509 constraints openssl pem pkcs1 pkcs8 pkcs12 pubkey mgf1 ntru curve25519 eap-identity eap-ttls eap-tnc tnc-tnccs tnc-imc tnccs-20 socket-default kernel-netlink vici tpm
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: spawning 16 worker threads
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: loaded certificate 'C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com'
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: loaded certificate 'C=US, O=TNC Demo, CN=TNC Demo CA'
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The RSA AK private key is attached to the *charon-systemd* daemon via the TPM 2.0 resource manager
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 - manufacturer: IFX (SLB9670) rev: 01.16 2015
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 - algorithms: RSA SHA1 HMAC AES KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH SM2 KDF1_SP800_56A KDF1_SP800_108 ECC SYMCIPHER CFB
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 - ECC curves: NIST_P256 BN_P256
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: AIK signature algorithm is RSASSA with SHA256 hash
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: loaded RSA private key from token
-Andreas Steffen
+F</pre>
 Andreas Steffen
-Andreas Steffen
+The ECC AK private key is attached to the *charon-systemd* daemon via the TPM 2.0 resource manager
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 - manufacturer: IFX (SLB9670) rev: 01.16 2015
-Andreas Steffen
+Feb 19 10:52:01 raspi5 charon-systemd[21165]: TPM 2.0 - algorithms: RSA SHA1 HMAC AES KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH SM2 KDF1_SP800_56A KDF1_SP800_108 ECC SYMCIPHER CFB
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 - ECC curves: NIST_P256 BN_P256
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: AIK signature algorithm is ECDSA with SHA256 hash
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: loaded ECDSA private key from token
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The ECC AIK certificate is loaded by the *charon-systemd* daemon via the TPM 2.0 resource manager
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 - manufacturer: IFX (SLB9670) rev: 01.16 2015
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 - algorithms: RSA SHA1 HMAC AES KEYEDHASH XOR SHA256 RSASSA RSAES RSAPSS OAEP ECDSA ECDH SM2 KDF1_SP800_56A KDF1_SP800_108 ECC SYMCIPHER CFB
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 - ECC curves: NIST_P256 BN_P256
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: TPM 2.0 via TSS2 v2 available
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: loaded certificate from TPM NV index 0x01800004
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The two connection definitions are received by the *charon-systemd* daemon from the *swanctl* command line tool via the VICI interface
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]:   id not specified, defaulting to cert subject 'C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: added vici connection: rsa
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]:   id not specified, defaulting to cert subject 'C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 charon-systemd[21165]: added vici connection: ecc
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The *swanctl* command line tool reports its actions
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded certificate from '/etc/swanctl/x509/raspi5_ak_rsa_Cert.der'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded certificate from '/etc/swanctl/x509ca/demoCaCert.pem'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded key token_ak_rsa from token [keyid: f49e857dde4e67f5fb870398673f207cf33f2b66]
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded key token_ak_ecc from token [keyid: c70e63f87f6ff65500e5057f5a3e6b6ce7d2d513]
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded connection 'rsa'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: loaded connection 'ecc'
-Andreas Steffen
+Feb 19 10:52:02 raspi5 swanctl[21183]: successfully loaded 2 connections, 0 unloaded
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:02 raspi5 systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The following *swanctl* command shows the two loaded connections
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --list-conns
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+rsa: IKEv2, reauthentication every 10800s, no rekeying
-Andreas Steffen
+  local:  10.10.0.105
-Andreas Steffen
+  remote: 10.10.0.104
-Andreas Steffen
+  local public key authentication:
-Andreas Steffen
+    id: C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com
-Andreas Steffen
+    certs: C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com
-Andreas Steffen
+  remote public key authentication:
-Andreas Steffen
+    id: raspi4.example.com
-Andreas Steffen
+  rsa: TRANSPORT, rekeying every 3600s or 300000000 bytes or 500000 packets
-Andreas Steffen
+    local:  dynamic
-Andreas Steffen
+    remote: dynamic
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+ecc: IKEv2, reauthentication every 10800s, no rekeying
-Andreas Steffen
+  local:  10.10.0.105
-Andreas Steffen
+  remote: 10.10.0.104
-Andreas Steffen
+  local public key authentication:
-Andreas Steffen
+    id: C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com
-Andreas Steffen
+    certs: C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com
-Andreas Steffen
+  remote public key authentication:
-Andreas Steffen
+    id: raspi4.example.com
-Andreas Steffen
+  ecc: TRANSPORT, rekeying every 3600s or 300000000 bytes or 500000 packets
-Andreas Steffen
+    local:  dynamic
-Andreas Steffen
+    remote: dynamic
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The loaded certificates can also be displayed
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --list-certs
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+You can clearly see that the connection between the AK certificates and their matching AK private key has been established (..., has private key)
-Andreas Steffen
+<pre>
-Andreas Steffen
+List of X.509 End Entity Certificates
 Andreas Steffen
-Andreas Steffen
+  subject:  "C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com"
-Andreas Steffen
+  issuer:   "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+  validity:  not before Feb 19 09:33:43 2017, ok
-Andreas Steffen
+             not after  Aug 29 10:33:43 2026, ok (expires in 3477 days)
-Andreas Steffen
+  serial:    11:57:33:3e:2a:8e:8a:32
-Andreas Steffen
+  altNames:  raspi5.example.com
-Andreas Steffen
+  authkeyId: 21:02:7e:2d:de:8b:77:48:75:de:56:2f:b5:d4:62:ec:c3:09:15:f2
-Andreas Steffen
+  subjkeyId: f4:9e:85:7d:de:4e:67:f5:fb:87:03:98:67:3f:20:7c:f3:3f:2b:66
-Andreas Steffen
+  pubkey:    RSA 2048 bits, has private key
-Andreas Steffen
+  keyid:     71:21:f5:d4:7e:59:4a:88:16:ca:57:85:98:3d:36:a7:b1:d5:75:fa
-Andreas Steffen
+  subjkey:   f4:9e:85:7d:de:4e:67:f5:fb:87:03:98:67:3f:20:7c:f3:3f:2b:66
 Andreas Steffen
-Andreas Steffen
+  subject:  "C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com"
-Andreas Steffen
+  issuer:   "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+  validity:  not before Feb 17 23:17:19 2017, ok
-Andreas Steffen
+             not after  Aug 30 00:17:19 2026, ok (expires in 3478 days)
-Andreas Steffen
+  serial:    52:9d:3e:42:6f:71:63:3d
-Andreas Steffen
+  altNames:  raspi5.example.com
-Andreas Steffen
+  authkeyId: 21:02:7e:2d:de:8b:77:48:75:de:56:2f:b5:d4:62:ec:c3:09:15:f2
-Andreas Steffen
+  subjkeyId: c7:0e:63:f8:7f:6f:f6:55:00:e5:05:7f:5a:3e:6b:6c:e7:d2:d5:13
-Andreas Steffen
+  pubkey:    ECDSA 256 bits, has private key
-Andreas Steffen
+  keyid:     71:49:7c:42:41:e7:c6:81:bc:31:73:f0:0f:7e:4a:e1:2d:53:00:38
-Andreas Steffen
+  subjkey:   c7:0e:63:f8:7f:6f:f6:55:00:e5:05:7f:5a:3e:6b:6c:e7:d2:d5:13
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+List of X.509 CA Certificates
 Andreas Steffen
-Andreas Steffen
+  subject:  "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+  issuer:   "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+  validity:  not before Aug 31 10:29:27 2016, ok
-Andreas Steffen
+             not after  Aug 31 10:29:27 2026, ok (expires in 3479 days)
-Andreas Steffen
+  serial:    02:c8:85:e1:ef:fa:8f:20
-Andreas Steffen
+  flags:     CA CRLSign self-signed
-Andreas Steffen
+  subjkeyId: 21:02:7e:2d:de:8b:77:48:75:de:56:2f:b5:d4:62:ec:c3:09:15:f2
-Andreas Steffen
+  pubkey:    ECDSA 256 bits
-Andreas Steffen
+  keyid:     a1:b5:e0:29:d0:4c:a7:62:bd:ca:a3:b4:af:18:42:2c:4a:01:55:9a
-Andreas Steffen
+  subjkey:   21:02:7e:2d:de:8b:77:48:75:de:56:2f:b5:d4:62:ec:c3:09:15:f2
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. IKEv2 Authentication with RSA AIK Certificate
 Andreas Steffen
-Andreas Steffen
+With the following *swanctl* command the "rsa" connection is established
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --initiate --child rsa
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: vici initiate 'rsa'
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: initiating IKE_SA rsa[1] to 10.10.0.104
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) V ]
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[500] to 10.10.0.104[500] (1257 bytes)
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[500] to 10.10.0.105[500] (1259 bytes)
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) V ]
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: received strongSwan vendor ID
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: received cert request for "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+Feb 19 10:52:21 raspi5 charon-systemd[21165]: sending cert request for "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The RSA AK private key stored in the TPM 2.0 is used to generate an *RSA_EMSA_PKCS1_SHA2_256* signature which is sent in the AUTH payload of the IKE_AUTH request. The matching client certificate is sent int the CERT payload.
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: authentication of 'C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: sending end entity cert "C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com"
-Andreas Steffen
+</pre>
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: establishing CHILD_SA rsa
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: generating IKE_AUTH request 1 [ IDi CERT CERTREQ IDr AUTH N(USE_TRANSP) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[4500] to 10.10.0.104[4500] (1296 bytes)
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[4500] to 10.10.0.105[4500] (752 bytes)
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: parsed IKE_AUTH response 1 [ IDr CERT AUTH N(USE_TRANSP) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) ]
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: received end entity cert "C=US, O=TNC Demo, CN=raspi4.example.com"
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]:   using certificate "C=US, O=TNC Demo, CN=raspi4.example.com"
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]:   using trusted ca certificate "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]:   reached self-signed root ca with a path length of 0
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: authentication of 'raspi4.example.com' with ECDSA_WITH_SHA256_DER successful
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: IKE_SA rsa[1] established between 10.10.0.105[C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com]...10.10.0.104[raspi4.example.com]
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: scheduling reauthentication in 10507s
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: maximum IKE_SA lifetime 11587s
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: CHILD_SA rsa{1} established with SPIs c23deb9d_i ce48d08e_o and TS 10.10.0.105/32 === 10.10.0.104/32
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: received AUTH_LIFETIME of 10103s, scheduling reauthentication in 9023s
-Andreas Steffen
+Feb 19 10:52:24 raspi5 charon-systemd[21165]: peer supports MOBIKE
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The following *swanctl* command shows the established IPsec connection
-Andreas Steffen
+<pre>
-Andreas Steffen
+ swanctl --list-sas
-Andreas Steffen
+</pre>
-Andreas Steffen
+<pre>
-Andreas Steffen
+rsa: #1, ESTABLISHED, IKEv2, 7ba3b4d06c051ecb_i* 14e1769a8aeb7f28_r
-Andreas Steffen
+  local  'C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com' @ 10.10.0.105[4500]
-Andreas Steffen
+  remote 'raspi4.example.com' @ 10.10.0.104[4500]
-Andreas Steffen
+  AES_CBC-128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
-Andreas Steffen
+  established 252s ago, reauth in 8771s
-Andreas Steffen
+  rsa: #1, reqid 1, INSTALLED, TRANSPORT, ESP:AES_CBC-128/HMAC_SHA2_256_128
-Andreas Steffen
+    installed 252s ago, rekeying in 3258s, expires in 3708s
-Andreas Steffen
+    in  c23deb9d,    640 bytes,    10 packets,     3s ago
-Andreas Steffen
+    out ce48d08e,    640 bytes,    10 packets,     3s ago
-Andreas Steffen
+    local  10.10.0.105/32
-Andreas Steffen
+    remote 10.10.0.104/32
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+With this *swanctl* command the "rsa" connection is terminated
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --terminate --ike rsa
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: vici terminate IKE_SA 'rsa'
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: deleting IKE_SA rsa[1] between 10.10.0.105[C=US, O=TNC Demo, OU=AIK RSA, CN=raspi5.example.com]...10.10.0.104[raspi4.example.com]
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: sending DELETE for IKE_SA rsa[1]
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: generating INFORMATIONAL request 2 [ D ]
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[4500] to 10.10.0.104[4500] (80 bytes)
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[4500] to 10.10.0.105[4500] (80 bytes)
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: parsed INFORMATIONAL response 2 [ ]
-Andreas Steffen
+Feb 19 10:59:16 raspi5 charon-systemd[21165]: IKE_SA deleted
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+h2. IKEv2 Authentication with ECC AIK Certificate
 Andreas Steffen
-Andreas Steffen
+Next we initiate the "ecc" connection
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --initiate --child ecc
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: vici initiate 'ecc'
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: initiating IKE_SA ecc[2] to 10.10.0.104
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) V ]
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[500] to 10.10.0.104[500] (1257 bytes)
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[500] to 10.10.0.105[500] (1259 bytes)
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) V ]
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: received strongSwan vendor ID
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: received cert request for "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+Feb 19 11:00:32 raspi5 charon-systemd[21165]: sending cert request for "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The ECC AK private key stored in the TPM 2.0 is used to generate an *ECDSA_WITH_SHA256_DER* signature which is sent in the AUTH payload of the IKE_AUTH request. The matching client certificate is sent int the CERT payload.
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: authentication of 'C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com' (myself) with ECDSA_WITH_SHA256_DER successful
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: sending end entity cert "C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com"
-Andreas Steffen
+</pre>
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: establishing CHILD_SA ecc
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: generating IKE_AUTH request 1 [ IDi CERT CERTREQ IDr AUTH N(USE_TRANSP) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[4500] to 10.10.0.104[4500] (912 bytes)
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[4500] to 10.10.0.105[4500] (752 bytes)
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: parsed IKE_AUTH response 1 [ IDr CERT AUTH N(USE_TRANSP) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) ]
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: received end entity cert "C=US, O=TNC Demo, CN=raspi4.example.com"
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]:   using certificate "C=US, O=TNC Demo, CN=raspi4.example.com"
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]:   using trusted ca certificate "C=US, O=TNC Demo, CN=TNC Demo CA"
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]:   reached self-signed root ca with a path length of 0
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: authentication of 'raspi4.example.com' with ECDSA_WITH_SHA256_DER successful
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: IKE_SA ecc[2] established between 10.10.0.105[C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com]...10.10.0.104[raspi4.example.com]
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: scheduling reauthentication in 10180s
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: maximum IKE_SA lifetime 11260s
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: CHILD_SA ecc{2} established with SPIs c2c16cd0_i c47ea6f6_o and TS 10.10.0.105/32 === 10.10.0.104/32
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: received AUTH_LIFETIME of 9880s, scheduling reauthentication in 8800s
-Andreas Steffen
+Feb 19 11:00:34 raspi5 charon-systemd[21165]: peer supports MOBIKE
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The establed IKE and CHILD SAs are displayed
-Andreas Steffen
+<pre>
-Andreas Steffen
+ swanctl --list-sas
-Andreas Steffen
+</pre>
-Andreas Steffen
+<pre>
-Andreas Steffen
+ecc: #2, ESTABLISHED, IKEv2, b7f2652777b0996a_i* 12282b5964ff0658_r
-Andreas Steffen
+  local  'C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com' @ 10.10.0.105[4500]
-Andreas Steffen
+  remote 'raspi4.example.com' @ 10.10.0.104[4500]
-Andreas Steffen
+  AES_CBC-128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
-Andreas Steffen
+  established 126s ago, reauth in 8674s
-Andreas Steffen
+  ecc: #2, reqid 2, INSTALLED, TRANSPORT, ESP:AES_CBC-128/HMAC_SHA2_256_128
-Andreas Steffen
+    installed 126s ago, rekeying in 3252s, expires in 3834s
-Andreas Steffen
+    in  c2c16cd0,    320 bytes,     5 packets,     2s ago
-Andreas Steffen
+    out c47ea6f6,    320 bytes,     5 packets,     2s ago
-Andreas Steffen
+    local  10.10.0.105/32
-Andreas Steffen
+    remote 10.10.0.104/32
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+The IKE and CHILD SAs are terminated
-Andreas Steffen
+<pre>
-Andreas Steffen
+swanctl --terminate --ike ecc
-Andreas Steffen
+</pre>
 Andreas Steffen
-Andreas Steffen
+<pre>
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: vici terminate IKE_SA 'ecc'
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: deleting IKE_SA ecc[2] between 10.10.0.105[C=US, O=TNC Demo, OU=AIK ECC, CN=raspi5.example.com]...10.10.0.104[raspi4.example.com]
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: sending DELETE for IKE_SA ecc[2]
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: generating INFORMATIONAL request 2 [ D ]
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: sending packet: from 10.10.0.105[4500] to 10.10.0.104[4500] (80 bytes)
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: received packet: from 10.10.0.104[4500] to 10.10.0.105[4500] (80 bytes)
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: parsed INFORMATIONAL response 2 [ ]
-Andreas Steffen
+Feb 19 11:04:32 raspi5 charon-systemd[21165]: IKE_SA deleted
-Andreas Steffen
+</pre>

Project

General

Profile

strongSwan

Trusted Platform Module 2.0 » History » Version 126