FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:24049 core dump dir: /tmp secrets file: /etc/ipsec.secrets leak-detective enabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x5588cd6a9cc8 size 40 | libevent_malloc: new ptr-libevent@0x5588cd684cd8 size 40 | libevent_malloc: new ptr-libevent@0x5588cd684dd8 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x5588cd709d48 size 56 | libevent_malloc: new ptr-libevent@0x5588cd6a91f8 size 664 | libevent_malloc: new ptr-libevent@0x5588cd709db8 size 24 | libevent_malloc: new ptr-libevent@0x5588cd709e08 size 384 | libevent_malloc: new ptr-libevent@0x5588cd709d08 size 16 | libevent_malloc: new ptr-libevent@0x5588cd684908 size 40 | libevent_malloc: new ptr-libevent@0x5588cd684d38 size 48 | libevent_realloc: new ptr-libevent@0x5588cd6a8e88 size 256 | libevent_malloc: new ptr-libevent@0x5588cd709fb8 size 16 | libevent_free: release ptr-libevent@0x5588cd709d48 | libevent initialized | libevent_realloc: new ptr-libevent@0x5588cd709d48 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds | encryption algorithm assertion checks | encryption algorithm AES_CCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 ESP ID id: 16 enum name: AES_CCM_C | IKEv2 ID id: 16 enum name: AES_CCM_C | encryption algorithm AES_CCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 ESP ID id: 15 enum name: AES_CCM_B | IKEv2 ID id: 15 enum name: AES_CCM_B | encryption algorithm AES_CCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 ESP ID id: 14 enum name: AES_CCM_A | IKEv2 ID id: 14 enum name: AES_CCM_A | encryption algorithm 3DES_CBC, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 3, IKEv2 id: 3 | IKEv1 OAKLEY ID id: 5 enum name: 3DES_CBC | IKEv1 ESP ID id: 3 enum name: 3DES | IKEv2 ID id: 3 enum name: 3DES | encryption algorithm CAMELLIA_CTR, IKEv1 OAKLEY id: 24, IKEv1 ESP_INFO id: 24, IKEv2 id: 24 | IKEv1 OAKLEY ID id: 24 enum name: CAMELLIA_CTR | IKEv1 ESP ID id: 24 enum name: CAMELLIA_CTR | IKEv2 ID id: 24 enum name: CAMELLIA_CTR | encryption algorithm CAMELLIA_CBC, IKEv1 OAKLEY id: 8, IKEv1 ESP_INFO id: 22, IKEv2 id: 23 | IKEv1 OAKLEY ID id: 8 enum name: CAMELLIA_CBC | IKEv1 ESP ID id: 22 enum name: CAMELLIA | IKEv2 ID id: 23 enum name: CAMELLIA_CBC | encryption algorithm AES_GCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 20, IKEv2 id: 20 | IKEv1 ESP ID id: 20 enum name: AES_GCM_C | IKEv2 ID id: 20 enum name: AES_GCM_C | encryption algorithm AES_GCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 19, IKEv2 id: 19 | IKEv1 ESP ID id: 19 enum name: AES_GCM_B | IKEv2 ID id: 19 enum name: AES_GCM_B | encryption algorithm AES_GCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 ESP ID id: 18 enum name: AES_GCM_A | IKEv2 ID id: 18 enum name: AES_GCM_A | encryption algorithm AES_CTR, IKEv1 OAKLEY id: 13, IKEv1 ESP_INFO id: 13, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 13 enum name: AES_CTR | IKEv1 ESP ID id: 13 enum name: AES_CTR | IKEv2 ID id: 13 enum name: AES_CTR | encryption algorithm AES_CBC, IKEv1 OAKLEY id: 7, IKEv1 ESP_INFO id: 12, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 7 enum name: AES_CBC | IKEv1 ESP ID id: 12 enum name: AES | IKEv2 ID id: 12 enum name: AES_CBC | encryption algorithm SERPENT_CBC, IKEv1 OAKLEY id: 65004, IKEv1 ESP_INFO id: 252, IKEv2 id: 65004 | IKEv1 OAKLEY ID id: 65004 enum name: SERPENT_CBC | IKEv1 ESP ID id: 252 enum name: SERPENT | IKEv2 ID id: 65004 enum name: SERPENT_CBC | encryption algorithm TWOFISH_CBC, IKEv1 OAKLEY id: 65005, IKEv1 ESP_INFO id: 253, IKEv2 id: 65005 | IKEv1 OAKLEY ID id: 65005 enum name: TWOFISH_CBC | IKEv1 ESP ID id: 253 enum name: TWOFISH | IKEv2 ID id: 65005 enum name: TWOFISH_CBC | encryption algorithm TWOFISH_SSH, IKEv1 OAKLEY id: 65289, IKEv1 ESP_INFO id: -1, IKEv2 id: 65289 | IKEv1 OAKLEY ID id: 65289 enum name: TWOFISH_CBC_SSH | IKEv2 ID id: 65289 enum name: TWOFISH_CBC_SSH | encryption algorithm NULL_AUTH_AES_GMAC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 23, IKEv2 id: 21 | IKEv1 ESP ID id: 23 enum name: NULL_AUTH_AES_GMAC | IKEv2 ID id: 21 enum name: NULL_AUTH_AES_GMAC | encryption algorithm NULL, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 11, IKEv2 id: 11 | IKEv1 ESP ID id: 11 enum name: NULL | IKEv2 ID id: 11 enum name: NULL | encryption algorithm CHACHA20_POLY1305, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 28 | IKEv2 ID id: 28 enum name: CHACHA20_POLY1305 Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 | hash algorithm assertion checks | hash algorithm MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | hash algorithm SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | hash algorithm SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | hash algorithm SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | hash algorithm SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 | PRF algorithm assertion checks | PRF algorithm HMAC_MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5 | PRF algorithm HMAC_SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1 | PRF algorithm HMAC_SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv2 ID id: 5 enum name: HMAC_SHA2_256 | PRF algorithm HMAC_SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: 6 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv2 ID id: 6 enum name: HMAC_SHA2_384 | PRF algorithm HMAC_SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: 7 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv2 ID id: 7 enum name: HMAC_SHA2_512 | PRF algorithm AES_XCBC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 4 | IKEv2 ID id: 4 enum name: AES128_XCBC PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc | integrity algorithm assertion checks | integrity algorithm HMAC_MD5_96, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: 1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv1 ESP ID id: 1 enum name: HMAC_MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5_96 | integrity algorithm HMAC_SHA1_96, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: 2, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv1 ESP ID id: 2 enum name: HMAC_SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1_96 | integrity algorithm HMAC_SHA2_512_256, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: 7, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv1 ESP ID id: 7 enum name: HMAC_SHA2_512 | IKEv2 ID id: 14 enum name: HMAC_SHA2_512_256 | integrity algorithm HMAC_SHA2_384_192, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 6, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv1 ESP ID id: 6 enum name: HMAC_SHA2_384 | IKEv2 ID id: 13 enum name: HMAC_SHA2_384_192 | integrity algorithm HMAC_SHA2_256_128, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: 5, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv1 ESP ID id: 5 enum name: HMAC_SHA2_256 | IKEv2 ID id: 12 enum name: HMAC_SHA2_256_128 | integrity algorithm HMAC_SHA2_256_TRUNCBUG, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 252, IKEv2 id: -1 | IKEv1 ESP ID id: 252 enum name: HMAC_SHA2_256_TRUNCBUG | integrity algorithm AES_XCBC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 9, IKEv2 id: 5 | IKEv1 ESP ID id: 9 enum name: AES_XCBC | IKEv2 ID id: 5 enum name: AES_XCBC_96 | integrity algorithm AES_CMAC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 250, IKEv2 id: 8 | IKEv1 ESP ID id: 250 enum name: AES_CMAC_96 | IKEv2 ID id: 8 enum name: AES_CMAC_96 | integrity algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 0, IKEv2 id: 0 | IKEv1 ESP ID id: 0 enum name: NONE | IKEv2 ID id: 0 enum name: NONE Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null | DH algorithm assertion checks | DH algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 0 | IKEv2 ID id: 0 enum name: NONE | DH algorithm MODP1536, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 5, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 5 enum name: MODP1536 | IKEv1 ESP ID id: 5 enum name: MODP1536 | IKEv2 ID id: 5 enum name: MODP1536 | DH algorithm MODP2048, IKEv1 OAKLEY id: 14, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 14 enum name: MODP2048 | IKEv1 ESP ID id: 14 enum name: MODP2048 | IKEv2 ID id: 14 enum name: MODP2048 | DH algorithm MODP3072, IKEv1 OAKLEY id: 15, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 OAKLEY ID id: 15 enum name: MODP3072 | IKEv1 ESP ID id: 15 enum name: MODP3072 | IKEv2 ID id: 15 enum name: MODP3072 | DH algorithm MODP4096, IKEv1 OAKLEY id: 16, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 OAKLEY ID id: 16 enum name: MODP4096 | IKEv1 ESP ID id: 16 enum name: MODP4096 | IKEv2 ID id: 16 enum name: MODP4096 | DH algorithm MODP6144, IKEv1 OAKLEY id: 17, IKEv1 ESP_INFO id: 17, IKEv2 id: 17 | IKEv1 OAKLEY ID id: 17 enum name: MODP6144 | IKEv1 ESP ID id: 17 enum name: MODP6144 | IKEv2 ID id: 17 enum name: MODP6144 | DH algorithm MODP8192, IKEv1 OAKLEY id: 18, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 OAKLEY ID id: 18 enum name: MODP8192 | IKEv1 ESP ID id: 18 enum name: MODP8192 | IKEv2 ID id: 18 enum name: MODP8192 | DH algorithm DH19, IKEv1 OAKLEY id: 19, IKEv1 ESP_INFO id: -1, IKEv2 id: 19 | IKEv1 OAKLEY ID id: 19 enum name: ECP_256 | IKEv2 ID id: 19 enum name: ECP_256 | DH algorithm DH20, IKEv1 OAKLEY id: 20, IKEv1 ESP_INFO id: -1, IKEv2 id: 20 | IKEv1 OAKLEY ID id: 20 enum name: ECP_384 | IKEv2 ID id: 20 enum name: ECP_384 | DH algorithm DH21, IKEv1 OAKLEY id: 21, IKEv1 ESP_INFO id: -1, IKEv2 id: 21 | IKEv1 OAKLEY ID id: 21 enum name: ECP_521 | IKEv2 ID id: 21 enum name: ECP_521 | DH algorithm DH31, IKEv1 OAKLEY id: 31, IKEv1 ESP_INFO id: -1, IKEv2 id: 31 | IKEv1 OAKLEY ID id: 31 enum name: CURVE25519 | IKEv2 ID id: 31 enum name: CURVE25519 DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed testing AES_GCM_16: empty string | decode_to_chunk: raw_key: input "0xcf063a34d4a9a76c2c86787d3f96db71" | decode_to_chunk: output: | cf 06 3a 34 d4 a9 a7 6c 2c 86 78 7d 3f 96 db 71 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be90 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be78 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: salted IV: input "0x113b9785971864c83b01c787" | decode_to_chunk: output: | 11 3b 97 85 97 18 64 c8 3b 01 c7 87 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "" | decode_to_chunk: output: | | decode_to_chunk: ciphertext: input "" | decode_to_chunk: output: | | decode_to_chunk: tag: input "0x72ac8493e3a5228b5d130a69d2510e42" | decode_to_chunk: output: | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: release sym_key-key@0x5588cd70b800 | test_gcm_vector: passed one block | decode_to_chunk: raw_key: input "0xe98b72a9881a84ca6b76e0f43e68647a" | decode_to_chunk: output: | e9 8b 72 a9 88 1a 84 ca 6b 76 e0 f4 3e 68 64 7a | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be90 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be78 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: salted IV: input "0x8b23299fde174053f3d652ba" | decode_to_chunk: output: | 8b 23 29 9f de 17 40 53 f3 d6 52 ba | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0x28286a321293253c3e0aa2704a278032" | decode_to_chunk: output: | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | decode_to_chunk: ciphertext: input "0x5a3c1cf1985dbb8bed818036fdd5ab42" | decode_to_chunk: output: | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | decode_to_chunk: tag: input "0x23c7ab0f952b7091cd324835043b5eb5" | decode_to_chunk: output: | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: release sym_key-key@0x5588cd70b800 | test_gcm_vector: passed two blocks | decode_to_chunk: raw_key: input "0xbfd414a6212958a607a0f5d3ab48471d" | decode_to_chunk: output: | bf d4 14 a6 21 29 58 a6 07 a0 f5 d3 ab 48 47 1d | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be90 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be78 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: salted IV: input "0x86d8ea0ab8e40dcc481cd0e2" | decode_to_chunk: output: | 86 d8 ea 0a b8 e4 0d cc 48 1c d0 e2 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0xa6b76a066e63392c9443e60272ceaeb9d25c991b0f2e55e2804e168c05ea591a" | decode_to_chunk: output: | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | decode_to_chunk: ciphertext: input "0x62171db33193292d930bf6647347652c1ef33316d7feca99d54f1db4fcf513f8" | decode_to_chunk: output: | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | decode_to_chunk: tag: input "0xc28280aa5c6c7a8bd366f28c1cfd1f6e" | decode_to_chunk: output: | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: release sym_key-key@0x5588cd70b800 | test_gcm_vector: passed two blocks with associated data | decode_to_chunk: raw_key: input "0x006c458100fc5f4d62949d2c833b82d1" | decode_to_chunk: output: | 00 6c 45 81 00 fc 5f 4d 62 94 9d 2c 83 3b 82 d1 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be90 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be78 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: salted IV: input "0xa4e9c4bc5725a21ff42c82b2" | decode_to_chunk: output: | a4 e9 c4 bc 57 25 a2 1f f4 2c 82 b2 | decode_to_chunk: AAD: input "0x2efb14fb3657cdd6b9a8ff1a5f5a39b9" | decode_to_chunk: output: | 2e fb 14 fb 36 57 cd d6 b9 a8 ff 1a 5f 5a 39 b9 | decode_to_chunk: plaintext: input "0xf381d3bfbee0a879f7a4e17b623278cedd6978053dd313530a18f1a836100950" | decode_to_chunk: output: | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | decode_to_chunk: ciphertext: input "0xf39b4db3542d8542fb73fd2d66be568f26d7f814b3f87d1eceac3dd09a8d697e" | decode_to_chunk: output: | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | decode_to_chunk: tag: input "0x39f045cb23b698c925db134d56c5" | decode_to_chunk: output: | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: decrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: encrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: release sym_key-key@0x5588cd70b800 | test_gcm_vector: passed testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E" | decode_to_chunk: output: | ae 68 52 f8 12 10 67 cc 4b f7 a5 76 55 77 f3 9e | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 128-bit key passed Encrypting 32 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63" | decode_to_chunk: output: | 7e 24 06 78 17 fa e0 d7 43 d6 ce 1f 32 53 91 63 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 128-bit key passed Encrypting 36 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC" | decode_to_chunk: output: | 76 91 be 03 5e 50 20 a8 ac 6e 61 85 29 f9 a0 dc | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 128-bit key passed Encrypting 16 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED86 3D 06 CC FD B7 85 15" | decode_to_chunk: output: | 16 af 5b 14 5f c9 f5 79 c1 75 f9 3e 3b fb 0e ed | 86 3d 06 cc fd b7 85 15 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 192-bit key passed Encrypting 32 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C67 8C 3D B8 E6 F6 A9 1A" | decode_to_chunk: output: | 7c 5c b2 40 1b 3d c3 3c 19 e7 34 08 19 e0 f6 9c | 67 8c 3d b8 e6 f6 a9 1a | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 192-bit key passed Encrypting 36 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9BF5 9B 60 A7 86 D3 E0 FE" | decode_to_chunk: output: | 02 bf 39 1e e8 ec b1 59 b9 59 61 7b 09 65 27 9b | f5 9b 60 a7 86 d3 e0 fe | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5588cd70d080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 192-bit key passed Encrypting 16 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0x77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04" | decode_to_chunk: output: | 77 6b ef f2 85 1d b0 6f 4c 8a 05 42 c8 69 6f 6c | 6a 81 af 1e ec 96 b4 d3 7f c1 d6 89 e6 c1 c1 04 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 256-bit key passed Encrypting 32 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xF6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84" | decode_to_chunk: output: | f6 d6 6d 6b d5 2d 59 bb 07 96 36 58 79 ef f8 86 | c6 6d d5 1a 5b 6a 99 74 4b 50 59 0c 87 a2 38 84 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 256-bit key passed Encrypting 36 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xFF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D" | decode_to_chunk: output: | ff 7a 61 7c e6 91 48 e4 f1 72 6e 2f 43 58 1d e2 | aa 62 d9 f8 05 53 2e df f1 ee d6 87 fb 54 15 3d | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5588cd70d080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 256-bit key passed testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x06a9214036b8a15b512e03d534120006" | decode_to_chunk: output: | 06 a9 21 40 36 b8 a1 5b 51 2e 03 d5 34 12 00 06 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: ciphertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: cipertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key passed Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0xc286696d887c9aa0611bbb3e2025a45a" | decode_to_chunk: output: | c2 86 69 6d 88 7c 9a a0 61 1b bb 3e 20 25 a4 5a | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: ciphertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: cipertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key passed Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x6c3ea0477630ce21a2ce334aa746c2cd" | decode_to_chunk: output: | 6c 3e a0 47 76 30 ce 21 a2 ce 33 4a a7 46 c2 cd | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | decode_to_chunk: ciphertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: cipertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key passed Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x56e47a38c5598974bc46903dba290349" | decode_to_chunk: output: | 56 e4 7a 38 c5 59 89 74 bc 46 90 3d ba 29 03 49 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bef0 | result: symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bed8 | result: symkey-key@0x5588cd70b800 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5588cd70d080 | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | decode_to_chunk: ciphertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: cipertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5588cd70b800 | test_ctr_vector: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key passed testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "" | decode_to_chunk: output: | | decode_to_chunk: test_prf_vector: input "0x75f0251d528ac01c4573dfd584d79f29" | decode_to_chunk: output: | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70eb68 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70d080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70d080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd70ec18 (length 0) | | XCBC: data | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-873061488: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f518 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70fb00 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x5588cd70b800 | PRF chunk interface: release key-key@0x5588cd70d080 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f228 (length 16) | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | chunk output 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70d080 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF symkey interface PRF aes_xcbc update symkey message-key@(nil) (size 0) | PRF symkey interface: symkey message-key@NULL | symkey message NULL key has no bytes | XCBC: data | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1023: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb28 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd711380 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x5588cd70fb00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd711380 | PRF symkey interface: release key-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70fb00 (size 16) | PRF symkey interface: key-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracting all 16 bytes of key@0x5588cd70fb00 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 45 7c 62 5c ba 22 6e ed ea 7d 87 66 b8 f0 92 9c | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracted len 16 bytes at 0x5588cd70f1e8 | unwrapped: 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | test_prf_vector: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input passed | test_prf_vector: release symkey-key@0x5588cd70fb00 | test_prf_vector: release message-key@NULL | test_prf_vector: release key-key@0x5588cd70d080 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102" | decode_to_chunk: output: | 00 01 02 | decode_to_chunk: test_prf_vector: input "0x5b376580ae2f19afe7219ceef172756f" | decode_to_chunk: output: | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70ec18 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70fb00 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70fb00 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70d080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd70f1e8 (length 3) | 00 01 02 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-873061488: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70d080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70b800 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x5588cd70d080 | PRF chunk interface: release key-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f6d8 (length 16) | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | chunk output 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70fb00 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd711380 (19-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 3 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 3-bytes | base: base-key@0x5588cd711380 (19-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd70b800 (3-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd70b800 (size 3) | PRF symkey interface: symkey message-key@0x5588cd70b800 (3-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 3 bytes of key@0x5588cd70b800 | symkey message: symkey-key@0x5588cd70b800 (3-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (3-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177184: 2b 2b 47 f8 c9 23 34 41 ba 4a ae d2 8b 59 c2 09 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 16 bytes at 0x5588cd70eb28 | unwrapped: 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f518 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd711380 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x5588cd711380 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd711380 (size 16) | PRF symkey interface: key-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracting all 16 bytes of key@0x5588cd711380 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: b4 bf 45 6a fc 84 28 a9 3a 3a c1 24 77 0b 19 92 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracted len 16 bytes at 0x5588cd70eb28 | unwrapped: 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | test_prf_vector: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input passed | test_prf_vector: release symkey-key@0x5588cd711380 | test_prf_vector: release message-key@0x5588cd70b800 | test_prf_vector: release key-key@0x5588cd70fb00 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xd2a246fa349b68a79998a4394ff7a263" | decode_to_chunk: output: | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70f1e8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70b800 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70b800 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd70eb28 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec58 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd711380 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x5588cd70fb00 | PRF chunk interface: release key-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70eb68 (length 16) | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | chunk output d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70b800 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd711380 (size 16) | PRF symkey interface: symkey message-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 16 bytes of key@0x5588cd711380 | symkey message: symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 16 bytes at 0x5588cd70f518 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70d080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x5588cd70d080 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70d080 (size 16) | PRF symkey interface: key-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracting all 16 bytes of key@0x5588cd70d080 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: b3 1b 39 61 e2 27 f2 5d 69 7e 68 83 aa e6 76 05 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracted len 16 bytes at 0x5588cd70f518 | unwrapped: d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | test_prf_vector: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input passed | test_prf_vector: release symkey-key@0x5588cd70d080 | test_prf_vector: release message-key@0x5588cd711380 | test_prf_vector: release key-key@0x5588cd70b800 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70eb28 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd711380 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd711380 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd709ff8 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd711380 | K: symkey-key@0x5588cd711380 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec18 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70d080 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5588cd70b800 | PRF chunk interface: release key-key@0x5588cd711380 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70eb68 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd711380 (size 16) | PRF symkey interface: key symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70fb00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5588cd70fb00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd70d080 (size 20) | PRF symkey interface: symkey message-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5588cd70d080 | symkey message: symkey-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 a7 a8 16 96 de 30 c6 76 4c cc 47 4c 26 aa 7b 70 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 32 bytes at 0x5588cd70e9c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5588cd70fb00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70fb00 (size 16) | PRF symkey interface: key-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracting all 16 bytes of key@0x5588cd70fb00 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 35 fb 05 17 ec 0e 4b d8 c3 b4 19 3f 93 56 6d 23 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | test_prf_vector: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input passed | test_prf_vector: release symkey-key@0x5588cd70fb00 | test_prf_vector: release message-key@0x5588cd70d080 | test_prf_vector: release key-key@0x5588cd711380 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: test_prf_vector: input "0xf54f0ec8d2b9f3d36807734bd5283fd4" | decode_to_chunk: output: | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70f518 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70d080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70d080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd711380 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd709ff8 (length 32) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f228 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd711380 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70fb00 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x5588cd711380 | PRF chunk interface: release key-key@0x5588cd70d080 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f638 (length 16) | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | chunk output f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70d080 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd711380 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70b800 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x5588cd70b800 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd70fb00 (size 32) | PRF symkey interface: symkey message-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 32 bytes of key@0x5588cd70fb00 | symkey message: symkey-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (32-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 2c c6 55 7a eb a8 15 b1 87 ca 5a 53 99 5a f9 25 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 32 bytes at 0x5588cd70e9c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x5588cd711380 | K: symkey-key@0x5588cd711380 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x5588cd70b800 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70b800 (size 16) | PRF symkey interface: key-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracting all 16 bytes of key@0x5588cd70b800 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: d7 77 8b 8b 8d 40 52 84 57 d2 e9 c5 39 b7 a7 38 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | test_prf_vector: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input passed | test_prf_vector: release symkey-key@0x5588cd70b800 | test_prf_vector: release message-key@0x5588cd70fb00 | test_prf_vector: release key-key@0x5588cd70d080 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | decode_to_chunk: test_prf_vector: input "0xbecbb3bccdb518a30677d5481fb6b4d8" | decode_to_chunk: output: | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70eb28 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70fb00 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70fb00 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70d080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd70f678 (length 34) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec58 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70d080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70b800 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x5588cd70d080 | PRF chunk interface: release key-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70eb68 (length 16) | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | chunk output be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70fb00 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd711380 (50-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 34 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 34-bytes | base: base-key@0x5588cd711380 (50-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd70b800 (34-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd70b800 (size 34) | PRF symkey interface: symkey message-key@0x5588cd70b800 (34-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 34 bytes of key@0x5588cd70b800 | symkey message: symkey-key@0x5588cd70b800 (34-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (34-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 2c c6 55 7a eb a8 15 b1 87 ca 5a 53 99 5a f9 25 8c 44 b8 71 a9 d3 3f 10 93 fb 6d 2e 01 7a f4 9c | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 48 bytes at 0x5588cd70f878 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | unwrapped: 20 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f1e8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd711380 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x5588cd711380 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd711380 (size 16) | PRF symkey interface: key-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracting all 16 bytes of key@0x5588cd711380 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 7f 37 25 e5 9e d0 2c 4c 72 6b a3 d5 8f 17 5e 77 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracted len 16 bytes at 0x5588cd70f1e8 | unwrapped: be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | test_prf_vector: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input passed | test_prf_vector: release symkey-key@0x5588cd711380 | test_prf_vector: release message-key@0x5588cd70b800 | test_prf_vector: release key-key@0x5588cd70fb00 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xf0dafee895db30253761103b5d84528f" | decode_to_chunk: output: | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70f1e8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70b800 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd70b800 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd7144a8 (length 1000) | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540028960: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec58 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd711380 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x5588cd70fb00 | PRF chunk interface: release key-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f638 (length 16) | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | chunk output f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70fb00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70b800 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd709ff8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70d080 (1016-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 1000 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 1000-bytes | base: base-key@0x5588cd70d080 (1016-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd711380 (1000-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd711380 (size 1000) | PRF symkey interface: symkey message-key@0x5588cd711380 (1000-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 1000 bytes of key@0x5588cd711380 | symkey message: symkey-key@0x5588cd711380 (1000-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (1000-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 1008 | wrapper: (SECItemType)-873177184: 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 1008 bytes at 0x5588cd716aa8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70d080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x5588cd70d080 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70d080 (size 16) | PRF symkey interface: key-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracting all 16 bytes of key@0x5588cd70d080 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 20 f6 e9 48 b8 b3 e2 41 39 e4 d5 2d 98 88 80 b9 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: release slot-key-key@0x5588cd70f920 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | test_prf_vector: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input passed | test_prf_vector: release symkey-key@0x5588cd70d080 | test_prf_vector: release message-key@0x5588cd711380 | test_prf_vector: release key-key@0x5588cd70b800 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70f6d8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd711380 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd711380 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: key-key@0x5588cd711380 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd709ff8 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd711380 | K: symkey-key@0x5588cd711380 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f228 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70d080 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5588cd70b800 | PRF chunk interface: release key-key@0x5588cd711380 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70eb68 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd711380 (size 16) | PRF symkey interface: key symkey-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: key symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70fb00 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5588cd70fb00 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd70d080 (size 20) | PRF symkey interface: symkey message-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5588cd70d080 | symkey message: symkey-key@0x5588cd70d080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 a7 a8 16 96 de 30 c6 76 4c cc 47 4c 26 aa 7b 70 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 32 bytes at 0x5588cd70e9c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5588cd70fb00 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70fb00 (size 16) | PRF symkey interface: key-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracting all 16 bytes of key@0x5588cd70fb00 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): symkey-key@0x5588cd70fb00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 35 fb 05 17 ec 0e 4b d8 c3 b4 19 3f 93 56 6d 23 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): release slot-key-key@0x5588cd70f920 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracted len 16 bytes at 0x5588cd70f638 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) passed | test_prf_vector: release symkey-key@0x5588cd70fb00 | test_prf_vector: release message-key@0x5588cd70d080 | test_prf_vector: release key-key@0x5588cd711380 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) | decode_to_chunk: test_prf_vector: input "0x00010203040506070809" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x0fa087af7d866e7653434e602fdde835" | decode_to_chunk: output: | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd70f1e8 (length 10) | 00 01 02 03 04 05 06 07 08 09 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd70d080 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x5588cd70d080 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd711380 (10-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd70d080 | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x5588cd711380 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd711380 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2be10 | result: tmp+=0-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd711380 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be38 | result: PRF chunk interface-key@0x5588cd70fb00 (16-bytes, AES_ECB) | PRF chunk interface: release tmp-key@0x5588cd70d080 | PRF chunk interface: release clone-key@0x5588cd711380 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd709ff8 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 34 6c 7d 6a a5 ec b4 74 8d f0 63 16 82 96 92 e5 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec18 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd711380 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70d080 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x5588cd711380 | PRF chunk interface: release key-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f638 (length 16) | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | chunk output 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd711380 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x5588cd711380 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70fb00 (10-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70fb00 (size 10) | PRF symkey interface: key symkey-key@0x5588cd70fb00 (10-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x5588cd70fb00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70fb00 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2be40 | result: tmp+=0-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd70fb00 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd711380 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: PRF symkey interface-key@0x5588cd70d080 (16-bytes, AES_ECB) | PRF symkey interface: release tmp-key@0x5588cd711380 | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd70e928 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70b800 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5588cd70b800 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd711380 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd711380 (size 20) | PRF symkey interface: symkey message-key@0x5588cd711380 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5588cd711380 | symkey message: symkey-key@0x5588cd711380 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 a7 a8 16 96 de 30 c6 76 4c cc 47 4c 26 aa 7b 70 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 32 bytes at 0x5588cd70e9c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 34 6c 7d 6a a5 ec b4 74 8d f0 63 16 82 96 92 e5 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x5588cd70b800 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd712c00 | PRF symkey interface: release key-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd70b800 (size 16) | PRF symkey interface: key-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracting all 16 bytes of key@0x5588cd70b800 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): symkey-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: c0 cd 6d 33 a0 af 33 ce 94 f4 bb d2 9f f3 87 1e | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): release slot-key-key@0x5588cd70f920 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) passed | test_prf_vector: release symkey-key@0x5588cd70b800 | test_prf_vector: release message-key@0x5588cd711380 | test_prf_vector: release key-key@0x5588cd70fb00 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0fedcb" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x8cd3c93ae598a9803006ffb67c40e9e4" | decode_to_chunk: output: | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5588cd709ff8 (length 18) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be70 | result: key-key@0x5588cd711380 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x5588cd711380 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be58 | result: key-key@0x5588cd70fb00 (18-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5588cd711380 | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be10 | result: key-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdf8 | result: key-key@0x5588cd711380 (16-bytes, AES_ECB) | key: release tmp-key@0x5588cd70b800 | key extracting all 18 bytes of key@0x5588cd70fb00 | key: symkey-key@0x5588cd70fb00 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | key: new slot-key@0x5588cd70f920 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 76 61 14 71 a4 f4 77 21 13 52 1e 3f 8a 6b 42 93 | key: release slot-key-key@0x5588cd70f920 | key extracted len 32 bytes at 0x5588cd70e9c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x5588cd711380 | K: symkey-key@0x5588cd711380 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd90 | result: k1-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd78 | result: k1-key@0x5588cd70b800 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70d080 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x5588cd70b800 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be10 | result: key-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdf8 | result: key-key@0x5588cd70b800 (16-bytes, AES_ECB) | key: release tmp-key@0x5588cd70d080 | PRF chunk interface: release clone-key@0x5588cd70fb00 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5588cd70e9c8 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5588cd70e928 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70b800 | K: symkey-key@0x5588cd70b800 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 51 76 aa 3a 5f 47 b5 45 bf e6 ca 47 f3 ba 0c ca | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70ec58 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdd0 | result: k1-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdb8 | result: k1-key@0x5588cd70fb00 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd70d080 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x5588cd70fb00 | PRF chunk interface: release key-key@0x5588cd70b800 | PRF chunk interface PRF aes_xcbc final-chunk@0x5588cd70f1e8 (length 16) | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | chunk output 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd70fb00 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x5588cd70fb00 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70b800 (18-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd70fb00 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5588cd70b800 (size 18) | PRF symkey interface: key symkey-key@0x5588cd70b800 (18-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be40 | result: key symkey-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be28 | result: key symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x5588cd70d080 | key symkey extracting all 18 bytes of key@0x5588cd70b800 | key symkey: symkey-key@0x5588cd70b800 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | key symkey: new slot-key@0x5588cd70f920 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 76 61 14 71 a4 f4 77 21 13 52 1e 3f 8a 6b 42 93 | key symkey: release slot-key-key@0x5588cd70f920 | key symkey extracted len 32 bytes at 0x5588cd70e978 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x5588cd70fb00 | K: symkey-key@0x5588cd70fb00 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 0b c0 56 8d 73 5b f6 93 cb de 6f 2a 1b 18 d6 90 | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdc0 | result: k1-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bda8 | result: k1-key@0x5588cd70d080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd712c00 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x5588cd70d080 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be40 | result: key symkey-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be28 | result: key symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x5588cd712c00 | PRF symkey interface PRF aes_xcbc crypt-prf@0x5588cd70e978 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd7146b0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5588cd7146b0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd712c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd7146b0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5588cd712c00 (size 20) | PRF symkey interface: symkey message-key@0x5588cd712c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5588cd712c00 | symkey message: symkey-key@0x5588cd712c00 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5588cd70f920 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-873177184: 39 b4 c7 30 e0 48 86 6a 03 a3 9c 66 16 4e 19 17 a7 a8 16 96 de 30 c6 76 4c cc 47 4c 26 aa 7b 70 | symkey message: release slot-key-key@0x5588cd70f920 | symkey message extracted len 32 bytes at 0x5588cd714858 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5588cd70d080 | K: symkey-key@0x5588cd70d080 (16-bytes, AES_ECB) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5588cd70f920 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 51 76 aa 3a 5f 47 b5 45 bf e6 ca 47 f3 ba 0c ca | K: release slot-key-key@0x5588cd70f920 | K extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bdf0 | result: k1-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bdd8 | result: k1-key@0x5588cd7146b0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5588cd716110 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x5588cd7146b0 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be80 | result: xcbc-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be68 | result: xcbc-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5588cd716110 | PRF symkey interface: release key-key@0x5588cd70d080 | PRF symkey interface PRF aes_xcbc final-key@0x5588cd7146b0 (size 16) | PRF symkey interface: key-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracting all 16 bytes of key@0x5588cd7146b0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): symkey-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 2e 07 05 1c 92 db 6f 39 fd 59 76 a6 d5 a4 1f 59 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): release slot-key-key@0x5588cd70f920 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) passed | test_prf_vector: release symkey-key@0x5588cd7146b0 | test_prf_vector: release message-key@0x5588cd712c00 | test_prf_vector: release key-key@0x5588cd70b800 | test_prf_vector: release output-key@NULL testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 | decode_to_chunk: test_prf_vector: input "0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" | decode_to_chunk: output: | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | decode_to_chunk: test_prf_vector: input "Hi There" | decode_to_chunk: output: | 48 69 20 54 68 65 72 65 | decode_to_chunk: test_prf_vector: input "0x9294727a3638bb1c13f48ef8158bfc9d" | decode_to_chunk: output: | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface PRF md5 init key-chunk@0x5588cd70f6d8 (length 16) | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be60 | result: PRF chunk interface-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be48 | result: PRF chunk interface-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5588cd712c00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd70b800 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5588cd714628 | PRF chunk interface PRF md5 update message-bytes@0x5588cd70eb68 (length 8) | 48 69 20 54 68 65 72 65 | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe4fb2bed0 | result: message-key@0x5588cd7146b0 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5588cd70b800 | PRF HMAC inner hash hash md5 inner-key@0x5588cd7146b0 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd7146b0 (size 72) | PRF HMAC inner hash: inner-key@0x5588cd7146b0 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70ec18 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd60 | result: PRF HMAC inner hash-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd48 | result: PRF HMAC inner hash-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd70d080 | PRF chunk interface: release inner-key@0x5588cd7146b0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdd0 | result: result-key@0x5588cd7146b0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdb8 | result: result-key@0x5588cd70d080 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd7146b0 | PRF chunk interface: release hashed-inner-key@0x5588cd70b800 | PRF chunk interface: release key-key@0x5588cd712c00 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd70d080 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd70d080 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5588cd70ec58 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface: release outer-key@0x5588cd70d080 | PRF chunk interface PRF md5 final-chunk@0x5588cd70ec58 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | chunk output 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd712c00 | PRF symkey interface PRF md5 init key symkey-key@0x5588cd70d080 (size 16) | PRF symkey interface: key symkey-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5588cd70d080 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd70d080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5588cd714858 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd716110 (24-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 8 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 8-bytes | base: base-key@0x5588cd716110 (24-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd7146b0 (8-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd716110 | PRF symkey interface PRF md5 update symkey message-key@0x5588cd7146b0 (size 8) | PRF symkey interface: symkey message-key@0x5588cd7146b0 (8-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bef8 | result: result-key@0x5588cd716110 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd70b800 | PRF HMAC inner hash hash md5 inner-key@0x5588cd716110 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd716110 (size 72) | PRF HMAC inner hash: inner-key@0x5588cd716110 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70ec58 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd80 | result: PRF HMAC inner hash-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd68 | result: PRF HMAC inner hash-key@0x5588cd70b800 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd7164f0 | PRF symkey interface: release inner-key@0x5588cd716110 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdf0 | result: result-key@0x5588cd716110 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd716110 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdd8 | result: result-key@0x5588cd7164f0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd716110 | PRF symkey interface: release hashed-inner-key@0x5588cd70b800 | PRF symkey interface: release key-key@0x5588cd712c00 | PRF HMAC outer hash hash md5 outer-key@0x5588cd7164f0 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd7164f0 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd7164f0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5588cd70ec58 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be40 | result: PRF HMAC outer hash-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be28 | result: PRF HMAC outer hash-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5588cd70b800 | PRF symkey interface: release outer-key@0x5588cd7164f0 | : hashed-outer-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5588cd712c00 (size 16) | PRF symkey interface: key-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 1 extracting all 16 bytes of key@0x5588cd712c00 | RFC 2104: MD5_HMAC test 1: symkey-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 1: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: dc 8e a2 13 0f 48 24 e8 69 84 ee 6d 9b ea 32 e6 | RFC 2104: MD5_HMAC test 1: release slot-key-key@0x5588cd70f920 | RFC 2104: MD5_HMAC test 1 extracted len 16 bytes at 0x5588cd70ec18 | unwrapped: 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | test_prf_vector: RFC 2104: MD5_HMAC test 1 passed | test_prf_vector: release symkey-key@0x5588cd712c00 | test_prf_vector: release message-key@0x5588cd7146b0 | test_prf_vector: release key-key@0x5588cd70d080 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 2 | decode_to_chunk: test_prf_vector: input "Jefe" | decode_to_chunk: output: | 4a 65 66 65 | decode_to_chunk: test_prf_vector: input "what do ya want for nothing?" | decode_to_chunk: output: | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | decode_to_chunk: test_prf_vector: input "0x750c783e6ab0b503eaa86e310a5db738" | decode_to_chunk: output: | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface PRF md5 init key-chunk@0x5588cd70f1e8 (length 4) | 4a 65 66 65 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be60 | result: PRF chunk interface-key@0x5588cd7146b0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x5588cd7146b0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be48 | result: PRF chunk interface-key@0x5588cd70d080 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5588cd7146b0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70d080 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd70d080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5588cd716478 | PRF chunk interface PRF md5 update message-bytes@0x5588cd709ff8 (length 28) | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe4fb2bed0 | result: message-key@0x5588cd712c00 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5588cd70d080 | PRF HMAC inner hash hash md5 inner-key@0x5588cd712c00 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd712c00 (size 92) | PRF HMAC inner hash: inner-key@0x5588cd712c00 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70ec18 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd60 | result: PRF HMAC inner hash-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd48 | result: PRF HMAC inner hash-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd7164f0 | PRF chunk interface: release inner-key@0x5588cd712c00 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdd0 | result: result-key@0x5588cd712c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdb8 | result: result-key@0x5588cd7164f0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd712c00 | PRF chunk interface: release hashed-inner-key@0x5588cd70d080 | PRF chunk interface: release key-key@0x5588cd7146b0 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd7164f0 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd7164f0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5588cd70eb68 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface: release outer-key@0x5588cd7164f0 | PRF chunk interface PRF md5 final-chunk@0x5588cd70eb68 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | chunk output 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd7146b0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x5588cd7146b0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd7164f0 (4-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd7146b0 | PRF symkey interface PRF md5 init key symkey-key@0x5588cd7164f0 (size 4) | PRF symkey interface: key symkey-key@0x5588cd7164f0 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5588cd7164f0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd7164f0 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd7164f0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5588cd714628 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70b800 (44-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 28 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 28-bytes | base: base-key@0x5588cd70b800 (44-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd712c00 (28-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70b800 | PRF symkey interface PRF md5 update symkey message-key@0x5588cd712c00 (size 28) | PRF symkey interface: symkey message-key@0x5588cd712c00 (28-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bef8 | result: result-key@0x5588cd70b800 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd70d080 | PRF HMAC inner hash hash md5 inner-key@0x5588cd70b800 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd70b800 (size 92) | PRF HMAC inner hash: inner-key@0x5588cd70b800 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70eb68 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd80 | result: PRF HMAC inner hash-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd68 | result: PRF HMAC inner hash-key@0x5588cd70d080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd716110 | PRF symkey interface: release inner-key@0x5588cd70b800 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdf0 | result: result-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70b800 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdd8 | result: result-key@0x5588cd716110 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd70b800 | PRF symkey interface: release hashed-inner-key@0x5588cd70d080 | PRF symkey interface: release key-key@0x5588cd7146b0 | PRF HMAC outer hash hash md5 outer-key@0x5588cd716110 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd716110 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd716110 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5588cd70eb68 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be40 | result: PRF HMAC outer hash-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70d080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be28 | result: PRF HMAC outer hash-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5588cd70d080 | PRF symkey interface: release outer-key@0x5588cd716110 | : hashed-outer-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5588cd7146b0 (size 16) | PRF symkey interface: key-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 2 extracting all 16 bytes of key@0x5588cd7146b0 | RFC 2104: MD5_HMAC test 2: symkey-key@0x5588cd7146b0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 2: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 76 b3 b0 7a 1e b2 c5 5c 58 06 95 b7 07 bb 0c 67 | RFC 2104: MD5_HMAC test 2: release slot-key-key@0x5588cd70f920 | RFC 2104: MD5_HMAC test 2 extracted len 16 bytes at 0x5588cd70ec18 | unwrapped: 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | test_prf_vector: RFC 2104: MD5_HMAC test 2 passed | test_prf_vector: release symkey-key@0x5588cd7146b0 | test_prf_vector: release message-key@0x5588cd712c00 | test_prf_vector: release key-key@0x5588cd7164f0 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 3 | decode_to_chunk: test_prf_vector: input "0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" | decode_to_chunk: output: | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | decode_to_chunk: test_prf_vector: input "0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" | decode_to_chunk: output: | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | decode_to_chunk: test_prf_vector: input "0x56be34521d144c88dbb8c733f0e8b3f6" | decode_to_chunk: output: | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface PRF md5 init key-chunk@0x5588cd70f6d8 (length 16) | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be60 | result: PRF chunk interface-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be48 | result: PRF chunk interface-key@0x5588cd7164f0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5588cd712c00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd7164f0 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd7164f0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd7164f0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5588cd7164c8 | PRF chunk interface PRF md5 update message-bytes@0x5588cd70ea18 (length 50) | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7164f0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffe4fb2bed0 | result: message-key@0x5588cd7146b0 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5588cd7164f0 | PRF HMAC inner hash hash md5 inner-key@0x5588cd7146b0 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd7146b0 (size 114) | PRF HMAC inner hash: inner-key@0x5588cd7146b0 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70eb68 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd60 | result: PRF HMAC inner hash-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd716110 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd48 | result: PRF HMAC inner hash-key@0x5588cd7164f0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd716110 | PRF chunk interface: release inner-key@0x5588cd7146b0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdd0 | result: result-key@0x5588cd7146b0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7146b0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdb8 | result: result-key@0x5588cd716110 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd7146b0 | PRF chunk interface: release hashed-inner-key@0x5588cd7164f0 | PRF chunk interface: release key-key@0x5588cd712c00 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd716110 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd716110 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5588cd70ec18 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface: release outer-key@0x5588cd716110 | PRF chunk interface PRF md5 final-chunk@0x5588cd70ec18 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | chunk output 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: key symkey-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: key symkey-key@0x5588cd716110 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5588cd712c00 | PRF symkey interface PRF md5 init key symkey-key@0x5588cd716110 (size 16) | PRF symkey interface: key symkey-key@0x5588cd716110 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5588cd716110 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd716110 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bda0 | result: trimed key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd716110 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bde0 | result: result-key@0x5588cd7164f0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5588cd70e9c8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bee0 | result: message symkey-key@0x5588cd70d080 (66-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 50 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 50-bytes | base: base-key@0x5588cd70d080 (66-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bec8 | result: message symkey-key@0x5588cd7146b0 (50-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5588cd70d080 | PRF symkey interface PRF md5 update symkey message-key@0x5588cd7146b0 (size 50) | PRF symkey interface: symkey message-key@0x5588cd7146b0 (50-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd7164f0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bef8 | result: result-key@0x5588cd70d080 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd7164f0 | PRF HMAC inner hash hash md5 inner-key@0x5588cd70d080 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5588cd70d080 (size 114) | PRF HMAC inner hash: inner-key@0x5588cd70d080 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5588cd70ec18 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2bd80 | result: PRF HMAC inner hash-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd70b800 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2bd68 | result: PRF HMAC inner hash-key@0x5588cd7164f0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5588cd70b800 | PRF symkey interface: release inner-key@0x5588cd70d080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb2bdf0 | result: result-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5588cd70d080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffe4fb2bdd8 | result: result-key@0x5588cd70b800 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5588cd70d080 | PRF symkey interface: release hashed-inner-key@0x5588cd7164f0 | PRF symkey interface: release key-key@0x5588cd712c00 | PRF HMAC outer hash hash md5 outer-key@0x5588cd70b800 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5588cd70b800 (size 80) | PRF HMAC outer hash: outer-key@0x5588cd70b800 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5588cd70ec18 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb2be40 | result: PRF HMAC outer hash-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5588cd7164f0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb2be28 | result: PRF HMAC outer hash-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5588cd7164f0 | PRF symkey interface: release outer-key@0x5588cd70b800 | : hashed-outer-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5588cd712c00 (size 16) | PRF symkey interface: key-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 3 extracting all 16 bytes of key@0x5588cd712c00 | RFC 2104: MD5_HMAC test 3: symkey-key@0x5588cd712c00 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 3: new slot-key@0x5588cd70f920 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-873177238: 2f e0 e0 01 85 82 1a 5f 92 cd 64 8e 27 fd 8d e4 | RFC 2104: MD5_HMAC test 3: release slot-key-key@0x5588cd70f920 | RFC 2104: MD5_HMAC test 3 extracted len 16 bytes at 0x5588cd70eb68 | unwrapped: 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | test_prf_vector: RFC 2104: MD5_HMAC test 3 passed | test_prf_vector: release symkey-key@0x5588cd712c00 | test_prf_vector: release message-key@0x5588cd7146b0 | test_prf_vector: release key-key@0x5588cd716110 | test_prf_vector: release output-key@NULL 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 | starting up helper thread 0 | status value returned by setting the priority of this thread (crypto helper 0) 22 | crypto helper 0 waiting (nothing to do) started thread for crypto helper 1 | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 1) 22 | crypto helper 1 waiting (nothing to do) started thread for crypto helper 2 | starting up helper thread 2 | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 2 waiting (nothing to do) started thread for crypto helper 3 | starting up helper thread 3 | status value returned by setting the priority of this thread (crypto helper 3) 22 | crypto helper 3 waiting (nothing to do) started thread for crypto helper 4 | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) started thread for crypto helper 5 | starting up helper thread 5 | status value returned by setting the priority of this thread (crypto helper 5) 22 | crypto helper 5 waiting (nothing to do) started thread for crypto helper 6 | starting up helper thread 6 | status value returned by setting the priority of this thread (crypto helper 6) 22 | crypto helper 6 waiting (nothing to do) | checking IKEv1 state table | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x5588cd70ea18 | libevent_malloc: new ptr-libevent@0x5588cd6f2d98 size 128 | libevent_malloc: new ptr-libevent@0x5588cd70f1e8 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x5588cd70f558 | libevent_malloc: new ptr-libevent@0x5588cd6a9a58 size 128 | libevent_malloc: new ptr-libevent@0x5588cd70f6d8 size 16 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a20b (length 11) | 4b 41 4d 45 2f 72 61 63 6f 6f 6e | vendor id hash md5 final bytes@0x5588cd70ec18 (length 16) | 70 03 cb c1 09 7d be 9c 26 00 ba 69 83 bc 8b 35 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b000 (length 46) | 4e 4c 42 53 5f 50 52 45 53 45 4e 54 28 4e 4c 42 | 2f 4d 53 43 53 20 66 61 73 74 20 66 61 69 6c 6f | 76 65 72 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x5588cd70ec58 (length 16) | ec 22 62 b5 12 32 63 83 67 12 3b ce 3d 37 3c 5e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b030 (length 32) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 28 41 | 75 74 68 49 50 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x5588cd70f638 (length 16) | 6f fe a4 ae ec 37 f4 9a 02 6f 97 cf b5 53 30 6d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a38e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x5588cd70f228 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x5588cd70f718 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a3a0 (length 23) | 4d 69 63 72 6f 73 6f 66 74 20 58 62 6f 78 20 4f | 6e 65 20 32 30 31 33 | vendor id hash md5 final bytes@0x5588cd70eb28 (length 16) | 8a a3 94 cf 8a 55 77 dc 31 10 c1 13 b0 27 a4 f2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a3b8 (length 22) | 58 62 6f 78 20 49 4b 45 76 32 20 4e 65 67 6f 74 | 69 61 74 69 6f 6e | vendor id hash md5 final bytes@0x5588cd70f518 (length 16) | aa 28 1f cc d6 8c f8 a8 dc b8 5c c0 a7 10 40 2a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a3cf (length 28) | 4d 53 46 54 20 49 50 73 65 63 20 53 65 63 75 72 | 69 74 79 20 52 65 61 6c 6d 20 49 64 | vendor id hash md5 final bytes@0x5588cd716658 (length 16) | 68 6a 8c bd fe 63 4b 40 51 46 fb 2b af 33 e9 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b080 (length 39) | 41 20 47 53 53 2d 41 50 49 20 41 75 74 68 65 6e | 74 69 63 61 74 69 6f 6e 20 4d 65 74 68 6f 64 20 | 66 6f 72 20 49 4b 45 | vendor id hash md5 final bytes@0x5588cd71b8b8 (length 16) | ad 2c 0d d0 b9 c3 20 83 cc ba 25 b8 86 1e c4 55 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a3ec (length 6) | 47 53 53 41 50 49 | vendor id hash md5 final bytes@0x5588cd71b8f8 (length 16) | 62 1b 04 bb 09 88 2a c1 e1 59 35 fe fa 24 ae ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a3f3 (length 12) | 53 53 48 20 53 65 6e 74 69 6e 65 6c | vendor id hash md5 final bytes@0x5588cd71b938 (length 16) | 05 41 82 a0 7c 7a e2 06 f9 d2 cf 9d 24 32 c4 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a400 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 31 | vendor id hash md5 final bytes@0x5588cd71b978 (length 16) | b9 16 23 e6 93 ca 18 a5 4c 6a 27 78 55 23 05 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a411 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 32 | vendor id hash md5 final bytes@0x5588cd71b9b8 (length 16) | 54 30 88 8d e0 1a 31 a6 fa 8f 60 22 4e 44 99 58 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a422 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 33 | vendor id hash md5 final bytes@0x5588cd71b9f8 (length 16) | 7e e5 cb 85 f7 1c e2 59 c9 4a 5c 73 1e e4 e7 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a433 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | vendor id hash md5 final bytes@0x5588cd71ba38 (length 16) | 63 d9 a1 a7 00 94 91 b5 a0 a6 fd eb 2a 82 84 f0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a444 (length 18) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | 2e 31 | vendor id hash md5 final bytes@0x5588cd71ba78 (length 16) | eb 4b 0d 96 27 6b 4e 22 0a d1 62 21 a7 b2 a5 e6 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b0a8 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 30 | vendor id hash md5 final bytes@0x5588cd71bab8 (length 16) | fb f4 76 14 98 40 31 fa 8e 3b b6 19 80 89 b2 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b0e0 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 31 | vendor id hash md5 final bytes@0x5588cd71baf8 (length 16) | 19 52 dc 91 ac 20 f6 46 fb 01 cf 42 a3 3a ee 30 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b118 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 32 | vendor id hash md5 final bytes@0x5588cd71bb38 (length 16) | e8 bf fa 64 3e 5c 8f 2c d1 0f da 73 70 b6 eb e5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b150 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 31 | vendor id hash md5 final bytes@0x5588cd71bb78 (length 16) | c1 11 1b 2d ee 8c bc 3d 62 05 73 ec 57 aa b9 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b188 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 32 | vendor id hash md5 final bytes@0x5588cd71bbb8 (length 16) | 09 ec 27 bf bc 09 c7 58 23 cf ec bf fe 56 5a 2e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b1c0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 30 2e 30 | vendor id hash md5 final bytes@0x5588cd71bbf8 (length 16) | 7f 21 a5 96 e4 e3 18 f0 b2 f4 94 4c 23 84 cb 84 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b1f8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 30 | vendor id hash md5 final bytes@0x5588cd71bc38 (length 16) | 28 36 d1 fd 28 07 bc 9e 5a e3 07 86 32 04 51 ec | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b230 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 31 | vendor id hash md5 final bytes@0x5588cd71bc78 (length 16) | a6 8d e7 56 a9 c5 22 9b ae 66 49 80 40 95 1a d5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b268 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 32 | vendor id hash md5 final bytes@0x5588cd71bcb8 (length 16) | 3f 23 72 86 7e 23 7c 1c d8 25 0a 75 55 9c ae 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b2a0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 30 | vendor id hash md5 final bytes@0x5588cd71bcf8 (length 16) | 0e 58 d5 77 4d f6 02 00 7d 0b 02 44 36 60 f7 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b2d8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 31 | vendor id hash md5 final bytes@0x5588cd71bd38 (length 16) | f5 ce 31 eb c2 10 f4 43 50 cf 71 26 5b 57 38 0f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b310 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x5588cd71bd78 (length 16) | f6 42 60 af 2e 27 42 da dd d5 69 87 06 8a 99 a0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b348 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x5588cd71bdb8 (length 16) | 7a 54 d3 bd b3 b1 e6 d9 23 89 20 64 be 2d 98 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b380 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x5588cd71bdf8 (length 16) | 9a a1 f3 b4 34 72 a4 5d 5f 50 6a eb 26 0c f2 14 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b3b8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x5588cd71be38 (length 16) | 68 80 c7 d0 26 09 91 14 e4 86 c5 54 30 e7 ab ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b3f0 (length 41) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 50 4c 55 54 4f 5f 53 45 4e 44 53 | 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe4fb2bfc0 (length 16) | 44 76 1b d7 6b 80 85 41 74 87 ee 8a 51 cf fc f3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b420 (length 53) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 50 4c 55 54 4f 5f 53 45 4e 44 53 5f 56 45 4e | 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe4fb2bfc0 (length 16) | b7 0e 8a c3 92 b1 6e 05 48 2f c4 dc 36 10 91 68 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b458 (length 58) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 4c 44 41 50 20 50 4c 55 54 4f 5f 53 45 4e 44 | 53 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffe4fb2bfc0 (length 16) | 97 1d ea 93 c3 c2 06 74 f9 ae 35 40 83 de 3e 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a531 (length 14) | 4f 70 65 6e 73 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x7ffe4fb2bfc0 (length 16) | 08 72 0b ee 9e 28 95 3c e0 8f 0a 18 b6 e2 9d da | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b4c0 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 31 | vendor id hash md5 final bytes@0x5588cd71bff8 (length 16) | 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b4e8 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 32 | vendor id hash md5 final bytes@0x5588cd71c038 (length 16) | 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a559 (length 10) | 45 53 50 54 68 72 75 4e 41 54 | vendor id hash md5 final bytes@0x5588cd71c078 (length 16) | 50 76 0f 62 4c 63 e5 c5 3e ea 38 6c 68 5c a0 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b510 (length 38) | 64 72 61 66 74 2d 68 75 74 74 75 6e 65 6e 2d 69 | 70 73 65 63 2d 65 73 70 2d 69 6e 2d 75 64 70 2d | 30 30 2e 74 78 74 | vendor id hash md5 final bytes@0x5588cd71c0b8 (length 16) | 6a 74 34 c1 9d 7e 36 34 80 90 a0 23 34 c9 c8 05 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a564 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 30 | vendor id hash md5 final bytes@0x5588cd71c0f8 (length 16) | 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a582 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 31 | vendor id hash md5 final bytes@0x5588cd71c138 (length 16) | 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a5a0 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 | vendor id hash md5 final bytes@0x5588cd71c178 (length 16) | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b538 (length 30) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 0a | vendor id hash md5 final bytes@0x5588cd71c1b8 (length 16) | 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a5be (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 33 | vendor id hash md5 final bytes@0x5588cd71c1f8 (length 16) | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a5dc (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 34 | vendor id hash md5 final bytes@0x5588cd71c238 (length 16) | 99 09 b6 4e ed 93 7c 65 73 de 52 ac e9 52 fa 6b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a5fa (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 35 | vendor id hash md5 final bytes@0x5588cd71c278 (length 16) | 80 d0 bb 3d ef 54 56 5e e8 46 45 d4 c8 5c e3 ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a618 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 36 | vendor id hash md5 final bytes@0x5588cd71c2b8 (length 16) | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a636 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 37 | vendor id hash md5 final bytes@0x5588cd71c2f8 (length 16) | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a654 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 38 | vendor id hash md5 final bytes@0x5588cd71c338 (length 16) | 8f 8d 83 82 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a672 (length 26) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 | vendor id hash md5 final bytes@0x5588cd71c378 (length 16) | 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a68d (length 8) | 52 46 43 20 33 39 34 37 | vendor id hash md5 final bytes@0x5588cd71c3b8 (length 16) | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf734f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x5588cd71c478 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a73d (length 19) | 56 69 64 2d 49 6e 69 74 69 61 6c 2d 43 6f 6e 74 | 61 63 74 | vendor id hash md5 final bytes@0x5588cd71c4b8 (length 16) | 26 24 4d 38 ed db 61 b3 17 2a 36 e3 d0 cf b8 19 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6b058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x5588cd71c4f8 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a38e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x5588cd71c538 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a751 (length 14) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 | vendor id hash md5 final bytes@0x5588cd71c578 (length 16) | 21 4c a4 fa ff a7 f3 2d 67 48 e5 30 33 95 ae 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf598dd (length 10) | 73 74 72 6f 6e 67 53 77 61 6e | vendor id hash md5 final bytes@0x5588cd71c5b8 (length 16) | 88 2f e5 6d 6f d2 0d bc 22 51 61 3b 2e be 5b eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a760 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x5588cd71c5f8 (length 16) | 2c e9 c9 46 a4 c8 79 bf 11 b5 0b 76 cc 56 92 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a771 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x5588cd71c638 (length 16) | 9d bb af cf 1d b0 dd 59 5a e0 65 29 40 03 ad 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a782 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 32 | vendor id hash md5 final bytes@0x5588cd71c678 (length 16) | 77 e8 ee a6 f5 56 a4 99 de 3f fe 7f 7f 95 66 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a793 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 33 | vendor id hash md5 final bytes@0x5588cd71c6b8 (length 16) | b1 81 b1 8e 11 4f c2 09 b3 c6 e2 6c 3a 80 71 8e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 34 | vendor id hash md5 final bytes@0x5588cd71c6f8 (length 16) | 1e f2 83 f8 35 49 b5 ff 96 08 b6 d6 34 f8 4d 75 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 35 | vendor id hash md5 final bytes@0x5588cd71c738 (length 16) | dd 18 0d 21 e5 ce 65 5a 76 8b a3 22 11 dd 8a d9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 36 | vendor id hash md5 final bytes@0x5588cd71c778 (length 16) | 4c 90 13 69 46 57 7b 51 91 9d 8d 9a 6b 8e 4a 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 37 | vendor id hash md5 final bytes@0x5588cd71c7b8 (length 16) | ab 07 46 22 1c c8 fd 0d 52 38 f7 3a 9b 3d a5 57 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x5588cd71c7f8 (length 16) | 47 94 ce f6 84 34 22 98 0d 1a 3d 06 af 41 c5 cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a7f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | vendor id hash md5 final bytes@0x5588cd71c838 (length 16) | d3 f1 c4 88 c3 68 17 5d 5f 40 a8 f5 ca 5f 5e 12 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a80a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 32 | vendor id hash md5 final bytes@0x5588cd71c878 (length 16) | 15 a1 ac e7 ee 52 fd df ef 04 f9 28 db 2d d1 34 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a81b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 33 | vendor id hash md5 final bytes@0x5588cd71c8b8 (length 16) | 58 49 ab 6d 8b ea bd 6e 4d 09 e5 a3 b8 8c 08 9a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a82c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 34 | vendor id hash md5 final bytes@0x5588cd71c8f8 (length 16) | 31 2f 9c b1 a6 b9 0e 19 de 75 28 c9 04 ac 30 87 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a83d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 35 | vendor id hash md5 final bytes@0x5588cd71c938 (length 16) | bf 0f bf 73 06 eb b7 82 70 42 d8 93 53 98 86 e2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a84e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 36 | vendor id hash md5 final bytes@0x5588cd71c978 (length 16) | d1 96 83 36 8a f4 b0 ed c2 1c cd e9 82 b1 d1 b0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a85f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 37 | vendor id hash md5 final bytes@0x5588cd71c9b8 (length 16) | ea 84 0a a4 df c9 71 2d 6c 32 b5 a1 6e b3 29 a3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a870 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 38 | vendor id hash md5 final bytes@0x5588cd71c9f8 (length 16) | 66 a2 04 55 07 c1 19 da 78 a4 66 62 59 cd ea 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a881 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 39 | vendor id hash md5 final bytes@0x5588cd71ca38 (length 16) | 78 fd d2 87 de f0 1a 3f 07 4b 53 69 ea b4 fd 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a892 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 30 | vendor id hash md5 final bytes@0x5588cd71ca78 (length 16) | bf 3a 89 ae 5b ef 8e 72 d4 4d ac 8b b8 8d 7d 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8a4 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 31 | vendor id hash md5 final bytes@0x5588cd71cab8 (length 16) | b7 bd 9f 2f 97 8e 32 59 a7 aa 9f 7a 13 96 ad 6c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8b6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x5588cd71caf8 (length 16) | 9f 68 90 13 25 a9 72 89 43 35 30 2a 95 31 ab 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8c7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 31 | vendor id hash md5 final bytes@0x5588cd71cb38 (length 16) | ba b2 53 f4 cb 10 a8 10 8a 7c 92 7c 56 c8 78 86 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8d8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 32 | vendor id hash md5 final bytes@0x5588cd71cb78 (length 16) | 2a 51 7d 0d 23 c3 7d 08 bc e7 c2 92 a0 21 7b 39 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8e9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 33 | vendor id hash md5 final bytes@0x5588cd71cbb8 (length 16) | 2d 1f 40 61 18 fb d5 d2 84 74 79 1f fa 00 48 8a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a8fa (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 38 | vendor id hash md5 final bytes@0x5588cd71cbf8 (length 16) | 8c 4a 3b cb 72 9b 11 f7 03 d2 2a 5b 39 64 0c a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a90b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 37 | vendor id hash md5 final bytes@0x5588cd71cc38 (length 16) | 3a 0d 4e 7c a4 e4 92 ed 4d fe 47 6d 1a c6 01 8b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a91c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 36 | vendor id hash md5 final bytes@0x5588cd71cc78 (length 16) | fe 3f 49 70 6e 26 a9 fb 36 a8 7b fc e9 ea 36 ce | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a92d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 35 | vendor id hash md5 final bytes@0x5588cd71ccb8 (length 16) | 4c 7e fa 31 b3 9e 51 04 32 a3 17 57 0d 97 bb b9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a93e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 34 | vendor id hash md5 final bytes@0x5588cd71ccf8 (length 16) | 76 c7 2b fd 39 84 24 dd 00 1b 86 d0 01 2f e0 61 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a94f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 33 | vendor id hash md5 final bytes@0x5588cd71cd38 (length 16) | fb 46 41 ad 0e eb 2a 34 49 1d 15 f4 ef f5 10 63 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a960 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 32 | vendor id hash md5 final bytes@0x5588cd71cd78 (length 16) | 29 99 32 27 7b 7d fe 38 2c e2 34 65 33 3a 7d 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a971 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 31 | vendor id hash md5 final bytes@0x5588cd71cdb8 (length 16) | e3 7f 2d 5b a8 9a 62 cd 20 2e e2 7d ac 06 c8 a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a982 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 30 | vendor id hash md5 final bytes@0x5588cd71cdf8 (length 16) | 32 f0 e9 b9 c0 6d fe 8c 9a d5 59 9a 63 69 71 a1 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a993 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 33 | vendor id hash md5 final bytes@0x5588cd71ce38 (length 16) | 7f 50 cc 4e bf 04 c2 d9 da 73 ab fd 69 b7 7a a2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 32 | vendor id hash md5 final bytes@0x5588cd71ce78 (length 16) | a1 94 e2 aa dd d0 ba fb 95 25 3d d9 6d c7 33 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 31 | vendor id hash md5 final bytes@0x5588cd71ceb8 (length 16) | 81 34 87 85 82 12 17 85 ba 65 ea 34 5d 6b a7 24 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 30 | vendor id hash md5 final bytes@0x5588cd70e9c8 (length 16) | 07 fa 12 8e 47 54 f9 44 7b 1d d4 63 74 ee f3 60 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 34 | vendor id hash md5 final bytes@0x5588cd71cef8 (length 16) | b9 27 f9 52 19 a0 fe 36 00 db a3 c1 18 2a e5 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 33 | vendor id hash md5 final bytes@0x5588cd71cf38 (length 16) | b2 86 0e 78 37 f7 11 be f3 d0 ee b1 06 87 2d ed | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6a9f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 32 | vendor id hash md5 final bytes@0x5588cd71cf78 (length 16) | 5b 1c d6 fe 7d 05 0e da 6c 93 87 1c 10 7d b3 d2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa0a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 31 | vendor id hash md5 final bytes@0x5588cd71cfb8 (length 16) | 66 af bc 12 bb fe 6c e1 08 b1 f6 9f 4b c9 17 b7 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa1b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 30 | vendor id hash md5 final bytes@0x5588cd71cff8 (length 16) | 3f 32 66 49 9f fd bd 85 95 0e 70 22 98 06 28 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa2c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 37 | vendor id hash md5 final bytes@0x5588cd71d038 (length 16) | 1f 44 42 29 6b 83 d7 e3 3a 8b 45 20 9b a0 e5 90 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa3d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 36 | vendor id hash md5 final bytes@0x5588cd71d078 (length 16) | 3c 5e ba 3d 85 64 92 8e 32 ae 43 c3 d9 92 4d ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa4e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 35 | vendor id hash md5 final bytes@0x5588cd71d0b8 (length 16) | 3f 26 7e d6 21 ad a7 ee 6c 7d 88 93 cc b0 b1 4b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa5f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 34 | vendor id hash md5 final bytes@0x5588cd71d0f8 (length 16) | 7a 6b f5 b7 df 89 64 2a 75 a7 8e f7 d6 57 c1 c0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa70 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 33 | vendor id hash md5 final bytes@0x5588cd71d138 (length 16) | df 5b 1f 0f 1d 56 79 d9 f8 51 2b 16 c5 5a 60 65 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa81 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 32 | vendor id hash md5 final bytes@0x5588cd71d178 (length 16) | 86 1c e5 eb 72 16 4b 19 0e 9e 62 9a 31 cf 49 01 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aa92 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 31 | vendor id hash md5 final bytes@0x5588cd71d1b8 (length 16) | 9a 4a 46 48 f6 0f 8e da 7c fc bf e2 71 ee 5b 7d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aaa3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 30 | vendor id hash md5 final bytes@0x5588cd71d1f8 (length 16) | 9e b3 d9 07 ed 7a da 4e 3c bc ac b9 17 ab c8 e4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aab4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 34 | vendor id hash md5 final bytes@0x5588cd71d238 (length 16) | 48 5a 70 36 1b 44 33 b3 1d ea 1c 6b e0 df 24 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aac5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 33 | vendor id hash md5 final bytes@0x5588cd71d278 (length 16) | 98 2b 7a 06 3a 33 c1 43 a8 ea dc 88 24 9f 6b cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aad6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 32 | vendor id hash md5 final bytes@0x5588cd71d2b8 (length 16) | e7 a3 fd 0c 6d 77 1a 8f 1b 8a 86 a4 16 9c 9e a4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aae7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 31 | vendor id hash md5 final bytes@0x5588cd71d2f8 (length 16) | 75 b0 65 3c b2 81 eb 26 d3 1e de 38 c8 e1 e2 28 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6aaf8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 30 | vendor id hash md5 final bytes@0x5588cd71d338 (length 16) | e8 29 c8 81 49 ba b3 c0 ce e8 5d a6 0e 18 ae 9b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab09 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 32 | vendor id hash md5 final bytes@0x5588cd71d378 (length 16) | 42 a4 83 4c 92 ab 9a 77 77 06 3a fa 25 4b cb 69 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab1a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 31 | vendor id hash md5 final bytes@0x5588cd71d3b8 (length 16) | f6 97 c1 af cc 2e c8 dd cd f9 9d c7 af 03 a6 7f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab2b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 30 | vendor id hash md5 final bytes@0x5588cd71d3f8 (length 16) | b8 f9 2b 2f a2 d3 fe 5f e1 58 34 4b da 1c c6 ae | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab3c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 32 | vendor id hash md5 final bytes@0x5588cd71d438 (length 16) | 99 dc 7c c8 23 37 6b 3b 33 d0 43 57 89 6a e0 7b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab4d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 31 | vendor id hash md5 final bytes@0x5588cd71d478 (length 16) | d9 11 8b 1e 9d e5 ef ce d9 cc 9d 88 3f 21 68 ff | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf6ab5e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x5588cd71d4b8 (length 16) | 85 b6 cb ec 48 0d 5c 8c d9 88 2c 82 5a c2 c2 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5588cbf734f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x5588cd71d4f8 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x5588cd70f5c8 | libevent_malloc: new ptr-libevent@0x5588cd71b808 size 128 | libevent_malloc: new ptr-libevent@0x5588cd7269e8 size 16 | libevent_realloc: new ptr-libevent@0x5588cd726a28 size 256 | libevent_malloc: new ptr-libevent@0x5588cd726b58 size 8 | libevent_realloc: new ptr-libevent@0x5588cd6b9e18 size 144 | libevent_malloc: new ptr-libevent@0x5588cd6b6de8 size 152 | libevent_malloc: new ptr-libevent@0x5588cd726b98 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x5588cd726bd8 size 8 | libevent_malloc: new ptr-libevent@0x5588cd6b6eb8 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x5588cd726c18 size 8 | libevent_malloc: new ptr-libevent@0x5588cd726c58 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x5588cd726d28 size 8 | libevent_realloc: release ptr-libevent@0x5588cd6b9e18 | libevent_realloc: new ptr-libevent@0x5588cd726d68 size 256 | libevent_malloc: new ptr-libevent@0x5588cd726e98 size 152 | signal event handler PLUTO_SIGSYS installed | created addconn helper (pid:24245) using fork+execve | forked child 24245 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.23:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.23:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.2.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x5588cd7273f8 | libevent_malloc: new ptr-libevent@0x5588cd71b758 size 128 | libevent_malloc: new ptr-libevent@0x5588cd727468 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x5588cd7274a8 | libevent_malloc: new ptr-libevent@0x5588cd6abe98 size 128 | libevent_malloc: new ptr-libevent@0x5588cd727518 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x5588cd727558 | libevent_malloc: new ptr-libevent@0x5588cd6abde8 size 128 | libevent_malloc: new ptr-libevent@0x5588cd7275c8 size 16 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x5588cd727608 | libevent_malloc: new ptr-libevent@0x5588cd6b4448 size 128 | libevent_malloc: new ptr-libevent@0x5588cd727678 size 16 | setup callback for interface eth0 192.0.2.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x5588cd7276b8 | libevent_malloc: new ptr-libevent@0x5588cd68ab78 size 128 | libevent_malloc: new ptr-libevent@0x5588cd727728 size 16 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x5588cd727768 | libevent_malloc: new ptr-libevent@0x5588cd6851d8 size 128 | libevent_malloc: new ptr-libevent@0x5588cd7277d8 size 16 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x5588cd680c48) PKK_PSK: @east | id type added to secret(0x5588cd680c48) PKK_PSK: @west | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.619 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.2.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.23 | no interfaces to sort | libevent_free: release ptr-libevent@0x5588cd71b758 | free_event_entry: release EVENT_NULL-pe@0x5588cd7273f8 | add_fd_read_event_handler: new ethX-pe@0x5588cd7273f8 | libevent_malloc: new ptr-libevent@0x5588cd71b758 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x5588cd6abe98 | free_event_entry: release EVENT_NULL-pe@0x5588cd7274a8 | add_fd_read_event_handler: new ethX-pe@0x5588cd7274a8 | libevent_malloc: new ptr-libevent@0x5588cd6abe98 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x5588cd6abde8 | free_event_entry: release EVENT_NULL-pe@0x5588cd727558 | add_fd_read_event_handler: new ethX-pe@0x5588cd727558 | libevent_malloc: new ptr-libevent@0x5588cd6abde8 size 128 | setup callback for interface eth0 192.0.2.254:4500 fd 20 | libevent_free: release ptr-libevent@0x5588cd6b4448 | free_event_entry: release EVENT_NULL-pe@0x5588cd727608 | add_fd_read_event_handler: new ethX-pe@0x5588cd727608 | libevent_malloc: new ptr-libevent@0x5588cd6b4448 size 128 | setup callback for interface eth0 192.0.2.254:500 fd 19 | libevent_free: release ptr-libevent@0x5588cd68ab78 | free_event_entry: release EVENT_NULL-pe@0x5588cd7276b8 | add_fd_read_event_handler: new ethX-pe@0x5588cd7276b8 | libevent_malloc: new ptr-libevent@0x5588cd68ab78 size 128 | setup callback for interface eth1 192.1.2.23:4500 fd 18 | libevent_free: release ptr-libevent@0x5588cd6851d8 | free_event_entry: release EVENT_NULL-pe@0x5588cd727768 | add_fd_read_event_handler: new ethX-pe@0x5588cd727768 | libevent_malloc: new ptr-libevent@0x5588cd6851d8 size 128 | setup callback for interface eth1 192.1.2.23:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x5588cd680c48) PKK_PSK: @east | id type added to secret(0x5588cd680c48) PKK_PSK: @west | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.363 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 24245 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.0139 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection westnet-eastnet-ipv4-psk-ikev2 with policy AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 | from whack: got --esp= | ESP/AH string values: AES_GCM_16_256-NONE, AES_GCM_16_128-NONE, AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128, AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128 | counting wild cards for ID_NULL is 0 | counting wild cards for ID_NULL is 0 | connect_to_host_pair: 192.1.2.23:500 192.1.2.45:500 -> hp@(nil): none | new hp@0x5588cd729af8 added connection description "westnet-eastnet-ipv4-psk-ikev2" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.2.0/24===192.1.2.23<192.1.2.23>[ID_NULL]...192.1.2.45<192.1.2.45>[ID_NULL]===192.0.1.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.166 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) add keyid %null | add pubkey 01 03 a6 f5 d6 3f e3 8f 6c 01 6a fc 7b 7c 6d 57 | add pubkey 8b 49 39 0d 77 f7 ac e2 85 f1 98 1e 4b 6d a5 3e | add pubkey b3 96 9a d1 99 5a bc 10 f2 97 de f2 28 f9 5f 92 | add pubkey 09 f0 c8 d4 12 e4 60 6e 9c 60 98 10 01 7d 26 b7 | add pubkey 8f 95 62 2d 87 dd cd de f6 d3 8f 35 b0 50 d0 18 | add pubkey f5 99 f8 04 f1 ff 61 5b bc 7f 1f c0 04 d8 e4 8c | add pubkey ac 34 ad 7a c1 da 3c 2d 8c 30 ae d6 3c 59 b1 3a | add pubkey 94 d3 d5 2a 73 91 bd 59 5f 3e 72 bf 4a 1b 9d c5 | add pubkey b2 2b 4d e7 0d 24 3e 77 f9 7f 2d d6 9d 29 ef 70 | add pubkey 7d 7a 6d a2 b8 61 0c 4b 09 4a 06 71 84 70 85 9a | add pubkey 8f 52 a1 80 06 fd c6 fc 3e 27 fa 16 fa 32 83 a9 | add pubkey ca 80 db 0f 4a bf f7 e9 55 8e bd 29 4d 23 a6 dc | add pubkey 2a b3 5d 62 a9 21 1e be 83 d8 69 3c 03 0a 48 8e | add pubkey d3 3a 11 f2 86 5a d1 30 65 bd c8 f4 83 87 ff 04 | add pubkey 87 33 05 4f e0 d8 8c fe b3 19 4c dd 85 40 f3 4d | add pubkey 6e e8 49 14 06 2c 1f 59 59 05 8f 20 b0 ca 46 3f | add pubkey c9 20 7e 04 30 7d 9a 80 6c 3f 0a 89 f7 d3 af d8 | add pubkey 15 04 37 f9 | computed rsa CKAID b4 9f 1a ac 9e 45 6e 79 29 c8 81 97 3a 0c 6a d3 | computed rsa CKAID 7f 0f 03 50 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0889 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) add keyid %null | ID_NULL: id kind matches | unreference key: 0x5588cd729bd8 ID_NULL cnt 1-- | add pubkey 01 03 bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b | add pubkey e5 16 c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 | add pubkey 85 7a e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c | add pubkey 78 ca 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 | add pubkey 21 c9 f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d | add pubkey d2 67 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 | add pubkey 62 cd 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce | add pubkey 62 b5 af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e | add pubkey bb 23 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d | add pubkey ac 47 f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce | add pubkey e0 98 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a | add pubkey 92 b8 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 | add pubkey 4d 58 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 | add pubkey 5f 56 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 | add pubkey d5 f1 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c | add pubkey 47 cc 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 | add pubkey 07 8f 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 | add pubkey 51 51 48 ef | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 | computed rsa CKAID 8a 82 25 f1 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0607 milliseconds in whack | spent 0.0028 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 851 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | df a7 70 f9 33 7f d6 5d 00 00 00 00 00 00 00 00 | 21 20 22 08 00 00 00 00 00 00 03 53 22 00 01 b4 | 02 00 00 64 01 01 00 0b 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08 | 02 00 00 05 03 00 00 08 04 00 00 0e 03 00 00 08 | 04 00 00 0f 03 00 00 08 04 00 00 10 03 00 00 08 | 04 00 00 12 03 00 00 08 04 00 00 13 03 00 00 08 | 04 00 00 14 03 00 00 08 04 00 00 15 00 00 00 08 | 04 00 00 1f 02 00 00 64 02 01 00 0b 03 00 00 0c | 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07 | 03 00 00 08 02 00 00 05 03 00 00 08 04 00 00 0e | 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10 | 03 00 00 08 04 00 00 12 03 00 00 08 04 00 00 13 | 03 00 00 08 04 00 00 14 03 00 00 08 04 00 00 15 | 00 00 00 08 04 00 00 1f 02 00 00 74 03 01 00 0d | 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 | 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08 | 03 00 00 0e 03 00 00 08 03 00 00 0c 03 00 00 08 | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08 | 04 00 00 10 03 00 00 08 04 00 00 12 03 00 00 08 | 04 00 00 13 03 00 00 08 04 00 00 14 03 00 00 08 | 04 00 00 15 00 00 00 08 04 00 00 1f 00 00 00 74 | 04 01 00 0d 03 00 00 0c 01 00 00 0c 80 0e 00 80 | 03 00 00 08 02 00 00 07 03 00 00 08 02 00 00 05 | 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c | 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f | 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12 | 03 00 00 08 04 00 00 13 03 00 00 08 04 00 00 14 | 03 00 00 08 04 00 00 15 00 00 00 08 04 00 00 1f | 28 00 01 08 00 0e 00 00 03 18 ac 58 7f 45 4c 48 | 17 98 6e c7 91 ca e9 da 30 49 c2 41 9f ab 84 05 | f2 cf 22 3b 32 e9 12 ff c1 64 99 0f ad 65 a6 79 | 25 67 47 5e e6 b3 b6 f8 2e 9d 8d c3 4c 07 cb 0b | 14 6a e0 4f 44 79 ac 08 78 43 7c c2 24 e1 0f 12 | 88 8c 8f 89 10 73 07 58 dd b4 ec a7 5c 43 82 a4 | f4 2a cf b9 48 95 51 fa 3f 87 43 0b 9e 7f da a2 | 39 9e 63 ad c0 6d 36 f8 b8 84 1c bd 46 08 84 c4 | c1 01 7a ca 99 f3 5a 11 57 ee fa 74 6d 2e e2 46 | 56 ff 3d a4 88 81 24 21 42 9c 11 56 c7 04 6c 61 | 9a b0 b4 6a 34 02 e7 78 12 eb 90 32 04 37 46 81 | 51 72 33 ba 1e 64 c0 e0 26 cd 45 be ef a6 fb bd | 3d d6 44 5e e4 ea 73 99 da 2b ca f7 bd 58 bb 86 | 0d ee 5a 13 fa 67 19 c7 8f 6d 1e e4 83 c2 2a ac | fc 18 94 94 01 89 24 78 74 2e 4a da 55 b0 b7 a0 | b3 d1 9b 81 b8 13 c5 7c 43 36 8c f1 5f 9b af cd | e7 58 8a c5 4e c4 01 a7 29 00 00 24 81 f1 aa 07 | 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 ab 2c 6e c0 | 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea 29 00 00 08 | 00 00 40 2e 29 00 00 1c 00 00 40 04 e1 5d 20 86 | 79 22 c1 ce 7d ba 60 f3 9b c0 f0 2a e6 22 25 7b | 2b 00 00 1c 00 00 40 05 8e a1 56 7e ac 7f 4b 62 | 92 0e 1d 36 c5 be 28 85 66 74 0b 2b 00 00 00 17 | 4f 70 70 6f 72 74 75 6e 69 73 74 69 63 20 49 50 | 73 65 63 | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_v2SA (0x21) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 0 (0x0) | length: 851 (0x353) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34) | I am the IKE SA Original Responder receiving an IKEv2 IKE_SA_INIT request | State DB: IKEv2 state not found (find_v2_ike_sa_by_initiator_spi) | Now let's proceed with payload (ISAKMP_NEXT_v2SA) | ***parse IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2KE (0x22) | flags: none (0x0) | length: 436 (0x1b4) | processing payload: ISAKMP_NEXT_v2SA (len=432) | Now let's proceed with payload (ISAKMP_NEXT_v2KE) | ***parse IKEv2 Key Exchange Payload: | next payload type: ISAKMP_NEXT_v2Ni (0x28) | flags: none (0x0) | length: 264 (0x108) | DH group: OAKLEY_GROUP_MODP2048 (0xe) | processing payload: ISAKMP_NEXT_v2KE (len=256) | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) | ***parse IKEv2 Nonce Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 36 (0x24) | processing payload: ISAKMP_NEXT_v2Ni (len=32) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 8 (0x8) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) | processing payload: ISAKMP_NEXT_v2N (len=0) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | length: 28 (0x1c) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) | processing payload: ISAKMP_NEXT_v2N (len=20) | Now let's proceed with payload (ISAKMP_NEXT_v2N) | ***parse IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2V (0x2b) | flags: none (0x0) | length: 28 (0x1c) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) | processing payload: ISAKMP_NEXT_v2N (len=20) | Now let's proceed with payload (ISAKMP_NEXT_v2V) | ***parse IKEv2 Vendor ID Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 23 (0x17) | processing payload: ISAKMP_NEXT_v2V (len=19) | DDOS disabled and no cookie sent, continuing | VID_OPPORTUNISTIC received | Processing IKE request for Opportunistic IPsec | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=ECDSA+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=ECDSA+IKEV2_ALLOW | found policy = AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (westnet-eastnet-ipv4-psk-ikev2) | find_next_host_connection returns empty | find_host_connection local=192.1.2.23:500 remote= policy=ECDSA+IKEV2_ALLOW but ignoring ports | find_next_host_connection policy=ECDSA+IKEV2_ALLOW | find_next_host_connection returns empty | initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy ECDSA+IKEV2_ALLOW | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=RSASIG+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=RSASIG+IKEV2_ALLOW | found policy = AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (westnet-eastnet-ipv4-psk-ikev2) | find_next_host_connection returns empty | find_host_connection local=192.1.2.23:500 remote= policy=RSASIG+IKEV2_ALLOW but ignoring ports | find_next_host_connection policy=RSASIG+IKEV2_ALLOW | find_next_host_connection returns empty | initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy RSASIG+IKEV2_ALLOW | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=PSK+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=PSK+IKEV2_ALLOW | found policy = AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (westnet-eastnet-ipv4-psk-ikev2) | find_next_host_connection returns empty | find_host_connection local=192.1.2.23:500 remote= policy=PSK+IKEV2_ALLOW but ignoring ports | find_next_host_connection policy=PSK+IKEV2_ALLOW | find_next_host_connection returns empty | initial parent SA message received on 192.1.2.23:500 but no connection has been authorized with policy PSK+IKEV2_ALLOW | find_host_connection local=192.1.2.23:500 remote=192.1.2.45:500 policy=AUTHNULL+IKEV2_ALLOW but ignoring ports | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | find_next_host_connection policy=AUTHNULL+IKEV2_ALLOW | found policy = AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (westnet-eastnet-ipv4-psk-ikev2) | find_next_host_connection returns westnet-eastnet-ipv4-psk-ikev2 | find_next_host_connection policy=AUTHNULL+IKEV2_ALLOW | find_next_host_connection returns empty | found connection: westnet-eastnet-ipv4-psk-ikev2 with policy AUTHNULL+IKEV2_ALLOW | IKE SPIr hash sha2_256 init | IKE SPIr hash sha2_256 digest addr-bytes@0x5588cd72a188 (length 28) | 02 00 01 f4 c0 01 02 2d 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 | IKE SPIr hash sha2_256 digest sod-bytes@0x5588cbfdf700 (length 32) | ed ce 51 93 26 95 5c 7d 11 2a bb fc 25 e0 f9 69 | 0a a5 de 43 5f 04 f4 44 f2 fb f6 26 b5 7d 94 94 | IKE SPIr hash sha2_256 digest counter-bytes@0x5588cbfdf6e0 (length 4) | 01 00 00 00 | IKE SPIr hash sha2_256 final bytes@0x7ffe4fb2a840 (length 32) | 3c 23 d7 38 84 f0 63 b4 e2 9f 6a f7 9a e2 49 00 | aa d5 08 c9 00 fe 76 81 7d 2d 62 0b fc d5 7b 19 | creating state object #1 at 0x5588cd72bc38 | State DB: adding IKEv2 state #1 in UNDEFINED | pstats #1 ikev2.ike started | Message ID: init #1: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0 | parent state #1: UNDEFINED(ignore) => PARENT_R0(half-open IKE SA) | Message ID: init_ike #1; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1 | start processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45 (in ikev2_process_packet() at ikev2.c:2016) | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45 (in ike_process_packet() at ikev2.c:2064) | #1 st.st_msgid_lastrecv -1 md.hdr.isa_msgid 00000000 | Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 | Message ID: start-responder #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1->0 | #1 in state PARENT_R0: processing SA_INIT request | selected state microcode Respond to IKE_SA_INIT | Now let's proceed with state specific processing | calling processor Respond to IKE_SA_INIT | #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | received Vendor ID payload [Opportunistic IPsec] | constructing local IKE proposals for westnet-eastnet-ipv4-psk-ikev2 (IKE SA responder matching remote proposals) | converting ike_info AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | converting ike_info AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31 to ikev2 ... | ... ikev2_proposal: 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 "westnet-eastnet-ipv4-psk-ikev2": constructed local IKE proposals for westnet-eastnet-ipv4-psk-ikev2 (IKE SA responder matching remote proposals): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 | Comparing remote proposals against IKE responder 4 local proposals | local proposal 1 type ENCR has 1 transforms | local proposal 1 type PRF has 2 transforms | local proposal 1 type INTEG has 1 transforms | local proposal 1 type DH has 8 transforms | local proposal 1 type ESN has 0 transforms | local proposal 1 transforms: required: ENCR+PRF+DH; optional: INTEG | local proposal 2 type ENCR has 1 transforms | local proposal 2 type PRF has 2 transforms | local proposal 2 type INTEG has 1 transforms | local proposal 2 type DH has 8 transforms | local proposal 2 type ESN has 0 transforms | local proposal 2 transforms: required: ENCR+PRF+DH; optional: INTEG | local proposal 3 type ENCR has 1 transforms | local proposal 3 type PRF has 2 transforms | local proposal 3 type INTEG has 2 transforms | local proposal 3 type DH has 8 transforms | local proposal 3 type ESN has 0 transforms | local proposal 3 transforms: required: ENCR+PRF+INTEG+DH; optional: none | local proposal 4 type ENCR has 1 transforms | local proposal 4 type PRF has 2 transforms | local proposal 4 type INTEG has 2 transforms | local proposal 4 type DH has 8 transforms | local proposal 4 type ESN has 0 transforms | local proposal 4 transforms: required: ENCR+PRF+INTEG+DH; optional: none | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 100 (0x64) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 11 (0xb) | Comparing remote proposal 1 containing 11 transforms against local proposal [1..4] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 1 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 2 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 3 type 2 (PRF) transform 0 | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 4 type 2 (PRF) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0 | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0 | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 1 proposed transforms: ENCR+PRF+DH; matched: ENCR+PRF+DH; unmatched: none | comparing remote proposal 1 containing ENCR+PRF+DH transforms to local proposal 1; required: ENCR+PRF+DH; optional: INTEG; matched: ENCR+PRF+DH | remote proposal 1 matches local proposal 1 | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 100 (0x64) | prop #: 2 (0x2) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 11 (0xb) | Comparing remote proposal 2 containing 11 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 2 proposed transforms: ENCR+PRF+DH; matched: none; unmatched: ENCR+PRF+DH | remote proposal 2 does not match; unmatched remote transforms: ENCR+PRF+DH | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 116 (0x74) | prop #: 3 (0x3) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 13 (0xd) | Comparing remote proposal 3 containing 13 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 3 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH | remote proposal 3 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH | ****parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | length: 116 (0x74) | prop #: 4 (0x4) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 13 (0xd) | Comparing remote proposal 4 containing 13 transforms against local proposal [1..0] of 4 local proposals | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | ******parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_384 (0x14) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_ECP_521 (0x15) | *****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_CURVE25519 (0x1f) | remote proposal 4 proposed transforms: ENCR+PRF+INTEG+DH; matched: none; unmatched: ENCR+PRF+INTEG+DH | remote proposal 4 does not match; unmatched remote transforms: ENCR+PRF+INTEG+DH "westnet-eastnet-ipv4-psk-ikev2" #1: proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 | accepted IKE proposal ikev2_proposal: 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 | converting proposal to internal trans attrs | encryption ike_alg_lookup_by_id id: AES_GCM_C=20, found AES_GCM_16 | PRF ike_alg_lookup_by_id id: HMAC_SHA2_512=7, found HMAC_SHA2_512 | integrity ike_alg_lookup_by_id id: NONE=0, found NONE | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | DH public value received: | 03 18 ac 58 7f 45 4c 48 17 98 6e c7 91 ca e9 da | 30 49 c2 41 9f ab 84 05 f2 cf 22 3b 32 e9 12 ff | c1 64 99 0f ad 65 a6 79 25 67 47 5e e6 b3 b6 f8 | 2e 9d 8d c3 4c 07 cb 0b 14 6a e0 4f 44 79 ac 08 | 78 43 7c c2 24 e1 0f 12 88 8c 8f 89 10 73 07 58 | dd b4 ec a7 5c 43 82 a4 f4 2a cf b9 48 95 51 fa | 3f 87 43 0b 9e 7f da a2 39 9e 63 ad c0 6d 36 f8 | b8 84 1c bd 46 08 84 c4 c1 01 7a ca 99 f3 5a 11 | 57 ee fa 74 6d 2e e2 46 56 ff 3d a4 88 81 24 21 | 42 9c 11 56 c7 04 6c 61 9a b0 b4 6a 34 02 e7 78 | 12 eb 90 32 04 37 46 81 51 72 33 ba 1e 64 c0 e0 | 26 cd 45 be ef a6 fb bd 3d d6 44 5e e4 ea 73 99 | da 2b ca f7 bd 58 bb 86 0d ee 5a 13 fa 67 19 c7 | 8f 6d 1e e4 83 c2 2a ac fc 18 94 94 01 89 24 78 | 74 2e 4a da 55 b0 b7 a0 b3 d1 9b 81 b8 13 c5 7c | 43 36 8c f1 5f 9b af cd e7 58 8a c5 4e c4 01 a7 | natd_hash: rcookie is zero | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe4fb2a240 (length 8) | df a7 70 f9 33 7f d6 5d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe4fb2a248 (length 8) | 00 00 00 00 00 00 00 00 | NATD hash sha digest IP addr-bytes@0x7ffe4fb2a1d4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe4fb2a1c6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe4fb2a250 (length 20) | 8e a1 56 7e ac 7f 4b 62 92 0e 1d 36 c5 be 28 85 | 66 74 0b 2b | natd_hash: hasher=0x5588cbfc2800(20) | natd_hash: icookie= df a7 70 f9 33 7f d6 5d | natd_hash: rcookie= 00 00 00 00 00 00 00 00 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 8e a1 56 7e ac 7f 4b 62 92 0e 1d 36 c5 be 28 85 | natd_hash: hash= 66 74 0b 2b | natd_hash: rcookie is zero | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe4fb2a240 (length 8) | df a7 70 f9 33 7f d6 5d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe4fb2a248 (length 8) | 00 00 00 00 00 00 00 00 | NATD hash sha digest IP addr-bytes@0x7ffe4fb2a1d4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe4fb2a1c6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe4fb2a270 (length 20) | e1 5d 20 86 79 22 c1 ce 7d ba 60 f3 9b c0 f0 2a | e6 22 25 7b | natd_hash: hasher=0x5588cbfc2800(20) | natd_hash: icookie= df a7 70 f9 33 7f d6 5d | natd_hash: rcookie= 00 00 00 00 00 00 00 00 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= e1 5d 20 86 79 22 c1 ce 7d ba 60 f3 9b c0 f0 2a | natd_hash: hash= e6 22 25 7b | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.45 | adding ikev2_inI1outR1 KE work-order 1 for state #1 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5588cd729cc8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5588cd72dd38 size 128 | #1 spent 0.545 milliseconds in processing: Respond to IKE_SA_INIT in ikev2_process_state_packet() | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_SUSPEND | suspending state #1 and saving MD | #1 is busy; has a suspended MD | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269) | "westnet-eastnet-ipv4-psk-ikev2" #1 complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 | stop processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 0.862 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.87 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (ikev2_inI1outR1 KE); request ID 1 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7fb868003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7fb868003a28 | NSS: Public DH wire value: | a4 02 b5 e7 97 af a9 bb 9e e4 31 5a 81 3e 3d 35 | d0 c8 1d 54 c0 ca 70 8c 58 b5 29 93 b8 4c 01 2f | fe 98 dd 89 ea 56 a6 09 ec 7e 00 45 1f 80 f1 40 | 75 90 c4 90 93 0c ca 62 9f 03 f6 ff 81 a7 e0 5c | ef da c9 f1 6f 9f b8 a2 64 2c 6a e1 cb a7 92 14 | d4 9b cc 91 d3 fd 3f 6d 19 56 e7 3e 04 1b c6 89 | d4 f7 3d c2 55 b9 7b 01 45 4a 6a 0b a7 91 67 14 | b5 7a f8 7c 4e ec e3 7c 83 c4 c9 be 4a 0c fe cf | 07 73 e8 e2 94 2a 74 43 7c 97 1c 2b ed 62 dc 71 | f9 6a a4 a2 8d 00 b4 c1 ca 3c ec 01 39 81 ce 2e | 75 d3 be c9 34 8c 52 41 d5 af ea fe 97 a4 21 85 | 5c a6 af ab 12 e8 05 6c 28 fb 41 5f 45 1f 86 7c | 27 5d d6 be e5 92 f5 80 64 a1 70 6e ca d7 2d e0 | 6a b8 fe 6c 57 71 1c a8 3d b7 86 14 75 1c 59 29 | d5 f3 2d 34 6e 2a 6f f8 cb ca 35 54 ca 42 96 79 | 82 bf ca d5 cd c1 49 db 0b ed be ad dc cd 10 57 | Generated nonce: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | Generated nonce: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | crypto helper 0 finished build KE and nonce (ikev2_inI1outR1 KE); request ID 1 time elapsed 0.00062 seconds | (#1) spent 0.622 milliseconds in crypto helper computing work-order 1: ikev2_inI1outR1 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7fb868002888 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x5588cbeedb50 | ikev2_parent_inI1outR1_continue for #1: calculated ke+nonce, sending R1 | **emit ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 3c 23 d7 38 84 f0 63 b4 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | Emitting ikev2_proposal ... | ***emit IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' | ****emit IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_IKE (0x1) | spi size: 0 (0x0) | # transforms: 3 (0x3) | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | ******emit IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | emitting length of IKEv2 Transform Substructure Payload: 12 | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | IKEv2 transform type: TRANS_TYPE_PRF (0x2) | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7) | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | emitting length of IKEv2 Transform Substructure Payload: 8 | *****emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | IKEv2 transform type: TRANS_TYPE_DH (0x4) | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | emitting length of IKEv2 Transform Substructure Payload: 8 | emitting length of IKEv2 Proposal Substructure Payload: 36 | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 | emitting length of IKEv2 Security Association Payload: 40 | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7fb868003a28: transferring ownership from helper KE to state #1 | ***emit IKEv2 Key Exchange Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | DH group: OAKLEY_GROUP_MODP2048 (0xe) | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload | ikev2 g^x a4 02 b5 e7 97 af a9 bb 9e e4 31 5a 81 3e 3d 35 | ikev2 g^x d0 c8 1d 54 c0 ca 70 8c 58 b5 29 93 b8 4c 01 2f | ikev2 g^x fe 98 dd 89 ea 56 a6 09 ec 7e 00 45 1f 80 f1 40 | ikev2 g^x 75 90 c4 90 93 0c ca 62 9f 03 f6 ff 81 a7 e0 5c | ikev2 g^x ef da c9 f1 6f 9f b8 a2 64 2c 6a e1 cb a7 92 14 | ikev2 g^x d4 9b cc 91 d3 fd 3f 6d 19 56 e7 3e 04 1b c6 89 | ikev2 g^x d4 f7 3d c2 55 b9 7b 01 45 4a 6a 0b a7 91 67 14 | ikev2 g^x b5 7a f8 7c 4e ec e3 7c 83 c4 c9 be 4a 0c fe cf | ikev2 g^x 07 73 e8 e2 94 2a 74 43 7c 97 1c 2b ed 62 dc 71 | ikev2 g^x f9 6a a4 a2 8d 00 b4 c1 ca 3c ec 01 39 81 ce 2e | ikev2 g^x 75 d3 be c9 34 8c 52 41 d5 af ea fe 97 a4 21 85 | ikev2 g^x 5c a6 af ab 12 e8 05 6c 28 fb 41 5f 45 1f 86 7c | ikev2 g^x 27 5d d6 be e5 92 f5 80 64 a1 70 6e ca d7 2d e0 | ikev2 g^x 6a b8 fe 6c 57 71 1c a8 3d b7 86 14 75 1c 59 29 | ikev2 g^x d5 f3 2d 34 6e 2a 6f f8 cb ca 35 54 ca 42 96 79 | ikev2 g^x 82 bf ca d5 cd c1 49 db 0b ed be ad dc cd 10 57 | emitting length of IKEv2 Key Exchange Payload: 264 | ***emit IKEv2 Nonce Payload: | next payload type: ISAKMP_NEXT_v2N (0x29) | flags: none (0x0) | next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload | IKEv2 nonce 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | IKEv2 nonce d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | emitting length of IKEv2 Nonce Payload: 36 | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting length of IKEv2 Notify Payload: 8 | NAT-Traversal support [enabled] add v2N payloads. | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe4fb2a780 (length 8) | df a7 70 f9 33 7f d6 5d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe4fb2a788 (length 8) | 3c 23 d7 38 84 f0 63 b4 | NATD hash sha digest IP addr-bytes@0x7ffe4fb2a6b4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffe4fb2a6a6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe4fb2a730 (length 20) | f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | cd 14 c0 5a | natd_hash: hasher=0x5588cbfc2800(20) | natd_hash: icookie= df a7 70 f9 33 7f d6 5d | natd_hash: rcookie= 3c 23 d7 38 84 f0 63 b4 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | natd_hash: hash= cd 14 c0 5a | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload | Notify data f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | Notify data cd 14 c0 5a | emitting length of IKEv2 Notify Payload: 28 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffe4fb2a780 (length 8) | df a7 70 f9 33 7f d6 5d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffe4fb2a788 (length 8) | 3c 23 d7 38 84 f0 63 b4 | NATD hash sha digest IP addr-bytes@0x7ffe4fb2a6b4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffe4fb2a6a6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffe4fb2a730 (length 20) | f1 a0 d5 73 ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 | 54 4f 95 b6 | natd_hash: hasher=0x5588cbfc2800(20) | natd_hash: icookie= df a7 70 f9 33 7f d6 5d | natd_hash: rcookie= 3c 23 d7 38 84 f0 63 b4 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= f1 a0 d5 73 ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 | natd_hash: hash= 54 4f 95 b6 | Adding a v2N Payload | ***emit IKEv2 Notify Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | Protocol ID: PROTO_v2_RESERVED (0x0) | SPI size: 0 (0x0) | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload | Notify data f1 a0 d5 73 ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 | Notify data 54 4f 95 b6 | emitting length of IKEv2 Notify Payload: 28 | ***emit IKEv2 Vendor ID Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Vendor ID Payload (43:ISAKMP_NEXT_v2V) | next payload chain: saving location 'IKEv2 Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 19 raw bytes of Opportunistic IPsec into IKEv2 Vendor ID Payload | Opportunistic IPsec 4f 70 70 6f 72 74 75 6e 69 73 74 69 63 20 49 50 | Opportunistic IPsec 73 65 63 | emitting length of IKEv2 Vendor ID Payload: 23 | emitting length of ISAKMP Message: 455 | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_OK | IKEv2: transition from state STATE_PARENT_R0 to state STATE_PARENT_R1 | parent state #1: PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA) | Message ID: updating counters for #1 to 0 after switching state | Message ID: recv #1 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1->0 wip.initiator=-1 wip.responder=0->-1 | Message ID: sent #1 response 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1->0 responder.recv=0 wip.initiator=-1 wip.responder=-1 "westnet-eastnet-ipv4-psk-ikev2" #1: STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048} | sending V2 new request packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 455 bytes for STATE_PARENT_R0 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 21 20 22 20 00 00 00 00 00 00 01 c7 22 00 00 28 | 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08 | 04 00 00 0e 28 00 01 08 00 0e 00 00 a4 02 b5 e7 | 97 af a9 bb 9e e4 31 5a 81 3e 3d 35 d0 c8 1d 54 | c0 ca 70 8c 58 b5 29 93 b8 4c 01 2f fe 98 dd 89 | ea 56 a6 09 ec 7e 00 45 1f 80 f1 40 75 90 c4 90 | 93 0c ca 62 9f 03 f6 ff 81 a7 e0 5c ef da c9 f1 | 6f 9f b8 a2 64 2c 6a e1 cb a7 92 14 d4 9b cc 91 | d3 fd 3f 6d 19 56 e7 3e 04 1b c6 89 d4 f7 3d c2 | 55 b9 7b 01 45 4a 6a 0b a7 91 67 14 b5 7a f8 7c | 4e ec e3 7c 83 c4 c9 be 4a 0c fe cf 07 73 e8 e2 | 94 2a 74 43 7c 97 1c 2b ed 62 dc 71 f9 6a a4 a2 | 8d 00 b4 c1 ca 3c ec 01 39 81 ce 2e 75 d3 be c9 | 34 8c 52 41 d5 af ea fe 97 a4 21 85 5c a6 af ab | 12 e8 05 6c 28 fb 41 5f 45 1f 86 7c 27 5d d6 be | e5 92 f5 80 64 a1 70 6e ca d7 2d e0 6a b8 fe 6c | 57 71 1c a8 3d b7 86 14 75 1c 59 29 d5 f3 2d 34 | 6e 2a 6f f8 cb ca 35 54 ca 42 96 79 82 bf ca d5 | cd c1 49 db 0b ed be ad dc cd 10 57 29 00 00 24 | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | 29 00 00 08 00 00 40 2e 29 00 00 1c 00 00 40 04 | f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | cd 14 c0 5a 2b 00 00 1c 00 00 40 05 f1 a0 d5 73 | ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 54 4f 95 b6 | 00 00 00 17 4f 70 70 6f 72 74 75 6e 69 73 74 69 | 63 20 49 50 73 65 63 | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5588cd72dd38 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5588cd729cc8 | event_schedule: new EVENT_SO_DISCARD-pe@0x5588cd729cc8 | inserting event EVENT_SO_DISCARD, timeout in 200 seconds for #1 | libevent_malloc: new ptr-libevent@0x5588cd72ee48 size 128 | resume sending helper answer for #1 suppresed complete_v2_state_transition() | #1 spent 0.341 milliseconds in resume sending helper answer | stop processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7fb868002888 | spent 0.00221 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 357 bytes from 192.1.2.45:500 on eth1 (192.1.2.23:500) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 23 08 00 00 00 01 00 00 01 65 23 00 01 49 | b0 2a d5 47 f4 bd 48 5b 23 e9 48 44 c5 fe 76 c5 | 23 dc e2 0c 00 a5 61 f4 10 c1 96 88 92 07 8e 87 | 1b ee a0 88 0a 86 1f 36 06 e2 53 8d 10 9b a5 73 | 48 43 61 22 fc ff 81 b4 30 a1 09 00 03 d5 c5 75 | 19 82 6d fc e8 80 fd 4f a2 f8 41 7a 97 f7 77 d0 | 9c d9 fa ce 55 ec 25 d0 a1 72 a9 ee 80 6c e1 71 | 0b f7 2a ae f5 02 cb c4 89 70 ac bc 63 0e 44 48 | a3 3d cf 10 e5 d2 23 64 5c b8 c7 28 be 4d b3 bd | 99 82 a9 bf c3 1a 46 bf a1 25 06 ab 5e e8 0a 46 | 8f da 70 07 08 12 4e f5 71 81 85 f3 7c c8 74 7c | b0 90 a0 a6 68 0e 66 83 68 44 43 85 38 8a 07 55 | 6f 4e 1e c2 aa 90 90 18 37 1d 14 88 1d 9c d4 48 | 0a c8 fd 51 1d 28 9f 80 a7 4a f8 b6 d3 26 d1 43 | b7 8f 83 0c a8 8b 88 3b 73 da e4 7a aa 19 8d 07 | fc 4e e9 de 22 c7 ec e1 21 fa 4e e9 9a e8 50 ae | 3b 7b ad a1 8c 4d e3 64 67 d0 c5 d4 30 86 71 c4 | 83 ed d3 65 7c e7 a9 73 df 29 67 69 8e b8 89 91 | dc b6 bb 50 7f df 87 02 0c c2 bd c3 ce 0c a6 00 | b3 9d 47 02 d0 01 70 ba fa 6f db 0c a4 c3 5f c0 | 7a 78 6c 36 5c dc f2 17 b0 a0 d4 33 84 c4 9a cc | 8a 3e 96 34 3b | start processing: from 192.1.2.45:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 3c 23 d7 38 84 f0 63 b4 | next payload type: ISAKMP_NEXT_v2SK (0x2e) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) | Message ID: 1 (0x1) | length: 357 (0x165) | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request | State DB: found IKEv2 state #1 in PARENT_R1 (find_v2_ike_sa) | start processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2016) | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in ike_process_packet() at ikev2.c:2064) | #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 | Message ID: #1 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 | unpacking clear payload | Now let's proceed with payload (ISAKMP_NEXT_v2SK) | ***parse IKEv2 Encryption Payload: | next payload type: ISAKMP_NEXT_v2IDi (0x23) | flags: none (0x0) | length: 329 (0x149) | processing payload: ISAKMP_NEXT_v2SK (len=325) | Message ID: start-responder #1 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=-1->1 | #1 in state PARENT_R1: received v2I1, sent v2R1 | selected state microcode Responder: process IKE_AUTH request (no SKEYSEED) | Now let's proceed with state specific processing | calling processor Responder: process IKE_AUTH request (no SKEYSEED) | ikev2 parent inI2outR2: calculating g^{xy} in order to decrypt I2 | offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_512 integ=NONE cipherkey=AES_GCM_16 | start_dh_v2: reference skey_d_old-key@NULL | DH secret MODP2048@0x7fb868003a28: transferring ownership from state #1 to helper IKEv2 DH | adding ikev2_inI2outR2 KE work-order 2 for state #1 | state #1 requesting EVENT_SO_DISCARD to be deleted | libevent_free: release ptr-libevent@0x5588cd72ee48 | free_event_entry: release EVENT_SO_DISCARD-pe@0x5588cd729cc8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5588cd729cc8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x7fb868002888 size 128 | #1 spent 0.0226 milliseconds in processing: Responder: process IKE_AUTH request (no SKEYSEED) in ikev2_process_state_packet() | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #1 complete_v2_state_transition() PARENT_R1->PARENT_R1 with status STF_SUSPEND | suspending state #1 and saving MD | #1 is busy; has a suspended MD | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in log_stf_suspend() at ikev2.c:3269) | "westnet-eastnet-ipv4-psk-ikev2" #1 complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 | stop processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in ikev2_process_packet() at ikev2.c:2018) | #1 spent 0.148 milliseconds in ikev2_process_packet() | stop processing: from 192.1.2.45:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.155 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 2 for state #1 | crypto helper 1 doing compute dh (V2) (ikev2_inI2outR2 KE); request ID 2 | peer's g: 03 18 ac 58 7f 45 4c 48 17 98 6e c7 91 ca e9 da | peer's g: 30 49 c2 41 9f ab 84 05 f2 cf 22 3b 32 e9 12 ff | peer's g: c1 64 99 0f ad 65 a6 79 25 67 47 5e e6 b3 b6 f8 | peer's g: 2e 9d 8d c3 4c 07 cb 0b 14 6a e0 4f 44 79 ac 08 | peer's g: 78 43 7c c2 24 e1 0f 12 88 8c 8f 89 10 73 07 58 | peer's g: dd b4 ec a7 5c 43 82 a4 f4 2a cf b9 48 95 51 fa | peer's g: 3f 87 43 0b 9e 7f da a2 39 9e 63 ad c0 6d 36 f8 | peer's g: b8 84 1c bd 46 08 84 c4 c1 01 7a ca 99 f3 5a 11 | peer's g: 57 ee fa 74 6d 2e e2 46 56 ff 3d a4 88 81 24 21 | peer's g: 42 9c 11 56 c7 04 6c 61 9a b0 b4 6a 34 02 e7 78 | peer's g: 12 eb 90 32 04 37 46 81 51 72 33 ba 1e 64 c0 e0 | peer's g: 26 cd 45 be ef a6 fb bd 3d d6 44 5e e4 ea 73 99 | peer's g: da 2b ca f7 bd 58 bb 86 0d ee 5a 13 fa 67 19 c7 | peer's g: 8f 6d 1e e4 83 c2 2a ac fc 18 94 94 01 89 24 78 | peer's g: 74 2e 4a da 55 b0 b7 a0 b3 d1 9b 81 b8 13 c5 7c | peer's g: 43 36 8c f1 5f 9b af cd e7 58 8a c5 4e c4 01 a7 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5588cd716110 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7fb868003a28: computed shared DH secret key@0x5588cd716110 | dh-shared : g^ir-key@0x5588cd716110 (256-bytes, CONCATENATE_DATA_AND_BASE) | NSS: Started key computation | calculating skeyseed using prf=sha2_512 integ=none cipherkey-size=32 salt-size=4 | SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 init Ni | Nr-chunk@0x7fb860001f18 (length 64) | 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb8713936e0 | result: Ni | Nr-key@0x5588cd712c00 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd712c00 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713936c8 | result: Ni | Nr-key@0x5588cd7146b0 (64-bytes, SHA512_HMAC) | Ni | Nr: release tmp-key@0x5588cd712c00 | SKEYSEED = prf(Ni | Nr, g^ir) prf: created sha2_512 context 0x7fb860002fa0 from Ni | Nr-key@0x5588cd7146b0 | SKEYSEED = prf(Ni | Nr, g^ir) prf: begin sha2_512 with context 0x7fb860002fa0 from Ni | Nr-key@0x5588cd7146b0 | SKEYSEED = prf(Ni | Nr, g^ir): release clone-key@0x5588cd7146b0 | SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 crypt-prf@0x7fb860003c48 | SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 update g^ir-key@0x5588cd716110 (size 256) | SKEYSEED = prf(Ni | Nr, g^ir): g^ir-key@0x5588cd716110 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5588cd716110 | nss hmac digest hack: symkey-key@0x5588cd716110 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-873033534: 82 91 af 06 be 31 2e ff 00 62 5b 3f 0f 12 11 dc b8 6c 0f 83 17 08 3f 58 7b 81 b3 7a 3c 1e fd b4 81 58 cb d8 6e c8 75 b9 b1 56 db 61 f6 1e d0 1e e3 db 80 35 18 dc bb 40 e8 d6 dc 8e 16 7a 69 d8 37 53 12 fa 66 f5 51 e7 43 a3 cc d2 52 5c 18 5b 89 ee 9c 44 66 0f 92 3d 93 0f 00 46 03 35 e9 c9 48 12 ad 41 33 06 b5 b2 f5 6c a1 be 4b 51 b8 67 1a 72 05 63 e8 83 b0 6c df bd e5 8b 04 68 dc 93 99 90 75 db 78 b2 b7 28 62 f1 f2 d1 6a b9 26 59 ac b8 c8 90 83 ed 9c 9e e7 63 70 30 53 49 94 64 22 11 4b c7 7f b8 74 0a c2 2a 86 bb fb c1 78 1d d2 9e 56 76 ea ca fd 69 1a f9 3b e4 89 7c cb b1 e6 d6 d4 77 54 81 8f bb 9a ee 31 d1 8b 83 16 d4 9c a2 14 46 99 49 97 e5 76 44 91 f5 69 84 47 0c 21 c8 ff 22 b2 c5 3b 8e 4a bf d1 ab eb 68 72 44 5b 77 8e 17 1d 08 31 05 d7 b0 1c 7d b9 e1 e4 2f | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 256 bytes at 0x7fb860004dd8 | unwrapped: dd 04 39 e3 29 0f 5b e5 dd d4 0d e8 35 bd 9a 52 | unwrapped: 62 ef 76 a1 ab fb b6 37 0f e3 36 6a fb 91 4c 4d | unwrapped: f6 d6 2a dc d5 da 03 6b 37 91 f5 d8 c7 07 3e e2 | unwrapped: ad b0 3c c3 fb ea e5 23 ab d3 94 fc 3c be ee 50 | unwrapped: ca 6c 11 bd c0 0e 7e 98 00 a4 15 e5 59 90 ba 7d | unwrapped: fd d2 a3 73 b1 89 b3 6a 61 bb a4 16 cb 47 66 ca | unwrapped: 5b 71 01 60 46 7c 93 3a 37 3c 25 91 3c 67 08 36 | unwrapped: 76 6b e0 af 2f b8 ce 5d 02 12 06 08 ad 3d e1 6b | unwrapped: 5e 98 b9 39 3a d9 cd 1d 3e 47 90 af f4 53 c9 e1 | unwrapped: 6a 29 39 26 c4 80 46 ad 0c 07 7c de 49 1c 72 a6 | unwrapped: 2e 7a 21 03 de cb 2d 82 38 83 5e da 80 48 4d ae | unwrapped: d7 8b 0c 4f ae 77 59 92 09 0c 57 0c e7 c3 0c 32 | unwrapped: 74 35 93 a6 4f 14 8e 0a e8 8e 05 39 f4 cc 4e 65 | unwrapped: d6 83 83 25 bd 5b 4d d9 8f 43 2c 99 9d 38 70 e9 | unwrapped: 1d 6b 1a 61 7d cc 8c 73 23 0e c1 19 bd 13 b8 d4 | unwrapped: f3 b0 6a a8 2f 95 8b 17 1d c6 b0 17 3d fb 95 fb | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393700 | result: final-key@0x5588cd712c00 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd712c00 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713936e8 | result: final-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd712c00 | SKEYSEED = prf(Ni | Nr, g^ir) PRF sha2_512 final-key@0x5588cd7146b0 (size 64) | SKEYSEED = prf(Ni | Nr, g^ir): key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393670 | result: data=Ni-key@0x5588cd70b800 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x5588cd70b800 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393658 | result: data=Ni-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | data=Ni: release tmp-key@0x5588cd70b800 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd712c00 (32-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fb871393660 | result: data+=Nr-key@0x5588cd70b800 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd712c00 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70b800 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fb871393660 | result: data+=SPIi-key@0x5588cd712c00 (72-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd70b800 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd712c00 (72-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7fb871393660 | result: data+=SPIr-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5588cd712c00 | prf+0 PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+0: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393588 | result: clone-key@0x5588cd712c00 (64-bytes, SHA512_HMAC) | prf+0 prf: created sha2_512 context 0x7fb860001ef0 from key-key@0x5588cd712c00 | prf+0 prf: begin sha2_512 with context 0x7fb860001ef0 from key-key@0x5588cd712c00 | prf+0: release clone-key@0x5588cd712c00 | prf+0 PRF sha2_512 crypt-prf@0x7fb860003c48 | prf+0 PRF sha2_512 update seed-key@0x5588cd70b800 (size 80) | prf+0: seed-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 80 bytes of key@0x5588cd70b800 | nss hmac digest hack: symkey-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (80-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 80 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae a7 11 ee 6e 15 72 9b 4c 7c 3b ba 72 d6 87 4a 8c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 80 bytes at 0x7fb860006b08 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | unwrapped: df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | prf+0 PRF sha2_512 update 1++-byte@0x1 (1) | 01 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393590 | result: final-key@0x5588cd7164f0 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd7164f0 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393578 | result: final-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd7164f0 | prf+0 PRF sha2_512 final-key@0x5588cd712c00 (size 64) | prf+0: key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | prfplus: reference old_t[1]-key@0x5588cd712c00 | prf+N PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+N: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393588 | result: clone-key@0x5588cd7164f0 (64-bytes, SHA512_HMAC) | prf+N prf: created sha2_512 context 0x7fb860002fa0 from key-key@0x5588cd7164f0 | prf+N prf: begin sha2_512 with context 0x7fb860002fa0 from key-key@0x5588cd7164f0 | prf+N: release clone-key@0x5588cd7164f0 | prf+N PRF sha2_512 crypt-prf@0x7fb8600020b8 | prf+N PRF sha2_512 update old_t-key@0x5588cd712c00 (size 64) | prf+N: old_t-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd712c00 | nss hmac digest hack: symkey-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872938912: c2 c8 40 b7 fe 64 ca 3f ed b3 b7 23 31 3d 91 d9 ea 5f 75 1b 8f 45 b0 54 ca 64 fa c9 f0 e3 b0 32 fc 9c b5 2d ce 3c b7 e2 a6 ae e7 0f 39 f4 00 6c 98 20 1b be 62 17 2a 81 c9 cb 0f cc cb 27 ce 4c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x7fb860008718 | unwrapped: 87 17 25 78 f3 fd a8 45 05 41 cc 1b fb 6a 0c 7e | unwrapped: 2e a3 39 fc 6c 96 0a 03 08 ad b7 2c 38 31 25 60 | unwrapped: 16 a3 9f 85 58 c8 f7 ae 57 98 3d dc 02 73 43 79 | unwrapped: d7 ed 84 44 e1 58 4a 43 44 07 ef ac f5 2f 9f da | prf+N PRF sha2_512 update seed-key@0x5588cd70b800 (size 80) | prf+N: seed-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 80 bytes of key@0x5588cd70b800 | nss hmac digest hack: symkey-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (80-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 80 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae a7 11 ee 6e 15 72 9b 4c 7c 3b ba 72 d6 87 4a 8c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 80 bytes at 0x7fb860006a88 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | unwrapped: df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | prf+N PRF sha2_512 update N++-byte@0x2 (2) | 02 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393590 | result: final-key@0x5588cd70d080 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd70d080 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393578 | result: final-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd70d080 | prf+N PRF sha2_512 final-key@0x5588cd7164f0 (size 64) | prf+N: key-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7fb871393608 | result: result-key@0x5588cd70d080 (128-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x5588cd712c00 | prfplus: release old_t[N]-key@0x5588cd712c00 | prf+N PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+N: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393588 | result: clone-key@0x5588cd712c00 (64-bytes, SHA512_HMAC) | prf+N prf: created sha2_512 context 0x7fb8600086f0 from key-key@0x5588cd712c00 | prf+N prf: begin sha2_512 with context 0x7fb8600086f0 from key-key@0x5588cd712c00 | prf+N: release clone-key@0x5588cd712c00 | prf+N PRF sha2_512 crypt-prf@0x7fb8600020b8 | prf+N PRF sha2_512 update old_t-key@0x5588cd7164f0 (size 64) | prf+N: old_t-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd7164f0 | nss hmac digest hack: symkey-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872938912: c6 35 74 bd 75 8b b3 07 bd d4 44 4e 40 17 2a 44 6f 1f 9d 06 8c c9 f9 d9 dc f6 0c f5 f2 bf f4 a3 19 9c 98 62 41 8f ae ed da 3e 02 79 e8 5f 03 70 e8 7a 52 c0 a9 23 8e 19 f7 21 61 da f6 2b 11 a5 | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x7fb860001f18 | unwrapped: dc bb a9 b7 20 98 5b ce 7e a3 4e 09 cb 6b 7c 4a | unwrapped: aa 0b 15 7d db 3f 9b 7d ec 51 fa d8 82 41 f8 26 | unwrapped: 40 0a 15 48 e9 e9 b5 de 50 b1 60 04 db 7a 3f 26 | unwrapped: 24 10 37 8d b8 ca 9d a0 f6 7c 3b c3 29 dc b0 96 | prf+N PRF sha2_512 update seed-key@0x5588cd70b800 (size 80) | prf+N: seed-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 80 bytes of key@0x5588cd70b800 | nss hmac digest hack: symkey-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (80-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 80 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae a7 11 ee 6e 15 72 9b 4c 7c 3b ba 72 d6 87 4a 8c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 80 bytes at 0x7fb860006b08 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | unwrapped: df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | prf+N PRF sha2_512 update N++-byte@0x3 (3) | 03 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393590 | result: final-key@0x7fb860008c40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x7fb860008c40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393578 | result: final-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x7fb860008c40 | prf+N PRF sha2_512 final-key@0x5588cd712c00 (size 64) | prf+N: key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70d080 (128-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7fb871393608 | result: result-key@0x7fb860008c40 (192-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x5588cd70d080 | prfplus: release old_t[N]-key@0x5588cd7164f0 | prf+N PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+N: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393588 | result: clone-key@0x5588cd7164f0 (64-bytes, SHA512_HMAC) | prf+N prf: created sha2_512 context 0x7fb860001ef0 from key-key@0x5588cd7164f0 | prf+N prf: begin sha2_512 with context 0x7fb860001ef0 from key-key@0x5588cd7164f0 | prf+N: release clone-key@0x5588cd7164f0 | prf+N PRF sha2_512 crypt-prf@0x7fb8600020b8 | prf+N PRF sha2_512 update old_t-key@0x5588cd712c00 (size 64) | prf+N: old_t-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd712c00 | nss hmac digest hack: symkey-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872938912: b1 fd d5 5b f6 14 18 14 f6 36 95 55 6c 3d 5d 61 de 38 26 e9 aa cf 3c d9 84 18 af 70 9b e2 50 a3 8e 0b 2d 37 29 6e 92 aa 7f aa e7 d3 7d 84 17 07 c9 c3 9b 91 f8 89 1a 36 1e 56 0c bd c5 08 ab bf | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x7fb860002fc8 | unwrapped: 77 e7 76 87 36 22 f4 2b d2 8e 76 e7 cd b3 25 74 | unwrapped: 41 eb 34 2f ef 0e 6a 32 62 e5 cf 1d 3d 59 fa 38 | unwrapped: c6 c0 e8 9d 5c c6 dd 58 12 d0 93 09 f9 69 47 00 | unwrapped: 30 92 34 c1 3d a9 b0 10 cf 99 42 7b b2 6c 59 59 | prf+N PRF sha2_512 update seed-key@0x5588cd70b800 (size 80) | prf+N: seed-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 80 bytes of key@0x5588cd70b800 | nss hmac digest hack: symkey-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (80-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 80 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae a7 11 ee 6e 15 72 9b 4c 7c 3b ba 72 d6 87 4a 8c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 80 bytes at 0x7fb860006a88 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | unwrapped: df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | prf+N PRF sha2_512 update N++-byte@0x4 (4) | 04 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393590 | result: final-key@0x5588cd70d080 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd70d080 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393578 | result: final-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd70d080 | prf+N PRF sha2_512 final-key@0x5588cd7164f0 (size 64) | prf+N: key-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x7fb860008c40 (192-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7fb871393608 | result: result-key@0x5588cd70d080 (256-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x7fb860008c40 | prfplus: release old_t[N]-key@0x5588cd712c00 | prf+N PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+N: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393588 | result: clone-key@0x5588cd712c00 (64-bytes, SHA512_HMAC) | prf+N prf: created sha2_512 context 0x7fb860002fa0 from key-key@0x5588cd712c00 | prf+N prf: begin sha2_512 with context 0x7fb860002fa0 from key-key@0x5588cd712c00 | prf+N: release clone-key@0x5588cd712c00 | prf+N PRF sha2_512 crypt-prf@0x7fb8600020b8 | prf+N PRF sha2_512 update old_t-key@0x5588cd7164f0 (size 64) | prf+N: old_t-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd7164f0 | nss hmac digest hack: symkey-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872938912: d3 a2 4f 58 64 8c 6f 8e c3 be 32 5d 88 ab 56 39 64 a2 f9 3e 8c 51 60 42 9f 57 dc 9c 7d 4b a7 af 45 2f cd 94 9b ce fa 46 c1 6b 83 25 dc a7 ba 56 e2 55 4f 85 75 36 0e 55 e5 30 5f 2a e5 c7 5d ff | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x7fb860008718 | unwrapped: bd e8 e4 89 ec f4 53 48 ad 2a ee 62 76 3f 56 6a | unwrapped: a0 4f 33 0b df 62 d7 07 5d e9 51 7b e2 b9 b4 8b | unwrapped: 95 06 e2 31 93 7e 30 1d 9c e6 0b 68 19 29 4c c2 | unwrapped: 9d 94 21 07 98 8f ca ad ba b7 32 a7 cd 8f e7 7e | prf+N PRF sha2_512 update seed-key@0x5588cd70b800 (size 80) | prf+N: seed-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 80 bytes of key@0x5588cd70b800 | nss hmac digest hack: symkey-key@0x5588cd70b800 (80-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (80-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 80 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae a7 11 ee 6e 15 72 9b 4c 7c 3b ba 72 d6 87 4a 8c | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 80 bytes at 0x7fb860006b08 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | unwrapped: df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | prf+N PRF sha2_512 update N++-byte@0x5 (5) | 05 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7fb871393590 | result: final-key@0x7fb860008c40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x7fb860008c40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb871393578 | result: final-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x7fb860008c40 | prf+N PRF sha2_512 final-key@0x5588cd712c00 (size 64) | prf+N: key-key@0x5588cd712c00 (64-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd70d080 (256-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7fb871393608 | result: result-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x5588cd70d080 | prfplus: release old_t[N]-key@0x5588cd7164f0 | prfplus: release old_t[final]-key@0x5588cd712c00 | ike_sa_keymat: release data-key@0x5588cd70b800 | calc_skeyseed_v2: release skeyseed_k-key@0x5588cd7146b0 | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937a8 | result: result-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 64, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: SK_ei_k-key@0x5588cd70b800 (32-bytes, AES_GCM) | key-offset: 96, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: result-key@0x5588cd712c00 (4-bytes, EXTRACT_KEY_FROM_KEY) | initiator salt extracting all 4 bytes of key@0x5588cd712c00 | initiator salt: symkey-key@0x5588cd712c00 (4-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | initiator salt: new slot-key@0x5588cd70f920 (4-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)1069528000: c2 1d 9d 37 b0 f9 5b d5 18 51 d5 18 59 a4 ec 9a | initiator salt: release slot-key-key@0x5588cd70f920 | initiator salt extracted len 16 bytes at 0x7fb860008788 | unwrapped: 40 0a 15 48 00 00 00 00 00 00 00 00 00 00 00 00 | calc_skeyseed_v2: release initiator-salt-key-key@0x5588cd712c00 | key-offset: 100, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: SK_er_k-key@0x5588cd712c00 (32-bytes, AES_GCM) | key-offset: 132, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: result-key@0x5588cd7164f0 (4-bytes, EXTRACT_KEY_FROM_KEY) | responder salt extracting all 4 bytes of key@0x5588cd7164f0 | responder salt: symkey-key@0x5588cd7164f0 (4-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | responder salt: new slot-key@0x5588cd70f920 (4-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)1069528000: c3 49 27 84 01 11 f5 7b 90 f3 af be b9 cd 0e 4a | responder salt: release slot-key-key@0x5588cd70f920 | responder salt extracted len 16 bytes at 0x7fb86000a918 | unwrapped: 36 22 f4 2b 00 00 00 00 00 00 00 00 00 00 00 00 | calc_skeyseed_v2: release responder-salt-key-key@0x5588cd7164f0 | key-offset: 136, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: result-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | chunk_SK_pi extracting all 64 bytes of key@0x5588cd7164f0 | chunk_SK_pi: symkey-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | chunk_SK_pi: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)1069528000: 15 35 5c 5c 71 c3 2e e0 17 e6 44 8d 84 42 39 36 64 60 69 c5 04 a5 0b 5a 39 d9 09 2b b0 8d e6 82 13 27 64 31 23 6d 97 40 3b 0e ef 3d 0a 1f ef 3f 84 90 b0 77 74 e8 ef 97 75 ce 17 06 b4 c4 89 df | chunk_SK_pi: release slot-key-key@0x5588cd70f920 | chunk_SK_pi extracted len 64 bytes at 0x7fb860002fc8 | unwrapped: d2 8e 76 e7 cd b3 25 74 41 eb 34 2f ef 0e 6a 32 | unwrapped: 62 e5 cf 1d 3d 59 fa 38 c6 c0 e8 9d 5c c6 dd 58 | unwrapped: 12 d0 93 09 f9 69 47 00 30 92 34 c1 3d a9 b0 10 | unwrapped: cf 99 42 7b b2 6c 59 59 bd e8 e4 89 ec f4 53 48 | key-offset: 200, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x7fb860008c40 (320-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7fb8713937b8 | result: result-key@0x5588cd70d080 (64-bytes, EXTRACT_KEY_FROM_KEY) | chunk_SK_pr extracting all 64 bytes of key@0x5588cd70d080 | chunk_SK_pr: symkey-key@0x5588cd70d080 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | chunk_SK_pr: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)1069528000: 02 14 f6 56 e5 11 c8 e3 cc 9a 5a a7 4d 7b 6b 36 fb 74 25 7e 57 5a f8 36 de d6 26 d3 7a c7 37 5e f0 7f ad fb f4 76 9f 8e 75 0f 3d 1c 7a b0 01 b2 67 31 08 1b 52 62 bb ef 69 5c e2 75 ee e8 65 33 | chunk_SK_pr: release slot-key-key@0x5588cd70f920 | chunk_SK_pr extracted len 64 bytes at 0x7fb860001f18 | unwrapped: ad 2a ee 62 76 3f 56 6a a0 4f 33 0b df 62 d7 07 | unwrapped: 5d e9 51 7b e2 b9 b4 8b 95 06 e2 31 93 7e 30 1d | unwrapped: 9c e6 0b 68 19 29 4c c2 9d 94 21 07 98 8f ca ad | unwrapped: ba b7 32 a7 cd 8f e7 7e ef 11 eb b3 18 f7 84 56 | NSS ikev2: finished computing individual keys for IKEv2 SA | calc_skeyseed_v2: release finalkey-key@0x7fb860008c40 | calc_skeyseed_v2 pointers: shared-key@0x5588cd716110, SK_d-key@0x5588cd7146b0, SK_ai-key@(nil), SK_ar-key@(nil), SK_ei-key@0x5588cd70b800, SK_er-key@0x5588cd712c00, SK_pi-key@0x5588cd7164f0, SK_pr-key@0x5588cd70d080 | calc_skeyseed_v2 initiator salt | 40 0a 15 48 | calc_skeyseed_v2 responder salt | 36 22 f4 2b | calc_skeyseed_v2 SK_pi | d2 8e 76 e7 cd b3 25 74 41 eb 34 2f ef 0e 6a 32 | 62 e5 cf 1d 3d 59 fa 38 c6 c0 e8 9d 5c c6 dd 58 | 12 d0 93 09 f9 69 47 00 30 92 34 c1 3d a9 b0 10 | cf 99 42 7b b2 6c 59 59 bd e8 e4 89 ec f4 53 48 | calc_skeyseed_v2 SK_pr | ad 2a ee 62 76 3f 56 6a a0 4f 33 0b df 62 d7 07 | 5d e9 51 7b e2 b9 b4 8b 95 06 e2 31 93 7e 30 1d | 9c e6 0b 68 19 29 4c c2 9d 94 21 07 98 8f ca ad | ba b7 32 a7 cd 8f e7 7e ef 11 eb b3 18 f7 84 56 | crypto helper 1 finished compute dh (V2) (ikev2_inI2outR2 KE); request ID 2 time elapsed 0.001838 seconds | (#1) spent 1.83 milliseconds in crypto helper computing work-order 2: ikev2_inI2outR2 KE (pcr) | crypto helper 1 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7fb860000f48 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 2 | calling continuation function 0x5588cbeedb50 | ikev2_parent_inI2outR2_continue for #1: calculating g^{xy}, sending R2 | DH secret MODP2048@0x7fb868003a28: transferring ownership from helper IKEv2 DH to state #1 | finish_dh_v2: release st_shared_nss-key@NULL | #1 in state PARENT_R1: received v2I1, sent v2R1 | Salt before authenticated decryption: | 40 0a 15 48 | IV before authenticated decryption: | b0 2a d5 47 f4 bd 48 5b | AAD before authenticated decryption: | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 23 08 00 00 00 01 00 00 01 65 23 00 01 49 | data before authenticated decryption: | 23 e9 48 44 c5 fe 76 c5 23 dc e2 0c 00 a5 61 f4 | 10 c1 96 88 92 07 8e 87 1b ee a0 88 0a 86 1f 36 | 06 e2 53 8d 10 9b a5 73 48 43 61 22 fc ff 81 b4 | 30 a1 09 00 03 d5 c5 75 19 82 6d fc e8 80 fd 4f | a2 f8 41 7a 97 f7 77 d0 9c d9 fa ce 55 ec 25 d0 | a1 72 a9 ee 80 6c e1 71 0b f7 2a ae f5 02 cb c4 | 89 70 ac bc 63 0e 44 48 a3 3d cf 10 e5 d2 23 64 | 5c b8 c7 28 be 4d b3 bd 99 82 a9 bf c3 1a 46 bf | a1 25 06 ab 5e e8 0a 46 8f da 70 07 08 12 4e f5 | 71 81 85 f3 7c c8 74 7c b0 90 a0 a6 68 0e 66 83 | 68 44 43 85 38 8a 07 55 6f 4e 1e c2 aa 90 90 18 | 37 1d 14 88 1d 9c d4 48 0a c8 fd 51 1d 28 9f 80 | a7 4a f8 b6 d3 26 d1 43 b7 8f 83 0c a8 8b 88 3b | 73 da e4 7a aa 19 8d 07 fc 4e e9 de 22 c7 ec e1 | 21 fa 4e e9 9a e8 50 ae 3b 7b ad a1 8c 4d e3 64 | 67 d0 c5 d4 30 86 71 c4 83 ed d3 65 7c e7 a9 73 | df 29 67 69 8e b8 89 91 dc b6 bb 50 7f df 87 02 | 0c c2 bd c3 ce 0c a6 00 b3 9d 47 02 d0 01 70 ba | fa 6f db 0c a4 c3 5f c0 7a 78 6c 36 5c | integ before authenticated decryption: | dc f2 17 b0 a0 d4 33 84 c4 9a cc 8a 3e 96 34 3b | data after authenticated decryption: | 24 00 00 08 0d 00 00 00 27 00 00 08 0d 00 00 00 | 21 00 00 48 0d 00 00 00 7d 5f 8d 85 e7 1e d3 fd | 34 8a 1d 75 2c 4a 5f 60 f6 a3 f5 32 9e 98 42 e1 | 9d 44 62 80 1d 64 41 8a 90 1f bc 41 fd ee 6a 1d | ce ed 28 90 85 24 f8 ba dc 5c 48 f3 17 a5 45 3c | dc 15 c1 e4 44 28 f8 d9 2c 00 00 a4 02 00 00 20 | 01 03 04 02 c5 15 6c 7b 03 00 00 0c 01 00 00 14 | 80 0e 01 00 00 00 00 08 05 00 00 00 02 00 00 20 | 02 03 04 02 c5 15 6c 7b 03 00 00 0c 01 00 00 14 | 80 0e 00 80 00 00 00 08 05 00 00 00 02 00 00 30 | 03 03 04 04 c5 15 6c 7b 03 00 00 0c 01 00 00 0c | 80 0e 01 00 03 00 00 08 03 00 00 0e 03 00 00 08 | 03 00 00 0c 00 00 00 08 05 00 00 00 00 00 00 30 | 04 03 04 04 c5 15 6c 7b 03 00 00 0c 01 00 00 0c | 80 0e 00 80 03 00 00 08 03 00 00 0e 03 00 00 08 | 03 00 00 0c 00 00 00 08 05 00 00 00 2d 00 00 18 | 01 00 00 00 07 00 00 10 00 00 ff ff c0 00 01 00 | c0 00 01 ff 00 00 00 18 01 00 00 00 07 00 00 10 | 00 00 ff ff c0 00 02 00 c0 00 02 ff 00 dc f2 17 | b0 a0 d4 33 84 c4 9a cc 8a 3e 96 34 3b | stripping 1 octets as pad | #1 ikev2 ISAKMP_v2_IKE_AUTH decrypt success | Now let's proceed with payload (ISAKMP_NEXT_v2IDi) | **parse IKEv2 Identification - Initiator - Payload: | next payload type: ISAKMP_NEXT_v2IDr (0x24) | flags: none (0x0) | length: 8 (0x8) | ID type: ID_NULL (0xd) | processing payload: ISAKMP_NEXT_v2IDi (len=0) | Now let's proceed with payload (ISAKMP_NEXT_v2IDr) | **parse IKEv2 Identification - Responder - Payload: | next payload type: ISAKMP_NEXT_v2AUTH (0x27) | flags: none (0x0) | length: 8 (0x8) | ID type: ID_NULL (0xd) | processing payload: ISAKMP_NEXT_v2IDr (len=0) | Now let's proceed with payload (ISAKMP_NEXT_v2AUTH) | **parse IKEv2 Authentication Payload: | next payload type: ISAKMP_NEXT_v2SA (0x21) | flags: none (0x0) | length: 72 (0x48) | auth method: IKEv2_AUTH_NULL (0xd) | processing payload: ISAKMP_NEXT_v2AUTH (len=64) | Now let's proceed with payload (ISAKMP_NEXT_v2SA) | **parse IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) | flags: none (0x0) | length: 164 (0xa4) | processing payload: ISAKMP_NEXT_v2SA (len=160) | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) | **parse IKEv2 Traffic Selector - Initiator - Payload: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) | flags: none (0x0) | length: 24 (0x18) | number of TS: 1 (0x1) | processing payload: ISAKMP_NEXT_v2TSi (len=16) | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) | **parse IKEv2 Traffic Selector - Responder - Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | length: 24 (0x18) | number of TS: 1 (0x1) | processing payload: ISAKMP_NEXT_v2TSr (len=16) | selected state microcode Responder: process IKE_AUTH request | Now let's proceed with state specific processing | calling processor Responder: process IKE_AUTH request "westnet-eastnet-ipv4-psk-ikev2" #1: processing decrypted IKE_AUTH request: SK{IDi,IDr,AUTH,SA,TSi,TSr} | #1 updating local interface from 192.1.2.23:500 to 192.1.2.23:500 using md->iface (in update_ike_endpoints() at state.c:2669) | received IDr payload - extracting our alleged ID | no suitable connection for peer 'ID_NULL' | ID_NULL: id kind matches | Peer ID matches and no better connection found - continuing with existing connection | offered CA: '%none' "westnet-eastnet-ipv4-psk-ikev2" #1: IKEv2 mode peer ID is ID_NULL: 'ID_NULL' | hmac PRF sha2_512 init symkey-key@0x5588cd7164f0 (size 64) | hmac: symkey-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7164f0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29b58 | result: clone-key@0x7fb860008c40 (64-bytes, SHA512_HMAC) | hmac prf: created sha2_512 context 0x7fb868002b50 from symkey-key@0x7fb860008c40 | hmac prf: begin sha2_512 with context 0x7fb868002b50 from symkey-key@0x7fb860008c40 | hmac: release clone-key@0x7fb860008c40 | hmac PRF sha2_512 crypt-prf@0x5588cd72dd78 | idhash verify I2 0d 00 00 00 | hmac PRF sha2_512 update data-bytes@0x5588cd6fa264 (length 4) | 0d 00 00 00 | hmac PRF sha2_512 final-bytes@0x7ffe4fb29d00 (length 64) | 4c 7a 2a a3 02 af c1 d7 a1 91 06 24 b1 60 e7 8f | ef b9 8d a9 48 01 04 37 48 5a 35 a2 3a ac 93 14 | 58 f0 d9 80 b4 55 79 a1 42 c4 22 bb 5f 90 1b fc | 62 1d 03 2d f5 73 e0 2c af 73 12 09 9c 5f a6 38 | verifying AUTH payload | ikev2_calculate_psk_sighash() called from STATE_PARENT_R1 to verify PSK with authby=null | inputs to hash1 (first packet) | df a7 70 f9 33 7f d6 5d 00 00 00 00 00 00 00 00 | 21 20 22 08 00 00 00 00 00 00 03 53 22 00 01 b4 | 02 00 00 64 01 01 00 0b 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08 | 02 00 00 05 03 00 00 08 04 00 00 0e 03 00 00 08 | 04 00 00 0f 03 00 00 08 04 00 00 10 03 00 00 08 | 04 00 00 12 03 00 00 08 04 00 00 13 03 00 00 08 | 04 00 00 14 03 00 00 08 04 00 00 15 00 00 00 08 | 04 00 00 1f 02 00 00 64 02 01 00 0b 03 00 00 0c | 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07 | 03 00 00 08 02 00 00 05 03 00 00 08 04 00 00 0e | 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10 | 03 00 00 08 04 00 00 12 03 00 00 08 04 00 00 13 | 03 00 00 08 04 00 00 14 03 00 00 08 04 00 00 15 | 00 00 00 08 04 00 00 1f 02 00 00 74 03 01 00 0d | 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 | 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08 | 03 00 00 0e 03 00 00 08 03 00 00 0c 03 00 00 08 | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08 | 04 00 00 10 03 00 00 08 04 00 00 12 03 00 00 08 | 04 00 00 13 03 00 00 08 04 00 00 14 03 00 00 08 | 04 00 00 15 00 00 00 08 04 00 00 1f 00 00 00 74 | 04 01 00 0d 03 00 00 0c 01 00 00 0c 80 0e 00 80 | 03 00 00 08 02 00 00 07 03 00 00 08 02 00 00 05 | 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c | 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f | 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12 | 03 00 00 08 04 00 00 13 03 00 00 08 04 00 00 14 | 03 00 00 08 04 00 00 15 00 00 00 08 04 00 00 1f | 28 00 01 08 00 0e 00 00 03 18 ac 58 7f 45 4c 48 | 17 98 6e c7 91 ca e9 da 30 49 c2 41 9f ab 84 05 | f2 cf 22 3b 32 e9 12 ff c1 64 99 0f ad 65 a6 79 | 25 67 47 5e e6 b3 b6 f8 2e 9d 8d c3 4c 07 cb 0b | 14 6a e0 4f 44 79 ac 08 78 43 7c c2 24 e1 0f 12 | 88 8c 8f 89 10 73 07 58 dd b4 ec a7 5c 43 82 a4 | f4 2a cf b9 48 95 51 fa 3f 87 43 0b 9e 7f da a2 | 39 9e 63 ad c0 6d 36 f8 b8 84 1c bd 46 08 84 c4 | c1 01 7a ca 99 f3 5a 11 57 ee fa 74 6d 2e e2 46 | 56 ff 3d a4 88 81 24 21 42 9c 11 56 c7 04 6c 61 | 9a b0 b4 6a 34 02 e7 78 12 eb 90 32 04 37 46 81 | 51 72 33 ba 1e 64 c0 e0 26 cd 45 be ef a6 fb bd | 3d d6 44 5e e4 ea 73 99 da 2b ca f7 bd 58 bb 86 | 0d ee 5a 13 fa 67 19 c7 8f 6d 1e e4 83 c2 2a ac | fc 18 94 94 01 89 24 78 74 2e 4a da 55 b0 b7 a0 | b3 d1 9b 81 b8 13 c5 7c 43 36 8c f1 5f 9b af cd | e7 58 8a c5 4e c4 01 a7 29 00 00 24 81 f1 aa 07 | 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 ab 2c 6e c0 | 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea 29 00 00 08 | 00 00 40 2e 29 00 00 1c 00 00 40 04 e1 5d 20 86 | 79 22 c1 ce 7d ba 60 f3 9b c0 f0 2a e6 22 25 7b | 2b 00 00 1c 00 00 40 05 8e a1 56 7e ac 7f 4b 62 | 92 0e 1d 36 c5 be 28 85 66 74 0b 2b 00 00 00 17 | 4f 70 70 6f 72 74 75 6e 69 73 74 69 63 20 49 50 | 73 65 63 | verify: initiator inputs to hash2 (responder nonce) | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | idhash 4c 7a 2a a3 02 af c1 d7 a1 91 06 24 b1 60 e7 8f | idhash ef b9 8d a9 48 01 04 37 48 5a 35 a2 3a ac 93 14 | idhash 58 f0 d9 80 b4 55 79 a1 42 c4 22 bb 5f 90 1b fc | idhash 62 1d 03 2d f5 73 e0 2c af 73 12 09 9c 5f a6 38 | = prf(,"Key Pad for IKEv2") PRF sha2_512 init shared secret-chunk@0x7fb860002fc8 (length 64) | d2 8e 76 e7 cd b3 25 74 41 eb 34 2f ef 0e 6a 32 | 62 e5 cf 1d 3d 59 fa 38 c6 c0 e8 9d 5c c6 dd 58 | 12 d0 93 09 f9 69 47 00 30 92 34 c1 3d a9 b0 10 | cf 99 42 7b b2 6c 59 59 bd e8 e4 89 ec f4 53 48 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb29950 | result: shared secret-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29938 | result: shared secret-key@0x7fb860008c40 (64-bytes, SHA512_HMAC) | shared secret: release tmp-key@0x5588cd726f40 | = prf(,"Key Pad for IKEv2") prf: created sha2_512 context 0x7fb868002b50 from shared secret-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2") prf: begin sha2_512 with context 0x7fb868002b50 from shared secret-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2"): release clone-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2") PRF sha2_512 crypt-prf@0x5588cd72efa8 | = prf(,"Key Pad for IKEv2") PRF sha2_512 update Key Pad for IKEv2-bytes@0x5588cbf804d0 (length 17) | 4b 65 79 20 50 61 64 20 66 6f 72 20 49 4b 45 76 | 32 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb29970 | result: final-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29958 | result: final-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd726f40 | = prf(,"Key Pad for IKEv2") PRF sha2_512 final-key@0x7fb860008c40 (size 64) | = prf(,"Key Pad for IKEv2"): key-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | = prf(, ) PRF sha2_512 init -key@0x7fb860008c40 (size 64) | = prf(, ): -key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29968 | result: clone-key@0x5588cd726f40 (64-bytes, SHA512_HMAC) | = prf(, ) prf: created sha2_512 context 0x5588cd72de00 from -key@0x5588cd726f40 | = prf(, ) prf: begin sha2_512 with context 0x5588cd72de00 from -key@0x5588cd726f40 | = prf(, ): release clone-key@0x5588cd726f40 | = prf(, ) PRF sha2_512 crypt-prf@0x5588cd72de98 | = prf(, ) PRF sha2_512 update first-packet-bytes@0x5588cd72eab8 (length 851) | df a7 70 f9 33 7f d6 5d 00 00 00 00 00 00 00 00 | 21 20 22 08 00 00 00 00 00 00 03 53 22 00 01 b4 | 02 00 00 64 01 01 00 0b 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08 | 02 00 00 05 03 00 00 08 04 00 00 0e 03 00 00 08 | 04 00 00 0f 03 00 00 08 04 00 00 10 03 00 00 08 | 04 00 00 12 03 00 00 08 04 00 00 13 03 00 00 08 | 04 00 00 14 03 00 00 08 04 00 00 15 00 00 00 08 | 04 00 00 1f 02 00 00 64 02 01 00 0b 03 00 00 0c | 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07 | 03 00 00 08 02 00 00 05 03 00 00 08 04 00 00 0e | 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10 | 03 00 00 08 04 00 00 12 03 00 00 08 04 00 00 13 | 03 00 00 08 04 00 00 14 03 00 00 08 04 00 00 15 | 00 00 00 08 04 00 00 1f 02 00 00 74 03 01 00 0d | 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 | 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08 | 03 00 00 0e 03 00 00 08 03 00 00 0c 03 00 00 08 | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08 | 04 00 00 10 03 00 00 08 04 00 00 12 03 00 00 08 | 04 00 00 13 03 00 00 08 04 00 00 14 03 00 00 08 | 04 00 00 15 00 00 00 08 04 00 00 1f 00 00 00 74 | 04 01 00 0d 03 00 00 0c 01 00 00 0c 80 0e 00 80 | 03 00 00 08 02 00 00 07 03 00 00 08 02 00 00 05 | 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c | 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f | 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12 | 03 00 00 08 04 00 00 13 03 00 00 08 04 00 00 14 | 03 00 00 08 04 00 00 15 00 00 00 08 04 00 00 1f | 28 00 01 08 00 0e 00 00 03 18 ac 58 7f 45 4c 48 | 17 98 6e c7 91 ca e9 da 30 49 c2 41 9f ab 84 05 | f2 cf 22 3b 32 e9 12 ff c1 64 99 0f ad 65 a6 79 | 25 67 47 5e e6 b3 b6 f8 2e 9d 8d c3 4c 07 cb 0b | 14 6a e0 4f 44 79 ac 08 78 43 7c c2 24 e1 0f 12 | 88 8c 8f 89 10 73 07 58 dd b4 ec a7 5c 43 82 a4 | f4 2a cf b9 48 95 51 fa 3f 87 43 0b 9e 7f da a2 | 39 9e 63 ad c0 6d 36 f8 b8 84 1c bd 46 08 84 c4 | c1 01 7a ca 99 f3 5a 11 57 ee fa 74 6d 2e e2 46 | 56 ff 3d a4 88 81 24 21 42 9c 11 56 c7 04 6c 61 | 9a b0 b4 6a 34 02 e7 78 12 eb 90 32 04 37 46 81 | 51 72 33 ba 1e 64 c0 e0 26 cd 45 be ef a6 fb bd | 3d d6 44 5e e4 ea 73 99 da 2b ca f7 bd 58 bb 86 | 0d ee 5a 13 fa 67 19 c7 8f 6d 1e e4 83 c2 2a ac | fc 18 94 94 01 89 24 78 74 2e 4a da 55 b0 b7 a0 | b3 d1 9b 81 b8 13 c5 7c 43 36 8c f1 5f 9b af cd | e7 58 8a c5 4e c4 01 a7 29 00 00 24 81 f1 aa 07 | 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 ab 2c 6e c0 | 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea 29 00 00 08 | 00 00 40 2e 29 00 00 1c 00 00 40 04 e1 5d 20 86 | 79 22 c1 ce 7d ba 60 f3 9b c0 f0 2a e6 22 25 7b | 2b 00 00 1c 00 00 40 05 8e a1 56 7e ac 7f 4b 62 | 92 0e 1d 36 c5 be 28 85 66 74 0b 2b 00 00 00 17 | 4f 70 70 6f 72 74 75 6e 69 73 74 69 63 20 49 50 | 73 65 63 | = prf(, ) PRF sha2_512 update nonce-bytes@0x7fb868001278 (length 32) | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | = prf(, ) PRF sha2_512 update hash-bytes@0x7ffe4fb29d00 (length 64) | 4c 7a 2a a3 02 af c1 d7 a1 91 06 24 b1 60 e7 8f | ef b9 8d a9 48 01 04 37 48 5a 35 a2 3a ac 93 14 | 58 f0 d9 80 b4 55 79 a1 42 c4 22 bb 5f 90 1b fc | 62 1d 03 2d f5 73 e0 2c af 73 12 09 9c 5f a6 38 | = prf(, ) PRF sha2_512 final-chunk@0x7fb868002b78 (length 64) | 7d 5f 8d 85 e7 1e d3 fd 34 8a 1d 75 2c 4a 5f 60 | f6 a3 f5 32 9e 98 42 e1 9d 44 62 80 1d 64 41 8a | 90 1f bc 41 fd ee 6a 1d ce ed 28 90 85 24 f8 ba | dc 5c 48 f3 17 a5 45 3c dc 15 c1 e4 44 28 f8 d9 | psk_auth: release prf-psk-key@0x7fb860008c40 | Received PSK auth octets | 7d 5f 8d 85 e7 1e d3 fd 34 8a 1d 75 2c 4a 5f 60 | f6 a3 f5 32 9e 98 42 e1 9d 44 62 80 1d 64 41 8a | 90 1f bc 41 fd ee 6a 1d ce ed 28 90 85 24 f8 ba | dc 5c 48 f3 17 a5 45 3c dc 15 c1 e4 44 28 f8 d9 | Calculated PSK auth octets | 7d 5f 8d 85 e7 1e d3 fd 34 8a 1d 75 2c 4a 5f 60 | f6 a3 f5 32 9e 98 42 e1 9d 44 62 80 1d 64 41 8a | 90 1f bc 41 fd ee 6a 1d ce ed 28 90 85 24 f8 ba | dc 5c 48 f3 17 a5 45 3c dc 15 c1 e4 44 28 f8 d9 "westnet-eastnet-ipv4-psk-ikev2" #1: Authenticated using authby=null | parent state #1: PARENT_R1(half-open IKE SA) => PARENT_R2(established IKE SA) | #1 will start re-keying in 3330 seconds with margin of 270 seconds (attempting re-key) | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7fb868002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5588cd729cc8 | event_schedule: new EVENT_SA_REKEY-pe@0x5588cd729cc8 | inserting event EVENT_SA_REKEY, timeout in 3330 seconds for #1 | libevent_malloc: new ptr-libevent@0x5588cd72ee48 size 128 | pstats #1 ikev2.ike established | **emit ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 3c 23 d7 38 84 f0 63 b4 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_IKE_AUTH (0x23) | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) | Message ID: 1 (0x1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | IKEv2 CERT: send a certificate? | IKEv2 CERT: policy does not have RSASIG or ECDSA: AUTHNULL | ***emit IKEv2 Encryption Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet' | emitting 8 zero bytes of IV into IKEv2 Encryption Payload | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED | hmac PRF sha2_512 init symkey-key@0x5588cd70d080 (size 64) | hmac: symkey-key@0x5588cd70d080 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd70d080 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb294d8 | result: clone-key@0x7fb860008c40 (64-bytes, SHA512_HMAC) | hmac prf: created sha2_512 context 0x7fb868002b50 from symkey-key@0x7fb860008c40 | hmac prf: begin sha2_512 with context 0x7fb868002b50 from symkey-key@0x7fb860008c40 | hmac: release clone-key@0x7fb860008c40 | hmac PRF sha2_512 crypt-prf@0x5588cd72efa8 | ****emit IKEv2 Identification - Responder - Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | ID type: ID_NULL (0xd) | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr) | next payload chain: saving location 'IKEv2 Identification - Responder - Payload'.'next payload type' in 'reply packet' | emitting 0 raw bytes of my identity into IKEv2 Identification - Responder - Payload | my identity | emitting length of IKEv2 Identification - Responder - Payload: 8 | idhash calc R2 0d 00 00 00 | hmac PRF sha2_512 update data-bytes@0x5588cbfeb8ec (length 4) | 0d 00 00 00 | hmac PRF sha2_512 final-bytes@0x7ffe4fb297d0 (length 64) | 93 0f 04 69 ae 7d d7 a7 4a 1f e6 be 06 de a8 c2 | 67 80 85 f5 70 05 ea df f0 d4 32 c1 10 d8 4b b1 | 7a 22 90 4e 8d 3d db 03 d5 98 bb 6e dd b0 42 1e | bc b0 d9 b7 74 30 4e 8c 6b 69 d0 cb 14 1c 63 48 | assembled IDr payload | CHILD SA proposals received | going to assemble AUTH payload | ****emit IKEv2 Authentication Payload: | next payload type: ISAKMP_NEXT_v2SA (0x21) | flags: none (0x0) | auth method: IKEv2_AUTH_NULL (0xd) | next payload chain: ignoring supplied 'IKEv2 Authentication Payload'.'next payload type' value 33:ISAKMP_NEXT_v2SA | next payload chain: setting previous 'IKEv2 Identification - Responder - Payload'.'next payload type' to current IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH) | next payload chain: saving location 'IKEv2 Authentication Payload'.'next payload type' in 'reply packet' | ikev2_calculate_psk_sighash() called from STATE_PARENT_R2 to create PSK with authby=null | inputs to hash1 (first packet) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 21 20 22 20 00 00 00 00 00 00 01 c7 22 00 00 28 | 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08 | 04 00 00 0e 28 00 01 08 00 0e 00 00 a4 02 b5 e7 | 97 af a9 bb 9e e4 31 5a 81 3e 3d 35 d0 c8 1d 54 | c0 ca 70 8c 58 b5 29 93 b8 4c 01 2f fe 98 dd 89 | ea 56 a6 09 ec 7e 00 45 1f 80 f1 40 75 90 c4 90 | 93 0c ca 62 9f 03 f6 ff 81 a7 e0 5c ef da c9 f1 | 6f 9f b8 a2 64 2c 6a e1 cb a7 92 14 d4 9b cc 91 | d3 fd 3f 6d 19 56 e7 3e 04 1b c6 89 d4 f7 3d c2 | 55 b9 7b 01 45 4a 6a 0b a7 91 67 14 b5 7a f8 7c | 4e ec e3 7c 83 c4 c9 be 4a 0c fe cf 07 73 e8 e2 | 94 2a 74 43 7c 97 1c 2b ed 62 dc 71 f9 6a a4 a2 | 8d 00 b4 c1 ca 3c ec 01 39 81 ce 2e 75 d3 be c9 | 34 8c 52 41 d5 af ea fe 97 a4 21 85 5c a6 af ab | 12 e8 05 6c 28 fb 41 5f 45 1f 86 7c 27 5d d6 be | e5 92 f5 80 64 a1 70 6e ca d7 2d e0 6a b8 fe 6c | 57 71 1c a8 3d b7 86 14 75 1c 59 29 d5 f3 2d 34 | 6e 2a 6f f8 cb ca 35 54 ca 42 96 79 82 bf ca d5 | cd c1 49 db 0b ed be ad dc cd 10 57 29 00 00 24 | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | 29 00 00 08 00 00 40 2e 29 00 00 1c 00 00 40 04 | f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | cd 14 c0 5a 2b 00 00 1c 00 00 40 05 f1 a0 d5 73 | ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 54 4f 95 b6 | 00 00 00 17 4f 70 70 6f 72 74 75 6e 69 73 74 69 | 63 20 49 50 73 65 63 | create: responder inputs to hash2 (initiator nonce) | 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | idhash 93 0f 04 69 ae 7d d7 a7 4a 1f e6 be 06 de a8 c2 | idhash 67 80 85 f5 70 05 ea df f0 d4 32 c1 10 d8 4b b1 | idhash 7a 22 90 4e 8d 3d db 03 d5 98 bb 6e dd b0 42 1e | idhash bc b0 d9 b7 74 30 4e 8c 6b 69 d0 cb 14 1c 63 48 | = prf(,"Key Pad for IKEv2") PRF sha2_512 init shared secret-chunk@0x7fb860001f18 (length 64) | ad 2a ee 62 76 3f 56 6a a0 4f 33 0b df 62 d7 07 | 5d e9 51 7b e2 b9 b4 8b 95 06 e2 31 93 7e 30 1d | 9c e6 0b 68 19 29 4c c2 9d 94 21 07 98 8f ca ad | ba b7 32 a7 cd 8f e7 7e ef 11 eb b3 18 f7 84 56 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb292c0 | result: shared secret-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb292a8 | result: shared secret-key@0x7fb860008c40 (64-bytes, SHA512_HMAC) | shared secret: release tmp-key@0x5588cd726f40 | = prf(,"Key Pad for IKEv2") prf: created sha2_512 context 0x7fb868002b50 from shared secret-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2") prf: begin sha2_512 with context 0x7fb868002b50 from shared secret-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2"): release clone-key@0x7fb860008c40 | = prf(,"Key Pad for IKEv2") PRF sha2_512 crypt-prf@0x5588cd72de98 | = prf(,"Key Pad for IKEv2") PRF sha2_512 update Key Pad for IKEv2-bytes@0x5588cbf804d0 (length 17) | 4b 65 79 20 50 61 64 20 66 6f 72 20 49 4b 45 76 | 32 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb292e0 | result: final-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd726f40 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb292c8 | result: final-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd726f40 | = prf(,"Key Pad for IKEv2") PRF sha2_512 final-key@0x7fb860008c40 (size 64) | = prf(,"Key Pad for IKEv2"): key-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | = prf(, ) PRF sha2_512 init -key@0x7fb860008c40 (size 64) | = prf(, ): -key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb292d8 | result: clone-key@0x5588cd726f40 (64-bytes, SHA512_HMAC) | = prf(, ) prf: created sha2_512 context 0x5588cd72de00 from -key@0x5588cd726f40 | = prf(, ) prf: begin sha2_512 with context 0x5588cd72de00 from -key@0x5588cd726f40 | = prf(, ): release clone-key@0x5588cd726f40 | = prf(, ) PRF sha2_512 crypt-prf@0x5588cd72f6a8 | = prf(, ) PRF sha2_512 update first-packet-bytes@0x5588cd72f1f8 (length 455) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 21 20 22 20 00 00 00 00 00 00 01 c7 22 00 00 28 | 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14 | 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08 | 04 00 00 0e 28 00 01 08 00 0e 00 00 a4 02 b5 e7 | 97 af a9 bb 9e e4 31 5a 81 3e 3d 35 d0 c8 1d 54 | c0 ca 70 8c 58 b5 29 93 b8 4c 01 2f fe 98 dd 89 | ea 56 a6 09 ec 7e 00 45 1f 80 f1 40 75 90 c4 90 | 93 0c ca 62 9f 03 f6 ff 81 a7 e0 5c ef da c9 f1 | 6f 9f b8 a2 64 2c 6a e1 cb a7 92 14 d4 9b cc 91 | d3 fd 3f 6d 19 56 e7 3e 04 1b c6 89 d4 f7 3d c2 | 55 b9 7b 01 45 4a 6a 0b a7 91 67 14 b5 7a f8 7c | 4e ec e3 7c 83 c4 c9 be 4a 0c fe cf 07 73 e8 e2 | 94 2a 74 43 7c 97 1c 2b ed 62 dc 71 f9 6a a4 a2 | 8d 00 b4 c1 ca 3c ec 01 39 81 ce 2e 75 d3 be c9 | 34 8c 52 41 d5 af ea fe 97 a4 21 85 5c a6 af ab | 12 e8 05 6c 28 fb 41 5f 45 1f 86 7c 27 5d d6 be | e5 92 f5 80 64 a1 70 6e ca d7 2d e0 6a b8 fe 6c | 57 71 1c a8 3d b7 86 14 75 1c 59 29 d5 f3 2d 34 | 6e 2a 6f f8 cb ca 35 54 ca 42 96 79 82 bf ca d5 | cd c1 49 db 0b ed be ad dc cd 10 57 29 00 00 24 | 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | 29 00 00 08 00 00 40 2e 29 00 00 1c 00 00 40 04 | f3 da f4 bc 52 aa 50 28 eb a7 85 0e f9 2f 5b ec | cd 14 c0 5a 2b 00 00 1c 00 00 40 05 f1 a0 d5 73 | ba 7e 56 87 c1 f2 8b f9 f4 ba 38 46 54 4f 95 b6 | 00 00 00 17 4f 70 70 6f 72 74 75 6e 69 73 74 69 | 63 20 49 50 73 65 63 | = prf(, ) PRF sha2_512 update nonce-bytes@0x5588cd72b908 (length 32) | 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | = prf(, ) PRF sha2_512 update hash-bytes@0x7ffe4fb297d0 (length 64) | 93 0f 04 69 ae 7d d7 a7 4a 1f e6 be 06 de a8 c2 | 67 80 85 f5 70 05 ea df f0 d4 32 c1 10 d8 4b b1 | 7a 22 90 4e 8d 3d db 03 d5 98 bb 6e dd b0 42 1e | bc b0 d9 b7 74 30 4e 8c 6b 69 d0 cb 14 1c 63 48 | = prf(, ) PRF sha2_512 final-chunk@0x7fb868002b78 (length 64) | 65 28 4f 5f c6 f3 99 db 20 94 8d b7 57 80 d2 28 | c4 92 e7 85 94 e3 dc 95 4b e7 32 b8 1b fe f5 19 | a0 d2 d8 d1 a9 31 a0 c1 6d d4 51 9f bc d6 09 e5 | 92 5c fa 8c fa 51 4a 77 62 14 1f 07 d7 40 12 65 | psk_auth: release prf-psk-key@0x7fb860008c40 | PSK auth octets 65 28 4f 5f c6 f3 99 db 20 94 8d b7 57 80 d2 28 | PSK auth octets c4 92 e7 85 94 e3 dc 95 4b e7 32 b8 1b fe f5 19 | PSK auth octets a0 d2 d8 d1 a9 31 a0 c1 6d d4 51 9f bc d6 09 e5 | PSK auth octets 92 5c fa 8c fa 51 4a 77 62 14 1f 07 d7 40 12 65 | emitting 64 raw bytes of PSK auth into IKEv2 Authentication Payload | PSK auth 65 28 4f 5f c6 f3 99 db 20 94 8d b7 57 80 d2 28 | PSK auth c4 92 e7 85 94 e3 dc 95 4b e7 32 b8 1b fe f5 19 | PSK auth a0 d2 d8 d1 a9 31 a0 c1 6d d4 51 9f bc d6 09 e5 | PSK auth 92 5c fa 8c fa 51 4a 77 62 14 1f 07 d7 40 12 65 | emitting length of IKEv2 Authentication Payload: 72 | creating state object #2 at 0x5588cd72fa98 | State DB: adding IKEv2 state #2 in UNDEFINED | pstats #2 ikev2.child started | duplicating state object #1 "westnet-eastnet-ipv4-psk-ikev2" as #2 for IPSEC SA | #2 setting local endpoint to 192.1.2.23:500 from #1.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@NULL | duplicate_state: reference st_skey_d_nss-key@0x5588cd7146b0 | duplicate_state: reference st_skey_ai_nss-key@NULL | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5588cd70b800 | duplicate_state: reference st_skey_er_nss-key@0x5588cd712c00 | duplicate_state: reference st_skey_pi_nss-key@0x5588cd7164f0 | duplicate_state: reference st_skey_pr_nss-key@0x5588cd70d080 | duplicate_state: reference st_enc_key_nss-key@NULL | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | Message ID: init_child #1.#2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0; child: wip.initiator=0->-1 wip.responder=0->-1 | Message ID: switch-from #1 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1->-1 | Message ID: switch-to #1.#2 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0; child: wip.initiator=-1 wip.responder=-1->1 | Child SA TS Request has ike->sa == md->st; so using parent connection | TSi: parsing 1 traffic selectors | ***parse IKEv2 Traffic Selector: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) | IP Protocol ID: 0 (0x0) | length: 16 (0x10) | start port: 0 (0x0) | end port: 65535 (0xffff) | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low | TS low c0 00 01 00 | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high | TS high c0 00 01 ff | TSi: parsed 1 traffic selectors | TSr: parsing 1 traffic selectors | ***parse IKEv2 Traffic Selector: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) | IP Protocol ID: 0 (0x0) | length: 16 (0x10) | start port: 0 (0x0) | end port: 65535 (0xffff) | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low | TS low c0 00 02 00 | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high | TS high c0 00 02 ff | TSr: parsed 1 traffic selectors | looking for best SPD in current connection | evaluating our conn="westnet-eastnet-ipv4-psk-ikev2" I=192.0.1.0/24:0/0 R=192.0.2.0/24:0/0 to their: | TSi[0] .net=192.0.1.0-192.0.1.255 .iporotoid=0 .{start,end}port=0..65535 | match address end->client=192.0.1.0/24 == TSi[0]net=192.0.1.0-192.0.1.255: YES fitness 32 | narrow port end=0..65535 == TSi[0]=0..65535: 0 | TSi[0] port match: YES fitness 65536 | narrow protocol end=*0 == TSi[0]=*0: 0 | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 | TSr[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 | match address end->client=192.0.2.0/24 == TSr[0]net=192.0.2.0-192.0.2.255: YES fitness 32 | narrow port end=0..65535 == TSr[0]=0..65535: 0 | TSr[0] port match: YES fitness 65536 | narrow protocol end=*0 == TSr[0]=*0: 0 | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 | best fit so far: TSi[0] TSr[0] | found better spd route for TSi[0],TSr[0] | looking for better host pair | find_host_pair: comparing 192.1.2.23:500 to 192.1.2.45:500 but ignoring ports | checking hostpair 192.0.2.0/24 -> 192.0.1.0/24 is found | investigating connection "westnet-eastnet-ipv4-psk-ikev2" as a better match | ID_NULL: id kind matches | ID_NULL: id kind matches | match_id a=ID_NULL | b=ID_NULL | results matched | evaluating our conn="westnet-eastnet-ipv4-psk-ikev2" I=192.0.1.0/24:0/0 R=192.0.2.0/24:0/0 to their: | TSi[0] .net=192.0.1.0-192.0.1.255 .iporotoid=0 .{start,end}port=0..65535 | match address end->client=192.0.1.0/24 == TSi[0]net=192.0.1.0-192.0.1.255: YES fitness 32 | narrow port end=0..65535 == TSi[0]=0..65535: 0 | TSi[0] port match: YES fitness 65536 | narrow protocol end=*0 == TSi[0]=*0: 0 | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 | TSr[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 | match address end->client=192.0.2.0/24 == TSr[0]net=192.0.2.0-192.0.2.255: YES fitness 32 | narrow port end=0..65535 == TSr[0]=0..65535: 0 | TSr[0] port match: YES fitness 65536 | narrow protocol end=*0 == TSr[0]=*0: 0 | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 | best fit so far: TSi[0] TSr[0] | did not find a better connection using host pair | printing contents struct traffic_selector | ts_type: IKEv2_TS_IPV4_ADDR_RANGE | ipprotoid: 0 | port range: 0-65535 | ip range: 192.0.2.0-192.0.2.255 | printing contents struct traffic_selector | ts_type: IKEv2_TS_IPV4_ADDR_RANGE | ipprotoid: 0 | port range: 0-65535 | ip range: 192.0.1.0-192.0.1.255 | constructing ESP/AH proposals with all DH removed for westnet-eastnet-ipv4-psk-ikev2 (IKE_AUTH responder matching remote ESP/AH proposals) | converting proposal AES_GCM_16_256-NONE to ikev2 ... | ... ikev2_proposal: 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;DH=NONE;ESN=DISABLED | converting proposal AES_GCM_16_128-NONE to ikev2 ... | ... ikev2_proposal: 2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;DH=NONE;ESN=DISABLED | converting proposal AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128 to ikev2 ... | ... ikev2_proposal: 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=NONE;ESN=DISABLED | converting proposal AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128 to ikev2 ... | ... ikev2_proposal: 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=NONE;ESN=DISABLED "westnet-eastnet-ipv4-psk-ikev2": constructed local ESP/AH proposals for westnet-eastnet-ipv4-psk-ikev2 (IKE_AUTH responder matching remote ESP/AH proposals): 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;DH=NONE;ESN=DISABLED 2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;DH=NONE;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=NONE;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=NONE;ESN=DISABLED | Comparing remote proposals against IKE_AUTH responder matching remote ESP/AH proposals 4 local proposals | local proposal 1 type ENCR has 1 transforms | local proposal 1 type PRF has 0 transforms | local proposal 1 type INTEG has 1 transforms | local proposal 1 type DH has 1 transforms | local proposal 1 type ESN has 1 transforms | local proposal 1 transforms: required: ENCR+ESN; optional: INTEG+DH | local proposal 2 type ENCR has 1 transforms | local proposal 2 type PRF has 0 transforms | local proposal 2 type INTEG has 1 transforms | local proposal 2 type DH has 1 transforms | local proposal 2 type ESN has 1 transforms | local proposal 2 transforms: required: ENCR+ESN; optional: INTEG+DH | local proposal 3 type ENCR has 1 transforms | local proposal 3 type PRF has 0 transforms | local proposal 3 type INTEG has 2 transforms | local proposal 3 type DH has 1 transforms | local proposal 3 type ESN has 1 transforms | local proposal 3 transforms: required: ENCR+INTEG+ESN; optional: DH | local proposal 4 type ENCR has 1 transforms | local proposal 4 type PRF has 0 transforms | local proposal 4 type INTEG has 2 transforms | local proposal 4 type DH has 1 transforms | local proposal 4 type ESN has 1 transforms | local proposal 4 transforms: required: ENCR+INTEG+ESN; optional: DH | ***parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 32 (0x20) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_ESP (0x3) | spi size: 4 (0x4) | # transforms: 2 (0x2) | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI | remote SPI c5 15 6c 7b | Comparing remote proposal 1 containing 2 transforms against local proposal [1..4] of 4 local proposals | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | *****parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0 | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_ESN (0x5) | IKEv2 transform ID: ESN_DISABLED (0x0) | remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0 | remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0 | remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0 | remote proposal 1 transform 1 (ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0 | remote proposal 1 proposed transforms: ENCR+ESN; matched: ENCR+ESN; unmatched: none | comparing remote proposal 1 containing ENCR+ESN transforms to local proposal 1; required: ENCR+ESN; optional: INTEG+DH; matched: ENCR+ESN | remote proposal 1 matches local proposal 1 | ***parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 32 (0x20) | prop #: 2 (0x2) | proto ID: IKEv2_SEC_PROTO_ESP (0x3) | spi size: 4 (0x4) | # transforms: 2 (0x2) | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI | remote SPI c5 15 6c 7b | Comparing remote proposal 2 containing 2 transforms against local proposal [1..0] of 4 local proposals | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | *****parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_ESN (0x5) | IKEv2 transform ID: ESN_DISABLED (0x0) | remote proposal 2 proposed transforms: ENCR+ESN; matched: none; unmatched: ENCR+ESN | remote proposal 2 does not match; unmatched remote transforms: ENCR+ESN | ***parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_NON_LAST (0x2) | length: 48 (0x30) | prop #: 3 (0x3) | proto ID: IKEv2_SEC_PROTO_ESP (0x3) | spi size: 4 (0x4) | # transforms: 4 (0x4) | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI | remote SPI c5 15 6c 7b | Comparing remote proposal 3 containing 4 transforms against local proposal [1..0] of 4 local proposals | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | *****parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_ESN (0x5) | IKEv2 transform ID: ESN_DISABLED (0x0) | remote proposal 3 proposed transforms: ENCR+INTEG+ESN; matched: none; unmatched: ENCR+INTEG+ESN | remote proposal 3 does not match; unmatched remote transforms: ENCR+INTEG+ESN | ***parse IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | length: 48 (0x30) | prop #: 4 (0x4) | proto ID: IKEv2_SEC_PROTO_ESP (0x3) | spi size: 4 (0x4) | # transforms: 4 (0x4) | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI | remote SPI c5 15 6c 7b | Comparing remote proposal 4 containing 4 transforms against local proposal [1..0] of 4 local proposals | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 12 (0xc) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_CBC (0xc) | *****parse IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) | ****parse IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | length: 8 (0x8) | IKEv2 transform type: TRANS_TYPE_ESN (0x5) | IKEv2 transform ID: ESN_DISABLED (0x0) | remote proposal 4 proposed transforms: ENCR+INTEG+ESN; matched: none; unmatched: ENCR+INTEG+ESN | remote proposal 4 does not match; unmatched remote transforms: ENCR+INTEG+ESN "westnet-eastnet-ipv4-psk-ikev2" #1: proposal 1:ESP:SPI=c5156c7b;ENCR=AES_GCM_C_256;ESN=DISABLED chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_256;ESN=DISABLED[first-match] 2:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;ESN=DISABLED | IKE_AUTH responder matching remote ESP/AH proposals ikev2_proposal: 1:ESP:SPI=c5156c7b;ENCR=AES_GCM_C_256;ESN=DISABLED | converting proposal to internal trans attrs | encryption ike_alg_lookup_by_id id: AES_GCM_C=20, found AES_GCM_16 | integrity ike_alg_lookup_by_id id: NONE=0, found NONE | DH ike_alg_lookup_by_id id: NONE=0, found NONE | netlink_get_spi: allocated 0xed2ff92b for esp.0@192.1.2.23 | Emitting ikev2_proposal ... | ****emit IKEv2 Security Association Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'IKEv2 Authentication Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' | *****emit IKEv2 Proposal Substructure Payload: | last proposal: v2_PROPOSAL_LAST (0x0) | prop #: 1 (0x1) | proto ID: IKEv2_SEC_PROTO_ESP (0x3) | spi size: 4 (0x4) | # transforms: 2 (0x2) | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload | our spi ed 2f f9 2b | ******emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_NON_LAST (0x3) | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) | IKEv2 transform ID: AES_GCM_C (0x14) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | *******emit IKEv2 Attribute Substructure Payload: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) | length/value: 256 (0x100) | emitting length of IKEv2 Transform Substructure Payload: 12 | ******emit IKEv2 Transform Substructure Payload: | last transform: v2_TRANSFORM_LAST (0x0) | IKEv2 transform type: TRANS_TYPE_ESN (0x5) | IKEv2 transform ID: ESN_DISABLED (0x0) | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' | emitting length of IKEv2 Transform Substructure Payload: 8 | emitting length of IKEv2 Proposal Substructure Payload: 32 | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 | emitting length of IKEv2 Security Association Payload: 36 | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 | ****emit IKEv2 Traffic Selector - Initiator - Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | number of TS: 1 (0x1) | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi) | next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet' | *****emit IKEv2 Traffic Selector: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) | IP Protocol ID: 0 (0x0) | start port: 0 (0x0) | end port: 65535 (0xffff) | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector | ipv4 start c0 00 01 00 | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector | ipv4 end c0 00 01 ff | emitting length of IKEv2 Traffic Selector: 16 | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24 | ****emit IKEv2 Traffic Selector - Responder - Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | number of TS: 1 (0x1) | next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr) | next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet' | *****emit IKEv2 Traffic Selector: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) | IP Protocol ID: 0 (0x0) | start port: 0 (0x0) | end port: 65535 (0xffff) | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector | ipv4 start c0 00 02 00 | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector | ipv4 end c0 00 02 ff | emitting length of IKEv2 Traffic Selector: 16 | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24 | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED | integ=none: .key_size=0 encrypt=aes_gcm_16: .key_size=32 .salt_size=4 keymat_len=36 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb29350 | result: data=Ni-key@0x5588cd726f40 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x5588cd726f40 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29338 | result: data=Ni-key@0x7fb860008c40 (32-bytes, EXTRACT_KEY_FROM_KEY) | data=Ni: release tmp-key@0x5588cd726f40 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x7fb860008c40 (32-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffe4fb29340 | result: data+=Nr-key@0x5588cd726f40 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x7fb860008c40 | prf+0 PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+0: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29268 | result: clone-key@0x7fb860008c40 (64-bytes, SHA512_HMAC) | prf+0 prf: created sha2_512 context 0x7fb868002b50 from key-key@0x7fb860008c40 | prf+0 prf: begin sha2_512 with context 0x7fb868002b50 from key-key@0x7fb860008c40 | prf+0: release clone-key@0x7fb860008c40 | prf+0 PRF sha2_512 crypt-prf@0x5588cd731cf8 | prf+0 PRF sha2_512 update seed-key@0x5588cd726f40 (size 64) | prf+0: seed-key@0x5588cd726f40 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd726f40 | nss hmac digest hack: symkey-key@0x5588cd726f40 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x5588cd733528 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | prf+0 PRF sha2_512 update 1++-byte@0x1 (1) | 01 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb29270 | result: final-key@0x5588cd731a50 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd731a50 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29258 | result: final-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd731a50 | prf+0 PRF sha2_512 final-key@0x7fb860008c40 (size 64) | prf+0: key-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | prfplus: reference old_t[1]-key@0x7fb860008c40 | prf+N PRF sha2_512 init key-key@0x5588cd7146b0 (size 64) | prf+N: key-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: SHA512_HMAC | flags: SIGN | key_size: 64-bytes | base: base-key@0x5588cd7146b0 (64-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29268 | result: clone-key@0x5588cd731a50 (64-bytes, SHA512_HMAC) | prf+N prf: created sha2_512 context 0x5588cd733500 from key-key@0x5588cd731a50 | prf+N prf: begin sha2_512 with context 0x5588cd733500 from key-key@0x5588cd731a50 | prf+N: release clone-key@0x5588cd731a50 | prf+N PRF sha2_512 crypt-prf@0x5588cd731a28 | prf+N PRF sha2_512 update old_t-key@0x7fb860008c40 (size 64) | prf+N: old_t-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x7fb860008c40 | nss hmac digest hack: symkey-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872938912: af f2 98 12 f4 2e a0 b8 3e d9 41 6a 7a 6c 86 cf f0 3d 10 f1 e2 dc fe 7c 15 c6 9c 18 e5 d0 5d de 71 2a 1a 90 6c d4 03 c2 3a 17 b5 37 92 b2 c9 90 c9 6a 27 a5 09 6a 61 3e 21 9a 30 6f b1 35 2f 79 | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x5588cd72de28 | unwrapped: 6a 79 f1 8b f3 72 6e 9b d2 1d 0f 66 44 21 76 14 | unwrapped: 61 fd e8 e2 3d 02 a2 14 1c 65 c8 e8 15 03 54 4a | unwrapped: 8e fe ea 75 ca fc dd d9 2b 25 30 cf 79 7e 79 74 | unwrapped: 45 de fd 56 02 12 cf 7e d6 4f a4 9e 1f 77 bb a4 | prf+N PRF sha2_512 update seed-key@0x5588cd726f40 (size 64) | prf+N: seed-key@0x5588cd726f40 (64-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 64 bytes of key@0x5588cd726f40 | nss hmac digest hack: symkey-key@0x5588cd726f40 (64-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5588cd70f920 (64-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 64 | wrapper: (SECItemType)-872939011: 23 8f ef cf cf da 4f 74 07 4b 66 4a 47 14 70 c6 d1 74 38 05 3d b1 df 51 90 a1 d9 6f 03 bc fe 90 ec 25 fb d3 3e 51 18 2e d7 6f e7 b4 df df 90 48 41 b9 d6 0a 8f 85 4e 9d a1 43 5d bb 1e 73 f1 ae | nss hmac digest hack: release slot-key-key@0x5588cd70f920 | nss hmac digest hack extracted len 64 bytes at 0x7fb868002b78 | unwrapped: 81 f1 aa 07 27 b7 8c fc fd 3b 0e 7b fb 14 57 54 | unwrapped: ab 2c 6e c0 17 f3 53 f9 36 ac d0 6d a5 15 b2 ea | unwrapped: 42 c2 6a cb 5c 7d 99 0d f5 12 c9 37 12 e1 5c 8a | unwrapped: d4 f1 b1 37 fc 84 bb fa 07 03 47 ed 9c 55 8f b8 | prf+N PRF sha2_512 update N++-byte@0x2 (2) | 02 | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffe4fb29270 | result: final-key@0x5588cd731b90 (80-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 64 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 64-bytes | base: base-key@0x5588cd731b90 (80-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb29258 | result: final-key@0x5588cd731a50 (64-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5588cd731b90 | prf+N PRF sha2_512 final-key@0x5588cd731a50 (size 64) | prf+N: key-key@0x5588cd731a50 (64-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x7fb860008c40 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7ffe4fb292e8 | result: result-key@0x5588cd731b90 (128-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x7fb860008c40 | prfplus: release old_t[N]-key@0x7fb860008c40 | prfplus: release old_t[final]-key@0x5588cd731a50 | child_sa_keymat: release data-key@0x5588cd726f40 | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 36-bytes | base: base-key@0x5588cd731b90 (128-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb293c8 | result: result-key@0x5588cd726f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | initiator to responder keys extracting all 36 bytes of key@0x5588cd726f40 | initiator to responder keys: symkey-key@0x5588cd726f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | initiator to responder keys: new slot-key@0x5588cd70f920 (36-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-1601527789: af f2 98 12 f4 2e a0 b8 3e d9 41 6a 7a 6c 86 cf f0 3d 10 f1 e2 dc fe 7c 15 c6 9c 18 e5 d0 5d de 1e dc 95 bc bc 74 b4 30 6b 67 82 5f c3 c1 ef d9 | initiator to responder keys: release slot-key-key@0x5588cd70f920 | initiator to responder keys extracted len 48 bytes at 0x5588cd72f5a8 | unwrapped: 6a 79 f1 8b f3 72 6e 9b d2 1d 0f 66 44 21 76 14 | unwrapped: 61 fd e8 e2 3d 02 a2 14 1c 65 c8 e8 15 03 54 4a | unwrapped: 8e fe ea 75 00 00 00 00 00 00 00 00 00 00 00 00 | ikev2_derive_child_keys: release ikey-key@0x5588cd726f40 | key-offset: 36, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 36-bytes | base: base-key@0x5588cd731b90 (128-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffe4fb293c8 | result: result-key@0x5588cd726f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | responder to initiator keys: extracting all 36 bytes of key@0x5588cd726f40 | responder to initiator keys:: symkey-key@0x5588cd726f40 (36-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5588cd68b080 (16-bytes, AES_KEY_GEN) | responder to initiator keys:: new slot-key@0x5588cd70f920 (36-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-1601527789: 68 3b e8 3a 43 d7 83 ed b2 49 50 fc ce 6f 59 6d bc ec fc 09 65 c6 40 4c 6c 1a af ce da 7a 39 af 2c 8c e4 58 36 e1 7d 2e bd af f9 25 9a 2c 60 7c | responder to initiator keys:: release slot-key-key@0x5588cd70f920 | responder to initiator keys: extracted len 48 bytes at 0x5588cd735038 | unwrapped: ca fc dd d9 2b 25 30 cf 79 7e 79 74 45 de fd 56 | unwrapped: 02 12 cf 7e d6 4f a4 9e 1f 77 bb a4 06 31 ea 97 | unwrapped: 2c 2d b9 93 00 00 00 00 00 00 00 00 00 00 00 00 | ikev2_derive_child_keys: release rkey-key@0x5588cd726f40 | ikev2_derive_child_keys: release keymat-key@0x5588cd731b90 | NULL Authentication - all clients appear identical | #1 spent 1.67 milliseconds | install_ipsec_sa() for #2: inbound and outbound | could_route called for westnet-eastnet-ipv4-psk-ikev2 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 vs | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 | route owner of "westnet-eastnet-ipv4-psk-ikev2" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_GCM_16 keylen: 256 integ: NONE | encrypt AES_GCM_16 keylen=256 transid=20, key_size=32, encryptalg=20 | AES_GCM_16 requires 4 salt bytes | st->st_esp.keymat_len=36 is encrypt_keymat_size=36 + integ_keymat_size=0 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'westnet-eastnet-ipv4-psk-ikev2' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.c5156c7b@192.1.2.45 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_GCM_16 keylen: 256 integ: NONE | encrypt AES_GCM_16 keylen=256 transid=20, key_size=32, encryptalg=20 | AES_GCM_16 requires 4 salt bytes | st->st_esp.keymat_len=36 is encrypt_keymat_size=36 + integ_keymat_size=0 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'westnet-eastnet-ipv4-psk-ikev2' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.ed2ff92b@192.1.2.23 included non-error error | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | add inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.10000@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #2: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 vs | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 | route owner of "westnet-eastnet-ipv4-psk-ikev2" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: westnet-eastnet-ipv4-psk-ikev2 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2 | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | eroute_connection add eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.0@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | ID_NULL: id kind matches | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VT | popen cmd is 1065 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv: | cmd( 80):4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.: | cmd( 160):2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET=': | cmd( 240):192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTO: | cmd( 320):COL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO: | cmd( 400):_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0: | cmd( 480):.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROT: | cmd( 560):OCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLI: | cmd( 640):CY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW: | cmd( 720):+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILE: | cmd( 800):D=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLU: | cmd( 880):TO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED=: | cmd( 960):'0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc5156c7b SPI_OUT=0xed: | cmd(1040):2ff92b ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | ID_NULL: id kind matches | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTI | popen cmd is 1070 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastne: | cmd( 80):t-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='1: | cmd( 160):92.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_: | cmd( 240):NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_: | cmd( 320):PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' : | cmd( 400):PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET=': | cmd( 480):192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER: | cmd( 560):_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN: | cmd( 640):_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_: | cmd( 720):ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_: | cmd( 800):FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO=': | cmd( 880):' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIG: | cmd( 960):URED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc5156c7b SPI_OUT: | cmd(1040):=0xed2ff92b ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | ID_NULL: id kind matches | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING=' | popen cmd is 1068 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-: | cmd( 80):ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192: | cmd( 160):.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NE: | cmd( 240):T='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PR: | cmd( 320):OTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PL: | cmd( 400):UTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='19: | cmd( 480):2.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_P: | cmd( 560):ROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_P: | cmd( 640):OLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_AL: | cmd( 720):LOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FA: | cmd( 800):ILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' : | cmd( 880):PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGUR: | cmd( 960):ED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc5156c7b SPI_OUT=0: | cmd(1040):xed2ff92b ipsec _updown 2>&1: | route_and_eroute: instance "westnet-eastnet-ipv4-psk-ikev2", setting eroute_owner {spd=0x5588cd727f58,sr=0x5588cd727f58} to #2 (was #0) (newest_ipsec_sa=#0) | #1 spent 2.09 milliseconds in install_ipsec_sa() | ISAKMP_v2_IKE_AUTH: instance westnet-eastnet-ipv4-psk-ikev2[0], setting IKEv2 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1 | adding 1 bytes of padding (including 1 byte padding-length) | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload | emitting length of IKEv2 Encryption Payload: 193 | emitting length of ISAKMP Message: 221 | Salt before authenticated encryption: | 36 22 f4 2b | IV before authenticated encryption: | 64 43 e8 46 f0 80 21 91 | AAD before authenticated encryption: | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 23 20 00 00 00 01 00 00 00 dd 24 00 00 c1 | data before authenticated encryption: | 27 00 00 08 0d 00 00 00 21 00 00 48 0d 00 00 00 | 65 28 4f 5f c6 f3 99 db 20 94 8d b7 57 80 d2 28 | c4 92 e7 85 94 e3 dc 95 4b e7 32 b8 1b fe f5 19 | a0 d2 d8 d1 a9 31 a0 c1 6d d4 51 9f bc d6 09 e5 | 92 5c fa 8c fa 51 4a 77 62 14 1f 07 d7 40 12 65 | 2c 00 00 24 00 00 00 20 01 03 04 02 ed 2f f9 2b | 03 00 00 0c 01 00 00 14 80 0e 01 00 00 00 00 08 | 05 00 00 00 2d 00 00 18 01 00 00 00 07 00 00 10 | 00 00 ff ff c0 00 01 00 c0 00 01 ff 00 00 00 18 | 01 00 00 00 07 00 00 10 00 00 ff ff c0 00 02 00 | c0 00 02 ff 00 | integ before authenticated encryption: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | data after authenticated encryption: | 71 4c 27 9d 46 09 c7 8c 69 b2 c5 c5 1a 09 25 ca | 73 0f ec 7a 4c c5 84 0a 32 96 50 6a f9 6f 6b 55 | 0a 1f 13 19 92 d7 a3 40 1e 35 1e 65 ae dc 24 43 | e3 a9 9e d3 1c 0c c2 ad bc 36 33 c3 0a 7d da 56 | 4b eb 7d d0 5f d6 07 9a 7b 07 fe a6 cb a8 e3 16 | f2 91 f2 dd bf fc ed 2b 3b 4e 84 92 06 0b 7f 7b | 00 46 eb f0 47 32 70 ca d6 88 ee f1 18 a6 a8 27 | 07 bc dc 51 46 6b 0b f1 6c 6e 1d 00 e9 46 59 be | 21 b4 b1 4e 1a 0a 47 9d fb 6e b9 75 50 18 46 56 | 8b e6 b7 47 8f ae 06 66 98 e5 a5 70 b5 82 e5 fb | ae fb d1 50 5f | integ after authenticated encryption: | b1 6a b6 b9 90 c8 3e fe ad cd 54 c4 4f 1d af d5 | ikev2_parent_inI2outR2_continue_tail returned STF_OK | #1 spent 3.89 milliseconds in processing: Responder: process IKE_AUTH request in ikev2_process_state_packet() | suspend processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | start processing: state #2 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in complete_v2_state_transition() at ikev2.c:3379) | #2 complete_v2_state_transition() md.from_state=PARENT_R1 md.svm.state[from]=PARENT_R1 UNDEFINED->V2_IPSEC_R with status STF_OK | IKEv2: transition from state STATE_PARENT_R1 to state STATE_V2_IPSEC_R | child state #2: UNDEFINED(ignore) => V2_IPSEC_R(established CHILD SA) | Message ID: updating counters for #2 to 1 after switching state | Message ID: recv #1.#2 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0->1; child: wip.initiator=-1 wip.responder=1->-1 | Message ID: sent #1.#2 response 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0->1 responder.recv=1; child: wip.initiator=-1 wip.responder=-1 | pstats #2 ikev2.child established "westnet-eastnet-ipv4-psk-ikev2" #2: negotiated connection [192.0.2.0-192.0.2.255:0-65535 0] -> [192.0.1.0-192.0.1.255:0-65535 0] | NAT-T: encaps is 'auto' "westnet-eastnet-ipv4-psk-ikev2" #2: STATE_V2_IPSEC_R: IPsec SA established tunnel mode {ESP=>0xc5156c7b <0xed2ff92b xfrm=AES_GCM_16_256-NONE NATOA=none NATD=none DPD=passive} | sending V2 new request packet to 192.1.2.45:500 (from 192.1.2.23:500) | sending 221 bytes for STATE_PARENT_R1 through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 23 20 00 00 00 01 00 00 00 dd 24 00 00 c1 | 64 43 e8 46 f0 80 21 91 71 4c 27 9d 46 09 c7 8c | 69 b2 c5 c5 1a 09 25 ca 73 0f ec 7a 4c c5 84 0a | 32 96 50 6a f9 6f 6b 55 0a 1f 13 19 92 d7 a3 40 | 1e 35 1e 65 ae dc 24 43 e3 a9 9e d3 1c 0c c2 ad | bc 36 33 c3 0a 7d da 56 4b eb 7d d0 5f d6 07 9a | 7b 07 fe a6 cb a8 e3 16 f2 91 f2 dd bf fc ed 2b | 3b 4e 84 92 06 0b 7f 7b 00 46 eb f0 47 32 70 ca | d6 88 ee f1 18 a6 a8 27 07 bc dc 51 46 6b 0b f1 | 6c 6e 1d 00 e9 46 59 be 21 b4 b1 4e 1a 0a 47 9d | fb 6e b9 75 50 18 46 56 8b e6 b7 47 8f ae 06 66 | 98 e5 a5 70 b5 82 e5 fb ae fb d1 50 5f b1 6a b6 | b9 90 c8 3e fe ad cd 54 c4 4f 1d af d5 | releasing whack for #2 (sock=fd@-1) | releasing whack and unpending for parent #1 | unpending state #1 connection "westnet-eastnet-ipv4-psk-ikev2" | #2 will start re-keying in 28530 seconds with margin of 270 seconds (attempting re-key) | event_schedule: new EVENT_SA_REKEY-pe@0x7fb868002b78 | inserting event EVENT_SA_REKEY, timeout in 28530 seconds for #2 | libevent_malloc: new ptr-libevent@0x5588cd72f9e8 size 128 | resume sending helper answer for #1 suppresed complete_v2_state_transition() | #1 spent 4.16 milliseconds in resume sending helper answer | stop processing: state #2 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7fb860000f48 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00491 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00202 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00192 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.ed2ff92b@192.1.2.23 | get_sa_info esp.c5156c7b@192.1.2.45 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.15 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | unreference key: 0x5588cd729bd8 ID_NULL cnt 1-- | start processing: connection "westnet-eastnet-ipv4-psk-ikev2" (in delete_connection() at connections.c:189) | Deleting states for connection - including all other IPsec SA's of this IKE SA | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #2 | suspend processing: connection "westnet-eastnet-ipv4-psk-ikev2" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #2 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #2 ikev2.child deleted completed | [RE]START processing: state #2 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in delete_state() at state.c:879) "westnet-eastnet-ipv4-psk-ikev2" #2: deleting state (STATE_V2_IPSEC_R) aged 4.465s and sending notification | child state #2: V2_IPSEC_R(established CHILD SA) => delete | get_sa_info esp.c5156c7b@192.1.2.45 | get_sa_info esp.ed2ff92b@192.1.2.23 "westnet-eastnet-ipv4-psk-ikev2" #2: ESP traffic information: in=336B out=336B | #2 send IKEv2 delete notification for STATE_V2_IPSEC_R | Opening output PBS informational exchange delete request | **emit ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 3c 23 d7 38 84 f0 63 b4 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_INFORMATIONAL (0x25) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit IKEv2 Encryption Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'informational exchange delete request' | emitting 8 zero bytes of IV into IKEv2 Encryption Payload | ****emit IKEv2 Delete Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | protocol ID: PROTO_v2_ESP (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Delete Payload (42:ISAKMP_NEXT_v2D) | next payload chain: saving location 'IKEv2 Delete Payload'.'next payload type' in 'informational exchange delete request' | emitting 4 raw bytes of local spis into IKEv2 Delete Payload | local spis ed 2f f9 2b | emitting length of IKEv2 Delete Payload: 12 | adding 1 bytes of padding (including 1 byte padding-length) | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload | emitting length of IKEv2 Encryption Payload: 41 | emitting length of ISAKMP Message: 69 | Salt before authenticated encryption: | 36 22 f4 2b | IV before authenticated encryption: | 6b c5 d4 48 89 1c 0f 0c | AAD before authenticated encryption: | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 25 00 00 00 00 00 00 00 00 45 2a 00 00 29 | data before authenticated encryption: | 00 00 00 0c 03 04 00 01 ed 2f f9 2b 00 | integ before authenticated encryption: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | data after authenticated encryption: | 50 72 07 bf c0 e1 c1 49 1e c2 b5 b9 c5 | integ after authenticated encryption: | 22 a6 a4 7b 81 86 ac 63 5b 50 11 1d 5c 99 be 6b | sending 69 bytes for delete notification through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #2) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 25 00 00 00 00 00 00 00 00 45 2a 00 00 29 | 6b c5 d4 48 89 1c 0f 0c 50 72 07 bf c0 e1 c1 49 | 1e c2 b5 b9 c5 22 a6 a4 7b 81 86 ac 63 5b 50 11 | 1d 5c 99 be 6b | Message ID: IKE #1 sender #2 in send_delete record 'n' sending delete request so forcing IKE nextuse=0->1 and sender msgid=0->0 | Message ID: IKE #1 sender #2 in send_delete hacking around record ' send | Message ID: sent #1 request 0; ike: initiator.sent=-1->0 initiator.recv=-1 responder.sent=1 responder.recv=1 wip.initiator=-1->0 wip.responder=-1 | state #2 requesting EVENT_SA_REKEY to be deleted | libevent_free: release ptr-libevent@0x5588cd72f9e8 | free_event_entry: release EVENT_SA_REKEY-pe@0x7fb868002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825269' PLUTO_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_RO | popen cmd is 1076 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-i: | cmd( 80):pv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.: | cmd( 160):1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET: | cmd( 240):='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PRO: | cmd( 320):TOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.45' PLU: | cmd( 400):TO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192: | cmd( 480):.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PR: | cmd( 560):OTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825269' PLUT: | cmd( 640):O_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE: | cmd( 720):_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' : | cmd( 800):XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_: | cmd( 880):INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_: | cmd( 960):CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xc5156c7b S: | cmd(1040):PI_OUT=0xed2ff92b ipsec _updown 2>&1: | shunt_eroute() called for connection 'westnet-eastnet-ipv4-psk-ikev2' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.c5156c7b@192.1.2.45 | netlink response for Del SA esp.c5156c7b@192.1.2.45 included non-error error | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | delete inbound eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => unk255.10000@192.1.2.23 (raw_eroute) | raw_eroute result=success | delete esp.ed2ff92b@192.1.2.23 | netlink response for Del SA esp.ed2ff92b@192.1.2.23 included non-error error | stop processing: connection "westnet-eastnet-ipv4-psk-ikev2" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection westnet-eastnet-ipv4-psk-ikev2 | State DB: deleting IKEv2 state #2 in V2_IPSEC_R | child state #2: V2_IPSEC_R(established CHILD SA) => UNDEFINED(ignore) | stop processing: state #2 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@0x5588cd7146b0 | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5588cd70b800 | delete_state: release st->st_skey_er_nss-key@0x5588cd712c00 | delete_state: release st->st_skey_pi_nss-key@0x5588cd7164f0 | delete_state: release st->st_skey_pr_nss-key@0x5588cd70d080 | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #1 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | start processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #1 ikev2.ike deleted completed | #1 spent 7.97 milliseconds in total | [RE]START processing: state #1 connection "westnet-eastnet-ipv4-psk-ikev2" from 192.1.2.45:500 (in delete_state() at state.c:879) "westnet-eastnet-ipv4-psk-ikev2" #1: deleting state (STATE_PARENT_R2) aged 4.481s and sending notification | parent state #1: PARENT_R2(established IKE SA) => delete | #1 send IKEv2 delete notification for STATE_PARENT_R2 | Opening output PBS informational exchange delete request | **emit ISAKMP Message: | initiator cookie: | df a7 70 f9 33 7f d6 5d | responder cookie: | 3c 23 d7 38 84 f0 63 b4 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) | exchange type: ISAKMP_v2_INFORMATIONAL (0x25) | flags: none (0x0) | Message ID: 1 (0x1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit IKEv2 Encryption Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'informational exchange delete request' | emitting 8 zero bytes of IV into IKEv2 Encryption Payload | ****emit IKEv2 Delete Payload: | next payload type: ISAKMP_NEXT_v2NONE (0x0) | flags: none (0x0) | protocol ID: PROTO_v2_IKE (0x1) | SPI size: 0 (0x0) | number of SPIs: 0 (0x0) | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Delete Payload (42:ISAKMP_NEXT_v2D) | next payload chain: saving location 'IKEv2 Delete Payload'.'next payload type' in 'informational exchange delete request' | emitting length of IKEv2 Delete Payload: 8 | adding 1 bytes of padding (including 1 byte padding-length) | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload | emitting length of IKEv2 Encryption Payload: 37 | emitting length of ISAKMP Message: 65 | Salt before authenticated encryption: | 36 22 f4 2b | IV before authenticated encryption: | 17 5d 92 04 d3 41 72 95 | AAD before authenticated encryption: | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 25 00 00 00 00 01 00 00 00 41 2a 00 00 25 | data before authenticated encryption: | 00 00 00 08 01 00 00 00 00 | integ before authenticated encryption: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | data after authenticated encryption: | 5b 20 b5 df 5f 10 62 5b 14 | integ after authenticated encryption: | a8 3b 62 63 2c 48 a2 b8 cb a8 d2 d2 a4 29 ba 21 | sending 65 bytes for delete notification through eth1 from 192.1.2.23:500 to 192.1.2.45:500 (using #1) | df a7 70 f9 33 7f d6 5d 3c 23 d7 38 84 f0 63 b4 | 2e 20 25 00 00 00 00 01 00 00 00 41 2a 00 00 25 | 17 5d 92 04 d3 41 72 95 5b 20 b5 df 5f 10 62 5b | 14 a8 3b 62 63 2c 48 a2 b8 cb a8 d2 d2 a4 29 ba | 21 | Message ID: IKE #1 sender #1 in send_delete record 'n' sending delete request so forcing IKE nextuse=1->2 and sender msgid=0->1 | Message ID: IKE #1 sender #1 in send_delete hacking around record ' send | Message ID: #1 XXX: expecting sender.wip.initiator 0 == -1 - suspect record'n'send out-of-order?); initiator.sent=1 initiator.recv=-1 responder.sent=1 responder.recv=1 wip.initiator=1 wip.responder=-1 | Message ID: sent #1 request 1; ike: initiator.sent=0->1 initiator.recv=-1 responder.sent=1 responder.recv=1 wip.initiator=0->1 wip.responder=-1 | state #1 requesting EVENT_SA_REKEY to be deleted | libevent_free: release ptr-libevent@0x5588cd72ee48 | free_event_entry: release EVENT_SA_REKEY-pe@0x5588cd729cc8 | State DB: IKEv2 state not found (flush_incomplete_children) | in connection_discard for connection westnet-eastnet-ipv4-psk-ikev2 | State DB: deleting IKEv2 state #1 in PARENT_R2 | parent state #1: PARENT_R2(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7fb868003a28: destroyed | stop processing: state #1 from 192.1.2.45:500 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5588cd716110 | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@0x5588cd7146b0 | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5588cd70b800 | delete_state: release st->st_skey_er_nss-key@0x5588cd712c00 | delete_state: release st->st_skey_pi_nss-key@0x5588cd7164f0 | delete_state: release st->st_skey_pr_nss-key@0x5588cd70d080 | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | shunt_eroute() called for connection 'westnet-eastnet-ipv4-psk-ikev2' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | priority calculation of connection "westnet-eastnet-ipv4-psk-ikev2" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 vs | conn westnet-eastnet-ipv4-psk-ikev2 mark 0/00000000, 0/00000000 | route owner of "westnet-eastnet-ipv4-psk-ikev2" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastnet-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='192.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.45' PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET='192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUT | popen cmd is 1057 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='westnet-eastne: | cmd( 80):t-ipv4-psk-ikev2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.45' PLUTO_ME='1: | cmd( 160):92.1.2.23' PLUTO_MY_ID='ID_NULL' PLUTO_MY_CLIENT='192.0.2.0/24' PLUTO_MY_CLIENT_: | cmd( 240):NET='192.0.2.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_: | cmd( 320):PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.45': | cmd( 400): PLUTO_PEER_ID='ID_NULL' PLUTO_PEER_CLIENT='192.0.1.0/24' PLUTO_PEER_CLIENT_NET=: | cmd( 480):'192.0.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEE: | cmd( 560):R_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CON: | cmd( 640):N_POLICY='AUTHNULL+ENCRYPT+TUNNEL+PFS+OVERLAPIP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG: | cmd( 720):_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH: | cmd( 800):_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO=: | cmd( 880):'' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFI: | cmd( 960):GURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 i: | cmd(1040):psec _updown 2>&1: unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5588cd729af8 | flush revival: connection 'westnet-eastnet-ipv4-psk-ikev2' wasn't on the list | processing: STOP connection NULL (in discard_connection() at connections.c:249) | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.2.254:4500 shutting down interface eth0/eth0 192.0.2.254:500 shutting down interface eth1/eth1 192.1.2.23:4500 shutting down interface eth1/eth1 192.1.2.23:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x5588cd71b758 | free_event_entry: release EVENT_NULL-pe@0x5588cd7273f8 | libevent_free: release ptr-libevent@0x5588cd6abe98 | free_event_entry: release EVENT_NULL-pe@0x5588cd7274a8 | libevent_free: release ptr-libevent@0x5588cd6abde8 | free_event_entry: release EVENT_NULL-pe@0x5588cd727558 | libevent_free: release ptr-libevent@0x5588cd6b4448 | free_event_entry: release EVENT_NULL-pe@0x5588cd727608 | libevent_free: release ptr-libevent@0x5588cd68ab78 | free_event_entry: release EVENT_NULL-pe@0x5588cd7276b8 | libevent_free: release ptr-libevent@0x5588cd6851d8 | free_event_entry: release EVENT_NULL-pe@0x5588cd727768 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x5588cd71b808 | free_event_entry: release EVENT_NULL-pe@0x5588cd70f5c8 | libevent_free: release ptr-libevent@0x5588cd6a9a58 | free_event_entry: release EVENT_NULL-pe@0x5588cd70f558 | libevent_free: release ptr-libevent@0x5588cd6f2d98 | free_event_entry: release EVENT_NULL-pe@0x5588cd70ea18 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x5588cd6b6de8 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x5588cd6b6eb8 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x5588cd726c58 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x5588cd726e98 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x5588cd726d68 | libevent_free: release ptr-libevent@0x5588cd709e08 | libevent_free: release ptr-libevent@0x5588cd709db8 | libevent_free: release ptr-libevent@0x5588cd709d48 | libevent_free: release ptr-libevent@0x5588cd709d08 | libevent_free: release ptr-libevent@0x5588cd7269e8 | libevent_free: release ptr-libevent@0x5588cd726b98 | libevent_free: release ptr-libevent@0x5588cd709fb8 | libevent_free: release ptr-libevent@0x5588cd70f1e8 | libevent_free: release ptr-libevent@0x5588cd70f6d8 | libevent_free: release ptr-libevent@0x5588cd7277d8 | libevent_free: release ptr-libevent@0x5588cd727728 | libevent_free: release ptr-libevent@0x5588cd727678 | libevent_free: release ptr-libevent@0x5588cd7275c8 | libevent_free: release ptr-libevent@0x5588cd727518 | libevent_free: release ptr-libevent@0x5588cd727468 | libevent_free: release ptr-libevent@0x5588cd6a8e88 | libevent_free: release ptr-libevent@0x5588cd726c18 | libevent_free: release ptr-libevent@0x5588cd726bd8 | libevent_free: release ptr-libevent@0x5588cd726b58 | libevent_free: release ptr-libevent@0x5588cd726d28 | libevent_free: release ptr-libevent@0x5588cd726a28 | libevent_free: release ptr-libevent@0x5588cd684908 | libevent_free: release ptr-libevent@0x5588cd684d38 | libevent_free: release ptr-libevent@0x5588cd6a91f8 | releasing global libevent data | libevent_free: release ptr-libevent@0x5588cd6a9cc8 | libevent_free: release ptr-libevent@0x5588cd684cd8 | libevent_free: release ptr-libevent@0x5588cd684dd8 leak detective found no leaks