FIPS Product: YES FIPS Kernel: NO FIPS Mode: NO NSS DB directory: sql:/etc/ipsec.d Initializing NSS Opening NSS database "sql:/etc/ipsec.d" read-only NSS initialized NSS crypto library initialized FIPS HMAC integrity support [enabled] FIPS mode disabled for pluto daemon FIPS HMAC integrity verification self-test FAILED libcap-ng support [enabled] Linux audit support [enabled] Linux audit activated Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:27351 core dump dir: /tmp secrets file: /etc/ipsec.secrets leak-detective enabled NSS crypto [enabled] XAUTH PAM support [enabled] | libevent is using pluto's memory allocator Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) | libevent_malloc: new ptr-libevent@0x5573f40bf7f8 size 40 | libevent_malloc: new ptr-libevent@0x5573f40bfcd8 size 40 | libevent_malloc: new ptr-libevent@0x5573f40bfdd8 size 40 | creating event base | libevent_malloc: new ptr-libevent@0x5573f41447c8 size 56 | libevent_malloc: new ptr-libevent@0x5573f40e8328 size 664 | libevent_malloc: new ptr-libevent@0x5573f4144838 size 24 | libevent_malloc: new ptr-libevent@0x5573f4144888 size 384 | libevent_malloc: new ptr-libevent@0x5573f4144788 size 16 | libevent_malloc: new ptr-libevent@0x5573f40bf908 size 40 | libevent_malloc: new ptr-libevent@0x5573f40bfd38 size 48 | libevent_realloc: new ptr-libevent@0x5573f40e7fb8 size 256 | libevent_malloc: new ptr-libevent@0x5573f4144a38 size 16 | libevent_free: release ptr-libevent@0x5573f41447c8 | libevent initialized | libevent_realloc: new ptr-libevent@0x5573f41447c8 size 64 | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds | init_nat_traversal() initialized with keep_alive=0s NAT-Traversal support [enabled] | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized | global one-shot timer EVENT_FREE_ROOT_CERTS initialized | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds | global one-shot timer EVENT_REVIVE_CONNS initialized | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds | encryption algorithm assertion checks | encryption algorithm AES_CCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 ESP ID id: 16 enum name: AES_CCM_C | IKEv2 ID id: 16 enum name: AES_CCM_C | encryption algorithm AES_CCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 ESP ID id: 15 enum name: AES_CCM_B | IKEv2 ID id: 15 enum name: AES_CCM_B | encryption algorithm AES_CCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 ESP ID id: 14 enum name: AES_CCM_A | IKEv2 ID id: 14 enum name: AES_CCM_A | encryption algorithm 3DES_CBC, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 3, IKEv2 id: 3 | IKEv1 OAKLEY ID id: 5 enum name: 3DES_CBC | IKEv1 ESP ID id: 3 enum name: 3DES | IKEv2 ID id: 3 enum name: 3DES | encryption algorithm CAMELLIA_CTR, IKEv1 OAKLEY id: 24, IKEv1 ESP_INFO id: 24, IKEv2 id: 24 | IKEv1 OAKLEY ID id: 24 enum name: CAMELLIA_CTR | IKEv1 ESP ID id: 24 enum name: CAMELLIA_CTR | IKEv2 ID id: 24 enum name: CAMELLIA_CTR | encryption algorithm CAMELLIA_CBC, IKEv1 OAKLEY id: 8, IKEv1 ESP_INFO id: 22, IKEv2 id: 23 | IKEv1 OAKLEY ID id: 8 enum name: CAMELLIA_CBC | IKEv1 ESP ID id: 22 enum name: CAMELLIA | IKEv2 ID id: 23 enum name: CAMELLIA_CBC | encryption algorithm AES_GCM_16, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 20, IKEv2 id: 20 | IKEv1 ESP ID id: 20 enum name: AES_GCM_C | IKEv2 ID id: 20 enum name: AES_GCM_C | encryption algorithm AES_GCM_12, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 19, IKEv2 id: 19 | IKEv1 ESP ID id: 19 enum name: AES_GCM_B | IKEv2 ID id: 19 enum name: AES_GCM_B | encryption algorithm AES_GCM_8, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 ESP ID id: 18 enum name: AES_GCM_A | IKEv2 ID id: 18 enum name: AES_GCM_A | encryption algorithm AES_CTR, IKEv1 OAKLEY id: 13, IKEv1 ESP_INFO id: 13, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 13 enum name: AES_CTR | IKEv1 ESP ID id: 13 enum name: AES_CTR | IKEv2 ID id: 13 enum name: AES_CTR | encryption algorithm AES_CBC, IKEv1 OAKLEY id: 7, IKEv1 ESP_INFO id: 12, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 7 enum name: AES_CBC | IKEv1 ESP ID id: 12 enum name: AES | IKEv2 ID id: 12 enum name: AES_CBC | encryption algorithm SERPENT_CBC, IKEv1 OAKLEY id: 65004, IKEv1 ESP_INFO id: 252, IKEv2 id: 65004 | IKEv1 OAKLEY ID id: 65004 enum name: SERPENT_CBC | IKEv1 ESP ID id: 252 enum name: SERPENT | IKEv2 ID id: 65004 enum name: SERPENT_CBC | encryption algorithm TWOFISH_CBC, IKEv1 OAKLEY id: 65005, IKEv1 ESP_INFO id: 253, IKEv2 id: 65005 | IKEv1 OAKLEY ID id: 65005 enum name: TWOFISH_CBC | IKEv1 ESP ID id: 253 enum name: TWOFISH | IKEv2 ID id: 65005 enum name: TWOFISH_CBC | encryption algorithm TWOFISH_SSH, IKEv1 OAKLEY id: 65289, IKEv1 ESP_INFO id: -1, IKEv2 id: 65289 | IKEv1 OAKLEY ID id: 65289 enum name: TWOFISH_CBC_SSH | IKEv2 ID id: 65289 enum name: TWOFISH_CBC_SSH | encryption algorithm NULL_AUTH_AES_GMAC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 23, IKEv2 id: 21 | IKEv1 ESP ID id: 23 enum name: NULL_AUTH_AES_GMAC | IKEv2 ID id: 21 enum name: NULL_AUTH_AES_GMAC | encryption algorithm NULL, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 11, IKEv2 id: 11 | IKEv1 ESP ID id: 11 enum name: NULL | IKEv2 ID id: 11 enum name: NULL | encryption algorithm CHACHA20_POLY1305, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 28 | IKEv2 ID id: 28 enum name: CHACHA20_POLY1305 Encryption algorithms: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac NULL IKEv1: ESP IKEv2: ESP [] CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 | hash algorithm assertion checks | hash algorithm MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | hash algorithm SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | hash algorithm SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | hash algorithm SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | hash algorithm SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: -1 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 Hash algorithms: MD5 IKEv1: IKE IKEv2: SHA1 IKEv1: IKE IKEv2: FIPS sha SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 | PRF algorithm assertion checks | PRF algorithm HMAC_MD5, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: -1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5 | PRF algorithm HMAC_SHA1, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: -1, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1 | PRF algorithm HMAC_SHA2_256, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: -1, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv2 ID id: 5 enum name: HMAC_SHA2_256 | PRF algorithm HMAC_SHA2_384, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: -1, IKEv2 id: 6 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv2 ID id: 6 enum name: HMAC_SHA2_384 | PRF algorithm HMAC_SHA2_512, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: -1, IKEv2 id: 7 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv2 ID id: 7 enum name: HMAC_SHA2_512 | PRF algorithm AES_XCBC, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 4 | IKEv2 ID id: 4 enum name: AES128_XCBC PRF algorithms: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc | integrity algorithm assertion checks | integrity algorithm HMAC_MD5_96, IKEv1 OAKLEY id: 1, IKEv1 ESP_INFO id: 1, IKEv2 id: 1 | IKEv1 OAKLEY ID id: 1 enum name: MD5 | IKEv1 ESP ID id: 1 enum name: HMAC_MD5 | IKEv2 ID id: 1 enum name: HMAC_MD5_96 | integrity algorithm HMAC_SHA1_96, IKEv1 OAKLEY id: 2, IKEv1 ESP_INFO id: 2, IKEv2 id: 2 | IKEv1 OAKLEY ID id: 2 enum name: SHA1 | IKEv1 ESP ID id: 2 enum name: HMAC_SHA1 | IKEv2 ID id: 2 enum name: HMAC_SHA1_96 | integrity algorithm HMAC_SHA2_512_256, IKEv1 OAKLEY id: 6, IKEv1 ESP_INFO id: 7, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 6 enum name: SHA2_512 | IKEv1 ESP ID id: 7 enum name: HMAC_SHA2_512 | IKEv2 ID id: 14 enum name: HMAC_SHA2_512_256 | integrity algorithm HMAC_SHA2_384_192, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 6, IKEv2 id: 13 | IKEv1 OAKLEY ID id: 5 enum name: SHA2_384 | IKEv1 ESP ID id: 6 enum name: HMAC_SHA2_384 | IKEv2 ID id: 13 enum name: HMAC_SHA2_384_192 | integrity algorithm HMAC_SHA2_256_128, IKEv1 OAKLEY id: 4, IKEv1 ESP_INFO id: 5, IKEv2 id: 12 | IKEv1 OAKLEY ID id: 4 enum name: SHA2_256 | IKEv1 ESP ID id: 5 enum name: HMAC_SHA2_256 | IKEv2 ID id: 12 enum name: HMAC_SHA2_256_128 | integrity algorithm HMAC_SHA2_256_TRUNCBUG, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 252, IKEv2 id: -1 | IKEv1 ESP ID id: 252 enum name: HMAC_SHA2_256_TRUNCBUG | integrity algorithm AES_XCBC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 9, IKEv2 id: 5 | IKEv1 ESP ID id: 9 enum name: AES_XCBC | IKEv2 ID id: 5 enum name: AES_XCBC_96 | integrity algorithm AES_CMAC_96, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 250, IKEv2 id: 8 | IKEv1 ESP ID id: 250 enum name: AES_CMAC_96 | IKEv2 ID id: 8 enum name: AES_CMAC_96 | integrity algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: 0, IKEv2 id: 0 | IKEv1 ESP ID id: 0 enum name: NONE | IKEv2 ID id: 0 enum name: NONE Integrity algorithms: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac NONE IKEv1: ESP IKEv2: IKE ESP FIPS null | DH algorithm assertion checks | DH algorithm NONE, IKEv1 OAKLEY id: -1, IKEv1 ESP_INFO id: -1, IKEv2 id: 0 | IKEv2 ID id: 0 enum name: NONE | DH algorithm MODP1536, IKEv1 OAKLEY id: 5, IKEv1 ESP_INFO id: 5, IKEv2 id: 5 | IKEv1 OAKLEY ID id: 5 enum name: MODP1536 | IKEv1 ESP ID id: 5 enum name: MODP1536 | IKEv2 ID id: 5 enum name: MODP1536 | DH algorithm MODP2048, IKEv1 OAKLEY id: 14, IKEv1 ESP_INFO id: 14, IKEv2 id: 14 | IKEv1 OAKLEY ID id: 14 enum name: MODP2048 | IKEv1 ESP ID id: 14 enum name: MODP2048 | IKEv2 ID id: 14 enum name: MODP2048 | DH algorithm MODP3072, IKEv1 OAKLEY id: 15, IKEv1 ESP_INFO id: 15, IKEv2 id: 15 | IKEv1 OAKLEY ID id: 15 enum name: MODP3072 | IKEv1 ESP ID id: 15 enum name: MODP3072 | IKEv2 ID id: 15 enum name: MODP3072 | DH algorithm MODP4096, IKEv1 OAKLEY id: 16, IKEv1 ESP_INFO id: 16, IKEv2 id: 16 | IKEv1 OAKLEY ID id: 16 enum name: MODP4096 | IKEv1 ESP ID id: 16 enum name: MODP4096 | IKEv2 ID id: 16 enum name: MODP4096 | DH algorithm MODP6144, IKEv1 OAKLEY id: 17, IKEv1 ESP_INFO id: 17, IKEv2 id: 17 | IKEv1 OAKLEY ID id: 17 enum name: MODP6144 | IKEv1 ESP ID id: 17 enum name: MODP6144 | IKEv2 ID id: 17 enum name: MODP6144 | DH algorithm MODP8192, IKEv1 OAKLEY id: 18, IKEv1 ESP_INFO id: 18, IKEv2 id: 18 | IKEv1 OAKLEY ID id: 18 enum name: MODP8192 | IKEv1 ESP ID id: 18 enum name: MODP8192 | IKEv2 ID id: 18 enum name: MODP8192 | DH algorithm DH19, IKEv1 OAKLEY id: 19, IKEv1 ESP_INFO id: -1, IKEv2 id: 19 | IKEv1 OAKLEY ID id: 19 enum name: ECP_256 | IKEv2 ID id: 19 enum name: ECP_256 | DH algorithm DH20, IKEv1 OAKLEY id: 20, IKEv1 ESP_INFO id: -1, IKEv2 id: 20 | IKEv1 OAKLEY ID id: 20 enum name: ECP_384 | IKEv2 ID id: 20 enum name: ECP_384 | DH algorithm DH21, IKEv1 OAKLEY id: 21, IKEv1 ESP_INFO id: -1, IKEv2 id: 21 | IKEv1 OAKLEY ID id: 21 enum name: ECP_521 | IKEv2 ID id: 21 enum name: ECP_521 | DH algorithm DH31, IKEv1 OAKLEY id: 31, IKEv1 ESP_INFO id: -1, IKEv2 id: 31 | IKEv1 OAKLEY ID id: 31 enum name: CURVE25519 | IKEv2 ID id: 31 enum name: CURVE25519 DH algorithms: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 testing CAMELLIA_CBC: Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A 81 7D 1C 4D 87 BD B8 2D 1F 1C" | decode_to_chunk: output: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 128-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C 27 B7 EC 2C D1 2D 91 59 6F 37" | decode_to_chunk: output: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 " | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 8A B0 9E 84 72 48 E9 1B 1B 9D" | decode_to_chunk: output: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed Camellia: 16 bytes with 256-bit key | decode_to_chunk: raw_key: input "0x00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" | decode_to_chunk: output: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: CAMELLIA_CBC | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (32-bytes, CAMELLIA_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 D3 EB 61 02 5E 93 21 9B 65 23 " | decode_to_chunk: output: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 | NSS ike_alg_nss_cbc: camellia - enter | NSS ike_alg_nss_cbc: camellia - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed testing AES_GCM_16: empty string | decode_to_chunk: raw_key: input "0xcf063a34d4a9a76c2c86787d3f96db71" | decode_to_chunk: output: | cf 06 3a 34 d4 a9 a7 6c 2c 86 78 7d 3f 96 db 71 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24a0 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2488 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: salted IV: input "0x113b9785971864c83b01c787" | decode_to_chunk: output: | 11 3b 97 85 97 18 64 c8 3b 01 c7 87 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "" | decode_to_chunk: output: | | decode_to_chunk: ciphertext: input "" | decode_to_chunk: output: | | decode_to_chunk: tag: input "0x72ac8493e3a5228b5d130a69d2510e42" | decode_to_chunk: output: | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=0 tag-size=16 | test_gcm_vector: text+tag on call | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 72 ac 84 93 e3 a5 22 8b 5d 13 0a 69 d2 51 0e 42 | test_gcm_vector: release sym_key-key@0x5573f40bfec0 | test_gcm_vector: passed one block | decode_to_chunk: raw_key: input "0xe98b72a9881a84ca6b76e0f43e68647a" | decode_to_chunk: output: | e9 8b 72 a9 88 1a 84 ca 6b 76 e0 f4 3e 68 64 7a | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24a0 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2488 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: salted IV: input "0x8b23299fde174053f3d652ba" | decode_to_chunk: output: | 8b 23 29 9f de 17 40 53 f3 d6 52 ba | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0x28286a321293253c3e0aa2704a278032" | decode_to_chunk: output: | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | decode_to_chunk: ciphertext: input "0x5a3c1cf1985dbb8bed818036fdd5ab42" | decode_to_chunk: output: | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | decode_to_chunk: tag: input "0x23c7ab0f952b7091cd324835043b5eb5" | decode_to_chunk: output: | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=16 tag-size=16 | test_gcm_vector: text+tag on call | 28 28 6a 32 12 93 25 3c 3e 0a a2 70 4a 27 80 32 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 5a 3c 1c f1 98 5d bb 8b ed 81 80 36 fd d5 ab 42 | 23 c7 ab 0f 95 2b 70 91 cd 32 48 35 04 3b 5e b5 | test_gcm_vector: release sym_key-key@0x5573f40bfec0 | test_gcm_vector: passed two blocks | decode_to_chunk: raw_key: input "0xbfd414a6212958a607a0f5d3ab48471d" | decode_to_chunk: output: | bf d4 14 a6 21 29 58 a6 07 a0 f5 d3 ab 48 47 1d | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24a0 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2488 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: salted IV: input "0x86d8ea0ab8e40dcc481cd0e2" | decode_to_chunk: output: | 86 d8 ea 0a b8 e4 0d cc 48 1c d0 e2 | decode_to_chunk: AAD: input "" | decode_to_chunk: output: | | decode_to_chunk: plaintext: input "0xa6b76a066e63392c9443e60272ceaeb9d25c991b0f2e55e2804e168c05ea591a" | decode_to_chunk: output: | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | decode_to_chunk: ciphertext: input "0x62171db33193292d930bf6647347652c1ef33316d7feca99d54f1db4fcf513f8" | decode_to_chunk: output: | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | decode_to_chunk: tag: input "0xc28280aa5c6c7a8bd366f28c1cfd1f6e" | decode_to_chunk: output: | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: decrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: encrypt: aad-size=0 salt-size=4 wire-IV-size=8 text-size=32 tag-size=16 | test_gcm_vector: text+tag on call | a6 b7 6a 06 6e 63 39 2c 94 43 e6 02 72 ce ae b9 | d2 5c 99 1b 0f 2e 55 e2 80 4e 16 8c 05 ea 59 1a | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | 62 17 1d b3 31 93 29 2d 93 0b f6 64 73 47 65 2c | 1e f3 33 16 d7 fe ca 99 d5 4f 1d b4 fc f5 13 f8 | c2 82 80 aa 5c 6c 7a 8b d3 66 f2 8c 1c fd 1f 6e | test_gcm_vector: release sym_key-key@0x5573f40bfec0 | test_gcm_vector: passed two blocks with associated data | decode_to_chunk: raw_key: input "0x006c458100fc5f4d62949d2c833b82d1" | decode_to_chunk: output: | 00 6c 45 81 00 fc 5f 4d 62 94 9d 2c 83 3b 82 d1 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24a0 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_GCM | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2488 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_GCM) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: salted IV: input "0xa4e9c4bc5725a21ff42c82b2" | decode_to_chunk: output: | a4 e9 c4 bc 57 25 a2 1f f4 2c 82 b2 | decode_to_chunk: AAD: input "0x2efb14fb3657cdd6b9a8ff1a5f5a39b9" | decode_to_chunk: output: | 2e fb 14 fb 36 57 cd d6 b9 a8 ff 1a 5f 5a 39 b9 | decode_to_chunk: plaintext: input "0xf381d3bfbee0a879f7a4e17b623278cedd6978053dd313530a18f1a836100950" | decode_to_chunk: output: | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | decode_to_chunk: ciphertext: input "0xf39b4db3542d8542fb73fd2d66be568f26d7f814b3f87d1eceac3dd09a8d697e" | decode_to_chunk: output: | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | decode_to_chunk: tag: input "0x39f045cb23b698c925db134d56c5" | decode_to_chunk: output: | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: decrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: encrypt: aad-size=16 salt-size=4 wire-IV-size=8 text-size=32 tag-size=14 | test_gcm_vector: text+tag on call | f3 81 d3 bf be e0 a8 79 f7 a4 e1 7b 62 32 78 ce | dd 69 78 05 3d d3 13 53 0a 18 f1 a8 36 10 09 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | verify_chunk_data: output ciphertext: ok | verify_chunk_data: TAG: ok | test_gcm_vector: text+tag on return | f3 9b 4d b3 54 2d 85 42 fb 73 fd 2d 66 be 56 8f | 26 d7 f8 14 b3 f8 7d 1e ce ac 3d d0 9a 8d 69 7e | 39 f0 45 cb 23 b6 98 c9 25 db 13 4d 56 c5 | test_gcm_vector: release sym_key-key@0x5573f40bfec0 | test_gcm_vector: passed testing AES_CTR: Encrypting 16 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E" | decode_to_chunk: output: | ae 68 52 f8 12 10 67 cc 4b f7 a5 76 55 77 f3 9e | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8" | decode_to_chunk: output: | e4 09 5d 4f b7 a7 b3 79 2d 61 75 a3 26 13 11 b8 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02" | decode_to_chunk: output: | 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 128-bit key passed Encrypting 32 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63" | decode_to_chunk: output: | 7e 24 06 78 17 fa e0 d7 43 d6 ce 1f 32 53 91 63 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28" | decode_to_chunk: output: | 51 04 a1 06 16 8a 72 d9 79 0d 41 ee 8e da d3 88 | eb 2e 1e fc 46 da 57 c8 fc e6 30 df 91 41 be 28 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 03" | decode_to_chunk: output: | 00 6c b6 db c0 54 3b 59 da 48 d9 0b 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 128-bit key passed Encrypting 36 octets using AES-CTR with 128-bit key | decode_to_chunk: raw_key: input "0x 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC" | decode_to_chunk: output: | 76 91 be 03 5e 50 20 a8 ac 6e 61 85 29 f9 a0 dc | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xC1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D745 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 5325 B2 07 2F" | decode_to_chunk: output: | c1 cf 48 a8 9f 2f fd d9 cf 46 52 e9 ef db 72 d7 | 45 40 a4 2b de 6d 78 36 d5 9a 5c ea ae f3 10 53 | 25 b2 07 2f | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 04" | decode_to_chunk: output: | 00 e0 01 7b 27 77 7f 3f 4a 17 86 f0 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 128-bit key passed Encrypting 16 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED86 3D 06 CC FD B7 85 15" | decode_to_chunk: output: | 16 af 5b 14 5f c9 f5 79 c1 75 f9 3e 3b fb 0e ed | 86 3d 06 cc fd b7 85 15 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28" | decode_to_chunk: output: | 4b 55 38 4f e2 59 c9 c8 4e 79 35 a0 03 cb e9 28 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 02" | decode_to_chunk: output: | 00 00 00 48 36 73 3c 14 7d 6d 93 cb 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 192-bit key passed Encrypting 32 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C67 8C 3D B8 E6 F6 A9 1A" | decode_to_chunk: output: | 7c 5c b2 40 1b 3d c3 3c 19 e7 34 08 19 e0 f6 9c | 67 8c 3d b8 e6 f6 a9 1a | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00" | decode_to_chunk: output: | 45 32 43 fc 60 9b 23 32 7e df aa fa 71 31 cd 9f | 84 90 70 1c 5a d4 a7 9c fc 1f e0 ff 42 f4 fb 00 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 03" | decode_to_chunk: output: | 00 96 b0 3b 02 0c 6e ad c2 cb 50 0d 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 192-bit key passed Encrypting 36 octets using AES-CTR with 192-bit key | decode_to_chunk: raw_key: input "0x02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9BF5 9B 60 A7 86 D3 E0 FE" | decode_to_chunk: output: | 02 bf 39 1e e8 ec b1 59 b9 59 61 7b 09 65 27 9b | f5 9b 60 a7 86 d3 e0 fe | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5573f40c6080 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (24-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88AB EE 09 35" | decode_to_chunk: output: | 96 89 3f c5 5e 5c 72 2f 54 0b 7d d1 dd f7 e7 58 | d2 88 bc 95 c6 91 65 88 45 36 c8 11 66 2f 21 88 | ab ee 09 35 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 04" | decode_to_chunk: output: | 00 07 bd fd 5c bd 60 27 8d cc 09 12 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 192-bit key passed Encrypting 16 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0x77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04" | decode_to_chunk: output: | 77 6b ef f2 85 1d b0 6f 4c 8a 05 42 c8 69 6f 6c | 6a 81 af 1e ec 96 b4 d3 7f c1 d6 89 e6 c1 c1 04 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 01 | decode_to_chunk: Ciphertext: input "0x 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0" | decode_to_chunk: output: | 14 5a d0 1d bf 82 4e c7 56 08 63 dc 71 e3 e0 c0 | decode_to_chunk: Plaintext: input "0x 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: expected counter-block: : input "0x 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 02" | decode_to_chunk: output: | 00 00 00 60 db 56 72 c9 7a a8 f0 b2 00 00 00 02 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x2 for 16 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 16 octets using AES-CTR with 256-bit key passed Encrypting 32 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xF6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84" | decode_to_chunk: output: | f6 d6 6d 6b d5 2d 59 bb 07 96 36 58 79 ef f8 86 | c6 6d d5 1a 5b 6a 99 74 4b 50 59 0c 87 a2 38 84 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xF0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C" | decode_to_chunk: output: | f0 5e 23 1b 38 94 61 2c 49 ee 00 0b 80 4e b2 a9 | b8 30 6b 50 8f 83 9d 6a 55 30 83 1d 93 44 af 1c | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: expected counter-block: : input "0x 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 03" | decode_to_chunk: output: | 00 fa ac 24 c1 58 5e f1 5a 43 d8 75 00 00 00 03 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x3 for 32 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 32 octets using AES-CTR with 256-bit key passed Encrypting 36 octets using AES-CTR with 256-bit key | decode_to_chunk: raw_key: input "0xFF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D" | decode_to_chunk: output: | ff 7a 61 7c e6 91 48 e4 f1 72 6e 2f 43 58 1d e2 | aa 62 d9 f8 05 53 2e df f1 ee d6 87 fb 54 15 3d | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: AES_CTR | flags: ENCRYPT+DECRYPT | key_size: 32-bytes | base: base-key@0x5573f40c6080 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (32-bytes, AES_CTR) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: encrypt: ok | verify_chunk_data: counter-block: ok | decode_to_chunk: input counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 01 | decode_to_chunk: Ciphertext: input "0xEB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AAB4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F1E C0 E6 B8" | decode_to_chunk: output: | eb 6c 52 82 1d 0b bb f7 ce 75 94 46 2a ca 4f aa | b4 07 df 86 65 69 fd 07 f4 8c c0 b5 83 d6 07 1f | 1e c0 e6 b8 | decode_to_chunk: Plaintext: input "0x00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F20 21 22 23" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 22 23 | decode_to_chunk: expected counter-block: : input "0x 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 04" | decode_to_chunk: output: | 00 1c c5 b7 51 a5 1d 70 a1 c1 11 48 00 00 00 04 | do_aes_ctr: enter | do_aes_ctr: counter-block updated from 0x1 to 0x4 for 36 bytes | do_aes_ctr: exit | verify_chunk_data: decrypt: ok | verify_chunk_data: counter-block: ok | test_ctr_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 36 octets using AES-CTR with 256-bit key passed testing AES_CBC: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x06a9214036b8a15b512e03d534120006" | decode_to_chunk: output: | 06 a9 21 40 36 b8 a1 5b 51 2e 03 d5 34 12 00 06 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | decode_to_chunk: ciphertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x3dafba429d9eb430b422da802c9fac41" | decode_to_chunk: output: | 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 | decode_to_chunk: new IV: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: cipertext: : input "0xe353779c1079aeb82708942dbe77181a" | decode_to_chunk: output: | e3 53 77 9c 10 79 ae b8 27 08 94 2d be 77 18 1a | decode_to_chunk: plaintext: : input "Single block msg" | decode_to_chunk: output: | 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key passed Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0xc286696d887c9aa0611bbb3e2025a45a" | decode_to_chunk: output: | c2 86 69 6d 88 7c 9a a0 61 1b bb 3e 20 25 a4 5a | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: ciphertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x562e17996d093d28ddb3ba695a2e6f58" | decode_to_chunk: output: | 56 2e 17 99 6d 09 3d 28 dd b3 ba 69 5a 2e 6f 58 | decode_to_chunk: new IV: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: cipertext: : input "0xd296cd94c2cccf8a3a863028b5e1dc0a7586602d253cfff91b8266bea6d61ab1" | decode_to_chunk: output: | d2 96 cd 94 c2 cc cf 8a 3a 86 30 28 b5 e1 dc 0a | 75 86 60 2d 25 3c ff f9 1b 82 66 be a6 d6 1a b1 | decode_to_chunk: plaintext: : input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key passed Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x6c3ea0477630ce21a2ce334aa746c2cd" | decode_to_chunk: output: | 6c 3e a0 47 76 30 ce 21 a2 ce 33 4a a7 46 c2 cd | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | decode_to_chunk: ciphertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0xc782dc4c098c66cbd9cd27d825682c81" | decode_to_chunk: output: | c7 82 dc 4c 09 8c 66 cb d9 cd 27 d8 25 68 2c 81 | decode_to_chunk: new IV: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: cipertext: : input "0xd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684" | decode_to_chunk: output: | d0 a0 2b 38 36 45 17 53 d4 93 66 5d 33 f0 e8 86 | 2d ea 54 cd b2 93 ab c7 50 69 39 27 67 72 f8 d5 | 02 1c 19 21 6b ad 52 5c 85 79 69 5d 83 ba 26 84 | decode_to_chunk: plaintext: : input "This is a 48-byte message (exactly 3 AES blocks)" | decode_to_chunk: output: | 54 68 69 73 20 69 73 20 61 20 34 38 2d 62 79 74 | 65 20 6d 65 73 73 61 67 65 20 28 65 78 61 63 74 | 6c 79 20 33 20 41 45 53 20 62 6c 6f 63 6b 73 29 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key passed Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key | decode_to_chunk: raw_key: input "0x56e47a38c5598974bc46903dba290349" | decode_to_chunk: output: | 56 e4 7a 38 c5 59 89 74 bc 46 90 3d ba 29 03 49 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2500 | result: symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24e8 | result: symkey-key@0x5573f40bfec0 (16-bytes, AES_CBC) | symkey: release tmp-key@0x5573f40c6080 | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | decode_to_chunk: ciphertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: encrypt: ok | verify_chunk_data: updated CBC IV: ok | decode_to_chunk: IV: : input "0x8ce82eefbea0da3c44699ed7db51b7d9" | decode_to_chunk: output: | 8c e8 2e ef be a0 da 3c 44 69 9e d7 db 51 b7 d9 | decode_to_chunk: new IV: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: cipertext: : input "0xc30e32ffedc0774e6aff6af0869f71aa0f3af07a9a31a9c684db207eb0ef8e4e35907aa632c3ffdf868bb7b29d3d46ad83ce9f9a102ee99d49a53e87f4c3da55" | decode_to_chunk: output: | c3 0e 32 ff ed c0 77 4e 6a ff 6a f0 86 9f 71 aa | 0f 3a f0 7a 9a 31 a9 c6 84 db 20 7e b0 ef 8e 4e | 35 90 7a a6 32 c3 ff df 86 8b b7 b2 9d 3d 46 ad | 83 ce 9f 9a 10 2e e9 9d 49 a5 3e 87 f4 c3 da 55 | decode_to_chunk: plaintext: : input "0xa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf" | decode_to_chunk: output: | a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af | b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf | c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf | d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | verify_chunk_data: decrypt: ok | verify_chunk_data: updated CBC IV: ok | test_cbc_vector: release sym_key-key@0x5573f40bfec0 | test_ctr_vector: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key passed testing AES_XCBC: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "" | decode_to_chunk: output: | | decode_to_chunk: test_prf_vector: input "0x75f0251d528ac01c4573dfd584d79f29" | decode_to_chunk: output: | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f41494c8 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f40c6080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f40c6080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4149578 (length 0) | | XCBC: data | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-221195376: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149e78 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414a460 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x5573f40bfec0 | PRF chunk interface: release key-key@0x5573f40c6080 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f4149b88 (length 16) | 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | chunk output 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f40c6080 (size 16) | PRF symkey interface: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF symkey interface PRF aes_xcbc update symkey message-key@(nil) (size 0) | PRF symkey interface: symkey message-key@NULL | symkey message NULL key has no bytes | XCBC: data | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1023: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149488 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414bce0 | Computing E[0] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] | XCBC: M[n] | XCBC: M[n]:80...^E[n-1]^K3 | 41 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | xcbc: release k1-key@0x5573f414a460 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414bce0 | PRF symkey interface: release key-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414a460 (size 16) | PRF symkey interface: key-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracting all 16 bytes of key@0x5573f414a460 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 4f ac d1 a9 05 7e 49 18 c4 5e a1 80 47 c6 fa 0b | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input extracted len 16 bytes at 0x5573f4149b48 | unwrapped: 75 f0 25 1d 52 8a c0 1c 45 73 df d5 84 d7 9f 29 | verify_chunk_data: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input: ok | test_prf_vector: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input passed | test_prf_vector: release symkey-key@0x5573f414a460 | test_prf_vector: release message-key@NULL | test_prf_vector: release key-key@0x5573f40c6080 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102" | decode_to_chunk: output: | 00 01 02 | decode_to_chunk: test_prf_vector: input "0x5b376580ae2f19afe7219ceef172756f" | decode_to_chunk: output: | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149578 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f414a460 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f414a460 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f40c6080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4149b48 (length 3) | 00 01 02 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)-221195376: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f40c6080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40bfec0 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x5573f40c6080 | PRF chunk interface: release key-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f414a038 (length 16) | 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | chunk output 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f414a460 (size 16) | PRF symkey interface: key symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f414bce0 (19-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 3 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 3-bytes | base: base-key@0x5573f414bce0 (19-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f40bfec0 (3-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f40bfec0 (size 3) | PRF symkey interface: symkey message-key@0x5573f40bfec0 (3-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 3 bytes of key@0x5573f40bfec0 | symkey message: symkey-key@0x5573f40bfec0 (3-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (3-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311072: e9 26 88 92 0c e9 eb 80 b8 e3 c2 21 4b b6 a0 63 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 16 bytes at 0x5573f4149488 | unwrapped: 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149e78 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414bce0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[1] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 | XCBC: M[n] 00 01 02 | XCBC: M[n]:80...^E[n-1]^K3 | c1 a6 a9 21 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: MAC 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | xcbc: release k1-key@0x5573f414bce0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414bce0 (size 16) | PRF symkey interface: key-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracting all 16 bytes of key@0x5573f414bce0 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 71 0a 14 58 b2 ed 43 8f 1e 06 91 0c 4c 8d c7 89 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input extracted len 16 bytes at 0x5573f4149488 | unwrapped: 5b 37 65 80 ae 2f 19 af e7 21 9c ee f1 72 75 6f | verify_chunk_data: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input: ok | test_prf_vector: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input passed | test_prf_vector: release symkey-key@0x5573f414bce0 | test_prf_vector: release message-key@0x5573f40bfec0 | test_prf_vector: release key-key@0x5573f414a460 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xd2a246fa349b68a79998a4394ff7a263" | decode_to_chunk: output: | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149b48 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f40bfec0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f40bfec0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4149488 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41495b8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414bce0 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x5573f414a460 | PRF chunk interface: release key-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f41494c8 (length 16) | d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | chunk output d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f40bfec0 (size 16) | PRF symkey interface: key symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f414bce0 (size 16) | PRF symkey interface: symkey message-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 16 bytes of key@0x5573f414bce0 | symkey message: symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 16 bytes at 0x5573f4149e78 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f40c6080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | XCBC: Computing E[1] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: M[n]^E[n-1]^K2 | bd 87 2d f8 93 a8 29 bf f0 b1 9b fd 0f 22 38 c4 | XCBC: MAC d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | xcbc: release k1-key@0x5573f40c6080 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc final-key@0x5573f40c6080 (size 16) | PRF symkey interface: key-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracting all 16 bytes of key@0x5573f40c6080 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 08 4a db e6 fc a8 7f 53 e3 36 b3 1e d6 99 ab e8 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input extracted len 16 bytes at 0x5573f4149e78 | unwrapped: d2 a2 46 fa 34 9b 68 a7 99 98 a4 39 4f f7 a2 63 | verify_chunk_data: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input: ok | test_prf_vector: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input passed | test_prf_vector: release symkey-key@0x5573f40c6080 | test_prf_vector: release message-key@0x5573f414bce0 | test_prf_vector: release key-key@0x5573f40bfec0 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149488 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f414bce0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f414bce0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4149288 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4144a78 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f414bce0 | K: symkey-key@0x5573f414bce0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149578 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40c6080 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5573f40bfec0 | PRF chunk interface: release key-key@0x5573f414bce0 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f41494c8 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f414bce0 (size 16) | PRF symkey interface: key symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4149288 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f414a460 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414a460 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f40c6080 (size 20) | PRF symkey interface: symkey message-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5573f40c6080 | symkey message: symkey-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 6d 0d b1 ea ac 64 ca 72 78 fe fc 07 95 cc ec 01 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 32 bytes at 0x5573f4149328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5573f414a460 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414a460 (size 16) | PRF symkey interface: key-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracting all 16 bytes of key@0x5573f414a460 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: cb 05 04 7c f1 aa 1c b6 2a 91 35 f3 e2 e9 7a eb | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input: ok | test_prf_vector: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input passed | test_prf_vector: release symkey-key@0x5573f414a460 | test_prf_vector: release message-key@0x5573f40c6080 | test_prf_vector: release key-key@0x5573f414bce0 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | decode_to_chunk: test_prf_vector: input "0xf54f0ec8d2b9f3d36807734bd5283fd4" | decode_to_chunk: output: | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149e78 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f40c6080 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f40c6080 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f414bce0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4149288 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4144a78 (length 32) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149b88 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f414bce0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414a460 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x5573f414bce0 | PRF chunk interface: release key-key@0x5573f40c6080 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f4149f98 (length 16) | f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | chunk output f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f40c6080 (size 16) | PRF symkey interface: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f414bce0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4149288 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40bfec0 (48-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 32 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 32-bytes | base: base-key@0x5573f40bfec0 (48-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f414a460 (size 32) | PRF symkey interface: symkey message-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 32 bytes of key@0x5573f414a460 | symkey message: symkey-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (32-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 5b 38 7f f8 f7 db f8 16 fd e3 d8 53 66 43 69 fe | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 32 bytes at 0x5573f4149328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | K extracting all 16 bytes of key@0x5573f414bce0 | K: symkey-key@0x5573f414bce0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | XCBC: Computing E[2] using K2 | XCBC: K2 bd 86 2f fb 97 ad 2f b8 f8 b8 91 f6 03 2f 36 cb | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: M[n]^E[n-1]^K2 | b0 93 75 12 4c f5 a5 c0 b5 18 18 37 16 b2 15 67 | XCBC: MAC f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | xcbc: release k1-key@0x5573f40bfec0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc final-key@0x5573f40bfec0 (size 16) | PRF symkey interface: key-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracting all 16 bytes of key@0x5573f40bfec0 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 86 cb cf 62 43 b8 44 74 69 f1 f2 88 c2 aa 55 9f | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input extracted len 16 bytes at 0x5573f41494c8 | unwrapped: f5 4f 0e c8 d2 b9 f3 d3 68 07 73 4b d5 28 3f d4 | verify_chunk_data: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input: ok | test_prf_vector: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input passed | test_prf_vector: release symkey-key@0x5573f40bfec0 | test_prf_vector: release message-key@0x5573f414a460 | test_prf_vector: release key-key@0x5573f40c6080 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | decode_to_chunk: test_prf_vector: input "0xbecbb3bccdb518a30677d5481fb6b4d8" | decode_to_chunk: output: | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149488 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f414a460 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f414a460 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f40c6080 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4149fd8 (length 34) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | 20 21 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540619040: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41495b8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f40c6080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40bfec0 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x5573f40c6080 | PRF chunk interface: release key-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f41494c8 (length 16) | be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | chunk output be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f414a460 (size 16) | PRF symkey interface: key symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f414bce0 (50-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 34 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 34-bytes | base: base-key@0x5573f414bce0 (50-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f40bfec0 (34-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f40bfec0 (size 34) | PRF symkey interface: symkey message-key@0x5573f40bfec0 (34-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 34 bytes of key@0x5573f40bfec0 | symkey message: symkey-key@0x5573f40bfec0 (34-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (34-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 48 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 5b 38 7f f8 f7 db f8 16 fd e3 d8 53 66 43 69 fe 55 91 7e c4 f3 6d cc 86 e3 2a 1f 15 0b aa 28 48 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 48 bytes at 0x5573f414a1d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | unwrapped: 20 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f | XCBC: data 20 21 | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149b48 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414bce0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[3] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 09 02 5e 5a 67 25 20 72 44 14 5c 6b 80 66 85 79 | XCBC: M[n] 20 21 | XCBC: M[n] 20 21 | XCBC: M[n]:80...^E[n-1]^K3 | e8 84 75 fb c5 1f b4 74 1c 13 fc e7 48 88 55 17 | XCBC: MAC be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | xcbc: release k1-key@0x5573f414bce0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414bce0 (size 16) | PRF symkey interface: key-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracting all 16 bytes of key@0x5573f414bce0 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 89 10 24 05 d1 4c c2 c2 3c ec 6d 32 b0 d6 bb 6a | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input extracted len 16 bytes at 0x5573f4149b48 | unwrapped: be cb b3 bc cd b5 18 a3 06 77 d5 48 1f b6 b4 d8 | verify_chunk_data: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input: ok | test_prf_vector: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input passed | test_prf_vector: release symkey-key@0x5573f414bce0 | test_prf_vector: release message-key@0x5573f40bfec0 | test_prf_vector: release key-key@0x5573f414a460 | test_prf_vector: release output-key@NULL RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0xf0dafee895db30253761103b5d84528f" | decode_to_chunk: output: | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149b48 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f40bfec0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f40bfec0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f414ee08 (length 1000) | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540028960: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41495b8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414bce0 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x5573f414a460 | PRF chunk interface: release key-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f4149f98 (length 16) | f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | chunk output f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414a460 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f40bfec0 (size 16) | PRF symkey interface: key symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4144a78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40c6080 (1016-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 1000 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 1000-bytes | base: base-key@0x5573f40c6080 (1016-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414bce0 (1000-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f414bce0 (size 1000) | PRF symkey interface: symkey message-key@0x5573f414bce0 (1000-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 1000 bytes of key@0x5573f414bce0 | symkey message: symkey-key@0x5573f414bce0 (1000-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (1000-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 1008 | wrapper: (SECItemType)-221311072: 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 1008 bytes at 0x5573f4151408 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 00 00 00 00 00 00 00 | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f40c6080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[63] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 5c 88 af cc 1e 1e 83 fc c4 2c 0c e4 12 12 f5 17 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n] 00 00 00 00 00 00 00 00 | XCBC: M[n]:80...^E[n-1]^K3 | 9d 2f 04 6d bc 24 17 fa 1c 2b ac 68 da fc 25 79 | XCBC: MAC f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | xcbc: release k1-key@0x5573f40c6080 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc final-key@0x5573f40c6080 (size 16) | PRF symkey interface: key-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracting all 16 bytes of key@0x5573f40c6080 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: f5 32 21 ea 24 a5 6c 55 fc 85 05 0c 52 a5 c6 9b | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: release slot-key-key@0x5573f414a280 | RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input extracted len 16 bytes at 0x5573f41494c8 | unwrapped: f0 da fe e8 95 db 30 25 37 61 10 3b 5d 84 52 8f | verify_chunk_data: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input: ok | test_prf_vector: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input passed | test_prf_vector: release symkey-key@0x5573f40c6080 | test_prf_vector: release message-key@0x5573f414bce0 | test_prf_vector: release key-key@0x5573f40bfec0 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x47f51b4564966215b8985c63055ed308" | decode_to_chunk: output: | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f414a038 (length 16) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414bce0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f414bce0 | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: key-key@0x5573f414bce0 (16-bytes, AES_ECB) | PRF chunk interface: release clone-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4149288 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4144a78 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f414bce0 | K: symkey-key@0x5573f414bce0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149b88 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40c6080 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5573f40bfec0 | PRF chunk interface: release key-key@0x5573f414bce0 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f41494c8 (length 16) | 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | chunk output 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f414bce0 (size 16) | PRF symkey interface: key symkey-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 16=16 just right | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: key symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4149288 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f414a460 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414a460 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f40c6080 (size 20) | PRF symkey interface: symkey message-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5573f40c6080 | symkey message: symkey-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 6d 0d b1 ea ac 64 ca 72 78 fe fc 07 95 cc ec 01 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 32 bytes at 0x5573f4149328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: K1 c3 52 80 57 54 23 7f 31 1a c0 ff f4 e3 e0 3e 78 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[2] using K3 | XCBC: K3 c1 a7 ab a1 a2 3a 94 06 58 07 a0 8c c8 ee d0 6e | XCBC: E[n-1] 1d 04 48 fa cf 4d 9c 6f 55 b9 93 da 09 80 3d b3 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | cc b2 f1 48 ed 77 08 69 0d be 33 56 c1 6e ed dd | XCBC: MAC 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | xcbc: release k1-key@0x5573f414a460 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414a460 (size 16) | PRF symkey interface: key-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracting all 16 bytes of key@0x5573f414a460 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): symkey-key@0x5573f414a460 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: cb 05 04 7c f1 aa 1c b6 2a 91 35 f3 e2 e9 7a eb | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): release slot-key-key@0x5573f414a280 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) extracted len 16 bytes at 0x5573f4149f98 | unwrapped: 47 f5 1b 45 64 96 62 15 b8 98 5c 63 05 5e d3 08 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) passed | test_prf_vector: release symkey-key@0x5573f414a460 | test_prf_vector: release message-key@0x5573f40c6080 | test_prf_vector: release key-key@0x5573f414bce0 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) | decode_to_chunk: test_prf_vector: input "0x00010203040506070809" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x0fa087af7d866e7653434e602fdde835" | decode_to_chunk: output: | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4149b48 (length 10) | 00 01 02 03 04 05 06 07 08 09 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f40c6080 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x5573f40c6080 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f414bce0 (10-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f40c6080 | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x5573f414bce0 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f414bce0 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b2420 | result: tmp+=0-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f414bce0 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2448 | result: PRF chunk interface-key@0x5573f414a460 (16-bytes, AES_ECB) | PRF chunk interface: release tmp-key@0x5573f40c6080 | PRF chunk interface: release clone-key@0x5573f414bce0 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4149288 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4144a78 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: 97 49 73 7d 97 ce a8 85 76 77 5d 8e 8a 13 d4 89 | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f4149578 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f414bce0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40c6080 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x5573f414bce0 | PRF chunk interface: release key-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f4149f98 (length 16) | 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | chunk output 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414bce0 (26-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 10 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 10-bytes | base: base-key@0x5573f414bce0 (26-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f414a460 (10-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f414a460 (size 10) | PRF symkey interface: key symkey-key@0x5573f414a460 (10-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 10<16 too small, padding with zeros | xcbc: reference tmp-key@0x5573f414a460 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f414a460 (10-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b2450 | result: tmp+=0-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f414a460 | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414bce0 (16-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: PRF symkey interface-key@0x5573f40c6080 (16-bytes, AES_ECB) | PRF symkey interface: release tmp-key@0x5573f414bce0 | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f4149288 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414bce0 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f414bce0 (size 20) | PRF symkey interface: symkey message-key@0x5573f414bce0 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5573f414bce0 | symkey message: symkey-key@0x5573f414bce0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 6d 0d b1 ea ac 64 ca 72 78 fe fc 07 95 cc ec 01 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 32 bytes at 0x5573f4149328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: 97 49 73 7d 97 ce a8 85 76 77 5d 8e 8a 13 d4 89 | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K: 00 01 02 03 04 05 06 07 08 09 00 00 00 00 00 00 | XCBC: K1 50 ca b2 4d 03 34 45 5e 40 7b 25 0f dd 7c f8 d5 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[2] using K3 | XCBC: K3 8e f7 48 db 56 f1 f7 26 24 72 f2 c5 63 b0 3f 88 | XCBC: E[n-1] fe 1f 63 e9 65 1a 4b bb 3c cc cd 0d cc 83 e4 30 | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | 60 f9 39 21 b3 eb bc 9d 18 be 3f c8 af 33 db b8 | XCBC: MAC 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | xcbc: release k1-key@0x5573f40bfec0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f414d560 | PRF symkey interface: release key-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc final-key@0x5573f40bfec0 (size 16) | PRF symkey interface: key-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracting all 16 bytes of key@0x5573f40bfec0 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): symkey-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 1f e8 bc 18 7b 77 1d ea a2 31 17 a4 96 f2 f9 a9 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): release slot-key-key@0x5573f414a280 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 0f a0 87 af 7d 86 6e 76 53 43 4e 60 2f dd e8 35 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) passed | test_prf_vector: release symkey-key@0x5573f40bfec0 | test_prf_vector: release message-key@0x5573f414bce0 | test_prf_vector: release key-key@0x5573f414a460 | test_prf_vector: release output-key@NULL RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0fedcb" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | decode_to_chunk: test_prf_vector: input "0x000102030405060708090a0b0c0d0e0f10111213" | decode_to_chunk: output: | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | decode_to_chunk: test_prf_vector: input "0x8cd3c93ae598a9803006ffb67c40e9e4" | decode_to_chunk: output: | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | PRF chunk interface PRF aes_xcbc init key-chunk@0x5573f4144a78 (length 18) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | ed cb | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2480 | result: key-key@0x5573f414bce0 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x5573f414bce0 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2468 | result: key-key@0x5573f414a460 (18-bytes, EXTRACT_KEY_FROM_KEY) | key: release tmp-key@0x5573f414bce0 | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2420 | result: key-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2408 | result: key-key@0x5573f414bce0 (16-bytes, AES_ECB) | key: release tmp-key@0x5573f40bfec0 | key extracting all 18 bytes of key@0x5573f414a460 | key: symkey-key@0x5573f414a460 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | key: new slot-key@0x5573f414a280 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 98 1c cd cb e8 63 e7 8a 2d b7 1a 8f c1 08 4c c5 | key: release slot-key-key@0x5573f414a280 | key extracted len 32 bytes at 0x5573f4149328 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x5573f414bce0 | K: symkey-key@0x5573f414bce0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23a0 | result: k1-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2388 | result: k1-key@0x5573f40bfec0 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40c6080 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x5573f40bfec0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2420 | result: key-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2408 | result: key-key@0x5573f40bfec0 (16-bytes, AES_ECB) | key: release tmp-key@0x5573f40c6080 | PRF chunk interface: release clone-key@0x5573f414a460 | PRF chunk interface PRF aes_xcbc crypt-prf@0x5573f4149328 | PRF chunk interface PRF aes_xcbc update message-bytes@0x5573f4149288 (length 20) | 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | 10 11 12 13 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f40bfec0 | K: symkey-key@0x5573f40bfec0 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)540618784: db b7 53 6d f8 74 3d 16 37 7b d2 90 ac 26 db b6 | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41495b8 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23e0 | result: k1-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23c8 | result: k1-key@0x5573f414a460 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f40c6080 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x5573f414a460 | PRF chunk interface: release key-key@0x5573f40bfec0 | PRF chunk interface PRF aes_xcbc final-chunk@0x5573f4149b48 (length 16) | 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | chunk output 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414a460 (34-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 18 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 18-bytes | base: base-key@0x5573f414a460 (34-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40bfec0 (18-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414a460 | PRF symkey interface PRF aes_xcbc init key symkey-key@0x5573f40bfec0 (size 18) | PRF symkey interface: key symkey-key@0x5573f40bfec0 (18-bytes, EXTRACT_KEY_FROM_KEY) | XCBC: Key 18>16 too big, rehashing to size | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2450 | result: key symkey-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2438 | result: key symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x5573f40c6080 | key symkey extracting all 18 bytes of key@0x5573f40bfec0 | key symkey: symkey-key@0x5573f40bfec0 (18-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | key symkey: new slot-key@0x5573f414a280 (18-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)1701522796: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 98 1c cd cb e8 63 e7 8a 2d b7 1a 8f c1 08 4c c5 | key symkey: release slot-key-key@0x5573f414a280 | key symkey extracted len 32 bytes at 0x5573f41492d8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: ed cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data ed cb | K extracting all 16 bytes of key@0x5573f414a460 | K: symkey-key@0x5573f414a460 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)808460336: 4c 7b 97 4f 48 89 28 15 62 f1 5c d3 0b ea 50 6f | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: K1 e1 4d 5d 0e e2 77 15 df 08 b4 15 2b a2 3d a8 e0 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b23d0 | result: k1-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23b8 | result: k1-key@0x5573f40c6080 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f414d560 | Computing E[2] using K3 | XCBC: K3 8d 34 ef cb 3b d5 45 ca 06 2a ec df ef 7c 0b fa | XCBC: E[n-1] 0b 72 b2 ae 0a 37 79 81 75 6a d5 9c 79 c0 e6 96 | XCBC: M[n] ed cb | XCBC: M[n] ed cb | XCBC: M[n]:80...^E[n-1]^K3 | 6b 8d dd 65 31 e2 3c 4b 73 40 39 43 96 bc ed 6c | XCBC: MAC 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | xcbc: release k1-key@0x5573f40c6080 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2450 | result: key symkey-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2438 | result: key symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | key symkey: release tmp-key@0x5573f414d560 | PRF symkey interface PRF aes_xcbc crypt-prf@0x5573f41492d8 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f414f010 | PRF symkey interface PRF aes_xcbc update symkey message-key@0x5573f414d560 (size 20) | PRF symkey interface: symkey message-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | symkey message extracting all 20 bytes of key@0x5573f414d560 | symkey message: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | symkey message: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221311072: 4c a8 fb f5 18 ef 68 df f9 7e 42 7c 0b 63 61 5e 6d 0d b1 ea ac 64 ca 72 78 fe fc 07 95 cc ec 01 | symkey message: release slot-key-key@0x5573f414a280 | symkey message extracted len 32 bytes at 0x5573f414f1b8 | unwrapped: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | unwrapped: 10 11 12 13 00 00 00 00 00 00 00 00 00 00 00 00 | XCBC: data 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f | XCBC: data 10 11 12 13 | K extracting all 16 bytes of key@0x5573f40c6080 | K: symkey-key@0x5573f40c6080 (16-bytes, AES_ECB) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | K: new slot-key@0x5573f414a280 (16-bytes, AES_ECB) | sizeof bytes 16 | wrapper: (SECItemType)1920429685: db b7 53 6d f8 74 3d 16 37 7b d2 90 ac 26 db b6 | K: release slot-key-key@0x5573f414a280 | K extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K: 5d 93 a5 3b 80 a3 e4 06 90 d2 4c ea e1 44 9c 0e | XCBC: K1 27 f3 88 2f b7 b9 4b a4 16 36 09 d5 d2 39 c5 7f | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2400 | result: k1-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_ECB | flags: SIGN | key_size: 16-bytes | base: base-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b23e8 | result: k1-key@0x5573f414f010 (16-bytes, AES_ECB) | k1: release tmp-key@0x5573f4150a70 | Computing E[2] using K3 | XCBC: K3 50 9e d8 ae 74 5a 75 4c 93 4d 6c 91 98 fe e2 1b | XCBC: E[n-1] ec 26 f6 dd e8 bb 1b d1 ec 76 c4 91 78 37 ca 4b | XCBC: M[n] 10 11 12 13 | XCBC: M[n] 10 11 12 13 | XCBC: M[n]:80...^E[n-1]^K3 | ac a9 3c 60 1c e1 6e 9d 7f 3b a8 00 e0 c9 28 50 | XCBC: MAC 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | xcbc: release k1-key@0x5573f414f010 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2490 | result: xcbc-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2478 | result: xcbc-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | xcbc: release tmp-key@0x5573f4150a70 | PRF symkey interface: release key-key@0x5573f40c6080 | PRF symkey interface PRF aes_xcbc final-key@0x5573f414f010 (size 16) | PRF symkey interface: key-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracting all 16 bytes of key@0x5573f414f010 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): symkey-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: ff 55 5f ca e8 33 7e 9c 87 b9 cc 79 06 1b f1 99 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): release slot-key-key@0x5573f414a280 | RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 8c d3 c9 3a e5 98 a9 80 30 06 ff b6 7c 40 e9 e4 | verify_chunk_data: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18): ok | test_prf_vector: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) passed | test_prf_vector: release symkey-key@0x5573f414f010 | test_prf_vector: release message-key@0x5573f414d560 | test_prf_vector: release key-key@0x5573f40bfec0 | test_prf_vector: release output-key@NULL testing HMAC_MD5: RFC 2104: MD5_HMAC test 1 | decode_to_chunk: test_prf_vector: input "0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" | decode_to_chunk: output: | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | decode_to_chunk: test_prf_vector: input "Hi There" | decode_to_chunk: output: | 48 69 20 54 68 65 72 65 | decode_to_chunk: test_prf_vector: input "0x9294727a3638bb1c13f48ef8158bfc9d" | decode_to_chunk: output: | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface PRF md5 init key-chunk@0x5573f414a038 (length 16) | 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b 0b | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2470 | result: PRF chunk interface-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2458 | result: PRF chunk interface-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5573f414d560 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f40bfec0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5573f414ef88 | PRF chunk interface PRF md5 update message-bytes@0x5573f41494c8 (length 8) | 48 69 20 54 68 65 72 65 | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffeae0b24e0 | result: message-key@0x5573f414f010 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5573f40bfec0 | PRF HMAC inner hash hash md5 inner-key@0x5573f414f010 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f414f010 (size 72) | PRF HMAC inner hash: inner-key@0x5573f414f010 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f4149578 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2370 | result: PRF HMAC inner hash-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2358 | result: PRF HMAC inner hash-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f40c6080 | PRF chunk interface: release inner-key@0x5573f414f010 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23e0 | result: result-key@0x5573f414f010 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23c8 | result: result-key@0x5573f40c6080 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f414f010 | PRF chunk interface: release hashed-inner-key@0x5573f40bfec0 | PRF chunk interface: release key-key@0x5573f414d560 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f40c6080 (size 80) | PRF HMAC outer hash: outer-key@0x5573f40c6080 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5573f41495b8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | PRF chunk interface: release outer-key@0x5573f40c6080 | PRF chunk interface PRF md5 final-chunk@0x5573f41495b8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | chunk output 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414d560 | PRF symkey interface PRF md5 init key symkey-key@0x5573f40c6080 (size 16) | PRF symkey interface: key symkey-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5573f40c6080 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f40c6080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5573f414f1b8 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f4150a70 (24-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 8 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 8-bytes | base: base-key@0x5573f4150a70 (24-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414f010 (8-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f4150a70 | PRF symkey interface PRF md5 update symkey message-key@0x5573f414f010 (size 8) | PRF symkey interface: symkey message-key@0x5573f414f010 (8-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b2508 | result: result-key@0x5573f4150a70 (72-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f40bfec0 | PRF HMAC inner hash hash md5 inner-key@0x5573f4150a70 (size 72) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f4150a70 (size 72) | PRF HMAC inner hash: inner-key@0x5573f4150a70 (72-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f41495b8 (length 16) | 90 1d 23 73 2e dc c0 f1 a1 06 53 2f 6b e5 ec eb | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2390 | result: PRF HMAC inner hash-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2378 | result: PRF HMAC inner hash-key@0x5573f40bfec0 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f4150e50 | PRF symkey interface: release inner-key@0x5573f4150a70 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b2400 | result: result-key@0x5573f4150a70 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f4150a70 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23e8 | result: result-key@0x5573f4150e50 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f4150a70 | PRF symkey interface: release hashed-inner-key@0x5573f40bfec0 | PRF symkey interface: release key-key@0x5573f414d560 | PRF HMAC outer hash hash md5 outer-key@0x5573f4150e50 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f4150e50 (size 80) | PRF HMAC outer hash: outer-key@0x5573f4150e50 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5573f41495b8 (length 16) | 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2450 | result: PRF HMAC outer hash-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2438 | result: PRF HMAC outer hash-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5573f40bfec0 | PRF symkey interface: release outer-key@0x5573f4150e50 | : hashed-outer-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5573f414d560 (size 16) | PRF symkey interface: key-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 1 extracting all 16 bytes of key@0x5573f414d560 | RFC 2104: MD5_HMAC test 1: symkey-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 1: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: fa c7 db 4f 27 36 cb e1 8a 89 bf f6 80 e0 0f 04 | RFC 2104: MD5_HMAC test 1: release slot-key-key@0x5573f414a280 | RFC 2104: MD5_HMAC test 1 extracted len 16 bytes at 0x5573f4149578 | unwrapped: 92 94 72 7a 36 38 bb 1c 13 f4 8e f8 15 8b fc 9d | verify_chunk_data: RFC 2104: MD5_HMAC test 1: ok | test_prf_vector: RFC 2104: MD5_HMAC test 1 passed | test_prf_vector: release symkey-key@0x5573f414d560 | test_prf_vector: release message-key@0x5573f414f010 | test_prf_vector: release key-key@0x5573f40c6080 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 2 | decode_to_chunk: test_prf_vector: input "Jefe" | decode_to_chunk: output: | 4a 65 66 65 | decode_to_chunk: test_prf_vector: input "what do ya want for nothing?" | decode_to_chunk: output: | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | decode_to_chunk: test_prf_vector: input "0x750c783e6ab0b503eaa86e310a5db738" | decode_to_chunk: output: | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface PRF md5 init key-chunk@0x5573f4149b48 (length 4) | 4a 65 66 65 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2470 | result: PRF chunk interface-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2458 | result: PRF chunk interface-key@0x5573f40c6080 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5573f414f010 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c6080 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f40c6080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5573f4150dd8 | PRF chunk interface PRF md5 update message-bytes@0x5573f4144a78 (length 28) | 77 68 61 74 20 64 6f 20 79 61 20 77 61 6e 74 20 | 66 6f 72 20 6e 6f 74 68 69 6e 67 3f | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffeae0b24e0 | result: message-key@0x5573f414d560 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5573f40c6080 | PRF HMAC inner hash hash md5 inner-key@0x5573f414d560 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f414d560 (size 92) | PRF HMAC inner hash: inner-key@0x5573f414d560 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f4149578 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2370 | result: PRF HMAC inner hash-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2358 | result: PRF HMAC inner hash-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f4150e50 | PRF chunk interface: release inner-key@0x5573f414d560 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23e0 | result: result-key@0x5573f414d560 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23c8 | result: result-key@0x5573f4150e50 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f414d560 | PRF chunk interface: release hashed-inner-key@0x5573f40c6080 | PRF chunk interface: release key-key@0x5573f414f010 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f4150e50 (size 80) | PRF HMAC outer hash: outer-key@0x5573f4150e50 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5573f41494c8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | PRF chunk interface: release outer-key@0x5573f4150e50 | PRF chunk interface PRF md5 final-chunk@0x5573f41494c8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | chunk output 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 4 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 4-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f4150e50 (4-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414f010 | PRF symkey interface PRF md5 init key symkey-key@0x5573f4150e50 (size 4) | PRF symkey interface: key symkey-key@0x5573f4150e50 (4-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5573f4150e50 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f4150e50 (4-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f4150e50 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5573f414ef88 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40bfec0 (44-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 28 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 28-bytes | base: base-key@0x5573f40bfec0 (44-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414d560 (28-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40bfec0 | PRF symkey interface PRF md5 update symkey message-key@0x5573f414d560 (size 28) | PRF symkey interface: symkey message-key@0x5573f414d560 (28-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b2508 | result: result-key@0x5573f40bfec0 (92-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f40c6080 | PRF HMAC inner hash hash md5 inner-key@0x5573f40bfec0 (size 92) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f40bfec0 (size 92) | PRF HMAC inner hash: inner-key@0x5573f40bfec0 (92-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f41494c8 (length 16) | c3 db 14 c0 65 f5 52 03 b0 33 c8 1a 69 7b 97 c5 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2390 | result: PRF HMAC inner hash-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2378 | result: PRF HMAC inner hash-key@0x5573f40c6080 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f4150a70 | PRF symkey interface: release inner-key@0x5573f40bfec0 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b2400 | result: result-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40bfec0 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23e8 | result: result-key@0x5573f4150a70 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f40bfec0 | PRF symkey interface: release hashed-inner-key@0x5573f40c6080 | PRF symkey interface: release key-key@0x5573f414f010 | PRF HMAC outer hash hash md5 outer-key@0x5573f4150a70 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f4150a70 (size 80) | PRF HMAC outer hash: outer-key@0x5573f4150a70 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5573f41494c8 (length 16) | 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2450 | result: PRF HMAC outer hash-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40c6080 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2438 | result: PRF HMAC outer hash-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5573f40c6080 | PRF symkey interface: release outer-key@0x5573f4150a70 | : hashed-outer-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5573f414f010 (size 16) | PRF symkey interface: key-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 2 extracting all 16 bytes of key@0x5573f414f010 | RFC 2104: MD5_HMAC test 2: symkey-key@0x5573f414f010 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 2: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: b9 67 66 89 2c c3 f2 72 db b2 0d 6a 3c fe 42 7d | RFC 2104: MD5_HMAC test 2: release slot-key-key@0x5573f414a280 | RFC 2104: MD5_HMAC test 2 extracted len 16 bytes at 0x5573f4149578 | unwrapped: 75 0c 78 3e 6a b0 b5 03 ea a8 6e 31 0a 5d b7 38 | verify_chunk_data: RFC 2104: MD5_HMAC test 2: ok | test_prf_vector: RFC 2104: MD5_HMAC test 2 passed | test_prf_vector: release symkey-key@0x5573f414f010 | test_prf_vector: release message-key@0x5573f414d560 | test_prf_vector: release key-key@0x5573f4150e50 | test_prf_vector: release output-key@NULL RFC 2104: MD5_HMAC test 3 | decode_to_chunk: test_prf_vector: input "0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" | decode_to_chunk: output: | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | decode_to_chunk: test_prf_vector: input "0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" | decode_to_chunk: output: | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | decode_to_chunk: test_prf_vector: input "0x56be34521d144c88dbb8c733f0e8b3f6" | decode_to_chunk: output: | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface PRF md5 init key-chunk@0x5573f414a038 (length 16) | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2470 | result: PRF chunk interface-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2458 | result: PRF chunk interface-key@0x5573f4150e50 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF chunk interface: release tmp-key@0x5573f414d560 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f4150e50 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f4150e50 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f4150e50 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF chunk interface PRF md5 crypt-prf@0x5573f4150e28 | PRF chunk interface PRF md5 update message-bytes@0x5573f4149378 (length 50) | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd dd | dd dd | CONCATENATE_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f4150e50 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 16-bytes@0x7ffeae0b24e0 | result: message-key@0x5573f414f010 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_bytes: release lhs-key@0x5573f4150e50 | PRF HMAC inner hash hash md5 inner-key@0x5573f414f010 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f414f010 (size 114) | PRF HMAC inner hash: inner-key@0x5573f414f010 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f41494c8 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2370 | result: PRF HMAC inner hash-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150a70 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2358 | result: PRF HMAC inner hash-key@0x5573f4150e50 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f4150a70 | PRF chunk interface: release inner-key@0x5573f414f010 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23e0 | result: result-key@0x5573f414f010 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414f010 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23c8 | result: result-key@0x5573f4150a70 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f414f010 | PRF chunk interface: release hashed-inner-key@0x5573f4150e50 | PRF chunk interface: release key-key@0x5573f414d560 | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f4150a70 (size 80) | PRF HMAC outer hash: outer-key@0x5573f4150a70 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final bytes@0x5573f4149578 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | PRF chunk interface: release outer-key@0x5573f4150a70 | PRF chunk interface PRF md5 final-chunk@0x5573f4149578 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | chunk output 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: key symkey-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f414d560 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: key symkey-key@0x5573f4150a70 (16-bytes, EXTRACT_KEY_FROM_KEY) | key symkey: release tmp-key@0x5573f414d560 | PRF symkey interface PRF md5 init key symkey-key@0x5573f4150a70 (size 16) | PRF symkey interface: key symkey-key@0x5573f4150a70 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface: reference key-key@0x5573f4150a70 | CONCATENATE_BASE_AND_DATA: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f4150a70 (16-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23b0 | result: trimed key-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_bytes: release lhs-key@0x5573f4150a70 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b23f0 | result: result-key@0x5573f4150e50 (64-bytes, CONCATENATE_BASE_AND_DATA) | PRF symkey interface PRF md5 crypt-prf@0x5573f4149328 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b24f0 | result: message symkey-key@0x5573f40c6080 (66-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 50 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 50-bytes | base: base-key@0x5573f40c6080 (66-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b24d8 | result: message symkey-key@0x5573f414f010 (50-bytes, EXTRACT_KEY_FROM_KEY) | message symkey: release tmp-key@0x5573f40c6080 | PRF symkey interface PRF md5 update symkey message-key@0x5573f414f010 (size 50) | PRF symkey interface: symkey message-key@0x5573f414f010 (50-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f4150e50 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b2508 | result: result-key@0x5573f40c6080 (114-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f4150e50 | PRF HMAC inner hash hash md5 inner-key@0x5573f40c6080 (size 114) | PRF HMAC inner hash hash md5 init | PRF HMAC inner hash hash md5 digest inner-key@0x5573f40c6080 (size 114) | PRF HMAC inner hash: inner-key@0x5573f40c6080 (114-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC inner hash hash md5 final chunk@0x5573f4149578 (length 16) | 82 0a 6b 33 5d 18 7b 90 dc ba b1 7e f5 b4 26 ff | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2390 | result: PRF HMAC inner hash-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f40bfec0 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2378 | result: PRF HMAC inner hash-key@0x5573f4150e50 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC inner hash: release tmp-key@0x5573f40bfec0 | PRF symkey interface: release inner-key@0x5573f40c6080 | XOR_BASE_AND_DATA: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f414d560 (64-bytes, EXTRACT_KEY_FROM_KEY) | params: 16-bytes@0x7ffeae0b2400 | result: result-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | CONCATENATE_BASE_AND_KEY: | target: CONCATENATE_BASE_AND_DATA | base: base-key@0x5573f40c6080 (64-bytes, CONCATENATE_BASE_AND_DATA) | params: 8-bytes@0x7ffeae0b23e8 | result: result-key@0x5573f40bfec0 (80-bytes, CONCATENATE_BASE_AND_DATA) | append_symkey_symkey: release lhs-key@0x5573f40c6080 | PRF symkey interface: release hashed-inner-key@0x5573f4150e50 | PRF symkey interface: release key-key@0x5573f414d560 | PRF HMAC outer hash hash md5 outer-key@0x5573f40bfec0 (size 80) | PRF HMAC outer hash hash md5 init | PRF HMAC outer hash hash md5 digest outer-key@0x5573f40bfec0 (size 80) | PRF HMAC outer hash: outer-key@0x5573f40bfec0 (80-bytes, CONCATENATE_BASE_AND_DATA) | PRF HMAC outer hash hash md5 final chunk@0x5573f4149578 (length 16) | 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffeae0b2450 | result: PRF HMAC outer hash-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 16-bytes | base: base-key@0x5573f4150e50 (32-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b2438 | result: PRF HMAC outer hash-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF HMAC outer hash: release tmp-key@0x5573f4150e50 | PRF symkey interface: release outer-key@0x5573f40bfec0 | : hashed-outer-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | PRF symkey interface PRF md5 final-key@0x5573f414d560 (size 16) | PRF symkey interface: key-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | output: symkey-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | RFC 2104: MD5_HMAC test 3 extracting all 16 bytes of key@0x5573f414d560 | RFC 2104: MD5_HMAC test 3: symkey-key@0x5573f414d560 (16-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | RFC 2104: MD5_HMAC test 3: new slot-key@0x5573f414a280 (16-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 16 | wrapper: (SECItemType)-221311126: 50 f1 8e a1 65 c0 63 db 46 1c 3b fa c4 8d 41 77 | RFC 2104: MD5_HMAC test 3: release slot-key-key@0x5573f414a280 | RFC 2104: MD5_HMAC test 3 extracted len 16 bytes at 0x5573f41494c8 | unwrapped: 56 be 34 52 1d 14 4c 88 db b8 c7 33 f0 e8 b3 f6 | verify_chunk_data: RFC 2104: MD5_HMAC test 3: ok | test_prf_vector: RFC 2104: MD5_HMAC test 3 passed | test_prf_vector: release symkey-key@0x5573f414d560 | test_prf_vector: release message-key@0x5573f414f010 | test_prf_vector: release key-key@0x5573f4150a70 | test_prf_vector: release output-key@NULL 8 CPU cores online starting up 7 crypto helpers started thread for crypto helper 0 | starting up helper thread 0 | status value returned by setting the priority of this thread (crypto helper 0) 22 | crypto helper 0 waiting (nothing to do) started thread for crypto helper 1 started thread for crypto helper 2 started thread for crypto helper 3 | starting up helper thread 1 | status value returned by setting the priority of this thread (crypto helper 1) 22 started thread for crypto helper 4 | crypto helper 1 waiting (nothing to do) | starting up helper thread 3 | status value returned by setting the priority of this thread (crypto helper 3) 22 | crypto helper 3 waiting (nothing to do) | starting up helper thread 2 | starting up helper thread 4 | status value returned by setting the priority of this thread (crypto helper 4) 22 | crypto helper 4 waiting (nothing to do) | status value returned by setting the priority of this thread (crypto helper 2) 22 | crypto helper 2 waiting (nothing to do) started thread for crypto helper 5 | starting up helper thread 5 started thread for crypto helper 6 | status value returned by setting the priority of this thread (crypto helper 5) 22 | starting up helper thread 6 | crypto helper 5 waiting (nothing to do) | checking IKEv1 state table | status value returned by setting the priority of this thread (crypto helper 6) 22 | MAIN_R0: category: half-open IKE SA flags: 0: | -> MAIN_R1 EVENT_SO_DISCARD | crypto helper 6 waiting (nothing to do) | MAIN_I1: category: half-open IKE SA flags: 0: | -> MAIN_I2 EVENT_RETRANSMIT | MAIN_R1: category: open IKE SA flags: 200: | -> MAIN_R2 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_I2: category: open IKE SA flags: 0: | -> MAIN_I3 EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | -> UNDEFINED EVENT_RETRANSMIT | MAIN_R2: category: open IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | -> MAIN_R3 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_I3: category: open IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | -> MAIN_I4 EVENT_SA_REPLACE | -> UNDEFINED EVENT_SA_REPLACE | MAIN_R3: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | MAIN_I4: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | AGGR_R0: category: half-open IKE SA flags: 0: | -> AGGR_R1 EVENT_SO_DISCARD | AGGR_I1: category: half-open IKE SA flags: 0: | -> AGGR_I2 EVENT_SA_REPLACE | -> AGGR_I2 EVENT_SA_REPLACE | AGGR_R1: category: open IKE SA flags: 200: | -> AGGR_R2 EVENT_SA_REPLACE | -> AGGR_R2 EVENT_SA_REPLACE | AGGR_I2: category: established IKE SA flags: 200: | -> UNDEFINED EVENT_NULL | AGGR_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | QUICK_R0: category: established CHILD SA flags: 0: | -> QUICK_R1 EVENT_RETRANSMIT | QUICK_I1: category: established CHILD SA flags: 0: | -> QUICK_I2 EVENT_SA_REPLACE | QUICK_R1: category: established CHILD SA flags: 0: | -> QUICK_R2 EVENT_SA_REPLACE | QUICK_I2: category: established CHILD SA flags: 200: | -> UNDEFINED EVENT_NULL | QUICK_R2: category: established CHILD SA flags: 0: | -> UNDEFINED EVENT_NULL | INFO: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | INFO_PROTECTED: category: informational flags: 0: | -> UNDEFINED EVENT_NULL | XAUTH_R0: category: established IKE SA flags: 0: | -> XAUTH_R1 EVENT_NULL | XAUTH_R1: category: established IKE SA flags: 0: | -> MAIN_R3 EVENT_SA_REPLACE | MODE_CFG_R0: category: informational flags: 0: | -> MODE_CFG_R1 EVENT_SA_REPLACE | MODE_CFG_R1: category: established IKE SA flags: 0: | -> MODE_CFG_R2 EVENT_SA_REPLACE | MODE_CFG_R2: category: established IKE SA flags: 0: | -> UNDEFINED EVENT_NULL | MODE_CFG_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_SA_REPLACE | XAUTH_I0: category: established IKE SA flags: 0: | -> XAUTH_I1 EVENT_RETRANSMIT | XAUTH_I1: category: established IKE SA flags: 0: | -> MAIN_I4 EVENT_RETRANSMIT | checking IKEv2 state table | PARENT_I0: category: ignore flags: 0: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) | PARENT_I1: category: half-open IKE SA flags: 0: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) | PARENT_I2: category: open IKE SA flags: 0: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) | PARENT_I3: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) | PARENT_R0: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) | PARENT_R1: category: half-open IKE SA flags: 0: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) | PARENT_R2: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) | V2_CREATE_I0: category: established IKE SA flags: 0: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) | V2_CREATE_I: category: established IKE SA flags: 0: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) | V2_REKEY_IKE_I: category: established IKE SA flags: 0: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: | V2_CREATE_R: category: established IKE SA flags: 0: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) | V2_REKEY_IKE_R: category: established IKE SA flags: 0: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: | V2_IPSEC_I: category: established CHILD SA flags: 0: | V2_IPSEC_R: category: established CHILD SA flags: 0: | IKESA_DEL: category: established IKE SA flags: 0: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) | CHILDSA_DEL: category: informational flags: 0: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 | Hard-wiring algorithms | adding AES_CCM_16 to kernel algorithm db | adding AES_CCM_12 to kernel algorithm db | adding AES_CCM_8 to kernel algorithm db | adding 3DES_CBC to kernel algorithm db | adding CAMELLIA_CBC to kernel algorithm db | adding AES_GCM_16 to kernel algorithm db | adding AES_GCM_12 to kernel algorithm db | adding AES_GCM_8 to kernel algorithm db | adding AES_CTR to kernel algorithm db | adding AES_CBC to kernel algorithm db | adding SERPENT_CBC to kernel algorithm db | adding TWOFISH_CBC to kernel algorithm db | adding NULL_AUTH_AES_GMAC to kernel algorithm db | adding NULL to kernel algorithm db | adding CHACHA20_POLY1305 to kernel algorithm db | adding HMAC_MD5_96 to kernel algorithm db | adding HMAC_SHA1_96 to kernel algorithm db | adding HMAC_SHA2_512_256 to kernel algorithm db | adding HMAC_SHA2_384_192 to kernel algorithm db | adding HMAC_SHA2_256_128 to kernel algorithm db | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db | adding AES_XCBC_96 to kernel algorithm db | adding AES_CMAC_96 to kernel algorithm db | adding NONE to kernel algorithm db | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds | setup kernel fd callback | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x5573f4149378 | libevent_malloc: new ptr-libevent@0x5573f412d808 size 128 | libevent_malloc: new ptr-libevent@0x5573f4149b48 size 16 | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x5573f4149eb8 | libevent_malloc: new ptr-libevent@0x5573f40eb3d8 size 128 | libevent_malloc: new ptr-libevent@0x5573f414a038 size 16 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1520b (length 11) | 4b 41 4d 45 2f 72 61 63 6f 6f 6e | vendor id hash md5 final bytes@0x5573f4149578 (length 16) | 70 03 cb c1 09 7d be 9c 26 00 ba 69 83 bc 8b 35 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16000 (length 46) | 4e 4c 42 53 5f 50 52 45 53 45 4e 54 28 4e 4c 42 | 2f 4d 53 43 53 20 66 61 73 74 20 66 61 69 6c 6f | 76 65 72 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x5573f41495b8 (length 16) | ec 22 62 b5 12 32 63 83 67 12 3b ce 3d 37 3c 5e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16030 (length 32) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 28 41 | 75 74 68 49 50 20 73 75 70 70 6f 72 74 65 64 29 | vendor id hash md5 final bytes@0x5573f4149f98 (length 16) | 6f fe a4 ae ec 37 f4 9a 02 6f 97 cf b5 53 30 6d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1538e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x5573f4149b88 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x5573f414a078 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d153a0 (length 23) | 4d 69 63 72 6f 73 6f 66 74 20 58 62 6f 78 20 4f | 6e 65 20 32 30 31 33 | vendor id hash md5 final bytes@0x5573f4149488 (length 16) | 8a a3 94 cf 8a 55 77 dc 31 10 c1 13 b0 27 a4 f2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d153b8 (length 22) | 58 62 6f 78 20 49 4b 45 76 32 20 4e 65 67 6f 74 | 69 61 74 69 6f 6e | vendor id hash md5 final bytes@0x5573f4149e78 (length 16) | aa 28 1f cc d6 8c f8 a8 dc b8 5c c0 a7 10 40 2a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d153cf (length 28) | 4d 53 46 54 20 49 50 73 65 63 20 53 65 63 75 72 | 69 74 79 20 52 65 61 6c 6d 20 49 64 | vendor id hash md5 final bytes@0x5573f4150fb8 (length 16) | 68 6a 8c bd fe 63 4b 40 51 46 fb 2b af 33 e9 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16080 (length 39) | 41 20 47 53 53 2d 41 50 49 20 41 75 74 68 65 6e | 74 69 63 61 74 69 6f 6e 20 4d 65 74 68 6f 64 20 | 66 6f 72 20 49 4b 45 | vendor id hash md5 final bytes@0x5573f4156298 (length 16) | ad 2c 0d d0 b9 c3 20 83 cc ba 25 b8 86 1e c4 55 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d153ec (length 6) | 47 53 53 41 50 49 | vendor id hash md5 final bytes@0x5573f41562d8 (length 16) | 62 1b 04 bb 09 88 2a c1 e1 59 35 fe fa 24 ae ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d153f3 (length 12) | 53 53 48 20 53 65 6e 74 69 6e 65 6c | vendor id hash md5 final bytes@0x5573f4156318 (length 16) | 05 41 82 a0 7c 7a e2 06 f9 d2 cf 9d 24 32 c4 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15400 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 31 | vendor id hash md5 final bytes@0x5573f4156358 (length 16) | b9 16 23 e6 93 ca 18 a5 4c 6a 27 78 55 23 05 e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15411 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 32 | vendor id hash md5 final bytes@0x5573f4156398 (length 16) | 54 30 88 8d e0 1a 31 a6 fa 8f 60 22 4e 44 99 58 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15422 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 33 | vendor id hash md5 final bytes@0x5573f41563d8 (length 16) | 7e e5 cb 85 f7 1c e2 59 c9 4a 5c 73 1e e4 e7 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15433 (length 16) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | vendor id hash md5 final bytes@0x5573f4156418 (length 16) | 63 d9 a1 a7 00 94 91 b5 a0 a6 fd eb 2a 82 84 f0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15444 (length 18) | 53 53 48 20 53 65 6e 74 69 6e 65 6c 20 31 2e 34 | 2e 31 | vendor id hash md5 final bytes@0x5573f4156458 (length 16) | eb 4b 0d 96 27 6b 4e 22 0a d1 62 21 a7 b2 a5 e6 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d160a8 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 30 | vendor id hash md5 final bytes@0x5573f4156498 (length 16) | fb f4 76 14 98 40 31 fa 8e 3b b6 19 80 89 b2 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d160e0 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 31 | vendor id hash md5 final bytes@0x5573f41564d8 (length 16) | 19 52 dc 91 ac 20 f6 46 fb 01 cf 42 a3 3a ee 30 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16118 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 31 2e 32 | vendor id hash md5 final bytes@0x5573f4156518 (length 16) | e8 bf fa 64 3e 5c 8f 2c d1 0f da 73 70 b6 eb e5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16150 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 31 | vendor id hash md5 final bytes@0x5573f4156558 (length 16) | c1 11 1b 2d ee 8c bc 3d 62 05 73 ec 57 aa b9 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16188 (length 55) | 53 73 68 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 31 2e 32 2e 32 | vendor id hash md5 final bytes@0x5573f4156598 (length 16) | 09 ec 27 bf bc 09 c7 58 23 cf ec bf fe 56 5a 2e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d161c0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 30 2e 30 | vendor id hash md5 final bytes@0x5573f41565d8 (length 16) | 7f 21 a5 96 e4 e3 18 f0 b2 f4 94 4c 23 84 cb 84 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d161f8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 30 | vendor id hash md5 final bytes@0x5573f4156618 (length 16) | 28 36 d1 fd 28 07 bc 9e 5a e3 07 86 32 04 51 ec | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16230 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 31 | vendor id hash md5 final bytes@0x5573f4156658 (length 16) | a6 8d e7 56 a9 c5 22 9b ae 66 49 80 40 95 1a d5 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16268 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 32 2e 31 2e 32 | vendor id hash md5 final bytes@0x5573f4156698 (length 16) | 3f 23 72 86 7e 23 7c 1c d8 25 0a 75 55 9c ae 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d162a0 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 30 | vendor id hash md5 final bytes@0x5573f41566d8 (length 16) | 0e 58 d5 77 4d f6 02 00 7d 0b 02 44 36 60 f7 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d162d8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 33 2e 30 2e 31 | vendor id hash md5 final bytes@0x5573f4156718 (length 16) | f5 ce 31 eb c2 10 f4 43 50 cf 71 26 5b 57 38 0f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16310 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x5573f4156758 (length 16) | f6 42 60 af 2e 27 42 da dd d5 69 87 06 8a 99 a0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16348 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x5573f4156798 (length 16) | 7a 54 d3 bd b3 b1 e6 d9 23 89 20 64 be 2d 98 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16380 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x5573f41567d8 (length 16) | 9a a1 f3 b4 34 72 a4 5d 5f 50 6a eb 26 0c f2 14 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d163b8 (length 55) | 53 53 48 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f | 6e 73 20 53 65 63 75 72 69 74 79 20 49 50 53 45 | 43 20 45 78 70 72 65 73 73 20 76 65 72 73 69 6f | 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x5573f4156818 (length 16) | 68 80 c7 d0 26 09 91 14 e4 86 c5 54 30 e7 ab ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d163f0 (length 41) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 50 4c 55 54 4f 5f 53 45 4e 44 53 | 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffeae0b25d0 (length 16) | 44 76 1b d7 6b 80 85 41 74 87 ee 8a 51 cf fc f3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16420 (length 53) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 50 4c 55 54 4f 5f 53 45 4e 44 53 5f 56 45 4e | 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffeae0b25d0 (length 16) | b7 0e 8a c3 92 b1 6e 05 48 2f c4 dc 36 10 91 68 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16458 (length 58) | 4c 69 6e 75 78 20 46 72 65 65 53 2f 57 41 4e 20 | 32 2e 30 30 20 58 2e 35 30 39 2d 31 2e 33 2e 31 | 20 4c 44 41 50 20 50 4c 55 54 4f 5f 53 45 4e 44 | 53 5f 56 45 4e 44 4f 52 49 44 | vendor id hash md5 final bytes@0x7ffeae0b25d0 (length 16) | 97 1d ea 93 c3 c2 06 74 f9 ae 35 40 83 de 3e 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15531 (length 14) | 4f 70 65 6e 73 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x7ffeae0b25d0 (length 16) | 08 72 0b ee 9e 28 95 3c e0 8f 0a 18 b6 e2 9d da | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d164c0 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 31 | vendor id hash md5 final bytes@0x5573f41569d8 (length 16) | 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d164e8 (length 37) | 64 72 61 66 74 2d 73 74 65 6e 62 65 72 67 2d 69 | 70 73 65 63 2d 6e 61 74 2d 74 72 61 76 65 72 73 | 61 6c 2d 30 32 | vendor id hash md5 final bytes@0x5573f4156a18 (length 16) | 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15559 (length 10) | 45 53 50 54 68 72 75 4e 41 54 | vendor id hash md5 final bytes@0x5573f4156a58 (length 16) | 50 76 0f 62 4c 63 e5 c5 3e ea 38 6c 68 5c a0 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16510 (length 38) | 64 72 61 66 74 2d 68 75 74 74 75 6e 65 6e 2d 69 | 70 73 65 63 2d 65 73 70 2d 69 6e 2d 75 64 70 2d | 30 30 2e 74 78 74 | vendor id hash md5 final bytes@0x5573f4156a98 (length 16) | 6a 74 34 c1 9d 7e 36 34 80 90 a0 23 34 c9 c8 05 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15564 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 30 | vendor id hash md5 final bytes@0x5573f4156ad8 (length 16) | 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15582 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 31 | vendor id hash md5 final bytes@0x5573f4156b18 (length 16) | 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d155a0 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 | vendor id hash md5 final bytes@0x5573f4156b58 (length 16) | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16538 (length 30) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 32 0a | vendor id hash md5 final bytes@0x5573f4156b98 (length 16) | 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d155be (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 33 | vendor id hash md5 final bytes@0x5573f4156bd8 (length 16) | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d155dc (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 34 | vendor id hash md5 final bytes@0x5573f4156c18 (length 16) | 99 09 b6 4e ed 93 7c 65 73 de 52 ac e9 52 fa 6b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d155fa (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 35 | vendor id hash md5 final bytes@0x5573f4156c58 (length 16) | 80 d0 bb 3d ef 54 56 5e e8 46 45 d4 c8 5c e3 ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15618 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 36 | vendor id hash md5 final bytes@0x5573f4156c98 (length 16) | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15636 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 37 | vendor id hash md5 final bytes@0x5573f4156cd8 (length 16) | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15654 (length 29) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 2d 30 38 | vendor id hash md5 final bytes@0x5573f4156d18 (length 16) | 8f 8d 83 82 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15672 (length 26) | 64 72 61 66 74 2d 69 65 74 66 2d 69 70 73 65 63 | 2d 6e 61 74 2d 74 2d 69 6b 65 | vendor id hash md5 final bytes@0x5573f4156d58 (length 16) | 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1568d (length 8) | 52 46 43 20 33 39 34 37 | vendor id hash md5 final bytes@0x5573f4156d98 (length 16) | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1e4f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x5573f4156e58 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1573d (length 19) | 56 69 64 2d 49 6e 69 74 69 61 6c 2d 43 6f 6e 74 | 61 63 74 | vendor id hash md5 final bytes@0x5573f4156e98 (length 16) | 26 24 4d 38 ed db 61 b3 17 2a 36 e3 d0 cf b8 19 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d16058 (length 32) | 4d 53 2d 4e 65 67 6f 74 69 61 74 69 6f 6e 20 44 | 69 73 63 6f 76 65 72 79 20 43 61 70 61 62 6c 65 | vendor id hash md5 final bytes@0x5573f4156ed8 (length 16) | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1538e (length 17) | 49 4b 45 20 43 47 41 20 76 65 72 73 69 6f 6e 20 | 31 | vendor id hash md5 final bytes@0x5573f4156f18 (length 16) | e3 a5 96 6a 76 37 9f e7 07 22 82 31 e5 ce 86 52 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15751 (length 14) | 4d 53 2d 4d 61 6d 69 65 45 78 69 73 74 73 | vendor id hash md5 final bytes@0x5573f4156f58 (length 16) | 21 4c a4 fa ff a7 f3 2d 67 48 e5 30 33 95 ae 83 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d048dd (length 10) | 73 74 72 6f 6e 67 53 77 61 6e | vendor id hash md5 final bytes@0x5573f4156f98 (length 16) | 88 2f e5 6d 6f d2 0d bc 22 51 61 3b 2e be 5b eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15760 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 30 | vendor id hash md5 final bytes@0x5573f4156fd8 (length 16) | 2c e9 c9 46 a4 c8 79 bf 11 b5 0b 76 cc 56 92 cb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15771 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 31 | vendor id hash md5 final bytes@0x5573f4157018 (length 16) | 9d bb af cf 1d b0 dd 59 5a e0 65 29 40 03 ad 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15782 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 32 | vendor id hash md5 final bytes@0x5573f4157058 (length 16) | 77 e8 ee a6 f5 56 a4 99 de 3f fe 7f 7f 95 66 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15793 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 33 | vendor id hash md5 final bytes@0x5573f4157098 (length 16) | b1 81 b1 8e 11 4f c2 09 b3 c6 e2 6c 3a 80 71 8e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 34 | vendor id hash md5 final bytes@0x5573f41570d8 (length 16) | 1e f2 83 f8 35 49 b5 ff 96 08 b6 d6 34 f8 4d 75 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 35 | vendor id hash md5 final bytes@0x5573f4157118 (length 16) | dd 18 0d 21 e5 ce 65 5a 76 8b a3 22 11 dd 8a d9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 36 | vendor id hash md5 final bytes@0x5573f4157158 (length 16) | 4c 90 13 69 46 57 7b 51 91 9d 8d 9a 6b 8e 4a 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 30 2e 37 | vendor id hash md5 final bytes@0x5573f4157198 (length 16) | ab 07 46 22 1c c8 fd 0d 52 38 f7 3a 9b 3d a5 57 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 30 | vendor id hash md5 final bytes@0x5573f41571d8 (length 16) | 47 94 ce f6 84 34 22 98 0d 1a 3d 06 af 41 c5 cd | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d157f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | vendor id hash md5 final bytes@0x5573f4157218 (length 16) | d3 f1 c4 88 c3 68 17 5d 5f 40 a8 f5 ca 5f 5e 12 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1580a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 32 | vendor id hash md5 final bytes@0x5573f4157258 (length 16) | 15 a1 ac e7 ee 52 fd df ef 04 f9 28 db 2d d1 34 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1581b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 33 | vendor id hash md5 final bytes@0x5573f4157298 (length 16) | 58 49 ab 6d 8b ea bd 6e 4d 09 e5 a3 b8 8c 08 9a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1582c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 34 | vendor id hash md5 final bytes@0x5573f41572d8 (length 16) | 31 2f 9c b1 a6 b9 0e 19 de 75 28 c9 04 ac 30 87 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1583d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 35 | vendor id hash md5 final bytes@0x5573f4157318 (length 16) | bf 0f bf 73 06 eb b7 82 70 42 d8 93 53 98 86 e2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1584e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 36 | vendor id hash md5 final bytes@0x5573f4157358 (length 16) | d1 96 83 36 8a f4 b0 ed c2 1c cd e9 82 b1 d1 b0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1585f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 37 | vendor id hash md5 final bytes@0x5573f4157398 (length 16) | ea 84 0a a4 df c9 71 2d 6c 32 b5 a1 6e b3 29 a3 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15870 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 38 | vendor id hash md5 final bytes@0x5573f41573d8 (length 16) | 66 a2 04 55 07 c1 19 da 78 a4 66 62 59 cd ea 48 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15881 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 39 | vendor id hash md5 final bytes@0x5573f4157418 (length 16) | 78 fd d2 87 de f0 1a 3f 07 4b 53 69 ea b4 fd 1c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15892 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 30 | vendor id hash md5 final bytes@0x5573f4157458 (length 16) | bf 3a 89 ae 5b ef 8e 72 d4 4d ac 8b b8 8d 7d 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158a4 (length 17) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 31 2e 31 | 31 | vendor id hash md5 final bytes@0x5573f4157498 (length 16) | b7 bd 9f 2f 97 8e 32 59 a7 aa 9f 7a 13 96 ad 6c | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158b6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 30 | vendor id hash md5 final bytes@0x5573f41574d8 (length 16) | 9f 68 90 13 25 a9 72 89 43 35 30 2a 95 31 ab 9f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158c7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 31 | vendor id hash md5 final bytes@0x5573f4157518 (length 16) | ba b2 53 f4 cb 10 a8 10 8a 7c 92 7c 56 c8 78 86 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158d8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 32 | vendor id hash md5 final bytes@0x5573f4157558 (length 16) | 2a 51 7d 0d 23 c3 7d 08 bc e7 c2 92 a0 21 7b 39 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158e9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 34 2e 32 2e 33 | vendor id hash md5 final bytes@0x5573f4157598 (length 16) | 2d 1f 40 61 18 fb d5 d2 84 74 79 1f fa 00 48 8a | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d158fa (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 38 | vendor id hash md5 final bytes@0x5573f41575d8 (length 16) | 8c 4a 3b cb 72 9b 11 f7 03 d2 2a 5b 39 64 0c a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1590b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 37 | vendor id hash md5 final bytes@0x5573f4157618 (length 16) | 3a 0d 4e 7c a4 e4 92 ed 4d fe 47 6d 1a c6 01 8b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1591c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 36 | vendor id hash md5 final bytes@0x5573f4157658 (length 16) | fe 3f 49 70 6e 26 a9 fb 36 a8 7b fc e9 ea 36 ce | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1592d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 35 | vendor id hash md5 final bytes@0x5573f4157698 (length 16) | 4c 7e fa 31 b3 9e 51 04 32 a3 17 57 0d 97 bb b9 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1593e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 34 | vendor id hash md5 final bytes@0x5573f41576d8 (length 16) | 76 c7 2b fd 39 84 24 dd 00 1b 86 d0 01 2f e0 61 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1594f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 33 | vendor id hash md5 final bytes@0x5573f4157718 (length 16) | fb 46 41 ad 0e eb 2a 34 49 1d 15 f4 ef f5 10 63 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15960 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 32 | vendor id hash md5 final bytes@0x5573f4157758 (length 16) | 29 99 32 27 7b 7d fe 38 2c e2 34 65 33 3a 7d 23 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15971 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 31 | vendor id hash md5 final bytes@0x5573f4157798 (length 16) | e3 7f 2d 5b a8 9a 62 cd 20 2e e2 7d ac 06 c8 a8 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15982 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 38 2e 30 | vendor id hash md5 final bytes@0x5573f41577d8 (length 16) | 32 f0 e9 b9 c0 6d fe 8c 9a d5 59 9a 63 69 71 a1 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15993 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 33 | vendor id hash md5 final bytes@0x5573f4157818 (length 16) | 7f 50 cc 4e bf 04 c2 d9 da 73 ab fd 69 b7 7a a2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159a4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 32 | vendor id hash md5 final bytes@0x5573f4157858 (length 16) | a1 94 e2 aa dd d0 ba fb 95 25 3d d9 6d c7 33 eb | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159b5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 31 | vendor id hash md5 final bytes@0x5573f4157898 (length 16) | 81 34 87 85 82 12 17 85 ba 65 ea 34 5d 6b a7 24 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159c6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 37 2e 30 | vendor id hash md5 final bytes@0x5573f41578d8 (length 16) | 07 fa 12 8e 47 54 f9 44 7b 1d d4 63 74 ee f3 60 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159d7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 34 | vendor id hash md5 final bytes@0x5573f4157918 (length 16) | b9 27 f9 52 19 a0 fe 36 00 db a3 c1 18 2a e5 5f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159e8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 33 | vendor id hash md5 final bytes@0x5573f4157958 (length 16) | b2 86 0e 78 37 f7 11 be f3 d0 ee b1 06 87 2d ed | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d159f9 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 32 | vendor id hash md5 final bytes@0x5573f4157998 (length 16) | 5b 1c d6 fe 7d 05 0e da 6c 93 87 1c 10 7d b3 d2 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a0a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 31 | vendor id hash md5 final bytes@0x5573f41579d8 (length 16) | 66 af bc 12 bb fe 6c e1 08 b1 f6 9f 4b c9 17 b7 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a1b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 36 2e 30 | vendor id hash md5 final bytes@0x5573f4157a18 (length 16) | 3f 32 66 49 9f fd bd 85 95 0e 70 22 98 06 28 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a2c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 37 | vendor id hash md5 final bytes@0x5573f4157a58 (length 16) | 1f 44 42 29 6b 83 d7 e3 3a 8b 45 20 9b a0 e5 90 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a3d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 36 | vendor id hash md5 final bytes@0x5573f4157a98 (length 16) | 3c 5e ba 3d 85 64 92 8e 32 ae 43 c3 d9 92 4d ee | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a4e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 35 | vendor id hash md5 final bytes@0x5573f4157ad8 (length 16) | 3f 26 7e d6 21 ad a7 ee 6c 7d 88 93 cc b0 b1 4b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a5f (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 34 | vendor id hash md5 final bytes@0x5573f4157b18 (length 16) | 7a 6b f5 b7 df 89 64 2a 75 a7 8e f7 d6 57 c1 c0 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a70 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 33 | vendor id hash md5 final bytes@0x5573f4157b58 (length 16) | df 5b 1f 0f 1d 56 79 d9 f8 51 2b 16 c5 5a 60 65 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a81 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 32 | vendor id hash md5 final bytes@0x5573f4157b98 (length 16) | 86 1c e5 eb 72 16 4b 19 0e 9e 62 9a 31 cf 49 01 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15a92 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 31 | vendor id hash md5 final bytes@0x5573f4157bd8 (length 16) | 9a 4a 46 48 f6 0f 8e da 7c fc bf e2 71 ee 5b 7d | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15aa3 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 35 2e 30 | vendor id hash md5 final bytes@0x5573f4157c18 (length 16) | 9e b3 d9 07 ed 7a da 4e 3c bc ac b9 17 ab c8 e4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15ab4 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 34 | vendor id hash md5 final bytes@0x5573f4157c58 (length 16) | 48 5a 70 36 1b 44 33 b3 1d ea 1c 6b e0 df 24 3e | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15ac5 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 33 | vendor id hash md5 final bytes@0x5573f4157c98 (length 16) | 98 2b 7a 06 3a 33 c1 43 a8 ea dc 88 24 9f 6b cc | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15ad6 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 32 | vendor id hash md5 final bytes@0x5573f4157cd8 (length 16) | e7 a3 fd 0c 6d 77 1a 8f 1b 8a 86 a4 16 9c 9e a4 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15ae7 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 31 | vendor id hash md5 final bytes@0x5573f4157d18 (length 16) | 75 b0 65 3c b2 81 eb 26 d3 1e de 38 c8 e1 e2 28 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15af8 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 34 2e 30 | vendor id hash md5 final bytes@0x5573f4157d58 (length 16) | e8 29 c8 81 49 ba b3 c0 ce e8 5d a6 0e 18 ae 9b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b09 (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 32 | vendor id hash md5 final bytes@0x5573f4157d98 (length 16) | 42 a4 83 4c 92 ab 9a 77 77 06 3a fa 25 4b cb 69 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b1a (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 31 | vendor id hash md5 final bytes@0x5573f4157dd8 (length 16) | f6 97 c1 af cc 2e c8 dd cd f9 9d c7 af 03 a6 7f | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b2b (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 33 2e 30 | vendor id hash md5 final bytes@0x5573f4157e18 (length 16) | b8 f9 2b 2f a2 d3 fe 5f e1 58 34 4b da 1c c6 ae | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b3c (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 32 | vendor id hash md5 final bytes@0x5573f4157e58 (length 16) | 99 dc 7c c8 23 37 6b 3b 33 d0 43 57 89 6a e0 7b | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b4d (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 31 | vendor id hash md5 final bytes@0x5573f4157e98 (length 16) | d9 11 8b 1e 9d e5 ef ce d9 cc 9d 88 3f 21 68 ff | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d15b5e (length 16) | 73 74 72 6f 6e 67 53 77 61 6e 20 32 2e 32 2e 30 | vendor id hash md5 final bytes@0x5573f4149328 (length 16) | 85 b6 cb ec 48 0d 5c 8c d9 88 2c 82 5a c2 c2 44 | vendor id hash md5 init | vendor id hash md5 digest data-bytes@0x5573f2d1e4f9 (length 13) | 46 52 41 47 4d 45 4e 54 41 54 49 4f 4e | vendor id hash md5 final bytes@0x5573f4157ed8 (length 16) | 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | global one-shot timer EVENT_CHECK_CRLS initialized selinux support is enabled. | unbound context created - setting debug level to 5 | /etc/hosts lookups activated | /etc/resolv.conf usage activated | outgoing-port-avoid set 0-65535 | outgoing-port-permit set 32768-60999 | Loading dnssec root key from:/var/lib/unbound/root.key | No additional dnssec trust anchors defined via dnssec-trusted= option | Setting up events, loop start | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x5573f4149f28 | libevent_malloc: new ptr-libevent@0x5573f41561e8 size 128 | libevent_malloc: new ptr-libevent@0x5573f41613c8 size 16 | libevent_realloc: new ptr-libevent@0x5573f4161408 size 256 | libevent_malloc: new ptr-libevent@0x5573f4161538 size 8 | libevent_realloc: new ptr-libevent@0x5573f40ebb58 size 144 | libevent_malloc: new ptr-libevent@0x5573f40f1aa8 size 152 | libevent_malloc: new ptr-libevent@0x5573f4161578 size 16 | signal event handler PLUTO_SIGCHLD installed | libevent_malloc: new ptr-libevent@0x5573f41615b8 size 8 | libevent_malloc: new ptr-libevent@0x5573f41615f8 size 152 | signal event handler PLUTO_SIGTERM installed | libevent_malloc: new ptr-libevent@0x5573f41616c8 size 8 | libevent_malloc: new ptr-libevent@0x5573f4161708 size 152 | signal event handler PLUTO_SIGHUP installed | libevent_malloc: new ptr-libevent@0x5573f41617d8 size 8 | libevent_realloc: release ptr-libevent@0x5573f40ebb58 | libevent_realloc: new ptr-libevent@0x5573f4161818 size 256 | libevent_malloc: new ptr-libevent@0x5573f4161948 size 152 | signal event handler PLUTO_SIGSYS installed | created addconn helper (pid:27503) using fork+execve | forked child 27503 | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 Kernel supports NIC esp-hw-offload adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.45:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth1/eth1 192.1.2.45:4500 adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.1.254:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface eth0/eth0 192.0.1.254:4500 adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 | NAT-Traversal: Trying sockopt style NAT-T | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 adding interface lo/lo 127.0.0.1:4500 | no interfaces to sort | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | add_fd_read_event_handler: new ethX-pe@0x5573f4161f28 | libevent_malloc: new ptr-libevent@0x5573f4156138 size 128 | libevent_malloc: new ptr-libevent@0x5573f4161f98 size 16 | setup callback for interface lo 127.0.0.1:4500 fd 22 | add_fd_read_event_handler: new ethX-pe@0x5573f4161fd8 | libevent_malloc: new ptr-libevent@0x5573f40eb4d8 size 128 | libevent_malloc: new ptr-libevent@0x5573f4162048 size 16 | setup callback for interface lo 127.0.0.1:500 fd 21 | add_fd_read_event_handler: new ethX-pe@0x5573f4162088 | libevent_malloc: new ptr-libevent@0x5573f40eb5d8 size 128 | libevent_malloc: new ptr-libevent@0x5573f41620f8 size 16 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | add_fd_read_event_handler: new ethX-pe@0x5573f4162138 | libevent_malloc: new ptr-libevent@0x5573f40e8768 size 128 | libevent_malloc: new ptr-libevent@0x5573f41621a8 size 16 | setup callback for interface eth0 192.0.1.254:500 fd 19 | add_fd_read_event_handler: new ethX-pe@0x5573f41621e8 | libevent_malloc: new ptr-libevent@0x5573f40c04e8 size 128 | libevent_malloc: new ptr-libevent@0x5573f4162258 size 16 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | add_fd_read_event_handler: new ethX-pe@0x5573f4162298 | libevent_malloc: new ptr-libevent@0x5573f40c01d8 size 128 | libevent_malloc: new ptr-libevent@0x5573f4162308 size 16 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x5573f40bbc48) PKK_PSK: @west | id type added to secret(0x5573f40bbc48) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.441 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) listening for IKE messages | Inspecting interface lo | found lo with address 127.0.0.1 | Inspecting interface eth0 | found eth0 with address 192.0.1.254 | Inspecting interface eth1 | found eth1 with address 192.1.2.45 | no interfaces to sort | libevent_free: release ptr-libevent@0x5573f4156138 | free_event_entry: release EVENT_NULL-pe@0x5573f4161f28 | add_fd_read_event_handler: new ethX-pe@0x5573f4161f28 | libevent_malloc: new ptr-libevent@0x5573f4156138 size 128 | setup callback for interface lo 127.0.0.1:4500 fd 22 | libevent_free: release ptr-libevent@0x5573f40eb4d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4161fd8 | add_fd_read_event_handler: new ethX-pe@0x5573f4161fd8 | libevent_malloc: new ptr-libevent@0x5573f40eb4d8 size 128 | setup callback for interface lo 127.0.0.1:500 fd 21 | libevent_free: release ptr-libevent@0x5573f40eb5d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4162088 | add_fd_read_event_handler: new ethX-pe@0x5573f4162088 | libevent_malloc: new ptr-libevent@0x5573f40eb5d8 size 128 | setup callback for interface eth0 192.0.1.254:4500 fd 20 | libevent_free: release ptr-libevent@0x5573f40e8768 | free_event_entry: release EVENT_NULL-pe@0x5573f4162138 | add_fd_read_event_handler: new ethX-pe@0x5573f4162138 | libevent_malloc: new ptr-libevent@0x5573f40e8768 size 128 | setup callback for interface eth0 192.0.1.254:500 fd 19 | libevent_free: release ptr-libevent@0x5573f40c04e8 | free_event_entry: release EVENT_NULL-pe@0x5573f41621e8 | add_fd_read_event_handler: new ethX-pe@0x5573f41621e8 | libevent_malloc: new ptr-libevent@0x5573f40c04e8 size 128 | setup callback for interface eth1 192.1.2.45:4500 fd 18 | libevent_free: release ptr-libevent@0x5573f40c01d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4162298 | add_fd_read_event_handler: new ethX-pe@0x5573f4162298 | libevent_malloc: new ptr-libevent@0x5573f40c01d8 size 128 | setup callback for interface eth1 192.1.2.45:500 fd 17 | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' loading secrets from "/etc/ipsec.secrets" | id type added to secret(0x5573f40bbc48) PKK_PSK: @west | id type added to secret(0x5573f40bbc48) PKK_PSK: @east | Processing PSK at line 1: passed | certs and keys locked by 'process_secret' | certs and keys unlocked by 'process_secret' | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.276 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned pid 27503 (exited with status 0) | reaped addconn helper child (status 0) | waitpid returned ECHILD (no child processes left) | spent 0.0154 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.188 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.123 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #1 at 0x5573f4163978 | State DB: adding IKEv1 state #1 in UNDEFINED | pstats #1 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #1 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #1: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #1 "aes128" "aes128" #1: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4163368 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 5e 98 22 ac 7d d1 dc f4 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | #1 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10447.609216 | #1 spent 0.332 milliseconds in main_outI1() | stop processing: state #1 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.379 milliseconds in whack | spent 0.00217 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #1 in MAIN_I1 (find_state_ikev1_init) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 1 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.15 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.298 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 1 for state #1 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 1 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffac0003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffac0003a28 | NSS: Public DH wire value: | 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | Generated nonce: 42 40 d2 cd a2 06 30 af 45 2a 0d bb 6e 27 30 92 | Generated nonce: bf b0 7d f0 40 d0 8e f3 3f 41 90 57 d6 a3 38 6b | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 1 time elapsed 0.000683 seconds | (#1) spent 0.686 milliseconds in crypto helper computing work-order 1: outI2 KE (pcr) | crypto helper 0 sending results from work-order 1 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7ffac0002888 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 1 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #1: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffac0003a28: transferring ownership from helper KE to state #1 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | keyex value ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | keyex value f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | keyex value 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | keyex value 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | keyex value 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | keyex value c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | keyex value 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | keyex value 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | keyex value da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | keyex value 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | keyex value 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | keyex value 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | keyex value 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | keyex value 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | keyex value 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 42 40 d2 cd a2 06 30 af 45 2a 0d bb 6e 27 30 92 | Ni bf b0 7d f0 40 d0 8e f3 3f 41 90 57 d6 a3 38 6b | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 5e 98 22 ac 7d d1 dc f4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | bb 7e 1d 9a 1e c0 40 db | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | 5b ea 81 6b | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 5e 98 22 ac 7d d1 dc f4 | natd_hash: rcookie= bb 7e 1d 9a 1e c0 40 db | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | natd_hash: hash= 5b ea 81 6b | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | NAT-D 5b ea 81 6b | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 5e 98 22 ac 7d d1 dc f4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | bb 7e 1d 9a 1e c0 40 db | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | 16 af aa 2e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 5e 98 22 ac 7d d1 dc f4 | natd_hash: rcookie= bb 7e 1d 9a 1e c0 40 db | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | natd_hash: hash= 16 af aa 2e | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | NAT-D 16 af aa 2e | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #1: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | 14 00 00 24 42 40 d2 cd a2 06 30 af 45 2a 0d bb | 6e 27 30 92 bf b0 7d f0 40 d0 8e f3 3f 41 90 57 | d6 a3 38 6b 14 00 00 18 1d 4f 52 d9 f2 89 ff 28 | d5 c3 85 10 ca 96 e2 a4 5b ea 81 6b 00 00 00 18 | 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | 16 af aa 2e | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | #1 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10447.611093 "aes128" #1: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.316 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffac0002888 | spent 0.00233 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | 14 00 00 24 9f 91 9b 21 d3 91 33 16 98 57 72 32 | f2 1c 84 b7 f2 96 99 09 a1 41 71 7e 1a 25 a5 2e | 7e 85 cf 17 14 00 00 18 1e ad b3 ac d4 67 72 97 | 0d 59 e2 32 ec 2f c1 7c 16 af aa 2e 00 00 00 18 | 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | 5b ea 81 6b | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I2 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffac0003a28: transferring ownership from state #1 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 2 for state #1 | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #1 and saving MD | #1 is busy; has a suspended MD | #1 spent 0.0675 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.175 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 2 for state #1 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 | peer's g: d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | peer's g: b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | peer's g: 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | peer's g: 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | peer's g: 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | peer's g: b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | peer's g: c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | peer's g: e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | peer's g: 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | peer's g: 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | peer's g: bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | peer's g: 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | peer's g: 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | peer's g: 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | peer's g: 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | peer's g: 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffac0003a28: computed shared DH secret key@0x5573f4150a70 | dh-shared : g^ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f4166898 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: psk-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: psk-key@0x5573f414f010 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f414d560 | SKEYID psk prf: created sha context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk prf: begin sha with context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk: release clone-key@0x5573f414f010 | SKEYID psk PRF sha crypt-prf@0x7ffab8001108 | SKEYID psk PRF sha update Ni-bytes@0x5573f41668bc (length 32) | 42 40 d2 cd a2 06 30 af 45 2a 0d bb 6e 27 30 92 | bf b0 7d f0 40 d0 8e f3 3f 41 90 57 d6 a3 38 6b | SKEYID psk PRF sha update Nr-bytes@0x5573f41668dc (length 32) | 9f 91 9b 21 d3 91 33 16 98 57 72 32 f2 1c 84 b7 | f2 96 99 09 a1 41 71 7e 1a 25 a5 2e 7e 85 cf 17 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID psk PRF sha final-key@0x5573f414f010 (size 20) | SKEYID psk: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_d: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2718 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d: release clone-key@0x5573f414d560 | SKEYID_d PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_d PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_d: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: f4 43 1d c0 84 89 29 7e 59 e3 83 86 ee fc 2d d2 90 46 ed 64 be c2 45 c6 ee ae d0 43 bb 90 ba 37 ec 10 31 b0 ba 63 4b 5e cf 4e 7d d9 30 4e c9 6e 33 9a b3 4a 17 25 73 cc 0f 8e 1c 9e cf f0 af 4c ee df 9c b6 25 9f 85 08 c5 76 d1 2e 8c 72 ae aa 54 58 80 6d 04 e4 13 81 dd f4 0d a2 79 e7 23 75 0d 4e c4 08 80 61 c8 96 8c 67 cc 2f 64 b0 28 f4 8c f2 24 cd cc 6b 82 a1 d8 56 3c 0e 57 d8 47 a4 a4 c4 f7 9e c9 7e 8a 07 97 13 da 29 19 75 dc b1 d2 d7 65 20 14 b9 a5 71 de a4 80 94 98 0a 74 38 8b 4d 69 e7 46 84 51 71 5b b8 b7 fe ae a0 da ed 9a a1 5a d6 82 c0 70 1a c3 7b a7 dc 22 f1 84 27 26 f7 40 d2 5e fb 7b de 9b 99 67 23 25 49 c6 52 13 1c c6 31 11 33 ff 4b ce 2f b2 d0 ee 21 96 7e ef 08 5c 98 16 b4 01 b3 27 83 04 4b 7b 82 7c 98 2b 93 cf 9c 13 01 e2 3e 0f 57 0c 6c 70 27 9c 79 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 4c 57 f9 ee e8 e1 e6 06 19 c6 aa c0 1a 55 f0 8c | unwrapped: e3 15 d1 22 31 b1 0b ec 51 e0 4b c1 37 ce 40 62 | unwrapped: d1 9e 51 be 81 28 d6 35 73 cf fd fa 7d 42 f5 07 | unwrapped: 20 c8 dc b7 0d a3 53 59 e7 d2 42 00 33 e1 9f ea | unwrapped: 12 d6 51 d2 d1 e4 af b5 4a 36 a6 fe 32 73 a5 20 | unwrapped: bc ba ee 5c 50 a3 6f ae 37 4c 63 8f b5 74 4a f3 | unwrapped: c2 21 6d ae 30 07 c6 3a b2 a1 a5 77 b4 f4 c0 d4 | unwrapped: 46 7f ae 9d 42 76 e9 94 9e bd 4e 20 5a 4a 5b 7f | unwrapped: ba eb 0e eb 79 75 b5 24 89 4f 26 c7 83 89 27 bc | unwrapped: d8 05 98 45 69 c6 c1 4d 91 ca 76 6c 56 20 71 dd | unwrapped: b4 b3 ee 8f fb 69 aa bc a8 2b f9 80 09 ec 68 f8 | unwrapped: ab 34 15 ad 51 48 66 40 1e 4b 65 58 8e 90 2d 25 | unwrapped: 4b 8d 6d 34 75 52 98 2f db a0 89 b7 23 69 eb 69 | unwrapped: 25 8c 79 c6 7f 79 56 17 a5 94 22 5a 26 e8 59 d5 | unwrapped: 38 5c 26 f1 0c db 17 f3 b5 12 46 f9 58 3e 62 b6 | unwrapped: b1 a4 5d 85 f7 ca 0b 7e 7b 05 07 f1 6d 3a 26 3e | SKEYID_d PRF sha update CKI_i-bytes@0x5573f4166afc (length 8) | 5e 98 22 ac 7d d1 dc f4 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f4166b04 (length 8) | bb 7e 1d 9a 1e c0 40 db | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID_d PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_d: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_a: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a: release clone-key@0x5573f40bfec0 | SKEYID_a PRF sha crypt-prf@0x7ffab8001108 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f414d560 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 51 0c dc 52 53 9a 2d f3 6e d4 c3 83 e4 62 62 e8 05 e4 43 2f 92 01 4d 3a 0e ed 1f 1c 07 ee 45 fc | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80030c8 | unwrapped: 43 92 73 15 e1 2a 69 1a ae b6 70 6d 27 0f d6 04 | unwrapped: c7 ca d3 4e 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_a: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: f4 43 1d c0 84 89 29 7e 59 e3 83 86 ee fc 2d d2 90 46 ed 64 be c2 45 c6 ee ae d0 43 bb 90 ba 37 ec 10 31 b0 ba 63 4b 5e cf 4e 7d d9 30 4e c9 6e 33 9a b3 4a 17 25 73 cc 0f 8e 1c 9e cf f0 af 4c ee df 9c b6 25 9f 85 08 c5 76 d1 2e 8c 72 ae aa 54 58 80 6d 04 e4 13 81 dd f4 0d a2 79 e7 23 75 0d 4e c4 08 80 61 c8 96 8c 67 cc 2f 64 b0 28 f4 8c f2 24 cd cc 6b 82 a1 d8 56 3c 0e 57 d8 47 a4 a4 c4 f7 9e c9 7e 8a 07 97 13 da 29 19 75 dc b1 d2 d7 65 20 14 b9 a5 71 de a4 80 94 98 0a 74 38 8b 4d 69 e7 46 84 51 71 5b b8 b7 fe ae a0 da ed 9a a1 5a d6 82 c0 70 1a c3 7b a7 dc 22 f1 84 27 26 f7 40 d2 5e fb 7b de 9b 99 67 23 25 49 c6 52 13 1c c6 31 11 33 ff 4b ce 2f b2 d0 ee 21 96 7e ef 08 5c 98 16 b4 01 b3 27 83 04 4b 7b 82 7c 98 2b 93 cf 9c 13 01 e2 3e 0f 57 0c 6c 70 27 9c 79 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 4c 57 f9 ee e8 e1 e6 06 19 c6 aa c0 1a 55 f0 8c | unwrapped: e3 15 d1 22 31 b1 0b ec 51 e0 4b c1 37 ce 40 62 | unwrapped: d1 9e 51 be 81 28 d6 35 73 cf fd fa 7d 42 f5 07 | unwrapped: 20 c8 dc b7 0d a3 53 59 e7 d2 42 00 33 e1 9f ea | unwrapped: 12 d6 51 d2 d1 e4 af b5 4a 36 a6 fe 32 73 a5 20 | unwrapped: bc ba ee 5c 50 a3 6f ae 37 4c 63 8f b5 74 4a f3 | unwrapped: c2 21 6d ae 30 07 c6 3a b2 a1 a5 77 b4 f4 c0 d4 | unwrapped: 46 7f ae 9d 42 76 e9 94 9e bd 4e 20 5a 4a 5b 7f | unwrapped: ba eb 0e eb 79 75 b5 24 89 4f 26 c7 83 89 27 bc | unwrapped: d8 05 98 45 69 c6 c1 4d 91 ca 76 6c 56 20 71 dd | unwrapped: b4 b3 ee 8f fb 69 aa bc a8 2b f9 80 09 ec 68 f8 | unwrapped: ab 34 15 ad 51 48 66 40 1e 4b 65 58 8e 90 2d 25 | unwrapped: 4b 8d 6d 34 75 52 98 2f db a0 89 b7 23 69 eb 69 | unwrapped: 25 8c 79 c6 7f 79 56 17 a5 94 22 5a 26 e8 59 d5 | unwrapped: 38 5c 26 f1 0c db 17 f3 b5 12 46 f9 58 3e 62 b6 | unwrapped: b1 a4 5d 85 f7 ca 0b 7e 7b 05 07 f1 6d 3a 26 3e | SKEYID_a PRF sha update CKI_i-bytes@0x5573f4166afc (length 8) | 5e 98 22 ac 7d d1 dc f4 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f4166b04 (length 8) | bb 7e 1d 9a 1e c0 40 db | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: final-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150e50 | SKEYID_a PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_a: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_e: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: clone-key@0x5573f4150e50 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e: release clone-key@0x5573f4150e50 | SKEYID_e PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f40bfec0 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 95 92 a5 af ad 92 b6 be fa 4c 79 e2 48 17 fc 82 34 13 f2 e8 0a 0e 0e f5 0d 75 01 3a 42 a4 28 bc | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab8001158 | unwrapped: ce 2b 57 10 a6 30 cf 97 89 dd 97 45 9e 04 d9 a5 | unwrapped: 04 63 2f 81 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_e: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: f4 43 1d c0 84 89 29 7e 59 e3 83 86 ee fc 2d d2 90 46 ed 64 be c2 45 c6 ee ae d0 43 bb 90 ba 37 ec 10 31 b0 ba 63 4b 5e cf 4e 7d d9 30 4e c9 6e 33 9a b3 4a 17 25 73 cc 0f 8e 1c 9e cf f0 af 4c ee df 9c b6 25 9f 85 08 c5 76 d1 2e 8c 72 ae aa 54 58 80 6d 04 e4 13 81 dd f4 0d a2 79 e7 23 75 0d 4e c4 08 80 61 c8 96 8c 67 cc 2f 64 b0 28 f4 8c f2 24 cd cc 6b 82 a1 d8 56 3c 0e 57 d8 47 a4 a4 c4 f7 9e c9 7e 8a 07 97 13 da 29 19 75 dc b1 d2 d7 65 20 14 b9 a5 71 de a4 80 94 98 0a 74 38 8b 4d 69 e7 46 84 51 71 5b b8 b7 fe ae a0 da ed 9a a1 5a d6 82 c0 70 1a c3 7b a7 dc 22 f1 84 27 26 f7 40 d2 5e fb 7b de 9b 99 67 23 25 49 c6 52 13 1c c6 31 11 33 ff 4b ce 2f b2 d0 ee 21 96 7e ef 08 5c 98 16 b4 01 b3 27 83 04 4b 7b 82 7c 98 2b 93 cf 9c 13 01 e2 3e 0f 57 0c 6c 70 27 9c 79 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 4c 57 f9 ee e8 e1 e6 06 19 c6 aa c0 1a 55 f0 8c | unwrapped: e3 15 d1 22 31 b1 0b ec 51 e0 4b c1 37 ce 40 62 | unwrapped: d1 9e 51 be 81 28 d6 35 73 cf fd fa 7d 42 f5 07 | unwrapped: 20 c8 dc b7 0d a3 53 59 e7 d2 42 00 33 e1 9f ea | unwrapped: 12 d6 51 d2 d1 e4 af b5 4a 36 a6 fe 32 73 a5 20 | unwrapped: bc ba ee 5c 50 a3 6f ae 37 4c 63 8f b5 74 4a f3 | unwrapped: c2 21 6d ae 30 07 c6 3a b2 a1 a5 77 b4 f4 c0 d4 | unwrapped: 46 7f ae 9d 42 76 e9 94 9e bd 4e 20 5a 4a 5b 7f | unwrapped: ba eb 0e eb 79 75 b5 24 89 4f 26 c7 83 89 27 bc | unwrapped: d8 05 98 45 69 c6 c1 4d 91 ca 76 6c 56 20 71 dd | unwrapped: b4 b3 ee 8f fb 69 aa bc a8 2b f9 80 09 ec 68 f8 | unwrapped: ab 34 15 ad 51 48 66 40 1e 4b 65 58 8e 90 2d 25 | unwrapped: 4b 8d 6d 34 75 52 98 2f db a0 89 b7 23 69 eb 69 | unwrapped: 25 8c 79 c6 7f 79 56 17 a5 94 22 5a 26 e8 59 d5 | unwrapped: 38 5c 26 f1 0c db 17 f3 b5 12 46 f9 58 3e 62 b6 | unwrapped: b1 a4 5d 85 f7 ca 0b 7e 7b 05 07 f1 6d 3a 26 3e | SKEYID_e PRF sha update CKI_i-bytes@0x5573f4166afc (length 8) | 5e 98 22 ac 7d d1 dc f4 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f4166b04 (length 8) | bb 7e 1d 9a 1e c0 40 db | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2710 | result: final-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40c6080 | SKEYID_e PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID_e: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2768 | result: keymat-key@0x5573f40c6080 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f414d560, skeyid_a 0x5573f40bfec0, skeyid_e 0x5573f4150e50, enc_key 0x5573f40c6080 | DH_i: 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | DH_i: ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | DH_i: f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | DH_i: 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | DH_i: 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | DH_i: 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | DH_i: c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | DH_i: 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | DH_i: 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | DH_i: da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | DH_i: 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | DH_i: 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | DH_i: 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | DH_i: 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | DH_i: 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | DH_i: 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | DH_r: d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | DH_r: b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | DH_r: 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | DH_r: 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | DH_r: 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | DH_r: b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | DH_r: c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | DH_r: e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | DH_r: 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | DH_r: 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | DH_r: bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | DH_r: 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | DH_r: 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | DH_r: 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | DH_r: 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | DH_r: 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f41668fc (length 256) | 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | new IV hash sha digest GR-bytes@0x5573f41669fc (length 256) | d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | new IV hash sha final chunk@0x7ffab8001158 (length 20) | 1f 47 49 c4 30 d6 a3 1a 76 26 04 f3 ef 7b 47 e2 | 7a b3 10 a5 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.001313 seconds | (#1) spent 1.3 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 2 for state #1 to event queue | scheduling resume sending helper answer for #1 | libevent_malloc: new ptr-libevent@0x7ffab8003978 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 2 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #1: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffac0003a28: transferring ownership from helper IKEv1 DH+IV to state #1 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 5e 98 22 ac 7d d1 dc f4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | bb 7e 1d 9a 1e c0 40 db | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | 16 af aa 2e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 5e 98 22 ac 7d d1 dc f4 | natd_hash: rcookie= bb 7e 1d 9a 1e c0 40 db | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | natd_hash: hash= 16 af aa 2e | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 5e 98 22 ac 7d d1 dc f4 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | bb 7e 1d 9a 1e c0 40 db | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | 5b ea 81 6b | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 5e 98 22 ac 7d d1 dc f4 | natd_hash: rcookie= bb 7e 1d 9a 1e c0 40 db | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | natd_hash: hash= 5b ea 81 6b | expected NAT-D(me): 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | expected NAT-D(me): 16 af aa 2e | expected NAT-D(him): | 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | 5b ea 81 6b | received NAT-D: 1e ad b3 ac d4 67 72 97 0d 59 e2 32 ec 2f c1 7c | received NAT-D: 16 af aa 2e | received NAT-D: 1d 4f 52 d9 f2 89 ff 28 d5 c3 85 10 ca 96 e2 a4 | received NAT-D: 5b ea 81 6b | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f41633f8 | hmac PRF sha update data-bytes@0x7ffac0000b48 (length 256) | 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | hmac PRF sha update data-bytes@0x5573f4165a28 (length 256) | d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 5e 98 22 ac 7d d1 dc f4 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | bb 7e 1d 9a 1e c0 40 db | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | 1e 1f 8d f0 d2 4d fa 55 78 23 94 4e cf 3e 1d c0 | 53 af 9d 91 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 1e 1f 8d f0 d2 4d fa 55 78 23 94 4e cf 3e 1d c0 | HASH_I 53 af 9d 91 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 1e 1f 8d f0 d2 4d fa 55 78 23 94 4e cf 3e 1d c0 | encrypting: 53 af 9d 91 | IV: 1f 47 49 c4 30 d6 a3 1a 76 26 04 f3 ef 7b 47 e2 | IV: 7a b3 10 a5 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 7e e8 7c 81 03 de 88 5c d0 b8 02 df 8e 99 6a 50 | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #1: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 05 10 02 01 00 00 00 00 00 00 00 4c 7a 12 9d a5 | 59 48 ab 6b 53 de 65 44 f2 5f aa 42 b6 31 cf f2 | 1d bb 8f 69 88 c5 5f 02 d5 79 f8 a3 7e e8 7c 81 | 03 de 88 5c d0 b8 02 df 8e 99 6a 50 | !event_already_set at reschedule "aes128" #1: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #1 | libevent_malloc: new ptr-libevent@0x5573f4165c08 size 128 | #1 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10447.614673 "aes128" #1: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #1 suppresed complete_v1_state_transition() | #1 spent 0.341 milliseconds in resume sending helper answer | stop processing: state #1 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab8003978 | spent 0.00241 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 05 10 02 01 00 00 00 00 00 00 00 4c b6 c3 2b e0 | bb 97 bc 9d 15 bc d4 17 54 ef e4 ae 4c 35 4f 2a | 9c 22 fc ee 35 f1 77 a4 50 86 f2 65 85 46 b9 fe | 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #1 in MAIN_I3 (find_state_ikev1) | start processing: state #1 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #1 is idle | #1 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 7e e8 7c 81 03 de 88 5c d0 b8 02 df 8e 99 6a 50 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | decrypted payload (starts at offset -48): | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 02 fb 27 b6 | 69 86 b3 44 bf a8 8c d5 6a ba 26 c8 e0 91 df db | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #1: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab8001158 | hmac PRF sha update data-bytes@0x5573f4165a28 (length 256) | d7 05 40 f5 f5 cb 54 c9 0c c1 14 50 8b 82 2d dc | b9 3c 6d fa 81 8a eb 82 51 80 0e 00 d3 5a ac 47 | 5e 77 0f a2 7e 92 aa ab cb d5 cc b6 12 da fc 7a | 1a 2e 3a 80 97 05 dc 12 09 36 e0 36 f3 36 8f f7 | 19 8a 21 ae 75 1e 76 d8 ed 5a 22 4d ec 98 eb d4 | b8 0d 68 08 52 f3 e5 c8 f4 ad 21 eb cb d7 ed 04 | c9 e8 71 4e 1b 8b 5d 3f dd 4a 74 74 7a 8b cf a2 | e3 1e 0b 97 56 fd 0d 6b 68 bb 2f 0f c8 3f 8f de | 61 0e c8 9e 95 a1 a8 db b5 31 f0 a8 e5 83 5f 5a | 51 47 34 7d 74 8c 81 45 ed 59 b2 f1 6c ca 04 8b | bb fe a1 3e cd 15 b5 8e ba 83 fe dd 56 86 bc d8 | 39 f4 a5 8c 07 ac 55 12 e1 0b 8d ba 59 6e c2 74 | 53 12 72 e3 e4 13 bf 3d d5 0f 28 d8 1a ec 8e f0 | 76 fd f2 f2 af 76 d6 3e a9 5f 08 cf 63 53 85 da | 86 59 d6 92 8e 5d fb 46 8d be de 2c aa f7 5b 7c | 21 a9 58 eb 82 3e 54 95 0f d7 f4 fb bf f7 2a e1 | hmac PRF sha update data-bytes@0x7ffac0000b48 (length 256) | 16 62 d7 4f 72 6a 7c 86 8e 71 ed 42 47 bb 1a 57 | ed 41 59 d6 cf 01 4d 3b 5b 47 a8 64 f7 db 90 77 | f8 fb 88 95 d1 c7 6f b7 27 17 ed 26 17 9d 09 cc | 93 dc 96 3a 5a 31 ad 4f 62 54 e9 6b d8 7e a4 09 | 62 6a 37 0c 97 3f 0e b7 d9 24 62 c1 20 c0 f0 8a | 5a 8b 23 d0 45 15 dc 85 1b ac b5 7f c4 fa 49 47 | c3 ed 5a 9a 78 a9 74 83 15 6b be 3a a9 7b ed 39 | 76 ce 34 b2 46 23 94 ee a6 e5 1d 91 ea 67 a6 b7 | 29 7f 74 9a 58 28 6d 57 18 73 0b 1e d3 9d 55 09 | da 7f 2b 89 84 74 6f cb f8 fe 56 8c fc b1 c9 39 | 2e f6 91 e9 23 2b 8f a4 d1 c5 cd 16 b4 dd 1a 2c | 21 1b 65 ae 93 c7 65 43 5c 61 f2 63 0b 4c 35 22 | 13 e6 42 de 8c 7e dd 9d 51 23 49 a5 75 08 09 bd | 7e 1a 50 d8 c0 46 89 bd 7d a4 48 9f 46 5d f4 ab | 55 99 7a f9 b9 0d 78 c7 54 ed c9 78 4d 0e 66 74 | 3c 2f 09 a8 20 6b 83 0a e9 a5 61 37 1a 7e de 20 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | bb 7e 1d 9a 1e c0 40 db | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 5e 98 22 ac 7d d1 dc f4 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f4161ac8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | 02 fb 27 b6 69 86 b3 44 bf a8 8c d5 6a ba 26 c8 | e0 91 df db | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #1 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #1: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #1 requesting EVENT_RETRANSMIT to be deleted | #1 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4165c08 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1 | libevent_malloc: new ptr-libevent@0x7ffab8003978 size 128 | pstats #1 ikev1.isakmp established "aes128" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #1 | creating state object #2 at 0x5573f4166828 | State DB: adding IKEv1 state #2 in UNDEFINED | pstats #2 ikev1.ipsec started | duplicating state object #1 "aes128" as #2 for IPSEC SA | #2 setting local endpoint to 192.1.2.45:500 from #1.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_d_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ai_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f40c6080 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #1 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #2 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #2: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:b0835549 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 3 for state #2 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffac0002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x5573f4165b58 size 128 | stop processing: state #2 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #1 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f40bb898} | crypto helper 3 resuming | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 3 starting work-order 3 for state #2 | #1 spent 0.298 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 3 | stop processing: state #1 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.405 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffabc0050c8: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffabc0050c8 | NSS: Public DH wire value: | 31 fe 4f 18 ab 9f e3 05 93 c1 a6 b9 80 fd 22 b4 | c0 43 e0 d2 d9 44 12 e9 d1 f6 01 c1 24 74 e8 5b | 5c 96 39 de 33 dc 0f fa 11 4a f1 ce 8a 76 e1 81 | a7 57 25 9b 49 61 03 93 a1 a1 e2 17 d2 87 ed 79 | f8 ab 9c 47 87 b4 03 c8 8f 4b f1 a4 87 1e a1 c4 | d6 d6 21 b0 aa e4 1d e4 03 e4 98 19 04 78 60 a3 | 34 3d 52 73 55 7d 9e c5 83 e4 0a 53 6a db f9 36 | 6b 53 14 ac f1 6c 82 d1 4d 4f 38 39 96 02 6e 9d | 13 f6 f6 5b 24 de b1 aa 12 56 9a 03 b7 bd 3b bc | cc 8b b3 a8 38 b9 20 d6 ff 5d 4d be ab f8 82 7d | 7e 4c 5e 65 85 06 bf 26 a9 35 9c 97 d0 ba 35 17 | 52 20 c6 51 67 e1 5d 37 b9 64 26 54 1a f1 a3 87 | 7d 79 61 04 7c 0f f9 2d f5 9e a5 86 31 3e 6f 06 | 06 e6 24 e3 20 ea 11 4d cf 1a 8b 5c 3e 13 4f 1a | c6 46 0e 48 5d 99 90 5b aa a2 a0 63 0b 4d 92 3c | e2 79 16 99 98 21 6d 97 2e 97 dc c0 f9 54 8e 08 | Generated nonce: 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | Generated nonce: b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 3 time elapsed 0.000694 seconds | (#2) spent 0.693 milliseconds in crypto helper computing work-order 3: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 3 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7ffabc003f28 size 128 | libevent_realloc: release ptr-libevent@0x5573f41447c8 | libevent_realloc: new ptr-libevent@0x7ffabc003e78 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 3 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #2: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2961397065 (0xb0835549) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xf1fcaf80 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI f1 fc af 80 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | Ni b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffabc0050c8: transferring ownership from helper KE to state #2 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 31 fe 4f 18 ab 9f e3 05 93 c1 a6 b9 80 fd 22 b4 | keyex value c0 43 e0 d2 d9 44 12 e9 d1 f6 01 c1 24 74 e8 5b | keyex value 5c 96 39 de 33 dc 0f fa 11 4a f1 ce 8a 76 e1 81 | keyex value a7 57 25 9b 49 61 03 93 a1 a1 e2 17 d2 87 ed 79 | keyex value f8 ab 9c 47 87 b4 03 c8 8f 4b f1 a4 87 1e a1 c4 | keyex value d6 d6 21 b0 aa e4 1d e4 03 e4 98 19 04 78 60 a3 | keyex value 34 3d 52 73 55 7d 9e c5 83 e4 0a 53 6a db f9 36 | keyex value 6b 53 14 ac f1 6c 82 d1 4d 4f 38 39 96 02 6e 9d | keyex value 13 f6 f6 5b 24 de b1 aa 12 56 9a 03 b7 bd 3b bc | keyex value cc 8b b3 a8 38 b9 20 d6 ff 5d 4d be ab f8 82 7d | keyex value 7e 4c 5e 65 85 06 bf 26 a9 35 9c 97 d0 ba 35 17 | keyex value 52 20 c6 51 67 e1 5d 37 b9 64 26 54 1a f1 a3 87 | keyex value 7d 79 61 04 7c 0f f9 2d f5 9e a5 86 31 3e 6f 06 | keyex value 06 e6 24 e3 20 ea 11 4d cf 1a 8b 5c 3e 13 4f 1a | keyex value c6 46 0e 48 5d 99 90 5b aa a2 a0 63 0b 4d 92 3c | keyex value e2 79 16 99 98 21 6d 97 2e 97 dc c0 f9 54 8e 08 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x5573f41635d0 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x5573f41635d0 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4163448 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | b0 83 55 49 | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 f1 fc af 80 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 76 b1 94 0f | 07 69 11 36 4f f9 3c 13 cc 99 6e 25 b7 a7 4a 9c | a3 30 82 cd e1 95 da 41 e5 e9 bf 2e 05 00 01 04 | 31 fe 4f 18 ab 9f e3 05 93 c1 a6 b9 80 fd 22 b4 | c0 43 e0 d2 d9 44 12 e9 d1 f6 01 c1 24 74 e8 5b | 5c 96 39 de 33 dc 0f fa 11 4a f1 ce 8a 76 e1 81 | a7 57 25 9b 49 61 03 93 a1 a1 e2 17 d2 87 ed 79 | f8 ab 9c 47 87 b4 03 c8 8f 4b f1 a4 87 1e a1 c4 | d6 d6 21 b0 aa e4 1d e4 03 e4 98 19 04 78 60 a3 | 34 3d 52 73 55 7d 9e c5 83 e4 0a 53 6a db f9 36 | 6b 53 14 ac f1 6c 82 d1 4d 4f 38 39 96 02 6e 9d | 13 f6 f6 5b 24 de b1 aa 12 56 9a 03 b7 bd 3b bc | cc 8b b3 a8 38 b9 20 d6 ff 5d 4d be ab f8 82 7d | 7e 4c 5e 65 85 06 bf 26 a9 35 9c 97 d0 ba 35 17 | 52 20 c6 51 67 e1 5d 37 b9 64 26 54 1a f1 a3 87 | 7d 79 61 04 7c 0f f9 2d f5 9e a5 86 31 3e 6f 06 | 06 e6 24 e3 20 ea 11 4d cf 1a 8b 5c 3e 13 4f 1a | c6 46 0e 48 5d 99 90 5b aa a2 a0 63 0b 4d 92 3c | e2 79 16 99 98 21 6d 97 2e 97 dc c0 f9 54 8e 08 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | cb 72 41 d8 60 7c 69 db 6e 59 58 da 7e 6d 44 00 | ff 30 cf 6c | outI1 HASH(1): | cb 72 41 d8 60 7c 69 db 6e 59 58 da 7e 6d 44 00 | ff 30 cf 6c | last Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | current Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | b0 83 55 49 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 42 86 29 bf 3d 98 94 ca 50 bc 18 ae d7 05 c4 1f | f5 10 eb 28 | encrypting: 01 00 00 18 cb 72 41 d8 60 7c 69 db 6e 59 58 da | encrypting: 7e 6d 44 00 ff 30 cf 6c 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 f1 fc af 80 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 76 b1 94 0f 07 69 11 36 4f f9 3c 13 | encrypting: cc 99 6e 25 b7 a7 4a 9c a3 30 82 cd e1 95 da 41 | encrypting: e5 e9 bf 2e 05 00 01 04 31 fe 4f 18 ab 9f e3 05 | encrypting: 93 c1 a6 b9 80 fd 22 b4 c0 43 e0 d2 d9 44 12 e9 | encrypting: d1 f6 01 c1 24 74 e8 5b 5c 96 39 de 33 dc 0f fa | encrypting: 11 4a f1 ce 8a 76 e1 81 a7 57 25 9b 49 61 03 93 | encrypting: a1 a1 e2 17 d2 87 ed 79 f8 ab 9c 47 87 b4 03 c8 | encrypting: 8f 4b f1 a4 87 1e a1 c4 d6 d6 21 b0 aa e4 1d e4 | encrypting: 03 e4 98 19 04 78 60 a3 34 3d 52 73 55 7d 9e c5 | encrypting: 83 e4 0a 53 6a db f9 36 6b 53 14 ac f1 6c 82 d1 | encrypting: 4d 4f 38 39 96 02 6e 9d 13 f6 f6 5b 24 de b1 aa | encrypting: 12 56 9a 03 b7 bd 3b bc cc 8b b3 a8 38 b9 20 d6 | encrypting: ff 5d 4d be ab f8 82 7d 7e 4c 5e 65 85 06 bf 26 | encrypting: a9 35 9c 97 d0 ba 35 17 52 20 c6 51 67 e1 5d 37 | encrypting: b9 64 26 54 1a f1 a3 87 7d 79 61 04 7c 0f f9 2d | encrypting: f5 9e a5 86 31 3e 6f 06 06 e6 24 e3 20 ea 11 4d | encrypting: cf 1a 8b 5c 3e 13 4f 1a c6 46 0e 48 5d 99 90 5b | encrypting: aa a2 a0 63 0b 4d 92 3c e2 79 16 99 98 21 6d 97 | encrypting: 2e 97 dc c0 f9 54 8e 08 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 42 86 29 bf 3d 98 94 ca 50 bc 18 ae d7 05 c4 1f | IV: f5 10 eb 28 | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: e1 db bb 21 c8 82 b1 0b 37 ca 3d 13 61 c2 50 b4 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 20 01 b0 83 55 49 00 00 01 bc 17 68 bf 32 | c3 79 b3 2d d6 0c 6e f2 c6 f5 8d 0b 64 cd 23 e4 | ac 05 dc 7d d0 83 26 d3 fd 03 09 fe 10 c7 bc f7 | 9c 5b 85 c8 d9 22 f8 a2 64 1f f5 d8 28 c0 9a 7e | d1 91 df d7 7a 16 44 3a 12 b7 6b b6 d0 5d 94 b5 | e4 2c 21 28 f5 67 7e 2a e5 dc da 38 68 07 59 9d | db 5a cc 37 a0 21 e1 de 14 d5 a1 fc e9 55 f9 6b | ec 79 93 0a a2 ae 68 a2 77 d0 0a 81 c3 19 31 5f | fe 38 b3 89 36 4a a8 40 00 43 74 0f 1e b5 85 ea | 24 cb e3 89 01 d4 55 35 92 39 38 76 55 e4 75 10 | 6e 6b f8 3d 62 79 0d ba c5 c6 a7 93 65 23 85 b5 | 3e af 02 8e ae 54 74 1b dd 9e e0 f6 69 ac 0b be | 91 eb 6b 73 14 1b b3 1c f6 2a 68 24 6c f5 ac 1a | cd ef 5c 4b 11 b2 cd d5 33 cb 93 92 cd e3 87 85 | 99 18 0c 8f 2b 78 89 b1 fc 16 7d 00 70 d7 66 b8 | 6c 61 c2 50 70 49 00 83 43 f5 81 cf 0d 5b 8a 37 | 61 73 c1 5c 7a 6f 67 e9 53 86 9d b1 73 14 63 d3 | 87 9c 8e 4c 0a 7c 21 65 82 72 5e 90 26 2b e3 1f | cd ff a1 46 5b 5b ce 5c bb e3 5b 96 e5 e0 cc 92 | 9f 58 35 29 b8 82 d3 97 97 21 3c e1 e2 f2 50 c7 | b3 55 25 85 ea d3 a0 7d 17 d8 57 a8 ae cd 6b 03 | 79 03 0a cd 59 70 64 0c 32 aa f2 5c cf 0a 77 e2 | f8 01 c0 c2 e2 94 09 97 8f 31 df d9 42 5b 78 ab | 47 ad 56 8e 53 44 1d c4 54 fd a0 18 81 0f a9 8c | ed da e0 87 1a b4 44 c4 bf 81 21 e1 97 96 90 3d | b7 22 9c 34 a8 6c 57 58 4b 5c 67 23 e1 db bb 21 | c8 82 b1 0b 37 ca 3d 13 61 c2 50 b4 | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4165b58 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffac0002b78 "aes128" #2: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffac0002b78 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x5573f41660e8 size 128 | #2 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10447.616845 | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 0.445 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffabc003f28 | spent 0.00242 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 20 01 b0 83 55 49 00 00 01 bc b2 f7 cf b5 | 7a 84 06 5e 8e 16 0a 00 ce 9b d0 02 18 f9 8e 8a | 48 70 b6 f8 43 91 b6 07 34 2b e0 d4 5e 56 a1 17 | 07 df c6 c0 ff 5b f0 89 9b 37 3b 83 5d d3 66 00 | eb f9 fd 1a 29 89 b2 0f 8a a5 e6 2e 18 0f f4 cd | 81 70 5b da d6 86 7e 0b ce 60 95 b4 f4 d5 cc 34 | cb 32 09 9b 0a d5 25 9b 9a cd 5f 73 ae 5f 36 32 | be c0 8c a0 eb 74 d7 da 00 f2 1b fb c9 55 9d 93 | bb 13 02 14 be 01 90 f5 c6 f4 b3 6b 86 b9 bf 44 | f3 95 c5 49 21 33 65 59 ff 2e 15 26 47 72 65 47 | 42 b6 e6 fb ee 01 9d 0d ec df a2 bc 6c f1 00 d7 | 91 7d 83 03 ff 18 44 52 ba 16 1c 95 d7 18 8d 74 | ff cf 92 ec dc 3b 49 16 40 f6 3d 53 78 ec bf 1c | 2e 68 14 a6 65 04 c4 11 a1 77 c3 4b c5 bf 46 e6 | c2 5d 9c 68 43 89 6d 4c b2 40 cb 3f e2 0c b3 28 | 3b f0 0b b6 a1 f6 d2 75 96 a3 ad b0 48 bf 41 40 | 4f c8 de ab c9 5a 47 6e ae c8 a3 87 0c cf 47 0b | 8b a9 f9 82 67 e9 00 0a bc 52 bf a9 2d dd 01 69 | bb 06 ef 16 eb ae 15 34 85 ba 03 96 0b c7 8a 68 | 08 0a 5c 17 47 d4 19 b6 86 fd 34 e8 b2 3e 22 94 | 62 84 96 ba ce f8 59 b2 51 08 20 90 eb c0 1a 5f | df 15 56 af 36 8f be 2b 55 82 5b 3a 4b 9f 60 11 | 25 e8 32 a1 79 f5 46 62 6c b8 b6 00 75 c8 98 04 | c6 52 d3 2b dc 14 08 e7 21 f2 ee d4 0e b0 33 44 | 78 da 6e e2 00 c7 5b ae 49 0a b8 d8 88 b9 89 be | 81 32 1a 7f 2b 0f 2c ca dd 99 5d 73 6f 1d 8b ca | a2 24 2c e0 f7 24 f6 4e 67 97 d3 a1 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2961397065 (0xb0835549) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #2 in QUICK_I1 (find_state_ikev1) | start processing: state #2 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #2 is idle | #2 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: e1 db bb 21 c8 82 b1 0b 37 ca 3d 13 61 c2 50 b4 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 6f 1d 8b ca a2 24 2c e0 f7 24 f6 4e 67 97 d3 a1 | decrypted payload (starts at offset -416): | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 20 01 b0 83 55 49 00 00 01 bc 01 00 00 18 | 91 22 6a 24 8e 1f c4 e8 fa c2 ac ad 2b 32 c9 31 | 5f bd 3b 6a 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 34 bb e0 8a 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | 05 00 01 04 5d 6b de fe 80 e8 3d 87 ff cd 0b b1 | 71 39 5f 03 b2 98 55 81 1e 45 07 d6 ed 14 36 09 | 10 3d 18 3c 37 fa 24 00 f1 cb e5 57 3a 6d 8d a8 | 36 8b 5c 95 82 65 84 51 29 8a 72 d5 00 2f 75 4b | 81 af 77 ad 4e e9 bb 8b bc 94 e8 2b 09 01 ed 0a | 21 92 f8 73 a2 11 43 31 ed 37 86 b6 c5 6e f3 d1 | 4f 77 b8 9f 3c 8c 72 e6 b5 27 91 49 83 a1 13 49 | 18 36 64 b6 75 97 fe c8 01 9f fd 0a c1 e6 1a 1a | 2a 78 03 c3 62 23 8b b0 cb 74 5e 2a 30 14 26 b2 | 90 b4 f9 aa 9d 13 d8 1e da d3 a4 e2 50 4c 4f 7a | 93 94 a8 6e 85 da 28 b8 7f f2 07 c0 d4 4e 9e c0 | c1 35 f0 3b 7e 00 b8 10 34 a1 54 83 15 12 2a 57 | 15 d1 26 1e 6c 75 f0 32 92 4f 12 63 44 49 de f8 | d4 6f 59 78 8a c5 bc 8f 9c d2 07 b9 65 7b 29 a3 | 3f e9 17 51 c7 c0 46 82 e1 41 57 04 1b 91 34 b9 | d6 57 2e d1 8a 20 ef 16 81 e5 e6 4b 81 4a 98 c7 | 9b 4d 47 64 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4163448 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | b0 83 55 49 | HASH(1) PRF sha update Ni_b-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | HASH(1) PRF sha update payload-bytes@0x5573f416896c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 34 bb e0 8a 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 cd c9 1c 4e | d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 b5 de 52 4c | 7b 24 19 df ea 04 16 f0 87 62 64 fc 05 00 01 04 | 5d 6b de fe 80 e8 3d 87 ff cd 0b b1 71 39 5f 03 | b2 98 55 81 1e 45 07 d6 ed 14 36 09 10 3d 18 3c | 37 fa 24 00 f1 cb e5 57 3a 6d 8d a8 36 8b 5c 95 | 82 65 84 51 29 8a 72 d5 00 2f 75 4b 81 af 77 ad | 4e e9 bb 8b bc 94 e8 2b 09 01 ed 0a 21 92 f8 73 | a2 11 43 31 ed 37 86 b6 c5 6e f3 d1 4f 77 b8 9f | 3c 8c 72 e6 b5 27 91 49 83 a1 13 49 18 36 64 b6 | 75 97 fe c8 01 9f fd 0a c1 e6 1a 1a 2a 78 03 c3 | 62 23 8b b0 cb 74 5e 2a 30 14 26 b2 90 b4 f9 aa | 9d 13 d8 1e da d3 a4 e2 50 4c 4f 7a 93 94 a8 6e | 85 da 28 b8 7f f2 07 c0 d4 4e 9e c0 c1 35 f0 3b | 7e 00 b8 10 34 a1 54 83 15 12 2a 57 15 d1 26 1e | 6c 75 f0 32 92 4f 12 63 44 49 de f8 d4 6f 59 78 | 8a c5 bc 8f 9c d2 07 b9 65 7b 29 a3 3f e9 17 51 | c7 c0 46 82 e1 41 57 04 1b 91 34 b9 d6 57 2e d1 | 8a 20 ef 16 81 e5 e6 4b 81 4a 98 c7 9b 4d 47 64 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | 91 22 6a 24 8e 1f c4 e8 fa c2 ac ad 2b 32 c9 31 | 5f bd 3b 6a | quick_inR1_outI2 HASH(2): | 91 22 6a 24 8e 1f c4 e8 fa c2 ac ad 2b 32 c9 31 | 5f bd 3b 6a | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 34 bb e0 8a | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 5d 6b de fe 80 e8 3d 87 ff cd 0b b1 71 39 5f 03 | b2 98 55 81 1e 45 07 d6 ed 14 36 09 10 3d 18 3c | 37 fa 24 00 f1 cb e5 57 3a 6d 8d a8 36 8b 5c 95 | 82 65 84 51 29 8a 72 d5 00 2f 75 4b 81 af 77 ad | 4e e9 bb 8b bc 94 e8 2b 09 01 ed 0a 21 92 f8 73 | a2 11 43 31 ed 37 86 b6 c5 6e f3 d1 4f 77 b8 9f | 3c 8c 72 e6 b5 27 91 49 83 a1 13 49 18 36 64 b6 | 75 97 fe c8 01 9f fd 0a c1 e6 1a 1a 2a 78 03 c3 | 62 23 8b b0 cb 74 5e 2a 30 14 26 b2 90 b4 f9 aa | 9d 13 d8 1e da d3 a4 e2 50 4c 4f 7a 93 94 a8 6e | 85 da 28 b8 7f f2 07 c0 d4 4e 9e c0 c1 35 f0 3b | 7e 00 b8 10 34 a1 54 83 15 12 2a 57 15 d1 26 1e | 6c 75 f0 32 92 4f 12 63 44 49 de f8 d4 6f 59 78 | 8a c5 bc 8f 9c d2 07 b9 65 7b 29 a3 3f e9 17 51 | c7 c0 46 82 e1 41 57 04 1b 91 34 b9 d6 57 2e d1 | 8a 20 ef 16 81 e5 e6 4b 81 4a 98 c7 9b 4d 47 64 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffabc0050c8: transferring ownership from state #2 to helper IKEv1 DH | adding quick outI2 DH work-order 4 for state #2 | state #2 requesting EVENT_RETRANSMIT to be deleted | #2 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f41660e8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffac0002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffac0002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 | libevent_malloc: new ptr-libevent@0x7ffabc003f28 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #2 and saving MD | #2 is busy; has a suspended MD | #2 spent 0.128 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #2 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.387 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 4 resuming | crypto helper 4 starting work-order 4 for state #2 | crypto helper 4 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 | peer's g: 5d 6b de fe 80 e8 3d 87 ff cd 0b b1 71 39 5f 03 | peer's g: b2 98 55 81 1e 45 07 d6 ed 14 36 09 10 3d 18 3c | peer's g: 37 fa 24 00 f1 cb e5 57 3a 6d 8d a8 36 8b 5c 95 | peer's g: 82 65 84 51 29 8a 72 d5 00 2f 75 4b 81 af 77 ad | peer's g: 4e e9 bb 8b bc 94 e8 2b 09 01 ed 0a 21 92 f8 73 | peer's g: a2 11 43 31 ed 37 86 b6 c5 6e f3 d1 4f 77 b8 9f | peer's g: 3c 8c 72 e6 b5 27 91 49 83 a1 13 49 18 36 64 b6 | peer's g: 75 97 fe c8 01 9f fd 0a c1 e6 1a 1a 2a 78 03 c3 | peer's g: 62 23 8b b0 cb 74 5e 2a 30 14 26 b2 90 b4 f9 aa | peer's g: 9d 13 d8 1e da d3 a4 e2 50 4c 4f 7a 93 94 a8 6e | peer's g: 85 da 28 b8 7f f2 07 c0 d4 4e 9e c0 c1 35 f0 3b | peer's g: 7e 00 b8 10 34 a1 54 83 15 12 2a 57 15 d1 26 1e | peer's g: 6c 75 f0 32 92 4f 12 63 44 49 de f8 d4 6f 59 78 | peer's g: 8a c5 bc 8f 9c d2 07 b9 65 7b 29 a3 3f e9 17 51 | peer's g: c7 c0 46 82 e1 41 57 04 1b 91 34 b9 d6 57 2e d1 | peer's g: 8a 20 ef 16 81 e5 e6 4b 81 4a 98 c7 9b 4d 47 64 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffabc0050c8: computed shared DH secret key@0x5573f41619f0 | dh-shared : g^ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 4 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 time elapsed 0.000604 seconds | (#2) spent 0.604 milliseconds in crypto helper computing work-order 4: quick outI2 DH (pcr) | crypto helper 4 sending results from work-order 4 for state #2 to event queue | scheduling resume sending helper answer for #2 | libevent_malloc: new ptr-libevent@0x7ffab0001f78 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #2 | start processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 4 | calling continuation function 0x5573f2c98b50 | quick_inR1_outI2_continue for #2: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2961397065 (0xb0835549) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7ffabc0050c8: transferring ownership from helper IKEv1 DH to state #2 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0b08 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x7ffab8001158 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0bec (length 4) | b0 83 55 49 | HASH(1) PRF sha update Ni_b-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | HASH(1) PRF sha update Nr_b-bytes@0x5573f41633f8 (length 32) | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 11 92 2e a5 8e c5 f6 6b fc cf d5 f5 e7 0f b4 b0 | 1e 42 5e 62 | quick_inR1_outI2 HASH(3): | 11 92 2e a5 8e c5 f6 6b fc cf d5 f5 e7 0f b4 b0 | 1e 42 5e 62 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffabc0041f0 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffabc0041f0 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x5573f4163448 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f4163548 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 07 2f e6 77 fb 01 c4 16 19 f1 f5 44 7c 09 10 e2 09 fb a9 19 6b c6 71 2f 1a 01 ca c1 ee 1b a9 1a d9 b3 c5 3a c8 84 b3 30 f1 97 85 74 21 15 9f ad 6d e2 05 c6 94 9b d0 49 ec 3f 7d 85 92 55 35 a1 a2 ea d2 71 78 f6 46 a1 6c 00 97 4b d4 0a 38 df 9b 42 36 ec 65 ee e6 aa 50 1a c0 c0 f9 8d 0b 87 fb 9c 99 e4 63 3e a7 61 97 19 36 41 99 02 fb b6 04 ee db ac e4 8c ea cb 3d 28 25 f4 8f e8 8e df ce d2 af bf 62 da ec ca 2f 22 a1 54 fb f4 40 2c 65 ae 53 52 bf 52 73 30 3a d5 3c 08 01 76 c4 78 05 8c 48 13 9c b6 8c 17 c4 62 1b 00 2f fb 75 41 f6 7a 56 a8 72 38 ea 4a 7f c0 9c a8 2a 85 06 68 54 5e d7 67 64 00 2f a1 ed f0 a5 c3 ec 12 3a 40 c0 37 cf d5 06 2a 1a 9a a8 92 4b f8 16 71 db 5f 2d 2c 57 4d 31 d3 6b 80 3e 6d e8 07 80 7a 2a cf 73 65 34 90 21 53 06 94 51 92 7b 83 24 b5 70 e2 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f41702a8 | unwrapped: 0d ea 0d 35 e3 26 6c 4a bc 48 3f 18 f1 31 b2 39 | unwrapped: a0 73 fe 53 f2 cd 70 e0 df a2 fb 02 eb 53 44 74 | unwrapped: 8f 57 e8 15 58 66 92 cb 3c a1 cc 50 8e 2f 5c 3f | unwrapped: be 58 e9 d0 45 23 c4 0f a8 88 80 73 e3 28 6c f1 | unwrapped: 0e 82 bd 78 80 69 42 b0 e8 d4 63 b5 2b b5 fe fc | unwrapped: fa 59 08 7b d2 33 db c7 91 58 52 42 a7 5c 6c 1d | unwrapped: 46 77 e0 7a da 6e 2e 2c 31 4a 7f f5 53 0b 45 c2 | unwrapped: aa e7 b8 d4 e4 84 c2 49 a7 d3 d8 4e 16 54 b3 71 | unwrapped: c8 13 e6 25 fa ee 31 70 c1 8b 8d c4 9b 33 d1 fa | unwrapped: e9 b6 27 a6 64 7f df 09 34 52 ef 91 bd 60 d1 b5 | unwrapped: 13 2f bf 63 b3 77 b2 57 bb a0 54 6d 1c e8 7d 83 | unwrapped: 29 e2 ba f7 7d d1 87 4b bf b6 ca 93 e4 ff e2 55 | unwrapped: a6 dd 46 39 bd 9f 1d 90 60 1a 95 61 87 b9 13 f4 | unwrapped: 87 72 dc 4b 2c af 53 63 fa c3 ff 31 cd ae 5a e4 | unwrapped: 69 84 3f 2f 3c aa b8 e9 a7 ea 51 30 2c da 5c b8 | unwrapped: c3 68 0a 95 7e 26 ed 8f 83 71 54 38 72 3b 6d 5a | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 07 2f e6 77 fb 01 c4 16 19 f1 f5 44 7c 09 10 e2 09 fb a9 19 6b c6 71 2f 1a 01 ca c1 ee 1b a9 1a d9 b3 c5 3a c8 84 b3 30 f1 97 85 74 21 15 9f ad 6d e2 05 c6 94 9b d0 49 ec 3f 7d 85 92 55 35 a1 a2 ea d2 71 78 f6 46 a1 6c 00 97 4b d4 0a 38 df 9b 42 36 ec 65 ee e6 aa 50 1a c0 c0 f9 8d 0b 87 fb 9c 99 e4 63 3e a7 61 97 19 36 41 99 02 fb b6 04 ee db ac e4 8c ea cb 3d 28 25 f4 8f e8 8e df ce d2 af bf 62 da ec ca 2f 22 a1 54 fb f4 40 2c 65 ae 53 52 bf 52 73 30 3a d5 3c 08 01 76 c4 78 05 8c 48 13 9c b6 8c 17 c4 62 1b 00 2f fb 75 41 f6 7a 56 a8 72 38 ea 4a 7f c0 9c a8 2a 85 06 68 54 5e d7 67 64 00 2f a1 ed f0 a5 c3 ec 12 3a 40 c0 37 cf d5 06 2a 1a 9a a8 92 4b f8 16 71 db 5f 2d 2c 57 4d 31 d3 6b 80 3e 6d e8 07 80 7a 2a cf 73 65 34 90 21 53 06 94 51 92 7b 83 24 b5 70 e2 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f416ff58 | unwrapped: 0d ea 0d 35 e3 26 6c 4a bc 48 3f 18 f1 31 b2 39 | unwrapped: a0 73 fe 53 f2 cd 70 e0 df a2 fb 02 eb 53 44 74 | unwrapped: 8f 57 e8 15 58 66 92 cb 3c a1 cc 50 8e 2f 5c 3f | unwrapped: be 58 e9 d0 45 23 c4 0f a8 88 80 73 e3 28 6c f1 | unwrapped: 0e 82 bd 78 80 69 42 b0 e8 d4 63 b5 2b b5 fe fc | unwrapped: fa 59 08 7b d2 33 db c7 91 58 52 42 a7 5c 6c 1d | unwrapped: 46 77 e0 7a da 6e 2e 2c 31 4a 7f f5 53 0b 45 c2 | unwrapped: aa e7 b8 d4 e4 84 c2 49 a7 d3 d8 4e 16 54 b3 71 | unwrapped: c8 13 e6 25 fa ee 31 70 c1 8b 8d c4 9b 33 d1 fa | unwrapped: e9 b6 27 a6 64 7f df 09 34 52 ef 91 bd 60 d1 b5 | unwrapped: 13 2f bf 63 b3 77 b2 57 bb a0 54 6d 1c e8 7d 83 | unwrapped: 29 e2 ba f7 7d d1 87 4b bf b6 ca 93 e4 ff e2 55 | unwrapped: a6 dd 46 39 bd 9f 1d 90 60 1a 95 61 87 b9 13 f4 | unwrapped: 87 72 dc 4b 2c af 53 63 fa c3 ff 31 cd ae 5a e4 | unwrapped: 69 84 3f 2f 3c aa b8 e9 a7 ea 51 30 2c da 5c b8 | unwrapped: c3 68 0a 95 7e 26 ed 8f 83 71 54 38 72 3b 6d 5a | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | f1 fc af 80 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 34 bb e0 8a | hmac PRF sha update data-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | hmac PRF sha update data-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | hmac PRF sha update data-bytes@0x5573f41633f8 (length 32) | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | hmac PRF sha update data-bytes@0x5573f41633f8 (length 32) | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | hmac PRF sha final-bytes@0x7ffab8004138 (length 20) | f3 c8 18 00 5f 7b a9 2f ed c0 08 03 ed c4 6c 83 | 0f 34 ff b5 | hmac PRF sha final-bytes@0x5573f40c0918 (length 20) | 3f 44 ea 25 ff d5 90 d9 48 d1 ec a0 89 d2 5f f2 | ba bf fb 10 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f41637c8 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffabc0041f0 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffabc0041f0 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x7ffab8001158 | hmac PRF sha update data-bytes@0x7ffab8004138 (length 20) | f3 c8 18 00 5f 7b a9 2f ed c0 08 03 ed c4 6c 83 | 0f 34 ff b5 | hmac PRF sha update data-bytes@0x5573f40c0918 (length 20) | 3f 44 ea 25 ff d5 90 d9 48 d1 ec a0 89 d2 5f f2 | ba bf fb 10 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 07 2f e6 77 fb 01 c4 16 19 f1 f5 44 7c 09 10 e2 09 fb a9 19 6b c6 71 2f 1a 01 ca c1 ee 1b a9 1a d9 b3 c5 3a c8 84 b3 30 f1 97 85 74 21 15 9f ad 6d e2 05 c6 94 9b d0 49 ec 3f 7d 85 92 55 35 a1 a2 ea d2 71 78 f6 46 a1 6c 00 97 4b d4 0a 38 df 9b 42 36 ec 65 ee e6 aa 50 1a c0 c0 f9 8d 0b 87 fb 9c 99 e4 63 3e a7 61 97 19 36 41 99 02 fb b6 04 ee db ac e4 8c ea cb 3d 28 25 f4 8f e8 8e df ce d2 af bf 62 da ec ca 2f 22 a1 54 fb f4 40 2c 65 ae 53 52 bf 52 73 30 3a d5 3c 08 01 76 c4 78 05 8c 48 13 9c b6 8c 17 c4 62 1b 00 2f fb 75 41 f6 7a 56 a8 72 38 ea 4a 7f c0 9c a8 2a 85 06 68 54 5e d7 67 64 00 2f a1 ed f0 a5 c3 ec 12 3a 40 c0 37 cf d5 06 2a 1a 9a a8 92 4b f8 16 71 db 5f 2d 2c 57 4d 31 d3 6b 80 3e 6d e8 07 80 7a 2a cf 73 65 34 90 21 53 06 94 51 92 7b 83 24 b5 70 e2 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f41702a8 | unwrapped: 0d ea 0d 35 e3 26 6c 4a bc 48 3f 18 f1 31 b2 39 | unwrapped: a0 73 fe 53 f2 cd 70 e0 df a2 fb 02 eb 53 44 74 | unwrapped: 8f 57 e8 15 58 66 92 cb 3c a1 cc 50 8e 2f 5c 3f | unwrapped: be 58 e9 d0 45 23 c4 0f a8 88 80 73 e3 28 6c f1 | unwrapped: 0e 82 bd 78 80 69 42 b0 e8 d4 63 b5 2b b5 fe fc | unwrapped: fa 59 08 7b d2 33 db c7 91 58 52 42 a7 5c 6c 1d | unwrapped: 46 77 e0 7a da 6e 2e 2c 31 4a 7f f5 53 0b 45 c2 | unwrapped: aa e7 b8 d4 e4 84 c2 49 a7 d3 d8 4e 16 54 b3 71 | unwrapped: c8 13 e6 25 fa ee 31 70 c1 8b 8d c4 9b 33 d1 fa | unwrapped: e9 b6 27 a6 64 7f df 09 34 52 ef 91 bd 60 d1 b5 | unwrapped: 13 2f bf 63 b3 77 b2 57 bb a0 54 6d 1c e8 7d 83 | unwrapped: 29 e2 ba f7 7d d1 87 4b bf b6 ca 93 e4 ff e2 55 | unwrapped: a6 dd 46 39 bd 9f 1d 90 60 1a 95 61 87 b9 13 f4 | unwrapped: 87 72 dc 4b 2c af 53 63 fa c3 ff 31 cd ae 5a e4 | unwrapped: 69 84 3f 2f 3c aa b8 e9 a7 ea 51 30 2c da 5c b8 | unwrapped: c3 68 0a 95 7e 26 ed 8f 83 71 54 38 72 3b 6d 5a | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 07 2f e6 77 fb 01 c4 16 19 f1 f5 44 7c 09 10 e2 09 fb a9 19 6b c6 71 2f 1a 01 ca c1 ee 1b a9 1a d9 b3 c5 3a c8 84 b3 30 f1 97 85 74 21 15 9f ad 6d e2 05 c6 94 9b d0 49 ec 3f 7d 85 92 55 35 a1 a2 ea d2 71 78 f6 46 a1 6c 00 97 4b d4 0a 38 df 9b 42 36 ec 65 ee e6 aa 50 1a c0 c0 f9 8d 0b 87 fb 9c 99 e4 63 3e a7 61 97 19 36 41 99 02 fb b6 04 ee db ac e4 8c ea cb 3d 28 25 f4 8f e8 8e df ce d2 af bf 62 da ec ca 2f 22 a1 54 fb f4 40 2c 65 ae 53 52 bf 52 73 30 3a d5 3c 08 01 76 c4 78 05 8c 48 13 9c b6 8c 17 c4 62 1b 00 2f fb 75 41 f6 7a 56 a8 72 38 ea 4a 7f c0 9c a8 2a 85 06 68 54 5e d7 67 64 00 2f a1 ed f0 a5 c3 ec 12 3a 40 c0 37 cf d5 06 2a 1a 9a a8 92 4b f8 16 71 db 5f 2d 2c 57 4d 31 d3 6b 80 3e 6d e8 07 80 7a 2a cf 73 65 34 90 21 53 06 94 51 92 7b 83 24 b5 70 e2 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f416ff58 | unwrapped: 0d ea 0d 35 e3 26 6c 4a bc 48 3f 18 f1 31 b2 39 | unwrapped: a0 73 fe 53 f2 cd 70 e0 df a2 fb 02 eb 53 44 74 | unwrapped: 8f 57 e8 15 58 66 92 cb 3c a1 cc 50 8e 2f 5c 3f | unwrapped: be 58 e9 d0 45 23 c4 0f a8 88 80 73 e3 28 6c f1 | unwrapped: 0e 82 bd 78 80 69 42 b0 e8 d4 63 b5 2b b5 fe fc | unwrapped: fa 59 08 7b d2 33 db c7 91 58 52 42 a7 5c 6c 1d | unwrapped: 46 77 e0 7a da 6e 2e 2c 31 4a 7f f5 53 0b 45 c2 | unwrapped: aa e7 b8 d4 e4 84 c2 49 a7 d3 d8 4e 16 54 b3 71 | unwrapped: c8 13 e6 25 fa ee 31 70 c1 8b 8d c4 9b 33 d1 fa | unwrapped: e9 b6 27 a6 64 7f df 09 34 52 ef 91 bd 60 d1 b5 | unwrapped: 13 2f bf 63 b3 77 b2 57 bb a0 54 6d 1c e8 7d 83 | unwrapped: 29 e2 ba f7 7d d1 87 4b bf b6 ca 93 e4 ff e2 55 | unwrapped: a6 dd 46 39 bd 9f 1d 90 60 1a 95 61 87 b9 13 f4 | unwrapped: 87 72 dc 4b 2c af 53 63 fa c3 ff 31 cd ae 5a e4 | unwrapped: 69 84 3f 2f 3c aa b8 e9 a7 ea 51 30 2c da 5c b8 | unwrapped: c3 68 0a 95 7e 26 ed 8f 83 71 54 38 72 3b 6d 5a | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | f1 fc af 80 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 34 bb e0 8a | hmac PRF sha update data-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | hmac PRF sha update data-bytes@0x7ffabc002918 (length 32) | 76 b1 94 0f 07 69 11 36 4f f9 3c 13 cc 99 6e 25 | b7 a7 4a 9c a3 30 82 cd e1 95 da 41 e5 e9 bf 2e | hmac PRF sha update data-bytes@0x5573f41633f8 (length 32) | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | hmac PRF sha update data-bytes@0x5573f41633f8 (length 32) | cd c9 1c 4e d3 eb d0 96 a3 55 53 8a 44 a9 6a a7 | b5 de 52 4c 7b 24 19 df ea 04 16 f0 87 62 64 fc | hmac PRF sha final-bytes@0x7ffab800414c (length 20) | f9 7f 78 2d 62 25 53 d2 c8 88 36 e4 1c 49 3b be | 08 77 d8 ce | hmac PRF sha final-bytes@0x5573f40c092c (length 20) | 51 fb 19 54 b1 ff ee fa 39 4f 33 c4 0c 6c c8 a2 | 2c a3 a9 4e | install_ipsec_sa() for #2: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.34bbe08a@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.f1fcaf80@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #2: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x34bbe08a SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0x34bbe08a SPI_OUT=0xf1fcaf80 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x34bbe08 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0x34bbe08a SPI_OUT=0xf1fcaf80 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x34bbe08a SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x34bbe08a SPI_OUT=0xf1fcaf80 ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x5573f4162958,sr=0x5573f4162958} to #2 (was #0) (newest_ipsec_sa=#0) | #1 spent 1.39 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 11 92 2e a5 8e c5 f6 6b fc cf d5 f5 | encrypting: e7 0f b4 b0 1e 42 5e 62 | IV: 6f 1d 8b ca a2 24 2c e0 f7 24 f6 4e 67 97 d3 a1 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6e 23 7e 4c 5c 4a 71 a9 b2 ed 77 4a 46 89 54 27 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #2 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #2: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffabc003f28 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffac0002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #2) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 20 01 b0 83 55 49 00 00 00 3c f9 7e a3 98 | 09 2d 83 ba 68 1d 2e 45 f5 6b 9e ae 6e 23 7e 4c | 5c 4a 71 a9 b2 ed 77 4a 46 89 54 27 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7ffabc004218 | inserting event EVENT_SA_REPLACE, timeout in 28048 seconds for #2 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | pstats #2 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x34bbe08a <0xf1fcaf80 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #2 suppresed complete_v1_state_transition() | #2 spent 2.16 milliseconds in resume sending helper answer | stop processing: state #2 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab0001f78 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00469 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0034 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00288 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.f1fcaf80@192.1.2.45 | get_sa_info esp.34bbe08a@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.089 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #2 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #2 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #2 ikev1.ipsec deleted completed | [RE]START processing: state #2 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #2: deleting state (STATE_QUICK_I2) aged 0.070s and sending notification | child state #2: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.34bbe08a@192.1.2.23 | get_sa_info esp.f1fcaf80@192.1.2.45 "aes128" #2: ESP traffic information: in=84B out=84B | #2 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2514013924 (0x95d8cee4) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload f1 fc af 80 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x5573f41635d0 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x5573f41635d0 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x5573f4163448 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 95 d8 ce e4 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 f1 fc af 80 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 56 22 f3 30 5d a5 9f ba d9 a6 84 42 10 1a e9 f2 | 74 31 ea 66 | send delete HASH(1): | 56 22 f3 30 5d a5 9f ba d9 a6 84 42 10 1a e9 f2 | 74 31 ea 66 | last Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | current Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 95 d8 ce e4 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 24 81 83 5a f1 0a 66 91 18 9d 6d 86 18 5e 7d 96 | 98 90 0b 8f | encrypting: 0c 00 00 18 56 22 f3 30 5d a5 9f ba d9 a6 84 42 | encrypting: 10 1a e9 f2 74 31 ea 66 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 f1 fc af 80 | IV: 24 81 83 5a f1 0a 66 91 18 9d 6d 86 18 5e 7d 96 | IV: 98 90 0b 8f | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 45 9c 29 70 b8 6f 97 da 98 6f 30 fe b9 7e 71 89 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 05 01 95 d8 ce e4 00 00 00 4c 97 f8 ed 48 | 38 c8 d8 9c 2e 1e 05 0d f5 8f cf 79 3c 79 0f eb | cd af 48 ef 7b 54 2d 00 54 cd f7 26 45 9c 29 70 | b8 6f 97 da 98 6f 30 fe b9 7e 71 89 | state #2 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7ffabc004218 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825161' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x34bbe08 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825161' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0x34bbe08a SPI_OUT=0xf1fcaf80 ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.34bbe08a@192.1.2.23 | netlink response for Del SA esp.34bbe08a@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.f1fcaf80@192.1.2.45 | netlink response for Del SA esp.f1fcaf80@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #2 in QUICK_I2 | child state #2: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffabc0050c8: destroyed | stop processing: state #2 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f41619f0 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #1 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #1 | start processing: state #1 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #1 ikev1.isakmp deleted completed | [RE]START processing: state #1 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #1: deleting state (STATE_MAIN_I4) aged 0.088s and sending notification | parent state #1: MAIN_I4(established IKE SA) => delete | #1 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2169511840 (0x81501fa0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 5e 98 22 ac 7d d1 dc f4 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI bb 7e 1d 9a 1e c0 40 db | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffac0002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffac0002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffabc004fc8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 81 50 1f a0 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 5e 98 22 ac | 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 10 ab 13 b9 9a 3e 8e 97 7c 12 4b 9b 17 c7 1e c8 | 83 d7 73 e4 | send delete HASH(1): | 10 ab 13 b9 9a 3e 8e 97 7c 12 4b 9b 17 c7 1e c8 | 83 d7 73 e4 | last Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | current Phase 1 IV: 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 85 46 b9 fe 1f 89 14 12 ca 22 94 f9 e6 7e bf 4b | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 81 50 1f a0 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 02 c8 1f 96 cf e3 c3 90 2e ef f1 70 62 85 fd d1 | 25 af 15 0b | encrypting: 0c 00 00 18 10 ab 13 b9 9a 3e 8e 97 7c 12 4b 9b | encrypting: 17 c7 1e c8 83 d7 73 e4 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a | encrypting: 1e c0 40 db | IV: 02 c8 1f 96 cf e3 c3 90 2e ef f1 70 62 85 fd d1 | IV: 25 af 15 0b | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 02 91 78 ce 6d e4 c0 43 d6 ad ed 9e b3 5f d7 e1 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #1) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 05 01 81 50 1f a0 00 00 00 5c 49 a3 99 83 | 94 b8 41 a1 c2 34 56 d5 67 a3 dc ab 6f 83 9f 0e | 26 64 8c 08 a4 26 b2 ee 39 e8 f9 81 9e c0 9f e4 | 9d a3 14 32 c1 64 14 06 05 16 73 3f 02 91 78 ce | 6d e4 c0 43 d6 ad ed 9e b3 5f d7 e1 | state #1 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab8003978 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #1 in MAIN_I4 | parent state #1: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffac0003a28: destroyed | stop processing: state #1 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4150a70 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.38 milliseconds in whack | spent 0.00139 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 05 01 a3 df ec 90 00 00 00 4c 21 67 3e 95 | 07 22 7a 05 92 35 fe 01 f1 7d 4b 74 83 a4 e6 73 | e6 59 2b 04 2b 4b b7 cf 20 86 97 a2 03 72 dc f8 | 60 ff 9c 08 64 08 db 08 31 76 58 60 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2749361296 (0xa3dfec90) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xa3dfec90 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 5e 98 22 ac 7d d1 dc f4 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | bb 7e 1d 9a 1e c0 40 db | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0494 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0038 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00107 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 5e 98 22 ac 7d d1 dc f4 bb 7e 1d 9a 1e c0 40 db | 08 10 05 01 c3 15 51 1f 00 00 00 5c 0c 3a 50 b5 | 4c 4f b1 15 2f 15 d7 40 60 be 84 15 72 b9 8f b0 | cc c6 14 5c a2 06 db 25 5a ff cb 5e 0d 0c 33 1f | f0 a2 bd da 58 b1 2d a8 56 b9 75 df 59 c0 48 2d | 05 10 25 82 8d d1 e1 a6 38 e6 a5 be | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 5e 98 22 ac 7d d1 dc f4 | responder cookie: | bb 7e 1d 9a 1e c0 40 db | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3272954143 (0xc315511f) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xc315511f | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 5e 98 22 ac 7d d1 dc f4 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | bb 7e 1d 9a 1e c0 40 db | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0461 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.824 milliseconds in whack | kernel_process_msg_cb process netlink message | netlink_get: XFRM_MSG_UPDPOLICY message | spent 0.33 milliseconds in kernel message | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00351 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0628 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0394 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0451 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.136 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #3 at 0x5573f4163978 | State DB: adding IKEv1 state #3 in UNDEFINED | pstats #3 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #3 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #3: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #3 "aes128" "aes128" #3: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 20 12 4e 39 c0 5d b0 06 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4161ba8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #3: IMPAIR: stripping key-length "aes128" #3: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #3) | 20 12 4e 39 c0 5d b0 06 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3 | libevent_malloc: new ptr-libevent@0x7ffab0001f78 size 128 | #3 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10448.163947 | #3 spent 0.698 milliseconds in main_outI1() | stop processing: state #3 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.753 milliseconds in whack | spent 0.00208 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 20 12 4e 39 c0 5d b0 06 5c b5 89 2d 83 15 7e 76 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 20 12 4e 39 c0 5d b0 06 | responder cookie: | 5c b5 89 2d 83 15 7e 76 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #3 in MAIN_I1 (find_state_ikev1_init) | start processing: state #3 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #3 is idle | #3 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #3: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #3: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #3 spent 0.00687 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #3 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0873 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x5573f41634d8 | handling event EVENT_RETRANSMIT for parent state #3 | start processing: state #3 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #3 keying attempt 1 of 0; retransmit 1 "aes128" #3: IMPAIR: retransmit so deleting SA | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #3 ikev1.isakmp failed too-many-retransmits | pstats #3 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #3 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #3: deleting state (STATE_MAIN_I1) aged 0.500s and NOT sending notification | parent state #3: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x5573f4165f68} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #3 "aes128" #3: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #3 in MAIN_I1 | parent state #3: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #3 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7ffab0001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | in statetime_stop() and could not find #3 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #4 at 0x5573f4163978 | State DB: adding IKEv1 state #4 in UNDEFINED | pstats #4 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #4 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #4: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #4 "aes128" "aes128" #4: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | c7 3e db bc e6 32 45 c7 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4161ba8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #4: IMPAIR: stripping key-length "aes128" #4: IMPAIR: duplicating key-length | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 40 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 208 | sending 208 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #4) | c7 3e db bc e6 32 45 c7 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 d0 0d 00 00 3c | 00 00 00 01 00 00 00 01 00 00 00 30 00 01 00 01 | 00 00 00 28 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 80 0e 00 80 0d 00 00 14 40 48 b7 d5 | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2 | 0e 95 45 2f 0d 00 00 14 7d 94 19 a6 53 10 ca 6f | 2c 17 9d 92 15 52 9d 56 0d 00 00 14 90 cb 80 91 | 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14 | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #4 | libevent_malloc: new ptr-libevent@0x7ffab0001f78 size 128 | #4 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10448.664778 | #4 spent 0.435 milliseconds in main_outI1() | stop processing: state #4 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.454 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00249 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 3e db bc e6 32 45 c7 2c 54 e0 66 79 37 8d d0 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 3e db bc e6 32 45 c7 | responder cookie: | 2c 54 e0 66 79 37 8d d0 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #4 in MAIN_I1 (find_state_ikev1_init) | start processing: state #4 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #4 is idle | #4 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | message 'informational' HASH payload not checked early "aes128" #4: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #4: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #4 spent 0.00674 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #4 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.107 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0419 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x5573f4165f68} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #4 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #4 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #4 ikev1.isakmp deleted other | [RE]START processing: state #4 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #4: deleting state (STATE_MAIN_I1) aged 0.017s and NOT sending notification | parent state #4: MAIN_I1(half-open IKE SA) => delete | state #4 requesting EVENT_RETRANSMIT to be deleted | #4 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffab0001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #4 in MAIN_I1 | parent state #4: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #4 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.258 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0605 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0397 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:DUPLICATE | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0424 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.135 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #5 at 0x5573f4163978 | State DB: adding IKEv1 state #5 in UNDEFINED | pstats #5 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #5 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #5: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #5 "aes128" "aes128" #5: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f41637c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | cc 49 01 61 cb 1d 8d a1 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x7ffab0001f78 size 128 | #5 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10448.996108 | #5 spent 0.327 milliseconds in main_outI1() | stop processing: state #5 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.383 milliseconds in whack | spent 0.00194 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #5 in MAIN_I1 (find_state_ikev1_init) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 5 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffab0001f78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x7ffab0001f78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #5 and saving MD | #5 is busy; has a suspended MD | #5 spent 0.107 milliseconds in process_packet_tail() | crypto helper 2 resuming | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 2 starting work-order 5 for state #5 | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | crypto helper 2 doing build KE and nonce (outI2 KE); request ID 5 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.219 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffab4003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffab4003a28 | NSS: Public DH wire value: | a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | Generated nonce: ef 41 90 04 8d 38 05 7c 59 c4 61 26 c0 86 ae 6d | Generated nonce: c6 fe 39 bf c9 c6 2b c9 ea 9d 54 8a 83 7d b6 20 | crypto helper 2 finished build KE and nonce (outI2 KE); request ID 5 time elapsed 0.001119 seconds | (#5) spent 1.12 milliseconds in crypto helper computing work-order 5: outI2 KE (pcr) | crypto helper 2 sending results from work-order 5 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7ffab4002888 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 5 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #5: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffab4003a28: transferring ownership from helper KE to state #5 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | keyex value 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | keyex value ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | keyex value 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | keyex value 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | keyex value 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | keyex value d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | keyex value 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | keyex value 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | keyex value 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | keyex value 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | keyex value 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | keyex value 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | keyex value 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | keyex value 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | keyex value 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni ef 41 90 04 8d 38 05 7c 59 c4 61 26 c0 86 ae 6d | Ni c6 fe 39 bf c9 c6 2b c9 ea 9d 54 8a 83 7d b6 20 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | cc 49 01 61 cb 1d 8d a1 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | 73 b9 0f 9e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= cc 49 01 61 cb 1d 8d a1 | natd_hash: rcookie= 58 44 20 c9 d0 a7 c7 e2 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | natd_hash: hash= 73 b9 0f 9e | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | NAT-D 73 b9 0f 9e | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | cc 49 01 61 cb 1d 8d a1 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | 51 16 79 b7 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= cc 49 01 61 cb 1d 8d a1 | natd_hash: rcookie= 58 44 20 c9 d0 a7 c7 e2 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | natd_hash: hash= 51 16 79 b7 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | NAT-D 51 16 79 b7 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #5 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #5: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffab0001f78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | 14 00 00 24 ef 41 90 04 8d 38 05 7c 59 c4 61 26 | c0 86 ae 6d c6 fe 39 bf c9 c6 2b c9 ea 9d 54 8a | 83 7d b6 20 14 00 00 18 45 aa 96 9a f1 cb e0 9e | c3 12 fa c6 b4 42 a1 e6 73 b9 0f 9e 00 00 00 18 | d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | 51 16 79 b7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x5573f416e578 size 128 | #5 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10448.998493 "aes128" #5: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.366 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab4002888 | spent 0.00171 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | 14 00 00 24 0e 87 f9 5c ef 58 51 7f da e9 73 97 | bb d3 15 68 d8 6c e2 4b c7 26 49 91 1d e3 44 b3 | 28 db fc 1d 14 00 00 18 d0 d7 d1 a4 2a 26 55 e0 | 8c 23 9d 6d fd d3 40 3b 51 16 79 b7 00 00 00 18 | 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | 73 b9 0f 9e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I2 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffab4003a28: transferring ownership from state #5 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 6 for state #5 | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f416e578 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5 | libevent_malloc: new ptr-libevent@0x7ffab4002888 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #5 and saving MD | #5 is busy; has a suspended MD | crypto helper 5 resuming | #5 spent 0.059 milliseconds in process_packet_tail() | crypto helper 5 starting work-order 6 for state #5 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 5 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 | peer's g: 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | peer's g: 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | peer's g: bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | peer's g: e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | peer's g: b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | peer's g: bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | peer's g: 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | peer's g: ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | peer's g: b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | peer's g: bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | peer's g: ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | peer's g: 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | peer's g: 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | peer's g: 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | spent 0.189 milliseconds in comm_handle_cb() reading and processing packet | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffab4003a28: computed shared DH secret key@0x5573f40c6080 | dh-shared : g^ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac7fde700 | result: psk-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde6e8 | result: psk-key@0x5573f4150e50 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f40bfec0 | SKEYID psk prf: created sha context 0x7ffaa8002d60 from psk-key@0x5573f4150e50 | SKEYID psk prf: begin sha with context 0x7ffaa8002d60 from psk-key@0x5573f4150e50 | SKEYID psk: release clone-key@0x5573f4150e50 | SKEYID psk PRF sha crypt-prf@0x7ffaa8001108 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | ef 41 90 04 8d 38 05 7c 59 c4 61 26 c0 86 ae 6d | c6 fe 39 bf c9 c6 2b c9 ea 9d 54 8a 83 7d b6 20 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 0e 87 f9 5c ef 58 51 7f da e9 73 97 bb d3 15 68 | d8 6c e2 4b c7 26 49 91 1d e3 44 b3 28 db fc 1d | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac7fde720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde708 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID psk PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID psk: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_d: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde718 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffaa8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_d prf: begin sha with context 0x7ffaa8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_d: release clone-key@0x5573f40bfec0 | SKEYID_d PRF sha crypt-prf@0x7ffaa80010b8 | SKEYID_d PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_d: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b9 09 2f 67 fa 16 c2 47 f0 13 ba b8 ab 2a 20 cf 69 06 ec 97 9b 6b 7b b6 ed 3e 3c be 2f 44 8a 22 79 4b 84 67 36 c9 29 c2 49 6f 66 98 67 b8 1b 5a bd ba 8b 5b 6b bd 7a 8f 59 15 49 fa 32 ad 13 ef a1 98 0c 5f 3f 4f 64 0c 33 bd f9 0c 20 9e 1d 4e 4c 5f 13 ff b0 08 4f 1c 47 59 db 80 c9 ff c8 eb 3c b6 0b 91 cd 7f d0 a7 5e 0d 6f 53 93 83 7e 22 5b 14 34 69 61 cd 8f c5 60 25 d4 e5 b9 8a e2 80 33 5c d9 50 01 a5 ff 69 3d c4 bc d2 09 6f 79 8f 30 9f 2a 32 27 ea c1 b8 9a a2 cb 3f 28 8b ac d4 0b 0a c0 86 05 49 42 f3 96 cf 17 15 85 13 e2 58 9e f3 b2 f0 8a 43 69 e8 3b dc eb 31 6e 7e df 1c 8a 8e 10 71 e3 6d 03 91 83 af a9 5c 2d 5f bf 40 84 40 cd 75 97 fd 1c 9a 94 ad 08 99 be 64 5c 43 4f 42 2d bf 94 42 4f b9 4f 34 c4 f1 e0 53 b5 02 9b bf 7a df a5 59 70 9a fd 3b 35 2f 46 34 c3 23 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffaa8004f28 | unwrapped: 2b ef 1b 70 39 3e 3b 7b e9 68 71 76 22 26 99 85 | unwrapped: 7e 23 9f 3b 9d 70 f1 8d 76 6b ec 31 0b 92 71 b9 | unwrapped: 25 be af a3 22 72 2c 37 b0 65 39 02 30 db c7 71 | unwrapped: f4 1a ed 03 dc 4d de f1 a9 2d d6 d8 07 f5 76 94 | unwrapped: f8 71 15 de c6 c4 ad e2 cf fe ea ff b8 7e e3 50 | unwrapped: a6 4e b8 ff c5 76 14 b4 86 b0 32 c3 c2 25 1e 69 | unwrapped: 25 2d 7a 9c 6b 96 a8 d2 70 7a a5 82 64 71 83 10 | unwrapped: 33 cc 6c 66 2f 4f 2d 8a 7e 48 b7 f6 02 d4 c7 53 | unwrapped: 5f 93 25 bf 7d 70 42 3b 5e 49 79 54 4c 1a 2b 7b | unwrapped: f9 fc 52 a6 c7 bd ae 00 38 90 43 93 09 c5 ed 91 | unwrapped: e0 33 81 bf 6e da 0f 7c fa 5e 84 ba b9 80 bb de | unwrapped: 7e 9c c0 be d1 0a a0 be fd ad 2d bf 8e 99 1e 85 | unwrapped: ff d9 da 6d 0a 24 2a b8 70 6e 8a f3 3e e0 0b aa | unwrapped: 9b ff 67 de 0a 38 5b 80 b5 30 8f de 11 9d 14 02 | unwrapped: 14 cb 55 3b 6b f8 4d 19 98 ec 6e 03 66 92 52 3f | unwrapped: 01 64 2e ff 9c 85 6f e1 5b 22 86 b6 ae 5a 9f f2 | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | cc 49 01 61 cb 1d 8d a1 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac7fde720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde708 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID_d PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_d: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_a: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde6f8 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffaa8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_a prf: begin sha with context 0x7ffaa8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_a: release clone-key@0x5573f414d560 | SKEYID_a PRF sha crypt-prf@0x7ffaa8001108 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f40bfec0 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: ed 35 f7 33 b9 d6 77 4f 18 d3 88 ac 56 b1 31 9c fc fd d1 bc 1f fb fb 16 1e 49 a3 50 e7 4a a1 75 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffaa80030c8 | unwrapped: a5 ca 5b 77 90 8f 29 70 98 8c e6 37 90 d5 cb ee | unwrapped: 58 e6 76 92 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_a: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b9 09 2f 67 fa 16 c2 47 f0 13 ba b8 ab 2a 20 cf 69 06 ec 97 9b 6b 7b b6 ed 3e 3c be 2f 44 8a 22 79 4b 84 67 36 c9 29 c2 49 6f 66 98 67 b8 1b 5a bd ba 8b 5b 6b bd 7a 8f 59 15 49 fa 32 ad 13 ef a1 98 0c 5f 3f 4f 64 0c 33 bd f9 0c 20 9e 1d 4e 4c 5f 13 ff b0 08 4f 1c 47 59 db 80 c9 ff c8 eb 3c b6 0b 91 cd 7f d0 a7 5e 0d 6f 53 93 83 7e 22 5b 14 34 69 61 cd 8f c5 60 25 d4 e5 b9 8a e2 80 33 5c d9 50 01 a5 ff 69 3d c4 bc d2 09 6f 79 8f 30 9f 2a 32 27 ea c1 b8 9a a2 cb 3f 28 8b ac d4 0b 0a c0 86 05 49 42 f3 96 cf 17 15 85 13 e2 58 9e f3 b2 f0 8a 43 69 e8 3b dc eb 31 6e 7e df 1c 8a 8e 10 71 e3 6d 03 91 83 af a9 5c 2d 5f bf 40 84 40 cd 75 97 fd 1c 9a 94 ad 08 99 be 64 5c 43 4f 42 2d bf 94 42 4f b9 4f 34 c4 f1 e0 53 b5 02 9b bf 7a df a5 59 70 9a fd 3b 35 2f 46 34 c3 23 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffaa8003db8 | unwrapped: 2b ef 1b 70 39 3e 3b 7b e9 68 71 76 22 26 99 85 | unwrapped: 7e 23 9f 3b 9d 70 f1 8d 76 6b ec 31 0b 92 71 b9 | unwrapped: 25 be af a3 22 72 2c 37 b0 65 39 02 30 db c7 71 | unwrapped: f4 1a ed 03 dc 4d de f1 a9 2d d6 d8 07 f5 76 94 | unwrapped: f8 71 15 de c6 c4 ad e2 cf fe ea ff b8 7e e3 50 | unwrapped: a6 4e b8 ff c5 76 14 b4 86 b0 32 c3 c2 25 1e 69 | unwrapped: 25 2d 7a 9c 6b 96 a8 d2 70 7a a5 82 64 71 83 10 | unwrapped: 33 cc 6c 66 2f 4f 2d 8a 7e 48 b7 f6 02 d4 c7 53 | unwrapped: 5f 93 25 bf 7d 70 42 3b 5e 49 79 54 4c 1a 2b 7b | unwrapped: f9 fc 52 a6 c7 bd ae 00 38 90 43 93 09 c5 ed 91 | unwrapped: e0 33 81 bf 6e da 0f 7c fa 5e 84 ba b9 80 bb de | unwrapped: 7e 9c c0 be d1 0a a0 be fd ad 2d bf 8e 99 1e 85 | unwrapped: ff d9 da 6d 0a 24 2a b8 70 6e 8a f3 3e e0 0b aa | unwrapped: 9b ff 67 de 0a 38 5b 80 b5 30 8f de 11 9d 14 02 | unwrapped: 14 cb 55 3b 6b f8 4d 19 98 ec 6e 03 66 92 52 3f | unwrapped: 01 64 2e ff 9c 85 6f e1 5b 22 86 b6 ae 5a 9f f2 | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | cc 49 01 61 cb 1d 8d a1 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac7fde700 | result: final-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde6e8 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414f010 | SKEYID_a PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_a: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_e: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde708 | result: clone-key@0x5573f414f010 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffaa8002d60 from SKEYID-key@0x5573f414f010 | SKEYID_e prf: begin sha with context 0x7ffaa8002d60 from SKEYID-key@0x5573f414f010 | SKEYID_e: release clone-key@0x5573f414f010 | SKEYID_e PRF sha crypt-prf@0x7ffaa80010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f414d560 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 99 41 9d 2a a4 cb 0f 67 3d 95 7d a8 9b cb 71 f7 e2 3e de ae 57 39 a2 cd 9c d9 30 7f ed 21 17 96 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffaa8001158 | unwrapped: fd 1a 54 98 d7 a9 63 79 21 31 81 83 02 69 0c 04 | unwrapped: 3c 6d a9 34 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_e: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b9 09 2f 67 fa 16 c2 47 f0 13 ba b8 ab 2a 20 cf 69 06 ec 97 9b 6b 7b b6 ed 3e 3c be 2f 44 8a 22 79 4b 84 67 36 c9 29 c2 49 6f 66 98 67 b8 1b 5a bd ba 8b 5b 6b bd 7a 8f 59 15 49 fa 32 ad 13 ef a1 98 0c 5f 3f 4f 64 0c 33 bd f9 0c 20 9e 1d 4e 4c 5f 13 ff b0 08 4f 1c 47 59 db 80 c9 ff c8 eb 3c b6 0b 91 cd 7f d0 a7 5e 0d 6f 53 93 83 7e 22 5b 14 34 69 61 cd 8f c5 60 25 d4 e5 b9 8a e2 80 33 5c d9 50 01 a5 ff 69 3d c4 bc d2 09 6f 79 8f 30 9f 2a 32 27 ea c1 b8 9a a2 cb 3f 28 8b ac d4 0b 0a c0 86 05 49 42 f3 96 cf 17 15 85 13 e2 58 9e f3 b2 f0 8a 43 69 e8 3b dc eb 31 6e 7e df 1c 8a 8e 10 71 e3 6d 03 91 83 af a9 5c 2d 5f bf 40 84 40 cd 75 97 fd 1c 9a 94 ad 08 99 be 64 5c 43 4f 42 2d bf 94 42 4f b9 4f 34 c4 f1 e0 53 b5 02 9b bf 7a df a5 59 70 9a fd 3b 35 2f 46 34 c3 23 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffaa8004f28 | unwrapped: 2b ef 1b 70 39 3e 3b 7b e9 68 71 76 22 26 99 85 | unwrapped: 7e 23 9f 3b 9d 70 f1 8d 76 6b ec 31 0b 92 71 b9 | unwrapped: 25 be af a3 22 72 2c 37 b0 65 39 02 30 db c7 71 | unwrapped: f4 1a ed 03 dc 4d de f1 a9 2d d6 d8 07 f5 76 94 | unwrapped: f8 71 15 de c6 c4 ad e2 cf fe ea ff b8 7e e3 50 | unwrapped: a6 4e b8 ff c5 76 14 b4 86 b0 32 c3 c2 25 1e 69 | unwrapped: 25 2d 7a 9c 6b 96 a8 d2 70 7a a5 82 64 71 83 10 | unwrapped: 33 cc 6c 66 2f 4f 2d 8a 7e 48 b7 f6 02 d4 c7 53 | unwrapped: 5f 93 25 bf 7d 70 42 3b 5e 49 79 54 4c 1a 2b 7b | unwrapped: f9 fc 52 a6 c7 bd ae 00 38 90 43 93 09 c5 ed 91 | unwrapped: e0 33 81 bf 6e da 0f 7c fa 5e 84 ba b9 80 bb de | unwrapped: 7e 9c c0 be d1 0a a0 be fd ad 2d bf 8e 99 1e 85 | unwrapped: ff d9 da 6d 0a 24 2a b8 70 6e 8a f3 3e e0 0b aa | unwrapped: 9b ff 67 de 0a 38 5b 80 b5 30 8f de 11 9d 14 02 | unwrapped: 14 cb 55 3b 6b f8 4d 19 98 ec 6e 03 66 92 52 3f | unwrapped: 01 64 2e ff 9c 85 6f e1 5b 22 86 b6 ae 5a 9f f2 | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | cc 49 01 61 cb 1d 8d a1 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac7fde710 | result: final-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde6f8 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150a70 | SKEYID_e PRF sha final-key@0x5573f414f010 (size 20) | SKEYID_e: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac7fde768 | result: keymat-key@0x5573f4150a70 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f40bfec0, skeyid_a 0x5573f414d560, skeyid_e 0x5573f414f010, enc_key 0x5573f4150a70 | DH_i: a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | DH_i: 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | DH_i: ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | DH_i: 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | DH_i: 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | DH_i: 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | DH_i: d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | DH_i: 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | DH_i: 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | DH_i: 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | DH_i: 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | DH_i: 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | DH_i: 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | DH_i: 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | DH_i: 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | DH_i: 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | DH_r: 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | DH_r: 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | DH_r: bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | DH_r: f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | DH_r: e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | DH_r: b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | DH_r: bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | DH_r: 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | DH_r: ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | DH_r: b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | DH_r: bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | DH_r: b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | DH_r: ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | DH_r: 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | DH_r: 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | DH_r: 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | new IV hash sha final chunk@0x7ffaa8001158 (length 20) | 75 5a 17 8e 06 86 55 75 af 53 d6 f1 2f 08 fc f5 | d0 9b 8c 04 | crypto helper 5 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 time elapsed 0.001938 seconds | (#5) spent 1.92 milliseconds in crypto helper computing work-order 6: aggr outR1 DH (pcr) | crypto helper 5 sending results from work-order 6 for state #5 to event queue | scheduling resume sending helper answer for #5 | libevent_malloc: new ptr-libevent@0x7ffaa8003978 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #5 | start processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 6 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #5: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffab4003a28: transferring ownership from helper IKEv1 DH+IV to state #5 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | cc 49 01 61 cb 1d 8d a1 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | 51 16 79 b7 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= cc 49 01 61 cb 1d 8d a1 | natd_hash: rcookie= 58 44 20 c9 d0 a7 c7 e2 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | natd_hash: hash= 51 16 79 b7 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | cc 49 01 61 cb 1d 8d a1 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | 73 b9 0f 9e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= cc 49 01 61 cb 1d 8d a1 | natd_hash: rcookie= 58 44 20 c9 d0 a7 c7 e2 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | natd_hash: hash= 73 b9 0f 9e | expected NAT-D(me): d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | expected NAT-D(me): 51 16 79 b7 | expected NAT-D(him): | 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | 73 b9 0f 9e | received NAT-D: d0 d7 d1 a4 2a 26 55 e0 8c 23 9d 6d fd d3 40 3b | received NAT-D: 51 16 79 b7 | received NAT-D: 45 aa 96 9a f1 cb e0 9e c3 12 fa c6 b4 42 a1 e6 | received NAT-D: 73 b9 0f 9e | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f4163488 | hmac PRF sha update data-bytes@0x7ffab4000b48 (length 256) | a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | hmac PRF sha update data-bytes@0x5573f4165a28 (length 256) | 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | cc 49 01 61 cb 1d 8d a1 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41634dc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | cd 1c 5d 0a e4 29 22 ba f7 73 ff 8f db 70 8a bb | 65 6b a5 3b | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I cd 1c 5d 0a e4 29 22 ba f7 73 ff 8f db 70 8a bb | HASH_I 65 6b a5 3b | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: cd 1c 5d 0a e4 29 22 ba f7 73 ff 8f db 70 8a bb | encrypting: 65 6b a5 3b | IV: 75 5a 17 8e 06 86 55 75 af 53 d6 f1 2f 08 fc f5 | IV: d0 9b 8c 04 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 05 d3 c8 e4 10 a8 df 05 9f 8f 01 eb be f8 b9 51 | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #5: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffab4002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 05 10 02 01 00 00 00 00 00 00 00 4c 90 23 ee 27 | 95 92 db e6 ae 11 a5 bb cc 5a 71 37 19 ee e9 5b | 68 b3 a2 43 44 7a ef 93 ea 58 ca 3c 05 d3 c8 e4 | 10 a8 df 05 9f 8f 01 eb be f8 b9 51 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5 | libevent_malloc: new ptr-libevent@0x5573f416e578 size 128 | #5 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10449.002529 "aes128" #5: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #5 suppresed complete_v1_state_transition() | #5 spent 0.327 milliseconds in resume sending helper answer | stop processing: state #5 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaa8003978 | spent 0.00225 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 05 10 02 01 00 00 00 00 00 00 00 4c ae 02 ef 40 | ff 7c dc 99 2d a1 b7 46 02 b8 30 1d 28 d7 08 0e | 9f 97 0e 51 a4 28 a7 f1 93 5c f5 0b 00 05 6e 98 | 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #5 in MAIN_I3 (find_state_ikev1) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 05 d3 c8 e4 10 a8 df 05 9f 8f 01 eb be f8 b9 51 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | decrypted payload (starts at offset -48): | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 f5 fe 37 15 | d9 34 5f 93 e1 9c 7d 54 bb e5 63 78 2e 84 ef 02 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #5: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffaa8001158 | hmac PRF sha update data-bytes@0x5573f4165a28 (length 256) | 61 84 5f 93 06 b6 dc 3f 86 11 fe 8e 1e 55 0c 4d | 2a 1d ba cd e4 d7 57 9f 89 30 50 80 1d 94 e3 49 | bb 6f a8 83 56 ae 9e 95 91 a4 32 5a e6 5e 0b 0e | f3 4d 36 64 88 5c d6 08 e1 c6 e4 9e 10 78 77 a8 | e3 f8 a6 a9 84 01 02 84 2f 43 45 9a 80 4b 71 68 | b4 ca 16 7b 4d 06 7c 3d dd 30 c8 ec 1e 1c f9 be | bb 43 6e 03 79 4a 13 53 fd da 82 8f 37 20 f5 34 | 1c 5e 08 3b d3 48 5c 0b 3f f4 a6 e5 c2 c7 43 50 | ae 80 eb d5 e5 cb 5a 61 6b a8 e4 c6 9e 58 f0 5c | b3 31 51 76 90 28 34 01 14 a9 ac 28 00 b6 ce b9 | bf 57 be 13 0b aa e9 0e f6 52 cc 15 bf 2a 7f 9e | b0 6e 53 3c 17 aa a7 75 b6 d8 61 37 95 05 79 e4 | ae c4 21 bc 1b 5e e6 40 dc 16 74 95 00 a7 51 15 | 4f af 43 42 07 e3 d6 59 f6 cb 10 ba 31 2a 57 d9 | 80 ab 92 47 d0 ea 38 14 02 e3 02 e9 e7 ae 85 5e | 52 8b 16 3c 6a f3 c8 8f 32 2c 0c 00 c1 36 39 3c | hmac PRF sha update data-bytes@0x7ffab4000b48 (length 256) | a3 0e d0 08 3b 0b 36 41 d7 76 79 74 3b bc d0 8e | 1e 4f 1e 04 96 1e 9d dd 17 bc 6a bb cf f0 a9 31 | ac 50 6d 75 8e 2e c7 f4 8a 70 f3 db c5 aa 0a 64 | 95 cd 3d d6 5e a6 89 e5 1d 7e 39 66 1c f8 31 3b | 74 27 39 33 51 de 28 2c ef a2 86 37 da b1 8d d7 | 36 6a 79 4c d6 84 02 62 fc ab ff 54 a3 ad a8 90 | d7 cc 9d 5a e6 22 09 83 e4 3c 65 88 1f 15 2a 4b | 0e 08 0c 03 46 31 aa ea 0e e6 c0 74 d3 ed ee 00 | 6b 51 ee d7 6d 40 0e f8 22 3b d1 81 98 aa 81 6d | 48 29 90 3d 15 b9 09 78 7e 7e 2a 0f 4a de 99 dc | 03 67 82 7b 44 08 b6 3a fa 91 19 e4 f8 2b 94 ce | 92 c3 2b 46 88 1b 5f 05 0f 14 bb 1a 04 24 2d 79 | 8b b4 41 8e ed 21 44 92 29 4f ed b7 a4 a6 1f dd | 18 3c 23 c6 39 e5 14 c0 be 2a c5 c2 80 6f 11 cb | 66 97 53 bd da f2 45 a3 c2 28 dc 7b a7 dd ed 95 | 60 ac 78 a8 e3 55 4c 97 fd da c2 4b a6 5d 7c d6 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 58 44 20 c9 d0 a7 c7 e2 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | cc 49 01 61 cb 1d 8d a1 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41634dc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f40bb8b8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | f5 fe 37 15 d9 34 5f 93 e1 9c 7d 54 bb e5 63 78 | 2e 84 ef 02 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #5 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #5: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #5 requesting EVENT_RETRANSMIT to be deleted | #5 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f416e578 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41632f8 | inserting event EVENT_SA_REPLACE, timeout in 2638 seconds for #5 | libevent_malloc: new ptr-libevent@0x7ffaa8003978 size 128 | pstats #5 ikev1.isakmp established "aes128" #5: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #5 | creating state object #6 at 0x5573f4166828 | State DB: adding IKEv1 state #6 in UNDEFINED | pstats #6 ikev1.ipsec started | duplicating state object #5 "aes128" as #6 for IPSEC SA | #6 setting local endpoint to 192.1.2.45:500 from #5.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_d_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ai_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f4150a70 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #5 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #6 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #6: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#5 msgid:270d317b proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 7 for state #6 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6 | libevent_malloc: new ptr-libevent@0x5573f4166038 size 128 | stop processing: state #6 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #5 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f4165f68} | crypto helper 6 resuming | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 6 starting work-order 7 for state #6 | #5 spent 0.291 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 6 doing build KE and nonce (quick_outI1 KE); request ID 7 | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.406 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffaac003a28: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffaac003a28 | NSS: Public DH wire value: | a9 4f bb b1 12 6a da 6d bb 4d 7c ab 3a 75 bf 04 | 7a 0a d2 4b 8d 4b 95 87 64 4a b9 d7 1a da 94 5d | 1d 2d f0 c5 8e a3 4b 5b d9 5d 29 01 63 c4 fd 09 | 43 ba c1 c6 3a 70 2a b9 d5 7d b7 06 ed cb 31 82 | 8f cf ff d9 87 19 29 61 39 13 83 39 a9 06 bc 11 | 1a 2b 16 63 e8 ae 1c de 99 a1 c5 ea 24 11 d6 04 | 8b e8 b1 d3 51 58 27 50 93 36 0e 4d c5 17 73 f6 | 0e 08 13 fe 3c cd 17 d1 92 18 4a e7 1c 85 15 b3 | 36 42 48 f9 1e 46 d3 b8 d4 8d a4 9c 30 9c 16 4a | 76 fc 11 eb a6 51 17 22 98 8f cc aa 27 97 df 83 | ce 2a a8 57 ff 82 d2 5b f3 dd 2a 6a a7 4f 44 b9 | 8e 41 14 6e d6 ea c5 9a 10 01 1d a6 03 0f 24 5f | 80 e3 80 c9 5e 07 de ff 36 82 cb 56 c1 32 06 85 | c6 f4 aa 4a 56 88 dc 1d 68 2b 26 03 6b 5b 33 22 | 1d 0c b5 f3 26 33 70 05 9e 29 f3 8c bd 6b 3b 83 | 6c 90 9f 7d 0d 4c 67 dd 98 54 30 45 c0 1a 18 e2 | Generated nonce: 3a 17 57 39 f1 f2 df 80 64 f2 da 61 9d b1 1a 03 | Generated nonce: c0 03 de 91 48 a2 20 09 12 93 38 7e 9c 80 06 3d | crypto helper 6 finished build KE and nonce (quick_outI1 KE); request ID 7 time elapsed 0.000614 seconds | (#6) spent 0.61 milliseconds in crypto helper computing work-order 7: quick_outI1 KE (pcr) | crypto helper 6 sending results from work-order 7 for state #6 to event queue | scheduling resume sending helper answer for #6 | libevent_malloc: new ptr-libevent@0x7ffaac002888 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #6 | start processing: state #6 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 7 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #6: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 655176059 (0x270d317b) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xd6f68e47 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI d6 f6 8e 47 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #6: IMPAIR: stripping key-length "aes128" #6: IMPAIR: duplicating key-length | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 36 | emitting length of ISAKMP Proposal Payload: 48 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 60 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 3a 17 57 39 f1 f2 df 80 64 f2 da 61 9d b1 1a 03 | Ni c0 03 de 91 48 a2 20 09 12 93 38 7e 9c 80 06 3d | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffaac003a28: transferring ownership from helper KE to state #6 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value a9 4f bb b1 12 6a da 6d bb 4d 7c ab 3a 75 bf 04 | keyex value 7a 0a d2 4b 8d 4b 95 87 64 4a b9 d7 1a da 94 5d | keyex value 1d 2d f0 c5 8e a3 4b 5b d9 5d 29 01 63 c4 fd 09 | keyex value 43 ba c1 c6 3a 70 2a b9 d5 7d b7 06 ed cb 31 82 | keyex value 8f cf ff d9 87 19 29 61 39 13 83 39 a9 06 bc 11 | keyex value 1a 2b 16 63 e8 ae 1c de 99 a1 c5 ea 24 11 d6 04 | keyex value 8b e8 b1 d3 51 58 27 50 93 36 0e 4d c5 17 73 f6 | keyex value 0e 08 13 fe 3c cd 17 d1 92 18 4a e7 1c 85 15 b3 | keyex value 36 42 48 f9 1e 46 d3 b8 d4 8d a4 9c 30 9c 16 4a | keyex value 76 fc 11 eb a6 51 17 22 98 8f cc aa 27 97 df 83 | keyex value ce 2a a8 57 ff 82 d2 5b f3 dd 2a 6a a7 4f 44 b9 | keyex value 8e 41 14 6e d6 ea c5 9a 10 01 1d a6 03 0f 24 5f | keyex value 80 e3 80 c9 5e 07 de ff 36 82 cb 56 c1 32 06 85 | keyex value c6 f4 aa 4a 56 88 dc 1d 68 2b 26 03 6b 5b 33 22 | keyex value 1d 0c b5 f3 26 33 70 05 9e 29 f3 8c bd 6b 3b 83 | keyex value 6c 90 9f 7d 0d 4c 67 dd 98 54 30 45 c0 1a 18 e2 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffac0002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffac0002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4163548 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | 27 0d 31 7b | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 388) | 0a 00 00 3c 00 00 00 01 00 00 00 01 00 00 00 30 | 00 03 04 01 d6 f6 8e 47 00 00 00 24 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 80 06 00 80 04 00 00 24 | 3a 17 57 39 f1 f2 df 80 64 f2 da 61 9d b1 1a 03 | c0 03 de 91 48 a2 20 09 12 93 38 7e 9c 80 06 3d | 05 00 01 04 a9 4f bb b1 12 6a da 6d bb 4d 7c ab | 3a 75 bf 04 7a 0a d2 4b 8d 4b 95 87 64 4a b9 d7 | 1a da 94 5d 1d 2d f0 c5 8e a3 4b 5b d9 5d 29 01 | 63 c4 fd 09 43 ba c1 c6 3a 70 2a b9 d5 7d b7 06 | ed cb 31 82 8f cf ff d9 87 19 29 61 39 13 83 39 | a9 06 bc 11 1a 2b 16 63 e8 ae 1c de 99 a1 c5 ea | 24 11 d6 04 8b e8 b1 d3 51 58 27 50 93 36 0e 4d | c5 17 73 f6 0e 08 13 fe 3c cd 17 d1 92 18 4a e7 | 1c 85 15 b3 36 42 48 f9 1e 46 d3 b8 d4 8d a4 9c | 30 9c 16 4a 76 fc 11 eb a6 51 17 22 98 8f cc aa | 27 97 df 83 ce 2a a8 57 ff 82 d2 5b f3 dd 2a 6a | a7 4f 44 b9 8e 41 14 6e d6 ea c5 9a 10 01 1d a6 | 03 0f 24 5f 80 e3 80 c9 5e 07 de ff 36 82 cb 56 | c1 32 06 85 c6 f4 aa 4a 56 88 dc 1d 68 2b 26 03 | 6b 5b 33 22 1d 0c b5 f3 26 33 70 05 9e 29 f3 8c | bd 6b 3b 83 6c 90 9f 7d 0d 4c 67 dd 98 54 30 45 | c0 1a 18 e2 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | e7 3b 18 64 97 9b 32 48 90 a6 9c b2 15 e5 de ad | 4a 6c 6a 4f | outI1 HASH(1): | e7 3b 18 64 97 9b 32 48 90 a6 9c b2 15 e5 de ad | 4a 6c 6a 4f | last Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | current Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | 27 0d 31 7b | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 9e 45 b0 dd 43 e2 bf b9 36 29 a9 19 73 5d 88 8e | 90 f1 55 63 | encrypting: 01 00 00 18 e7 3b 18 64 97 9b 32 48 90 a6 9c b2 | encrypting: 15 e5 de ad 4a 6c 6a 4f 0a 00 00 3c 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 30 00 03 04 01 d6 f6 8e 47 | encrypting: 00 00 00 24 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 80 06 00 80 04 00 00 24 3a 17 57 39 f1 f2 df 80 | encrypting: 64 f2 da 61 9d b1 1a 03 c0 03 de 91 48 a2 20 09 | encrypting: 12 93 38 7e 9c 80 06 3d 05 00 01 04 a9 4f bb b1 | encrypting: 12 6a da 6d bb 4d 7c ab 3a 75 bf 04 7a 0a d2 4b | encrypting: 8d 4b 95 87 64 4a b9 d7 1a da 94 5d 1d 2d f0 c5 | encrypting: 8e a3 4b 5b d9 5d 29 01 63 c4 fd 09 43 ba c1 c6 | encrypting: 3a 70 2a b9 d5 7d b7 06 ed cb 31 82 8f cf ff d9 | encrypting: 87 19 29 61 39 13 83 39 a9 06 bc 11 1a 2b 16 63 | encrypting: e8 ae 1c de 99 a1 c5 ea 24 11 d6 04 8b e8 b1 d3 | encrypting: 51 58 27 50 93 36 0e 4d c5 17 73 f6 0e 08 13 fe | encrypting: 3c cd 17 d1 92 18 4a e7 1c 85 15 b3 36 42 48 f9 | encrypting: 1e 46 d3 b8 d4 8d a4 9c 30 9c 16 4a 76 fc 11 eb | encrypting: a6 51 17 22 98 8f cc aa 27 97 df 83 ce 2a a8 57 | encrypting: ff 82 d2 5b f3 dd 2a 6a a7 4f 44 b9 8e 41 14 6e | encrypting: d6 ea c5 9a 10 01 1d a6 03 0f 24 5f 80 e3 80 c9 | encrypting: 5e 07 de ff 36 82 cb 56 c1 32 06 85 c6 f4 aa 4a | encrypting: 56 88 dc 1d 68 2b 26 03 6b 5b 33 22 1d 0c b5 f3 | encrypting: 26 33 70 05 9e 29 f3 8c bd 6b 3b 83 6c 90 9f 7d | encrypting: 0d 4c 67 dd 98 54 30 45 c0 1a 18 e2 05 00 00 10 | encrypting: 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | encrypting: 04 00 00 00 c0 00 02 00 ff ff ff 00 | IV: 9e 45 b0 dd 43 e2 bf b9 36 29 a9 19 73 5d 88 8e | IV: 90 f1 55 63 | unpadded size is: 412 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 15 5c 36 36 15 11 eb 43 45 88 37 ea 3c ce 0b 2c | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #6) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 08 10 20 01 27 0d 31 7b 00 00 01 bc a8 68 04 89 | 66 96 d0 c0 6b 4f 96 4b fd 6f 4c f2 0a d1 4e 47 | de 64 a0 37 5d 83 70 fd dc d0 b9 cf 3f 62 31 22 | df ca c1 9e 48 a4 30 55 96 57 23 9d ee d4 ea 71 | 71 c2 df 19 d4 1c b6 0f fd 65 55 8e 22 6b 2c 9b | 80 79 dc 48 f2 80 66 47 c0 22 d3 26 5f 31 72 a4 | 8e d0 0a 19 ab 95 f7 ea 8e 1e f9 53 53 0f 7a ee | ee 89 1b 66 8a 1e 98 c4 08 d7 22 42 77 13 de c1 | 59 0c 31 48 dd 30 2a b2 91 43 0f 28 9e 97 0d cf | 63 61 d0 45 68 78 b8 a6 b9 72 e2 bd 3d 69 ee 37 | 90 81 e6 05 46 1d 6d f1 e6 a5 12 ab 4d f9 d4 d7 | 53 46 2c e5 ff 1a 12 a0 c3 46 40 27 e0 c3 74 d9 | 4d 88 1b fe 05 d3 88 7f 01 f9 f2 2a 60 5b 71 61 | e8 18 8a fd 8c 0c c4 72 26 bc 8c 8a 1f 74 35 d8 | 3f e1 58 c5 b0 68 21 5f 9b 61 3f c7 9f 8a 34 91 | 01 c9 df a8 e9 fe c6 97 aa 3b c2 a5 b4 4f aa dd | 27 a3 83 51 69 cd 97 9b 37 e9 ad b2 fd cb 80 45 | 7e 7d 30 75 08 af 92 27 44 b9 51 2e a5 85 ee da | c1 35 67 29 54 5a bb 42 4a 13 34 e9 f0 75 65 00 | e0 f7 a0 6b 91 c5 56 cd ec 1e 8c b3 fe 99 09 73 | fa 8a 5d 4e ef 7d ee 64 d8 15 53 59 ca 05 d1 b1 | 8b 47 e1 10 ae 97 cd 68 b2 c8 b5 99 d1 4d b4 58 | 8d e0 8f 7f 44 a7 ab cb 47 e6 4e bb f5 43 8b 9b | df 4b 25 b8 7e 40 d3 73 96 56 35 d8 4b 4b d1 d3 | d5 a3 78 37 14 81 63 9a 4f 29 91 84 a4 96 5d 02 | 6a 3e ab 8a f6 de c7 83 31 ae 37 41 15 5c 36 36 | 15 11 eb 43 45 88 37 ea 3c ce 0b 2c | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4166038 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #6 | libevent_malloc: new ptr-libevent@0x5573f416e3f8 size 128 | #6 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10449.004861 | resume sending helper answer for #6 suppresed complete_v1_state_transition() | #6 spent 0.492 milliseconds in resume sending helper answer | stop processing: state #6 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaac002888 | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 08 10 05 01 d2 f6 f2 10 00 00 00 4c d7 7f 1c bb | c2 72 f6 80 fb 2c f2 2a 1e 2f 76 24 a6 80 f4 33 | e7 25 19 4e 2b fe 85 7f fe cb 2a c4 d8 16 8e cf | 0e 97 b1 5b 7d da 0b 9c b6 7b b3 9e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3539399184 (0xd2f6f210) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #6; msgid=00000000 st_msgid=270d317b st_msgid_phase15=00000000 | peer and cookies match on #5; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #5 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #5 in MAIN_I4 (find_v1_info_state) | start processing: state #5 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | current Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b12bc (length 4) | d2 f6 f2 10 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 02 75 3f 89 fe ef d4 24 a2 e5 58 de de 6b 31 1d | d8 f5 51 37 | #5 is idle | #5 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 02 75 3f 89 fe ef d4 24 a2 e5 58 de de 6b 31 1d | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: d8 16 8e cf 0e 97 b1 5b 7d da 0b 9c b6 7b b3 9e | decrypted payload (starts at offset -48): | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 08 10 05 01 d2 f6 f2 10 00 00 00 4c 0b 00 00 18 | e0 83 e3 16 f3 01 32 80 58 9a 75 4e 44 c1 50 2b | 7c b8 56 4e 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffaa8001158 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | d2 f6 f2 10 | HASH(1) PRF sha update payload-bytes@0x5573f40bb8cc (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | e0 83 e3 16 f3 01 32 80 58 9a 75 4e 44 c1 50 2b | 7c b8 56 4e | informational HASH(1): | e0 83 e3 16 f3 01 32 80 58 9a 75 4e 44 c1 50 2b | 7c b8 56 4e | received 'informational' message HASH(1) data ok "aes128" #5: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #5: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #5 spent 0.00498 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #5 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.182 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7ffab4002b78 | handling event EVENT_RETRANSMIT for child state #6 | start processing: state #6 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #6 keying attempt 1 of 0; retransmit 1 "aes128" #6: IMPAIR: retransmit so deleting SA | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #6 ikev1.ipsec failed too-many-retransmits | pstats #6 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #6 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #6: deleting state (STATE_QUICK_I1) aged 0.502s and NOT sending notification | child state #6: QUICK_I1(established CHILD SA) => delete | child state #6: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #6 in CHILDSA_DEL | child state #6: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7ffaac003a28: destroyed | stop processing: state #6 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x5573f416e3f8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | in statetime_stop() and could not find #6 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0405 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #5 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #5 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #5 ikev1.isakmp deleted completed | [RE]START processing: state #5 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #5: deleting state (STATE_MAIN_I4) aged 0.524s and sending notification | parent state #5: MAIN_I4(established IKE SA) => delete | #5 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 589732578 (0x23269ae2) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI cc 49 01 61 cb 1d 8d a1 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 58 44 20 c9 d0 a7 c7 e2 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffaac003928 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 23 26 9a e2 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 cc 49 01 61 | cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 0c 2b bf 83 0b 17 a9 25 41 ba 35 bb 74 3c 99 0b | 3a 42 29 d3 | send delete HASH(1): | 0c 2b bf 83 0b 17 a9 25 41 ba 35 bb 74 3c 99 0b | 3a 42 29 d3 | last Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | current Phase 1 IV: 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 00 05 6e 98 6a 57 04 54 e8 77 c4 63 95 53 f9 07 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 23 26 9a e2 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 7e bd df 9e 84 8d ef 4a de 27 97 40 36 50 bb 51 | 15 8b bd a6 | encrypting: 0c 00 00 18 0c 2b bf 83 0b 17 a9 25 41 ba 35 bb | encrypting: 74 3c 99 0b 3a 42 29 d3 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 cc 49 01 61 cb 1d 8d a1 58 44 20 c9 | encrypting: d0 a7 c7 e2 | IV: 7e bd df 9e 84 8d ef 4a de 27 97 40 36 50 bb 51 | IV: 15 8b bd a6 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 5a 17 40 cc ab 83 fc 66 0d a3 31 f2 a5 c3 cf fe | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #5) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 08 10 05 01 23 26 9a e2 00 00 00 5c 1d 5a a9 11 | 44 09 a6 d2 6b 43 72 b5 cd 05 75 26 ff b9 d2 8d | ce 07 63 5f aa 28 1c cc 72 96 3c 82 4d b4 78 8f | 1c 14 b6 c7 09 35 eb d4 a8 4f 47 73 5a 17 40 cc | ab 83 fc 66 0d a3 31 f2 a5 c3 cf fe | state #5 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffaa8003978 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41632f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #5 in MAIN_I4 | parent state #5: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffab4003a28: destroyed | stop processing: state #5 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f40c6080 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.501 milliseconds in whack | spent 0.00216 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | cc 49 01 61 cb 1d 8d a1 58 44 20 c9 d0 a7 c7 e2 | 08 10 05 01 56 9a 53 33 00 00 00 5c fc ac 16 fd | b1 e0 1a 01 85 de 56 55 d2 02 6a 5e 6a 52 d1 3f | f1 58 90 41 99 5b c0 14 fa 97 63 50 42 44 93 25 | ef 6e 41 32 dd df 2f 82 8a 2b 5b 1c 86 fb ed 8c | c1 1e 45 fd 78 ea 78 40 c4 3c 25 d5 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | cc 49 01 61 cb 1d 8d a1 | responder cookie: | 58 44 20 c9 d0 a7 c7 e2 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1452954419 (0x569a5333) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x569a5333 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | cc 49 01 61 cb 1d 8d a1 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 58 44 20 c9 d0 a7 c7 e2 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0711 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.065 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0745 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0541 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.134 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #7 at 0x5573f4163978 | State DB: adding IKEv1 state #7 in UNDEFINED | pstats #7 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #7 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #7: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #7 "aes128" "aes128" #7: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 3a f1 87 4c 2f 1a 4d a1 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f41633f8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #7: IMPAIR: stripping key-length "aes128" #7: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #7) | 3a f1 87 4c 2f 1a 4d a1 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #7 | libevent_malloc: new ptr-libevent@0x7ffaac002888 size 128 | #7 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10449.946672 | #7 spent 0.368 milliseconds in main_outI1() | stop processing: state #7 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.419 milliseconds in whack | spent 0.00233 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 3a f1 87 4c 2f 1a 4d a1 5f 74 52 a5 12 41 9e dd | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 3a f1 87 4c 2f 1a 4d a1 | responder cookie: | 5f 74 52 a5 12 41 9e dd | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #7 in MAIN_I1 (find_state_ikev1_init) | start processing: state #7 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #7 is idle | #7 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #7: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #7: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #7 spent 0.0086 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #7 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0952 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x5573f41632f8 | handling event EVENT_RETRANSMIT for parent state #7 | start processing: state #7 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #7 keying attempt 1 of 0; retransmit 1 "aes128" #7: IMPAIR: retransmit so deleting SA | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #7 ikev1.isakmp failed too-many-retransmits | pstats #7 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #7 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #7: deleting state (STATE_MAIN_I1) aged 0.501s and NOT sending notification | parent state #7: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection aes128 | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "aes128" {0x5573f41555c8} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #7 "aes128" #7: deleting IKE SA for connection 'aes128' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection 'aes128' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #7 in MAIN_I1 | parent state #7: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #7 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7ffaac002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | in statetime_stop() and could not find #7 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection aes128 which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #8 at 0x5573f4163978 | State DB: adding IKEv1 state #8 in UNDEFINED | pstats #8 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #8 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #8: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #8 "aes128" "aes128" #8: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | e6 76 33 c9 ce 0b 8d 78 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f41633f8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #8: IMPAIR: stripping key-length "aes128" #8: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #8) | e6 76 33 c9 ce 0b 8d 78 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #8 | libevent_malloc: new ptr-libevent@0x7ffaac002888 size 128 | #8 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10450.4479 | #8 spent 0.343 milliseconds in main_outI1() | stop processing: state #8 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | spent 0.361 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.00224 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | e6 76 33 c9 ce 0b 8d 78 09 1f c9 2b 20 0b fc 29 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | e6 76 33 c9 ce 0b 8d 78 | responder cookie: | 09 1f c9 2b 20 0b fc 29 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #8 in MAIN_I1 (find_state_ikev1_init) | start processing: state #8 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #8 is idle | #8 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "aes128" #8: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #8: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #8 spent 0.00764 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #8 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.115 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0427 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | removing pending policy for no connection {0x5573f41555c8} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #8 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #8 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #8 ikev1.isakmp deleted other | [RE]START processing: state #8 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #8: deleting state (STATE_MAIN_I1) aged 0.020s and NOT sending notification | parent state #8: MAIN_I1(half-open IKE SA) => delete | state #8 requesting EVENT_RETRANSMIT to be deleted | #8 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #8 in MAIN_I1 | parent state #8: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #8 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.261 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.237 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0418 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0554 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.106 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #9 at 0x5573f4163978 | State DB: adding IKEv1 state #9 in UNDEFINED | pstats #9 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #9 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #9: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #9 "aes128" "aes128" #9: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4163548 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | c2 2f e6 e6 a8 13 3b 01 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x7ffaac002888 size 128 | #9 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10450.820939 | #9 spent 0.406 milliseconds in main_outI1() | stop processing: state #9 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.467 milliseconds in whack | spent 0.00196 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #9 in MAIN_I1 (find_state_ikev1_init) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 8 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac002888 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x7ffaac002888 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | crypto helper 0 resuming | crypto helper 0 starting work-order 8 for state #9 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 8 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffac0004618: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffac0004618 | NSS: Public DH wire value: | 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | Generated nonce: e2 91 6a 2f 6b 7e 94 f5 22 14 f6 12 2f 75 2d 45 | Generated nonce: 76 86 83 3f a8 54 22 5a 66 d3 9d 57 51 61 46 b6 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 8 time elapsed 0.000977 seconds | (#9) spent 0.976 milliseconds in crypto helper computing work-order 8: outI2 KE (pcr) | crypto helper 0 sending results from work-order 8 for state #9 to event queue | #9 spent 0.158 milliseconds in process_packet_tail() | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7ffac00047c8 size 128 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 0 waiting (nothing to do) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.295 milliseconds in comm_handle_cb() reading and processing packet | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 8 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #9: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffac0004618: transferring ownership from helper KE to state #9 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | keyex value 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | keyex value 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | keyex value 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | keyex value cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | keyex value d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | keyex value 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | keyex value bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | keyex value 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | keyex value 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | keyex value 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | keyex value f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | keyex value 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | keyex value 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | keyex value 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | keyex value 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni e2 91 6a 2f 6b 7e 94 f5 22 14 f6 12 2f 75 2d 45 | Ni 76 86 83 3f a8 54 22 5a 66 d3 9d 57 51 61 46 b6 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | c2 2f e6 e6 a8 13 3b 01 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | d8 05 bf de b1 86 69 c9 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | 93 1a 86 12 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c2 2f e6 e6 a8 13 3b 01 | natd_hash: rcookie= d8 05 bf de b1 86 69 c9 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | natd_hash: hash= 93 1a 86 12 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | NAT-D 93 1a 86 12 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | c2 2f e6 e6 a8 13 3b 01 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | d8 05 bf de b1 86 69 c9 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | 17 08 a6 d6 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c2 2f e6 e6 a8 13 3b 01 | natd_hash: rcookie= d8 05 bf de b1 86 69 c9 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | natd_hash: hash= 17 08 a6 d6 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | NAT-D 17 08 a6 d6 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #9 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #9: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaac002888 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | 14 00 00 24 e2 91 6a 2f 6b 7e 94 f5 22 14 f6 12 | 2f 75 2d 45 76 86 83 3f a8 54 22 5a 66 d3 9d 57 | 51 61 46 b6 14 00 00 18 c0 a7 ae 3f d1 85 14 3e | e4 dd 47 d0 42 cc 86 8b 93 1a 86 12 00 00 00 18 | a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | 17 08 a6 d6 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | #9 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10450.823164 "aes128" #9: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.297 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffac00047c8 | spent 0.00225 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | 14 00 00 24 7b 32 35 74 9f 55 7d cc 21 fb af c9 | 4f 7f 8d 02 1a cf 85 95 f9 7c e0 88 5d b1 54 10 | 23 19 d9 64 14 00 00 18 a0 4d 04 a5 e6 90 29 09 | 42 7c 07 70 5d 7f fa 7c 17 08 a6 d6 00 00 00 18 | c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | 93 1a 86 12 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I2 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffac0004618: transferring ownership from state #9 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 9 for state #9 | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #9 | libevent_malloc: new ptr-libevent@0x7ffac00047c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #9 and saving MD | #9 is busy; has a suspended MD | crypto helper 1 resuming | crypto helper 1 starting work-order 9 for state #9 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 | peer's g: 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | peer's g: d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | peer's g: 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | peer's g: 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | peer's g: 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | peer's g: 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | peer's g: 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | peer's g: 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | peer's g: 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | peer's g: fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | peer's g: 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | peer's g: 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | peer's g: 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | peer's g: a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | peer's g: 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | peer's g: 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | Started DH shared-secret computation in NSS: | #9 spent 0.0863 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.228 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffac0004618: computed shared DH secret key@0x5573f4150a70 | dh-shared : g^ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: psk-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: psk-key@0x5573f414f010 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f414d560 | SKEYID psk prf: created sha context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk prf: begin sha with context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk: release clone-key@0x5573f414f010 | SKEYID psk PRF sha crypt-prf@0x7ffab80010b8 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | e2 91 6a 2f 6b 7e 94 f5 22 14 f6 12 2f 75 2d 45 | 76 86 83 3f a8 54 22 5a 66 d3 9d 57 51 61 46 b6 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 7b 32 35 74 9f 55 7d cc 21 fb af c9 4f 7f 8d 02 | 1a cf 85 95 f9 7c e0 88 5d b1 54 10 23 19 d9 64 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID psk PRF sha final-key@0x5573f414f010 (size 20) | SKEYID psk: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_d: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2718 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d: release clone-key@0x5573f414d560 | SKEYID_d PRF sha crypt-prf@0x7ffab8001108 | SKEYID_d PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_d: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6f bb 68 35 2d 8c b9 14 46 03 3a 3c a9 70 46 f1 fa 4f e9 57 ab b4 e2 0a fb 6c 23 12 fa 7f 98 c1 34 48 87 bb 23 73 39 d3 07 21 db 6a 9a 87 f9 70 09 10 fc 7b b4 7f 59 4c b9 95 9a e6 22 52 5b af 01 2d cc aa 14 23 33 9a 56 4f ad 00 d5 f6 f5 cf 3d 43 00 2a 20 f2 8c 6b 02 0c 79 3c 15 ae 4f ce 1f 19 dd 6d b1 2a 75 93 3e 2d f2 00 1c b6 fb 24 4e 35 e7 15 dc 89 58 55 54 d8 a9 79 41 b6 d6 27 2d 11 ed 63 58 a4 f9 c3 20 8d ba 2a ed 8a 68 62 9a 17 33 d4 88 df 8a 49 68 46 37 8f 3f f8 df c3 6a ef 1b 72 74 0c 67 5e 7d a5 38 c2 c5 87 06 81 c3 fb 22 a6 0b f3 03 9e 65 c7 54 36 f3 4b b6 bc af e4 f0 36 a4 30 c9 90 15 12 d3 45 c0 61 63 7f c9 81 a4 1a 3f ad 6f bc cc 4b 62 38 52 62 9d de c4 63 f7 89 ed 26 14 b7 d1 97 f8 80 1c 32 b6 bc 6d ca 0c 98 9c d1 38 35 f4 4e 99 41 e5 be dc cd | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 0f da 63 f9 ad f8 d8 55 14 f5 35 65 81 b1 76 fd | unwrapped: eb 37 a9 bb 7d e8 c0 bc 0a f5 c4 ac 77 f3 38 2a | unwrapped: ac 40 07 de c7 ec ea f0 94 67 b9 49 77 cf dc 29 | unwrapped: a4 0f ce 14 90 3b de 4c 33 b5 2d 67 e0 c7 55 e7 | unwrapped: a3 93 29 fa 4f 5d 40 36 7f b7 90 46 5e f5 2e b3 | unwrapped: 6a be 99 d2 ad 1a 86 3c 2c 80 9a 46 39 a9 3b 26 | unwrapped: 27 e7 e4 81 32 b8 39 5d 18 18 63 da a4 ec 39 fb | unwrapped: e8 74 58 2e 04 c8 c9 52 9b 76 d8 e2 88 f8 6d 29 | unwrapped: bf 5c 28 a3 bc 44 53 23 46 9a 48 25 6b ec 5d 3e | unwrapped: 38 82 c4 fd 89 e0 4e 5b b7 4d 77 12 8b 73 50 69 | unwrapped: 45 96 63 78 c4 05 b0 88 65 05 b0 84 12 ac 5d 70 | unwrapped: f8 7e 9b cb 6d 1d b4 df 04 e9 50 ae 34 12 96 84 | unwrapped: f1 f2 01 52 09 37 6f 71 6a a9 ce b2 bb f4 0c 14 | unwrapped: bf 60 e4 7a 3d ed 2e 0e 28 ab b2 ae 41 e6 27 4e | unwrapped: bc b9 85 fc cf ff 74 b3 b2 32 bc de b2 95 b2 f4 | unwrapped: bc af 48 22 72 62 4f ce 10 a0 2f 81 b2 5c ec af | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c2 2f e6 e6 a8 13 3b 01 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | d8 05 bf de b1 86 69 c9 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID_d PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_d: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_a: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a: release clone-key@0x5573f40bfec0 | SKEYID_a PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f414d560 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: b2 62 8a 5e 41 00 de 92 14 64 36 f5 22 81 bf 2b 4f 63 62 96 93 25 84 47 63 b5 3a 3f 34 61 5e 32 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80085b8 | unwrapped: 9a 5a 81 2d b8 53 f0 bd 4e 58 8f 9a fc 8a 24 4a | unwrapped: c5 2b ea 50 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_a: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6f bb 68 35 2d 8c b9 14 46 03 3a 3c a9 70 46 f1 fa 4f e9 57 ab b4 e2 0a fb 6c 23 12 fa 7f 98 c1 34 48 87 bb 23 73 39 d3 07 21 db 6a 9a 87 f9 70 09 10 fc 7b b4 7f 59 4c b9 95 9a e6 22 52 5b af 01 2d cc aa 14 23 33 9a 56 4f ad 00 d5 f6 f5 cf 3d 43 00 2a 20 f2 8c 6b 02 0c 79 3c 15 ae 4f ce 1f 19 dd 6d b1 2a 75 93 3e 2d f2 00 1c b6 fb 24 4e 35 e7 15 dc 89 58 55 54 d8 a9 79 41 b6 d6 27 2d 11 ed 63 58 a4 f9 c3 20 8d ba 2a ed 8a 68 62 9a 17 33 d4 88 df 8a 49 68 46 37 8f 3f f8 df c3 6a ef 1b 72 74 0c 67 5e 7d a5 38 c2 c5 87 06 81 c3 fb 22 a6 0b f3 03 9e 65 c7 54 36 f3 4b b6 bc af e4 f0 36 a4 30 c9 90 15 12 d3 45 c0 61 63 7f c9 81 a4 1a 3f ad 6f bc cc 4b 62 38 52 62 9d de c4 63 f7 89 ed 26 14 b7 d1 97 f8 80 1c 32 b6 bc 6d ca 0c 98 9c d1 38 35 f4 4e 99 41 e5 be dc cd | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 0f da 63 f9 ad f8 d8 55 14 f5 35 65 81 b1 76 fd | unwrapped: eb 37 a9 bb 7d e8 c0 bc 0a f5 c4 ac 77 f3 38 2a | unwrapped: ac 40 07 de c7 ec ea f0 94 67 b9 49 77 cf dc 29 | unwrapped: a4 0f ce 14 90 3b de 4c 33 b5 2d 67 e0 c7 55 e7 | unwrapped: a3 93 29 fa 4f 5d 40 36 7f b7 90 46 5e f5 2e b3 | unwrapped: 6a be 99 d2 ad 1a 86 3c 2c 80 9a 46 39 a9 3b 26 | unwrapped: 27 e7 e4 81 32 b8 39 5d 18 18 63 da a4 ec 39 fb | unwrapped: e8 74 58 2e 04 c8 c9 52 9b 76 d8 e2 88 f8 6d 29 | unwrapped: bf 5c 28 a3 bc 44 53 23 46 9a 48 25 6b ec 5d 3e | unwrapped: 38 82 c4 fd 89 e0 4e 5b b7 4d 77 12 8b 73 50 69 | unwrapped: 45 96 63 78 c4 05 b0 88 65 05 b0 84 12 ac 5d 70 | unwrapped: f8 7e 9b cb 6d 1d b4 df 04 e9 50 ae 34 12 96 84 | unwrapped: f1 f2 01 52 09 37 6f 71 6a a9 ce b2 bb f4 0c 14 | unwrapped: bf 60 e4 7a 3d ed 2e 0e 28 ab b2 ae 41 e6 27 4e | unwrapped: bc b9 85 fc cf ff 74 b3 b2 32 bc de b2 95 b2 f4 | unwrapped: bc af 48 22 72 62 4f ce 10 a0 2f 81 b2 5c ec af | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c2 2f e6 e6 a8 13 3b 01 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | d8 05 bf de b1 86 69 c9 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: final-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150e50 | SKEYID_a PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_a: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_e: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: clone-key@0x5573f4150e50 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e: release clone-key@0x5573f4150e50 | SKEYID_e PRF sha crypt-prf@0x7ffab8001108 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f40bfec0 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 9e f7 97 75 63 d1 93 c7 49 30 cc ca 30 43 aa 40 6a 71 61 35 66 84 ea 91 bc c3 c6 55 c6 71 f5 e6 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80030c8 | unwrapped: f9 2c 3c bf 57 17 8c 1a e9 93 ed 0c 2d 75 87 ea | unwrapped: 77 58 e0 85 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_e: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6f bb 68 35 2d 8c b9 14 46 03 3a 3c a9 70 46 f1 fa 4f e9 57 ab b4 e2 0a fb 6c 23 12 fa 7f 98 c1 34 48 87 bb 23 73 39 d3 07 21 db 6a 9a 87 f9 70 09 10 fc 7b b4 7f 59 4c b9 95 9a e6 22 52 5b af 01 2d cc aa 14 23 33 9a 56 4f ad 00 d5 f6 f5 cf 3d 43 00 2a 20 f2 8c 6b 02 0c 79 3c 15 ae 4f ce 1f 19 dd 6d b1 2a 75 93 3e 2d f2 00 1c b6 fb 24 4e 35 e7 15 dc 89 58 55 54 d8 a9 79 41 b6 d6 27 2d 11 ed 63 58 a4 f9 c3 20 8d ba 2a ed 8a 68 62 9a 17 33 d4 88 df 8a 49 68 46 37 8f 3f f8 df c3 6a ef 1b 72 74 0c 67 5e 7d a5 38 c2 c5 87 06 81 c3 fb 22 a6 0b f3 03 9e 65 c7 54 36 f3 4b b6 bc af e4 f0 36 a4 30 c9 90 15 12 d3 45 c0 61 63 7f c9 81 a4 1a 3f ad 6f bc cc 4b 62 38 52 62 9d de c4 63 f7 89 ed 26 14 b7 d1 97 f8 80 1c 32 b6 bc 6d ca 0c 98 9c d1 38 35 f4 4e 99 41 e5 be dc cd | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 0f da 63 f9 ad f8 d8 55 14 f5 35 65 81 b1 76 fd | unwrapped: eb 37 a9 bb 7d e8 c0 bc 0a f5 c4 ac 77 f3 38 2a | unwrapped: ac 40 07 de c7 ec ea f0 94 67 b9 49 77 cf dc 29 | unwrapped: a4 0f ce 14 90 3b de 4c 33 b5 2d 67 e0 c7 55 e7 | unwrapped: a3 93 29 fa 4f 5d 40 36 7f b7 90 46 5e f5 2e b3 | unwrapped: 6a be 99 d2 ad 1a 86 3c 2c 80 9a 46 39 a9 3b 26 | unwrapped: 27 e7 e4 81 32 b8 39 5d 18 18 63 da a4 ec 39 fb | unwrapped: e8 74 58 2e 04 c8 c9 52 9b 76 d8 e2 88 f8 6d 29 | unwrapped: bf 5c 28 a3 bc 44 53 23 46 9a 48 25 6b ec 5d 3e | unwrapped: 38 82 c4 fd 89 e0 4e 5b b7 4d 77 12 8b 73 50 69 | unwrapped: 45 96 63 78 c4 05 b0 88 65 05 b0 84 12 ac 5d 70 | unwrapped: f8 7e 9b cb 6d 1d b4 df 04 e9 50 ae 34 12 96 84 | unwrapped: f1 f2 01 52 09 37 6f 71 6a a9 ce b2 bb f4 0c 14 | unwrapped: bf 60 e4 7a 3d ed 2e 0e 28 ab b2 ae 41 e6 27 4e | unwrapped: bc b9 85 fc cf ff 74 b3 b2 32 bc de b2 95 b2 f4 | unwrapped: bc af 48 22 72 62 4f ce 10 a0 2f 81 b2 5c ec af | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c2 2f e6 e6 a8 13 3b 01 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | d8 05 bf de b1 86 69 c9 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2710 | result: final-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40c6080 | SKEYID_e PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID_e: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2768 | result: keymat-key@0x5573f40c6080 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f414d560, skeyid_a 0x5573f40bfec0, skeyid_e 0x5573f4150e50, enc_key 0x5573f40c6080 | DH_i: 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | DH_i: 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | DH_i: 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | DH_i: 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | DH_i: cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | DH_i: d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | DH_i: 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | DH_i: bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | DH_i: 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | DH_i: 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | DH_i: 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | DH_i: f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | DH_i: 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | DH_i: 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | DH_i: 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | DH_i: 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | DH_r: 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | DH_r: d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | DH_r: 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | DH_r: 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | DH_r: 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | DH_r: 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | DH_r: 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | DH_r: 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | DH_r: 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | DH_r: fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | DH_r: 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | DH_r: 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | DH_r: 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | DH_r: a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | DH_r: 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | DH_r: 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | new IV hash sha final chunk@0x7ffab80030c8 (length 20) | f4 fb 90 e6 71 a4 ba 46 c5 83 f4 dc b9 20 ee 7d | d4 df 28 ef | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 9 time elapsed 0.001443 seconds | (#9) spent 1.43 milliseconds in crypto helper computing work-order 9: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 9 for state #9 to event queue | scheduling resume sending helper answer for #9 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #9 | start processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 9 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #9: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffac0004618: transferring ownership from helper IKEv1 DH+IV to state #9 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | c2 2f e6 e6 a8 13 3b 01 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | d8 05 bf de b1 86 69 c9 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | 17 08 a6 d6 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c2 2f e6 e6 a8 13 3b 01 | natd_hash: rcookie= d8 05 bf de b1 86 69 c9 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | natd_hash: hash= 17 08 a6 d6 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | c2 2f e6 e6 a8 13 3b 01 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | d8 05 bf de b1 86 69 c9 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | 93 1a 86 12 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c2 2f e6 e6 a8 13 3b 01 | natd_hash: rcookie= d8 05 bf de b1 86 69 c9 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | natd_hash: hash= 93 1a 86 12 | expected NAT-D(me): a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | expected NAT-D(me): 17 08 a6 d6 | expected NAT-D(him): | c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | 93 1a 86 12 | received NAT-D: a0 4d 04 a5 e6 90 29 09 42 7c 07 70 5d 7f fa 7c | received NAT-D: 17 08 a6 d6 | received NAT-D: c0 a7 ae 3f d1 85 14 3e e4 dd 47 d0 42 cc 86 8b | received NAT-D: 93 1a 86 12 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f416e438 | hmac PRF sha update data-bytes@0x7ffac0003828 (length 256) | 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | hmac PRF sha update data-bytes@0x7ffab4000b48 (length 256) | 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | c2 2f e6 e6 a8 13 3b 01 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | d8 05 bf de b1 86 69 c9 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | b9 e3 da 57 3d 51 99 c6 c5 69 7e 84 4a 2a c9 48 | c9 7f 5d 62 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I b9 e3 da 57 3d 51 99 c6 c5 69 7e 84 4a 2a c9 48 | HASH_I c9 7f 5d 62 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: b9 e3 da 57 3d 51 99 c6 c5 69 7e 84 4a 2a c9 48 | encrypting: c9 7f 5d 62 | IV: f4 fb 90 e6 71 a4 ba 46 c5 83 f4 dc b9 20 ee 7d | IV: d4 df 28 ef | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 6b c3 d1 65 03 98 61 c2 bb d0 17 41 d5 0a 43 fa | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #9: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffac00047c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 05 10 02 01 00 00 00 00 00 00 00 4c b9 c0 86 56 | 49 56 f8 65 d5 d1 78 a3 2e 10 10 5f ca 94 01 24 | 4e e6 60 59 93 05 ab 93 c3 e5 8f 71 6b c3 d1 65 | 03 98 61 c2 bb d0 17 41 d5 0a 43 fa | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #9 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | #9 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10450.827094 "aes128" #9: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #9 suppresed complete_v1_state_transition() | #9 spent 0.327 milliseconds in resume sending helper answer | stop processing: state #9 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab8003ad8 | spent 0.00198 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 05 10 02 01 00 00 00 00 00 00 00 4c 0c 78 29 0d | 39 01 b5 4a e0 76 3d 5b 43 ef bf 1e c9 b0 63 e5 | e0 7e 03 bb 63 10 69 09 fb 88 a0 07 8c 8d f8 f0 | 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #9 in MAIN_I3 (find_state_ikev1) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 6b c3 d1 65 03 98 61 c2 bb d0 17 41 d5 0a 43 fa | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | decrypted payload (starts at offset -48): | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 8b 02 b4 93 | 67 18 59 61 9c 15 c9 20 ba 10 b3 62 bf d3 3a 47 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #9: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab80030c8 | hmac PRF sha update data-bytes@0x7ffab4000b48 (length 256) | 6e bf 07 a6 44 92 5e 72 02 98 bb 8b f1 a7 c5 d9 | d4 23 cc 5b e8 2c 9c 53 d4 34 6a 56 37 ac 19 18 | 3b b9 d4 d1 fa a3 69 9a bd 1b db ef 74 e0 61 dd | 0d c4 c5 6c ca 79 a9 e7 01 25 17 75 e3 b6 a3 3d | 05 f8 ff 92 e8 2f 9b 04 45 23 5a 3d fb b3 ba 63 | 27 f2 e2 52 1d dd f1 a1 8b 17 4b 4d fa 76 95 7d | 72 d2 81 80 e2 7d ad 5a f3 90 0d 81 75 20 ab c7 | 2a 11 22 ca 31 14 6b 8d 4d 5d 8e 22 14 80 b4 d9 | 54 ed 40 ce 0b 35 d6 37 13 59 3f 7e ab 45 e4 1c | fe bb 0e bd 17 53 7b 96 ac c4 92 b5 95 b8 45 a5 | 76 7e 33 76 70 c8 00 f5 34 7a 8e cd f7 7a 89 4d | 8c bf fa 71 4b d5 4d 36 0e d8 a0 b9 c3 fe 81 fa | 6c 39 1e 82 a6 4f 45 d0 1b 89 09 0d 71 64 4b 4e | a0 a1 b6 8e b2 0a 0b ca 1d 9d d0 fa b8 bc 84 b3 | 97 8c c7 c2 a6 ff 42 a9 48 3f c1 e0 b2 83 91 15 | 74 a4 19 02 b7 6d f6 c3 27 84 46 84 29 17 62 71 | hmac PRF sha update data-bytes@0x7ffac0003828 (length 256) | 42 d0 7b 02 44 41 96 8f 60 27 c1 04 45 d0 43 b4 | 89 43 dc 2e af fa c3 50 d1 55 5e 96 83 71 ec a7 | 49 2b 98 6d b7 72 18 2b 7f 52 79 04 c0 48 08 58 | 79 a6 39 b4 b6 dd 5e f2 c4 a9 89 3c d9 d7 18 aa | cb 1e df 59 0d e8 44 4c 8b ba 97 31 94 28 47 31 | d9 fe c5 c4 82 15 db 71 32 e4 65 bf 62 cd 26 c8 | 56 71 d1 9e df 30 84 9e 0f 61 8c 11 75 75 a8 47 | bc 4d 1b d0 4e 42 0e ca 2b f5 6f c6 84 b6 64 b1 | 5f 89 c9 30 e4 d3 1e 0b 7b 71 a4 05 9e 62 12 b3 | 0e 35 16 3b e4 05 ab 11 8d 84 de ac 04 db df f5 | 87 ed 30 f0 e0 49 73 1e 1f fb 40 de 1d ac 62 4c | f4 6c 11 12 37 ce 4d c9 4c cd cd dd de 0e 15 15 | 63 ef bd c3 0c 2a af 45 aa 00 71 39 10 f0 d7 db | 55 b8 d7 4e 91 b0 3c 3d 95 b0 fa 4a e2 7c 21 8e | 4e d4 15 8b 35 b2 0d d7 e9 98 62 72 bd 02 c1 d9 | 3c 27 0d 4e ce 54 d6 21 12 75 12 ea cb fe 72 a9 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | d8 05 bf de b1 86 69 c9 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | c2 2f e6 e6 a8 13 3b 01 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f4165f88 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | 8b 02 b4 93 67 18 59 61 9c 15 c9 20 ba 10 b3 62 | bf d3 3a 47 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #9 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #9: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #9 requesting EVENT_RETRANSMIT to be deleted | #9 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2629 seconds for #9 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | pstats #9 ikev1.isakmp established "aes128" #9: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #9 | creating state object #10 at 0x5573f4166828 | State DB: adding IKEv1 state #10 in UNDEFINED | pstats #10 ikev1.ipsec started | duplicating state object #9 "aes128" as #10 for IPSEC SA | #10 setting local endpoint to 192.1.2.45:500 from #9.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_d_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ai_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f40c6080 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #9 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #10 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #10: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#9 msgid:caf20e8d proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 10 for state #10 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #10 | libevent_malloc: new ptr-libevent@0x5573f416e348 size 128 | stop processing: state #10 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #9 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f41555c8} | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 3 resuming | crypto helper 3 starting work-order 10 for state #10 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 10 | #9 spent 0.348 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | spent 0.448 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7ffabc003188: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffabc003188 | NSS: Public DH wire value: | 0f dd cd a3 f6 89 bb 33 93 97 e6 1b 47 74 8f 7c | 2b df be 46 c1 b0 a9 8a 08 cb eb 44 45 68 bb cf | 76 df c5 04 47 45 7c 12 78 17 ee 6b c7 69 6c 0d | 10 45 da f4 7f 03 32 f7 b2 40 a6 b2 21 f2 ed c7 | 60 d8 9d cf e7 a9 06 ba 16 24 21 4a 9c bd cc 07 | db 3c b0 31 84 69 24 cd f9 8d 9b 5b 22 56 8f 92 | bd 0d 46 75 c8 7f 5b 6e 8d 68 fa aa e1 a8 31 7e | ef b2 98 b3 08 2d 9b f1 5c 55 8f 20 7b 83 1b 27 | 47 6d 42 63 1c a9 b1 e5 69 56 d1 25 90 8f af aa | 90 9b 79 65 7c 69 97 bd f0 af f8 57 2f df 84 5c | 36 71 52 1b 4e 0c 9b 6c ee 80 90 27 86 4d 7e df | 7a 63 67 36 4d b6 d1 c2 63 7b 57 cc de 78 5f 3f | 33 05 78 ca 11 84 2e d9 92 df 75 0b 2e ce 0d 83 | ae cd 34 b8 cb e3 b3 cd 0b e9 a1 13 d9 f0 12 85 | 3a 46 b8 34 79 9b 2e 9b 03 1e f9 c3 a7 67 97 aa | 4b e5 8d b0 01 31 d9 19 ba 3a e3 d7 45 9a 46 5e | Generated nonce: f3 91 ad 0a 92 68 59 08 68 74 cf 51 5a e6 b3 b0 | Generated nonce: a3 22 de 4d 25 d6 41 eb e8 c5 d5 ce 88 92 78 38 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 10 time elapsed 0.00076 seconds | (#10) spent 0.748 milliseconds in crypto helper computing work-order 10: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 10 for state #10 to event queue | scheduling resume sending helper answer for #10 | libevent_malloc: new ptr-libevent@0x7ffabc007818 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #10 | start processing: state #10 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 10 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #10: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3404861069 (0xcaf20e8d) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x76eb6ee for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 07 6e b6 ee | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #10: IMPAIR: stripping key-length "aes128" #10: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni f3 91 ad 0a 92 68 59 08 68 74 cf 51 5a e6 b3 b0 | Ni a3 22 de 4d 25 d6 41 eb e8 c5 d5 ce 88 92 78 38 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffabc003188: transferring ownership from helper KE to state #10 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 0f dd cd a3 f6 89 bb 33 93 97 e6 1b 47 74 8f 7c | keyex value 2b df be 46 c1 b0 a9 8a 08 cb eb 44 45 68 bb cf | keyex value 76 df c5 04 47 45 7c 12 78 17 ee 6b c7 69 6c 0d | keyex value 10 45 da f4 7f 03 32 f7 b2 40 a6 b2 21 f2 ed c7 | keyex value 60 d8 9d cf e7 a9 06 ba 16 24 21 4a 9c bd cc 07 | keyex value db 3c b0 31 84 69 24 cd f9 8d 9b 5b 22 56 8f 92 | keyex value bd 0d 46 75 c8 7f 5b 6e 8d 68 fa aa e1 a8 31 7e | keyex value ef b2 98 b3 08 2d 9b f1 5c 55 8f 20 7b 83 1b 27 | keyex value 47 6d 42 63 1c a9 b1 e5 69 56 d1 25 90 8f af aa | keyex value 90 9b 79 65 7c 69 97 bd f0 af f8 57 2f df 84 5c | keyex value 36 71 52 1b 4e 0c 9b 6c ee 80 90 27 86 4d 7e df | keyex value 7a 63 67 36 4d b6 d1 c2 63 7b 57 cc de 78 5f 3f | keyex value 33 05 78 ca 11 84 2e d9 92 df 75 0b 2e ce 0d 83 | keyex value ae cd 34 b8 cb e3 b3 cd 0b e9 a1 13 d9 f0 12 85 | keyex value 3a 46 b8 34 79 9b 2e 9b 03 1e f9 c3 a7 67 97 aa | keyex value 4b e5 8d b0 01 31 d9 19 ba 3a e3 d7 45 9a 46 5e | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f416e578 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | ca f2 0e 8d | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 07 6e b6 ee 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 00 04 00 00 24 f3 91 ad 0a | 92 68 59 08 68 74 cf 51 5a e6 b3 b0 a3 22 de 4d | 25 d6 41 eb e8 c5 d5 ce 88 92 78 38 05 00 01 04 | 0f dd cd a3 f6 89 bb 33 93 97 e6 1b 47 74 8f 7c | 2b df be 46 c1 b0 a9 8a 08 cb eb 44 45 68 bb cf | 76 df c5 04 47 45 7c 12 78 17 ee 6b c7 69 6c 0d | 10 45 da f4 7f 03 32 f7 b2 40 a6 b2 21 f2 ed c7 | 60 d8 9d cf e7 a9 06 ba 16 24 21 4a 9c bd cc 07 | db 3c b0 31 84 69 24 cd f9 8d 9b 5b 22 56 8f 92 | bd 0d 46 75 c8 7f 5b 6e 8d 68 fa aa e1 a8 31 7e | ef b2 98 b3 08 2d 9b f1 5c 55 8f 20 7b 83 1b 27 | 47 6d 42 63 1c a9 b1 e5 69 56 d1 25 90 8f af aa | 90 9b 79 65 7c 69 97 bd f0 af f8 57 2f df 84 5c | 36 71 52 1b 4e 0c 9b 6c ee 80 90 27 86 4d 7e df | 7a 63 67 36 4d b6 d1 c2 63 7b 57 cc de 78 5f 3f | 33 05 78 ca 11 84 2e d9 92 df 75 0b 2e ce 0d 83 | ae cd 34 b8 cb e3 b3 cd 0b e9 a1 13 d9 f0 12 85 | 3a 46 b8 34 79 9b 2e 9b 03 1e f9 c3 a7 67 97 aa | 4b e5 8d b0 01 31 d9 19 ba 3a e3 d7 45 9a 46 5e | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 4c 83 f0 9b 28 7b 20 e3 1f 86 8b d1 71 93 5a 1a | 96 9b 1d 33 | outI1 HASH(1): | 4c 83 f0 9b 28 7b 20 e3 1f 86 8b d1 71 93 5a 1a | 96 9b 1d 33 | last Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | current Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | ca f2 0e 8d | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | f1 89 be 1d c7 82 81 d4 1d 63 d9 6f 46 c7 c7 95 | 87 4e fc 6a | encrypting: 01 00 00 18 4c 83 f0 9b 28 7b 20 e3 1f 86 8b d1 | encrypting: 71 93 5a 1a 96 9b 1d 33 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 07 6e b6 ee | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 00 | encrypting: 04 00 00 24 f3 91 ad 0a 92 68 59 08 68 74 cf 51 | encrypting: 5a e6 b3 b0 a3 22 de 4d 25 d6 41 eb e8 c5 d5 ce | encrypting: 88 92 78 38 05 00 01 04 0f dd cd a3 f6 89 bb 33 | encrypting: 93 97 e6 1b 47 74 8f 7c 2b df be 46 c1 b0 a9 8a | encrypting: 08 cb eb 44 45 68 bb cf 76 df c5 04 47 45 7c 12 | encrypting: 78 17 ee 6b c7 69 6c 0d 10 45 da f4 7f 03 32 f7 | encrypting: b2 40 a6 b2 21 f2 ed c7 60 d8 9d cf e7 a9 06 ba | encrypting: 16 24 21 4a 9c bd cc 07 db 3c b0 31 84 69 24 cd | encrypting: f9 8d 9b 5b 22 56 8f 92 bd 0d 46 75 c8 7f 5b 6e | encrypting: 8d 68 fa aa e1 a8 31 7e ef b2 98 b3 08 2d 9b f1 | encrypting: 5c 55 8f 20 7b 83 1b 27 47 6d 42 63 1c a9 b1 e5 | encrypting: 69 56 d1 25 90 8f af aa 90 9b 79 65 7c 69 97 bd | encrypting: f0 af f8 57 2f df 84 5c 36 71 52 1b 4e 0c 9b 6c | encrypting: ee 80 90 27 86 4d 7e df 7a 63 67 36 4d b6 d1 c2 | encrypting: 63 7b 57 cc de 78 5f 3f 33 05 78 ca 11 84 2e d9 | encrypting: 92 df 75 0b 2e ce 0d 83 ae cd 34 b8 cb e3 b3 cd | encrypting: 0b e9 a1 13 d9 f0 12 85 3a 46 b8 34 79 9b 2e 9b | encrypting: 03 1e f9 c3 a7 67 97 aa 4b e5 8d b0 01 31 d9 19 | encrypting: ba 3a e3 d7 45 9a 46 5e 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: f1 89 be 1d c7 82 81 d4 1d 63 d9 6f 46 c7 c7 95 | IV: 87 4e fc 6a | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ff 56 63 8c 90 93 24 f1 0f 56 c2 5f b7 15 b4 bb | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #10) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 08 10 20 01 ca f2 0e 8d 00 00 01 bc 26 2e 53 82 | b6 9f 34 5e 76 10 87 0d 3a 0a f5 f7 42 e5 1e 79 | 0e de db ca 4c 57 59 e5 2e f5 23 bf a5 b8 80 bd | ef 30 10 bb e0 85 3d af 67 94 19 c3 f1 0e 32 b7 | 09 53 09 f4 c5 c0 41 0a 93 14 0d 93 fb 99 e6 6b | 4a 61 93 90 c8 b8 8e 1a a8 37 de 00 1c 34 1d b2 | a0 ed 05 13 2f e1 c1 27 3f e4 4d 9f 7f db 5a 3c | 8d d4 86 7d 5c 7e fb 22 64 1a d6 5b a4 b8 7c 00 | 7a 38 8d 0f b3 77 a6 6a 1b ef d9 ec 43 12 b2 c3 | 7b f0 cc c6 7f 10 ce 9c 46 ec 0b a9 30 f8 a7 42 | 16 09 24 73 e2 b8 2b ba 82 b9 af ae 05 75 fd 1c | 6b cf 44 e6 78 c0 3e 66 e4 8d 86 26 20 31 fc 59 | 1e 29 80 dd 32 73 14 aa 29 43 88 b8 39 4d f3 7b | 98 b0 89 ad a2 cb 7b 8b fb b3 e7 75 bf 50 75 cd | 91 ff e2 a0 4a 45 be 0f 3b 8f a4 c1 e3 db 1e 60 | fc fc 6b 59 73 e5 20 38 b3 f4 86 1b ef 0c 60 bc | 78 75 16 fa 57 a1 25 72 f5 fa 82 89 5f be 17 ed | 1b 50 b0 d5 4f 34 d8 61 9c a7 93 4e b0 be 27 7a | 51 d9 0b 19 af 78 4d 20 ef cb f6 1b 9f ae 8a 8e | ea 16 4d 55 e6 54 cf 14 a8 e3 10 34 d4 7a 5d e6 | 9f 23 78 a2 71 cf 00 c5 2b c4 af 9e 3d 54 fe 25 | 54 c7 4b aa 8e 63 4f 9f 07 ab ac e1 90 ae c7 c6 | 94 60 5f df fe ff 77 a8 35 10 8d 8d 97 4a d2 8a | 9a 78 c0 0b b9 d3 1c dc f5 0d af 03 00 c9 31 37 | f6 7c f7 d9 62 6d b8 c1 86 48 1e 24 25 2f 0f 01 | e7 91 72 b9 77 35 1e aa d9 28 30 16 ff 56 63 8c | 90 93 24 f1 0f 56 c2 5f b7 15 b4 bb | state #10 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f416e348 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #10 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | #10 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10450.829695 | resume sending helper answer for #10 suppresed complete_v1_state_transition() | #10 spent 0.681 milliseconds in resume sending helper answer | stop processing: state #10 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffabc007818 | spent 0.00211 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 08 10 05 01 ff a2 86 87 00 00 00 4c 83 a3 cf e6 | 2a 34 2d f0 c3 b2 aa c9 a4 fa 59 27 b2 1f d5 9a | 8e 2c 51 ca a7 fc ac 43 e2 08 31 d2 2d 7b cc 65 | 87 7a 8b a1 50 b5 91 8d 35 7d f7 03 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4288841351 (0xffa28687) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #10; msgid=00000000 st_msgid=caf20e8d st_msgid_phase15=00000000 | peer and cookies match on #9; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #9 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #9 in MAIN_I4 (find_v1_info_state) | start processing: state #9 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | current Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b12bc (length 4) | ff a2 86 87 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 57 23 c8 0c 99 b1 e0 eb a7 31 f7 25 73 26 97 fa | 97 e9 0b 49 | #9 is idle | #9 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 57 23 c8 0c 99 b1 e0 eb a7 31 f7 25 73 26 97 fa | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 2d 7b cc 65 87 7a 8b a1 50 b5 91 8d 35 7d f7 03 | decrypted payload (starts at offset -48): | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 08 10 05 01 ff a2 86 87 00 00 00 4c 0b 00 00 18 | f6 11 57 62 57 16 2f 33 22 7b 00 9d 91 88 97 a3 | b1 8a 59 11 00 00 00 0c 00 00 00 01 01 00 00 0f | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: BAD_PROPOSAL_SYNTAX (0xf) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffab80030c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | ff a2 86 87 | HASH(1) PRF sha update payload-bytes@0x5573f4165f9c (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0f | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | f6 11 57 62 57 16 2f 33 22 7b 00 9d 91 88 97 a3 | b1 8a 59 11 | informational HASH(1): | f6 11 57 62 57 16 2f 33 22 7b 00 9d 91 88 97 a3 | b1 8a 59 11 | received 'informational' message HASH(1) data ok "aes128" #9: ignoring informational payload BAD_PROPOSAL_SYNTAX, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0f | info: | processing informational BAD_PROPOSAL_SYNTAX (15) "aes128" #9: received and ignored notification payload: BAD_PROPOSAL_SYNTAX | complete v1 state transition with STF_IGNORE | #9 spent 0.00756 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #9 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.25 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7ffab4002b78 | handling event EVENT_RETRANSMIT for child state #10 | start processing: state #10 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #10 keying attempt 1 of 0; retransmit 1 "aes128" #10: IMPAIR: retransmit so deleting SA | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #10 ikev1.ipsec failed too-many-retransmits | pstats #10 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #10 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #10: deleting state (STATE_QUICK_I1) aged 0.502s and NOT sending notification | child state #10: QUICK_I1(established CHILD SA) => delete | child state #10: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #10 in CHILDSA_DEL | child state #10: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7ffabc003188: destroyed | stop processing: state #10 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | in statetime_stop() and could not find #10 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0337 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #9 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #9 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #9 ikev1.isakmp deleted completed | [RE]START processing: state #9 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #9: deleting state (STATE_MAIN_I4) aged 0.521s and sending notification | parent state #9: MAIN_I4(established IKE SA) => delete | #9 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2880904495 (0xabb71d2f) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI c2 2f e6 e6 a8 13 3b 01 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI d8 05 bf de b1 86 69 c9 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffabc003138 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | ab b7 1d 2f | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 c2 2f e6 e6 | a8 13 3b 01 d8 05 bf de b1 86 69 c9 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | d0 0e 41 bd 56 1a e7 30 e2 f0 91 ad 0b 25 ac 82 | b9 90 e4 53 | send delete HASH(1): | d0 0e 41 bd 56 1a e7 30 e2 f0 91 ad 0b 25 ac 82 | b9 90 e4 53 | last Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | current Phase 1 IV: 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 8c 8d f8 f0 9b 64 fe 0a 6b 54 2c 2c 75 d7 8d ac | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | ab b7 1d 2f | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 44 bd 6e f9 09 ca e4 e6 f7 cb 1f 96 91 5d 16 69 | 36 80 2a 77 | encrypting: 0c 00 00 18 d0 0e 41 bd 56 1a e7 30 e2 f0 91 ad | encrypting: 0b 25 ac 82 b9 90 e4 53 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 c2 2f e6 e6 a8 13 3b 01 d8 05 bf de | encrypting: b1 86 69 c9 | IV: 44 bd 6e f9 09 ca e4 e6 f7 cb 1f 96 91 5d 16 69 | IV: 36 80 2a 77 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: ae fe 02 a6 92 2c fd c2 a3 49 bb bc 39 89 91 0f | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #9) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 08 10 05 01 ab b7 1d 2f 00 00 00 5c 9a 3b 19 ef | 21 c3 0c 6d 70 fe 71 63 94 67 8f 41 69 7c 91 6d | 91 61 ce ea e6 fa 97 11 04 d7 ba b1 34 d9 df 57 | 30 8a 5a 2b df 00 79 a0 18 0c 9f 69 ae fe 02 a6 | 92 2c fd c2 a3 49 bb bc 39 89 91 0f | state #9 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab8003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #9 in MAIN_I4 | parent state #9: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffac0004618: destroyed | stop processing: state #9 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4150a70 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.685 milliseconds in whack | spent 0.00195 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c2 2f e6 e6 a8 13 3b 01 d8 05 bf de b1 86 69 c9 | 08 10 05 01 8e 40 80 71 00 00 00 5c 83 82 ee ce | 29 a5 82 23 c8 53 e2 00 c3 d1 f0 67 bc 61 86 2e | d2 d0 82 90 cd 31 28 74 ca 7e 1f c8 38 d1 6c 54 | 41 41 6c da 68 8a 25 92 d5 3c ae fe b9 1a 73 ab | 59 81 b6 34 f2 11 1b 78 f4 a7 39 7e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c2 2f e6 e6 a8 13 3b 01 | responder cookie: | d8 05 bf de b1 86 69 c9 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2386591857 (0x8e408071) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x8e408071 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | c2 2f e6 e6 a8 13 3b 01 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | d8 05 bf de b1 86 69 c9 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0488 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0936 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.269 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.055 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.138 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #11 at 0x5573f4163978 | State DB: adding IKEv1 state #11 in UNDEFINED | pstats #11 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #11 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #11: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #11 "aes128" "aes128" #11: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4161ba8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #11: IMPAIR: stripping key-length "aes128" #11: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | 21 52 58 7d 18 4e 79 8e 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x7ffabc007818 size 128 | #11 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10451.76927 | #11 spent 0.408 milliseconds in main_outI1() | stop processing: state #11 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.463 milliseconds in whack | spent 0.00252 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #11 in MAIN_I1 (find_state_ikev1_init) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 11 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffabc007818 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7ffabc007818 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #11 and saving MD | #11 is busy; has a suspended MD | crypto helper 4 resuming | #11 spent 0.105 milliseconds in process_packet_tail() | crypto helper 4 starting work-order 11 for state #11 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 4 doing build KE and nonce (outI2 KE); request ID 11 | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.244 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffab0001158: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffab0001158 | NSS: Public DH wire value: | b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | Generated nonce: c9 de 74 6c 11 9d 0e d9 9c ba 8a 2c 39 a1 95 29 | Generated nonce: dd 59 56 d3 bf 15 12 5e d4 93 1a 30 0b 72 91 42 | crypto helper 4 finished build KE and nonce (outI2 KE); request ID 11 time elapsed 0.001292 seconds | (#11) spent 0.741 milliseconds in crypto helper computing work-order 11: outI2 KE (pcr) | crypto helper 4 sending results from work-order 11 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7ffab0005fb8 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 11 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #11: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffab0001158: transferring ownership from helper KE to state #11 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | keyex value 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | keyex value 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | keyex value 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | keyex value b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | keyex value 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | keyex value 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | keyex value 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | keyex value bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | keyex value 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | keyex value da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | keyex value b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | keyex value bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | keyex value bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | keyex value db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | keyex value a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni c9 de 74 6c 11 9d 0e d9 9c ba 8a 2c 39 a1 95 29 | Ni dd 59 56 d3 bf 15 12 5e d4 93 1a 30 0b 72 91 42 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 21 52 58 7d 18 4e 79 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 27 41 79 e1 0d bd d0 ab | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | f0 59 42 e7 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 21 52 58 7d 18 4e 79 8e | natd_hash: rcookie= 27 41 79 e1 0d bd d0 ab | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | natd_hash: hash= f0 59 42 e7 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | NAT-D f0 59 42 e7 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 21 52 58 7d 18 4e 79 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 27 41 79 e1 0d bd d0 ab | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | f9 db 1c 68 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 21 52 58 7d 18 4e 79 8e | natd_hash: rcookie= 27 41 79 e1 0d bd d0 ab | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | natd_hash: hash= f9 db 1c 68 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | NAT-D f9 db 1c 68 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #11 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #11: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffabc007818 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | 14 00 00 24 c9 de 74 6c 11 9d 0e d9 9c ba 8a 2c | 39 a1 95 29 dd 59 56 d3 bf 15 12 5e d4 93 1a 30 | 0b 72 91 42 14 00 00 18 a9 92 0c 9f 6c b0 75 29 | 80 89 af 87 c6 6a 59 e5 f0 59 42 e7 00 00 00 18 | 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | f9 db 1c 68 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x5573f416e398 size 128 | #11 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10451.771822 "aes128" #11: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.378 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab0005fb8 | spent 0.00214 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | 14 00 00 24 4f 09 d6 80 bc 12 46 43 5e 3d 05 d3 | 9f 7a 97 2d 2e c4 95 8c d7 fb 2c 58 a8 b8 58 74 | d7 58 99 a1 14 00 00 18 1c ea 36 84 19 98 00 77 | b5 25 c4 4f 84 e5 9d fd f9 db 1c 68 00 00 00 18 | a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | f0 59 42 e7 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I2 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffab0001158: transferring ownership from state #11 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 12 for state #11 | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f416e398 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #11 | libevent_malloc: new ptr-libevent@0x7ffab0005fb8 size 128 | complete v1 state transition with STF_SUSPEND | crypto helper 2 resuming | crypto helper 2 starting work-order 12 for state #11 | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 | suspending state #11 and saving MD | #11 is busy; has a suspended MD | peer's g: 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | #11 spent 0.0843 milliseconds in process_packet_tail() | peer's g: d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | peer's g: 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | peer's g: ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | peer's g: dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | peer's g: 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | peer's g: 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | peer's g: c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | spent 0.208 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | peer's g: b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | peer's g: 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | peer's g: 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | peer's g: ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffab0001158: computed shared DH secret key@0x5573f40c6080 | dh-shared : g^ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: psk-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: psk-key@0x5573f4150e50 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f40bfec0 | SKEYID psk prf: created sha context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk prf: begin sha with context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk: release clone-key@0x5573f4150e50 | SKEYID psk PRF sha crypt-prf@0x7ffab4001548 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | c9 de 74 6c 11 9d 0e d9 9c ba 8a 2c 39 a1 95 29 | dd 59 56 d3 bf 15 12 5e d4 93 1a 30 0b 72 91 42 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 4f 09 d6 80 bc 12 46 43 5e 3d 05 d3 9f 7a 97 2d | 2e c4 95 8c d7 fb 2c 58 a8 b8 58 74 d7 58 99 a1 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID psk PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID psk: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_d: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1718 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d: release clone-key@0x5573f40bfec0 | SKEYID_d PRF sha crypt-prf@0x7ffab4001278 | SKEYID_d PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_d: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 51 c0 1c 9d ff 1a 42 0c 4b 76 55 77 11 61 78 d6 2e f0 37 f6 e1 8d c7 e6 7f 0f 14 39 9f 63 18 1a 2e 71 c9 a9 99 82 d7 6a 46 ba 20 e7 8e 4d 76 92 31 ba 43 b8 86 8f b5 25 e3 ac 1d 78 eb 8f 80 dd 90 90 93 a2 75 9a a3 d2 a3 cf 5b 72 3e 79 18 35 55 6e 70 6b b6 2c ff 0a 2a dc e6 b6 4c 79 8f 9e ab e2 56 c1 a9 e8 f7 bf 2f 89 71 3e 8c 67 7e 58 e7 8f de 5d 18 6d 75 01 40 5a b8 f2 e4 99 91 e4 2b 44 94 5b 69 86 04 04 5b ad 94 b9 e8 5f 2e 31 20 e1 9c da 9f 7d 96 05 d6 34 66 7e 89 14 5d 14 45 ce 74 4e ab 43 21 c8 aa 41 36 33 9e 4e 16 07 48 47 8d cc ca fc d6 a3 36 ee ff 19 ed 5d 22 0a 4c 52 b1 4d 1a ff 6b 7c 6d ce b5 c1 71 b6 da cd b2 98 83 b6 cc aa ef df 5f 6a 79 87 94 ea 8a c8 8e 73 f6 b3 c7 3d d3 76 eb 02 83 7e 70 a6 d0 58 36 bb 0d 0a e3 c7 75 93 fa ca 48 73 f2 92 7d ab | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab4004678 | unwrapped: 2b 30 5e d4 22 8f e8 13 9b 93 13 57 5b 84 c4 3e | unwrapped: af cd cb 51 4b 79 5e 12 d2 27 7f 72 04 f5 4a a6 | unwrapped: 21 28 b1 bb d5 74 fc 71 f5 d1 41 36 fb e5 ea dc | unwrapped: bc 26 b3 dd 9c dc 01 93 01 2d a4 69 4d 6c b9 14 | unwrapped: c0 e9 08 98 26 61 b0 74 98 75 4d 0f d7 a5 f4 33 | unwrapped: 2d 85 86 e4 66 78 18 a1 9f f0 13 08 c0 c8 ff 92 | unwrapped: 6e 7c 26 16 34 3e 9b 92 e9 ee 5e d2 48 69 81 b0 | unwrapped: ba 21 ca e3 e5 71 1b e9 dd c9 ed 52 61 de 2d 66 | unwrapped: b4 d8 cf ce 63 88 94 e8 f4 55 8b bf 87 02 2a fa | unwrapped: e8 f5 07 93 9b 9a 38 1d 38 09 dc f1 16 c9 77 75 | unwrapped: 78 57 49 a2 d2 8f 27 a2 b8 a8 89 b1 29 bd 97 88 | unwrapped: b3 46 fe d6 ea 95 f7 aa de 09 ff 10 09 53 69 a4 | unwrapped: 80 07 29 4e 76 a6 29 eb 7e 0f fd 22 4b c4 ed af | unwrapped: c5 5a 56 dc 65 97 9a 0d d5 37 5e 3b de a0 5f 5c | unwrapped: fa 2d 5a e3 8e fc 5c be 0f 23 47 8b 38 68 9c 9e | unwrapped: 0d 2a 69 9f bb e4 58 b6 63 9e 7b c4 f1 5b d5 b4 | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 21 52 58 7d 18 4e 79 8e | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 27 41 79 e1 0d bd d0 ab | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID_d PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_d: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_a: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a: release clone-key@0x5573f414d560 | SKEYID_a PRF sha crypt-prf@0x7ffab4001548 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f40bfec0 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: b9 7c e9 a8 ee c3 b9 77 32 4c 17 cf 7a c6 4f 28 a2 09 af 90 d1 f7 7c a7 91 25 7d fa 94 87 f0 ef | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab4002148 | unwrapped: 25 f6 49 62 20 45 82 39 73 96 04 11 15 8b af 58 | unwrapped: 27 fd 61 3f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_a: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 51 c0 1c 9d ff 1a 42 0c 4b 76 55 77 11 61 78 d6 2e f0 37 f6 e1 8d c7 e6 7f 0f 14 39 9f 63 18 1a 2e 71 c9 a9 99 82 d7 6a 46 ba 20 e7 8e 4d 76 92 31 ba 43 b8 86 8f b5 25 e3 ac 1d 78 eb 8f 80 dd 90 90 93 a2 75 9a a3 d2 a3 cf 5b 72 3e 79 18 35 55 6e 70 6b b6 2c ff 0a 2a dc e6 b6 4c 79 8f 9e ab e2 56 c1 a9 e8 f7 bf 2f 89 71 3e 8c 67 7e 58 e7 8f de 5d 18 6d 75 01 40 5a b8 f2 e4 99 91 e4 2b 44 94 5b 69 86 04 04 5b ad 94 b9 e8 5f 2e 31 20 e1 9c da 9f 7d 96 05 d6 34 66 7e 89 14 5d 14 45 ce 74 4e ab 43 21 c8 aa 41 36 33 9e 4e 16 07 48 47 8d cc ca fc d6 a3 36 ee ff 19 ed 5d 22 0a 4c 52 b1 4d 1a ff 6b 7c 6d ce b5 c1 71 b6 da cd b2 98 83 b6 cc aa ef df 5f 6a 79 87 94 ea 8a c8 8e 73 f6 b3 c7 3d d3 76 eb 02 83 7e 70 a6 d0 58 36 bb 0d 0a e3 c7 75 93 fa ca 48 73 f2 92 7d ab | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab40018c8 | unwrapped: 2b 30 5e d4 22 8f e8 13 9b 93 13 57 5b 84 c4 3e | unwrapped: af cd cb 51 4b 79 5e 12 d2 27 7f 72 04 f5 4a a6 | unwrapped: 21 28 b1 bb d5 74 fc 71 f5 d1 41 36 fb e5 ea dc | unwrapped: bc 26 b3 dd 9c dc 01 93 01 2d a4 69 4d 6c b9 14 | unwrapped: c0 e9 08 98 26 61 b0 74 98 75 4d 0f d7 a5 f4 33 | unwrapped: 2d 85 86 e4 66 78 18 a1 9f f0 13 08 c0 c8 ff 92 | unwrapped: 6e 7c 26 16 34 3e 9b 92 e9 ee 5e d2 48 69 81 b0 | unwrapped: ba 21 ca e3 e5 71 1b e9 dd c9 ed 52 61 de 2d 66 | unwrapped: b4 d8 cf ce 63 88 94 e8 f4 55 8b bf 87 02 2a fa | unwrapped: e8 f5 07 93 9b 9a 38 1d 38 09 dc f1 16 c9 77 75 | unwrapped: 78 57 49 a2 d2 8f 27 a2 b8 a8 89 b1 29 bd 97 88 | unwrapped: b3 46 fe d6 ea 95 f7 aa de 09 ff 10 09 53 69 a4 | unwrapped: 80 07 29 4e 76 a6 29 eb 7e 0f fd 22 4b c4 ed af | unwrapped: c5 5a 56 dc 65 97 9a 0d d5 37 5e 3b de a0 5f 5c | unwrapped: fa 2d 5a e3 8e fc 5c be 0f 23 47 8b 38 68 9c 9e | unwrapped: 0d 2a 69 9f bb e4 58 b6 63 9e 7b c4 f1 5b d5 b4 | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 21 52 58 7d 18 4e 79 8e | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 27 41 79 e1 0d bd d0 ab | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: final-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414f010 | SKEYID_a PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_a: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_e: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: clone-key@0x5573f414f010 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e: release clone-key@0x5573f414f010 | SKEYID_e PRF sha crypt-prf@0x7ffab4001278 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f414d560 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 6d 61 13 a4 84 51 ad 36 9d ac 1b cd 76 86 28 70 78 40 0a ed 1b 24 4a 92 a4 47 d2 20 16 0d fd f9 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab4001598 | unwrapped: 33 05 cc 92 52 80 4c a2 81 37 5d 48 99 8b 81 0e | unwrapped: 09 1e 07 bb 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_e: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 51 c0 1c 9d ff 1a 42 0c 4b 76 55 77 11 61 78 d6 2e f0 37 f6 e1 8d c7 e6 7f 0f 14 39 9f 63 18 1a 2e 71 c9 a9 99 82 d7 6a 46 ba 20 e7 8e 4d 76 92 31 ba 43 b8 86 8f b5 25 e3 ac 1d 78 eb 8f 80 dd 90 90 93 a2 75 9a a3 d2 a3 cf 5b 72 3e 79 18 35 55 6e 70 6b b6 2c ff 0a 2a dc e6 b6 4c 79 8f 9e ab e2 56 c1 a9 e8 f7 bf 2f 89 71 3e 8c 67 7e 58 e7 8f de 5d 18 6d 75 01 40 5a b8 f2 e4 99 91 e4 2b 44 94 5b 69 86 04 04 5b ad 94 b9 e8 5f 2e 31 20 e1 9c da 9f 7d 96 05 d6 34 66 7e 89 14 5d 14 45 ce 74 4e ab 43 21 c8 aa 41 36 33 9e 4e 16 07 48 47 8d cc ca fc d6 a3 36 ee ff 19 ed 5d 22 0a 4c 52 b1 4d 1a ff 6b 7c 6d ce b5 c1 71 b6 da cd b2 98 83 b6 cc aa ef df 5f 6a 79 87 94 ea 8a c8 8e 73 f6 b3 c7 3d d3 76 eb 02 83 7e 70 a6 d0 58 36 bb 0d 0a e3 c7 75 93 fa ca 48 73 f2 92 7d ab | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab4004678 | unwrapped: 2b 30 5e d4 22 8f e8 13 9b 93 13 57 5b 84 c4 3e | unwrapped: af cd cb 51 4b 79 5e 12 d2 27 7f 72 04 f5 4a a6 | unwrapped: 21 28 b1 bb d5 74 fc 71 f5 d1 41 36 fb e5 ea dc | unwrapped: bc 26 b3 dd 9c dc 01 93 01 2d a4 69 4d 6c b9 14 | unwrapped: c0 e9 08 98 26 61 b0 74 98 75 4d 0f d7 a5 f4 33 | unwrapped: 2d 85 86 e4 66 78 18 a1 9f f0 13 08 c0 c8 ff 92 | unwrapped: 6e 7c 26 16 34 3e 9b 92 e9 ee 5e d2 48 69 81 b0 | unwrapped: ba 21 ca e3 e5 71 1b e9 dd c9 ed 52 61 de 2d 66 | unwrapped: b4 d8 cf ce 63 88 94 e8 f4 55 8b bf 87 02 2a fa | unwrapped: e8 f5 07 93 9b 9a 38 1d 38 09 dc f1 16 c9 77 75 | unwrapped: 78 57 49 a2 d2 8f 27 a2 b8 a8 89 b1 29 bd 97 88 | unwrapped: b3 46 fe d6 ea 95 f7 aa de 09 ff 10 09 53 69 a4 | unwrapped: 80 07 29 4e 76 a6 29 eb 7e 0f fd 22 4b c4 ed af | unwrapped: c5 5a 56 dc 65 97 9a 0d d5 37 5e 3b de a0 5f 5c | unwrapped: fa 2d 5a e3 8e fc 5c be 0f 23 47 8b 38 68 9c 9e | unwrapped: 0d 2a 69 9f bb e4 58 b6 63 9e 7b c4 f1 5b d5 b4 | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 21 52 58 7d 18 4e 79 8e | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 27 41 79 e1 0d bd d0 ab | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1710 | result: final-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150a70 | SKEYID_e PRF sha final-key@0x5573f414f010 (size 20) | SKEYID_e: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1768 | result: keymat-key@0x5573f4150a70 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f40bfec0, skeyid_a 0x5573f414d560, skeyid_e 0x5573f414f010, enc_key 0x5573f4150a70 | DH_i: b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | DH_i: 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | DH_i: 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | DH_i: 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | DH_i: b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | DH_i: 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | DH_i: 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | DH_i: 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | DH_i: bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | DH_i: 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | DH_i: da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | DH_i: b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | DH_i: bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | DH_i: bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | DH_i: db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | DH_i: a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | DH_r: 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | DH_r: d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | DH_r: 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | DH_r: a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | DH_r: 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | DH_r: ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | DH_r: dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | DH_r: 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | DH_r: 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | DH_r: c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | DH_r: 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | DH_r: 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | DH_r: b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | DH_r: 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | DH_r: 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | DH_r: ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | new IV hash sha final chunk@0x7ffab4001598 (length 20) | b4 9d 72 88 40 70 5d 8f 79 ba 80 c7 8c 75 e0 16 | bb d6 d4 85 | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 12 time elapsed 0.001853 seconds | (#11) spent 1.84 milliseconds in crypto helper computing work-order 12: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 12 for state #11 to event queue | scheduling resume sending helper answer for #11 | libevent_malloc: new ptr-libevent@0x7ffab4002098 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 12 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #11: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffab0001158: transferring ownership from helper IKEv1 DH+IV to state #11 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 21 52 58 7d 18 4e 79 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 27 41 79 e1 0d bd d0 ab | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | f9 db 1c 68 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 21 52 58 7d 18 4e 79 8e | natd_hash: rcookie= 27 41 79 e1 0d bd d0 ab | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | natd_hash: hash= f9 db 1c 68 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 21 52 58 7d 18 4e 79 8e | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 27 41 79 e1 0d bd d0 ab | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | f0 59 42 e7 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 21 52 58 7d 18 4e 79 8e | natd_hash: rcookie= 27 41 79 e1 0d bd d0 ab | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | natd_hash: hash= f0 59 42 e7 | expected NAT-D(me): 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | expected NAT-D(me): f9 db 1c 68 | expected NAT-D(him): | a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | f0 59 42 e7 | received NAT-D: 1c ea 36 84 19 98 00 77 b5 25 c4 4f 84 e5 9d fd | received NAT-D: f9 db 1c 68 | received NAT-D: a9 92 0c 9f 6c b0 75 29 80 89 af 87 c6 6a 59 e5 | received NAT-D: f0 59 42 e7 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f4163548 | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 21 52 58 7d 18 4e 79 8e | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 27 41 79 e1 0d bd d0 ab | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | 1c 43 2e 0c ea e2 d4 69 a9 02 5a c8 af 0c df e1 | c3 06 c3 c5 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 1c 43 2e 0c ea e2 d4 69 a9 02 5a c8 af 0c df e1 | HASH_I c3 06 c3 c5 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 1c 43 2e 0c ea e2 d4 69 a9 02 5a c8 af 0c df e1 | encrypting: c3 06 c3 c5 | IV: b4 9d 72 88 40 70 5d 8f 79 ba 80 c7 8c 75 e0 16 | IV: bb d6 d4 85 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 92 ba ab 45 8d fe 3f 63 2c 44 21 47 1a 5b 0c dd | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #11: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffab0005fb8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 05 10 02 01 00 00 00 00 00 00 00 4c ea ee 48 70 | 02 d6 7f 2a 36 24 57 a8 4b c7 fb a1 12 04 26 20 | 2b 75 75 ba 02 95 70 93 46 c9 6e 5f 92 ba ab 45 | 8d fe 3f 63 2c 44 21 47 1a 5b 0c dd | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #11 | libevent_malloc: new ptr-libevent@0x5573f4163368 size 128 | #11 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10451.775951 "aes128" #11: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #11 suppresed complete_v1_state_transition() | #11 spent 0.44 milliseconds in resume sending helper answer | stop processing: state #11 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab4002098 | spent 0.00191 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 05 10 02 01 00 00 00 00 00 00 00 4c 33 60 fe 57 | 3c c5 55 5c d2 f3 b7 b1 bd 28 ba 61 0c 3e 97 6c | 17 1c 5e 76 1c f4 37 c4 57 c3 84 39 07 1a 4d 98 | 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #11 in MAIN_I3 (find_state_ikev1) | start processing: state #11 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #11 is idle | #11 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 92 ba ab 45 8d fe 3f 63 2c 44 21 47 1a 5b 0c dd | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | decrypted payload (starts at offset -48): | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 a1 85 6f c2 | f7 7a 79 f9 e6 1c e3 7f 45 db d1 23 4f 4e 07 7b | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #11: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab4001598 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | 88 d3 b7 dd c1 17 8c 8a 7b f3 62 35 39 d6 e2 8b | d4 39 f4 51 4f e0 90 b6 82 93 23 93 26 c1 6a 11 | 3c af 20 c1 f3 d6 85 2a 45 3b 9a b1 f1 e6 28 d4 | a2 50 1d f1 cc a1 83 3f fa 5d 2c 0a eb ab 3a 55 | 0d 1e 97 25 e7 60 f3 1b b5 c1 64 51 9b f3 68 ca | ed 3c 03 d4 f8 22 47 16 77 a2 a3 e5 7e 62 10 86 | dd 08 f6 0c 1f 5e c9 95 78 33 19 1e 58 35 27 80 | 4e 15 6d d9 fe 92 36 9d 99 66 2f 2d 0e 56 2e 53 | 62 ec 85 86 9b 98 84 e0 94 34 3e a3 c8 46 96 f4 | c2 3d 18 ef 33 c9 57 ff 4f 7b d6 1d d9 09 37 4e | 98 be 04 e3 5f 4a 3c cd 09 15 25 9c 38 5a 2d 7b | 10 a6 e5 8f 10 24 7d a6 c6 1c e9 40 06 19 9d 54 | b7 5b dc 3e dd af de 54 53 18 a0 12 dc 20 38 80 | 69 31 36 f0 93 0e 2d d8 eb 6c b0 e5 72 43 5f e3 | 87 75 e2 20 11 b2 fc 17 2b e5 5e 7e 50 b9 06 53 | ca 63 29 85 99 58 e0 7d 8e ac f2 b5 e9 e4 44 0c | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | b9 c6 ba 1e c7 9d d8 3c a7 93 af 8b 9e 1a 6b e0 | 80 41 14 4f 11 83 f9 42 54 7f 1e 33 16 6f 3c 6b | 67 ae 59 ef 9a 78 93 4a d6 fd f8 cc a1 4a d1 43 | 5e fe b5 9d 9a 67 9e 5f bf 4e 42 55 7e a6 6a 4a | b5 2b e4 85 9e 23 e3 14 90 3c b8 f4 67 38 da ed | 4a e8 5a 33 df c3 4f 04 19 b5 c4 2a e8 f7 92 a8 | 4c 49 7a e1 28 79 a7 d2 06 e9 ec fc f8 a6 12 89 | 9d 62 69 e5 9d 90 95 d3 16 f2 36 5c 10 fa 31 8d | bd 75 9d 0b 64 97 c2 57 31 35 d3 45 eb 3c cc 9c | 0b 5b 58 40 91 72 fc 3a bf 3f 3c e9 b0 11 d8 f0 | da 6e 84 19 29 c9 63 ff 38 28 42 56 1e 7f 6c 86 | b8 16 c7 07 65 75 8d 89 c7 c2 73 ca ce 3b dc a1 | bd 69 73 4d e2 ca 23 c1 b4 3c ba 29 4f 76 1a eb | bc 30 e3 5a a5 c0 fb ce c9 28 d5 08 b4 0e dc 52 | db 98 ab 25 28 20 75 59 be ce cc 78 b9 65 89 d5 | a1 c0 2d 58 72 5b f9 f4 a0 f8 06 5e bc 71 0d 45 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 27 41 79 e1 0d bd d0 ab | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 21 52 58 7d 18 4e 79 8e | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f41555e8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | a1 85 6f c2 f7 7a 79 f9 e6 1c e3 7f 45 db d1 23 | 4f 4e 07 7b | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #11 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #11: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #11 requesting EVENT_RETRANSMIT to be deleted | #11 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2568 seconds for #11 | libevent_malloc: new ptr-libevent@0x7ffab4002098 size 128 | pstats #11 ikev1.isakmp established "aes128" #11: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #11 | creating state object #12 at 0x5573f4166828 | State DB: adding IKEv1 state #12 in UNDEFINED | pstats #12 ikev1.ipsec started | duplicating state object #11 "aes128" as #12 for IPSEC SA | #12 setting local endpoint to 192.1.2.45:500 from #11.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_d_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ai_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f4150a70 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #11 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #12 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #12: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #12: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#11 msgid:9a3f9850 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 13 for state #12 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x5573f4165a78 size 128 | stop processing: state #12 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 5 resuming | crypto helper 5 starting work-order 13 for state #12 | resume processing: state #11 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 13 | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f4161aa8} | close_any(fd@24) (in release_whack() at state.c:654) | NSS: Value of Prime: | #11 spent 0.323 milliseconds in process_packet_tail() | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | stop processing: state #11 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.466 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7ffaa8006b98: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffaa8006b98 | NSS: Public DH wire value: | 5b 23 dd 27 4a da ea 4c d5 52 6a 9a b5 f5 cb f3 | d7 67 d3 c9 99 2a 88 3c c6 89 84 a8 0c 1c f8 63 | 1e b7 b2 e4 17 6c af 05 66 66 8b 06 3b 64 82 bc | f5 83 4c f6 2d 8a b6 9e a7 4e dc 06 74 43 2d ef | 5f e7 63 9e f0 37 d8 92 69 3d a7 92 32 f7 a8 c7 | 7b 9d 50 dd 69 d7 90 a2 b6 16 07 b6 27 bc 6d e1 | 62 52 40 5b 34 e4 d9 3e 4d d1 b9 ac db 8e 63 4f | f8 24 6c 9a fc a3 18 fc 55 68 81 48 60 80 b0 3f | 22 ad e8 a5 79 bb d2 41 7b ae c3 06 5f bc 75 39 | db e6 41 ee 55 a8 6e 30 49 1f 09 eb b3 d1 bc 3d | 6f 37 a6 73 a0 9e dc 87 20 bb 92 0e b2 90 db f8 | fc d9 b3 25 d0 5e 42 fc 3e 58 9b c4 76 19 ec 79 | 43 15 39 96 02 5f e3 bb dd 20 56 a2 71 38 75 5f | 75 51 f0 c8 29 fe 1f 6e 45 23 51 64 b3 ba 77 29 | 14 43 b5 49 11 71 37 0c f5 ff 6d a5 47 bb 49 f4 | 9a cc 7c 4a 6c 4b f7 0a 01 23 99 c3 9a 72 cf 61 | Generated nonce: 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | Generated nonce: c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 13 time elapsed 0.000958 seconds | (#12) spent 0.951 milliseconds in crypto helper computing work-order 13: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 13 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7ffaa8003ad8 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 13 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #12: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2587859024 (0x9a3f9850) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0xd3f3114f for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI d3 f3 11 4f | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | Ni c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from helper KE to state #12 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 5b 23 dd 27 4a da ea 4c d5 52 6a 9a b5 f5 cb f3 | keyex value d7 67 d3 c9 99 2a 88 3c c6 89 84 a8 0c 1c f8 63 | keyex value 1e b7 b2 e4 17 6c af 05 66 66 8b 06 3b 64 82 bc | keyex value f5 83 4c f6 2d 8a b6 9e a7 4e dc 06 74 43 2d ef | keyex value 5f e7 63 9e f0 37 d8 92 69 3d a7 92 32 f7 a8 c7 | keyex value 7b 9d 50 dd 69 d7 90 a2 b6 16 07 b6 27 bc 6d e1 | keyex value 62 52 40 5b 34 e4 d9 3e 4d d1 b9 ac db 8e 63 4f | keyex value f8 24 6c 9a fc a3 18 fc 55 68 81 48 60 80 b0 3f | keyex value 22 ad e8 a5 79 bb d2 41 7b ae c3 06 5f bc 75 39 | keyex value db e6 41 ee 55 a8 6e 30 49 1f 09 eb b3 d1 bc 3d | keyex value 6f 37 a6 73 a0 9e dc 87 20 bb 92 0e b2 90 db f8 | keyex value fc d9 b3 25 d0 5e 42 fc 3e 58 9b c4 76 19 ec 79 | keyex value 43 15 39 96 02 5f e3 bb dd 20 56 a2 71 38 75 5f | keyex value 75 51 f0 c8 29 fe 1f 6e 45 23 51 64 b3 ba 77 29 | keyex value 14 43 b5 49 11 71 37 0c f5 ff 6d a5 47 bb 49 f4 | keyex value 9a cc 7c 4a 6c 4b f7 0a 01 23 99 c3 9a 72 cf 61 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f416e348 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | 9a 3f 98 50 | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 d3 f3 11 4f 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 6e a3 02 df | e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 c4 35 46 f9 | 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 05 00 01 04 | 5b 23 dd 27 4a da ea 4c d5 52 6a 9a b5 f5 cb f3 | d7 67 d3 c9 99 2a 88 3c c6 89 84 a8 0c 1c f8 63 | 1e b7 b2 e4 17 6c af 05 66 66 8b 06 3b 64 82 bc | f5 83 4c f6 2d 8a b6 9e a7 4e dc 06 74 43 2d ef | 5f e7 63 9e f0 37 d8 92 69 3d a7 92 32 f7 a8 c7 | 7b 9d 50 dd 69 d7 90 a2 b6 16 07 b6 27 bc 6d e1 | 62 52 40 5b 34 e4 d9 3e 4d d1 b9 ac db 8e 63 4f | f8 24 6c 9a fc a3 18 fc 55 68 81 48 60 80 b0 3f | 22 ad e8 a5 79 bb d2 41 7b ae c3 06 5f bc 75 39 | db e6 41 ee 55 a8 6e 30 49 1f 09 eb b3 d1 bc 3d | 6f 37 a6 73 a0 9e dc 87 20 bb 92 0e b2 90 db f8 | fc d9 b3 25 d0 5e 42 fc 3e 58 9b c4 76 19 ec 79 | 43 15 39 96 02 5f e3 bb dd 20 56 a2 71 38 75 5f | 75 51 f0 c8 29 fe 1f 6e 45 23 51 64 b3 ba 77 29 | 14 43 b5 49 11 71 37 0c f5 ff 6d a5 47 bb 49 f4 | 9a cc 7c 4a 6c 4b f7 0a 01 23 99 c3 9a 72 cf 61 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | db 74 51 e5 94 34 8a d3 12 d7 5c 8a 24 43 79 09 | 25 4a a1 af | outI1 HASH(1): | db 74 51 e5 94 34 8a d3 12 d7 5c 8a 24 43 79 09 | 25 4a a1 af | last Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | current Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | 9a 3f 98 50 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | c7 8a cd d5 4d 47 88 4b 8e a7 c1 4c 8f 29 d2 e9 | af a1 11 0b | encrypting: 01 00 00 18 db 74 51 e5 94 34 8a d3 12 d7 5c 8a | encrypting: 24 43 79 09 25 4a a1 af 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 d3 f3 11 4f | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 | encrypting: 2a 49 f2 b4 c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba | encrypting: 46 04 e8 f9 05 00 01 04 5b 23 dd 27 4a da ea 4c | encrypting: d5 52 6a 9a b5 f5 cb f3 d7 67 d3 c9 99 2a 88 3c | encrypting: c6 89 84 a8 0c 1c f8 63 1e b7 b2 e4 17 6c af 05 | encrypting: 66 66 8b 06 3b 64 82 bc f5 83 4c f6 2d 8a b6 9e | encrypting: a7 4e dc 06 74 43 2d ef 5f e7 63 9e f0 37 d8 92 | encrypting: 69 3d a7 92 32 f7 a8 c7 7b 9d 50 dd 69 d7 90 a2 | encrypting: b6 16 07 b6 27 bc 6d e1 62 52 40 5b 34 e4 d9 3e | encrypting: 4d d1 b9 ac db 8e 63 4f f8 24 6c 9a fc a3 18 fc | encrypting: 55 68 81 48 60 80 b0 3f 22 ad e8 a5 79 bb d2 41 | encrypting: 7b ae c3 06 5f bc 75 39 db e6 41 ee 55 a8 6e 30 | encrypting: 49 1f 09 eb b3 d1 bc 3d 6f 37 a6 73 a0 9e dc 87 | encrypting: 20 bb 92 0e b2 90 db f8 fc d9 b3 25 d0 5e 42 fc | encrypting: 3e 58 9b c4 76 19 ec 79 43 15 39 96 02 5f e3 bb | encrypting: dd 20 56 a2 71 38 75 5f 75 51 f0 c8 29 fe 1f 6e | encrypting: 45 23 51 64 b3 ba 77 29 14 43 b5 49 11 71 37 0c | encrypting: f5 ff 6d a5 47 bb 49 f4 9a cc 7c 4a 6c 4b f7 0a | encrypting: 01 23 99 c3 9a 72 cf 61 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: c7 8a cd d5 4d 47 88 4b 8e a7 c1 4c 8f 29 d2 e9 | IV: af a1 11 0b | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 06 a5 76 92 e5 9c 86 cb a9 a1 7e 1a 94 94 10 2b | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 20 01 9a 3f 98 50 00 00 01 bc 0f 8a cc f6 | 70 09 e1 be 52 1a 41 cd 23 98 11 9e 58 dc 9c 13 | 9a 4b e6 bd 94 7b 70 64 92 31 34 83 ae f2 92 e3 | 35 88 57 62 58 22 eb 23 94 a9 47 50 eb 52 fb aa | 83 5a 5c 82 61 bb b5 b0 7d c1 ca fe e9 21 01 3e | 67 ad bb ba 18 c0 fd f4 9b 07 5a ab f5 fa 9a 6e | 54 81 71 1c 21 37 02 3f b1 83 c7 03 7c 8b c6 7d | 07 b6 08 7a 53 2f b5 62 c5 a7 2b c4 4b 5e 37 7d | e6 ca b1 0d 47 2d 89 15 ba cd b0 49 c1 a4 be c1 | d4 bd 9d 7f b1 41 63 27 1b ec f7 55 cc c7 f3 87 | 1d dc 99 fd a5 2b 96 17 37 db 46 44 01 e1 49 50 | 49 d2 d5 25 49 94 23 6b 58 bf c3 ce 97 d5 41 3a | e3 33 17 7a a6 a7 5c cc 91 f0 87 6c 7c ec 07 71 | 02 6f 6e 82 17 2b 40 7c 6b 56 fe 06 f0 9b 35 b0 | 4d fa 89 4a 80 53 ed b8 44 af b6 0e d3 21 10 c7 | 24 65 e2 86 d5 32 3e 22 bf be fb 4b 30 c8 5c f5 | ab 0d c2 32 34 54 c2 19 88 10 4f 99 54 66 30 f0 | 30 f0 73 fd 07 c1 31 8e 38 19 f1 ec f2 86 b3 17 | 61 5e 06 5c 85 f2 69 b0 d1 5c 8f c8 9f 4d f7 b0 | b2 52 2c f3 cf ae 74 ba a7 cd f1 68 cc 43 3d 53 | cc c0 cb 38 95 85 8d 73 9e 9e c6 62 b5 e8 1c 4d | fd 7b c7 1f c9 70 9f 56 51 41 06 ee 8b 86 18 26 | f9 15 9a e1 c6 ce 87 1f 06 5d cf f9 58 14 02 74 | a7 fe 7f 00 7a 10 a9 31 18 7e 0f 0f 2b e6 f1 d5 | d8 f7 e5 8c cd a1 82 08 63 f1 56 17 95 8d fb 7f | d3 bf bd 4f b2 db 82 d9 55 39 74 16 06 a5 76 92 | e5 9c 86 cb a9 a1 7e 1a 94 94 10 2b | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4165a78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #12 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | #12 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10451.778532 | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 0.44 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaa8003ad8 | spent 0.00386 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 20 01 9a 3f 98 50 00 00 01 bc 75 fb c1 09 | 67 05 a1 b0 da 75 b4 34 e6 ea 88 af 50 dd 25 c1 | ea 7d 04 ac f1 d2 2f ca 3a 9d 68 92 60 ab b2 e4 | ad 08 71 b2 5c 93 cb 05 85 6a bf e2 aa dc fd 62 | 59 a9 f0 69 5e 22 f2 3a 76 b0 e8 cf 40 7f 1c 66 | 55 03 32 7b 84 49 a2 a7 86 a2 70 e3 6e f3 9c 24 | 1b b5 4c 80 ed 70 3d 45 ce e3 44 fe 1d 7e 0c 0c | 22 f4 fc 1d f0 2a 1b 29 5a 60 ed 98 01 e7 d5 c3 | a0 bf d0 5a 36 29 af 24 ea da fb 64 b0 30 bf 64 | 2e de 19 e0 08 38 11 a5 46 ed 3b b7 df 70 4c 60 | 13 9d 72 5b cd cc 30 f9 e9 aa f4 0c 11 5c 4f dc | ac e3 4a 25 f1 1e 90 4d fc bb c9 d8 91 14 05 30 | 26 4e ae 70 d4 76 6f 4c e0 e7 b4 fb ec f3 0b a8 | 6c de 0d 39 b0 1e d4 5d cd 2a 45 e0 4e e2 0f 85 | 7b c8 0e a1 77 71 9a bd ed 8b 79 f3 8d 3b 5a 76 | b7 34 7f 02 93 99 32 b9 ea 41 84 ac d1 f3 7c f3 | 83 55 aa 0f f7 e5 c9 b1 25 9a 5e 23 7b 57 e1 76 | 6f c7 c7 cb 1b 49 0e 19 88 b9 5c c0 c9 eb 94 be | 9d 07 fd cd 3f 85 97 a7 3a 64 31 d7 4e b3 85 d3 | a4 35 66 2b 5b cd eb 5e f2 9f 0f 8f 7e d5 a7 bf | b8 23 0f 4c 2c d5 2b 03 39 5a 6e 92 24 c6 8a 0e | f3 ff 9e 02 b6 50 02 e5 c9 34 85 e4 99 86 18 b7 | 36 f0 c7 b2 00 79 28 ed 96 1d 83 77 85 34 e3 7f | b5 2f cc ba c8 a5 ae 49 a4 a5 6b 56 81 95 52 02 | 18 a7 a8 dd 82 d9 f6 fe a9 7c 52 8f 58 5a db 8a | e5 46 ec 1d d8 38 88 79 a5 c1 27 dd 95 4f c8 1a | 27 a0 68 c2 5c 8a ac af 9c 5f 0f 43 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2587859024 (0x9a3f9850) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #12 in QUICK_I1 (find_state_ikev1) | start processing: state #12 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #12 is idle | #12 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: 06 a5 76 92 e5 9c 86 cb a9 a1 7e 1a 94 94 10 2b | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 95 4f c8 1a 27 a0 68 c2 5c 8a ac af 9c 5f 0f 43 | decrypted payload (starts at offset -416): | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 20 01 9a 3f 98 50 00 00 01 bc 01 00 00 18 | 36 cb ba 54 1f f1 8a 21 e3 61 9a 8f a7 36 d5 51 | 39 15 11 21 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 05 56 2b 77 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | 05 00 01 04 e9 54 e8 63 c6 0b 24 d2 fa a5 b0 3d | c7 94 ec 09 dc 1e 31 3e 7d eb 82 0a d9 ce d0 dc | 9e 5d 4e 17 d5 ed 9a eb 1a 54 2b 37 fd 2a 85 6c | fe 13 2c 0e b8 72 41 f6 8f f5 f9 ee 18 bf 42 4c | 6f fa 39 3c e7 1b e5 e0 e4 bd c8 e4 09 f4 ff 54 | f6 a6 90 34 74 5c ba e0 5b 75 5f 45 6a a3 da 00 | e9 45 56 01 c2 9a 96 3a 47 c3 62 8e 48 23 23 43 | c4 fb 18 9b d4 4b d1 da 19 ac 59 e8 70 ea f5 6b | 5c b9 40 08 ba f9 91 5d b0 18 87 ab 69 88 1c f6 | 6f 0d b1 ca d1 05 45 8a 1e 55 49 2a b4 1f a6 fe | 7f ef e9 25 c0 cc ba 81 42 69 af 26 77 af 54 39 | 6b 8f 36 dd da d9 be 10 8c e9 ba 85 22 50 86 e2 | f3 74 e8 9d 30 e8 34 6c 9d e9 58 c9 3c 09 e6 fc | ff a9 36 eb af ba 5c cd 75 47 27 95 6d 97 0f 8b | f6 11 89 ea 49 b6 66 ad 42 85 c5 cc 91 09 01 63 | cb a5 42 56 03 6e 86 b9 c5 74 9d 11 99 62 8c 68 | 85 eb 32 cc 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f416e348 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | 9a 3f 98 50 | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | HASH(1) PRF sha update payload-bytes@0x5573f416896c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 05 56 2b 77 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 05 e4 a2 67 | 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 98 35 b3 21 | 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b 05 00 01 04 | e9 54 e8 63 c6 0b 24 d2 fa a5 b0 3d c7 94 ec 09 | dc 1e 31 3e 7d eb 82 0a d9 ce d0 dc 9e 5d 4e 17 | d5 ed 9a eb 1a 54 2b 37 fd 2a 85 6c fe 13 2c 0e | b8 72 41 f6 8f f5 f9 ee 18 bf 42 4c 6f fa 39 3c | e7 1b e5 e0 e4 bd c8 e4 09 f4 ff 54 f6 a6 90 34 | 74 5c ba e0 5b 75 5f 45 6a a3 da 00 e9 45 56 01 | c2 9a 96 3a 47 c3 62 8e 48 23 23 43 c4 fb 18 9b | d4 4b d1 da 19 ac 59 e8 70 ea f5 6b 5c b9 40 08 | ba f9 91 5d b0 18 87 ab 69 88 1c f6 6f 0d b1 ca | d1 05 45 8a 1e 55 49 2a b4 1f a6 fe 7f ef e9 25 | c0 cc ba 81 42 69 af 26 77 af 54 39 6b 8f 36 dd | da d9 be 10 8c e9 ba 85 22 50 86 e2 f3 74 e8 9d | 30 e8 34 6c 9d e9 58 c9 3c 09 e6 fc ff a9 36 eb | af ba 5c cd 75 47 27 95 6d 97 0f 8b f6 11 89 ea | 49 b6 66 ad 42 85 c5 cc 91 09 01 63 cb a5 42 56 | 03 6e 86 b9 c5 74 9d 11 99 62 8c 68 85 eb 32 cc | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | 36 cb ba 54 1f f1 8a 21 e3 61 9a 8f a7 36 d5 51 | 39 15 11 21 | quick_inR1_outI2 HASH(2): | 36 cb ba 54 1f f1 8a 21 e3 61 9a 8f a7 36 d5 51 | 39 15 11 21 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 05 56 2b 77 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | e9 54 e8 63 c6 0b 24 d2 fa a5 b0 3d c7 94 ec 09 | dc 1e 31 3e 7d eb 82 0a d9 ce d0 dc 9e 5d 4e 17 | d5 ed 9a eb 1a 54 2b 37 fd 2a 85 6c fe 13 2c 0e | b8 72 41 f6 8f f5 f9 ee 18 bf 42 4c 6f fa 39 3c | e7 1b e5 e0 e4 bd c8 e4 09 f4 ff 54 f6 a6 90 34 | 74 5c ba e0 5b 75 5f 45 6a a3 da 00 e9 45 56 01 | c2 9a 96 3a 47 c3 62 8e 48 23 23 43 c4 fb 18 9b | d4 4b d1 da 19 ac 59 e8 70 ea f5 6b 5c b9 40 08 | ba f9 91 5d b0 18 87 ab 69 88 1c f6 6f 0d b1 ca | d1 05 45 8a 1e 55 49 2a b4 1f a6 fe 7f ef e9 25 | c0 cc ba 81 42 69 af 26 77 af 54 39 6b 8f 36 dd | da d9 be 10 8c e9 ba 85 22 50 86 e2 f3 74 e8 9d | 30 e8 34 6c 9d e9 58 c9 3c 09 e6 fc ff a9 36 eb | af ba 5c cd 75 47 27 95 6d 97 0f 8b f6 11 89 ea | 49 b6 66 ad 42 85 c5 cc 91 09 01 63 cb a5 42 56 | 03 6e 86 b9 c5 74 9d 11 99 62 8c 68 85 eb 32 cc | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from state #12 to helper IKEv1 DH | adding quick outI2 DH work-order 14 for state #12 | state #12 requesting EVENT_RETRANSMIT to be deleted | #12 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #12 | libevent_malloc: new ptr-libevent@0x7ffaa8003ad8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #12 and saving MD | #12 is busy; has a suspended MD | #12 spent 0.162 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #12 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.5 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 6 resuming | crypto helper 6 starting work-order 14 for state #12 | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 | peer's g: e9 54 e8 63 c6 0b 24 d2 fa a5 b0 3d c7 94 ec 09 | peer's g: dc 1e 31 3e 7d eb 82 0a d9 ce d0 dc 9e 5d 4e 17 | peer's g: d5 ed 9a eb 1a 54 2b 37 fd 2a 85 6c fe 13 2c 0e | peer's g: b8 72 41 f6 8f f5 f9 ee 18 bf 42 4c 6f fa 39 3c | peer's g: e7 1b e5 e0 e4 bd c8 e4 09 f4 ff 54 f6 a6 90 34 | peer's g: 74 5c ba e0 5b 75 5f 45 6a a3 da 00 e9 45 56 01 | peer's g: c2 9a 96 3a 47 c3 62 8e 48 23 23 43 c4 fb 18 9b | peer's g: d4 4b d1 da 19 ac 59 e8 70 ea f5 6b 5c b9 40 08 | peer's g: ba f9 91 5d b0 18 87 ab 69 88 1c f6 6f 0d b1 ca | peer's g: d1 05 45 8a 1e 55 49 2a b4 1f a6 fe 7f ef e9 25 | peer's g: c0 cc ba 81 42 69 af 26 77 af 54 39 6b 8f 36 dd | peer's g: da d9 be 10 8c e9 ba 85 22 50 86 e2 f3 74 e8 9d | peer's g: 30 e8 34 6c 9d e9 58 c9 3c 09 e6 fc ff a9 36 eb | peer's g: af ba 5c cd 75 47 27 95 6d 97 0f 8b f6 11 89 ea | peer's g: 49 b6 66 ad 42 85 c5 cc 91 09 01 63 cb a5 42 56 | peer's g: 03 6e 86 b9 c5 74 9d 11 99 62 8c 68 85 eb 32 cc | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffaa8006b98: computed shared DH secret key@0x5573f41619f0 | dh-shared : g^ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 14 time elapsed 0.000616 seconds | (#12) spent 0.606 milliseconds in crypto helper computing work-order 14: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 14 for state #12 to event queue | scheduling resume sending helper answer for #12 | libevent_malloc: new ptr-libevent@0x7ffaac0027d8 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #12 | start processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 14 | calling continuation function 0x5573f2c98b50 | quick_inR1_outI2_continue for #12: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2587859024 (0x9a3f9850) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from helper IKEv1 DH to state #12 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0b08 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x7ffab4001598 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0bec (length 4) | 9a 3f 98 50 | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | HASH(1) PRF sha update Nr_b-bytes@0x5573f4163548 (length 32) | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 0d 59 a7 9e b2 14 27 6d ee ae 67 64 61 0e af 53 | 25 c4 31 9a | quick_inR1_outI2 HASH(3): | 0d 59 a7 9e b2 14 27 6d ee ae 67 64 61 0e af 53 | 25 c4 31 9a | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x5573f416e348 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f4162fc8 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ee 48 d6 d1 0c 9d 93 bd 23 47 4a 4a a9 e7 50 a0 b3 a8 29 6a aa 53 8c c1 af f5 65 24 a3 91 49 4e 23 80 91 0c b1 20 4c cb 52 d9 14 7e c0 14 4c 83 10 73 37 ba b7 ad cb 4e ec 75 8c 37 a6 4f 89 d9 d7 55 f2 cc 79 e9 61 29 f1 a2 44 97 ce 83 29 ff 95 fb 33 cb 90 55 3c f3 25 be bc d3 5b 8d 1d 16 40 09 58 42 67 41 de 92 c5 7d b3 c9 74 e2 45 15 f6 19 3c 4b 1e 70 32 55 72 a7 92 b9 ec a3 1b 20 e6 1c 77 41 b5 a9 91 59 b0 89 fa ae b2 b7 b3 cd 83 44 cc 51 94 80 7a 2c f8 ce c3 b0 bf 77 e0 b9 12 b5 89 3d 14 e4 83 2d 51 60 95 4b 03 bb 30 12 42 f8 2b 23 c8 91 e1 13 36 8f 20 f2 b9 bc 4a 4b 0e a8 07 d8 bc 7d af c5 c9 59 f5 9b 5e d9 51 c6 a1 4d 9a 87 9a 50 d8 fd 78 db 39 1b 6d d6 9f 04 62 bf d1 d3 59 9c 7b 33 31 b0 cd b2 96 34 36 49 a1 a5 11 e2 14 73 af 2a 67 ce d1 99 6d 5d d2 ed | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 34 20 84 ce 8a e4 af b4 23 3c 4d f5 84 1d e4 cd | unwrapped: 59 89 a2 3e 21 1f 4d eb b9 21 bb e9 17 9b 08 17 | unwrapped: 6b de 40 cb 8b 3b 66 a7 31 5e e7 78 2b 75 29 84 | unwrapped: 9e 85 dd b4 d0 cd 4f 6a f8 62 33 17 af 0f 8e 0b | unwrapped: f5 85 ce 85 d7 98 d2 ff 4a 10 b7 fb c8 99 75 00 | unwrapped: d7 65 32 2b 81 2f fa 72 59 b8 f0 b5 7c 09 0d ec | unwrapped: 2f ba 0c bd 92 6c 6e 6b b3 26 3e 51 c7 4f 5c 78 | unwrapped: 0a eb e9 72 a0 a4 39 a7 39 e9 b9 e4 34 6a 40 0e | unwrapped: a4 5f be 83 14 83 f3 65 df df d0 3b fa 0d 76 0e | unwrapped: 1a 2d 06 c6 68 61 e4 4a ba 23 5f 22 f6 fc 0e cd | unwrapped: e7 9d 25 34 89 d1 d5 38 b5 70 83 eb be ff ec da | unwrapped: 20 76 37 ba 48 27 94 5f f4 7a 5c f5 84 47 42 53 | unwrapped: 43 82 8c 5c 11 0d 1b bc e2 b3 5b f8 14 b6 11 5b | unwrapped: 79 c4 42 78 fe 27 b9 bf bf 4f fb 73 4a 9e f6 db | unwrapped: bb ff d3 5b 8c 81 06 3e 53 61 e9 0d 0a 21 0d c6 | unwrapped: 8f 26 e4 b0 44 ad c2 45 ef 14 94 ae 16 f9 06 19 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ee 48 d6 d1 0c 9d 93 bd 23 47 4a 4a a9 e7 50 a0 b3 a8 29 6a aa 53 8c c1 af f5 65 24 a3 91 49 4e 23 80 91 0c b1 20 4c cb 52 d9 14 7e c0 14 4c 83 10 73 37 ba b7 ad cb 4e ec 75 8c 37 a6 4f 89 d9 d7 55 f2 cc 79 e9 61 29 f1 a2 44 97 ce 83 29 ff 95 fb 33 cb 90 55 3c f3 25 be bc d3 5b 8d 1d 16 40 09 58 42 67 41 de 92 c5 7d b3 c9 74 e2 45 15 f6 19 3c 4b 1e 70 32 55 72 a7 92 b9 ec a3 1b 20 e6 1c 77 41 b5 a9 91 59 b0 89 fa ae b2 b7 b3 cd 83 44 cc 51 94 80 7a 2c f8 ce c3 b0 bf 77 e0 b9 12 b5 89 3d 14 e4 83 2d 51 60 95 4b 03 bb 30 12 42 f8 2b 23 c8 91 e1 13 36 8f 20 f2 b9 bc 4a 4b 0e a8 07 d8 bc 7d af c5 c9 59 f5 9b 5e d9 51 c6 a1 4d 9a 87 9a 50 d8 fd 78 db 39 1b 6d d6 9f 04 62 bf d1 d3 59 9c 7b 33 31 b0 cd b2 96 34 36 49 a1 a5 11 e2 14 73 af 2a 67 ce d1 99 6d 5d d2 ed | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 34 20 84 ce 8a e4 af b4 23 3c 4d f5 84 1d e4 cd | unwrapped: 59 89 a2 3e 21 1f 4d eb b9 21 bb e9 17 9b 08 17 | unwrapped: 6b de 40 cb 8b 3b 66 a7 31 5e e7 78 2b 75 29 84 | unwrapped: 9e 85 dd b4 d0 cd 4f 6a f8 62 33 17 af 0f 8e 0b | unwrapped: f5 85 ce 85 d7 98 d2 ff 4a 10 b7 fb c8 99 75 00 | unwrapped: d7 65 32 2b 81 2f fa 72 59 b8 f0 b5 7c 09 0d ec | unwrapped: 2f ba 0c bd 92 6c 6e 6b b3 26 3e 51 c7 4f 5c 78 | unwrapped: 0a eb e9 72 a0 a4 39 a7 39 e9 b9 e4 34 6a 40 0e | unwrapped: a4 5f be 83 14 83 f3 65 df df d0 3b fa 0d 76 0e | unwrapped: 1a 2d 06 c6 68 61 e4 4a ba 23 5f 22 f6 fc 0e cd | unwrapped: e7 9d 25 34 89 d1 d5 38 b5 70 83 eb be ff ec da | unwrapped: 20 76 37 ba 48 27 94 5f f4 7a 5c f5 84 47 42 53 | unwrapped: 43 82 8c 5c 11 0d 1b bc e2 b3 5b f8 14 b6 11 5b | unwrapped: 79 c4 42 78 fe 27 b9 bf bf 4f fb 73 4a 9e f6 db | unwrapped: bb ff d3 5b 8c 81 06 3e 53 61 e9 0d 0a 21 0d c6 | unwrapped: 8f 26 e4 b0 44 ad c2 45 ef 14 94 ae 16 f9 06 19 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | d3 f3 11 4f | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 05 56 2b 77 | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | hmac PRF sha update data-bytes@0x5573f4163548 (length 32) | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | hmac PRF sha update data-bytes@0x5573f4163548 (length 32) | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | hmac PRF sha final-bytes@0x7ffab0006af8 (length 20) | 18 3b b5 ef 7d 35 64 3f dc 27 bb e2 78 e5 2a da | c8 55 0c eb | hmac PRF sha final-bytes@0x5573f414a178 (length 20) | de 99 24 f2 66 98 f9 64 79 4c 4a 49 8b 7c ea fa | b9 99 5f 99 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f4163368 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x7ffab4001598 | hmac PRF sha update data-bytes@0x7ffab0006af8 (length 20) | 18 3b b5 ef 7d 35 64 3f dc 27 bb e2 78 e5 2a da | c8 55 0c eb | hmac PRF sha update data-bytes@0x5573f414a178 (length 20) | de 99 24 f2 66 98 f9 64 79 4c 4a 49 8b 7c ea fa | b9 99 5f 99 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ee 48 d6 d1 0c 9d 93 bd 23 47 4a 4a a9 e7 50 a0 b3 a8 29 6a aa 53 8c c1 af f5 65 24 a3 91 49 4e 23 80 91 0c b1 20 4c cb 52 d9 14 7e c0 14 4c 83 10 73 37 ba b7 ad cb 4e ec 75 8c 37 a6 4f 89 d9 d7 55 f2 cc 79 e9 61 29 f1 a2 44 97 ce 83 29 ff 95 fb 33 cb 90 55 3c f3 25 be bc d3 5b 8d 1d 16 40 09 58 42 67 41 de 92 c5 7d b3 c9 74 e2 45 15 f6 19 3c 4b 1e 70 32 55 72 a7 92 b9 ec a3 1b 20 e6 1c 77 41 b5 a9 91 59 b0 89 fa ae b2 b7 b3 cd 83 44 cc 51 94 80 7a 2c f8 ce c3 b0 bf 77 e0 b9 12 b5 89 3d 14 e4 83 2d 51 60 95 4b 03 bb 30 12 42 f8 2b 23 c8 91 e1 13 36 8f 20 f2 b9 bc 4a 4b 0e a8 07 d8 bc 7d af c5 c9 59 f5 9b 5e d9 51 c6 a1 4d 9a 87 9a 50 d8 fd 78 db 39 1b 6d d6 9f 04 62 bf d1 d3 59 9c 7b 33 31 b0 cd b2 96 34 36 49 a1 a5 11 e2 14 73 af 2a 67 ce d1 99 6d 5d d2 ed | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 34 20 84 ce 8a e4 af b4 23 3c 4d f5 84 1d e4 cd | unwrapped: 59 89 a2 3e 21 1f 4d eb b9 21 bb e9 17 9b 08 17 | unwrapped: 6b de 40 cb 8b 3b 66 a7 31 5e e7 78 2b 75 29 84 | unwrapped: 9e 85 dd b4 d0 cd 4f 6a f8 62 33 17 af 0f 8e 0b | unwrapped: f5 85 ce 85 d7 98 d2 ff 4a 10 b7 fb c8 99 75 00 | unwrapped: d7 65 32 2b 81 2f fa 72 59 b8 f0 b5 7c 09 0d ec | unwrapped: 2f ba 0c bd 92 6c 6e 6b b3 26 3e 51 c7 4f 5c 78 | unwrapped: 0a eb e9 72 a0 a4 39 a7 39 e9 b9 e4 34 6a 40 0e | unwrapped: a4 5f be 83 14 83 f3 65 df df d0 3b fa 0d 76 0e | unwrapped: 1a 2d 06 c6 68 61 e4 4a ba 23 5f 22 f6 fc 0e cd | unwrapped: e7 9d 25 34 89 d1 d5 38 b5 70 83 eb be ff ec da | unwrapped: 20 76 37 ba 48 27 94 5f f4 7a 5c f5 84 47 42 53 | unwrapped: 43 82 8c 5c 11 0d 1b bc e2 b3 5b f8 14 b6 11 5b | unwrapped: 79 c4 42 78 fe 27 b9 bf bf 4f fb 73 4a 9e f6 db | unwrapped: bb ff d3 5b 8c 81 06 3e 53 61 e9 0d 0a 21 0d c6 | unwrapped: 8f 26 e4 b0 44 ad c2 45 ef 14 94 ae 16 f9 06 19 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ee 48 d6 d1 0c 9d 93 bd 23 47 4a 4a a9 e7 50 a0 b3 a8 29 6a aa 53 8c c1 af f5 65 24 a3 91 49 4e 23 80 91 0c b1 20 4c cb 52 d9 14 7e c0 14 4c 83 10 73 37 ba b7 ad cb 4e ec 75 8c 37 a6 4f 89 d9 d7 55 f2 cc 79 e9 61 29 f1 a2 44 97 ce 83 29 ff 95 fb 33 cb 90 55 3c f3 25 be bc d3 5b 8d 1d 16 40 09 58 42 67 41 de 92 c5 7d b3 c9 74 e2 45 15 f6 19 3c 4b 1e 70 32 55 72 a7 92 b9 ec a3 1b 20 e6 1c 77 41 b5 a9 91 59 b0 89 fa ae b2 b7 b3 cd 83 44 cc 51 94 80 7a 2c f8 ce c3 b0 bf 77 e0 b9 12 b5 89 3d 14 e4 83 2d 51 60 95 4b 03 bb 30 12 42 f8 2b 23 c8 91 e1 13 36 8f 20 f2 b9 bc 4a 4b 0e a8 07 d8 bc 7d af c5 c9 59 f5 9b 5e d9 51 c6 a1 4d 9a 87 9a 50 d8 fd 78 db 39 1b 6d d6 9f 04 62 bf d1 d3 59 9c 7b 33 31 b0 cd b2 96 34 36 49 a1 a5 11 e2 14 73 af 2a 67 ce d1 99 6d 5d d2 ed | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 34 20 84 ce 8a e4 af b4 23 3c 4d f5 84 1d e4 cd | unwrapped: 59 89 a2 3e 21 1f 4d eb b9 21 bb e9 17 9b 08 17 | unwrapped: 6b de 40 cb 8b 3b 66 a7 31 5e e7 78 2b 75 29 84 | unwrapped: 9e 85 dd b4 d0 cd 4f 6a f8 62 33 17 af 0f 8e 0b | unwrapped: f5 85 ce 85 d7 98 d2 ff 4a 10 b7 fb c8 99 75 00 | unwrapped: d7 65 32 2b 81 2f fa 72 59 b8 f0 b5 7c 09 0d ec | unwrapped: 2f ba 0c bd 92 6c 6e 6b b3 26 3e 51 c7 4f 5c 78 | unwrapped: 0a eb e9 72 a0 a4 39 a7 39 e9 b9 e4 34 6a 40 0e | unwrapped: a4 5f be 83 14 83 f3 65 df df d0 3b fa 0d 76 0e | unwrapped: 1a 2d 06 c6 68 61 e4 4a ba 23 5f 22 f6 fc 0e cd | unwrapped: e7 9d 25 34 89 d1 d5 38 b5 70 83 eb be ff ec da | unwrapped: 20 76 37 ba 48 27 94 5f f4 7a 5c f5 84 47 42 53 | unwrapped: 43 82 8c 5c 11 0d 1b bc e2 b3 5b f8 14 b6 11 5b | unwrapped: 79 c4 42 78 fe 27 b9 bf bf 4f fb 73 4a 9e f6 db | unwrapped: bb ff d3 5b 8c 81 06 3e 53 61 e9 0d 0a 21 0d c6 | unwrapped: 8f 26 e4 b0 44 ad c2 45 ef 14 94 ae 16 f9 06 19 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | d3 f3 11 4f | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 05 56 2b 77 | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 6e a3 02 df e0 4c e1 65 9f 7d 63 b6 2a 49 f2 b4 | c4 35 46 f9 7a f3 e3 8c 29 5d e9 ba 46 04 e8 f9 | hmac PRF sha update data-bytes@0x5573f4163548 (length 32) | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | hmac PRF sha update data-bytes@0x5573f4163548 (length 32) | 05 e4 a2 67 47 eb 3e 4a b7 f6 95 26 65 bd 59 74 | 98 35 b3 21 7b f5 04 b8 c0 10 cd 3a c7 5b 1a 7b | hmac PRF sha final-bytes@0x7ffab0006b0c (length 20) | d1 30 90 23 68 7e fa 71 b6 07 42 42 ce 32 ea 12 | fe c8 6b 21 | hmac PRF sha final-bytes@0x5573f414a18c (length 20) | 94 e3 7e 96 b9 6c 41 36 97 50 ab 08 05 c3 40 7e | dc f7 41 56 | install_ipsec_sa() for #12: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.5562b77@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.d3f3114f@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #12: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #12 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x5562b77 SPI_OUT=0 | popen cmd is 1024 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0x5562b77 SPI_OUT=0xd3f3114f ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x5562b77 | popen cmd is 1029 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0x5562b77 SPI_OUT=0xd3f3114f ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x5562b77 SPI | popen cmd is 1027 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x5562b77 SPI_OUT=0xd3f3114f ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x5573f4162958,sr=0x5573f4162958} to #12 (was #0) (newest_ipsec_sa=#0) | #11 spent 1.86 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 0d 59 a7 9e b2 14 27 6d ee ae 67 64 | encrypting: 61 0e af 53 25 c4 31 9a | IV: 95 4f c8 1a 27 a0 68 c2 5c 8a ac af 9c 5f 0f 43 | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: c7 60 56 cb a8 c6 72 43 0d 9a 7a aa 16 76 93 65 | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #12 (was #0) (spd.eroute=#12) cloned from #11 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #12 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #12: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #12 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaa8003ad8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #12) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 20 01 9a 3f 98 50 00 00 00 3c 9f b6 2b 1e | e9 36 67 46 da d4 98 26 ca 42 57 57 c7 60 56 cb | a8 c6 72 43 0d 9a 7a aa 16 76 93 65 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7ffaac002b78 | inserting event EVENT_SA_REPLACE, timeout in 28154 seconds for #12 | libevent_malloc: new ptr-libevent@0x5573f4165a78 size 128 | pstats #12 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #12: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x05562b77 <0xd3f3114f xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #12 suppresed complete_v1_state_transition() | #12 spent 2.93 milliseconds in resume sending helper answer | stop processing: state #12 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaac0027d8 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00477 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00264 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0029 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.d3f3114f@192.1.2.45 | get_sa_info esp.5562b77@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.121 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #12 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #12 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #12 ikev1.ipsec deleted completed | [RE]START processing: state #12 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #12: deleting state (STATE_QUICK_I2) aged 0.067s and sending notification | child state #12: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.5562b77@192.1.2.23 | get_sa_info esp.d3f3114f@192.1.2.45 "aes128" #12: ESP traffic information: in=84B out=84B | #12 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4194936427 (0xfa09a66b) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload d3 f3 11 4f | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffac0002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffac0002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x5573f416e348 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | fa 09 a6 6b | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 d3 f3 11 4f | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | fc d6 b4 f8 96 2f 35 71 f7 b9 13 bb 6e 35 5b 64 | 26 fc a1 6d | send delete HASH(1): | fc d6 b4 f8 96 2f 35 71 f7 b9 13 bb 6e 35 5b 64 | 26 fc a1 6d | last Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | current Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | fa 09 a6 6b | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 07 66 ba 08 b5 1e 2c 09 85 c3 8c 24 c6 79 e5 6f | b4 34 3d cc | encrypting: 0c 00 00 18 fc d6 b4 f8 96 2f 35 71 f7 b9 13 bb | encrypting: 6e 35 5b 64 26 fc a1 6d 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 d3 f3 11 4f | IV: 07 66 ba 08 b5 1e 2c 09 85 c3 8c 24 c6 79 e5 6f | IV: b4 34 3d cc | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d8 fa 2d 00 88 5c 45 1a 41 52 cd f0 d9 51 fe 1a | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 05 01 fa 09 a6 6b 00 00 00 4c 5a f9 78 fd | 03 e9 cf b1 fe 47 06 d0 fd e0 ec 06 f0 52 95 ec | d8 bb d7 42 fa e2 d4 15 65 d3 ff 98 d8 fa 2d 00 | 88 5c 45 1a 41 52 cd f0 d9 51 fe 1a | state #12 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x5573f4165a78 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7ffaac002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825166' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x5562b77 | popen cmd is 1032 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16408' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825166' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0x5562b77 SPI_OUT=0xd3f3114f ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.5562b77@192.1.2.23 | netlink response for Del SA esp.5562b77@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.d3f3114f@192.1.2.45 | netlink response for Del SA esp.d3f3114f@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #12 in QUICK_I2 | child state #12: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffaa8006b98: destroyed | stop processing: state #12 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f41619f0 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #11 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #11 | start processing: state #11 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #11 ikev1.isakmp deleted completed | [RE]START processing: state #11 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #11: deleting state (STATE_MAIN_I4) aged 0.084s and sending notification | parent state #11: MAIN_I4(established IKE SA) => delete | #11 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 315291319 (0x12caf6b7) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 21 52 58 7d 18 4e 79 8e | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 27 41 79 e1 0d bd d0 ab | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffaa8003f88 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 12 ca f6 b7 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 21 52 58 7d | 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 17 2d 9c a5 4a 8e a9 1a 04 d9 bb ad e1 df 28 64 | 7b ab 90 70 | send delete HASH(1): | 17 2d 9c a5 4a 8e a9 1a 04 d9 bb ad e1 df 28 64 | 7b ab 90 70 | last Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | current Phase 1 IV: 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 07 1a 4d 98 60 f7 c9 fc 5d 7e 74 82 e1 c0 6f be | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 12 ca f6 b7 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 2f cc 2a a6 1f a4 03 3f 8a f4 0c 3b 2f 81 a5 cc | 9d 8f 77 c5 | encrypting: 0c 00 00 18 17 2d 9c a5 4a 8e a9 1a 04 d9 bb ad | encrypting: e1 df 28 64 7b ab 90 70 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 21 52 58 7d 18 4e 79 8e 27 41 79 e1 | encrypting: 0d bd d0 ab | IV: 2f cc 2a a6 1f a4 03 3f 8a f4 0c 3b 2f 81 a5 cc | IV: 9d 8f 77 c5 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: cc e3 9c 1e 72 ae 5e 83 52 2e ba cf ed 3b 71 4c | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #11) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 05 01 12 ca f6 b7 00 00 00 5c 38 5a 88 f1 | d1 24 15 ad e7 04 fa 95 b1 aa 37 00 48 ef 39 ca | 99 a1 32 27 db ff 9f bd 72 0a fc f7 39 16 34 c0 | 6e a6 b6 dd 2e 47 55 59 40 0a ab bc cc e3 9c 1e | 72 ae 5e 83 52 2e ba cf ed 3b 71 4c | state #11 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab4002098 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #11 in MAIN_I4 | parent state #11: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffab0001158: destroyed | stop processing: state #11 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f40c6080 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.58 milliseconds in whack | spent 0.0017 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 05 01 83 0e d1 a0 00 00 00 4c 61 7f 9c 46 | b3 84 f5 d1 8f 23 ac b6 fc 66 ff 22 40 ca 1b 15 | 91 2e 4c 5a df 8a dc 26 e5 8e a5 06 ec bb 94 f8 | e0 cf b6 ba 03 de c2 60 e4 2d 74 9c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2198786464 (0x830ed1a0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x830ed1a0 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 21 52 58 7d 18 4e 79 8e | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 27 41 79 e1 0d bd d0 ab | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0735 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00473 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00224 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 21 52 58 7d 18 4e 79 8e 27 41 79 e1 0d bd d0 ab | 08 10 05 01 25 75 5e 39 00 00 00 5c ee 13 40 a7 | a0 ac db 07 0b 4f 7b cb 7f 20 b7 47 dc 8f 8c 41 | bd 0f 09 6a 76 4b ce 84 97 76 cb 58 08 af ba 48 | 5b 38 23 e7 5d e8 cb e5 59 28 5f e9 22 bb 9b 0d | ee 33 d8 01 10 3e 76 b9 a3 b1 67 b3 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 21 52 58 7d 18 4e 79 8e | responder cookie: | 27 41 79 e1 0d bd d0 ab | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 628448825 (0x25755e39) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x25755e39 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 21 52 58 7d 18 4e 79 8e | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 27 41 79 e1 0d bd d0 ab | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0507 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16408' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.868 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00445 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0591 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0416 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:OMIT | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.284 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.12 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #13 at 0x5573f4163978 | State DB: adding IKEv1 state #13 in UNDEFINED | pstats #13 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #13 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #13: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #13 "aes128" "aes128" #13: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f416e578 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 0f 9d 39 88 3b 32 68 29 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x7ffaac0027d8 size 128 | #13 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10452.194568 | #13 spent 0.36 milliseconds in main_outI1() | stop processing: state #13 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.408 milliseconds in whack | spent 0.00236 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #13 in MAIN_I1 (find_state_ikev1_init) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 15 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac0027d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7ffaac0027d8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #13 and saving MD | #13 is busy; has a suspended MD | crypto helper 0 resuming | #13 spent 0.104 milliseconds in process_packet_tail() | crypto helper 0 starting work-order 15 for state #13 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 15 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.206 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffac0002168: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffac0002168 | NSS: Public DH wire value: | be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | Generated nonce: eb 85 b9 cb 22 0f 7c b8 22 6b b6 3a 01 4d 45 3c | Generated nonce: b5 a9 71 6a 6f 0d fb dc 0d 70 4d 44 67 f0 f9 d1 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 15 time elapsed 0.000904 seconds | (#13) spent 0.88 milliseconds in crypto helper computing work-order 15: outI2 KE (pcr) | crypto helper 0 sending results from work-order 15 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7ffac00048c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 15 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #13: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffac0002168: transferring ownership from helper KE to state #13 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | keyex value 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | keyex value 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | keyex value f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | keyex value 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | keyex value eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | keyex value 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | keyex value 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | keyex value 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | keyex value b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | keyex value 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | keyex value aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | keyex value d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | keyex value 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | keyex value 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | keyex value a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni eb 85 b9 cb 22 0f 7c b8 22 6b b6 3a 01 4d 45 3c | Ni b5 a9 71 6a 6f 0d fb dc 0d 70 4d 44 67 f0 f9 d1 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 0f 9d 39 88 3b 32 68 29 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | a5 0f 70 c0 41 9e 17 77 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | e2 90 68 32 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 0f 9d 39 88 3b 32 68 29 | natd_hash: rcookie= a5 0f 70 c0 41 9e 17 77 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | natd_hash: hash= e2 90 68 32 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | NAT-D e2 90 68 32 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 0f 9d 39 88 3b 32 68 29 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | a5 0f 70 c0 41 9e 17 77 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | e7 47 c9 1e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 0f 9d 39 88 3b 32 68 29 | natd_hash: rcookie= a5 0f 70 c0 41 9e 17 77 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | natd_hash: hash= e7 47 c9 1e | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | NAT-D e7 47 c9 1e | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #13 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #13: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaac0027d8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | 14 00 00 24 eb 85 b9 cb 22 0f 7c b8 22 6b b6 3a | 01 4d 45 3c b5 a9 71 6a 6f 0d fb dc 0d 70 4d 44 | 67 f0 f9 d1 14 00 00 18 e4 17 e2 e6 35 cb fd c8 | c6 d0 bd 16 f7 cb c1 3a e2 90 68 32 00 00 00 18 | fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | e7 47 c9 1e | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | #13 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10452.196615 "aes128" #13: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.25 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffac00048c8 | spent 0.00192 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | 14 00 00 24 49 0f 8f a7 63 aa ad 75 5e da 21 51 | cb 6c 9d ba 66 56 eb eb c3 cc 92 e9 5c 88 46 d8 | 8f 0c 0c 5d 14 00 00 18 fa 6d a6 07 f5 63 7a ef | 89 df c6 f7 f7 d1 5f 69 e7 47 c9 1e 00 00 00 18 | e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | e2 90 68 32 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I2 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffac0002168: transferring ownership from state #13 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 16 for state #13 | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #13 | libevent_malloc: new ptr-libevent@0x7ffac00048c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #13 and saving MD | crypto helper 1 resuming | #13 is busy; has a suspended MD | crypto helper 1 starting work-order 16 for state #13 | #13 spent 0.0701 milliseconds in process_packet_tail() | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | peer's g: 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | peer's g: da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | peer's g: eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | peer's g: 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | spent 0.18 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | peer's g: d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | peer's g: 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | peer's g: be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | peer's g: 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | peer's g: db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | peer's g: 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | peer's g: ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | peer's g: 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | peer's g: ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffac0002168: computed shared DH secret key@0x5573f4150a70 | dh-shared : g^ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: psk-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: psk-key@0x5573f414f010 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f414d560 | SKEYID psk prf: created sha context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk prf: begin sha with context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk: release clone-key@0x5573f414f010 | SKEYID psk PRF sha crypt-prf@0x7ffab8001108 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | eb 85 b9 cb 22 0f 7c b8 22 6b b6 3a 01 4d 45 3c | b5 a9 71 6a 6f 0d fb dc 0d 70 4d 44 67 f0 f9 d1 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 49 0f 8f a7 63 aa ad 75 5e da 21 51 cb 6c 9d ba | 66 56 eb eb c3 cc 92 e9 5c 88 46 d8 8f 0c 0c 5d | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID psk PRF sha final-key@0x5573f414f010 (size 20) | SKEYID psk: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_d: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2718 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d: release clone-key@0x5573f414d560 | SKEYID_d PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_d PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_d: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ea c6 36 5f 3d d8 7b 07 af 66 ff 20 b3 27 6b 43 44 6c 16 9c 56 a4 ca eb 13 dd 20 03 7c dc 3d b8 55 8f 66 3c 75 42 4b 86 33 55 ec f1 3c 49 62 8e be ce e7 f3 1f 34 2a cc ff 01 3c e8 a7 f7 a2 aa bd 4b 0a 05 7f 2f 27 04 59 32 4e e0 ab e4 ec c3 a9 55 cc de 99 08 48 bb 28 e1 0b 9e 1e a9 98 39 a1 9a b7 61 bc 63 0b bc d0 2d d8 c4 71 d0 af 6b bc 91 ee e8 83 3f 63 c2 51 a0 74 1f f4 81 47 2f ba 53 c5 32 33 ed fa fb 55 62 35 ac 37 f5 a1 52 46 87 fa b9 93 8a 26 ff 15 b1 ad f7 26 f4 98 3f 5d b9 30 13 f2 84 87 c8 b3 31 ee 47 10 ab 17 13 21 5a cc 2d 1d 7a d8 71 a2 b8 fc b3 c3 ef 94 21 43 07 8f 11 21 39 c0 d9 e7 68 33 98 7c ad 69 43 15 54 15 15 61 42 65 87 46 8c 37 00 65 45 82 be 8a 57 aa 52 32 3e 73 0f bb e5 8d 8d ac 11 f2 32 50 98 e3 2d cf 79 8b ba 28 f8 59 a4 49 89 65 49 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: bb a0 b3 98 2e 3f 6e 6b 7b 28 f6 34 f6 64 2e 7c | unwrapped: c8 9c cc 51 e0 47 d8 37 bd 07 84 ef 65 e1 e7 0c | unwrapped: b9 85 05 27 f6 f0 c1 e7 ca 67 5a 8a 4e 56 09 77 | unwrapped: 16 a0 3b d4 35 c1 a8 ff cf 81 a5 c0 b2 32 83 c5 | unwrapped: 6a dd 70 e0 7d 52 fe 03 08 d9 87 92 e5 00 75 25 | unwrapped: 46 c6 a5 45 fd 7f 4a 9a 5e 34 f1 da 86 91 23 6c | unwrapped: 25 a4 59 14 3e b7 31 58 71 59 b5 02 92 8c 9e e0 | unwrapped: 15 ad 97 8c 16 c9 c8 97 81 f0 06 1d 16 4c 63 08 | unwrapped: 4e 4f 72 c1 ba d8 fe 12 c0 eb 88 19 99 d0 df 2f | unwrapped: 49 67 a9 02 a2 01 67 17 bf 84 c3 a0 9e af 59 2e | unwrapped: 20 43 ee 01 b2 60 9e 80 88 26 b5 4b 0d b8 51 a7 | unwrapped: 55 65 88 13 0d 30 cd 9a 7b 8a fd cd df 7d 07 98 | unwrapped: cc ec 78 1f 27 37 38 3c 02 34 72 55 fa fc 0f 90 | unwrapped: 50 80 e9 47 7e 15 32 e9 5e 26 d5 23 81 49 67 ec | unwrapped: 94 25 65 47 74 76 ae 45 bd 05 90 7a 1f 81 a4 dc | unwrapped: 16 b8 bc 45 0c 97 fb bb c3 86 22 16 36 fc db d3 | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 0f 9d 39 88 3b 32 68 29 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | a5 0f 70 c0 41 9e 17 77 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID_d PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_d: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_a: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a: release clone-key@0x5573f40bfec0 | SKEYID_a PRF sha crypt-prf@0x7ffab8001108 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f414d560 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 1c 79 42 6e f9 55 3d 02 ab ce e9 63 41 2c 06 ac 08 50 ac 32 55 92 08 91 85 03 91 04 11 a5 28 4a | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab8008c38 | unwrapped: cc 52 80 35 66 8d 5d 94 85 fc b2 43 cb f7 59 db | unwrapped: bd 3c c1 23 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_a: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ea c6 36 5f 3d d8 7b 07 af 66 ff 20 b3 27 6b 43 44 6c 16 9c 56 a4 ca eb 13 dd 20 03 7c dc 3d b8 55 8f 66 3c 75 42 4b 86 33 55 ec f1 3c 49 62 8e be ce e7 f3 1f 34 2a cc ff 01 3c e8 a7 f7 a2 aa bd 4b 0a 05 7f 2f 27 04 59 32 4e e0 ab e4 ec c3 a9 55 cc de 99 08 48 bb 28 e1 0b 9e 1e a9 98 39 a1 9a b7 61 bc 63 0b bc d0 2d d8 c4 71 d0 af 6b bc 91 ee e8 83 3f 63 c2 51 a0 74 1f f4 81 47 2f ba 53 c5 32 33 ed fa fb 55 62 35 ac 37 f5 a1 52 46 87 fa b9 93 8a 26 ff 15 b1 ad f7 26 f4 98 3f 5d b9 30 13 f2 84 87 c8 b3 31 ee 47 10 ab 17 13 21 5a cc 2d 1d 7a d8 71 a2 b8 fc b3 c3 ef 94 21 43 07 8f 11 21 39 c0 d9 e7 68 33 98 7c ad 69 43 15 54 15 15 61 42 65 87 46 8c 37 00 65 45 82 be 8a 57 aa 52 32 3e 73 0f bb e5 8d 8d ac 11 f2 32 50 98 e3 2d cf 79 8b ba 28 f8 59 a4 49 89 65 49 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: bb a0 b3 98 2e 3f 6e 6b 7b 28 f6 34 f6 64 2e 7c | unwrapped: c8 9c cc 51 e0 47 d8 37 bd 07 84 ef 65 e1 e7 0c | unwrapped: b9 85 05 27 f6 f0 c1 e7 ca 67 5a 8a 4e 56 09 77 | unwrapped: 16 a0 3b d4 35 c1 a8 ff cf 81 a5 c0 b2 32 83 c5 | unwrapped: 6a dd 70 e0 7d 52 fe 03 08 d9 87 92 e5 00 75 25 | unwrapped: 46 c6 a5 45 fd 7f 4a 9a 5e 34 f1 da 86 91 23 6c | unwrapped: 25 a4 59 14 3e b7 31 58 71 59 b5 02 92 8c 9e e0 | unwrapped: 15 ad 97 8c 16 c9 c8 97 81 f0 06 1d 16 4c 63 08 | unwrapped: 4e 4f 72 c1 ba d8 fe 12 c0 eb 88 19 99 d0 df 2f | unwrapped: 49 67 a9 02 a2 01 67 17 bf 84 c3 a0 9e af 59 2e | unwrapped: 20 43 ee 01 b2 60 9e 80 88 26 b5 4b 0d b8 51 a7 | unwrapped: 55 65 88 13 0d 30 cd 9a 7b 8a fd cd df 7d 07 98 | unwrapped: cc ec 78 1f 27 37 38 3c 02 34 72 55 fa fc 0f 90 | unwrapped: 50 80 e9 47 7e 15 32 e9 5e 26 d5 23 81 49 67 ec | unwrapped: 94 25 65 47 74 76 ae 45 bd 05 90 7a 1f 81 a4 dc | unwrapped: 16 b8 bc 45 0c 97 fb bb c3 86 22 16 36 fc db d3 | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 0f 9d 39 88 3b 32 68 29 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | a5 0f 70 c0 41 9e 17 77 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: final-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150e50 | SKEYID_a PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_a: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_e: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: clone-key@0x5573f4150e50 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e: release clone-key@0x5573f4150e50 | SKEYID_e PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f40bfec0 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 70 2f df bf 40 38 1f 1b f0 aa 6c d1 31 45 25 bd 1a 70 c3 2f 04 84 05 cb 44 c4 ca d7 fd 52 bc 9e | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80085b8 | unwrapped: 57 33 22 df 1b c3 c6 6d 54 44 a6 c6 3d ff 43 f3 | unwrapped: 08 7d 27 9b 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_e: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: ea c6 36 5f 3d d8 7b 07 af 66 ff 20 b3 27 6b 43 44 6c 16 9c 56 a4 ca eb 13 dd 20 03 7c dc 3d b8 55 8f 66 3c 75 42 4b 86 33 55 ec f1 3c 49 62 8e be ce e7 f3 1f 34 2a cc ff 01 3c e8 a7 f7 a2 aa bd 4b 0a 05 7f 2f 27 04 59 32 4e e0 ab e4 ec c3 a9 55 cc de 99 08 48 bb 28 e1 0b 9e 1e a9 98 39 a1 9a b7 61 bc 63 0b bc d0 2d d8 c4 71 d0 af 6b bc 91 ee e8 83 3f 63 c2 51 a0 74 1f f4 81 47 2f ba 53 c5 32 33 ed fa fb 55 62 35 ac 37 f5 a1 52 46 87 fa b9 93 8a 26 ff 15 b1 ad f7 26 f4 98 3f 5d b9 30 13 f2 84 87 c8 b3 31 ee 47 10 ab 17 13 21 5a cc 2d 1d 7a d8 71 a2 b8 fc b3 c3 ef 94 21 43 07 8f 11 21 39 c0 d9 e7 68 33 98 7c ad 69 43 15 54 15 15 61 42 65 87 46 8c 37 00 65 45 82 be 8a 57 aa 52 32 3e 73 0f bb e5 8d 8d ac 11 f2 32 50 98 e3 2d cf 79 8b ba 28 f8 59 a4 49 89 65 49 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: bb a0 b3 98 2e 3f 6e 6b 7b 28 f6 34 f6 64 2e 7c | unwrapped: c8 9c cc 51 e0 47 d8 37 bd 07 84 ef 65 e1 e7 0c | unwrapped: b9 85 05 27 f6 f0 c1 e7 ca 67 5a 8a 4e 56 09 77 | unwrapped: 16 a0 3b d4 35 c1 a8 ff cf 81 a5 c0 b2 32 83 c5 | unwrapped: 6a dd 70 e0 7d 52 fe 03 08 d9 87 92 e5 00 75 25 | unwrapped: 46 c6 a5 45 fd 7f 4a 9a 5e 34 f1 da 86 91 23 6c | unwrapped: 25 a4 59 14 3e b7 31 58 71 59 b5 02 92 8c 9e e0 | unwrapped: 15 ad 97 8c 16 c9 c8 97 81 f0 06 1d 16 4c 63 08 | unwrapped: 4e 4f 72 c1 ba d8 fe 12 c0 eb 88 19 99 d0 df 2f | unwrapped: 49 67 a9 02 a2 01 67 17 bf 84 c3 a0 9e af 59 2e | unwrapped: 20 43 ee 01 b2 60 9e 80 88 26 b5 4b 0d b8 51 a7 | unwrapped: 55 65 88 13 0d 30 cd 9a 7b 8a fd cd df 7d 07 98 | unwrapped: cc ec 78 1f 27 37 38 3c 02 34 72 55 fa fc 0f 90 | unwrapped: 50 80 e9 47 7e 15 32 e9 5e 26 d5 23 81 49 67 ec | unwrapped: 94 25 65 47 74 76 ae 45 bd 05 90 7a 1f 81 a4 dc | unwrapped: 16 b8 bc 45 0c 97 fb bb c3 86 22 16 36 fc db d3 | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 0f 9d 39 88 3b 32 68 29 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | a5 0f 70 c0 41 9e 17 77 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2710 | result: final-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40c6080 | SKEYID_e PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID_e: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2768 | result: keymat-key@0x5573f40c6080 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f414d560, skeyid_a 0x5573f40bfec0, skeyid_e 0x5573f4150e50, enc_key 0x5573f40c6080 | DH_i: be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | DH_i: 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | DH_i: 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | DH_i: f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | DH_i: 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | DH_i: eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | DH_i: 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | DH_i: 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | DH_i: 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | DH_i: b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | DH_i: 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | DH_i: aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | DH_i: d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | DH_i: 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | DH_i: 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | DH_i: a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | DH_r: 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | DH_r: e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | DH_r: da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | DH_r: eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | DH_r: e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | DH_r: 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | DH_r: 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | DH_r: d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | DH_r: 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | DH_r: be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | DH_r: 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | DH_r: db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | DH_r: 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | DH_r: ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | DH_r: 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | DH_r: ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | new IV hash sha final chunk@0x7ffab80085b8 (length 20) | 5d f4 e9 00 6b ce 6e f7 20 8b 8f bf 44 85 fb 42 | 24 31 b9 67 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 16 time elapsed 0.001376 seconds | (#13) spent 1.37 milliseconds in crypto helper computing work-order 16: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 16 for state #13 to event queue | scheduling resume sending helper answer for #13 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #13 | start processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 16 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #13: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffac0002168: transferring ownership from helper IKEv1 DH+IV to state #13 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 0f 9d 39 88 3b 32 68 29 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | a5 0f 70 c0 41 9e 17 77 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | e7 47 c9 1e | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 0f 9d 39 88 3b 32 68 29 | natd_hash: rcookie= a5 0f 70 c0 41 9e 17 77 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | natd_hash: hash= e7 47 c9 1e | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 0f 9d 39 88 3b 32 68 29 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | a5 0f 70 c0 41 9e 17 77 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | e2 90 68 32 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 0f 9d 39 88 3b 32 68 29 | natd_hash: rcookie= a5 0f 70 c0 41 9e 17 77 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | natd_hash: hash= e2 90 68 32 | expected NAT-D(me): fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | expected NAT-D(me): e7 47 c9 1e | expected NAT-D(him): | e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | e2 90 68 32 | received NAT-D: fa 6d a6 07 f5 63 7a ef 89 df c6 f7 f7 d1 5f 69 | received NAT-D: e7 47 c9 1e | received NAT-D: e4 17 e2 e6 35 cb fd c8 c6 d0 bd 16 f7 cb c1 3a | received NAT-D: e2 90 68 32 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f41637c8 | hmac PRF sha update data-bytes@0x7ffac0004458 (length 256) | be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | hmac PRF sha update data-bytes@0x7ffaac000b48 (length 256) | 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 0f 9d 39 88 3b 32 68 29 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | a5 0f 70 c0 41 9e 17 77 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | c7 e8 da 81 6f 28 a5 53 43 bf 6e e1 18 01 33 9a | dc f3 72 c8 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I c7 e8 da 81 6f 28 a5 53 43 bf 6e e1 18 01 33 9a | HASH_I dc f3 72 c8 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: c7 e8 da 81 6f 28 a5 53 43 bf 6e e1 18 01 33 9a | encrypting: dc f3 72 c8 | IV: 5d f4 e9 00 6b ce 6e f7 20 8b 8f bf 44 85 fb 42 | IV: 24 31 b9 67 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 9a f6 18 00 06 08 a0 2c 35 1d 11 33 ba b9 c5 66 | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #13: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffac00048c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 05 10 02 01 00 00 00 00 00 00 00 4c f9 5f c6 7d | 2d 96 dd af e3 e4 2a 45 81 e1 1a b2 41 19 88 cc | a4 c3 32 ec 27 6d 78 68 51 af ba b1 9a f6 18 00 | 06 08 a0 2c 35 1d 11 33 ba b9 c5 66 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #13 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | #13 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10452.200055 "aes128" #13: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #13 suppresed complete_v1_state_transition() | #13 spent 0.372 milliseconds in resume sending helper answer | stop processing: state #13 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab8003ad8 | spent 0.00203 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 05 10 02 01 00 00 00 00 00 00 00 4c 8e 42 64 57 | 5b d6 d1 51 6f 81 17 44 e0 59 fc 12 7e 80 0e 95 | 75 52 a9 8c a1 82 33 66 77 6f 97 61 33 cb 1c cb | d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #13 in MAIN_I3 (find_state_ikev1) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 9a f6 18 00 06 08 a0 2c 35 1d 11 33 ba b9 c5 66 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | decrypted payload (starts at offset -48): | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 63 f7 9d 8c | b9 5a c5 44 c5 18 c7 2c 0f d5 8b e2 a0 c5 1f 14 | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #13: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab80085b8 | hmac PRF sha update data-bytes@0x7ffaac000b48 (length 256) | 9d 5e a4 12 4f 60 c9 95 c5 6c e7 26 08 a7 6d a9 | e0 e0 62 bf 2f 7b c8 82 18 5e d9 33 59 b0 e6 48 | da e1 63 2f 0b 84 ae f4 f0 ea ed 26 50 9f 10 d3 | eb f2 6e e7 82 8d bb 08 d9 e2 73 c2 4c 06 9a 09 | e8 48 0f de f6 d3 47 bf e4 5f 95 47 58 45 a9 b5 | 3e cd b6 9d 06 3d d9 23 34 35 be ca 18 6e 5f 21 | 28 77 cc 5c c3 01 a1 31 fb a3 53 ed eb a1 b4 22 | d6 86 79 ca c1 c6 18 5e c0 28 59 cf 23 da c0 7e | 10 81 32 1a 3e 90 ad 45 bd 6c 2e 1d 5f 29 b7 5f | be 43 cf a7 b7 b5 e5 75 39 2f eb 14 11 17 42 e0 | 23 a3 c6 0b 1e ab c8 6e f6 59 1e 96 3f 98 97 72 | db b0 3f ff 39 5c 63 67 3e 97 2e 84 b1 79 fc e2 | 2c 0d 59 51 c2 3e 5a 21 93 aa e5 42 44 9a c7 1c | ef fd 08 76 ae 2b a2 aa 99 7d b3 f0 ed cf 94 f8 | 85 46 36 27 fc 3b 95 0d c8 ab ef 01 99 63 6a b1 | ef 55 c3 7f 2f 2a 4b 00 e6 b4 5a 05 8d 21 13 5e | hmac PRF sha update data-bytes@0x7ffac0004458 (length 256) | be 4b ea f0 cc 9d 87 93 dd 9b 3f 48 68 8c f9 07 | 29 fb 6f 4b 9d 43 70 68 4c ef cf dd bc 94 2e f9 | 70 54 5a 7a 0d 66 73 c5 d3 4e c9 c1 9b 58 9b 76 | f7 e9 f6 43 51 b7 14 84 1f a9 16 df 97 11 04 1b | 96 14 67 7c dc 05 e6 85 df be 09 d6 1b 32 fa 6d | eb c3 5c 2a 81 71 ae 69 c8 c1 69 a5 56 82 8a 69 | 05 e5 c7 f0 fe 53 2b 79 20 56 17 fc 6b 84 d5 77 | 82 7f ac db 11 8b 8f 05 e4 c4 ed d2 d7 3c 1e f5 | 52 1a 47 9d ba 55 ac a0 4b ec 45 dc 05 3c f4 62 | b1 8b df 2d b3 bf 74 6c d6 90 42 8c 42 07 50 58 | 83 44 87 be c5 36 86 07 8c 00 01 c5 0f 3f d1 bc | aa 32 e1 bb 26 5f d2 49 94 86 fb ca 75 48 8f 65 | d1 70 3c d1 3c 2e cb af 74 0c ae 0a ee 6f fd 36 | 32 59 9b ec e0 14 20 8b 62 26 d9 37 89 b4 53 71 | 48 0f 21 03 09 0a 5b 36 05 32 ce 92 67 7f 6b 83 | a8 87 75 a3 1c 6e b8 17 f3 2e 98 89 bf 61 f4 86 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | a5 0f 70 c0 41 9e 17 77 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 0f 9d 39 88 3b 32 68 29 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f4161ac8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | 63 f7 9d 8c b9 5a c5 44 c5 18 c7 2c 0f d5 8b e2 | a0 c5 1f 14 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #13 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #13: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #13 requesting EVENT_RETRANSMIT to be deleted | #13 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2879 seconds for #13 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | pstats #13 ikev1.isakmp established "aes128" #13: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #13 | creating state object #14 at 0x5573f4166828 | State DB: adding IKEv1 state #14 in UNDEFINED | pstats #14 ikev1.ipsec started | duplicating state object #13 "aes128" as #14 for IPSEC SA | #14 setting local endpoint to 192.1.2.45:500 from #13.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_d_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ai_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f40c6080 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #13 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #14 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #14: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #14: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#13 msgid:a7efa32c proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 17 for state #14 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #14 | libevent_malloc: new ptr-libevent@0x5573f416e398 size 128 | stop processing: state #14 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #13 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f40bb898} | close_any(fd@24) (in release_whack() at state.c:654) | #13 spent 0.371 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.482 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 17 for state #14 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 17 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffabc003758: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffabc003758 | NSS: Public DH wire value: | e5 c7 a1 6f a1 a4 54 42 d6 fb ec 3d 37 1c 11 ca | 61 b1 46 74 9c 87 7a 73 18 59 00 8c 94 87 df 8b | f5 d9 6c 2e 6c f7 52 53 8d b4 f4 0f fc 89 3e 22 | e2 32 7e fa 8a a8 33 ab 96 e3 5c ed af ea 7c 0e | 26 39 87 63 e4 16 9e 55 ce eb ac 94 51 f5 92 01 | 7d 14 74 b7 6d fd aa fc 9f ba bb a8 ae 88 62 ba | 1d d7 bd 3e 42 1f 5a da 2b 55 24 23 8e dc ff b5 | 6b 3d e9 23 7d fa bc 63 92 94 8b 44 58 98 73 9e | e6 e5 20 02 81 5e 27 25 8f 8d 99 21 9f ab 57 f4 | 87 5f a1 0d 6b 2e 83 18 f8 90 36 1e ac 04 93 2f | aa b4 86 ad 7c 36 16 4f f2 5f fe b9 0d 93 90 36 | c2 e8 fc 00 42 15 28 79 ae 0f e5 e5 e9 29 84 22 | 5a fd 31 6d 54 8d 31 57 24 b7 00 f4 16 15 30 9e | 60 5e b0 b3 25 4c aa 6c 80 41 5c 9c 7d b5 1a 52 | 0b 99 32 75 07 35 cb 1c 86 e4 01 db d3 a6 a7 15 | 29 30 c6 e5 3d f1 6d bf fc 96 b9 04 ff e2 48 f9 | Generated nonce: eb 85 63 16 97 65 7a f6 58 f3 4f 35 7d 1b 23 5e | Generated nonce: 54 ee cf c4 2a 60 6e 28 25 1c b4 bc fb 71 fb e9 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 17 time elapsed 0.000935 seconds | (#14) spent 0.93 milliseconds in crypto helper computing work-order 17: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 17 for state #14 to event queue | scheduling resume sending helper answer for #14 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #14 | start processing: state #14 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 17 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #14: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2817499948 (0xa7efa32c) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x810e0e70 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 81 0e 0e 70 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #14: IMPAIR: stripping key-length "aes128" #14: IMPAIR: not sending key-length attribute | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni eb 85 63 16 97 65 7a f6 58 f3 4f 35 7d 1b 23 5e | Ni 54 ee cf c4 2a 60 6e 28 25 1c b4 bc fb 71 fb e9 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffabc003758: transferring ownership from helper KE to state #14 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value e5 c7 a1 6f a1 a4 54 42 d6 fb ec 3d 37 1c 11 ca | keyex value 61 b1 46 74 9c 87 7a 73 18 59 00 8c 94 87 df 8b | keyex value f5 d9 6c 2e 6c f7 52 53 8d b4 f4 0f fc 89 3e 22 | keyex value e2 32 7e fa 8a a8 33 ab 96 e3 5c ed af ea 7c 0e | keyex value 26 39 87 63 e4 16 9e 55 ce eb ac 94 51 f5 92 01 | keyex value 7d 14 74 b7 6d fd aa fc 9f ba bb a8 ae 88 62 ba | keyex value 1d d7 bd 3e 42 1f 5a da 2b 55 24 23 8e dc ff b5 | keyex value 6b 3d e9 23 7d fa bc 63 92 94 8b 44 58 98 73 9e | keyex value e6 e5 20 02 81 5e 27 25 8f 8d 99 21 9f ab 57 f4 | keyex value 87 5f a1 0d 6b 2e 83 18 f8 90 36 1e ac 04 93 2f | keyex value aa b4 86 ad 7c 36 16 4f f2 5f fe b9 0d 93 90 36 | keyex value c2 e8 fc 00 42 15 28 79 ae 0f e5 e5 e9 29 84 22 | keyex value 5a fd 31 6d 54 8d 31 57 24 b7 00 f4 16 15 30 9e | keyex value 60 5e b0 b3 25 4c aa 6c 80 41 5c 9c 7d b5 1a 52 | keyex value 0b 99 32 75 07 35 cb 1c 86 e4 01 db d3 a6 a7 15 | keyex value 29 30 c6 e5 3d f1 6d bf fc 96 b9 04 ff e2 48 f9 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4166078 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | a7 ef a3 2c | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 81 0e 0e 70 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 eb 85 63 16 97 65 7a f6 | 58 f3 4f 35 7d 1b 23 5e 54 ee cf c4 2a 60 6e 28 | 25 1c b4 bc fb 71 fb e9 05 00 01 04 e5 c7 a1 6f | a1 a4 54 42 d6 fb ec 3d 37 1c 11 ca 61 b1 46 74 | 9c 87 7a 73 18 59 00 8c 94 87 df 8b f5 d9 6c 2e | 6c f7 52 53 8d b4 f4 0f fc 89 3e 22 e2 32 7e fa | 8a a8 33 ab 96 e3 5c ed af ea 7c 0e 26 39 87 63 | e4 16 9e 55 ce eb ac 94 51 f5 92 01 7d 14 74 b7 | 6d fd aa fc 9f ba bb a8 ae 88 62 ba 1d d7 bd 3e | 42 1f 5a da 2b 55 24 23 8e dc ff b5 6b 3d e9 23 | 7d fa bc 63 92 94 8b 44 58 98 73 9e e6 e5 20 02 | 81 5e 27 25 8f 8d 99 21 9f ab 57 f4 87 5f a1 0d | 6b 2e 83 18 f8 90 36 1e ac 04 93 2f aa b4 86 ad | 7c 36 16 4f f2 5f fe b9 0d 93 90 36 c2 e8 fc 00 | 42 15 28 79 ae 0f e5 e5 e9 29 84 22 5a fd 31 6d | 54 8d 31 57 24 b7 00 f4 16 15 30 9e 60 5e b0 b3 | 25 4c aa 6c 80 41 5c 9c 7d b5 1a 52 0b 99 32 75 | 07 35 cb 1c 86 e4 01 db d3 a6 a7 15 29 30 c6 e5 | 3d f1 6d bf fc 96 b9 04 ff e2 48 f9 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 2c 9f 18 c0 70 b4 b8 13 87 3c e2 01 48 79 6a 91 | c1 b5 eb 6d | outI1 HASH(1): | 2c 9f 18 c0 70 b4 b8 13 87 3c e2 01 48 79 6a 91 | c1 b5 eb 6d | last Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | current Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | a7 ef a3 2c | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 55 f8 07 cf 41 90 fc b6 b2 5c 42 dd 0c d6 e5 35 | 72 76 b5 0c | encrypting: 01 00 00 18 2c 9f 18 c0 70 b4 b8 13 87 3c e2 01 | encrypting: 48 79 6a 91 c1 b5 eb 6d 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 81 0e 0e 70 | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: eb 85 63 16 97 65 7a f6 58 f3 4f 35 7d 1b 23 5e | encrypting: 54 ee cf c4 2a 60 6e 28 25 1c b4 bc fb 71 fb e9 | encrypting: 05 00 01 04 e5 c7 a1 6f a1 a4 54 42 d6 fb ec 3d | encrypting: 37 1c 11 ca 61 b1 46 74 9c 87 7a 73 18 59 00 8c | encrypting: 94 87 df 8b f5 d9 6c 2e 6c f7 52 53 8d b4 f4 0f | encrypting: fc 89 3e 22 e2 32 7e fa 8a a8 33 ab 96 e3 5c ed | encrypting: af ea 7c 0e 26 39 87 63 e4 16 9e 55 ce eb ac 94 | encrypting: 51 f5 92 01 7d 14 74 b7 6d fd aa fc 9f ba bb a8 | encrypting: ae 88 62 ba 1d d7 bd 3e 42 1f 5a da 2b 55 24 23 | encrypting: 8e dc ff b5 6b 3d e9 23 7d fa bc 63 92 94 8b 44 | encrypting: 58 98 73 9e e6 e5 20 02 81 5e 27 25 8f 8d 99 21 | encrypting: 9f ab 57 f4 87 5f a1 0d 6b 2e 83 18 f8 90 36 1e | encrypting: ac 04 93 2f aa b4 86 ad 7c 36 16 4f f2 5f fe b9 | encrypting: 0d 93 90 36 c2 e8 fc 00 42 15 28 79 ae 0f e5 e5 | encrypting: e9 29 84 22 5a fd 31 6d 54 8d 31 57 24 b7 00 f4 | encrypting: 16 15 30 9e 60 5e b0 b3 25 4c aa 6c 80 41 5c 9c | encrypting: 7d b5 1a 52 0b 99 32 75 07 35 cb 1c 86 e4 01 db | encrypting: d3 a6 a7 15 29 30 c6 e5 3d f1 6d bf fc 96 b9 04 | encrypting: ff e2 48 f9 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 55 f8 07 cf 41 90 fc b6 b2 5c 42 dd 0c d6 e5 35 | IV: 72 76 b5 0c | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: f7 38 42 d4 2a b4 46 80 3c 99 01 b3 85 f4 54 30 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #14) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 08 10 20 01 a7 ef a3 2c 00 00 01 bc bc e5 bf da | 59 3b bd 93 18 05 5f 67 3f ea 20 9f 1a e4 99 9d | d7 cf 2d 0a fe 36 22 4c 00 1e d8 a5 8f e7 5e cc | 98 f2 b7 98 66 7d c4 22 42 64 23 70 c1 4f 6b dd | 0e 83 7d d7 16 3f 71 6d 2f d7 ad 3e 52 60 41 a3 | 0b a9 e8 74 3d 85 da 79 50 60 60 ef 33 e0 0c ca | 26 64 8b 22 46 c2 1f 29 17 d9 4c e4 39 e2 95 18 | d3 7a 16 0e d5 91 cc cb 8b b0 b3 3d 24 20 11 77 | 77 8f 68 94 3a fb eb bc 29 2a c5 9c 76 69 1f fe | 85 f6 08 15 8a 9e 10 70 30 04 bc de df 56 6b 7d | b6 77 ce ea af b6 ab 35 04 1f 29 18 81 49 bc 2f | 46 85 ac d7 82 b4 90 39 bc 6a d4 af a9 24 40 32 | b6 76 b0 f0 29 2b 11 37 8f 9e 7c c0 de b9 38 67 | fb f7 a7 16 56 f5 56 39 51 47 c3 0e 8a 87 7a 27 | 96 93 61 71 c2 84 25 bb 03 4e 13 ab e9 35 74 eb | d9 a5 3b 66 6c 57 b2 98 68 3f ca d3 f4 3c bb 0c | ae b3 12 81 38 06 3d 04 64 f5 dd f4 26 87 b1 72 | 33 16 0a ec cf b1 f8 bc 73 2d e9 93 76 f1 38 2d | 13 41 8d c6 a7 e4 c7 90 c8 a8 8c 04 42 a9 02 96 | 4d f9 2b b2 46 62 76 52 ac ac 0f 92 71 0b bc b2 | 3c f3 e9 3b 6d b1 09 aa b9 5f 4f c3 43 8d ad ab | 72 bd 61 34 50 78 77 c8 3e 66 2a 55 92 ca 9b 06 | 7d bb e7 f3 b8 d8 27 ce ab f8 63 e1 a6 ad d1 c4 | 59 a3 d6 a2 68 98 9a 32 05 1c ca f1 7a 9b 03 31 | fe b3 81 e0 b1 da 05 58 85 35 c0 ee f9 55 4d e6 | b2 fe fa b9 de f4 70 12 87 76 6a 40 f7 38 42 d4 | 2a b4 46 80 3c 99 01 b3 85 f4 54 30 | state #14 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f416e398 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #14 | libevent_malloc: new ptr-libevent@0x5573f4162df8 size 128 | #14 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10452.202594 | resume sending helper answer for #14 suppresed complete_v1_state_transition() | #14 spent 0.436 milliseconds in resume sending helper answer | stop processing: state #14 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffabc003088 | spent 0.00236 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 08 10 05 01 c7 5c 4b 5b 00 00 00 4c 23 37 36 70 | 60 ea 0c 83 b0 6a 8e 68 9a 7f 63 9a 92 63 16 32 | 72 70 db dd 21 3d 00 1a a5 3c dd 57 f0 b5 e3 0d | 4c 8d 41 b2 50 c8 2d c8 93 e1 7b 22 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3344714587 (0xc75c4b5b) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #14; msgid=00000000 st_msgid=a7efa32c st_msgid_phase15=00000000 | peer and cookies match on #13; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #13 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #13 in MAIN_I4 (find_v1_info_state) | start processing: state #13 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | current Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b12bc (length 4) | c7 5c 4b 5b | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 08 3a d8 92 c3 46 7c 11 22 9d 5e 55 c9 80 50 22 | 3c 53 c4 a9 | #13 is idle | #13 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 08 3a d8 92 c3 46 7c 11 22 9d 5e 55 c9 80 50 22 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: f0 b5 e3 0d 4c 8d 41 b2 50 c8 2d c8 93 e1 7b 22 | decrypted payload (starts at offset -48): | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 08 10 05 01 c7 5c 4b 5b 00 00 00 4c 0b 00 00 18 | e6 76 75 2b fc a6 57 06 df 61 fd 53 1f 3f 34 0e | d6 d4 2f 85 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffab80085b8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | c7 5c 4b 5b | HASH(1) PRF sha update payload-bytes@0x5573f4161adc (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | e6 76 75 2b fc a6 57 06 df 61 fd 53 1f 3f 34 0e | d6 d4 2f 85 | informational HASH(1): | e6 76 75 2b fc a6 57 06 df 61 fd 53 1f 3f 34 0e | d6 d4 2f 85 | received 'informational' message HASH(1) data ok "aes128" #13: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #13: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #13 spent 0.00928 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #13 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.254 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7ffab4002b78 | handling event EVENT_RETRANSMIT for child state #14 | start processing: state #14 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #14 keying attempt 1 of 0; retransmit 1 "aes128" #14: IMPAIR: retransmit so deleting SA | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #14 ikev1.ipsec failed too-many-retransmits | pstats #14 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #14 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #14: deleting state (STATE_QUICK_I1) aged 0.501s and NOT sending notification | child state #14: QUICK_I1(established CHILD SA) => delete | child state #14: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #14 in CHILDSA_DEL | child state #14: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7ffabc003758: destroyed | stop processing: state #14 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x5573f4162df8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | in statetime_stop() and could not find #14 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.045 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #13 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #13 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #13 ikev1.isakmp deleted completed | [RE]START processing: state #13 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #13: deleting state (STATE_MAIN_I4) aged 0.527s and sending notification | parent state #13: MAIN_I4(established IKE SA) => delete | #13 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 97581355 (0x5d0f92b) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 0f 9d 39 88 3b 32 68 29 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI a5 0f 70 c0 41 9e 17 77 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffabc0031d8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 05 d0 f9 2b | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 0f 9d 39 88 | 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 90 aa 4e c5 b4 91 42 79 4e e9 a4 23 91 4c d2 6c | 5e 52 e5 95 | send delete HASH(1): | 90 aa 4e c5 b4 91 42 79 4e e9 a4 23 91 4c d2 6c | 5e 52 e5 95 | last Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | current Phase 1 IV: 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 33 cb 1c cb d5 11 5b 12 c9 9b 65 16 0e 2e 3c 08 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 05 d0 f9 2b | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | bb 0c 8a 59 11 ba c3 f4 9c 5c b3 ef 9e de 1c 74 | 3f 59 53 fc | encrypting: 0c 00 00 18 90 aa 4e c5 b4 91 42 79 4e e9 a4 23 | encrypting: 91 4c d2 6c 5e 52 e5 95 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 | encrypting: 41 9e 17 77 | IV: bb 0c 8a 59 11 ba c3 f4 9c 5c b3 ef 9e de 1c 74 | IV: 3f 59 53 fc | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 23 4a 47 50 ba ce ed ad 6b dd c5 9c 2f 1b 07 0c | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #13) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 08 10 05 01 05 d0 f9 2b 00 00 00 5c c5 6d 61 02 | 94 dc d0 01 8a a4 1c 91 f8 0f 48 89 4a 4e 71 6e | 40 8f e3 a0 1e 2f f5 13 91 89 b1 55 91 64 05 6b | a3 3e 01 f6 45 bc 54 f4 48 db 58 b9 23 4a 47 50 | ba ce ed ad 6b dd c5 9c 2f 1b 07 0c | state #13 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab8003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #13 in MAIN_I4 | parent state #13: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffac0002168: destroyed | stop processing: state #13 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4150a70 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.577 milliseconds in whack | spent 0.00215 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 0f 9d 39 88 3b 32 68 29 a5 0f 70 c0 41 9e 17 77 | 08 10 05 01 b2 d3 1b 9a 00 00 00 5c fb 41 d8 3c | 85 88 14 8a 5f 7c c0 6f 36 d0 02 7e dd 77 69 77 | 45 c0 d2 bd 15 9a 4c 85 69 8f c8 87 0d 2e ce a6 | 6c 92 6c 1f a6 9c 26 6f a2 f2 55 6c 61 11 b9 c1 | 4b 6f 43 10 28 20 8a 3c ec 81 50 e5 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 0f 9d 39 88 3b 32 68 29 | responder cookie: | a5 0f 70 c0 41 9e 17 77 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3000179610 (0xb2d31b9a) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xb2d31b9a | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 0f 9d 39 88 3b 32 68 29 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | a5 0f 70 c0 41 9e 17 77 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0765 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0472 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0472 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0501 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0509 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.106 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #15 at 0x5573f4163978 | State DB: adding IKEv1 state #15 in UNDEFINED | pstats #15 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #15 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #15: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #15 "aes128" "aes128" #15: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f4163368 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "aes128" #15: IMPAIR: stripping key-length "aes128" #15: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | d5 80 2b 12 69 31 15 e5 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | #15 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.202708 | #15 spent 0.307 milliseconds in main_outI1() | stop processing: state #15 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.356 milliseconds in whack | spent 0.00202 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #15 in MAIN_I1 (find_state_ikev1_init) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 18 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffabc003088 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #15 and saving MD | #15 is busy; has a suspended MD | #15 spent 0.0988 milliseconds in process_packet_tail() | crypto helper 4 resuming | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 4 starting work-order 18 for state #15 | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | crypto helper 4 doing build KE and nonce (outI2 KE); request ID 18 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.204 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffab00057f8: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffab00057f8 | NSS: Public DH wire value: | 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | Generated nonce: b3 61 40 d6 b4 db f0 9b bf fa 13 9c 9a 13 ab 0b | Generated nonce: b1 3b 0c 8e 18 db db b4 68 d2 d9 ed f6 ef 0c c9 | crypto helper 4 finished build KE and nonce (outI2 KE); request ID 18 time elapsed 0.000641 seconds | (#15) spent 0.64 milliseconds in crypto helper computing work-order 18: outI2 KE (pcr) | crypto helper 4 sending results from work-order 18 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7ffab00058f8 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 18 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #15: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffab00057f8: transferring ownership from helper KE to state #15 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | keyex value 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | keyex value 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | keyex value 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | keyex value 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | keyex value c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | keyex value 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | keyex value cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | keyex value f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | keyex value 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | keyex value 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | keyex value aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | keyex value ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | keyex value 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | keyex value ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | keyex value b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni b3 61 40 d6 b4 db f0 9b bf fa 13 9c 9a 13 ab 0b | Ni b1 3b 0c 8e 18 db db b4 68 d2 d9 ed f6 ef 0c c9 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | d5 80 2b 12 69 31 15 e5 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 17 f2 a3 4a 11 28 a8 8d | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | 61 42 71 11 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= d5 80 2b 12 69 31 15 e5 | natd_hash: rcookie= 17 f2 a3 4a 11 28 a8 8d | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | natd_hash: hash= 61 42 71 11 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | NAT-D 61 42 71 11 | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | d5 80 2b 12 69 31 15 e5 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 17 f2 a3 4a 11 28 a8 8d | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | 4e fa c6 ff | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= d5 80 2b 12 69 31 15 e5 | natd_hash: rcookie= 17 f2 a3 4a 11 28 a8 8d | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | natd_hash: hash= 4e fa c6 ff | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | NAT-D 4e fa c6 ff | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #15 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #15: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffabc003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | 14 00 00 24 b3 61 40 d6 b4 db f0 9b bf fa 13 9c | 9a 13 ab 0b b1 3b 0c 8e 18 db db b4 68 d2 d9 ed | f6 ef 0c c9 14 00 00 18 22 bc a5 e5 fa e6 d2 e3 | c1 18 8c 19 fc b8 0e 51 61 42 71 11 00 00 00 18 | 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | 4e fa c6 ff | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | #15 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.204242 "aes128" #15: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.236 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab00058f8 | spent 0.00212 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | 14 00 00 24 ac be 9a aa 4f 24 7e a8 4d fd f4 08 | a2 a3 d1 8e 80 fd 3d 30 30 4c ea 11 61 fb 52 a1 | a5 5c 51 d2 14 00 00 18 5e 8f 9d 79 b0 60 7d 1a | 59 7a 21 fe 42 5b 51 47 4e fa c6 ff 00 00 00 18 | 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | 61 42 71 11 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I2 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffab00057f8: transferring ownership from state #15 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 19 for state #15 | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #15 | libevent_malloc: new ptr-libevent@0x7ffab00058f8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #15 and saving MD | crypto helper 2 resuming | crypto helper 2 starting work-order 19 for state #15 | #15 is busy; has a suspended MD | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 | peer's g: 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | #15 spent 0.0901 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.239 milliseconds in comm_handle_cb() reading and processing packet | peer's g: fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | peer's g: 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | peer's g: 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | peer's g: ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | peer's g: 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | peer's g: f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | peer's g: ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | peer's g: c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | peer's g: e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | peer's g: 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | peer's g: 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | peer's g: fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | peer's g: e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | peer's g: cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | peer's g: 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffab00057f8: computed shared DH secret key@0x5573f40c6080 | dh-shared : g^ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: psk-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: psk-key@0x5573f4150e50 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f40bfec0 | SKEYID psk prf: created sha context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk prf: begin sha with context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk: release clone-key@0x5573f4150e50 | SKEYID psk PRF sha crypt-prf@0x7ffab4001278 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | b3 61 40 d6 b4 db f0 9b bf fa 13 9c 9a 13 ab 0b | b1 3b 0c 8e 18 db db b4 68 d2 d9 ed f6 ef 0c c9 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | ac be 9a aa 4f 24 7e a8 4d fd f4 08 a2 a3 d1 8e | 80 fd 3d 30 30 4c ea 11 61 fb 52 a1 a5 5c 51 d2 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID psk PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID psk: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_d: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1718 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d: release clone-key@0x5573f40bfec0 | SKEYID_d PRF sha crypt-prf@0x7ffab4001548 | SKEYID_d PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_d: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 2d 32 09 85 94 98 54 7e a8 23 0e 0a 26 a6 60 30 77 aa 07 b2 40 89 69 f1 53 ac 65 d8 e1 22 54 28 44 45 74 21 8e bc 1c 8b 6e a9 43 5a 62 fe 27 1c 1a 6e 6e e8 a0 09 92 fa 81 4b 08 7d 81 24 b7 79 d2 40 7f 36 5b 47 82 2d e6 88 25 17 69 a1 5c 94 cc 07 8e 3c 20 a3 95 f6 77 77 08 5e 65 30 5f 37 35 66 27 ab 81 d3 03 3e cf 04 49 f7 3d 20 94 fe f4 ce 89 2b 5b 2c 76 a4 5e 45 da ff 3a c8 a4 f9 be 8d 2f 27 15 22 ef 1d 84 b8 94 1d 41 36 65 1b 9b ea ed 89 3a 26 4b 4c ae db 2d 20 fd b2 0a 7a 99 f9 9f ff 85 ca e3 85 e4 3e 90 4f 03 59 78 9b cc 31 07 b2 96 ba 31 33 bd a3 8a 3d b8 d8 e2 97 c9 7e b8 1a 76 b9 b1 04 30 71 85 ba 6d 6f de ff 4b 16 08 bd a1 8d 81 03 8f 7b 20 bb aa fe 33 3a f3 c5 df d4 db 30 08 a9 e6 5d 99 15 94 59 d0 c3 96 fb d2 c7 51 55 7f e2 95 6e 62 db a5 8e 35 34 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab40018c8 | unwrapped: b7 e8 e7 6a 3e be ec 3c 40 cf 20 07 da e4 5f e7 | unwrapped: 39 78 71 60 11 99 b1 97 56 d9 bf f7 7f 35 54 d3 | unwrapped: 22 b7 e0 08 24 a0 4c 95 66 49 db 86 06 a5 dd ae | unwrapped: 4a 18 61 e2 92 7a 8b ab 3c 95 ec d8 10 09 9d 62 | unwrapped: 7a c7 af 1b 6e 47 ea f3 49 c7 fc af 27 be ff 5b | unwrapped: e7 44 72 b3 05 55 71 ef e9 63 81 9f a2 7c 6e 9f | unwrapped: 13 1f f6 b2 eb fb 2d 2b 46 08 e6 e4 19 7e f9 3c | unwrapped: 6b 10 9b b2 a9 ec bd 91 a0 4c 1f db 20 a3 85 31 | unwrapped: 79 4a eb 0c 24 33 66 d1 0e d0 a0 a4 8a 4c fc a6 | unwrapped: ef 13 07 83 25 44 ae 33 43 e9 24 e1 da 9a 8e 28 | unwrapped: 9f 13 d2 b1 84 f9 d3 5c f0 00 8e cc 97 47 05 b7 | unwrapped: 95 ba 7e 7d 39 ae 3a 64 3b bb 0b c6 d0 92 86 4c | unwrapped: f4 00 0b 08 16 8c 96 8d 2c 0b 77 33 e5 a8 b5 27 | unwrapped: 35 9f 2e 4f 5d 0b e6 e9 ce a9 bb 45 8a 86 dc 7e | unwrapped: 46 dc 35 da 88 cd 15 74 04 a9 37 ee 3e 7a 57 72 | unwrapped: c1 a6 7d 0f a2 ae e8 72 58 0b 01 4e 4c 58 30 c1 | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | d5 80 2b 12 69 31 15 e5 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 17 f2 a3 4a 11 28 a8 8d | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID_d PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_d: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_a: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a: release clone-key@0x5573f414d560 | SKEYID_a PRF sha crypt-prf@0x7ffab4001278 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f40bfec0 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 2e 96 c1 ab 19 ec fa dc e2 cc 8d cd 3e 9a ae 45 df 01 7a 04 07 b8 c3 69 a5 ef c2 fa 40 8a 5c e8 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab40039e8 | unwrapped: a5 64 39 57 99 bf 3a 68 3f 9f 1f 42 82 49 e5 3a | unwrapped: b8 26 75 7a 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_a: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 2d 32 09 85 94 98 54 7e a8 23 0e 0a 26 a6 60 30 77 aa 07 b2 40 89 69 f1 53 ac 65 d8 e1 22 54 28 44 45 74 21 8e bc 1c 8b 6e a9 43 5a 62 fe 27 1c 1a 6e 6e e8 a0 09 92 fa 81 4b 08 7d 81 24 b7 79 d2 40 7f 36 5b 47 82 2d e6 88 25 17 69 a1 5c 94 cc 07 8e 3c 20 a3 95 f6 77 77 08 5e 65 30 5f 37 35 66 27 ab 81 d3 03 3e cf 04 49 f7 3d 20 94 fe f4 ce 89 2b 5b 2c 76 a4 5e 45 da ff 3a c8 a4 f9 be 8d 2f 27 15 22 ef 1d 84 b8 94 1d 41 36 65 1b 9b ea ed 89 3a 26 4b 4c ae db 2d 20 fd b2 0a 7a 99 f9 9f ff 85 ca e3 85 e4 3e 90 4f 03 59 78 9b cc 31 07 b2 96 ba 31 33 bd a3 8a 3d b8 d8 e2 97 c9 7e b8 1a 76 b9 b1 04 30 71 85 ba 6d 6f de ff 4b 16 08 bd a1 8d 81 03 8f 7b 20 bb aa fe 33 3a f3 c5 df d4 db 30 08 a9 e6 5d 99 15 94 59 d0 c3 96 fb d2 c7 51 55 7f e2 95 6e 62 db a5 8e 35 34 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab4004678 | unwrapped: b7 e8 e7 6a 3e be ec 3c 40 cf 20 07 da e4 5f e7 | unwrapped: 39 78 71 60 11 99 b1 97 56 d9 bf f7 7f 35 54 d3 | unwrapped: 22 b7 e0 08 24 a0 4c 95 66 49 db 86 06 a5 dd ae | unwrapped: 4a 18 61 e2 92 7a 8b ab 3c 95 ec d8 10 09 9d 62 | unwrapped: 7a c7 af 1b 6e 47 ea f3 49 c7 fc af 27 be ff 5b | unwrapped: e7 44 72 b3 05 55 71 ef e9 63 81 9f a2 7c 6e 9f | unwrapped: 13 1f f6 b2 eb fb 2d 2b 46 08 e6 e4 19 7e f9 3c | unwrapped: 6b 10 9b b2 a9 ec bd 91 a0 4c 1f db 20 a3 85 31 | unwrapped: 79 4a eb 0c 24 33 66 d1 0e d0 a0 a4 8a 4c fc a6 | unwrapped: ef 13 07 83 25 44 ae 33 43 e9 24 e1 da 9a 8e 28 | unwrapped: 9f 13 d2 b1 84 f9 d3 5c f0 00 8e cc 97 47 05 b7 | unwrapped: 95 ba 7e 7d 39 ae 3a 64 3b bb 0b c6 d0 92 86 4c | unwrapped: f4 00 0b 08 16 8c 96 8d 2c 0b 77 33 e5 a8 b5 27 | unwrapped: 35 9f 2e 4f 5d 0b e6 e9 ce a9 bb 45 8a 86 dc 7e | unwrapped: 46 dc 35 da 88 cd 15 74 04 a9 37 ee 3e 7a 57 72 | unwrapped: c1 a6 7d 0f a2 ae e8 72 58 0b 01 4e 4c 58 30 c1 | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | d5 80 2b 12 69 31 15 e5 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 17 f2 a3 4a 11 28 a8 8d | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: final-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414f010 | SKEYID_a PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_a: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_e: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: clone-key@0x5573f414f010 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e: release clone-key@0x5573f414f010 | SKEYID_e PRF sha crypt-prf@0x7ffab4001548 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f414d560 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 2e 67 30 6f 66 d8 92 d7 5a c2 d7 73 1d d2 d8 bd 17 e4 54 5e 43 da 89 43 e3 9c 73 cc f2 b2 36 dd | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab4002148 | unwrapped: 9c 47 4f 2d e3 87 45 8d b6 38 99 6a 63 50 80 0d | unwrapped: 12 01 36 3f 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_e: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 2d 32 09 85 94 98 54 7e a8 23 0e 0a 26 a6 60 30 77 aa 07 b2 40 89 69 f1 53 ac 65 d8 e1 22 54 28 44 45 74 21 8e bc 1c 8b 6e a9 43 5a 62 fe 27 1c 1a 6e 6e e8 a0 09 92 fa 81 4b 08 7d 81 24 b7 79 d2 40 7f 36 5b 47 82 2d e6 88 25 17 69 a1 5c 94 cc 07 8e 3c 20 a3 95 f6 77 77 08 5e 65 30 5f 37 35 66 27 ab 81 d3 03 3e cf 04 49 f7 3d 20 94 fe f4 ce 89 2b 5b 2c 76 a4 5e 45 da ff 3a c8 a4 f9 be 8d 2f 27 15 22 ef 1d 84 b8 94 1d 41 36 65 1b 9b ea ed 89 3a 26 4b 4c ae db 2d 20 fd b2 0a 7a 99 f9 9f ff 85 ca e3 85 e4 3e 90 4f 03 59 78 9b cc 31 07 b2 96 ba 31 33 bd a3 8a 3d b8 d8 e2 97 c9 7e b8 1a 76 b9 b1 04 30 71 85 ba 6d 6f de ff 4b 16 08 bd a1 8d 81 03 8f 7b 20 bb aa fe 33 3a f3 c5 df d4 db 30 08 a9 e6 5d 99 15 94 59 d0 c3 96 fb d2 c7 51 55 7f e2 95 6e 62 db a5 8e 35 34 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab40018c8 | unwrapped: b7 e8 e7 6a 3e be ec 3c 40 cf 20 07 da e4 5f e7 | unwrapped: 39 78 71 60 11 99 b1 97 56 d9 bf f7 7f 35 54 d3 | unwrapped: 22 b7 e0 08 24 a0 4c 95 66 49 db 86 06 a5 dd ae | unwrapped: 4a 18 61 e2 92 7a 8b ab 3c 95 ec d8 10 09 9d 62 | unwrapped: 7a c7 af 1b 6e 47 ea f3 49 c7 fc af 27 be ff 5b | unwrapped: e7 44 72 b3 05 55 71 ef e9 63 81 9f a2 7c 6e 9f | unwrapped: 13 1f f6 b2 eb fb 2d 2b 46 08 e6 e4 19 7e f9 3c | unwrapped: 6b 10 9b b2 a9 ec bd 91 a0 4c 1f db 20 a3 85 31 | unwrapped: 79 4a eb 0c 24 33 66 d1 0e d0 a0 a4 8a 4c fc a6 | unwrapped: ef 13 07 83 25 44 ae 33 43 e9 24 e1 da 9a 8e 28 | unwrapped: 9f 13 d2 b1 84 f9 d3 5c f0 00 8e cc 97 47 05 b7 | unwrapped: 95 ba 7e 7d 39 ae 3a 64 3b bb 0b c6 d0 92 86 4c | unwrapped: f4 00 0b 08 16 8c 96 8d 2c 0b 77 33 e5 a8 b5 27 | unwrapped: 35 9f 2e 4f 5d 0b e6 e9 ce a9 bb 45 8a 86 dc 7e | unwrapped: 46 dc 35 da 88 cd 15 74 04 a9 37 ee 3e 7a 57 72 | unwrapped: c1 a6 7d 0f a2 ae e8 72 58 0b 01 4e 4c 58 30 c1 | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | d5 80 2b 12 69 31 15 e5 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 17 f2 a3 4a 11 28 a8 8d | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1710 | result: final-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150a70 | SKEYID_e PRF sha final-key@0x5573f414f010 (size 20) | SKEYID_e: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1768 | result: keymat-key@0x5573f4150a70 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f40bfec0, skeyid_a 0x5573f414d560, skeyid_e 0x5573f414f010, enc_key 0x5573f4150a70 | DH_i: 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | DH_i: 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | DH_i: 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | DH_i: 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | DH_i: 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | DH_i: c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | DH_i: 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | DH_i: cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | DH_i: f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | DH_i: 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | DH_i: 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | DH_i: aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | DH_i: ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | DH_i: 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | DH_i: ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | DH_i: b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | DH_r: 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | DH_r: fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | DH_r: 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | DH_r: 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | DH_r: ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | DH_r: 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | DH_r: f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | DH_r: ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | DH_r: c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | DH_r: e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | DH_r: 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | DH_r: 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | DH_r: fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | DH_r: e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | DH_r: cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | DH_r: 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | new IV hash sha final chunk@0x7ffab4002148 (length 20) | 3a 72 ab a7 3f 3d 47 eb df 46 85 8b 3d 71 9b f1 | 4a 12 92 ba | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 19 time elapsed 0.001365 seconds | (#15) spent 1.32 milliseconds in crypto helper computing work-order 19: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 19 for state #15 to event queue | scheduling resume sending helper answer for #15 | libevent_malloc: new ptr-libevent@0x7ffab4001378 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 19 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #15: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffab00057f8: transferring ownership from helper IKEv1 DH+IV to state #15 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | d5 80 2b 12 69 31 15 e5 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 17 f2 a3 4a 11 28 a8 8d | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | 4e fa c6 ff | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= d5 80 2b 12 69 31 15 e5 | natd_hash: rcookie= 17 f2 a3 4a 11 28 a8 8d | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | natd_hash: hash= 4e fa c6 ff | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | d5 80 2b 12 69 31 15 e5 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 17 f2 a3 4a 11 28 a8 8d | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | 61 42 71 11 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= d5 80 2b 12 69 31 15 e5 | natd_hash: rcookie= 17 f2 a3 4a 11 28 a8 8d | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | natd_hash: hash= 61 42 71 11 | expected NAT-D(me): 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | expected NAT-D(me): 4e fa c6 ff | expected NAT-D(him): | 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | 61 42 71 11 | received NAT-D: 5e 8f 9d 79 b0 60 7d 1a 59 7a 21 fe 42 5b 51 47 | received NAT-D: 4e fa c6 ff | received NAT-D: 22 bc a5 e5 fa e6 d2 e3 c1 18 8c 19 fc b8 0e 51 | received NAT-D: 61 42 71 11 | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f41637c8 | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | d5 80 2b 12 69 31 15 e5 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 17 f2 a3 4a 11 28 a8 8d | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | aa e9 8c 63 dc fa 96 c2 07 68 cc 63 3c 8d 81 cf | 9b 77 2c 1f | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I aa e9 8c 63 dc fa 96 c2 07 68 cc 63 3c 8d 81 cf | HASH_I 9b 77 2c 1f | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: aa e9 8c 63 dc fa 96 c2 07 68 cc 63 3c 8d 81 cf | encrypting: 9b 77 2c 1f | IV: 3a 72 ab a7 3f 3d 47 eb df 46 85 8b 3d 71 9b f1 | IV: 4a 12 92 ba | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a1 fc cb 43 ce 21 23 9b 66 0a 4b 1e a5 68 a0 44 | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #15: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffab00058f8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 05 10 02 01 00 00 00 00 00 00 00 4c 7d ab 3b 44 | a8 74 9f d4 13 a7 5e ad dc 1a 73 8d e7 2f c0 00 | f6 14 01 b1 e2 cb c0 69 0c 21 98 bf a1 fc cb 43 | ce 21 23 9b 66 0a 4b 1e a5 68 a0 44 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #15 | libevent_malloc: new ptr-libevent@0x5573f4163548 size 128 | #15 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.207628 "aes128" #15: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #15 suppresed complete_v1_state_transition() | #15 spent 0.482 milliseconds in resume sending helper answer | stop processing: state #15 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab4001378 | spent 0.00244 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 05 10 02 01 00 00 00 00 00 00 00 4c 7d d7 3a 20 | f0 48 9a 05 eb 91 be 18 79 36 e6 e6 7f b9 8c b3 | fb 18 f5 f9 28 73 9f f7 55 6c a5 05 53 58 3c ab | 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #15 in MAIN_I3 (find_state_ikev1) | start processing: state #15 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #15 is idle | #15 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: a1 fc cb 43 ce 21 23 9b 66 0a 4b 1e a5 68 a0 44 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | decrypted payload (starts at offset -48): | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 f0 32 de 9f | 1e 9f cf e6 ec f4 1a d3 5b 01 dc a0 05 2c 1c bc | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #15: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab4002148 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | 35 bd 45 78 f9 f6 66 2c 3b 9d 94 89 e3 9c 48 c0 | fe d3 dd 8d 1a ca eb c8 9e 5f 19 b2 f3 8c 31 0b | 1b 7f 95 9d b4 c9 78 ee 43 db 53 54 3f 74 a2 ac | 5b 30 06 df 36 97 96 6e e1 2b 45 da 2a e9 40 26 | ac 7e 1f a4 6c 4d ba ea 6e e6 57 97 fb 7f dd e9 | 95 dc 7b 79 a8 a8 b9 12 72 90 2a 77 c6 4e bc 99 | f0 01 f2 f6 74 5e 79 55 95 85 b4 65 94 9b 96 c4 | ce f1 63 e1 43 93 c0 e2 9e 99 b8 4f 4c b1 b3 4d | c1 33 70 56 72 5f 70 82 23 90 04 84 ef 17 ef 41 | e0 80 71 a3 b4 62 d3 1d 7d c1 f1 08 2f 67 fb 44 | 0a 6d 25 9c 50 82 72 b5 3e e8 8f 98 4e 20 1b be | 93 c1 53 29 af 34 5d c2 79 67 29 ad f9 a0 cf fa | fc 56 29 49 ff 18 91 a8 35 1c 00 4f 63 9c 68 ad | e2 7b c8 a8 2f 43 05 d4 4f cf 7f fb 7e d1 44 33 | cb 59 8c c1 29 bc 56 cf 25 16 e4 9b a4 8a e3 9c | 64 32 23 b5 dc 5a 6e 22 1a 86 fe 9c 8a 6c f7 f7 | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | 24 47 f9 ef 76 d0 c2 e3 a6 c6 cc 6f ed 12 fc ca | 9b b3 9c bc 4d e2 dc ef 01 64 1e d5 bc 53 2c 86 | 82 cc 4b 9c c3 0e 87 a4 ec ce 91 bb 92 70 52 00 | 56 36 c5 2c cd d9 44 1c f4 f9 41 66 78 0e 0d c1 | 8a 87 f3 a7 5e b5 29 e1 09 49 d5 5a a4 89 8f d8 | c5 8f 08 aa 3c d2 1e e6 f1 a6 0c 12 b6 42 53 73 | 21 8a ca f5 bd d1 45 e2 29 c9 04 76 c0 ff 72 e9 | cc 0f 8e b1 ec 4f 5c 03 67 a8 6f ad 62 7e 0a 28 | f7 02 f0 25 2e c1 f5 ce 5c e6 79 c3 85 94 17 3c | 1f 1d 94 42 0a e3 c5 47 cc d6 24 66 5f 5a 32 3c | 4d 57 b4 b4 a8 a1 c6 1e 2d 1a 54 5c ec aa a6 3d | aa a9 f4 90 53 fa 41 f4 f9 5f 35 5c c3 98 28 aa | ee 30 6d be fa 6a 87 d4 b9 71 08 43 92 f8 43 31 | 98 8e f7 2d d5 f4 9f 6c 7f 64 59 9f 7c a2 e3 a0 | ec 62 c6 91 4b 9c bb 55 d8 3b 8a b9 7b 4b 66 91 | b9 f2 ef 33 17 b2 8e 75 4e a6 4b 04 09 5d a4 48 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 17 f2 a3 4a 11 28 a8 8d | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | d5 80 2b 12 69 31 15 e5 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f40bb8b8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | f0 32 de 9f 1e 9f cf e6 ec f4 1a d3 5b 01 dc a0 | 05 2c 1c bc | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #15 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #15: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #15 requesting EVENT_RETRANSMIT to be deleted | #15 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163548 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2646 seconds for #15 | libevent_malloc: new ptr-libevent@0x7ffab4001378 size 128 | pstats #15 ikev1.isakmp established "aes128" #15: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #15 | creating state object #16 at 0x5573f4166828 | State DB: adding IKEv1 state #16 in UNDEFINED | pstats #16 ikev1.ipsec started | duplicating state object #15 "aes128" as #16 for IPSEC SA | #16 setting local endpoint to 192.1.2.45:500 from #15.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_d_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ai_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f4150a70 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #15 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #16 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #16: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #16: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#15 msgid:3d72ebbb proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 20 for state #16 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | stop processing: state #16 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #15 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f4165f68} | crypto helper 5 resuming | crypto helper 5 starting work-order 20 for state #16 | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 20 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | close_any(fd@24) (in release_whack() at state.c:654) | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | #15 spent 0.374 milliseconds in process_packet_tail() | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | stop processing: state #15 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.522 milliseconds in comm_handle_cb() reading and processing packet | DH secret MODP2048@0x7ffaa8006b98: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffaa8006b98 | NSS: Public DH wire value: | 63 07 41 8a 8a 00 a2 f9 a9 18 5e 8d d0 9f 5b 64 | 81 a1 7b 0a c6 f2 c8 80 70 47 d9 18 98 c6 5a bc | 8b a1 ed 4f ab 65 c9 3b f7 fa 3a 90 06 cb 2f 05 | 6a ed 24 36 3a bd 0c 4c 46 e9 00 79 15 29 20 b6 | a3 69 33 63 2d 6a c5 2a aa 35 0f ef d3 6a 6f f1 | f6 b8 70 4d f1 ff 85 e0 dc b1 df ba e7 06 c3 9b | 0b 72 e8 d6 f4 48 6b f7 c1 86 9b 87 0c c3 76 89 | 05 ba 02 45 e8 17 e2 36 84 aa c6 ab 02 00 fc 3a | bf 5e 6f 39 fb f8 75 50 20 ee 0e 7c 42 dd 0c fe | 2c 22 b7 8c ae ea f5 5f 8a cd bc cd 4e 38 c7 4a | 4b f8 96 0b 2a 58 e9 87 2b 5b 0f a8 01 62 62 a5 | b3 da 74 03 20 a3 8c 7b 24 4a 23 9d e8 37 70 eb | 92 d9 12 fd ea ea 58 21 85 5a 89 62 b3 d1 b1 8b | b8 91 88 d0 db bc cf 04 82 7c c8 a8 43 69 1b 1d | 62 90 ee a6 a1 b3 a0 24 f1 23 94 f9 c6 01 28 6f | 2e 10 15 88 89 6b 58 99 7e dd ba 3f cb 9a dc 4c | Generated nonce: 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | Generated nonce: 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 20 time elapsed 0.000701 seconds | (#16) spent 0.695 milliseconds in crypto helper computing work-order 20: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 20 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7ffaa80011a8 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 20 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #16: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1030941627 (0x3d72ebbb) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x2c6061b8 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 2c 60 61 b8 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ESP): 32 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | Ni 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from helper KE to state #16 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 63 07 41 8a 8a 00 a2 f9 a9 18 5e 8d d0 9f 5b 64 | keyex value 81 a1 7b 0a c6 f2 c8 80 70 47 d9 18 98 c6 5a bc | keyex value 8b a1 ed 4f ab 65 c9 3b f7 fa 3a 90 06 cb 2f 05 | keyex value 6a ed 24 36 3a bd 0c 4c 46 e9 00 79 15 29 20 b6 | keyex value a3 69 33 63 2d 6a c5 2a aa 35 0f ef d3 6a 6f f1 | keyex value f6 b8 70 4d f1 ff 85 e0 dc b1 df ba e7 06 c3 9b | keyex value 0b 72 e8 d6 f4 48 6b f7 c1 86 9b 87 0c c3 76 89 | keyex value 05 ba 02 45 e8 17 e2 36 84 aa c6 ab 02 00 fc 3a | keyex value bf 5e 6f 39 fb f8 75 50 20 ee 0e 7c 42 dd 0c fe | keyex value 2c 22 b7 8c ae ea f5 5f 8a cd bc cd 4e 38 c7 4a | keyex value 4b f8 96 0b 2a 58 e9 87 2b 5b 0f a8 01 62 62 a5 | keyex value b3 da 74 03 20 a3 8c 7b 24 4a 23 9d e8 37 70 eb | keyex value 92 d9 12 fd ea ea 58 21 85 5a 89 62 b3 d1 b1 8b | keyex value b8 91 88 d0 db bc cf 04 82 7c c8 a8 43 69 1b 1d | keyex value 62 90 ee a6 a1 b3 a0 24 f1 23 94 f9 c6 01 28 6f | keyex value 2e 10 15 88 89 6b 58 99 7e dd ba 3f cb 9a dc 4c | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4161ba8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | 3d 72 eb bb | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 2c 60 61 b8 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 70 e9 85 d8 | 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 07 b7 86 fe | ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb 05 00 01 04 | 63 07 41 8a 8a 00 a2 f9 a9 18 5e 8d d0 9f 5b 64 | 81 a1 7b 0a c6 f2 c8 80 70 47 d9 18 98 c6 5a bc | 8b a1 ed 4f ab 65 c9 3b f7 fa 3a 90 06 cb 2f 05 | 6a ed 24 36 3a bd 0c 4c 46 e9 00 79 15 29 20 b6 | a3 69 33 63 2d 6a c5 2a aa 35 0f ef d3 6a 6f f1 | f6 b8 70 4d f1 ff 85 e0 dc b1 df ba e7 06 c3 9b | 0b 72 e8 d6 f4 48 6b f7 c1 86 9b 87 0c c3 76 89 | 05 ba 02 45 e8 17 e2 36 84 aa c6 ab 02 00 fc 3a | bf 5e 6f 39 fb f8 75 50 20 ee 0e 7c 42 dd 0c fe | 2c 22 b7 8c ae ea f5 5f 8a cd bc cd 4e 38 c7 4a | 4b f8 96 0b 2a 58 e9 87 2b 5b 0f a8 01 62 62 a5 | b3 da 74 03 20 a3 8c 7b 24 4a 23 9d e8 37 70 eb | 92 d9 12 fd ea ea 58 21 85 5a 89 62 b3 d1 b1 8b | b8 91 88 d0 db bc cf 04 82 7c c8 a8 43 69 1b 1d | 62 90 ee a6 a1 b3 a0 24 f1 23 94 f9 c6 01 28 6f | 2e 10 15 88 89 6b 58 99 7e dd ba 3f cb 9a dc 4c | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 83 f4 e8 37 38 7e cc 72 08 5c cf dd b8 70 45 9b | 3d d4 7d a5 | outI1 HASH(1): | 83 f4 e8 37 38 7e cc 72 08 5c cf dd b8 70 45 9b | 3d d4 7d a5 | last Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | current Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | 3d 72 eb bb | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 7a bd db ba 24 ea 7a 4e b8 26 1a c7 a9 8f d5 00 | 4f ea 7c 1e | encrypting: 01 00 00 18 83 f4 e8 37 38 7e cc 72 08 5c cf dd | encrypting: b8 70 45 9b 3d d4 7d a5 0a 00 00 38 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 2c 00 03 04 01 2c 60 61 b8 | encrypting: 00 00 00 20 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 80 06 00 80 | encrypting: 04 00 00 24 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 | encrypting: 9e 51 3f 42 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 | encrypting: d3 6c 55 cb 05 00 01 04 63 07 41 8a 8a 00 a2 f9 | encrypting: a9 18 5e 8d d0 9f 5b 64 81 a1 7b 0a c6 f2 c8 80 | encrypting: 70 47 d9 18 98 c6 5a bc 8b a1 ed 4f ab 65 c9 3b | encrypting: f7 fa 3a 90 06 cb 2f 05 6a ed 24 36 3a bd 0c 4c | encrypting: 46 e9 00 79 15 29 20 b6 a3 69 33 63 2d 6a c5 2a | encrypting: aa 35 0f ef d3 6a 6f f1 f6 b8 70 4d f1 ff 85 e0 | encrypting: dc b1 df ba e7 06 c3 9b 0b 72 e8 d6 f4 48 6b f7 | encrypting: c1 86 9b 87 0c c3 76 89 05 ba 02 45 e8 17 e2 36 | encrypting: 84 aa c6 ab 02 00 fc 3a bf 5e 6f 39 fb f8 75 50 | encrypting: 20 ee 0e 7c 42 dd 0c fe 2c 22 b7 8c ae ea f5 5f | encrypting: 8a cd bc cd 4e 38 c7 4a 4b f8 96 0b 2a 58 e9 87 | encrypting: 2b 5b 0f a8 01 62 62 a5 b3 da 74 03 20 a3 8c 7b | encrypting: 24 4a 23 9d e8 37 70 eb 92 d9 12 fd ea ea 58 21 | encrypting: 85 5a 89 62 b3 d1 b1 8b b8 91 88 d0 db bc cf 04 | encrypting: 82 7c c8 a8 43 69 1b 1d 62 90 ee a6 a1 b3 a0 24 | encrypting: f1 23 94 f9 c6 01 28 6f 2e 10 15 88 89 6b 58 99 | encrypting: 7e dd ba 3f cb 9a dc 4c 05 00 00 10 04 00 00 00 | encrypting: c0 00 01 00 ff ff ff 00 00 00 00 10 04 00 00 00 | encrypting: c0 00 02 00 ff ff ff 00 | IV: 7a bd db ba 24 ea 7a 4e b8 26 1a c7 a9 8f d5 00 | IV: 4f ea 7c 1e | unpadded size is: 408 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: a4 f2 1f c1 dd 69 f8 b0 ba b2 c5 78 5b 04 5a e5 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 20 01 3d 72 eb bb 00 00 01 bc d4 7c 72 a6 | 81 1d c4 51 34 5f f4 10 e4 82 fc 3e fd 5f 4e 62 | ca 0f 54 03 61 df 91 b7 5d 20 f3 ee 2a 16 a1 03 | 55 9e 9f 69 2a 84 04 c3 4e f8 bd a1 69 05 79 38 | 52 a9 e8 b2 ed 07 ee 2e 2e a8 c1 68 8e 59 f6 b4 | 4b 52 ac 54 a7 40 47 ef 1f fb 82 22 39 06 3e 94 | 97 14 a4 b2 8c d1 4c 0c d3 a1 c1 d2 94 e9 ba c9 | 7c ac a0 71 27 52 3a b8 0c ee 57 b5 15 29 97 72 | 1a 5c 1c 35 e8 a4 75 d0 27 54 d3 8f d0 33 5c fe | 2e 11 03 26 f0 dc df 8c a5 70 f9 97 86 61 39 11 | 39 08 84 4a 7b d0 78 0d 3a 61 cb ce 44 61 04 54 | a2 22 2e 10 c5 79 e2 9d d1 e1 91 a1 1a bb 80 fd | 54 43 a8 65 14 6b 75 43 d3 cd e0 24 4a fc 44 bb | e4 87 fc 31 b8 4e 0e db a1 e1 bf 3f a8 ec 55 5a | 18 05 40 26 03 db 4e ae 78 57 80 fb fa 19 3f e9 | dc f3 4a a3 a3 a7 f3 42 e7 ea 49 70 1f 2c 39 4f | 9f ef a6 69 e2 f6 ae 79 fb ab 8d d5 e0 f7 12 57 | f0 36 f7 b5 76 d2 bb d2 35 a6 ca 38 20 fa c9 04 | 96 fc bb 53 96 a1 95 5c 7f 9d 17 b4 98 74 62 5c | 84 e4 7c 8a 85 77 8f df 35 32 b6 23 00 6f 7e 81 | e3 6d 5e 09 ec e1 19 51 b1 d9 bf 85 41 d7 b0 4d | 56 0e a2 75 d1 47 61 29 7d 11 43 9c 2d d7 5b 88 | 98 07 f9 53 8e 4e 20 ee cb 9a 01 0d f9 4d 54 54 | e0 47 eb 53 30 a6 78 f8 21 4c be 01 61 69 9c 53 | 0a 05 22 c3 9b 51 47 f8 24 eb 7a 25 62 f4 89 20 | de 26 43 08 03 d4 32 7a 3f 2d 17 04 a4 f2 1f c1 | dd 69 f8 b0 ba b2 c5 78 5b 04 5a e5 | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #16 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | #16 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.210013 | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 0.473 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaa80011a8 | spent 0.00288 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 444 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 20 01 3d 72 eb bb 00 00 01 bc d5 83 85 07 | 7a 97 12 34 6f 28 ec 5b 57 9a f2 1b 60 65 f2 b4 | 5f 6c 95 5a 90 62 61 37 11 e2 d4 d6 37 a5 31 6a | 2f 93 ad cf 0a 56 0b 25 fd a8 cb c4 58 d8 83 59 | 3a d3 43 6e 9a d5 b9 ac c9 87 8d 33 3c b7 d7 17 | d3 cb 67 a6 4b 90 a3 52 a9 29 3b c0 59 bb fa c3 | 52 d8 e8 38 18 2a 0b 63 07 b2 f4 76 c9 f9 50 e9 | 6c be 66 7c d6 d4 a7 09 85 d7 bb 62 51 15 bb 8f | 13 07 b9 29 ee ef ba a0 0c a2 8c 67 8f 78 8a 76 | a6 2d 61 21 24 80 0b 81 69 ef 5b eb d0 28 dc 82 | 7a f5 4f 61 61 7b 28 06 d5 70 0d 12 9e 72 b4 f1 | 96 34 09 3c 86 61 e1 00 96 c3 65 32 01 fc a5 4a | 75 ea 1a ce 7d 69 cc cc 7d 39 36 53 0c d6 96 0b | 4e f1 38 bc 8e 9e ab 42 96 0b 8a c4 e3 c2 3d 84 | 8b c2 ef f3 e4 7f c4 97 28 1e 63 38 7b 9f a2 d3 | 5a d5 19 4a 79 24 1c 4d c6 18 4e 99 82 e6 71 46 | dd 4f 1f 3d 66 a2 08 3c 47 95 63 b7 a2 0a 78 96 | 5d d3 55 f2 65 a4 58 11 8b e5 f1 e9 76 d0 d6 9d | ea ad e2 ef 00 2e 73 8e 91 0c af ca 1f f9 d0 e7 | dc 06 b7 47 d7 f8 e2 11 a0 b9 2c 6c d4 e7 81 6d | e0 a7 08 2c b1 d7 6c da 8b 09 39 8f f6 57 04 9f | cd a6 70 12 77 27 9a f1 0b fe 37 3d 72 46 68 11 | 64 b0 d8 3c 85 c6 d2 c1 a0 55 6a 41 69 cd 0c 25 | 9a 2c 47 a0 1c 82 3b 5e 2c d9 d3 63 40 cb 44 a2 | 8c a1 ba 60 45 70 5e b1 16 bf 47 39 94 0f 68 4a | cf a7 8b e1 bb 87 37 6b 0e fd b9 a0 e8 f6 46 7b | 0d 43 39 ac d1 6a 92 12 3f 52 26 ab | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1030941627 (0x3d72ebbb) | length: 444 (0x1bc) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #16 in QUICK_I1 (find_state_ikev1) | start processing: state #16 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #16 is idle | #16 idle | received encrypted packet from 192.1.2.23:500 | decrypting 416 bytes using algorithm AES_CBC | IV before: a4 f2 1f c1 dd 69 f8 b0 ba b2 c5 78 5b 04 5a e5 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: e8 f6 46 7b 0d 43 39 ac d1 6a 92 12 3f 52 26 ab | decrypted payload (starts at offset -416): | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 20 01 3d 72 eb bb 00 00 01 bc 01 00 00 18 | 83 26 6d 84 64 3f 4b bf fb af d9 df f2 ff 8a 88 | af d2 95 e8 0a 00 00 38 00 00 00 01 00 00 00 01 | 00 00 00 2c 00 03 04 01 f0 aa 69 7e 00 00 00 20 | 00 0c 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 80 06 00 80 04 00 00 24 | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | 05 00 01 04 64 f7 22 a5 33 9a 4a ce 35 d0 a5 02 | 6b 3a ec f4 67 82 21 2e 5a 05 c6 d1 be 29 84 a8 | 41 36 97 c3 12 7d c8 51 a3 22 2d 06 f7 2f 82 43 | 3b 17 16 a8 e1 a3 3d 6a 7a b6 18 90 5b b2 ca 16 | 3a bf 7f 10 f1 ae 74 a0 0b dd 0a 1b 5c 92 9a 1f | 60 63 5c 5d bb e3 8b bf c5 2a b4 9d ec 1c 1f 9e | ab be 80 b5 d0 25 c6 cf cb 74 24 0f ca fa 94 26 | 7c 52 61 20 1b a5 2f a9 66 c8 de 5b eb 03 9b e1 | 0f df 07 e8 d3 75 b9 0e e6 e4 94 74 a8 01 89 18 | 64 7b 37 64 5d ec 35 3c 3c 82 0d c7 4e fd b0 92 | 01 af ad 78 cd 7e 2d 4a 11 77 d4 62 fb ca 77 2b | a6 87 74 58 f6 54 6c b3 4c ae 13 88 4a c5 b3 a2 | d3 e2 50 6f 1a 4a 2e 7e 8b a8 24 fd cb 04 6a eb | 2e 19 08 a0 fa d1 e4 76 0e 38 f6 61 f5 89 10 64 | 90 70 85 bf 12 57 15 4c e4 d6 1e 9f c1 04 c0 4b | a8 9b b3 1f f6 17 85 fd eb e6 29 c9 c5 8b 3f 4d | 3c 4a b9 d3 05 00 00 10 04 00 00 00 c0 00 01 00 | ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | ff ff ff 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 8 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4161ba8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | 3d 72 eb bb | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | HASH(1) PRF sha update payload-bytes@0x5573f416896c (length 384) | 0a 00 00 38 00 00 00 01 00 00 00 01 00 00 00 2c | 00 03 04 01 f0 aa 69 7e 00 00 00 20 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 80 06 00 80 04 00 00 24 cc a0 86 0a | 45 06 49 f6 54 2e a7 d2 8f f9 68 4f 01 8f 3b 9b | 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 05 00 01 04 | 64 f7 22 a5 33 9a 4a ce 35 d0 a5 02 6b 3a ec f4 | 67 82 21 2e 5a 05 c6 d1 be 29 84 a8 41 36 97 c3 | 12 7d c8 51 a3 22 2d 06 f7 2f 82 43 3b 17 16 a8 | e1 a3 3d 6a 7a b6 18 90 5b b2 ca 16 3a bf 7f 10 | f1 ae 74 a0 0b dd 0a 1b 5c 92 9a 1f 60 63 5c 5d | bb e3 8b bf c5 2a b4 9d ec 1c 1f 9e ab be 80 b5 | d0 25 c6 cf cb 74 24 0f ca fa 94 26 7c 52 61 20 | 1b a5 2f a9 66 c8 de 5b eb 03 9b e1 0f df 07 e8 | d3 75 b9 0e e6 e4 94 74 a8 01 89 18 64 7b 37 64 | 5d ec 35 3c 3c 82 0d c7 4e fd b0 92 01 af ad 78 | cd 7e 2d 4a 11 77 d4 62 fb ca 77 2b a6 87 74 58 | f6 54 6c b3 4c ae 13 88 4a c5 b3 a2 d3 e2 50 6f | 1a 4a 2e 7e 8b a8 24 fd cb 04 6a eb 2e 19 08 a0 | fa d1 e4 76 0e 38 f6 61 f5 89 10 64 90 70 85 bf | 12 57 15 4c e4 d6 1e 9f c1 04 c0 4b a8 9b b3 1f | f6 17 85 fd eb e6 29 c9 c5 8b 3f 4d 3c 4a b9 d3 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | 83 26 6d 84 64 3f 4b bf fb af d9 df f2 ff 8a 88 | af d2 95 e8 | quick_inR1_outI2 HASH(2): | 83 26 6d 84 64 3f 4b bf fb af d9 df f2 ff 8a 88 | af d2 95 e8 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI f0 aa 69 7e | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | encryption ike_alg_lookup_by_id id: AES=12, found AES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+KEY_LENGTH (0x8006) | length/value: 128 (0x80) | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 64 f7 22 a5 33 9a 4a ce 35 d0 a5 02 6b 3a ec f4 | 67 82 21 2e 5a 05 c6 d1 be 29 84 a8 41 36 97 c3 | 12 7d c8 51 a3 22 2d 06 f7 2f 82 43 3b 17 16 a8 | e1 a3 3d 6a 7a b6 18 90 5b b2 ca 16 3a bf 7f 10 | f1 ae 74 a0 0b dd 0a 1b 5c 92 9a 1f 60 63 5c 5d | bb e3 8b bf c5 2a b4 9d ec 1c 1f 9e ab be 80 b5 | d0 25 c6 cf cb 74 24 0f ca fa 94 26 7c 52 61 20 | 1b a5 2f a9 66 c8 de 5b eb 03 9b e1 0f df 07 e8 | d3 75 b9 0e e6 e4 94 74 a8 01 89 18 64 7b 37 64 | 5d ec 35 3c 3c 82 0d c7 4e fd b0 92 01 af ad 78 | cd 7e 2d 4a 11 77 d4 62 fb ca 77 2b a6 87 74 58 | f6 54 6c b3 4c ae 13 88 4a c5 b3 a2 d3 e2 50 6f | 1a 4a 2e 7e 8b a8 24 fd cb 04 6a eb 2e 19 08 a0 | fa d1 e4 76 0e 38 f6 61 f5 89 10 64 90 70 85 bf | 12 57 15 4c e4 d6 1e 9f c1 04 c0 4b a8 9b b3 1f | f6 17 85 fd eb e6 29 c9 c5 8b 3f 4d 3c 4a b9 d3 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from state #16 to helper IKEv1 DH | adding quick outI2 DH work-order 21 for state #16 | state #16 requesting EVENT_RETRANSMIT to be deleted | #16 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #16 | libevent_malloc: new ptr-libevent@0x7ffaa80011a8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #16 and saving MD | #16 is busy; has a suspended MD | #16 spent 0.122 milliseconds in process_packet_tail() | crypto helper 6 resuming | crypto helper 6 starting work-order 21 for state #16 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 | peer's g: 64 f7 22 a5 33 9a 4a ce 35 d0 a5 02 6b 3a ec f4 | peer's g: 67 82 21 2e 5a 05 c6 d1 be 29 84 a8 41 36 97 c3 | peer's g: 12 7d c8 51 a3 22 2d 06 f7 2f 82 43 3b 17 16 a8 | peer's g: e1 a3 3d 6a 7a b6 18 90 5b b2 ca 16 3a bf 7f 10 | peer's g: f1 ae 74 a0 0b dd 0a 1b 5c 92 9a 1f 60 63 5c 5d | peer's g: bb e3 8b bf c5 2a b4 9d ec 1c 1f 9e ab be 80 b5 | peer's g: d0 25 c6 cf cb 74 24 0f ca fa 94 26 7c 52 61 20 | peer's g: 1b a5 2f a9 66 c8 de 5b eb 03 9b e1 0f df 07 e8 | peer's g: d3 75 b9 0e e6 e4 94 74 a8 01 89 18 64 7b 37 64 | peer's g: 5d ec 35 3c 3c 82 0d c7 4e fd b0 92 01 af ad 78 | peer's g: cd 7e 2d 4a 11 77 d4 62 fb ca 77 2b a6 87 74 58 | peer's g: f6 54 6c b3 4c ae 13 88 4a c5 b3 a2 d3 e2 50 6f | peer's g: 1a 4a 2e 7e 8b a8 24 fd cb 04 6a eb 2e 19 08 a0 | peer's g: fa d1 e4 76 0e 38 f6 61 f5 89 10 64 90 70 85 bf | peer's g: 12 57 15 4c e4 d6 1e 9f c1 04 c0 4b a8 9b b3 1f | peer's g: f6 17 85 fd eb e6 29 c9 c5 8b 3f 4d 3c 4a b9 d3 | stop processing: state #16 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.478 milliseconds in comm_handle_cb() reading and processing packet | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffaa8006b98: computed shared DH secret key@0x5573f41619f0 | dh-shared : g^ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 21 time elapsed 0.000582 seconds | (#16) spent 0.581 milliseconds in crypto helper computing work-order 21: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 21 for state #16 to event queue | scheduling resume sending helper answer for #16 | libevent_malloc: new ptr-libevent@0x7ffaac003a78 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #16 | start processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 21 | calling continuation function 0x5573f2c98b50 | quick_inR1_outI2_continue for #16: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1030941627 (0x3d72ebbb) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7ffaa8006b98: transferring ownership from helper IKEv1 DH to state #16 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0b08 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x7ffab4002148 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0bec (length 4) | 3d 72 eb bb | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | HASH(1) PRF sha update Nr_b-bytes@0x5573f41637c8 (length 32) | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 39 4c e5 bf d6 b5 2e 13 9e 6a 48 5b ba 06 6e 81 | 8b 76 1d 12 | quick_inR1_outI2 HASH(3): | 39 4c e5 bf d6 b5 2e 13 9e 6a 48 5b ba 06 6e 81 | 8b 76 1d 12 | compute_proto_keymat: needed_len (after ESP enc)=16 | compute_proto_keymat: needed_len (after ESP auth)=36 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x5573f4161ba8 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f4163548 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 24 d7 99 2d a9 f3 2e e1 1f 1c d9 39 41 e5 83 11 41 15 b0 f6 9e 1c 6e 72 07 93 42 4d 2f d5 ef b3 2b 4d b5 97 66 36 5c d7 20 dc 4c 85 7b eb 17 82 de 23 75 9c d7 1e 63 6d 64 35 2f c7 ab 57 78 a3 fb d0 39 cc d4 d3 c8 95 60 06 6b 5b c7 f2 b4 59 3d 3f 51 76 99 aa 50 32 55 97 6c 07 c8 39 c3 80 f4 ee ab 88 e1 9b 37 d0 b8 39 d4 64 03 8b 1a 9b 8f 74 80 25 47 81 13 48 fd af 23 5d ed df ab 1d 61 2a 81 f2 cc 71 a2 88 59 66 6b bd 8b c9 7e 86 2e 99 5b ef 89 12 4b 24 53 ae 7f b5 38 88 ae bf fd 83 27 ff 6e 22 23 6a 64 ef a2 df 1e 9b f0 71 a8 0e 66 9b 56 c4 92 6b b0 3b 5a 77 76 38 6a 6c 75 78 6c c2 e8 ea fe 25 2c cf a9 d8 d1 1f 1a d3 73 16 f2 e5 42 32 d5 8c a2 fd ba 69 5f f2 6e 07 86 21 6b 53 14 6d 76 45 38 05 d5 d2 94 84 6b 72 48 10 b1 04 94 f1 4c 84 c3 49 cd 67 8d db ec de | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 64 cf b2 d5 ef e5 6e b1 58 3c bc 89 5f 78 5c 41 | unwrapped: 49 92 e1 02 21 0c 14 f1 60 21 bf 05 d2 24 e8 ba | unwrapped: 44 f7 a9 0d e7 d8 3b ff 67 1b 68 b3 ca 4d b5 4a | unwrapped: 2c 5b ce 98 7d 16 02 7a a3 5d 34 ff ed d4 6e 6c | unwrapped: ad 4b 34 1d 17 0e 16 0c 74 00 ea e7 79 b4 ab 35 | unwrapped: 1a eb 2d 77 6c 29 bf dc 00 63 fe 08 ce e0 91 3b | unwrapped: 95 c4 b1 a6 62 e0 f1 9f 2b aa dd 2c 24 ee f3 28 | unwrapped: 61 39 55 51 23 66 5e fb 48 d3 8f 49 6c 94 43 82 | unwrapped: 51 bf bf 30 f2 08 94 03 d0 f8 eb ba 10 83 b0 1c | unwrapped: 0a 94 ce f7 ef 2f 2a f5 7c 49 fc 5f 42 e0 4e d5 | unwrapped: 35 e6 ab 19 27 55 53 8c 31 e2 a9 7f 0e a9 72 76 | unwrapped: 87 6f b2 90 91 cc a2 ca 7e 82 64 da dc aa 6e 41 | unwrapped: 62 6e b5 cc 5c 0b 73 b6 c5 e2 23 2f 73 5c 55 58 | unwrapped: 94 74 3c 44 c8 d5 b4 4c 84 28 bf ac fa 18 97 b9 | unwrapped: 0b 0c 6c 20 ca d8 90 3c a8 3f 6a 88 8f 59 d2 66 | unwrapped: 81 c9 a4 c0 8b fb 30 7e b9 f0 dd bf d5 8f 75 41 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 24 d7 99 2d a9 f3 2e e1 1f 1c d9 39 41 e5 83 11 41 15 b0 f6 9e 1c 6e 72 07 93 42 4d 2f d5 ef b3 2b 4d b5 97 66 36 5c d7 20 dc 4c 85 7b eb 17 82 de 23 75 9c d7 1e 63 6d 64 35 2f c7 ab 57 78 a3 fb d0 39 cc d4 d3 c8 95 60 06 6b 5b c7 f2 b4 59 3d 3f 51 76 99 aa 50 32 55 97 6c 07 c8 39 c3 80 f4 ee ab 88 e1 9b 37 d0 b8 39 d4 64 03 8b 1a 9b 8f 74 80 25 47 81 13 48 fd af 23 5d ed df ab 1d 61 2a 81 f2 cc 71 a2 88 59 66 6b bd 8b c9 7e 86 2e 99 5b ef 89 12 4b 24 53 ae 7f b5 38 88 ae bf fd 83 27 ff 6e 22 23 6a 64 ef a2 df 1e 9b f0 71 a8 0e 66 9b 56 c4 92 6b b0 3b 5a 77 76 38 6a 6c 75 78 6c c2 e8 ea fe 25 2c cf a9 d8 d1 1f 1a d3 73 16 f2 e5 42 32 d5 8c a2 fd ba 69 5f f2 6e 07 86 21 6b 53 14 6d 76 45 38 05 d5 d2 94 84 6b 72 48 10 b1 04 94 f1 4c 84 c3 49 cd 67 8d db ec de | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 64 cf b2 d5 ef e5 6e b1 58 3c bc 89 5f 78 5c 41 | unwrapped: 49 92 e1 02 21 0c 14 f1 60 21 bf 05 d2 24 e8 ba | unwrapped: 44 f7 a9 0d e7 d8 3b ff 67 1b 68 b3 ca 4d b5 4a | unwrapped: 2c 5b ce 98 7d 16 02 7a a3 5d 34 ff ed d4 6e 6c | unwrapped: ad 4b 34 1d 17 0e 16 0c 74 00 ea e7 79 b4 ab 35 | unwrapped: 1a eb 2d 77 6c 29 bf dc 00 63 fe 08 ce e0 91 3b | unwrapped: 95 c4 b1 a6 62 e0 f1 9f 2b aa dd 2c 24 ee f3 28 | unwrapped: 61 39 55 51 23 66 5e fb 48 d3 8f 49 6c 94 43 82 | unwrapped: 51 bf bf 30 f2 08 94 03 d0 f8 eb ba 10 83 b0 1c | unwrapped: 0a 94 ce f7 ef 2f 2a f5 7c 49 fc 5f 42 e0 4e d5 | unwrapped: 35 e6 ab 19 27 55 53 8c 31 e2 a9 7f 0e a9 72 76 | unwrapped: 87 6f b2 90 91 cc a2 ca 7e 82 64 da dc aa 6e 41 | unwrapped: 62 6e b5 cc 5c 0b 73 b6 c5 e2 23 2f 73 5c 55 58 | unwrapped: 94 74 3c 44 c8 d5 b4 4c 84 28 bf ac fa 18 97 b9 | unwrapped: 0b 0c 6c 20 ca d8 90 3c a8 3f 6a 88 8f 59 d2 66 | unwrapped: 81 c9 a4 c0 8b fb 30 7e b9 f0 dd bf d5 8f 75 41 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 2c 60 61 b8 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | f0 aa 69 7e | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | hmac PRF sha update data-bytes@0x5573f41637c8 (length 32) | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | hmac PRF sha update data-bytes@0x5573f41637c8 (length 32) | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | hmac PRF sha final-bytes@0x7ffab4001a98 (length 20) | ee 1e d7 62 cb fc d5 e3 ed 74 0a 47 2b 87 64 ab | 40 09 1f eb | hmac PRF sha final-bytes@0x7ffab00059f8 (length 20) | 81 c5 cf 5a ea 0d b1 45 d3 a1 9a 00 8b 19 cd 1b | c8 1c b8 1b | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f416e578 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x7ffab4002148 | hmac PRF sha update data-bytes@0x7ffab4001a98 (length 20) | ee 1e d7 62 cb fc d5 e3 ed 74 0a 47 2b 87 64 ab | 40 09 1f eb | hmac PRF sha update data-bytes@0x7ffab00059f8 (length 20) | 81 c5 cf 5a ea 0d b1 45 d3 a1 9a 00 8b 19 cd 1b | c8 1c b8 1b | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 24 d7 99 2d a9 f3 2e e1 1f 1c d9 39 41 e5 83 11 41 15 b0 f6 9e 1c 6e 72 07 93 42 4d 2f d5 ef b3 2b 4d b5 97 66 36 5c d7 20 dc 4c 85 7b eb 17 82 de 23 75 9c d7 1e 63 6d 64 35 2f c7 ab 57 78 a3 fb d0 39 cc d4 d3 c8 95 60 06 6b 5b c7 f2 b4 59 3d 3f 51 76 99 aa 50 32 55 97 6c 07 c8 39 c3 80 f4 ee ab 88 e1 9b 37 d0 b8 39 d4 64 03 8b 1a 9b 8f 74 80 25 47 81 13 48 fd af 23 5d ed df ab 1d 61 2a 81 f2 cc 71 a2 88 59 66 6b bd 8b c9 7e 86 2e 99 5b ef 89 12 4b 24 53 ae 7f b5 38 88 ae bf fd 83 27 ff 6e 22 23 6a 64 ef a2 df 1e 9b f0 71 a8 0e 66 9b 56 c4 92 6b b0 3b 5a 77 76 38 6a 6c 75 78 6c c2 e8 ea fe 25 2c cf a9 d8 d1 1f 1a d3 73 16 f2 e5 42 32 d5 8c a2 fd ba 69 5f f2 6e 07 86 21 6b 53 14 6d 76 45 38 05 d5 d2 94 84 6b 72 48 10 b1 04 94 f1 4c 84 c3 49 cd 67 8d db ec de | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 64 cf b2 d5 ef e5 6e b1 58 3c bc 89 5f 78 5c 41 | unwrapped: 49 92 e1 02 21 0c 14 f1 60 21 bf 05 d2 24 e8 ba | unwrapped: 44 f7 a9 0d e7 d8 3b ff 67 1b 68 b3 ca 4d b5 4a | unwrapped: 2c 5b ce 98 7d 16 02 7a a3 5d 34 ff ed d4 6e 6c | unwrapped: ad 4b 34 1d 17 0e 16 0c 74 00 ea e7 79 b4 ab 35 | unwrapped: 1a eb 2d 77 6c 29 bf dc 00 63 fe 08 ce e0 91 3b | unwrapped: 95 c4 b1 a6 62 e0 f1 9f 2b aa dd 2c 24 ee f3 28 | unwrapped: 61 39 55 51 23 66 5e fb 48 d3 8f 49 6c 94 43 82 | unwrapped: 51 bf bf 30 f2 08 94 03 d0 f8 eb ba 10 83 b0 1c | unwrapped: 0a 94 ce f7 ef 2f 2a f5 7c 49 fc 5f 42 e0 4e d5 | unwrapped: 35 e6 ab 19 27 55 53 8c 31 e2 a9 7f 0e a9 72 76 | unwrapped: 87 6f b2 90 91 cc a2 ca 7e 82 64 da dc aa 6e 41 | unwrapped: 62 6e b5 cc 5c 0b 73 b6 c5 e2 23 2f 73 5c 55 58 | unwrapped: 94 74 3c 44 c8 d5 b4 4c 84 28 bf ac fa 18 97 b9 | unwrapped: 0b 0c 6c 20 ca d8 90 3c a8 3f 6a 88 8f 59 d2 66 | unwrapped: 81 c9 a4 c0 8b fb 30 7e b9 f0 dd bf d5 8f 75 41 | hmac PRF sha update g^xy-key@0x5573f41619f0 (size 256) | hmac: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 24 d7 99 2d a9 f3 2e e1 1f 1c d9 39 41 e5 83 11 41 15 b0 f6 9e 1c 6e 72 07 93 42 4d 2f d5 ef b3 2b 4d b5 97 66 36 5c d7 20 dc 4c 85 7b eb 17 82 de 23 75 9c d7 1e 63 6d 64 35 2f c7 ab 57 78 a3 fb d0 39 cc d4 d3 c8 95 60 06 6b 5b c7 f2 b4 59 3d 3f 51 76 99 aa 50 32 55 97 6c 07 c8 39 c3 80 f4 ee ab 88 e1 9b 37 d0 b8 39 d4 64 03 8b 1a 9b 8f 74 80 25 47 81 13 48 fd af 23 5d ed df ab 1d 61 2a 81 f2 cc 71 a2 88 59 66 6b bd 8b c9 7e 86 2e 99 5b ef 89 12 4b 24 53 ae 7f b5 38 88 ae bf fd 83 27 ff 6e 22 23 6a 64 ef a2 df 1e 9b f0 71 a8 0e 66 9b 56 c4 92 6b b0 3b 5a 77 76 38 6a 6c 75 78 6c c2 e8 ea fe 25 2c cf a9 d8 d1 1f 1a d3 73 16 f2 e5 42 32 d5 8c a2 fd ba 69 5f f2 6e 07 86 21 6b 53 14 6d 76 45 38 05 d5 d2 94 84 6b 72 48 10 b1 04 94 f1 4c 84 c3 49 cd 67 8d db ec de | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 64 cf b2 d5 ef e5 6e b1 58 3c bc 89 5f 78 5c 41 | unwrapped: 49 92 e1 02 21 0c 14 f1 60 21 bf 05 d2 24 e8 ba | unwrapped: 44 f7 a9 0d e7 d8 3b ff 67 1b 68 b3 ca 4d b5 4a | unwrapped: 2c 5b ce 98 7d 16 02 7a a3 5d 34 ff ed d4 6e 6c | unwrapped: ad 4b 34 1d 17 0e 16 0c 74 00 ea e7 79 b4 ab 35 | unwrapped: 1a eb 2d 77 6c 29 bf dc 00 63 fe 08 ce e0 91 3b | unwrapped: 95 c4 b1 a6 62 e0 f1 9f 2b aa dd 2c 24 ee f3 28 | unwrapped: 61 39 55 51 23 66 5e fb 48 d3 8f 49 6c 94 43 82 | unwrapped: 51 bf bf 30 f2 08 94 03 d0 f8 eb ba 10 83 b0 1c | unwrapped: 0a 94 ce f7 ef 2f 2a f5 7c 49 fc 5f 42 e0 4e d5 | unwrapped: 35 e6 ab 19 27 55 53 8c 31 e2 a9 7f 0e a9 72 76 | unwrapped: 87 6f b2 90 91 cc a2 ca 7e 82 64 da dc aa 6e 41 | unwrapped: 62 6e b5 cc 5c 0b 73 b6 c5 e2 23 2f 73 5c 55 58 | unwrapped: 94 74 3c 44 c8 d5 b4 4c 84 28 bf ac fa 18 97 b9 | unwrapped: 0b 0c 6c 20 ca d8 90 3c a8 3f 6a 88 8f 59 d2 66 | unwrapped: 81 c9 a4 c0 8b fb 30 7e b9 f0 dd bf d5 8f 75 41 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 2c 60 61 b8 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | f0 aa 69 7e | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | hmac PRF sha update data-bytes@0x7ffaa8001158 (length 32) | 70 e9 85 d8 2e 7c 21 5f bf 12 be b1 9e 51 3f 42 | 07 b7 86 fe ea d9 c6 1f 31 1e 78 52 d3 6c 55 cb | hmac PRF sha update data-bytes@0x5573f41637c8 (length 32) | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | hmac PRF sha update data-bytes@0x5573f41637c8 (length 32) | cc a0 86 0a 45 06 49 f6 54 2e a7 d2 8f f9 68 4f | 01 8f 3b 9b 01 a2 64 73 3a 71 c5 52 cc 58 e5 66 | hmac PRF sha final-bytes@0x7ffab4001aac (length 20) | 30 d6 49 ee 5f ec 8b 4d 6b e8 f2 ae bb c2 d0 95 | bf c2 b3 ed | hmac PRF sha final-bytes@0x7ffab0005a0c (length 20) | 93 41 6d 0c e8 9b 6c 73 d5 0f fa c3 e3 bb d6 ce | 73 39 10 b8 | install_ipsec_sa() for #16: inbound and outbound | could_route called for aes128 (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.f0aa697e@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96 | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection 'aes128' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2c6061b8@192.1.2.45 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #16: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: aes128 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #16 | priority calculation of connection "aes128" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf0aa697e SPI_OUT= | popen cmd is 1025 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+U: | cmd( 640):P+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' : | cmd( 720):PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_D: | cmd( 800):NS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' P: | cmd( 880):LUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SH: | cmd( 960):ARED='no' SPI_IN=0xf0aa697e SPI_OUT=0x2c6061b8 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf0aa697 | popen cmd is 1030 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUT: | cmd( 400):O_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT: | cmd( 480):_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=: | cmd( 560):'' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+: | cmd( 640):PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMAN: | cmd( 720):ENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_P: | cmd( 800):EER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER=: | cmd( 880):'0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' V: | cmd( 960):TI_SHARED='no' SPI_IN=0xf0aa697e SPI_OUT=0x2c6061b8 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf0aa697e SP | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xf0aa697e SPI_OUT=0x2c6061b8 ipsec _updown 2>&1: | route_and_eroute: instance "aes128", setting eroute_owner {spd=0x5573f4162958,sr=0x5573f4162958} to #16 (was #0) (newest_ipsec_sa=#0) | #15 spent 1.59 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 39 4c e5 bf d6 b5 2e 13 9e 6a 48 5b | encrypting: ba 06 6e 81 8b 76 1d 12 | IV: e8 f6 46 7b 0d 43 39 ac d1 6a 92 12 3f 52 26 ab | unpadded size is: 24 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 32 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 60 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: d6 e3 27 57 c0 67 8b e5 2c 4c a4 77 fb 13 37 dd | inR1_outI2: instance aes128[0], setting IKEv1 newest_ipsec_sa to #16 (was #0) (spd.eroute=#16) cloned from #15 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #16 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #16: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #16 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaa80011a8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 60 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #16) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 20 01 3d 72 eb bb 00 00 00 3c 9d f9 35 a2 | 48 bf f0 d9 fe 91 d2 68 02 b4 49 c8 d6 e3 27 57 | c0 67 8b e5 2c 4c a4 77 fb 13 37 dd | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7ffaac002b78 | inserting event EVENT_SA_REPLACE, timeout in 28111 seconds for #16 | libevent_malloc: new ptr-libevent@0x5573f4165a28 size 128 | pstats #16 ikev1.ipsec established | NAT-T: encaps is 'auto' "aes128" #16: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xf0aa697e <0x2c6061b8 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #16 suppresed complete_v1_state_transition() | #16 spent 2.68 milliseconds in resume sending helper answer | stop processing: state #16 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaac003a78 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00374 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00442 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00197 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.2c6061b8@192.1.2.45 | get_sa_info esp.f0aa697e@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0678 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #16 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #16 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #16 ikev1.ipsec deleted completed | [RE]START processing: state #16 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #16: deleting state (STATE_QUICK_I2) aged 0.086s and sending notification | child state #16: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.f0aa697e@192.1.2.23 | get_sa_info esp.2c6061b8@192.1.2.45 "aes128" #16: ESP traffic information: in=84B out=84B | #16 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2182627085 (0x82183f0d) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 2c 60 61 b8 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffac0002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffac0002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x5573f4161ba8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 82 18 3f 0d | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 2c 60 61 b8 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 93 4b cb 92 a9 2f 4d a2 13 ad 64 06 7e b1 8d ea | 84 58 c0 6f | send delete HASH(1): | 93 4b cb 92 a9 2f 4d a2 13 ad 64 06 7e b1 8d ea | 84 58 c0 6f | last Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | current Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 82 18 3f 0d | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 3e fe 91 71 d5 91 93 07 b6 ae 6a bd d3 fe 6f 8f | 90 81 fb 60 | encrypting: 0c 00 00 18 93 4b cb 92 a9 2f 4d a2 13 ad 64 06 | encrypting: 7e b1 8d ea 84 58 c0 6f 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 2c 60 61 b8 | IV: 3e fe 91 71 d5 91 93 07 b6 ae 6a bd d3 fe 6f 8f | IV: 90 81 fb 60 | unpadded size is: 40 | emitting 8 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: cf 53 9c 98 48 5b 92 8e 92 f5 e4 da d9 68 a7 f9 | sending 76 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 05 01 82 18 3f 0d 00 00 00 4c 93 a8 2a 6d | 98 d2 27 b6 19 ff 52 df fb d8 5d 1f 0b 8b a3 b8 | 2a 12 13 da 89 2c 48 95 7a f3 4d 20 cf 53 9c 98 | 48 5b 92 8e 92 f5 e4 da d9 68 a7 f9 | state #16 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x5573f4165a28 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7ffaac002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825167' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf0aa697 | popen cmd is 1033 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INT: | cmd( 80):ERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@we: | cmd( 160):st' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIE: | cmd( 240):NT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=': | cmd( 320):16416' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_P: | cmd( 400):EER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MA: | cmd( 480):SK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' : | cmd( 560):PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825167' PLUTO_CONN_POLICY='PSK+ENCRYPT+T: | cmd( 640):UNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PER: | cmd( 720):MANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUT: | cmd( 800):O_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERV: | cmd( 880):ER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no: | cmd( 960):' VTI_SHARED='no' SPI_IN=0xf0aa697e SPI_OUT=0x2c6061b8 ipsec _updown 2>&1: | shunt_eroute() called for connection 'aes128' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.f0aa697e@192.1.2.23 | netlink response for Del SA esp.f0aa697e@192.1.2.23 included non-error error | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.2c6061b8@192.1.2.45 | netlink response for Del SA esp.2c6061b8@192.1.2.45 included non-error error | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #16 in QUICK_I2 | child state #16: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffaa8006b98: destroyed | stop processing: state #16 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f41619f0 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #15 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #15 | start processing: state #15 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #15 ikev1.isakmp deleted completed | [RE]START processing: state #15 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #15: deleting state (STATE_MAIN_I4) aged 0.104s and sending notification | parent state #15: MAIN_I4(established IKE SA) => delete | #15 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1941819887 (0x73bdd1ef) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI d5 80 2b 12 69 31 15 e5 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 17 f2 a3 4a 11 28 a8 8d | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffaa8006a98 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | 73 bd d1 ef | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 d5 80 2b 12 | 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | c3 c5 7b c9 56 56 02 0b 57 63 de 93 e8 47 e9 03 | f7 4d dc 8e | send delete HASH(1): | c3 c5 7b c9 56 56 02 0b 57 63 de 93 e8 47 e9 03 | f7 4d dc 8e | last Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | current Phase 1 IV: 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 53 58 3c ab 6f ac 4c 79 b1 39 66 ee bc b8 0d 98 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | 73 bd d1 ef | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 23 67 cf 38 1a be 74 c7 2a 01 05 1b f2 09 88 34 | 3e 6c 71 97 | encrypting: 0c 00 00 18 c3 c5 7b c9 56 56 02 0b 57 63 de 93 | encrypting: e8 47 e9 03 f7 4d dc 8e 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 d5 80 2b 12 69 31 15 e5 17 f2 a3 4a | encrypting: 11 28 a8 8d | IV: 23 67 cf 38 1a be 74 c7 2a 01 05 1b f2 09 88 34 | IV: 3e 6c 71 97 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 31 c7 09 0a be 49 da 7b 03 12 cd 60 57 aa be 43 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #15) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 05 01 73 bd d1 ef 00 00 00 5c 28 f8 b3 2a | e6 96 04 8a db 61 5d dc fe 9d df 2e 55 dd 1b ee | ba 02 31 0b b1 a0 ea 31 d7 bb 61 d6 d8 3b 89 8c | 5b 41 5f d3 05 eb b5 44 7a 0a 45 0c 31 c7 09 0a | be 49 da 7b 03 12 cd 60 57 aa be 43 | state #15 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab4001378 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #15 in MAIN_I4 | parent state #15: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffab00057f8: destroyed | stop processing: state #15 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f40c6080 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4150a70 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.91 milliseconds in whack | spent 0.00223 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 05 01 51 a7 9d 29 00 00 00 4c fa fa c7 95 | fa bc f6 16 21 7e e8 a1 72 56 85 19 5b 78 d6 2d | ae 13 ea bd cf 90 a4 13 fe 86 ae 44 51 41 49 ed | 96 66 57 a0 aa 2e 7e 71 6b 2b 6d 0c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1369939241 (0x51a79d29) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x51a79d29 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | d5 80 2b 12 69 31 15 e5 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 17 f2 a3 4a 11 28 a8 8d | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.071 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00479 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00129 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | d5 80 2b 12 69 31 15 e5 17 f2 a3 4a 11 28 a8 8d | 08 10 05 01 fc 42 57 92 00 00 00 5c 0f 8f 35 aa | 2f 8f 5a 32 d5 7a e4 2b b7 84 19 c8 40 c3 b6 af | 3f 76 7f cd 63 a6 ef c2 fc 31 b1 b1 c5 ef b0 ef | 04 bf a3 e4 27 39 cf 1c e2 92 36 80 ff 02 1f 9d | ae 27 fb 7c d8 32 af 4d fa 17 9f bb | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | d5 80 2b 12 69 31 15 e5 | responder cookie: | 17 f2 a3 4a 11 28 a8 8d | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4232206226 (0xfc425792) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0xfc425792 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | d5 80 2b 12 69 31 15 e5 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 17 f2 a3 4a 11 28 a8 8d | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0626 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "aes128" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection 'aes128' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "aes128" is 0xfe7e7 | priority calculation of connection "aes128" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn aes128 mark 0/00000000, 0/00000000 vs | conn aes128 mark 0/00000000, 0/00000000 | route owner of "aes128" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT | popen cmd is 1014 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='aes128' PLUTO_: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID=': | cmd( 160):@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_C: | cmd( 240):LIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQI: | cmd( 320):D='16416' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLU: | cmd( 400):TO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIEN: | cmd( 480):T_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA: | cmd( 560):='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL: | cmd( 640):+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. "aes128": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.8 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00455 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0694 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0408 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | emitting | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0406 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | child-key-length-attribute:EMPTY | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0789 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection aes128 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: AES_CBC_128-HMAC_SHA1-MODP2048 | from whack: got --esp=aes128-sha1;modp2048 | ESP/AH string values: AES_CBC_128-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "aes128" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.159 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection 'aes128' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #17 at 0x5573f4163978 | State DB: adding IKEv1 state #17 in UNDEFINED | pstats #17 ikev1.isakmp started | suspend processing: connection "aes128" (in main_outI1() at ikev1_main.c:118) | start processing: state #17 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #17: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "aes128" IKE SA #17 "aes128" "aes128" #17: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=128 | oakley_alg_makedb() returning 0x5573f416e608 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | b9 ba aa e4 a5 81 1b 6d 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x7ffaac003a78 size 128 | #17 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.71617 | #17 spent 0.374 milliseconds in main_outI1() | stop processing: state #17 connection "aes128" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "aes128" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "aes128" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.427 milliseconds in whack | spent 0.00205 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #17 in MAIN_I1 (find_state_ikev1_init) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 7 (0x7) | [7 is OAKLEY_AES_CBC] | encryption ike_alg_lookup_by_id id: AES_CBC=7, found AES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 128 (0x80) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 22 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac003a78 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7ffaac003a78 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.125 milliseconds in process_packet_tail() | crypto helper 0 resuming | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 0 starting work-order 22 for state #17 | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 22 | spent 0.253 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffac0004558: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffac0004558 | NSS: Public DH wire value: | 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | Generated nonce: 82 6a cc 3e e1 f1 ef 4f 08 4a cc c8 e7 5f f8 0b | Generated nonce: 55 f1 3d b4 f3 b7 1d 4e 94 fd 1a 2b 3e 44 c1 4f | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 22 time elapsed 0.001081 seconds | (#17) spent 1.08 milliseconds in crypto helper computing work-order 22: outI2 KE (pcr) | crypto helper 0 sending results from work-order 22 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7ffac00047c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 22 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #17: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffac0004558: transferring ownership from helper KE to state #17 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | keyex value 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | keyex value 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | keyex value 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | keyex value 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | keyex value 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | keyex value 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | keyex value 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | keyex value 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | keyex value b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | keyex value c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | keyex value c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | keyex value 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | keyex value dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | keyex value bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | keyex value 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 82 6a cc 3e e1 f1 ef 4f 08 4a cc c8 e7 5f f8 0b | Ni 55 f1 3d b4 f3 b7 1d 4e 94 fd 1a 2b 3e 44 c1 4f | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | b9 ba aa e4 a5 81 1b 6d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 4b ad 83 a9 0f d4 86 0f | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | 38 23 5d 7b | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= b9 ba aa e4 a5 81 1b 6d | natd_hash: rcookie= 4b ad 83 a9 0f d4 86 0f | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | natd_hash: hash= 38 23 5d 7b | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | NAT-D 38 23 5d 7b | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | b9 ba aa e4 a5 81 1b 6d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 4b ad 83 a9 0f d4 86 0f | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | 29 0f 56 16 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= b9 ba aa e4 a5 81 1b 6d | natd_hash: rcookie= 4b ad 83 a9 0f d4 86 0f | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | natd_hash: hash= 29 0f 56 16 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | NAT-D 29 0f 56 16 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #17 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #17: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaac003a78 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | 14 00 00 24 82 6a cc 3e e1 f1 ef 4f 08 4a cc c8 | e7 5f f8 0b 55 f1 3d b4 f3 b7 1d 4e 94 fd 1a 2b | 3e 44 c1 4f 14 00 00 18 51 6d 92 bc 0d bb 70 f2 | c6 c0 33 25 16 06 10 84 38 23 5d 7b 00 00 00 18 | 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | 29 0f 56 16 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x5573f4163368 size 128 | #17 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.718404 "aes128" #17: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.354 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffac00047c8 | spent 0.00179 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | 14 00 00 24 a6 0f 9a 61 86 a4 e9 d8 85 09 2f b3 | dc 40 c5 07 ec a4 d9 a5 dd 8a 6d 9f 53 e7 a5 59 | 2e e4 7c b9 14 00 00 18 27 15 14 25 9d 15 19 ce | ad 68 9e f8 83 ca 95 25 29 0f 56 16 00 00 00 18 | 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | 38 23 5d 7b | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I2 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffac0004558: transferring ownership from state #17 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 23 for state #17 | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4163368 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #17 | libevent_malloc: new ptr-libevent@0x7ffac00047c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #17 and saving MD | #17 is busy; has a suspended MD | #17 spent 0.0861 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.216 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 1 resuming | crypto helper 1 starting work-order 23 for state #17 | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 | peer's g: 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | peer's g: bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | peer's g: 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | peer's g: d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | peer's g: bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | peer's g: 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | peer's g: 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | peer's g: 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | peer's g: a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | peer's g: 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | peer's g: 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | peer's g: 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | peer's g: 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | peer's g: 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | peer's g: 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | peer's g: 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffac0004558: computed shared DH secret key@0x5573f4150a70 | dh-shared : g^ir-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: psk-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: psk-key@0x5573f414f010 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f414d560 | SKEYID psk prf: created sha context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk prf: begin sha with context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk: release clone-key@0x5573f414f010 | SKEYID psk PRF sha crypt-prf@0x7ffab80010b8 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | 82 6a cc 3e e1 f1 ef 4f 08 4a cc c8 e7 5f f8 0b | 55 f1 3d b4 f3 b7 1d 4e 94 fd 1a 2b 3e 44 c1 4f | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | a6 0f 9a 61 86 a4 e9 d8 85 09 2f b3 dc 40 c5 07 | ec a4 d9 a5 dd 8a 6d 9f 53 e7 a5 59 2e e4 7c b9 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID psk PRF sha final-key@0x5573f414f010 (size 20) | SKEYID psk: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_d: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2718 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d: release clone-key@0x5573f414d560 | SKEYID_d PRF sha crypt-prf@0x7ffab8001108 | SKEYID_d PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_d: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: d2 46 56 9f 7d 19 73 d2 bc 84 23 da 3d 95 2a ad 09 3f 23 0d 06 cd 37 a4 2d e4 cc 9e c3 4b 26 c4 d2 52 d3 72 43 5d bf 87 93 8c 58 fc 0f 63 ff f0 ed da c1 40 9a 10 2f 66 ec 4f 2a 78 58 e7 92 ce db 8d 7e 6b 34 b4 3c d6 d3 03 28 cb 9c 65 b9 d1 75 88 cd 06 8d e4 a2 e0 58 19 0a f6 47 f3 d4 a5 72 37 db 2b 0d 42 be a7 76 44 2f a3 17 37 2b 11 a5 b6 b2 cf 60 fa f8 90 f2 4c c2 0d ba ee b7 5e ef 6a dc 54 a9 32 7e 93 e5 e2 86 19 8f 6d d6 3b e8 2e cf 6c 5d df a0 96 aa d6 5e 5e 29 dd de cf 60 4f 91 ad 48 83 2b 13 cb eb 25 b4 ea 2e 50 db c8 1d 33 1f f7 8f 3b e7 a0 b6 e7 54 01 c5 af 67 f6 8a 45 73 3a 67 e8 81 cb 3c cf e7 ca c0 0f 01 65 b5 46 f4 04 a1 ed 77 b6 60 de ea 78 9b b0 7a f1 e7 60 32 68 34 e2 a4 6c a3 68 2e 77 9d d3 3a d0 96 4f f2 ca ce 8b 25 b6 1f c3 84 50 64 d4 4e | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 02 78 9b df 0e 57 71 6b 6a c3 4e 91 d4 3a fa 43 | unwrapped: 53 6b 0d 70 9a 40 11 88 ea d0 0a e2 30 be b8 88 | unwrapped: 7e 47 61 f1 6e 6f 30 15 70 aa c0 e7 1b 4f 2a 2c | unwrapped: fd c0 4b 49 f1 91 61 53 21 99 73 b3 a1 76 37 77 | unwrapped: b5 ad fc 51 0d 63 fa c3 66 cf 74 89 26 04 00 35 | unwrapped: b9 09 54 53 40 19 2e 64 f1 67 38 11 f0 23 5f a4 | unwrapped: 64 4d 37 a0 8c 1f 20 2e b7 a7 65 af 69 02 59 78 | unwrapped: 49 ad 3d b1 80 f8 36 b1 57 ce df 50 d2 15 fd fe | unwrapped: 18 0e 8c 50 2d 72 a5 17 b9 86 cf c9 1e a5 c5 ba | unwrapped: 83 64 c2 42 12 37 7f 77 14 7e 3f e1 e1 84 ff 14 | unwrapped: f1 8e 80 8a 27 0f 32 d7 06 c9 d3 d8 cc fa 67 3a | unwrapped: 67 8a 8d af 3f 2c 19 b5 7b e8 16 09 01 8e 8e 65 | unwrapped: dd 51 e9 82 cf da d6 99 f6 34 ad 0c 0b 0a 27 38 | unwrapped: 04 21 77 bf ae 0f 9d 4a 2d 67 86 b1 cf 32 8b 61 | unwrapped: e8 31 64 7d 97 94 5f 3e ba 8e 89 6e 02 25 3a 69 | unwrapped: c8 4b 0f e6 a8 9d c6 a6 2b 43 1c 2c 70 99 f6 fd | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | b9 ba aa e4 a5 81 1b 6d | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 4b ad 83 a9 0f d4 86 0f | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID_d PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_d: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_a: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a: release clone-key@0x5573f40bfec0 | SKEYID_a PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f414d560 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 38 43 00 ce 5a 3c 1c 9c 0c c5 d5 7d 95 55 7a bf d6 30 48 7e e1 58 03 9c 8f 2a 70 6f a1 9e cf c7 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80085b8 | unwrapped: 82 2f cd d7 39 7c 66 bf 00 57 8b 3c da 83 88 df | unwrapped: d6 69 79 ab 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_a: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: d2 46 56 9f 7d 19 73 d2 bc 84 23 da 3d 95 2a ad 09 3f 23 0d 06 cd 37 a4 2d e4 cc 9e c3 4b 26 c4 d2 52 d3 72 43 5d bf 87 93 8c 58 fc 0f 63 ff f0 ed da c1 40 9a 10 2f 66 ec 4f 2a 78 58 e7 92 ce db 8d 7e 6b 34 b4 3c d6 d3 03 28 cb 9c 65 b9 d1 75 88 cd 06 8d e4 a2 e0 58 19 0a f6 47 f3 d4 a5 72 37 db 2b 0d 42 be a7 76 44 2f a3 17 37 2b 11 a5 b6 b2 cf 60 fa f8 90 f2 4c c2 0d ba ee b7 5e ef 6a dc 54 a9 32 7e 93 e5 e2 86 19 8f 6d d6 3b e8 2e cf 6c 5d df a0 96 aa d6 5e 5e 29 dd de cf 60 4f 91 ad 48 83 2b 13 cb eb 25 b4 ea 2e 50 db c8 1d 33 1f f7 8f 3b e7 a0 b6 e7 54 01 c5 af 67 f6 8a 45 73 3a 67 e8 81 cb 3c cf e7 ca c0 0f 01 65 b5 46 f4 04 a1 ed 77 b6 60 de ea 78 9b b0 7a f1 e7 60 32 68 34 e2 a4 6c a3 68 2e 77 9d d3 3a d0 96 4f f2 ca ce 8b 25 b6 1f c3 84 50 64 d4 4e | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 02 78 9b df 0e 57 71 6b 6a c3 4e 91 d4 3a fa 43 | unwrapped: 53 6b 0d 70 9a 40 11 88 ea d0 0a e2 30 be b8 88 | unwrapped: 7e 47 61 f1 6e 6f 30 15 70 aa c0 e7 1b 4f 2a 2c | unwrapped: fd c0 4b 49 f1 91 61 53 21 99 73 b3 a1 76 37 77 | unwrapped: b5 ad fc 51 0d 63 fa c3 66 cf 74 89 26 04 00 35 | unwrapped: b9 09 54 53 40 19 2e 64 f1 67 38 11 f0 23 5f a4 | unwrapped: 64 4d 37 a0 8c 1f 20 2e b7 a7 65 af 69 02 59 78 | unwrapped: 49 ad 3d b1 80 f8 36 b1 57 ce df 50 d2 15 fd fe | unwrapped: 18 0e 8c 50 2d 72 a5 17 b9 86 cf c9 1e a5 c5 ba | unwrapped: 83 64 c2 42 12 37 7f 77 14 7e 3f e1 e1 84 ff 14 | unwrapped: f1 8e 80 8a 27 0f 32 d7 06 c9 d3 d8 cc fa 67 3a | unwrapped: 67 8a 8d af 3f 2c 19 b5 7b e8 16 09 01 8e 8e 65 | unwrapped: dd 51 e9 82 cf da d6 99 f6 34 ad 0c 0b 0a 27 38 | unwrapped: 04 21 77 bf ae 0f 9d 4a 2d 67 86 b1 cf 32 8b 61 | unwrapped: e8 31 64 7d 97 94 5f 3e ba 8e 89 6e 02 25 3a 69 | unwrapped: c8 4b 0f e6 a8 9d c6 a6 2b 43 1c 2c 70 99 f6 fd | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | b9 ba aa e4 a5 81 1b 6d | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 4b ad 83 a9 0f d4 86 0f | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: final-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150e50 | SKEYID_a PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_a: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_e: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: clone-key@0x5573f4150e50 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e: release clone-key@0x5573f4150e50 | SKEYID_e PRF sha crypt-prf@0x7ffab8001108 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f40bfec0 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 18 cf ab 75 6e 73 5b d5 14 ac d0 9b a2 32 49 53 d9 e2 ae ee 69 04 68 76 f2 42 7c 0b 11 1d 24 eb | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab8008c38 | unwrapped: e7 a9 e2 bd dc b0 d1 c6 d9 0a fe f1 c9 c7 74 f1 | unwrapped: a7 6c 9b 39 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f4150a70 (size 256) | SKEYID_e: g^xy-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: d2 46 56 9f 7d 19 73 d2 bc 84 23 da 3d 95 2a ad 09 3f 23 0d 06 cd 37 a4 2d e4 cc 9e c3 4b 26 c4 d2 52 d3 72 43 5d bf 87 93 8c 58 fc 0f 63 ff f0 ed da c1 40 9a 10 2f 66 ec 4f 2a 78 58 e7 92 ce db 8d 7e 6b 34 b4 3c d6 d3 03 28 cb 9c 65 b9 d1 75 88 cd 06 8d e4 a2 e0 58 19 0a f6 47 f3 d4 a5 72 37 db 2b 0d 42 be a7 76 44 2f a3 17 37 2b 11 a5 b6 b2 cf 60 fa f8 90 f2 4c c2 0d ba ee b7 5e ef 6a dc 54 a9 32 7e 93 e5 e2 86 19 8f 6d d6 3b e8 2e cf 6c 5d df a0 96 aa d6 5e 5e 29 dd de cf 60 4f 91 ad 48 83 2b 13 cb eb 25 b4 ea 2e 50 db c8 1d 33 1f f7 8f 3b e7 a0 b6 e7 54 01 c5 af 67 f6 8a 45 73 3a 67 e8 81 cb 3c cf e7 ca c0 0f 01 65 b5 46 f4 04 a1 ed 77 b6 60 de ea 78 9b b0 7a f1 e7 60 32 68 34 e2 a4 6c a3 68 2e 77 9d d3 3a d0 96 4f f2 ca ce 8b 25 b6 1f c3 84 50 64 d4 4e | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 02 78 9b df 0e 57 71 6b 6a c3 4e 91 d4 3a fa 43 | unwrapped: 53 6b 0d 70 9a 40 11 88 ea d0 0a e2 30 be b8 88 | unwrapped: 7e 47 61 f1 6e 6f 30 15 70 aa c0 e7 1b 4f 2a 2c | unwrapped: fd c0 4b 49 f1 91 61 53 21 99 73 b3 a1 76 37 77 | unwrapped: b5 ad fc 51 0d 63 fa c3 66 cf 74 89 26 04 00 35 | unwrapped: b9 09 54 53 40 19 2e 64 f1 67 38 11 f0 23 5f a4 | unwrapped: 64 4d 37 a0 8c 1f 20 2e b7 a7 65 af 69 02 59 78 | unwrapped: 49 ad 3d b1 80 f8 36 b1 57 ce df 50 d2 15 fd fe | unwrapped: 18 0e 8c 50 2d 72 a5 17 b9 86 cf c9 1e a5 c5 ba | unwrapped: 83 64 c2 42 12 37 7f 77 14 7e 3f e1 e1 84 ff 14 | unwrapped: f1 8e 80 8a 27 0f 32 d7 06 c9 d3 d8 cc fa 67 3a | unwrapped: 67 8a 8d af 3f 2c 19 b5 7b e8 16 09 01 8e 8e 65 | unwrapped: dd 51 e9 82 cf da d6 99 f6 34 ad 0c 0b 0a 27 38 | unwrapped: 04 21 77 bf ae 0f 9d 4a 2d 67 86 b1 cf 32 8b 61 | unwrapped: e8 31 64 7d 97 94 5f 3e ba 8e 89 6e 02 25 3a 69 | unwrapped: c8 4b 0f e6 a8 9d c6 a6 2b 43 1c 2c 70 99 f6 fd | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | b9 ba aa e4 a5 81 1b 6d | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 4b ad 83 a9 0f d4 86 0f | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2710 | result: final-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40c6080 | SKEYID_e PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID_e: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 16 | EXTRACT_KEY_FROM_KEY: | target: AES_CBC | flags: ENCRYPT+DECRYPT | key_size: 16-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2768 | result: keymat-key@0x5573f40c6080 (16-bytes, AES_CBC) | NSS: pointers skeyid_d 0x5573f414d560, skeyid_a 0x5573f40bfec0, skeyid_e 0x5573f4150e50, enc_key 0x5573f40c6080 | DH_i: 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | DH_i: 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | DH_i: 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | DH_i: 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | DH_i: 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | DH_i: 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | DH_i: 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | DH_i: 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | DH_i: 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | DH_i: b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | DH_i: c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | DH_i: c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | DH_i: 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | DH_i: dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | DH_i: bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | DH_i: 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | DH_r: 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | DH_r: bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | DH_r: 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | DH_r: d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | DH_r: bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | DH_r: 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | DH_r: 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | DH_r: 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | DH_r: a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | DH_r: 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | DH_r: 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | DH_r: 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | DH_r: 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | DH_r: 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | DH_r: 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | DH_r: 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | new IV hash sha final chunk@0x7ffab8008c38 (length 20) | 66 3f b8 6e fb 8e 16 3a c2 16 3d 85 93 77 27 87 | 0a 8c 88 54 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 23 time elapsed 0.002052 seconds | (#17) spent 2.05 milliseconds in crypto helper computing work-order 23: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 23 for state #17 to event queue | scheduling resume sending helper answer for #17 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #17 | start processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 23 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #17: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffac0004558: transferring ownership from helper IKEv1 DH+IV to state #17 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | b9 ba aa e4 a5 81 1b 6d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 4b ad 83 a9 0f d4 86 0f | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | 29 0f 56 16 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= b9 ba aa e4 a5 81 1b 6d | natd_hash: rcookie= 4b ad 83 a9 0f d4 86 0f | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | natd_hash: hash= 29 0f 56 16 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | b9 ba aa e4 a5 81 1b 6d | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 4b ad 83 a9 0f d4 86 0f | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | 38 23 5d 7b | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= b9 ba aa e4 a5 81 1b 6d | natd_hash: rcookie= 4b ad 83 a9 0f d4 86 0f | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | natd_hash: hash= 38 23 5d 7b | expected NAT-D(me): 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | expected NAT-D(me): 29 0f 56 16 | expected NAT-D(him): | 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | 38 23 5d 7b | received NAT-D: 27 15 14 25 9d 15 19 ce ad 68 9e f8 83 ca 95 25 | received NAT-D: 29 0f 56 16 | received NAT-D: 51 6d 92 bc 0d bb 70 f2 c6 c0 33 25 16 06 10 84 | received NAT-D: 38 23 5d 7b | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x5573f4165a28 | hmac PRF sha update data-bytes@0x7ffac0004b38 (length 256) | 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | hmac PRF sha update data-bytes@0x7ffaa8004f28 (length 256) | 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | b9 ba aa e4 a5 81 1b 6d | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 4b ad 83 a9 0f d4 86 0f | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | dc dc 08 19 da d8 e5 03 cb aa 1f b7 08 0d b0 ec | b7 19 ed d6 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I dc dc 08 19 da d8 e5 03 cb aa 1f b7 08 0d b0 ec | HASH_I b7 19 ed d6 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: dc dc 08 19 da d8 e5 03 cb aa 1f b7 08 0d b0 ec | encrypting: b7 19 ed d6 | IV: 66 3f b8 6e fb 8e 16 3a c2 16 3d 85 93 77 27 87 | IV: 0a 8c 88 54 | unpadded size is: 36 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 48 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 76 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 2d 39 d3 2a b6 e2 7b 25 8f 80 2d 37 eb 79 4d d8 | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #17: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffac00047c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 76 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 05 10 02 01 00 00 00 00 00 00 00 4c b3 09 f4 91 | 97 0c 17 d6 5f 37 fa 70 01 2e b0 d1 1a 7e 7a 58 | f8 51 3a 09 1e 14 93 c9 8d 23 be 5c 2d 39 d3 2a | b6 e2 7b 25 8f 80 2d 37 eb 79 4d d8 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #17 | libevent_malloc: new ptr-libevent@0x5573f4166038 size 128 | #17 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.723288 "aes128" #17: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #17 suppresed complete_v1_state_transition() | #17 spent 0.515 milliseconds in resume sending helper answer | stop processing: state #17 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab8003ad8 | spent 0.00197 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 05 10 02 01 00 00 00 00 00 00 00 4c 09 97 8e a2 | 21 9c 18 34 e2 d2 48 78 70 23 c0 97 40 a7 dd 09 | cb 4f 46 34 a0 89 83 79 ac 0d 7f ff 78 06 d1 e5 | 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #17 in MAIN_I3 (find_state_ikev1) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 2d 39 d3 2a b6 e2 7b 25 8f 80 2d 37 eb 79 4d d8 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | decrypted payload (starts at offset -48): | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 05 10 02 01 00 00 00 00 00 00 00 4c 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 d5 b0 cf fa | 19 ec 5d 75 23 c5 44 4b 3d 23 33 2e 83 6e a4 ea | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 12 bytes of padding | message 'main_inR3' HASH payload not checked early "aes128" #17: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f41619f0 | hmac: release clone-key@0x5573f41619f0 | hmac PRF sha crypt-prf@0x7ffab8008c38 | hmac PRF sha update data-bytes@0x7ffaa8004f28 (length 256) | 98 a0 7e 81 5d f4 62 3c 05 e1 c0 59 bb af 1e 24 | bb c6 e3 08 28 17 59 90 a9 3d 5c 26 dd d1 94 1c | 62 a5 5c 96 ec a0 e1 5a 28 89 f0 8e 2f 9d 10 19 | d0 ef 66 f4 40 05 b1 9f 33 ee 90 04 0c ec 72 74 | bf 7f 50 27 f4 d2 75 ee c2 a8 4f 55 29 71 34 d0 | 98 2a ba fe a2 d4 ce 82 e0 92 bf 7b 50 38 1b 28 | 3d 24 f8 b2 f8 7b 55 bd 0c f9 06 f9 e8 9b f1 d5 | 78 33 96 6b d1 24 31 92 93 0f 09 99 ee 78 b3 fb | a9 a4 d8 c7 66 02 ec f9 15 fe 1f 0b 93 42 2d fa | 50 70 12 f7 68 90 e7 08 a9 c3 a7 e8 9a a6 57 f6 | 67 bb 2f d5 cd 7d 95 f2 15 c1 71 6f e2 8c 01 bd | 72 90 93 9d e2 d8 9e 17 4a 0d 7d 85 0c 9c e9 ef | 5d 6a 9b af 1a 57 6b df e5 96 58 fd 08 3b c8 c3 | 22 1d f0 66 89 c8 0d 97 48 85 3f b7 4d 95 d2 d4 | 09 c9 9b 7c db b3 ce 53 a0 b2 4f 2e f7 78 c6 1e | 67 c7 d7 da ac 7a f0 83 a0 52 f2 42 f3 57 dd 18 | hmac PRF sha update data-bytes@0x7ffac0004b38 (length 256) | 46 fa eb 52 11 9d 79 59 bd d1 59 77 17 17 5c 38 | 16 70 fa 12 87 9a c3 ef 04 7a 09 05 e1 c1 a7 30 | 56 68 03 11 63 e6 88 fb 59 85 8f 00 cd d5 db 2a | 44 93 9e 2d 6a 79 a8 72 3d 90 70 6a 92 47 dc f9 | 0e d6 1a 15 8c 40 71 7e b0 d4 88 b6 7f e6 1b 9f | 7a ed de 55 b0 b7 42 9c 65 61 c6 c0 61 b7 ac 63 | 9b 1d a3 8a c9 62 49 57 53 59 bd 72 d8 ee 0c ed | 62 6e 95 93 a2 4f e1 21 bf a0 dd cc 71 30 39 6b | 8a 77 db 05 b5 22 c9 1c 59 09 b6 40 79 7a 29 db | b5 29 ac 2b d6 66 8c b9 ac 25 c6 95 0d 79 73 2d | c1 bc 50 24 b8 0f 2f 19 d4 52 4e 68 d5 d5 88 9c | c7 b6 af ba eb 03 87 28 b3 13 48 a8 53 26 a2 97 | 2f a2 94 84 09 20 1f 33 21 aa 94 48 b8 ad b4 b0 | dd e6 0e c9 03 e4 fa 03 4e d3 e4 77 7a 53 7f 2b | bd bb b6 44 1c dd a9 f4 9f 8b e5 64 30 78 ba a9 | 10 02 29 66 cc ec 8c f6 23 69 d6 5f 8a 75 74 e3 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 4b ad 83 a9 0f d4 86 0f | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | b9 ba aa e4 a5 81 1b 6d | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 07 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 80 | hmac PRF sha update data-bytes@0x5573f4165f88 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | d5 b0 cf fa 19 ec 5d 75 23 c5 44 4b 3d 23 33 2e | 83 6e a4 ea | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #17 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #17: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #17 requesting EVENT_RETRANSMIT to be deleted | #17 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4166038 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2761 seconds for #17 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | pstats #17 ikev1.isakmp established "aes128" #17: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_128 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #17 | creating state object #18 at 0x5573f4166828 | State DB: adding IKEv1 state #18 in UNDEFINED | pstats #18 ikev1.ipsec started | duplicating state object #17 "aes128" as #18 for IPSEC SA | #18 setting local endpoint to 192.1.2.45:500 from #17.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_d_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ai_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f40c6080 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #17 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #18 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #18: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "aes128" #18: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#17 msgid:d6530c77 proposal=AES_CBC_128-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 24 for state #18 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #18 | libevent_malloc: new ptr-libevent@0x5573f416e348 size 128 | stop processing: state #18 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #17 connection "aes128" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "aes128" | removing pending policy for no connection {0x5573f41555c8} | close_any(fd@24) (in release_whack() at state.c:654) | #17 spent 0.379 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.525 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 3 resuming | crypto helper 3 starting work-order 24 for state #18 | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 24 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffabc003038: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffabc003038 | NSS: Public DH wire value: | 8f a0 d2 4c 29 a5 b4 44 ec 44 fe b8 93 cc 1d 36 | 64 45 6c 28 ae 3d 5f 4e 19 70 2c c6 68 55 8e fb | c7 0c e3 1d 1e 04 b8 e8 0a 08 fe 28 39 1b 10 8a | 10 d8 f2 27 e1 7d 2c 32 d3 f7 0f 66 f4 0b 88 c4 | 34 29 9e 5f 37 17 2f 12 e0 e4 7e 54 13 2b 5c c5 | b9 ac 71 62 39 97 0b a8 c2 b5 3c 28 08 d3 1e d3 | 2c 24 7a 87 17 3a e4 0b 87 01 7d d5 5e 5c 46 af | eb c7 b5 52 98 85 78 40 7d cf 6f 2a 76 7b 41 df | e1 0c 35 a0 e1 91 f3 29 86 3d a8 29 e5 f8 0a c3 | 4a f2 1f 25 4b af 4f e8 e4 79 21 be a5 18 8e 82 | ff f5 78 1c 46 ed b2 a9 f0 69 ca 20 41 f4 a6 75 | ff e0 38 ff f4 2c 10 7f 60 cd 45 9a e5 ff c8 cf | a0 f0 1e e8 30 9e 0e fd 01 8a 69 04 28 9f d7 29 | 24 79 17 be 10 8e 61 2d 2f 31 1e a6 2d ad 0c 7d | d7 e5 d6 6d c1 53 86 fa b2 9c 6b b9 07 01 8b 5c | 14 df 7e b1 3a da cb b7 37 24 32 76 84 72 75 bd | Generated nonce: 72 c9 36 4f 29 43 e1 71 d9 92 29 52 c3 24 f3 d6 | Generated nonce: 6f 48 1c 2d e7 3c e1 60 21 f5 66 5b 7b 0b 86 37 | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 24 time elapsed 0.001056 seconds | (#18) spent 1.06 milliseconds in crypto helper computing work-order 24: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 24 for state #18 to event queue | scheduling resume sending helper answer for #18 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #18 | start processing: state #18 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 24 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #18: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3595766903 (0xd6530c77) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: AES_CBC_128-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=12, attr_cnt=2, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x7065a002 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 70 65 a0 02 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_AES (0xc) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] "aes128" #18: IMPAIR: stripping key-length "aes128" #18: IMPAIR: key-length-attribute:empty not implemented | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 72 c9 36 4f 29 43 e1 71 d9 92 29 52 c3 24 f3 d6 | Ni 6f 48 1c 2d e7 3c e1 60 21 f5 66 5b 7b 0b 86 37 | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffabc003038: transferring ownership from helper KE to state #18 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 8f a0 d2 4c 29 a5 b4 44 ec 44 fe b8 93 cc 1d 36 | keyex value 64 45 6c 28 ae 3d 5f 4e 19 70 2c c6 68 55 8e fb | keyex value c7 0c e3 1d 1e 04 b8 e8 0a 08 fe 28 39 1b 10 8a | keyex value 10 d8 f2 27 e1 7d 2c 32 d3 f7 0f 66 f4 0b 88 c4 | keyex value 34 29 9e 5f 37 17 2f 12 e0 e4 7e 54 13 2b 5c c5 | keyex value b9 ac 71 62 39 97 0b a8 c2 b5 3c 28 08 d3 1e d3 | keyex value 2c 24 7a 87 17 3a e4 0b 87 01 7d d5 5e 5c 46 af | keyex value eb c7 b5 52 98 85 78 40 7d cf 6f 2a 76 7b 41 df | keyex value e1 0c 35 a0 e1 91 f3 29 86 3d a8 29 e5 f8 0a c3 | keyex value 4a f2 1f 25 4b af 4f e8 e4 79 21 be a5 18 8e 82 | keyex value ff f5 78 1c 46 ed b2 a9 f0 69 ca 20 41 f4 a6 75 | keyex value ff e0 38 ff f4 2c 10 7f 60 cd 45 9a e5 ff c8 cf | keyex value a0 f0 1e e8 30 9e 0e fd 01 8a 69 04 28 9f d7 29 | keyex value 24 79 17 be 10 8e 61 2d 2f 31 1e a6 2d ad 0c 7d | keyex value d7 e5 d6 6d c1 53 86 fa b2 9c 6b b9 07 01 8b 5c | keyex value 14 df 7e b1 3a da cb b7 37 24 32 76 84 72 75 bd | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x5573f4163368 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | d6 53 0c 77 | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 70 65 a0 02 00 00 00 1c 00 0c 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 72 c9 36 4f 29 43 e1 71 | d9 92 29 52 c3 24 f3 d6 6f 48 1c 2d e7 3c e1 60 | 21 f5 66 5b 7b 0b 86 37 05 00 01 04 8f a0 d2 4c | 29 a5 b4 44 ec 44 fe b8 93 cc 1d 36 64 45 6c 28 | ae 3d 5f 4e 19 70 2c c6 68 55 8e fb c7 0c e3 1d | 1e 04 b8 e8 0a 08 fe 28 39 1b 10 8a 10 d8 f2 27 | e1 7d 2c 32 d3 f7 0f 66 f4 0b 88 c4 34 29 9e 5f | 37 17 2f 12 e0 e4 7e 54 13 2b 5c c5 b9 ac 71 62 | 39 97 0b a8 c2 b5 3c 28 08 d3 1e d3 2c 24 7a 87 | 17 3a e4 0b 87 01 7d d5 5e 5c 46 af eb c7 b5 52 | 98 85 78 40 7d cf 6f 2a 76 7b 41 df e1 0c 35 a0 | e1 91 f3 29 86 3d a8 29 e5 f8 0a c3 4a f2 1f 25 | 4b af 4f e8 e4 79 21 be a5 18 8e 82 ff f5 78 1c | 46 ed b2 a9 f0 69 ca 20 41 f4 a6 75 ff e0 38 ff | f4 2c 10 7f 60 cd 45 9a e5 ff c8 cf a0 f0 1e e8 | 30 9e 0e fd 01 8a 69 04 28 9f d7 29 24 79 17 be | 10 8e 61 2d 2f 31 1e a6 2d ad 0c 7d d7 e5 d6 6d | c1 53 86 fa b2 9c 6b b9 07 01 8b 5c 14 df 7e b1 | 3a da cb b7 37 24 32 76 84 72 75 bd 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | a4 5f 04 d7 f6 d6 22 e5 69 3b fb dd a2 70 bb 5f | 0e fa 5f 62 | outI1 HASH(1): | a4 5f 04 d7 f6 d6 22 e5 69 3b fb dd a2 70 bb 5f | 0e fa 5f 62 | last Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | current Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | d6 53 0c 77 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 5e 88 42 b9 f7 93 2f dc 60 8d c7 13 d2 f4 9e 21 | 4f c5 84 d4 | encrypting: 01 00 00 18 a4 5f 04 d7 f6 d6 22 e5 69 3b fb dd | encrypting: a2 70 bb 5f 0e fa 5f 62 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 70 65 a0 02 | encrypting: 00 00 00 1c 00 0c 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 72 c9 36 4f 29 43 e1 71 d9 92 29 52 c3 24 f3 d6 | encrypting: 6f 48 1c 2d e7 3c e1 60 21 f5 66 5b 7b 0b 86 37 | encrypting: 05 00 01 04 8f a0 d2 4c 29 a5 b4 44 ec 44 fe b8 | encrypting: 93 cc 1d 36 64 45 6c 28 ae 3d 5f 4e 19 70 2c c6 | encrypting: 68 55 8e fb c7 0c e3 1d 1e 04 b8 e8 0a 08 fe 28 | encrypting: 39 1b 10 8a 10 d8 f2 27 e1 7d 2c 32 d3 f7 0f 66 | encrypting: f4 0b 88 c4 34 29 9e 5f 37 17 2f 12 e0 e4 7e 54 | encrypting: 13 2b 5c c5 b9 ac 71 62 39 97 0b a8 c2 b5 3c 28 | encrypting: 08 d3 1e d3 2c 24 7a 87 17 3a e4 0b 87 01 7d d5 | encrypting: 5e 5c 46 af eb c7 b5 52 98 85 78 40 7d cf 6f 2a | encrypting: 76 7b 41 df e1 0c 35 a0 e1 91 f3 29 86 3d a8 29 | encrypting: e5 f8 0a c3 4a f2 1f 25 4b af 4f e8 e4 79 21 be | encrypting: a5 18 8e 82 ff f5 78 1c 46 ed b2 a9 f0 69 ca 20 | encrypting: 41 f4 a6 75 ff e0 38 ff f4 2c 10 7f 60 cd 45 9a | encrypting: e5 ff c8 cf a0 f0 1e e8 30 9e 0e fd 01 8a 69 04 | encrypting: 28 9f d7 29 24 79 17 be 10 8e 61 2d 2f 31 1e a6 | encrypting: 2d ad 0c 7d d7 e5 d6 6d c1 53 86 fa b2 9c 6b b9 | encrypting: 07 01 8b 5c 14 df 7e b1 3a da cb b7 37 24 32 76 | encrypting: 84 72 75 bd 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 5e 88 42 b9 f7 93 2f dc 60 8d c7 13 d2 f4 9e 21 | IV: 4f c5 84 d4 | unpadded size is: 404 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 416 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 444 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 84 7a b3 11 6a be c0 e3 c0 76 ed 9c b3 72 90 b0 | sending 444 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #18) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 08 10 20 01 d6 53 0c 77 00 00 01 bc b7 e8 32 33 | b1 7d 7e 1d 1e 2f 69 93 55 64 89 b2 22 e2 ab 75 | f1 57 51 30 37 0d db 71 ca f7 f7 f8 4a 0a d6 57 | 70 0b b8 cb 16 8a ee 4f 65 ed 56 c7 91 b4 93 27 | 5c df 1e b7 3e 60 36 53 9a d0 2a 75 18 87 a2 77 | 5c e8 36 95 fd 58 78 4c cf 0f 81 aa cb a1 52 9e | 3b 8f 6f 1d 33 a0 58 b0 5b b4 f3 13 f7 cf ef f8 | 61 65 b5 d5 ff e3 ad d6 36 f3 fd d3 89 72 54 70 | 20 86 5b 63 0a b8 c6 e2 87 37 cd 13 07 3e f0 b1 | 4d 0c d9 15 83 69 97 f7 21 6f 2f 03 92 43 98 51 | cb 64 1d d2 7a 4f 8c 99 00 1c 48 81 d8 9a 95 14 | a7 96 72 27 1a 7b 99 b7 d3 f0 99 98 a6 3a 87 eb | c8 68 ce 43 f6 65 b1 fc e4 30 97 49 7b e1 a7 fd | 95 d0 79 a5 0d 81 c4 5a 32 dc fa fb 66 dd 57 dc | 9e 38 9b 81 14 8c 64 c7 d3 9a 8a e3 3a 54 32 97 | 91 3a 9c b9 fb b8 bf d4 b4 18 68 3b 70 a3 ef 70 | 72 2a fe 1e 5a 15 fa 50 89 ba 17 fc 8f 1e 74 c7 | c1 c1 79 7f a5 25 a3 0f f0 f0 5c 45 4a ec 1a 01 | 4b 5c 70 71 00 d1 b0 32 91 7d 43 03 05 22 30 0a | b7 fa 15 16 64 9c 76 e5 33 ae ed 9d 7f 87 d8 d5 | a9 72 89 ed 5e e8 73 15 d5 4e dc 8a 8e a6 02 1a | 6a a3 65 1e 39 07 7e ac ee a8 1e b7 03 c8 f1 96 | bd aa a8 c5 3b 64 1d ae db 96 84 61 44 78 6e 53 | 61 5a 3d 84 44 82 82 3c 98 82 6f 51 19 24 88 d7 | fe ff d8 69 db 15 6e f0 c6 bf 49 ae 4b dd d2 0f | 2f 2c 0c a0 e9 be f5 0a 02 c5 02 1f 84 7a b3 11 | 6a be c0 e3 c0 76 ed 9c b3 72 90 b0 | state #18 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f416e348 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #18 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | #18 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10453.726451 | resume sending helper answer for #18 suppresed complete_v1_state_transition() | #18 spent 0.573 milliseconds in resume sending helper answer | stop processing: state #18 connection "aes128" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffabc003088 | spent 0.00226 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 76 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 08 10 05 01 a0 07 99 9e 00 00 00 4c 5d 52 2a 20 | cc bf 89 77 58 59 34 56 a7 cc 2b 89 9b 2c 53 b7 | e6 f6 93 2d 8c fb dc 5d 7e e3 20 d3 d8 5d ec 5b | ac 75 08 c7 68 93 ad 7a 68 01 ca df | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2684852638 (0xa007999e) | length: 76 (0x4c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | peer and cookies match on #18; msgid=00000000 st_msgid=d6530c77 st_msgid_phase15=00000000 | peer and cookies match on #17; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000 | p15 state object #17 found, in STATE_MAIN_I4 | State DB: found IKEv1 state #17 in MAIN_I4 (find_v1_info_state) | start processing: state #17 connection "aes128" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | last Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | current Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b12bc (length 4) | a0 07 99 9e | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 65 7e 8b 2d 48 76 c9 16 12 ed 32 c4 50 3d 7b be | cd 32 4b d8 | #17 is idle | #17 idle | received encrypted packet from 192.1.2.23:500 | decrypting 48 bytes using algorithm AES_CBC | IV before: 65 7e 8b 2d 48 76 c9 16 12 ed 32 c4 50 3d 7b be | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | IV after: d8 5d ec 5b ac 75 08 c7 68 93 ad 7a 68 01 ca df | decrypted payload (starts at offset -48): | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 08 10 05 01 a0 07 99 9e 00 00 00 4c 0b 00 00 18 | fb 0c 3e 66 43 f4 3b 41 51 d1 48 92 51 11 25 42 | 52 05 95 a4 00 00 00 0c 00 00 00 01 01 00 00 0e | 00 00 00 00 00 00 00 00 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_N (0xb) | length: 24 (0x18) | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | removing 12 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffab8008c38 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | a0 07 99 9e | HASH(1) PRF sha update payload-bytes@0x5573f4165f9c (length 12) | 00 00 00 0c 00 00 00 01 01 00 00 0e | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | fb 0c 3e 66 43 f4 3b 41 51 d1 48 92 51 11 25 42 | 52 05 95 a4 | informational HASH(1): | fb 0c 3e 66 43 f4 3b 41 51 d1 48 92 51 11 25 42 | 52 05 95 a4 | received 'informational' message HASH(1) data ok "aes128" #17: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "aes128" #17: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #17 spent 0.00694 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #17 connection "aes128" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.226 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x7ffab4002b78 | handling event EVENT_RETRANSMIT for child state #18 | start processing: state #18 connection "aes128" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "aes128" #18 keying attempt 1 of 0; retransmit 1 "aes128" #18: IMPAIR: retransmit so deleting SA | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #18 ikev1.ipsec failed too-many-retransmits | pstats #18 ikev1.ipsec deleted too-many-retransmits | [RE]START processing: state #18 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #18: deleting state (STATE_QUICK_I1) aged 0.502s and NOT sending notification | child state #18: QUICK_I1(established CHILD SA) => delete | child state #18: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational) | priority calculation of connection "aes128" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #18 in CHILDSA_DEL | child state #18: CHILDSA_DEL(informational) => UNDEFINED(ignore) | close_any(fd@25) (in release_whack() at state.c:654) | DH secret MODP2048@0x7ffabc003038: destroyed | stop processing: state #18 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | in statetime_stop() and could not find #18 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0427 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in terminate_a_connection() at terminate.c:69) "aes128": terminating SAs using this connection | connection 'aes128' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #17 | suspend processing: connection "aes128" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #17 connection "aes128" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #17 ikev1.isakmp deleted completed | [RE]START processing: state #17 connection "aes128" from 192.1.2.23 (in delete_state() at state.c:879) "aes128" #17: deleting state (STATE_MAIN_I4) aged 0.525s and sending notification | parent state #17: MAIN_I4(established IKE SA) => delete | #17 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3495967921 (0xd0603cb1) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI b9 ba aa e4 a5 81 1b 6d | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 4b ad 83 a9 0f d4 86 0f | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1) prf: begin sha with context 0x7ffab4002b50 from SKEYID_a-key@0x5573f41619f0 | HASH(1): release clone-key@0x5573f41619f0 | HASH(1) PRF sha crypt-prf@0x7ffabc003188 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | d0 60 3c b1 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 b9 ba aa e4 | a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | dd 5b d6 9b a5 d3 0e 49 b5 95 37 f5 4a 76 b3 12 | b4 c1 a6 55 | send delete HASH(1): | dd 5b d6 9b a5 d3 0e 49 b5 95 37 f5 4a 76 b3 12 | b4 c1 a6 55 | last Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | current Phase 1 IV: 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 16) | 78 06 d1 e5 33 5d 9e 1a 8e 0b ac 5a 8e b7 dd cb | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | d0 60 3c b1 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 74 c1 41 a1 b7 f7 b4 44 0a 14 d2 da d5 33 05 f6 | 57 bb 4f 64 | encrypting: 0c 00 00 18 dd 5b d6 9b a5 d3 0e 49 b5 95 37 f5 | encrypting: 4a 76 b3 12 b4 c1 a6 55 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 | encrypting: 0f d4 86 0f | IV: 74 c1 41 a1 b7 f7 b4 44 0a 14 d2 da d5 33 05 f6 | IV: 57 bb 4f 64 | unpadded size is: 52 | emitting 12 zero bytes of encryption padding into ISAKMP Message | encrypting 64 using AES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 92 | NSS ike_alg_nss_cbc: aes - enter | NSS ike_alg_nss_cbc: aes - exit | next IV: 45 7a 0b db cd 9a c7 fe c3 af 5e 2d d4 ca 70 96 | sending 92 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #17) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 08 10 05 01 d0 60 3c b1 00 00 00 5c bd 26 fd 62 | b6 d6 39 f1 1c 7b 55 21 1c 04 25 5a 00 56 32 bf | 8e d5 55 7a 9e 49 7b 46 0d 53 fc 3e ae d3 32 94 | a4 c5 18 cb cb f5 91 3e 9e 87 aa a1 45 7a 0b db | cd 9a c7 fe c3 af 5e 2d d4 ca 70 96 | state #17 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab8003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "aes128" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection aes128 | State DB: deleting IKEv1 state #17 in MAIN_I4 | parent state #17: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffac0004558: destroyed | stop processing: state #17 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4150a70 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f40c6080 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "aes128" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection 'aes128' wasn't on the list | stop processing: connection "aes128" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.424 milliseconds in whack | spent 0.00253 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | b9 ba aa e4 a5 81 1b 6d 4b ad 83 a9 0f d4 86 0f | 08 10 05 01 66 d1 2a 96 00 00 00 5c fd d0 cf 14 | 10 a1 5d ae ec e3 45 a6 c8 65 9a c7 04 5f 11 be | 01 dd 56 cd 26 8d e9 6e 23 69 1e 89 9f 36 7a 1b | f5 f5 aa 59 85 25 49 fc bc 86 54 e1 d4 17 fd 5f | 0f 1d d0 81 7c 39 90 77 55 32 0f 4e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | b9 ba aa e4 a5 81 1b 6d | responder cookie: | 4b ad 83 a9 0f d4 86 0f | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 1724983958 (0x66d12a96) | length: 92 (0x5c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x66d12a96 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | b9 ba aa e4 a5 81 1b 6d | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 4b ad 83 a9 0f d4 86 0f | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0699 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | emitting: disabled | child-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0474 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + suppress-retransmits | base impairing = suppress-retransmits | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0911 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.106 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #19 at 0x5573f4163978 | State DB: adding IKEv1 state #19 in UNDEFINED | pstats #19 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #19 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #19: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #19 "3des" "3des" #19: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x5573f41637c8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | emitting length of ISAKMP Transform Payload (ISAKMP): 32 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 200 | sending 200 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 94 13 01 bf f9 6d 03 77 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 c8 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14 | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5 | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8 | 7c fd b2 fc 68 b6 a4 48 "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | #19 STATE_MAIN_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10454.715411 | #19 spent 0.302 milliseconds in main_outI1() | stop processing: state #19 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.352 milliseconds in whack | spent 0.00217 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 140 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 01 10 02 00 00 00 00 00 00 00 00 8c 0d 00 00 34 | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9 | 6b 86 96 fc 77 57 01 00 00 00 00 14 4a 13 1c 81 | 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 140 (0x8c) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #19 in MAIN_I1 (find_state_ikev1_init) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 32 (0x20) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 25 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffabc003088 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.104 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.199 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 4 resuming | crypto helper 4 starting work-order 25 for state #19 | crypto helper 4 doing build KE and nonce (outI2 KE); request ID 25 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffab0005698: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffab0005698 | NSS: Public DH wire value: | 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | Generated nonce: cc 7e 07 94 24 b3 f9 00 3e d3 ae fd c0 06 e0 22 | Generated nonce: 03 f3 8f 99 e4 06 91 fd 7e 56 58 db ba de e2 55 | crypto helper 4 finished build KE and nonce (outI2 KE); request ID 25 time elapsed 0.000655 seconds | (#19) spent 0.649 milliseconds in crypto helper computing work-order 25: outI2 KE (pcr) | crypto helper 4 sending results from work-order 25 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7ffab00058f8 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 25 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #19: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffab0005698: transferring ownership from helper KE to state #19 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | keyex value d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | keyex value a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | keyex value 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | keyex value 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | keyex value f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | keyex value 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | keyex value e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | keyex value 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | keyex value 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | keyex value b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | keyex value cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | keyex value 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | keyex value e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | keyex value 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | keyex value d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni cc 7e 07 94 24 b3 f9 00 3e d3 ae fd c0 06 e0 22 | Ni 03 f3 8f 99 e4 06 91 fd 7e 56 58 db ba de e2 55 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 94 13 01 bf f9 6d 03 77 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 89 1f 46 71 19 4f c9 54 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | 5f cd d2 1c | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 94 13 01 bf f9 6d 03 77 | natd_hash: rcookie= 89 1f 46 71 19 4f c9 54 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | natd_hash: hash= 5f cd d2 1c | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | NAT-D 5f cd d2 1c | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | 94 13 01 bf f9 6d 03 77 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | 89 1f 46 71 19 4f c9 54 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | 94 54 80 54 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 94 13 01 bf f9 6d 03 77 | natd_hash: rcookie= 89 1f 46 71 19 4f c9 54 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | natd_hash: hash= 94 54 80 54 | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | NAT-D 94 54 80 54 | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #19 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #19: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffabc003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | 14 00 00 24 cc 7e 07 94 24 b3 f9 00 3e d3 ae fd | c0 06 e0 22 03 f3 8f 99 e4 06 91 fd 7e 56 58 db | ba de e2 55 14 00 00 18 0e 0e bb 6c ae 0e 09 47 | 63 44 95 5d 34 7e 70 95 5f cd d2 1c 00 00 00 18 | 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | 94 54 80 54 | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x5573f416e348 size 128 | #19 STATE_MAIN_I2: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10454.71713 "3des" #19: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.265 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab00058f8 | spent 0.00247 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | 14 00 00 24 35 3a f2 e6 64 26 ad 9c 95 bd 11 f6 | 0b be 5b 55 c8 b2 3e 01 cb e3 31 4e 9e 72 b4 b9 | 7a bb e8 11 14 00 00 18 8b bf 0b a0 a2 d2 fd b9 | 6c a8 cd a4 3c 73 d3 07 94 54 80 54 00 00 00 18 | 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | 5f cd d2 1c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I2 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffab0005698: transferring ownership from state #19 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 26 for state #19 | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f416e348 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x7ffab00058f8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #19 and saving MD | #19 is busy; has a suspended MD | #19 spent 0.0894 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 2 resuming | crypto helper 2 starting work-order 26 for state #19 | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 | peer's g: ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | peer's g: b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | peer's g: 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | peer's g: 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | peer's g: e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | peer's g: 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | peer's g: a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | peer's g: 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | peer's g: 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | peer's g: 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | peer's g: 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | peer's g: 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | peer's g: a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | peer's g: 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | peer's g: 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | peer's g: 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | Started DH shared-secret computation in NSS: | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.212 milliseconds in comm_handle_cb() reading and processing packet | new : g_ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffab0005698: computed shared DH secret key@0x5573f40c6080 | dh-shared : g^ir-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: psk-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f40bfec0 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: psk-key@0x5573f4150e50 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f40bfec0 | SKEYID psk prf: created sha context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk prf: begin sha with context 0x7ffab4003b00 from psk-key@0x5573f4150e50 | SKEYID psk: release clone-key@0x5573f4150e50 | SKEYID psk PRF sha crypt-prf@0x7ffab4001548 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | cc 7e 07 94 24 b3 f9 00 3e d3 ae fd c0 06 e0 22 | 03 f3 8f 99 e4 06 91 fd 7e 56 58 db ba de e2 55 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 35 3a f2 e6 64 26 ad 9c 95 bd 11 f6 0b be 5b 55 | c8 b2 3e 01 cb e3 31 4e 9e 72 b4 b9 7a bb e8 11 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID psk PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID psk: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_d: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1718 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f40bfec0 | SKEYID_d: release clone-key@0x5573f40bfec0 | SKEYID_d PRF sha crypt-prf@0x7ffab4001278 | SKEYID_d PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_d: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: a5 91 c5 e1 49 db 2f 75 bb b1 ce 78 8e 9d a0 96 20 33 17 7c d5 63 16 18 71 4c 5e 7b 99 ca 66 19 fb 5a c8 ba b7 55 1b c1 6d 0b 3e 7e 44 db 19 58 87 5d a2 22 b0 0e 74 d1 d2 dd 33 89 26 fd d7 a3 a2 ca 41 b9 75 99 bd 17 4a ea 1e d6 f4 32 2e bf e1 9f 17 a7 6d b1 56 52 05 06 32 f8 0f 8b e2 3e 05 3e de e3 57 d4 6d 6e 5d 62 f5 fa bd 3b fe 22 4f 10 35 7a 40 5c f6 21 f4 9a f6 79 97 1e 0e a9 9c 74 8f b3 a9 14 05 e7 e5 a9 91 38 73 70 12 ab 2f 8b 9b 25 7f 12 03 87 f9 47 3d b8 83 fd 0c 53 75 d4 45 03 ed 14 30 5d 6e a2 40 fb 01 b3 50 40 f9 c2 ee 65 e2 41 dc 6d 23 b1 92 54 f4 6e 71 41 6c 59 53 33 6f e8 8f 8e 0c 5e 09 58 97 1f 67 ed 1b 84 83 b2 f8 5c d7 7f 07 0c c8 ae da ff 57 d5 53 9c 80 d5 24 ef 14 00 97 e3 c5 7b 50 5e 0a 0f 36 dc 32 a5 16 dc 24 1c 05 f4 44 8e 15 c2 1d c6 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab4004678 | unwrapped: 00 02 97 8e f7 ab c7 2c 45 bb 2a 5d 7e d7 d6 e0 | unwrapped: 4d 81 78 82 09 17 d6 90 d3 19 21 99 26 d7 43 2d | unwrapped: 97 df 35 86 3b bb 3b a9 89 55 7b da 51 8d 5f c1 | unwrapped: 84 94 02 dc f8 55 47 e5 0b 75 5c d3 6c c8 9a 5e | unwrapped: b5 5a ee 19 44 94 d7 5c 9c 0c e8 e5 cb 6d d3 a2 | unwrapped: 38 ab 2b 7e 5b 1c 34 09 ef e7 28 16 42 a6 a6 3b | unwrapped: 21 5e 78 2a b5 bc a6 be 4d be ca de 22 94 cb 9f | unwrapped: 7f 65 69 d0 ff de 9b a5 f9 62 f0 f9 f8 5c 82 f0 | unwrapped: 5f d7 a9 82 e2 aa 42 6c 60 70 ba 5f 22 aa 81 e8 | unwrapped: f4 fe cc 72 e5 28 1c 6e 3c ac 44 e2 38 11 34 a4 | unwrapped: b8 5f 28 9b dd 74 65 d4 ef 6e 4a 05 3a 0b ba 33 | unwrapped: 11 c7 0d 49 75 7a ce ac 9e c0 5a 0c eb d8 71 3c | unwrapped: bf 2d 47 95 ff ee 9c ef b7 95 e6 ad 25 66 ae 0c | unwrapped: 25 e9 2b b8 ba 42 c0 14 8d 27 eb 66 c7 d3 65 48 | unwrapped: 3f c8 db 42 48 66 b0 26 9f 27 de fa 66 30 bc c0 | unwrapped: 91 63 9c 27 8d 8f fd 80 a3 ee c6 b9 9a 48 f9 1d | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 94 13 01 bf f9 6d 03 77 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 89 1f 46 71 19 4f c9 54 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID_d PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_d: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_a: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414d560 | SKEYID_a: release clone-key@0x5573f414d560 | SKEYID_a PRF sha crypt-prf@0x7ffab4001548 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f40bfec0 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 15 53 07 8c f5 ab c5 cd 04 11 63 5a d2 70 fe 23 46 34 a3 92 86 0e 9f b6 9d 99 de f4 63 87 d3 f3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab4001598 | unwrapped: 12 f5 7d 71 b5 5c 35 6c 58 8e 7f d6 06 73 23 86 | unwrapped: 4d 30 5a 25 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_a: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: a5 91 c5 e1 49 db 2f 75 bb b1 ce 78 8e 9d a0 96 20 33 17 7c d5 63 16 18 71 4c 5e 7b 99 ca 66 19 fb 5a c8 ba b7 55 1b c1 6d 0b 3e 7e 44 db 19 58 87 5d a2 22 b0 0e 74 d1 d2 dd 33 89 26 fd d7 a3 a2 ca 41 b9 75 99 bd 17 4a ea 1e d6 f4 32 2e bf e1 9f 17 a7 6d b1 56 52 05 06 32 f8 0f 8b e2 3e 05 3e de e3 57 d4 6d 6e 5d 62 f5 fa bd 3b fe 22 4f 10 35 7a 40 5c f6 21 f4 9a f6 79 97 1e 0e a9 9c 74 8f b3 a9 14 05 e7 e5 a9 91 38 73 70 12 ab 2f 8b 9b 25 7f 12 03 87 f9 47 3d b8 83 fd 0c 53 75 d4 45 03 ed 14 30 5d 6e a2 40 fb 01 b3 50 40 f9 c2 ee 65 e2 41 dc 6d 23 b1 92 54 f4 6e 71 41 6c 59 53 33 6f e8 8f 8e 0c 5e 09 58 97 1f 67 ed 1b 84 83 b2 f8 5c d7 7f 07 0c c8 ae da ff 57 d5 53 9c 80 d5 24 ef 14 00 97 e3 c5 7b 50 5e 0a 0f 36 dc 32 a5 16 dc 24 1c 05 f4 44 8e 15 c2 1d c6 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab40018c8 | unwrapped: 00 02 97 8e f7 ab c7 2c 45 bb 2a 5d 7e d7 d6 e0 | unwrapped: 4d 81 78 82 09 17 d6 90 d3 19 21 99 26 d7 43 2d | unwrapped: 97 df 35 86 3b bb 3b a9 89 55 7b da 51 8d 5f c1 | unwrapped: 84 94 02 dc f8 55 47 e5 0b 75 5c d3 6c c8 9a 5e | unwrapped: b5 5a ee 19 44 94 d7 5c 9c 0c e8 e5 cb 6d d3 a2 | unwrapped: 38 ab 2b 7e 5b 1c 34 09 ef e7 28 16 42 a6 a6 3b | unwrapped: 21 5e 78 2a b5 bc a6 be 4d be ca de 22 94 cb 9f | unwrapped: 7f 65 69 d0 ff de 9b a5 f9 62 f0 f9 f8 5c 82 f0 | unwrapped: 5f d7 a9 82 e2 aa 42 6c 60 70 ba 5f 22 aa 81 e8 | unwrapped: f4 fe cc 72 e5 28 1c 6e 3c ac 44 e2 38 11 34 a4 | unwrapped: b8 5f 28 9b dd 74 65 d4 ef 6e 4a 05 3a 0b ba 33 | unwrapped: 11 c7 0d 49 75 7a ce ac 9e c0 5a 0c eb d8 71 3c | unwrapped: bf 2d 47 95 ff ee 9c ef b7 95 e6 ad 25 66 ae 0c | unwrapped: 25 e9 2b b8 ba 42 c0 14 8d 27 eb 66 c7 d3 65 48 | unwrapped: 3f c8 db 42 48 66 b0 26 9f 27 de fa 66 30 bc c0 | unwrapped: 91 63 9c 27 8d 8f fd 80 a3 ee c6 b9 9a 48 f9 1d | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 94 13 01 bf f9 6d 03 77 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 89 1f 46 71 19 4f c9 54 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1700 | result: final-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414f010 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414f010 | SKEYID_a PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_a: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f4150e50 (size 20) | SKEYID_e: SKEYID-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1708 | result: clone-key@0x5573f414f010 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e prf: begin sha with context 0x7ffab4003b00 from SKEYID-key@0x5573f414f010 | SKEYID_e: release clone-key@0x5573f414f010 | SKEYID_e PRF sha crypt-prf@0x7ffab4001278 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f414d560 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 4b 2e f5 6f da a4 30 4d 7f 38 9c 42 52 ec 38 86 31 33 0f b5 23 0c 68 b9 90 db d3 c6 2d 0a 13 60 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab40039e8 | unwrapped: 69 7a 73 f4 c4 c4 be e9 1b 34 e5 68 e1 10 b0 8b | unwrapped: e3 c5 97 a7 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f40c6080 (size 256) | SKEYID_e: g^xy-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: a5 91 c5 e1 49 db 2f 75 bb b1 ce 78 8e 9d a0 96 20 33 17 7c d5 63 16 18 71 4c 5e 7b 99 ca 66 19 fb 5a c8 ba b7 55 1b c1 6d 0b 3e 7e 44 db 19 58 87 5d a2 22 b0 0e 74 d1 d2 dd 33 89 26 fd d7 a3 a2 ca 41 b9 75 99 bd 17 4a ea 1e d6 f4 32 2e bf e1 9f 17 a7 6d b1 56 52 05 06 32 f8 0f 8b e2 3e 05 3e de e3 57 d4 6d 6e 5d 62 f5 fa bd 3b fe 22 4f 10 35 7a 40 5c f6 21 f4 9a f6 79 97 1e 0e a9 9c 74 8f b3 a9 14 05 e7 e5 a9 91 38 73 70 12 ab 2f 8b 9b 25 7f 12 03 87 f9 47 3d b8 83 fd 0c 53 75 d4 45 03 ed 14 30 5d 6e a2 40 fb 01 b3 50 40 f9 c2 ee 65 e2 41 dc 6d 23 b1 92 54 f4 6e 71 41 6c 59 53 33 6f e8 8f 8e 0c 5e 09 58 97 1f 67 ed 1b 84 83 b2 f8 5c d7 7f 07 0c c8 ae da ff 57 d5 53 9c 80 d5 24 ef 14 00 97 e3 c5 7b 50 5e 0a 0f 36 dc 32 a5 16 dc 24 1c 05 f4 44 8e 15 c2 1d c6 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab4004678 | unwrapped: 00 02 97 8e f7 ab c7 2c 45 bb 2a 5d 7e d7 d6 e0 | unwrapped: 4d 81 78 82 09 17 d6 90 d3 19 21 99 26 d7 43 2d | unwrapped: 97 df 35 86 3b bb 3b a9 89 55 7b da 51 8d 5f c1 | unwrapped: 84 94 02 dc f8 55 47 e5 0b 75 5c d3 6c c8 9a 5e | unwrapped: b5 5a ee 19 44 94 d7 5c 9c 0c e8 e5 cb 6d d3 a2 | unwrapped: 38 ab 2b 7e 5b 1c 34 09 ef e7 28 16 42 a6 a6 3b | unwrapped: 21 5e 78 2a b5 bc a6 be 4d be ca de 22 94 cb 9f | unwrapped: 7f 65 69 d0 ff de 9b a5 f9 62 f0 f9 f8 5c 82 f0 | unwrapped: 5f d7 a9 82 e2 aa 42 6c 60 70 ba 5f 22 aa 81 e8 | unwrapped: f4 fe cc 72 e5 28 1c 6e 3c ac 44 e2 38 11 34 a4 | unwrapped: b8 5f 28 9b dd 74 65 d4 ef 6e 4a 05 3a 0b ba 33 | unwrapped: 11 c7 0d 49 75 7a ce ac 9e c0 5a 0c eb d8 71 3c | unwrapped: bf 2d 47 95 ff ee 9c ef b7 95 e6 ad 25 66 ae 0c | unwrapped: 25 e9 2b b8 ba 42 c0 14 8d 27 eb 66 c7 d3 65 48 | unwrapped: 3f c8 db 42 48 66 b0 26 9f 27 de fa 66 30 bc c0 | unwrapped: 91 63 9c 27 8d 8f fd 80 a3 ee c6 b9 9a 48 f9 1d | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | 94 13 01 bf f9 6d 03 77 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | 89 1f 46 71 19 4f c9 54 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e1710 | result: final-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150a70 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16f8 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150a70 | SKEYID_e PRF sha final-key@0x5573f414f010 (size 20) | SKEYID_e: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x5573f414f010 (size 20) | appendix_b: SKEYID_e-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7ffab4003b00 from SKEYID_e-key@0x5573f4150a70 | appendix_b prf: begin sha with context 0x7ffab4003b00 from SKEYID_e-key@0x5573f4150a70 | appendix_b: release clone-key@0x5573f4150a70 | appendix_b PRF sha crypt-prf@0x7ffab4001548 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e16f0 | result: final-key@0x5573f41619f0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f41619f0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16d8 | result: final-key@0x5573f4150a70 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f41619f0 | appendix_b PRF sha final-key@0x5573f4150a70 (size 20) | appendix_b: key-key@0x5573f4150a70 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x5573f4150a70 | Kn PRF sha init SKEYID_e-key@0x5573f414f010 (size 20) | Kn: SKEYID_e-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16e8 | result: clone-key@0x5573f41619f0 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7ffab4003b00 from SKEYID_e-key@0x5573f41619f0 | Kn prf: begin sha with context 0x7ffab4003b00 from SKEYID_e-key@0x5573f41619f0 | Kn: release clone-key@0x5573f41619f0 | Kn PRF sha crypt-prf@0x7ffab4001278 | Kn PRF sha update old_k-key@0x5573f4150a70 (size 20) | Kn: old_k-key@0x5573f4150a70 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f4150a70 | nss hmac digest hack: symkey-key@0x5573f4150a70 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073097: 77 54 09 6b 43 34 19 72 12 03 46 ad fe da 8c d3 b0 e1 9a 1e 21 e1 c5 42 13 a6 b1 31 7d f1 21 90 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab4001598 | unwrapped: ac 6a fa 86 cd 50 a6 dd 66 d6 dc 45 dd 96 0c 76 | unwrapped: 07 3a c8 a8 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac97e16f0 | result: final-key@0x5573f4165b30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4165b30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e16d8 | result: final-key@0x5573f41619f0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4165b30 | Kn PRF sha final-key@0x5573f41619f0 (size 20) | Kn: key-key@0x5573f41619f0 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f4150a70 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7ffac97e1768 | result: result-key@0x5573f4165b30 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x5573f4150a70 | appendix_b_keymat_e: release old_k#N-key@0x5573f4150a70 | appendix_b_keymat_e: release old_k#final-key@0x5573f41619f0 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5573f4165b30 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac97e1768 | result: cryptkey-key@0x5573f41619f0 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x5573f4165b30 | NSS: pointers skeyid_d 0x5573f40bfec0, skeyid_a 0x5573f414d560, skeyid_e 0x5573f414f010, enc_key 0x5573f41619f0 | DH_i: 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | DH_i: d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | DH_i: a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | DH_i: 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | DH_i: 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | DH_i: f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | DH_i: 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | DH_i: e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | DH_i: 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | DH_i: 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | DH_i: b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | DH_i: cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | DH_i: 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | DH_i: e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | DH_i: 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | DH_i: d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | DH_r: ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | DH_r: b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | DH_r: 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | DH_r: 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | DH_r: e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | DH_r: 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | DH_r: a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | DH_r: 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | DH_r: 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | DH_r: 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | DH_r: 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | DH_r: 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | DH_r: a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | DH_r: 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | DH_r: 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | DH_r: 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | new IV hash sha final chunk@0x7ffab4001598 (length 20) | 82 02 c0 70 3b b1 c7 8b f2 ac 9f 7d 2f 9a 97 fc | 48 68 10 6b | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 26 time elapsed 0.001347 seconds | (#19) spent 1.35 milliseconds in crypto helper computing work-order 26: aggr outR1 DH (pcr) | crypto helper 2 sending results from work-order 26 for state #19 to event queue | scheduling resume sending helper answer for #19 | libevent_malloc: new ptr-libevent@0x7ffab4001378 size 128 | crypto helper 2 waiting (nothing to do) | processing resume sending helper answer for #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 2 replies to request ID 26 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #19: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffab0005698: transferring ownership from helper IKEv1 DH+IV to state #19 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 94 13 01 bf f9 6d 03 77 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 89 1f 46 71 19 4f c9 54 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | 94 54 80 54 | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 94 13 01 bf f9 6d 03 77 | natd_hash: rcookie= 89 1f 46 71 19 4f c9 54 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | natd_hash: hash= 94 54 80 54 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | 94 13 01 bf f9 6d 03 77 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | 89 1f 46 71 19 4f c9 54 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | 5f cd d2 1c | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= 94 13 01 bf f9 6d 03 77 | natd_hash: rcookie= 89 1f 46 71 19 4f c9 54 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | natd_hash: hash= 5f cd d2 1c | expected NAT-D(me): 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | expected NAT-D(me): 94 54 80 54 | expected NAT-D(him): | 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | 5f cd d2 1c | received NAT-D: 8b bf 0b a0 a2 d2 fd b9 6c a8 cd a4 3c 73 d3 07 | received NAT-D: 94 54 80 54 | received NAT-D: 0e 0e bb 6c ae 0e 09 47 63 44 95 5d 34 7e 70 95 | received NAT-D: 5f cd d2 1c | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x5573f4165a28 | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 94 13 01 bf f9 6d 03 77 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 89 1f 46 71 19 4f c9 54 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | fa 6a 9f 5c 75 c1 1b 1d 65 51 87 1e 03 de 1c 46 | 73 91 ec 86 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I fa 6a 9f 5c 75 c1 1b 1d 65 51 87 1e 03 de 1c 46 | HASH_I 73 91 ec 86 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: fa 6a 9f 5c 75 c1 1b 1d 65 51 87 1e 03 de 1c 46 | encrypting: 73 91 ec 86 | IV: 82 02 c0 70 3b b1 c7 8b f2 ac 9f 7d 2f 9a 97 fc | IV: 48 68 10 6b | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: fb d3 ed 75 c5 10 7e 8d | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #19: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffab00058f8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41634d8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 05 10 02 01 00 00 00 00 00 00 00 44 b8 05 d0 b9 | 80 fb b7 85 76 c6 35 bd 2c 41 7b f8 2e cb 17 96 | 4e 26 ee 50 01 3b 14 94 1d 23 f8 53 fb d3 ed 75 | c5 10 7e 8d | !event_already_set at reschedule "3des" #19: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #19 | libevent_malloc: new ptr-libevent@0x5573f416e348 size 128 | #19 STATE_MAIN_I3: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10454.721073 "3des" #19: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #19 suppresed complete_v1_state_transition() | #19 spent 0.317 milliseconds in resume sending helper answer | stop processing: state #19 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab4001378 | spent 0.00195 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 05 10 02 01 00 00 00 00 00 00 00 44 d7 53 96 17 | 66 e8 d1 25 8c c3 2e 36 94 ea cc 84 67 4d c5 ed | 73 2a 27 19 b9 d5 a7 ba f5 98 99 26 9d b9 08 a1 | d2 ff de c4 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #19 in MAIN_I3 (find_state_ikev1) | start processing: state #19 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #19 is idle | #19 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: fb d3 ed 75 c5 10 7e 8d | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 9d b9 08 a1 d2 ff de c4 | decrypted payload (starts at offset -40): | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 2c 94 e4 25 | 31 ff 76 0e 4c a0 b1 94 1e d3 1c c9 ca 3f 7c 1e | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #19: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f4150e50 (size 20) | hmac: symkey-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f4165b30 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f4165b30 | hmac: release clone-key@0x5573f4165b30 | hmac PRF sha crypt-prf@0x7ffab4001598 | hmac PRF sha update data-bytes@0x7ffabc002a18 (length 256) | ac b2 6a f8 11 54 b9 29 2a a1 7b d5 db 3b 7b b9 | b8 0a 3e c7 78 ce 8d 2f e3 3c 30 d6 1b 05 cc de | 44 d9 40 8c 1f b7 6c 5e ae 7b 55 dc 91 bd d2 4f | 62 76 41 aa 02 8d 74 96 1a 8f d2 26 d3 0e 4b 16 | e9 d6 2d 2b 5a d6 66 78 80 d1 08 82 4b 1c b8 e1 | 8d a2 1e 1b c0 0a 8d f1 90 94 bc cb 8f f3 b6 d2 | a7 42 7e 94 b4 cf 3e e0 70 7a 87 f5 3b 43 90 c3 | 90 3c 03 3b 7f cd b9 0c c6 d3 3a 80 10 3c c5 63 | 40 91 b8 b6 c2 c3 8c 11 8e 33 3f 4b 57 14 7c 37 | 5a 3f e4 1b 5e 33 46 91 5f 25 40 83 5b e4 83 f9 | 18 9e c6 47 a2 13 14 1d 05 08 0b 1e 8b 06 fb 38 | 9c 1e d0 cb 96 d4 bd 3a 7e 52 a1 94 5f 15 a8 86 | a8 50 c2 d6 83 32 cf 77 9f 20 f1 42 b5 8f 96 66 | 9b e5 04 65 20 18 71 3a 88 7b a6 39 54 90 b7 dc | 5c 54 9d ad d7 de 28 45 f3 59 cb 67 24 4d d6 9b | 98 f1 ff 3a 9c 00 cf af f4 54 f4 45 c9 0f 3b 17 | hmac PRF sha update data-bytes@0x7ffab0001f78 (length 256) | 08 6b 79 0d a0 18 3f 61 73 74 fd c5 8c 4e e2 8f | d6 76 a0 ef ad a5 50 ef 79 2d fc 5a 69 77 4a 95 | a9 43 32 f9 3a 89 6d 68 1f dc 74 93 de c5 11 6f | 38 1b 94 f3 cb f7 1e 30 ff 30 0b 78 59 43 30 3e | 38 2f 5a 0d f2 49 75 25 7b 2e 55 ab d1 41 87 4c | f2 10 12 36 00 b2 7b 79 cb 59 db ee 3d e7 c3 18 | 72 cf 83 e0 40 00 cb 66 d7 a0 18 7e 4f 57 24 69 | e7 f8 3b 02 29 98 4b ad da f3 eb 45 46 45 90 35 | 47 9c d6 6b 41 4f eb 4c 91 7f b5 b6 08 82 e3 f3 | 89 a0 58 a5 cb 74 1f c9 d2 3c 15 db 45 67 dc 39 | b7 26 02 a0 1e 22 ec 01 c4 97 84 12 04 e5 07 2e | cf 11 63 8d 47 3a 07 fa 53 ba 46 c5 1d 97 5d 17 | 80 bc 3a 9f bb 5d 41 f6 fb 3d 5a e9 a4 b7 d7 12 | e0 4b 43 85 1b a2 a1 35 09 e4 11 a4 48 6f ee 8e | 3e ee 66 01 68 27 2b a4 65 16 6c 0e 59 4e 68 0a | d6 94 84 9d 98 5b 05 23 ff 49 eb dc 57 61 7c f0 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | 89 1f 46 71 19 4f c9 54 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | 94 13 01 bf f9 6d 03 77 | hashing 48 bytes of SA | hmac PRF sha update data-bytes@0x5573f41632fc (length 48) | 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 | 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | hmac PRF sha update data-bytes@0x5573f41555e8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | 2c 94 e4 25 31 ff 76 0e 4c a0 b1 94 1e d3 1c c9 | ca 3f 7c 1e | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #19 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #19: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #19 requesting EVENT_RETRANSMIT to be deleted | #19 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f416e348 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41634d8 | inserting event EVENT_SA_REPLACE, timeout in 2803 seconds for #19 | libevent_malloc: new ptr-libevent@0x7ffab4001378 size 128 | pstats #19 ikev1.isakmp established "3des" #19: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #19 | creating state object #20 at 0x5573f4166828 | State DB: adding IKEv1 state #20 in UNDEFINED | pstats #20 ikev1.ipsec started | duplicating state object #19 "3des" as #20 for IPSEC SA | #20 setting local endpoint to 192.1.2.45:500 from #19.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_d_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ai_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f41619f0 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #19 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #20 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #20: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #20: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#19 msgid:88d63e55 proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 27 for state #20 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x5573f40c4618 size 128 | stop processing: state #20 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #19 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | crypto helper 5 resuming | crypto helper 5 starting work-order 27 for state #20 | unqueuing pending Quick Mode with 192.1.2.23 "3des" | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 27 | removing pending policy for no connection {0x5573f4161aa8} | close_any(fd@24) (in release_whack() at state.c:654) | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | #19 spent 0.372 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | stop processing: state #19 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.524 milliseconds in comm_handle_cb() reading and processing packet | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffaa8006448: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffaa8006448 | NSS: Public DH wire value: | d6 d8 4e 92 2b a1 35 53 ec 9a 65 f4 46 39 48 97 | c2 44 c6 67 57 57 c5 46 5d 99 4a 67 98 4a b1 38 | 2d 05 17 64 84 c6 2a 6a 7e 02 05 ff f2 13 f4 f9 | d6 44 9f 32 16 ea 4b 19 5f 7d b5 7a fe f3 d6 82 | ed 97 d0 3b 91 79 0b 8a 73 a1 fa 13 d9 99 23 14 | 93 ef e6 08 ea 03 5a d7 a7 c1 ce 5e c0 d0 00 8f | 0d 38 d5 8d bd 4b 74 0d c8 0e 7c b8 84 9a 32 91 | 89 26 5f 0b 75 f6 89 4d 67 01 0d 6f 63 d7 93 83 | 3c 3d f8 80 84 e6 8a 19 e1 e2 9d 59 58 e2 a1 3c | ac f7 65 da 08 2e 21 57 31 cf 83 28 0f eb 97 a4 | d7 34 2b 46 46 1f ac e4 3c 7b ec 61 f1 b2 c2 01 | fc a5 3f 5d ac 09 fb 9e 9b c9 09 53 d2 8a 70 fc | 3d 1a 16 59 f0 73 fa f5 d7 eb 48 52 b5 e3 44 cf | dd e3 36 e8 f5 3e 04 8e 4f c2 b0 2e a1 a2 cd 5c | 8a c5 fd 68 fb 10 3f 6e 1a ec db 69 6f 86 24 b0 | 11 b1 c9 5a 3a 2b ee 89 44 b8 b6 a6 65 c2 c3 df | Generated nonce: d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | Generated nonce: a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 27 time elapsed 0.000666 seconds | (#20) spent 0.655 milliseconds in crypto helper computing work-order 27: quick_outI1 KE (pcr) | crypto helper 5 sending results from work-order 27 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7ffaa8003978 size 128 | crypto helper 5 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 5 replies to request ID 27 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #20: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2295742037 (0x88d63e55) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x2044e497 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 20 44 e4 97 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | Ni a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffaa8006448: transferring ownership from helper KE to state #20 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value d6 d8 4e 92 2b a1 35 53 ec 9a 65 f4 46 39 48 97 | keyex value c2 44 c6 67 57 57 c5 46 5d 99 4a 67 98 4a b1 38 | keyex value 2d 05 17 64 84 c6 2a 6a 7e 02 05 ff f2 13 f4 f9 | keyex value d6 44 9f 32 16 ea 4b 19 5f 7d b5 7a fe f3 d6 82 | keyex value ed 97 d0 3b 91 79 0b 8a 73 a1 fa 13 d9 99 23 14 | keyex value 93 ef e6 08 ea 03 5a d7 a7 c1 ce 5e c0 d0 00 8f | keyex value 0d 38 d5 8d bd 4b 74 0d c8 0e 7c b8 84 9a 32 91 | keyex value 89 26 5f 0b 75 f6 89 4d 67 01 0d 6f 63 d7 93 83 | keyex value 3c 3d f8 80 84 e6 8a 19 e1 e2 9d 59 58 e2 a1 3c | keyex value ac f7 65 da 08 2e 21 57 31 cf 83 28 0f eb 97 a4 | keyex value d7 34 2b 46 46 1f ac e4 3c 7b ec 61 f1 b2 c2 01 | keyex value fc a5 3f 5d ac 09 fb 9e 9b c9 09 53 d2 8a 70 fc | keyex value 3d 1a 16 59 f0 73 fa f5 d7 eb 48 52 b5 e3 44 cf | keyex value dd e3 36 e8 f5 3e 04 8e 4f c2 b0 2e a1 a2 cd 5c | keyex value 8a c5 fd 68 fb 10 3f 6e 1a ec db 69 6f 86 24 b0 | keyex value 11 b1 c9 5a 3a 2b ee 89 44 b8 b6 a6 65 c2 c3 df | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x5573f416e578 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | 88 d6 3e 55 | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 20 44 e4 97 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 d2 3d af df f8 58 15 f1 | 33 0d 36 85 08 ba 99 46 a2 12 3a d7 a2 94 f2 a3 | de 8f 2d 76 6c 84 9b 7c 05 00 01 04 d6 d8 4e 92 | 2b a1 35 53 ec 9a 65 f4 46 39 48 97 c2 44 c6 67 | 57 57 c5 46 5d 99 4a 67 98 4a b1 38 2d 05 17 64 | 84 c6 2a 6a 7e 02 05 ff f2 13 f4 f9 d6 44 9f 32 | 16 ea 4b 19 5f 7d b5 7a fe f3 d6 82 ed 97 d0 3b | 91 79 0b 8a 73 a1 fa 13 d9 99 23 14 93 ef e6 08 | ea 03 5a d7 a7 c1 ce 5e c0 d0 00 8f 0d 38 d5 8d | bd 4b 74 0d c8 0e 7c b8 84 9a 32 91 89 26 5f 0b | 75 f6 89 4d 67 01 0d 6f 63 d7 93 83 3c 3d f8 80 | 84 e6 8a 19 e1 e2 9d 59 58 e2 a1 3c ac f7 65 da | 08 2e 21 57 31 cf 83 28 0f eb 97 a4 d7 34 2b 46 | 46 1f ac e4 3c 7b ec 61 f1 b2 c2 01 fc a5 3f 5d | ac 09 fb 9e 9b c9 09 53 d2 8a 70 fc 3d 1a 16 59 | f0 73 fa f5 d7 eb 48 52 b5 e3 44 cf dd e3 36 e8 | f5 3e 04 8e 4f c2 b0 2e a1 a2 cd 5c 8a c5 fd 68 | fb 10 3f 6e 1a ec db 69 6f 86 24 b0 11 b1 c9 5a | 3a 2b ee 89 44 b8 b6 a6 65 c2 c3 df 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 31 26 bd e5 7a 09 08 9e 2d 67 7d 8d bb d7 c2 01 | e4 e5 43 7a | outI1 HASH(1): | 31 26 bd e5 7a 09 08 9e 2d 67 7d 8d bb d7 c2 01 | e4 e5 43 7a | last Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | current Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | 88 d6 3e 55 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 2b 4d 66 4c 87 56 3d 2f 07 7d 00 ed 39 26 d6 ff | aa 56 49 c1 | encrypting: 01 00 00 18 31 26 bd e5 7a 09 08 9e 2d 67 7d 8d | encrypting: bb d7 c2 01 e4 e5 43 7a 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 20 44 e4 97 | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | encrypting: a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | encrypting: 05 00 01 04 d6 d8 4e 92 2b a1 35 53 ec 9a 65 f4 | encrypting: 46 39 48 97 c2 44 c6 67 57 57 c5 46 5d 99 4a 67 | encrypting: 98 4a b1 38 2d 05 17 64 84 c6 2a 6a 7e 02 05 ff | encrypting: f2 13 f4 f9 d6 44 9f 32 16 ea 4b 19 5f 7d b5 7a | encrypting: fe f3 d6 82 ed 97 d0 3b 91 79 0b 8a 73 a1 fa 13 | encrypting: d9 99 23 14 93 ef e6 08 ea 03 5a d7 a7 c1 ce 5e | encrypting: c0 d0 00 8f 0d 38 d5 8d bd 4b 74 0d c8 0e 7c b8 | encrypting: 84 9a 32 91 89 26 5f 0b 75 f6 89 4d 67 01 0d 6f | encrypting: 63 d7 93 83 3c 3d f8 80 84 e6 8a 19 e1 e2 9d 59 | encrypting: 58 e2 a1 3c ac f7 65 da 08 2e 21 57 31 cf 83 28 | encrypting: 0f eb 97 a4 d7 34 2b 46 46 1f ac e4 3c 7b ec 61 | encrypting: f1 b2 c2 01 fc a5 3f 5d ac 09 fb 9e 9b c9 09 53 | encrypting: d2 8a 70 fc 3d 1a 16 59 f0 73 fa f5 d7 eb 48 52 | encrypting: b5 e3 44 cf dd e3 36 e8 f5 3e 04 8e 4f c2 b0 2e | encrypting: a1 a2 cd 5c 8a c5 fd 68 fb 10 3f 6e 1a ec db 69 | encrypting: 6f 86 24 b0 11 b1 c9 5a 3a 2b ee 89 44 b8 b6 a6 | encrypting: 65 c2 c3 df 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: 2b 4d 66 4c 87 56 3d 2f 07 7d 00 ed 39 26 d6 ff | IV: aa 56 49 c1 | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 75 22 11 d8 bc 14 5c 43 | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 20 01 88 d6 3e 55 00 00 01 b4 e8 be 46 c0 | cb a7 37 de 33 d0 f3 6e 43 64 bc 2a d7 54 c7 b9 | 64 9e 61 e7 bf e3 7e 02 a2 81 b2 f0 9f 4a 59 d0 | 50 df b0 e7 8c 30 fe 75 46 34 ae 53 a7 61 d3 4c | 43 11 64 9d ea 21 5a 32 45 91 b9 4b 81 40 cd 2f | 09 ad 51 c6 2d ea d3 43 f2 b1 29 9c b3 38 fc 19 | 09 5c c8 83 85 62 af 68 cd f4 d8 03 db ad a5 ab | 70 fb bd 97 b9 27 12 8e f4 9e 64 c6 7f 82 0f 20 | c8 b8 79 7c aa 2e 5e 09 56 d0 85 7b 5c 81 ac fe | b5 34 bd 09 26 bd e5 5c 9d ae 31 4e f7 90 fa cb | f4 03 fe 34 21 fe f4 7e 86 19 cf 19 7c 17 71 ee | d2 24 64 97 93 9d 74 a5 b2 de 40 7c 37 6b 55 78 | ba 08 6e 8e 46 ec 16 6d de 7f 74 05 cd 5a 38 a4 | 2c 1e 26 c4 d8 48 b9 73 a5 23 28 80 5c 15 83 b8 | bc 62 37 6e 41 83 58 0f 76 ef fc 15 ea ea a7 81 | 44 51 8c 81 41 8d 43 ec de 04 71 0d 51 94 4a 2f | f9 2e aa 12 27 5d e6 cb 9c 0c 49 90 74 8f 61 8f | 12 de d2 97 49 15 1c 54 e2 f1 74 78 da 6b 5f ab | e9 d5 28 b4 f8 b8 43 93 4f 65 93 e4 3d 66 18 d6 | 21 f3 0f 07 ab 29 03 59 93 f3 60 8e 0a 58 67 e3 | 2f be 88 1c c4 9a ac b4 e8 db 8f 97 de 35 ab 4f | 3a b4 9e c7 cb 0f 9d 97 ec 7c 31 fd a7 03 4d d3 | 13 49 9d b7 e4 06 0f fc d6 8e 63 3f 03 75 02 dd | ff 5d ce 85 f0 b7 e4 40 1a dd 4a ba f2 e8 e5 c5 | 44 16 47 39 fe 8a 96 fd 53 66 7f 35 7d 47 15 1f | 65 45 4c b3 88 1d 87 c9 66 f7 a0 7c 75 22 11 d8 | bc 14 5c 43 | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f40c4618 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 "3des" #20: IMPAIR: suppressing retransmits; scheduling timeout in 60 seconds | event_schedule: new EVENT_RETRANSMIT-pe@0x7ffab4002b78 | inserting event EVENT_RETRANSMIT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x5573f4169048 size 128 | #20 STATE_QUICK_I1: retransmits: first event in 60 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10454.723735 | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 0.853 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaa8003978 | spent 0.00308 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 20 01 88 d6 3e 55 00 00 01 b4 a5 4f 3f 30 | a8 37 97 8c 73 52 8a ba cb 32 1a 6b c7 0b 29 94 | e9 f6 9e 41 ad 27 72 31 93 eb 92 0f f3 3d 98 bd | 5e 37 f8 1d 55 b0 5d e7 8f 37 62 93 0d 76 1e 3f | ea 86 88 06 bd ec 45 84 81 69 b8 9b d1 22 8f 33 | 44 b4 bd b3 2e be cc fa c8 d3 ef 0e 13 77 5e 4b | 99 8c 8d df cd f9 51 7d 3a 0d 91 65 d0 45 35 bb | dd e0 b9 4a f5 2a 47 8d 49 3d 24 56 5e 89 71 e7 | 43 27 a4 b7 0d 8b fd 3d 6f 52 c8 cb 40 b2 69 df | ba fc 5a 19 ae 82 83 86 36 75 48 d7 99 97 05 1b | 84 95 cc 5f 4e 45 0e 4c b4 37 61 8d 46 0c 5b 3c | 79 b3 ea 43 ad 63 9c d6 bb 67 ce 43 5f b9 3f 6b | 13 23 02 31 e6 4a 6d dc 32 92 25 6f 1c a5 c3 c7 | 2d aa 01 34 7b 4a b9 02 85 79 d5 97 71 1b af 31 | 32 e6 8c 9b ed 71 e5 b7 1a df 61 6c cc e2 12 8f | 89 64 29 b0 b2 6d 46 aa db 09 41 29 57 db 7e e8 | 35 f7 a3 45 30 35 98 70 97 90 77 87 99 be eb b9 | eb 18 6d d2 e4 25 b8 d2 2e 64 a9 8b 41 64 b0 a8 | 38 36 de 3a 7b 4b f8 f3 8a 76 94 85 a7 0d 30 35 | 42 9b d5 f9 78 07 5c c0 7a 59 d8 27 e5 83 c5 3e | 2c 4a f4 a9 03 95 b8 01 1d 0b 82 02 3a c0 d0 ee | ef 57 58 b5 39 6a 05 c8 43 37 66 79 b5 16 71 c4 | 94 ee 03 13 95 43 80 85 e2 cd 09 27 72 5c 10 c2 | 16 3f 4f f1 02 3f b3 db 70 4b 01 98 71 44 0c 30 | 71 ea 21 6e ea 88 e4 fe 7e ff b6 d1 55 b3 d0 6a | 19 18 f6 fa d7 e0 72 42 a5 82 d5 d1 01 91 e2 fb | f4 85 8b 02 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2295742037 (0x88d63e55) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #20 in QUICK_I1 (find_state_ikev1) | start processing: state #20 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #20 is idle | #20 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 75 22 11 d8 bc 14 5c 43 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 01 91 e2 fb f4 85 8b 02 | decrypted payload (starts at offset -408): | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 20 01 88 d6 3e 55 00 00 01 b4 01 00 00 18 | 83 9b 5a 61 46 01 aa 0e ec f3 41 f0 c4 85 8b 7c | d8 46 66 52 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 f2 3b 27 9b 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 37 23 9d d0 | 8c cd 51 7c 3c bd ec 64 c9 db 43 5b 71 7e 1c 2f | 6f 67 d9 bd e9 8a 75 62 82 4f db fd 05 00 01 04 | 3c 5e cf a7 1e aa c1 3e 40 07 28 69 2e 86 cb 40 | 61 60 20 c7 b3 a4 68 4e 4c 74 9b 61 d0 08 b4 cf | 8a 2c cc c4 28 cd d0 ee 55 56 29 23 30 b0 cb d5 | ed f6 e0 e9 37 7e c8 0a a0 1e d7 f3 ec a3 1a 62 | ea 30 01 f1 86 2f e2 8d 89 43 b5 ff ed 3a 4f 02 | 80 68 d8 60 a1 fc 08 8f 8e 21 a5 1e 8e 56 6b cf | 33 8a 46 99 0a ca 21 49 c8 b4 4d 39 f7 d6 46 37 | 3e a0 47 3b 3e 48 9f 20 e4 3b d2 0c af 45 1f 98 | ad a7 ba 63 3b c6 82 51 7b f1 68 70 24 ae 22 71 | 7d 83 66 5a 31 86 b0 92 cd 93 3e 9f af b8 9c 4a | fa 42 85 14 dc d0 26 56 fa db 3b 01 09 68 be 20 | 4a f8 93 3b f7 fd 9a d0 c5 b3 91 83 68 42 d1 de | 04 a7 bd 4c 5b 9d 1d 10 42 9f 90 6f 3d 47 41 40 | 70 81 71 f1 34 bb fb 3e 5b a5 4f 10 07 e7 03 ef | d8 7b 13 c1 9e 93 c2 48 b1 29 8d 46 a0 23 ff e2 | 32 ff 27 60 93 c5 82 6b a8 85 12 af b2 92 dd 1b | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x5573f416e578 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | 88 d6 3e 55 | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | HASH(1) PRF sha update payload-bytes@0x5573f416896c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 f2 3b 27 9b 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 37 23 9d d0 8c cd 51 7c | 3c bd ec 64 c9 db 43 5b 71 7e 1c 2f 6f 67 d9 bd | e9 8a 75 62 82 4f db fd 05 00 01 04 3c 5e cf a7 | 1e aa c1 3e 40 07 28 69 2e 86 cb 40 61 60 20 c7 | b3 a4 68 4e 4c 74 9b 61 d0 08 b4 cf 8a 2c cc c4 | 28 cd d0 ee 55 56 29 23 30 b0 cb d5 ed f6 e0 e9 | 37 7e c8 0a a0 1e d7 f3 ec a3 1a 62 ea 30 01 f1 | 86 2f e2 8d 89 43 b5 ff ed 3a 4f 02 80 68 d8 60 | a1 fc 08 8f 8e 21 a5 1e 8e 56 6b cf 33 8a 46 99 | 0a ca 21 49 c8 b4 4d 39 f7 d6 46 37 3e a0 47 3b | 3e 48 9f 20 e4 3b d2 0c af 45 1f 98 ad a7 ba 63 | 3b c6 82 51 7b f1 68 70 24 ae 22 71 7d 83 66 5a | 31 86 b0 92 cd 93 3e 9f af b8 9c 4a fa 42 85 14 | dc d0 26 56 fa db 3b 01 09 68 be 20 4a f8 93 3b | f7 fd 9a d0 c5 b3 91 83 68 42 d1 de 04 a7 bd 4c | 5b 9d 1d 10 42 9f 90 6f 3d 47 41 40 70 81 71 f1 | 34 bb fb 3e 5b a5 4f 10 07 e7 03 ef d8 7b 13 c1 | 9e 93 c2 48 b1 29 8d 46 a0 23 ff e2 32 ff 27 60 | 93 c5 82 6b a8 85 12 af b2 92 dd 1b 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | 83 9b 5a 61 46 01 aa 0e ec f3 41 f0 c4 85 8b 7c | d8 46 66 52 | quick_inR1_outI2 HASH(2): | 83 9b 5a 61 46 01 aa 0e ec f3 41 f0 c4 85 8b 7c | d8 46 66 52 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI f2 3b 27 9b | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 3c 5e cf a7 1e aa c1 3e 40 07 28 69 2e 86 cb 40 | 61 60 20 c7 b3 a4 68 4e 4c 74 9b 61 d0 08 b4 cf | 8a 2c cc c4 28 cd d0 ee 55 56 29 23 30 b0 cb d5 | ed f6 e0 e9 37 7e c8 0a a0 1e d7 f3 ec a3 1a 62 | ea 30 01 f1 86 2f e2 8d 89 43 b5 ff ed 3a 4f 02 | 80 68 d8 60 a1 fc 08 8f 8e 21 a5 1e 8e 56 6b cf | 33 8a 46 99 0a ca 21 49 c8 b4 4d 39 f7 d6 46 37 | 3e a0 47 3b 3e 48 9f 20 e4 3b d2 0c af 45 1f 98 | ad a7 ba 63 3b c6 82 51 7b f1 68 70 24 ae 22 71 | 7d 83 66 5a 31 86 b0 92 cd 93 3e 9f af b8 9c 4a | fa 42 85 14 dc d0 26 56 fa db 3b 01 09 68 be 20 | 4a f8 93 3b f7 fd 9a d0 c5 b3 91 83 68 42 d1 de | 04 a7 bd 4c 5b 9d 1d 10 42 9f 90 6f 3d 47 41 40 | 70 81 71 f1 34 bb fb 3e 5b a5 4f 10 07 e7 03 ef | d8 7b 13 c1 9e 93 c2 48 b1 29 8d 46 a0 23 ff e2 | 32 ff 27 60 93 c5 82 6b a8 85 12 af b2 92 dd 1b | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffaa8006448: transferring ownership from state #20 to helper IKEv1 DH | adding quick outI2 DH work-order 28 for state #20 | state #20 requesting EVENT_RETRANSMIT to be deleted | #20 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4169048 | free_event_entry: release EVENT_RETRANSMIT-pe@0x7ffab4002b78 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #20 | libevent_malloc: new ptr-libevent@0x7ffaa8003978 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #20 and saving MD | #20 is busy; has a suspended MD | crypto helper 6 resuming | #20 spent 0.11 milliseconds in process_packet_tail() | crypto helper 6 starting work-order 28 for state #20 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 6 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 | stop processing: state #20 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: 3c 5e cf a7 1e aa c1 3e 40 07 28 69 2e 86 cb 40 | peer's g: 61 60 20 c7 b3 a4 68 4e 4c 74 9b 61 d0 08 b4 cf | peer's g: 8a 2c cc c4 28 cd d0 ee 55 56 29 23 30 b0 cb d5 | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: ed f6 e0 e9 37 7e c8 0a a0 1e d7 f3 ec a3 1a 62 | peer's g: ea 30 01 f1 86 2f e2 8d 89 43 b5 ff ed 3a 4f 02 | peer's g: 80 68 d8 60 a1 fc 08 8f 8e 21 a5 1e 8e 56 6b cf | peer's g: 33 8a 46 99 0a ca 21 49 c8 b4 4d 39 f7 d6 46 37 | peer's g: 3e a0 47 3b 3e 48 9f 20 e4 3b d2 0c af 45 1f 98 | peer's g: ad a7 ba 63 3b c6 82 51 7b f1 68 70 24 ae 22 71 | peer's g: 7d 83 66 5a 31 86 b0 92 cd 93 3e 9f af b8 9c 4a | peer's g: fa 42 85 14 dc d0 26 56 fa db 3b 01 09 68 be 20 | peer's g: 4a f8 93 3b f7 fd 9a d0 c5 b3 91 83 68 42 d1 de | peer's g: 04 a7 bd 4c 5b 9d 1d 10 42 9f 90 6f 3d 47 41 40 | peer's g: 70 81 71 f1 34 bb fb 3e 5b a5 4f 10 07 e7 03 ef | peer's g: d8 7b 13 c1 9e 93 c2 48 b1 29 8d 46 a0 23 ff e2 | peer's g: 32 ff 27 60 93 c5 82 6b a8 85 12 af b2 92 dd 1b | spent 0.394 milliseconds in comm_handle_cb() reading and processing packet | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffaa8006448: computed shared DH secret key@0x5573f4165b30 | dh-shared : g^ir-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 6 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 28 time elapsed 0.000603 seconds | (#20) spent 0.597 milliseconds in crypto helper computing work-order 28: quick outI2 DH (pcr) | crypto helper 6 sending results from work-order 28 for state #20 to event queue | scheduling resume sending helper answer for #20 | libevent_malloc: new ptr-libevent@0x7ffaac0012c8 size 128 | crypto helper 6 waiting (nothing to do) | processing resume sending helper answer for #20 | start processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 6 replies to request ID 28 | calling continuation function 0x5573f2c98b50 | quick_inR1_outI2_continue for #20: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2295742037 (0x88d63e55) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7ffaa8006448: transferring ownership from helper IKEv1 DH to state #20 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0b08 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4150a70 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4150a70 | HASH(1): release clone-key@0x5573f4150a70 | HASH(1) PRF sha crypt-prf@0x7ffab4001598 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0bec (length 4) | 88 d6 3e 55 | HASH(1) PRF sha update Ni_b-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | HASH(1) PRF sha update Nr_b-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | c3 80 bd 82 37 55 55 40 d4 b3 69 72 14 95 1d f2 | 59 75 e5 76 | quick_inR1_outI2 HASH(3): | c3 80 bd 82 37 55 55 40 d4 b3 69 72 14 95 1d f2 | 59 75 e5 76 | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x5573f416e578 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f416e348 | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 20 44 e4 97 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | f2 3b 27 9b | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha final-bytes@0x7ffabc004218 (length 20) | ec 93 56 9a 2c 32 cf 62 65 5e bb 7d c4 1a 25 6b | 68 df 2f 9d | hmac PRF sha final-bytes@0x5573f41635f8 (length 20) | ed b7 eb 97 b9 2e b1 a3 3e a4 1a d1 51 ac 46 50 | 84 4a 6e 96 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f416e5c8 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x7ffab4001598 | hmac PRF sha update data-bytes@0x7ffabc004218 (length 20) | ec 93 56 9a 2c 32 cf 62 65 5e bb 7d c4 1a 25 6b | 68 df 2f 9d | hmac PRF sha update data-bytes@0x5573f41635f8 (length 20) | ed b7 eb 97 b9 2e b1 a3 3e a4 1a d1 51 ac 46 50 | 84 4a 6e 96 | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 20 44 e4 97 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | f2 3b 27 9b | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha final-bytes@0x7ffabc00422c (length 20) | 1d 14 61 ce ba 46 af 44 a0 30 76 a6 2c 2d c2 fb | 4e e4 f7 5d | hmac PRF sha final-bytes@0x5573f416360c (length 20) | f5 69 d9 52 08 e4 a7 f8 d8 fa ba 01 f0 f9 44 b7 | f1 15 d6 8d | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffaac002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x5573f416e578 | hmac PRF sha init symkey-key@0x5573f40bfec0 (size 20) | hmac: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x7ffac0002b50 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f416e348 | hmac PRF sha update data-bytes@0x7ffabc00422c (length 20) | 1d 14 61 ce ba 46 af 44 a0 30 76 a6 2c 2d c2 fb | 4e e4 f7 5d | hmac PRF sha update data-bytes@0x5573f416360c (length 20) | f5 69 d9 52 08 e4 a7 f8 d8 fa ba 01 f0 f9 44 b7 | f1 15 d6 8d | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update g^xy-key@0x5573f4165b30 (size 256) | hmac: g^xy-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4165b30 | nss hmac digest hack: symkey-key@0x5573f4165b30 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 6c 8a 80 b9 c5 ea 87 c5 9a b3 42 2e 6a b7 1b 38 f8 8c 25 ab 1f 02 6f db e5 27 61 af 7e 58 38 73 66 3f 38 ca ae 2e df d8 c3 20 38 42 5d 70 6b 48 4b 19 4c 83 cc d1 70 24 72 96 63 9a 7e 26 4f 51 dd 73 76 2b 4d 68 17 05 28 84 02 c5 c9 c8 c6 ed f2 ae 98 b1 26 f0 75 5d 4f bb 4e 64 e6 7a 1b 03 ef a4 e4 74 66 aa 9a 75 61 a0 df e1 c1 8d 40 aa 6e 2f eb ef e2 64 ed dd 3e ac 51 7d 4c 1b 79 13 b0 e8 40 08 97 d0 e8 72 58 23 73 d6 40 00 fb 8b a2 81 d1 a9 73 1c 44 2e 0c 08 1a 41 4a 11 5d 94 db 33 02 af 4a cb 01 fc 39 92 66 49 c4 88 b2 4f e5 72 a1 f3 34 85 a5 00 2a 8f bd ca 0f ac f6 ac 51 55 09 e6 25 5a a2 36 22 e4 bc 98 97 63 42 1a e1 8d d5 c4 31 ac 48 fb 60 b9 3e de 2d b2 78 5c 25 e8 07 99 ad ab 80 8c 71 7f 81 52 49 6c be eb 06 28 75 19 a4 38 e3 6d 1e b6 b6 b2 90 88 b2 d5 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 95 a5 6c 0d 60 36 9a 36 83 b3 b3 e4 6f 3c 7d d7 | unwrapped: 38 4e d7 b3 ba 4e 32 87 a4 6d 6b 8f e3 cb 92 48 | unwrapped: 75 29 d1 07 ee 9a 26 71 4f db a1 87 5b 03 f9 2c | unwrapped: af 01 0d 6c 1e f4 5c ff 27 72 52 15 74 3e 36 e4 | unwrapped: 28 19 6d b0 35 fe bf f3 f2 79 80 c9 08 14 f9 85 | unwrapped: 8b 75 cd da 92 b7 c4 7f 8e a7 00 3f 56 f8 a9 b0 | unwrapped: 72 e3 3a 13 f2 89 cc 75 ee 98 00 1b 46 b8 6e a5 | unwrapped: 0b d5 e0 99 d9 1d a0 72 57 46 f6 6e 79 dd 6d 16 | unwrapped: 1c 2d 9e eb fa 52 d5 e8 b8 9c df 25 33 4f 58 17 | unwrapped: ed d5 24 2a a2 f2 09 5e 28 12 82 be 95 f1 eb 42 | unwrapped: 9b 16 70 83 20 a7 d8 be ef fe b0 d0 a0 f9 4a dd | unwrapped: be 53 a2 30 53 64 89 4e b6 c9 5b c5 37 52 a5 c0 | unwrapped: 69 b3 15 05 cb bc cf 12 03 f1 a6 20 9d 62 9e 4f | unwrapped: 85 ad de 3e 4d bd a8 68 06 77 4d 91 00 de b0 79 | unwrapped: df 7e 74 0e b2 01 47 3a 17 7c 53 69 98 89 13 9c | unwrapped: 1e 48 c9 fa 00 a2 71 0d 07 da a5 1f 78 5a 4b e7 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 20 44 e4 97 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | f2 3b 27 9b | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x7ffaa8006a98 (length 32) | d2 3d af df f8 58 15 f1 33 0d 36 85 08 ba 99 46 | a2 12 3a d7 a2 94 f2 a3 de 8f 2d 76 6c 84 9b 7c | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha update data-bytes@0x5573f4165a28 (length 32) | 37 23 9d d0 8c cd 51 7c 3c bd ec 64 c9 db 43 5b | 71 7e 1c 2f 6f 67 d9 bd e9 8a 75 62 82 4f db fd | hmac PRF sha final-bytes@0x7ffabc004240 (length 20) | 8c 43 1e 9b 05 d0 2b e0 8d 22 00 aa 7c c0 51 5c | 59 5f 75 88 | hmac PRF sha final-bytes@0x5573f4163620 (length 20) | 6d be 4d a3 b9 89 2a 47 6d 36 a4 0d 26 26 9b 00 | f2 35 c4 a0 | install_ipsec_sa() for #20: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.f23b279b@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.2044e497@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #20: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #20 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf23b279b SPI_OUT=0x | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1642: | cmd( 320):4' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0xf23b279b SPI_OUT=0x2044e497 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf23b279b | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0xf23b279b SPI_OUT=0x2044e497 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf23b279b SPI_ | popen cmd is 1026 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0xf23b279b SPI_OUT=0x2044e497 ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x5573f4162958,sr=0x5573f4162958} to #20 (was #0) (newest_ipsec_sa=#0) | #19 spent 1.94 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 c3 80 bd 82 37 55 55 40 d4 b3 69 72 | encrypting: 14 95 1d f2 59 75 e5 76 | IV: 01 91 e2 fb f4 85 8b 02 | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: ad 7b a1 cf 11 78 4d 70 | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #20 (was #0) (spd.eroute=#20) cloned from #19 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #20 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #20: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #20 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaa8003978 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffab4002b78 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #20) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 20 01 88 d6 3e 55 00 00 00 34 17 91 ab 7f | 6d 3a 24 55 3e 6b 30 5f 33 62 1f 40 ad 7b a1 cf | 11 78 4d 70 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7ffac0002b78 | inserting event EVENT_SA_REPLACE, timeout in 27921 seconds for #20 | libevent_malloc: new ptr-libevent@0x5573f40c4618 size 128 | pstats #20 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #20: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xf23b279b <0x2044e497 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #20 suppresed complete_v1_state_transition() | #20 spent 2.98 milliseconds in resume sending helper answer | stop processing: state #20 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffaac0012c8 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00465 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00264 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00566 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.2044e497@192.1.2.45 | get_sa_info esp.f23b279b@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0611 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #20 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #20 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #20 ikev1.ipsec deleted completed | [RE]START processing: state #20 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #20: deleting state (STATE_QUICK_I2) aged 0.059s and sending notification | child state #20: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.f23b279b@192.1.2.23 | get_sa_info esp.2044e497@192.1.2.45 "3des" #20: ESP traffic information: in=84B out=84B | #20 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3020782951 (0xb40d7d67) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 20 44 e4 97 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4169350 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4169350 | HASH(1): release clone-key@0x5573f4169350 | HASH(1) PRF sha crypt-prf@0x5573f416e5c8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | b4 0d 7d 67 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 20 44 e4 97 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 6b 0e 95 1d 8d 91 8f 73 79 e2 6d 6c 92 c9 00 58 | 89 1e 08 e6 | send delete HASH(1): | 6b 0e 95 1d 8d 91 8f 73 79 e2 6d 6c 92 c9 00 58 | 89 1e 08 e6 | last Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | current Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | b4 0d 7d 67 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 14 97 e0 b5 c7 e1 27 3b 77 1d 49 66 a0 38 81 88 | df c2 c7 be | encrypting: 0c 00 00 18 6b 0e 95 1d 8d 91 8f 73 79 e2 6d 6c | encrypting: 92 c9 00 58 89 1e 08 e6 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 20 44 e4 97 | IV: 14 97 e0 b5 c7 e1 27 3b 77 1d 49 66 a0 38 81 88 | IV: df c2 c7 be | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: f6 7b 79 e8 c9 49 e8 58 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 05 01 b4 0d 7d 67 00 00 00 44 ff 19 94 9d | 27 d9 14 4c f1 8f 41 4c 95 d4 9f eb 94 80 34 03 | c6 d0 b5 53 0a 0c 34 3d 92 7f a0 14 f6 7b 79 e8 | c9 49 e8 58 | state #20 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x5573f40c4618 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7ffac0002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825168' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xf23b279b | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):424' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566825168' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0xf23b279b SPI_OUT=0x2044e497 ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.f23b279b@192.1.2.23 | netlink response for Del SA esp.f23b279b@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.2044e497@192.1.2.45 | netlink response for Del SA esp.2044e497@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #20 in QUICK_I2 | child state #20: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffaa8006448: destroyed | stop processing: state #20 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4165b30 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f41619f0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #19 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #19 | start processing: state #19 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #19 ikev1.isakmp deleted completed | [RE]START processing: state #19 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #19: deleting state (STATE_MAIN_I4) aged 0.074s and sending notification | parent state #19: MAIN_I4(established IKE SA) => delete | #19 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3367257605 (0xc8b44605) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI 94 13 01 bf f9 6d 03 77 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI 89 1f 46 71 19 4f c9 54 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f414d560 (size 20) | HASH(1): SKEYID_a-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x5573f41635d0 from SKEYID_a-key@0x5573f4165b30 | HASH(1) prf: begin sha with context 0x5573f41635d0 from SKEYID_a-key@0x5573f4165b30 | HASH(1): release clone-key@0x5573f4165b30 | HASH(1) PRF sha crypt-prf@0x7ffaa8003ad8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | c8 b4 46 05 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 94 13 01 bf | f9 6d 03 77 89 1f 46 71 19 4f c9 54 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | ec e5 b2 a4 73 1f 8f b3 4c 6d 54 c7 62 c6 48 8a | 85 69 de a5 | send delete HASH(1): | ec e5 b2 a4 73 1f 8f b3 4c 6d 54 c7 62 c6 48 8a | 85 69 de a5 | last Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | current Phase 1 IV: 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | 9d b9 08 a1 d2 ff de c4 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | c8 b4 46 05 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 28 ad 0d 0b e3 98 1a b3 4d 1f c9 97 78 62 59 95 | 51 fb 73 1e | encrypting: 0c 00 00 18 ec e5 b2 a4 73 1f 8f b3 4c 6d 54 c7 | encrypting: 62 c6 48 8a 85 69 de a5 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 94 13 01 bf f9 6d 03 77 89 1f 46 71 | encrypting: 19 4f c9 54 | IV: 28 ad 0d 0b e3 98 1a b3 4d 1f c9 97 78 62 59 95 | IV: 51 fb 73 1e | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: d2 8c ab 56 50 16 5b 2a | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #19) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 05 01 c8 b4 46 05 00 00 00 54 4b 4e 13 f6 | 59 10 ab 0c c6 bd 93 0a 6c 10 19 9c 48 d7 f4 e1 | f0 d2 f7 c3 81 ec c1 3f 8d 91 f6 fa c3 32 ba d3 | 40 7f 3d 1c f3 b7 95 9a 0b 2d d5 2b d2 8c ab 56 | 50 16 5b 2a | state #19 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab4001378 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41634d8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #19 in MAIN_I4 | parent state #19: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffab0005698: destroyed | stop processing: state #19 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f40c6080 | delete_state: release st->st_skeyid_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_d_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ai_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f414f010 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f41619f0 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.45 milliseconds in whack | spent 0.00148 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 05 01 83 3d a5 8d 00 00 00 44 21 ef 8b 6a | 09 bf 29 3e d6 0e 81 dc 49 b2 ff 4d 8b a2 0c 89 | 2e 4c 4c dc 86 f5 3e 97 de e3 28 ce 9e d2 1b c1 | 55 ec d8 4b | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2201855373 (0x833da58d) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x833da58d | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 94 13 01 bf f9 6d 03 77 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 89 1f 46 71 19 4f c9 54 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.049 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00574 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00211 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 94 13 01 bf f9 6d 03 77 89 1f 46 71 19 4f c9 54 | 08 10 05 01 0b 4f b9 f5 00 00 00 54 88 de 60 36 | 19 c9 a0 14 df 19 19 58 35 1d 18 6e 98 26 fc 7e | 00 5f a8 82 6a 5f 8a 22 61 d1 6a b5 c5 14 d0 28 | e5 93 32 5c 64 eb e3 e4 1a 38 34 eb cc 91 98 65 | fc 1f 34 9c | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 94 13 01 bf f9 6d 03 77 | responder cookie: | 89 1f 46 71 19 4f c9 54 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 189774325 (0xb4fb9f5) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x0b4fb9f5 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | 94 13 01 bf f9 6d 03 77 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | 89 1f 46 71 19 4f c9 54 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0914 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16424' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5573f4163218 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.88 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00491 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing suppress-retransmits + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0475 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0384 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:0 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0475 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.16 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #21 at 0x5573f4163978 | State DB: adding IKEv1 state #21 in UNDEFINED | pstats #21 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #21 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #21: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #21 "3des" "3des" #21: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 9e d9 02 87 e3 3d de 73 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x5573f4161ba8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #21: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #21) | 9e d9 02 87 e3 3d de 73 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41634d8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #21 | libevent_malloc: new ptr-libevent@0x7ffaac0012c8 size 128 | #21 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10455.225576 | #21 spent 0.373 milliseconds in main_outI1() | stop processing: state #21 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.438 milliseconds in whack | spent 0.00215 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 9e d9 02 87 e3 3d de 73 fb 3a dd 11 8a 4c f9 50 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 9e d9 02 87 e3 3d de 73 | responder cookie: | fb 3a dd 11 8a 4c f9 50 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #21 in MAIN_I1 (find_state_ikev1_init) | start processing: state #21 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #21 is idle | #21 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #21: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #21: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #21 spent 0.0194 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #21 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.11 milliseconds in comm_handle_cb() reading and processing packet | timer_event_cb: processing event@0x5573f41634d8 | handling event EVENT_RETRANSMIT for parent state #21 | start processing: state #21 connection "3des" from 192.1.2.23 (in timer_event_cb() at timer.c:250) | IKEv1 retransmit event | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61) | handling event EVENT_RETRANSMIT for 192.1.2.23 "3des" #21 keying attempt 1 of 0; retransmit 1 "3des" #21: IMPAIR: retransmit so deleting SA | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:124) | pstats #21 ikev1.isakmp failed too-many-retransmits | pstats #21 ikev1.isakmp deleted too-many-retransmits | [RE]START processing: state #21 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #21: deleting state (STATE_MAIN_I1) aged 0.501s and NOT sending notification | parent state #21: MAIN_I1(half-open IKE SA) => delete | in connection_discard for connection 3des | close_any(fd@25) (in delete_pending() at pending.c:244) | removing pending policy for "3des" {0x5573f40bb898} | State DB: IKEv1 state not found (flush_incomplete_children) | picked newest_isakmp_sa #0 for #21 "3des" #21: deleting IKE SA for connection '3des' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS | add revival: connection '3des' added to the list and scheduled for 0 seconds | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds | in connection_discard for connection 3des | State DB: deleting IKEv1 state #21 in MAIN_I1 | parent state #21: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | close_any(fd@24) (in release_whack() at state.c:654) | stop processing: state #21 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | libevent_free: release ptr-libevent@0x7ffaac0012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41634d8 | in statetime_stop() and could not find #21 | processing: STOP state #0 (in timer_event_cb() at timer.c:557) | processing global timer EVENT_REVIVE_CONNS Initiating connection 3des which received a Delete/Notify but must remain up per local policy | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #22 at 0x5573f4163978 | State DB: adding IKEv1 state #22 in UNDEFINED | pstats #22 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #22 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #22: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #22 "3des" "3des" #22: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | 76 71 27 ea 79 6e 40 05 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x5573f4161ba8 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #22: IMPAIR: sending key-length attribute value 0 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 0 (0x0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #22) | 76 71 27 ea 79 6e 40 05 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #22 | libevent_malloc: new ptr-libevent@0x7ffaac0012c8 size 128 | #22 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10455.728933 | #22 spent 1.9 milliseconds in main_outI1() | stop processing: state #22 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | spent 2 milliseconds in global timer EVENT_REVIVE_CONNS | spent 0.0092 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 40 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | 76 71 27 ea 79 6e 40 05 eb 69 b2 74 b5 9e 72 d6 | 0b 10 05 00 00 00 00 00 00 00 00 28 00 00 00 0c | 00 00 00 01 01 00 00 0e | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | 76 71 27 ea 79 6e 40 05 | responder cookie: | eb 69 b2 74 b5 9e 72 d6 | next payload type: ISAKMP_NEXT_N (0xb) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: none (0x0) | Message ID: 0 (0x0) | length: 40 (0x28) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: found IKEv1 state #22 in MAIN_I1 (find_state_ikev1_init) | start processing: state #22 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479) | #22 is idle | #22 idle | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0 opt: 0x0 | ***parse ISAKMP Notification Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 12 (0xc) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 0 (0x0) | Notify Message Type: NO_PROPOSAL_CHOSEN (0xe) | message 'informational' HASH payload not checked early "3des" #22: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12 | ISAKMP Notification Payload | 00 00 00 0c 00 00 00 01 01 00 00 0e | info: | processing informational NO_PROPOSAL_CHOSEN (14) "3des" #22: received and ignored notification payload: NO_PROPOSAL_CHOSEN | complete v1 state transition with STF_IGNORE | #22 spent 0.0369 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #22 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.512 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.11 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | removing pending policy for no connection {0x5573f40bb898} | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #22 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #22 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #22 ikev1.isakmp deleted other | [RE]START processing: state #22 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #22: deleting state (STATE_MAIN_I1) aged 0.034s and NOT sending notification | parent state #22: MAIN_I1(half-open IKE SA) => delete | state #22 requesting EVENT_RETRANSMIT to be deleted | #22 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac0012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | State DB: IKEv1 state not found (flush_incomplete_children) | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #22 in MAIN_I1 | parent state #22: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore) | stop processing: state #22 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@NULL | delete_state: release st->st_skeyid_nss-key@NULL | delete_state: release st->st_skey_d_nss-key@NULL | delete_state: release st->st_skey_ai_nss-key@NULL | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@NULL | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@NULL | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | free hp@0x5573f4163218 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.401 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0495 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing none + delete-on-retransmit | base impairing = delete-on-retransmit | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0417 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none | base impairing = delete-on-retransmit | ike-key-length-attribute:192 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0387 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | FOR_EACH_CONNECTION_... in foreach_connection_by_alias | FOR_EACH_CONNECTION_... in conn_by_name | Added new connection 3des with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | ike (phase1) algorithm values: 3DES_CBC-HMAC_SHA1-MODP2048 | from whack: got --esp=3des-sha1;modp2048 | ESP/AH string values: 3DES_CBC-HMAC_SHA1_96-MODP2048 | counting wild cards for @west is 0 | counting wild cards for @east is 0 | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none | new hp@0x5573f4163218 added connection description "3des" | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0933 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in initiate_a_connection() at initiate.c:186) | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | connection '3des' +POLICY_UP | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) | FOR_EACH_STATE_... in find_phase1_state | creating state object #23 at 0x5573f4163978 | State DB: adding IKEv1 state #23 in UNDEFINED | pstats #23 ikev1.isakmp started | suspend processing: connection "3des" (in main_outI1() at ikev1_main.c:118) | start processing: state #23 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118) | parent state #23: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA) | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123) | Queuing pending IPsec SA negotiating with 192.1.2.23 "3des" IKE SA #23 "3des" "3des" #23: initiating Main Mode | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | 00 00 00 00 00 00 00 00 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0 | oakley_alg_makedb() returning 0x5573f4165a28 | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | *****emit ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] "3des" #23: IMPAIR: sending key-length attribute value 192 | ******emit ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | emitting length of ISAKMP Transform Payload (ISAKMP): 36 | emitting length of ISAKMP Proposal Payload: 44 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 56 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | out_vid(): sending [FRAGMENTATION] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [Dead Peer Detection] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | emitting length of ISAKMP Vendor ID Payload: 20 | nat add vid | sending draft and RFC NATT VIDs | out_vid(): sending [RFC 3947] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | emitting length of ISAKMP Vendor ID Payload: 20 | skipping VID_NATT_RFC | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f | emitting length of ISAKMP Vendor ID Payload: 20 | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02] | ***emit ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID) | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet' | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | emitting length of ISAKMP Vendor ID Payload: 20 | no IKEv1 message padding required | emitting length of ISAKMP Message: 204 | sending 204 bytes for reply packet for main_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | c7 8f 09 fa d1 8f 64 81 00 00 00 00 00 00 00 00 | 01 10 02 00 00 00 00 00 00 00 00 cc 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 | 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 cd 60 46 43 | 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x7ffaac0012c8 size 128 | #23 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10456.173127 | #23 spent 0.281 milliseconds in main_outI1() | stop processing: state #23 connection "3des" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228) | resume processing: connection "3des" (in main_outI1() at ikev1_main.c:228) | stop processing: connection "3des" (in initiate_a_connection() at initiate.c:349) | close_any(fd@23) (in initiate_connection() at initiate.c:372) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.328 milliseconds in whack | spent 0.00244 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38 | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 0d 00 00 14 40 48 b7 d5 6e bc e8 85 | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13 | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14 | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_SA (0x1) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 144 (0x90) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: IKEv1 state not found (find_state_ikev1) | State DB: found IKEv1 state #23 in MAIN_I1 (find_state_ikev1_init) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 56 (0x38) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_VID (0xd) | length: 20 (0x14) | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080 | ***parse ISAKMP Vendor ID Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 20 (0x14) | message 'main_inR1_outI2' HASH payload not checked early | received Vendor ID payload [FRAGMENTATION] | received Vendor ID payload [Dead Peer Detection] | quirks.qnat_traversal_vid set to=117 [RFC 3947] | received Vendor ID payload [RFC 3947] | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 44 (0x2c) | proposal number: 0 (0x0) | protocol ID: PROTO_ISAKMP (0x1) | SPI size: 0 (0x0) | number of transforms: 1 (0x1) | *****parse ISAKMP Transform Payload (ISAKMP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 36 (0x24) | ISAKMP transform number: 0 (0x0) | ISAKMP transform ID: KEY_IKE (0x1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b) | length/value: 1 (0x1) | [1 is OAKLEY_LIFE_SECONDS] | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c) | length/value: 3600 (0xe10) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001) | length/value: 5 (0x5) | [5 is OAKLEY_3DES_CBC] | encryption ike_alg_lookup_by_id id: 3DES_CBC=5, found 3DES_CBC | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002) | length/value: 2 (0x2) | [2 is OAKLEY_SHA1] | PRF ike_alg_lookup_by_id id: SHA1=2, found HMAC_SHA1 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003) | length/value: 1 (0x1) | [1 is OAKLEY_PRESHARED_KEY] | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP Oakley attribute: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e) | length/value: 192 (0xc0) | OAKLEY proposal verified; matching alg_info found | Oakley Transform 0 accepted | sender checking NAT-T: enabled; VID 117 | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal) | adding outI2 KE work-order 29 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x7ffaac0012c8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7ffaac0012c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #23 and saving MD | #23 is busy; has a suspended MD | #23 spent 0.11 milliseconds in process_packet_tail() | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.199 milliseconds in comm_handle_cb() reading and processing packet | crypto helper 0 resuming | crypto helper 0 starting work-order 29 for state #23 | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 29 | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffac00045a8: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffac00045a8 | NSS: Public DH wire value: | 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | Generated nonce: a9 ed a3 d6 c0 f6 17 8e 4c ff 4f ef 04 09 68 1d | Generated nonce: 83 09 59 49 15 70 52 8a ee a0 0d 48 8c b9 dc 63 | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 29 time elapsed 0.000599 seconds | (#23) spent 0.602 milliseconds in crypto helper computing work-order 29: outI2 KE (pcr) | crypto helper 0 sending results from work-order 29 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7ffac00048c8 size 128 | crypto helper 0 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 0 replies to request ID 29 | calling continuation function 0x5573f2c98b50 | main_inR1_outI2_continue for #23: calculated ke+nonce, sending I2 | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffac00045a8: transferring ownership from helper KE to state #23 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | keyex value ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | keyex value 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | keyex value ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | keyex value 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | keyex value a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | keyex value 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | keyex value d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | keyex value 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | keyex value 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | keyex value 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | keyex value d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | keyex value e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | keyex value 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | keyex value 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | keyex value e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni a9 ed a3 d6 c0 f6 17 8e 4c ff 4f ef 04 09 68 1d | Ni 83 09 59 49 15 70 52 8a ee a0 0d 48 8c b9 dc 63 | emitting length of ISAKMP Nonce Payload: 36 | NAT-T checking st_nat_traversal | NAT-T found (implies NAT_T_WITH_NATD) | sending NAT-D payloads | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | c7 8f 09 fa d1 8f 64 81 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | fb 73 14 a9 9f 11 cd 78 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | 15 2c 72 4a | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c7 8f 09 fa d1 8f 64 81 | natd_hash: rcookie= fb 73 14 a9 9f 11 cd 78 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | natd_hash: hash= 15 2c 72 4a | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | NAT-D 15 2c 72 4a | emitting length of ISAKMP NAT-D Payload: 24 | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x7ffeae0b0d60 (length 8) | c7 8f 09 fa d1 8f 64 81 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x7ffeae0b0d68 (length 8) | fb 73 14 a9 9f 11 cd 78 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0ce4 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0cd6 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0db0 (length 20) | 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | 0f fa 1e 8f | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c7 8f 09 fa d1 8f 64 81 | natd_hash: rcookie= fb 73 14 a9 9f 11 cd 78 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | natd_hash: hash= 0f fa 1e 8f | ***emit ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC) | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload | NAT-D 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | NAT-D 0f fa 1e 8f | emitting length of ISAKMP NAT-D Payload: 24 | no IKEv1 message padding required | emitting length of ISAKMP Message: 372 | State DB: re-hashing IKEv1 state #23 IKE SPIi and SPI[ir] | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | peer supports fragmentation | peer supports DPD | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 | parent state #23: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffaac0012c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 372 bytes for STATE_MAIN_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | 14 00 00 24 a9 ed a3 d6 c0 f6 17 8e 4c ff 4f ef | 04 09 68 1d 83 09 59 49 15 70 52 8a ee a0 0d 48 | 8c b9 dc 63 14 00 00 18 0c e0 4c a3 26 f1 0a b1 | 49 d7 ca 2e 7f 9a 37 ac 15 2c 72 4a 00 00 00 18 | 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | 0f fa 1e 8f | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x5573f40c45d8 size 128 | #23 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10456.17483 "3des" #23: STATE_MAIN_I2: sent MI2, expecting MR2 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.359 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffac00048c8 | spent 0.002 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 372 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 04 10 02 00 00 00 00 00 00 00 01 74 0a 00 01 04 | fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | 14 00 00 24 81 05 da 89 76 ba 2c 3b 2c 3e 1e 22 | 8e 4f cc 4b 4a 8d 13 0e 35 71 17 49 56 f5 7c 3e | a7 c5 67 a4 14 00 00 18 75 72 15 89 b6 9a 76 d1 | f4 9d 77 dd 2a 08 99 88 0f fa 1e 8f 00 00 00 18 | 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | 15 2c 72 4a | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_KE (0x4) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: none (0x0) | Message ID: 0 (0x0) | length: 372 (0x174) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I2 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 260 (0x104) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 36 (0x24) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14) | length: 24 (0x18) | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080 | ***parse ISAKMP NAT-D Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | message 'main_inR2_outI3' HASH payload not checked early | DH public value received: | fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffac00045a8: transferring ownership from state #23 to helper IKEv1 DH+IV | adding aggr outR1 DH work-order 30 for state #23 | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I2: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f40c45d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #23 | libevent_malloc: new ptr-libevent@0x7ffac00048c8 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #23 and saving MD | #23 is busy; has a suspended MD | #23 spent 0.0634 milliseconds in process_packet_tail() | crypto helper 1 resuming | crypto helper 1 starting work-order 30 for state #23 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 1 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | peer's g: b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | peer's g: 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | peer's g: 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | peer's g: df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | peer's g: b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | peer's g: fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | peer's g: 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | peer's g: 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | peer's g: 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | peer's g: 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | processing: STOP connection NULL (in process_md() at demux.c:383) | peer's g: bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | spent 0.208 milliseconds in comm_handle_cb() reading and processing packet | peer's g: b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | peer's g: 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | peer's g: d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | peer's g: 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffac00045a8: computed shared DH secret key@0x5573f41619f0 | dh-shared : g^ir-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | SKEYID psk PRF sha init psk-chunk@0x5573f416aab8 (length 36) | 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 | 51 52 53 54 55 56 57 58 59 5a 31 32 33 34 35 36 | 37 38 39 30 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: psk-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 36 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 36-bytes | base: base-key@0x5573f414d560 (52-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: psk-key@0x5573f414f010 (36-bytes, SHA_1_HMAC) | psk: release tmp-key@0x5573f414d560 | SKEYID psk prf: created sha context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk prf: begin sha with context 0x7ffab8002d60 from psk-key@0x5573f414f010 | SKEYID psk: release clone-key@0x5573f414f010 | SKEYID psk PRF sha crypt-prf@0x7ffab8001108 | SKEYID psk PRF sha update Ni-bytes@0x5573f416aadc (length 32) | a9 ed a3 d6 c0 f6 17 8e 4c ff 4f ef 04 09 68 1d | 83 09 59 49 15 70 52 8a ee a0 0d 48 8c b9 dc 63 | SKEYID psk PRF sha update Nr-bytes@0x5573f416aafc (length 32) | 81 05 da 89 76 ba 2c 3b 2c 3e 1e 22 8e 4f cc 4b | 4a 8d 13 0e 35 71 17 49 56 f5 7c 3e a7 c5 67 a4 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f414d560 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f414d560 | SKEYID psk PRF sha final-key@0x5573f414f010 (size 20) | SKEYID psk: key-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_d PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_d: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2718 | result: clone-key@0x5573f414d560 (20-bytes, SHA_1_HMAC) | SKEYID_d prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f414d560 | SKEYID_d: release clone-key@0x5573f414d560 | SKEYID_d PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_d PRF sha update g^xy-key@0x5573f41619f0 (size 256) | SKEYID_d: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b8 77 b7 9f 3b ca c3 e9 de d8 1b 14 71 c7 1d a6 32 80 a1 bc 35 56 48 a6 69 f1 6c 38 3d 36 1a 50 87 30 eb cc 35 d3 0c 11 3d 6b 4f d8 13 fe e2 e3 d1 46 49 36 24 2c d8 83 e5 b5 42 64 5c ee 58 7b 6f ca 49 c4 dc fc 25 3d 99 94 22 9e d7 84 c6 ca 18 e0 d6 37 54 5d 7d 66 b2 ca c0 5a 45 51 54 1a f7 7c f1 63 02 e4 07 61 ad a1 c7 76 c7 11 8b 3b 42 fe 20 89 f1 0e 37 54 66 8a 96 01 83 ef b9 3c a8 96 3f 89 5b e1 ff 3e 2a b6 54 43 89 f5 38 3d ce f7 c9 df 1f 77 b6 16 28 7c 6b df 0a 0f 54 90 5d c7 3b 9c c6 27 96 5b a3 ab 52 ff a6 a5 02 47 c8 69 c4 a9 bf 59 87 a4 a4 92 26 bd 91 a0 9b d4 1f 3d af 6f e2 65 e4 c4 fd 13 24 86 57 42 be 09 02 19 fd 35 e3 25 29 49 86 4c 14 e9 22 fe e2 36 59 c7 f3 7c 6e 3c cf 1e 00 65 36 4a 45 38 d7 41 d2 4c 8d 3a 45 30 95 1e ff 12 f0 28 cd 15 ce 82 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 94 ff 3f 8f f1 a6 0d e9 4c 2d 36 1a b4 f5 18 12 | unwrapped: 07 43 a0 23 8b 7d df 71 6c d7 37 c4 ef f8 6b f2 | unwrapped: 8c df d8 c8 bf 23 19 aa f4 66 ec d2 01 56 04 60 | unwrapped: 07 7a 36 b1 c8 5a 95 cc 15 02 91 3c a5 cb 92 52 | unwrapped: 68 76 31 35 0f 69 98 b6 c1 c8 1d 6c 01 4a 04 41 | unwrapped: 1a dc a6 31 3f d3 e1 c1 75 c8 40 ff 8d 43 47 8c | unwrapped: 99 b4 72 30 40 49 d4 1b 4d 03 15 50 fa 43 67 7a | unwrapped: e7 cc 6b 91 56 e0 7a 61 66 95 00 d3 70 e1 5a 49 | unwrapped: 4f 13 93 b5 2c d8 a9 fe 3c 66 ae df c0 98 93 e6 | unwrapped: 77 6a 53 ff fb 26 77 8d f2 a1 f2 20 8e 2d ed 2f | unwrapped: 14 5a 80 aa ef c0 31 1d 83 e4 00 cd 85 21 6e 52 | unwrapped: 8f ea 50 d1 42 0c 04 43 b9 e1 86 6d 92 6b 0e bf | unwrapped: 6b ce 39 b0 95 ac ac b3 b0 73 00 c2 a6 ef 5c b9 | unwrapped: 44 1d bb 3a 13 c1 b5 6e 6e 0f d8 bd d7 73 4f 5b | unwrapped: 7b c1 d5 e4 96 8c e5 9e 58 b4 7b 91 11 b1 04 02 | unwrapped: c8 01 7c ee 58 2c 83 46 8e 7a 9c 73 0c 86 76 40 | SKEYID_d PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c7 8f 09 fa d1 8f 64 81 | SKEYID_d PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | fb 73 14 a9 9f 11 cd 78 | SKEYID_d PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2720 | result: final-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: final-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40bfec0 | SKEYID_d PRF sha final-key@0x5573f414d560 (size 20) | SKEYID_d: key-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_a PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_a: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: clone-key@0x5573f40bfec0 (20-bytes, SHA_1_HMAC) | SKEYID_a prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f40bfec0 | SKEYID_a: release clone-key@0x5573f40bfec0 | SKEYID_a PRF sha crypt-prf@0x7ffab8001108 | SKEYID_a PRF sha update SKEYID_d-key@0x5573f414d560 (size 20) | SKEYID_a: SKEYID_d-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f414d560 | nss hmac digest hack: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073043: 51 80 de 5e 51 f6 34 f7 3b 6d bd 93 cb 8f d7 d4 d2 e8 c4 92 36 22 11 ea 09 b8 e0 25 35 6c be 93 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab8008c38 | unwrapped: 60 68 47 eb 0b 87 64 83 5c 5d bc 73 88 65 56 2b | unwrapped: f5 c1 fb a6 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_a PRF sha update g^xy-key@0x5573f41619f0 (size 256) | SKEYID_a: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b8 77 b7 9f 3b ca c3 e9 de d8 1b 14 71 c7 1d a6 32 80 a1 bc 35 56 48 a6 69 f1 6c 38 3d 36 1a 50 87 30 eb cc 35 d3 0c 11 3d 6b 4f d8 13 fe e2 e3 d1 46 49 36 24 2c d8 83 e5 b5 42 64 5c ee 58 7b 6f ca 49 c4 dc fc 25 3d 99 94 22 9e d7 84 c6 ca 18 e0 d6 37 54 5d 7d 66 b2 ca c0 5a 45 51 54 1a f7 7c f1 63 02 e4 07 61 ad a1 c7 76 c7 11 8b 3b 42 fe 20 89 f1 0e 37 54 66 8a 96 01 83 ef b9 3c a8 96 3f 89 5b e1 ff 3e 2a b6 54 43 89 f5 38 3d ce f7 c9 df 1f 77 b6 16 28 7c 6b df 0a 0f 54 90 5d c7 3b 9c c6 27 96 5b a3 ab 52 ff a6 a5 02 47 c8 69 c4 a9 bf 59 87 a4 a4 92 26 bd 91 a0 9b d4 1f 3d af 6f e2 65 e4 c4 fd 13 24 86 57 42 be 09 02 19 fd 35 e3 25 29 49 86 4c 14 e9 22 fe e2 36 59 c7 f3 7c 6e 3c cf 1e 00 65 36 4a 45 38 d7 41 d2 4c 8d 3a 45 30 95 1e ff 12 f0 28 cd 15 ce 82 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8003db8 | unwrapped: 94 ff 3f 8f f1 a6 0d e9 4c 2d 36 1a b4 f5 18 12 | unwrapped: 07 43 a0 23 8b 7d df 71 6c d7 37 c4 ef f8 6b f2 | unwrapped: 8c df d8 c8 bf 23 19 aa f4 66 ec d2 01 56 04 60 | unwrapped: 07 7a 36 b1 c8 5a 95 cc 15 02 91 3c a5 cb 92 52 | unwrapped: 68 76 31 35 0f 69 98 b6 c1 c8 1d 6c 01 4a 04 41 | unwrapped: 1a dc a6 31 3f d3 e1 c1 75 c8 40 ff 8d 43 47 8c | unwrapped: 99 b4 72 30 40 49 d4 1b 4d 03 15 50 fa 43 67 7a | unwrapped: e7 cc 6b 91 56 e0 7a 61 66 95 00 d3 70 e1 5a 49 | unwrapped: 4f 13 93 b5 2c d8 a9 fe 3c 66 ae df c0 98 93 e6 | unwrapped: 77 6a 53 ff fb 26 77 8d f2 a1 f2 20 8e 2d ed 2f | unwrapped: 14 5a 80 aa ef c0 31 1d 83 e4 00 cd 85 21 6e 52 | unwrapped: 8f ea 50 d1 42 0c 04 43 b9 e1 86 6d 92 6b 0e bf | unwrapped: 6b ce 39 b0 95 ac ac b3 b0 73 00 c2 a6 ef 5c b9 | unwrapped: 44 1d bb 3a 13 c1 b5 6e 6e 0f d8 bd d7 73 4f 5b | unwrapped: 7b c1 d5 e4 96 8c e5 9e 58 b4 7b 91 11 b1 04 02 | unwrapped: c8 01 7c ee 58 2c 83 46 8e 7a 9c 73 0c 86 76 40 | SKEYID_a PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c7 8f 09 fa d1 8f 64 81 | SKEYID_a PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | fb 73 14 a9 9f 11 cd 78 | SKEYID_a PRF sha update 1-byte@0x1 (1) | 01 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2700 | result: final-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4150e50 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: final-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4150e50 | SKEYID_a PRF sha final-key@0x5573f40bfec0 (size 20) | SKEYID_a: key-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | SKEYID_e PRF sha init SKEYID-key@0x5573f414f010 (size 20) | SKEYID_e: SKEYID-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2708 | result: clone-key@0x5573f4150e50 (20-bytes, SHA_1_HMAC) | SKEYID_e prf: created sha context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e prf: begin sha with context 0x7ffab8002d60 from SKEYID-key@0x5573f4150e50 | SKEYID_e: release clone-key@0x5573f4150e50 | SKEYID_e PRF sha crypt-prf@0x7ffab80010b8 | SKEYID_e PRF sha update SKEYID_a-key@0x5573f40bfec0 (size 20) | SKEYID_e: SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40bfec0 | nss hmac digest hack: symkey-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221240340: 4e cb d2 8e b8 af 78 d7 34 d7 e2 1e ed 91 89 4c 42 fe 5b 45 b8 48 b3 e8 13 77 6a c7 af 7b fc b8 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab80085b8 | unwrapped: b5 f9 51 ee 08 fc 99 a5 09 61 40 e6 ca 83 af a5 | unwrapped: 25 ed 7d 20 00 00 00 00 00 00 00 00 00 00 00 00 | SKEYID_e PRF sha update g^xy-key@0x5573f41619f0 (size 256) | SKEYID_e: g^xy-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f41619f0 | nss hmac digest hack: symkey-key@0x5573f41619f0 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: b8 77 b7 9f 3b ca c3 e9 de d8 1b 14 71 c7 1d a6 32 80 a1 bc 35 56 48 a6 69 f1 6c 38 3d 36 1a 50 87 30 eb cc 35 d3 0c 11 3d 6b 4f d8 13 fe e2 e3 d1 46 49 36 24 2c d8 83 e5 b5 42 64 5c ee 58 7b 6f ca 49 c4 dc fc 25 3d 99 94 22 9e d7 84 c6 ca 18 e0 d6 37 54 5d 7d 66 b2 ca c0 5a 45 51 54 1a f7 7c f1 63 02 e4 07 61 ad a1 c7 76 c7 11 8b 3b 42 fe 20 89 f1 0e 37 54 66 8a 96 01 83 ef b9 3c a8 96 3f 89 5b e1 ff 3e 2a b6 54 43 89 f5 38 3d ce f7 c9 df 1f 77 b6 16 28 7c 6b df 0a 0f 54 90 5d c7 3b 9c c6 27 96 5b a3 ab 52 ff a6 a5 02 47 c8 69 c4 a9 bf 59 87 a4 a4 92 26 bd 91 a0 9b d4 1f 3d af 6f e2 65 e4 c4 fd 13 24 86 57 42 be 09 02 19 fd 35 e3 25 29 49 86 4c 14 e9 22 fe e2 36 59 c7 f3 7c 6e 3c cf 1e 00 65 36 4a 45 38 d7 41 d2 4c 8d 3a 45 30 95 1e ff 12 f0 28 cd 15 ce 82 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffab8004f28 | unwrapped: 94 ff 3f 8f f1 a6 0d e9 4c 2d 36 1a b4 f5 18 12 | unwrapped: 07 43 a0 23 8b 7d df 71 6c d7 37 c4 ef f8 6b f2 | unwrapped: 8c df d8 c8 bf 23 19 aa f4 66 ec d2 01 56 04 60 | unwrapped: 07 7a 36 b1 c8 5a 95 cc 15 02 91 3c a5 cb 92 52 | unwrapped: 68 76 31 35 0f 69 98 b6 c1 c8 1d 6c 01 4a 04 41 | unwrapped: 1a dc a6 31 3f d3 e1 c1 75 c8 40 ff 8d 43 47 8c | unwrapped: 99 b4 72 30 40 49 d4 1b 4d 03 15 50 fa 43 67 7a | unwrapped: e7 cc 6b 91 56 e0 7a 61 66 95 00 d3 70 e1 5a 49 | unwrapped: 4f 13 93 b5 2c d8 a9 fe 3c 66 ae df c0 98 93 e6 | unwrapped: 77 6a 53 ff fb 26 77 8d f2 a1 f2 20 8e 2d ed 2f | unwrapped: 14 5a 80 aa ef c0 31 1d 83 e4 00 cd 85 21 6e 52 | unwrapped: 8f ea 50 d1 42 0c 04 43 b9 e1 86 6d 92 6b 0e bf | unwrapped: 6b ce 39 b0 95 ac ac b3 b0 73 00 c2 a6 ef 5c b9 | unwrapped: 44 1d bb 3a 13 c1 b5 6e 6e 0f d8 bd d7 73 4f 5b | unwrapped: 7b c1 d5 e4 96 8c e5 9e 58 b4 7b 91 11 b1 04 02 | unwrapped: c8 01 7c ee 58 2c 83 46 8e 7a 9c 73 0c 86 76 40 | SKEYID_e PRF sha update CKI_i-bytes@0x5573f416ad1c (length 8) | c7 8f 09 fa d1 8f 64 81 | SKEYID_e PRF sha update CKI_r-bytes@0x5573f416ad24 (length 8) | fb 73 14 a9 9f 11 cd 78 | SKEYID_e PRF sha update 2-byte@0x2 (2) | 02 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe2710 | result: final-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f40c6080 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26f8 | result: final-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f40c6080 | SKEYID_e PRF sha final-key@0x5573f4150e50 (size 20) | SKEYID_e: key-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b PRF sha init SKEYID_e-key@0x5573f4150e50 (size 20) | appendix_b: SKEYID_e-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: clone-key@0x5573f40c6080 (20-bytes, SHA_1_HMAC) | appendix_b prf: created sha context 0x7ffab8002d60 from SKEYID_e-key@0x5573f40c6080 | appendix_b prf: begin sha with context 0x7ffab8002d60 from SKEYID_e-key@0x5573f40c6080 | appendix_b: release clone-key@0x5573f40c6080 | appendix_b PRF sha crypt-prf@0x7ffab8001108 | appendix_b PRF sha update 0-byte@0x0 (0) | 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe26f0 | result: final-key@0x5573f4165b30 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4165b30 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26d8 | result: final-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4165b30 | appendix_b PRF sha final-key@0x5573f40c6080 (size 20) | appendix_b: key-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | appendix_b_keymat_e: reference old_k#1-key@0x5573f40c6080 | Kn PRF sha init SKEYID_e-key@0x5573f4150e50 (size 20) | Kn: SKEYID_e-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f4150e50 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26e8 | result: clone-key@0x5573f4165b30 (20-bytes, SHA_1_HMAC) | Kn prf: created sha context 0x7ffab8002d60 from SKEYID_e-key@0x5573f4165b30 | Kn prf: begin sha with context 0x7ffab8002d60 from SKEYID_e-key@0x5573f4165b30 | Kn: release clone-key@0x5573f4165b30 | Kn PRF sha crypt-prf@0x7ffab80010b8 | Kn PRF sha update old_k-key@0x5573f40c6080 (size 20) | Kn: old_k-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | nss hmac digest hack extracting all 20 bytes of key@0x5573f40c6080 | nss hmac digest hack: symkey-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (20-bytes, EXTRACT_KEY_FROM_KEY) | sizeof bytes 32 | wrapper: (SECItemType)-221073097: 3b 7a 88 5d e3 f9 ee f8 a5 06 de 85 80 98 3a b3 fc ea bc 43 f1 98 99 a2 f3 e9 af c5 3c bd 6b 7c | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 32 bytes at 0x7ffab8008c38 | unwrapped: d2 1c e6 d0 b7 c9 02 6b 38 14 7a b4 11 a5 af ab | unwrapped: 73 e8 cf 37 00 00 00 00 00 00 00 00 00 00 00 00 | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | CONCATENATE_DATA_AND_BASE: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | params: 16-bytes@0x7ffac9fe26f0 | result: final-key@0x5573f4169350 (36-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: EXTRACT_KEY_FROM_KEY | key_size: 20-bytes | base: base-key@0x5573f4169350 (36-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe26d8 | result: final-key@0x5573f4165b30 (20-bytes, EXTRACT_KEY_FROM_KEY) | final: release tmp-key@0x5573f4169350 | Kn PRF sha final-key@0x5573f4165b30 (size 20) | Kn: key-key@0x5573f4165b30 (20-bytes, EXTRACT_KEY_FROM_KEY) | CONCATENATE_BASE_AND_KEY: | target: EXTRACT_KEY_FROM_KEY | base: base-key@0x5573f40c6080 (20-bytes, EXTRACT_KEY_FROM_KEY) | params: 8-bytes@0x7ffac9fe2768 | result: result-key@0x5573f4169350 (40-bytes, EXTRACT_KEY_FROM_KEY) | append_symkey_symkey: release lhs-key@0x5573f40c6080 | appendix_b_keymat_e: release old_k#N-key@0x5573f40c6080 | appendix_b_keymat_e: release old_k#final-key@0x5573f4165b30 | key-offset: 0, key-size: 24 | EXTRACT_KEY_FROM_KEY: | target: DES3_CBC | flags: ENCRYPT+DECRYPT | key_size: 24-bytes | base: base-key@0x5573f4169350 (40-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffac9fe2768 | result: cryptkey-key@0x5573f4165b30 (24-bytes, DES3_CBC) | appendix_b_keymat_e: release keymat-key@0x5573f4169350 | NSS: pointers skeyid_d 0x5573f414d560, skeyid_a 0x5573f40bfec0, skeyid_e 0x5573f4150e50, enc_key 0x5573f4165b30 | DH_i: 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | DH_i: ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | DH_i: 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | DH_i: ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | DH_i: 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | DH_i: a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | DH_i: 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | DH_i: d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | DH_i: 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | DH_i: 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | DH_i: 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | DH_i: d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | DH_i: e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | DH_i: 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | DH_i: 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | DH_i: e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | DH_r: fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | DH_r: b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | DH_r: 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | DH_r: 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | DH_r: df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | DH_r: b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | DH_r: fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | DH_r: 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | DH_r: 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | DH_r: 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | DH_r: 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | DH_r: bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | DH_r: b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | DH_r: 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | DH_r: d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | DH_r: 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | new IV hash sha init | new IV hash sha digest GI-bytes@0x5573f416ab1c (length 256) | 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | new IV hash sha digest GR-bytes@0x5573f416ac1c (length 256) | fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | new IV hash sha final chunk@0x7ffab8008c38 (length 20) | 3c 29 20 66 cb 0c bd 0d 2f 59 38 82 5d ea 94 e8 | 66 2d 5b c4 | crypto helper 1 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 30 time elapsed 0.002111 seconds | (#23) spent 2.1 milliseconds in crypto helper computing work-order 30: aggr outR1 DH (pcr) | crypto helper 1 sending results from work-order 30 for state #23 to event queue | scheduling resume sending helper answer for #23 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | crypto helper 1 waiting (nothing to do) | processing resume sending helper answer for #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 1 replies to request ID 30 | calling continuation function 0x5573f2c98b50 | main_inR2_outI3_cryptotail for #23: calculated DH, sending R1 | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID | DH secret MODP2048@0x7ffac00045a8: transferring ownership from helper IKEv1 DH+IV to state #23 | thinking about whether to send my certificate: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? | sendcert: CERT_ALWAYSSEND and I did not get a certificate request | so do not send cert. | I did not send a certificate because digital signatures are not being used. (PSK) | I am not sending a certificate request | I will NOT send an initial contact payload | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal) | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | c7 8f 09 fa d1 8f 64 81 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | fb 73 14 a9 9f 11 cd 78 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 2d | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b07c0 (length 20) | 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | 0f fa 1e 8f | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c7 8f 09 fa d1 8f 64 81 | natd_hash: rcookie= fb 73 14 a9 9f 11 cd 78 | natd_hash: ip= c0 01 02 2d | natd_hash: port=500 | natd_hash: hash= 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | natd_hash: hash= 0f fa 1e 8f | NATD hash sha init | NATD hash sha digest ICOOKIE/IKE SPIi-bytes@0x5573f4163f10 (length 8) | c7 8f 09 fa d1 8f 64 81 | NATD hash sha digest RCOOKIE/IKE SPIr-bytes@0x5573f4163f18 (length 8) | fb 73 14 a9 9f 11 cd 78 | NATD hash sha digest IP addr-bytes@0x7ffeae0b0724 (length 4) | c0 01 02 17 | NATD hash sha digest PORT-bytes@0x7ffeae0b0716 (length 2) | 01 f4 | NATD hash sha final bytes@0x7ffeae0b0800 (length 20) | 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | 15 2c 72 4a | natd_hash: hasher=0x5573f2d6d800(20) | natd_hash: icookie= c7 8f 09 fa d1 8f 64 81 | natd_hash: rcookie= fb 73 14 a9 9f 11 cd 78 | natd_hash: ip= c0 01 02 17 | natd_hash: port=500 | natd_hash: hash= 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | natd_hash: hash= 15 2c 72 4a | expected NAT-D(me): 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | expected NAT-D(me): 0f fa 1e 8f | expected NAT-D(him): | 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | 15 2c 72 4a | received NAT-D: 75 72 15 89 b6 9a 76 d1 f4 9d 77 dd 2a 08 99 88 | received NAT-D: 0f fa 1e 8f | received NAT-D: 0c e0 4c a3 26 f1 0a b1 49 d7 ca 2e 7f 9a 37 ac | received NAT-D: 15 2c 72 4a | NAT_TRAVERSAL encaps using auto-detect | NAT_TRAVERSAL this end is NOT behind NAT | NAT_TRAVERSAL that end is NOT behind NAT | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected | NAT_T_WITH_KA detected | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_HASH (0x8) | ID type: ID_FQDN (0x2) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 8:ISAKMP_NEXT_HASH | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) | my identity 77 65 73 74 | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0718 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x5573f4165a78 | hmac PRF sha update data-bytes@0x7ffac0001fa8 (length 256) | 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | hmac PRF sha update data-bytes@0x7ffaa8003db8 (length 256) | fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | c7 8f 09 fa d1 8f 64 81 | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | fb 73 14 a9 9f 11 cd 78 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41634dc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x5573f2d968e0 (length 8) | 02 00 00 00 77 65 73 74 | hmac PRF sha final-bytes@0x7ffeae0b0a30 (length 20) | 6e 13 e6 dd 80 57 f0 e0 10 56 9c ae f1 b1 03 11 | c1 81 ff d3 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload | HASH_I 6e 13 e6 dd 80 57 f0 e0 10 56 9c ae f1 b1 03 11 | HASH_I c1 81 ff d3 | emitting length of ISAKMP Hash Payload: 24 | Not sending INITIAL_CONTACT | encrypting: 08 00 00 0c 02 00 00 00 77 65 73 74 00 00 00 18 | encrypting: 6e 13 e6 dd 80 57 f0 e0 10 56 9c ae f1 b1 03 11 | encrypting: c1 81 ff d3 | IV: 3c 29 20 66 cb 0c bd 0d 2f 59 38 82 5d ea 94 e8 | IV: 66 2d 5b c4 | unpadded size is: 36 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 4b be 05 d3 eb 57 b4 b7 | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 | parent state #23: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffac00048c8 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41632f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 68 bytes for STATE_MAIN_I2 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 05 10 02 01 00 00 00 00 00 00 00 44 4e e6 e5 48 | 43 64 32 1f ff e0 2b 3b 4e 50 5c 26 4d f6 52 4b | 1a 5d 7a 09 46 ac c8 ed 93 8a 97 ab 4b be 05 d3 | eb 57 b4 b7 | !event_already_set at reschedule | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41632f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #23 | libevent_malloc: new ptr-libevent@0x5573f40c45d8 size 128 | #23 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10456.178732 "3des" #23: STATE_MAIN_I3: sent MI3, expecting MR3 | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | resume sending helper answer for #23 suppresed complete_v1_state_transition() | #23 spent 0.322 milliseconds in resume sending helper answer | stop processing: state #23 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab8003ad8 | spent 0.00206 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 05 10 02 01 00 00 00 00 00 00 00 44 a9 8b e9 e2 | 66 e0 3b 8a b7 1d 1f f3 16 88 49 94 65 4f 82 ac | dc e1 ab 4c 85 51 1b dc 33 51 7b 9d d2 d9 01 0c | 33 6b 79 87 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_ID (0x5) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_IDPROT (0x2) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 0 (0x0) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2) | State DB: found IKEv1 state #23 in MAIN_I3 (find_state_ikev1) | start processing: state #23 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459) | #23 is idle | #23 idle | received encrypted packet from 192.1.2.23:500 | decrypting 40 bytes using algorithm 3DES_CBC | IV before: 4b be 05 d3 eb 57 b4 b7 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: d2 d9 01 0c 33 6b 79 87 | decrypted payload (starts at offset -40): | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 05 10 02 01 00 00 00 00 00 00 00 44 08 00 00 0c | 02 00 00 00 65 61 73 74 00 00 00 18 58 22 05 7e | de 4b 58 cd cd 31 c4 93 9f b0 c9 5e d5 9a 79 75 | 00 00 00 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x2080 | ***parse ISAKMP Identification Payload: | next payload type: ISAKMP_NEXT_HASH (0x8) | length: 12 (0xc) | ID type: ID_FQDN (0x2) | DOI specific A: 0 (0x0) | DOI specific B: 0 (0x0) | obj: 65 61 73 74 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x2080 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 24 (0x18) | removing 4 bytes of padding | message 'main_inR3' HASH payload not checked early "3des" #23: Peer ID is ID_FQDN: '@east' | X509: no CERT payloads to process | hmac PRF sha init symkey-key@0x5573f414f010 (size 20) | hmac: symkey-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414f010 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0fc8 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac prf: begin sha with context 0x5573f41635d0 from symkey-key@0x5573f4169350 | hmac: release clone-key@0x5573f4169350 | hmac PRF sha crypt-prf@0x7ffab8008c38 | hmac PRF sha update data-bytes@0x7ffaa8003db8 (length 256) | fc 94 b3 8b 05 88 7f 31 31 a3 c0 18 18 90 0d 75 | b9 3f b3 2b 86 f1 79 14 e0 ab 80 52 7a 9e f7 e7 | 8a be 80 b9 e8 49 b8 b2 14 3f a4 19 6e ef 5d 1d | 89 d1 c1 ae e6 cb 22 f0 a3 4f 6c ac 74 42 35 5b | df 56 20 32 ae b8 f6 91 66 9d 8b 71 23 be f0 2c | b3 55 7b 9f 6f cd 38 a3 dc ae 7b 50 c7 74 f8 8e | fa 65 04 75 29 77 6d af 10 8e 5f ec db c6 13 7f | 5e f9 f3 ed b1 67 53 93 6f 93 e5 72 f5 71 a7 05 | 2d cc 45 00 8e 5d 29 b8 71 7a 96 b8 84 0e 5e 48 | 84 4d 29 d6 64 c5 99 84 16 58 10 38 66 da f7 a5 | 2d 83 4d 8d 9d a4 63 44 61 5f 10 3a 42 b7 cd 0e | bf c9 1b b2 dc 1e 48 0f fc ef 5f f2 9d e7 3c 95 | b8 88 c0 ff 48 93 a2 94 5c 8f 29 26 3d 96 39 c5 | 11 0e 6c 44 4b 9f 11 02 69 b6 43 d5 96 2e b4 0c | d6 91 17 db 9e d8 10 53 22 30 26 e8 13 0c 34 09 | 1d d5 62 24 ce 62 22 e6 29 5f ff 72 25 12 e8 42 | hmac PRF sha update data-bytes@0x7ffac0001fa8 (length 256) | 4d d3 20 40 2b 74 f3 d9 ba 02 46 6c be 73 b4 a5 | ee 7d 57 34 c7 e7 57 f3 f0 0a 55 82 c6 ae c6 20 | 05 06 46 15 e7 e0 fc ec 85 8b 9f b3 a4 bb b9 9b | ba ab d4 c5 92 ee d3 90 bf ff 2e 29 09 eb 7e 3f | 86 b1 1e 46 70 27 2b 25 2d d0 b5 a1 3d 71 0b 36 | a5 b7 bc 57 60 e2 be 6a f0 e3 d5 ff 03 76 3a df | 62 98 b4 78 c3 ed 45 d6 fb d8 fc 2b 7f 92 73 e7 | d7 aa e5 a6 5d a3 e6 b1 78 17 4b 3c ca a7 2e 09 | 29 65 52 a0 49 4f b3 58 59 75 8e e2 46 8e 96 8a | 19 17 23 70 5c 36 4f 78 85 e4 c0 f8 50 57 c1 86 | 0e 66 52 ce f1 03 01 b4 b7 0d 09 8a 64 2a 45 94 | d7 9b 36 64 98 7d 78 80 ea 97 09 48 6d a9 5d fa | e1 33 72 ae 76 dc e2 e3 54 06 71 20 da a9 e9 61 | 2d 49 db 66 38 f8 ac f8 97 03 db 8e de 0f 6c 41 | 7e d8 e1 6b 89 6f 3c 4f 8e b4 d7 a5 20 2c 9f b6 | e3 6d d3 64 d2 80 7a 0e 88 74 d7 e6 dd 7f b0 3f | hmac PRF sha update data-bytes@0x5573f4163f18 (length 8) | fb 73 14 a9 9f 11 cd 78 | hmac PRF sha update data-bytes@0x5573f4163f10 (length 8) | c7 8f 09 fa d1 8f 64 81 | hashing 52 bytes of SA | hmac PRF sha update data-bytes@0x5573f41634dc (length 52) | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01 | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10 | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 0e | 80 0e 00 c0 | hmac PRF sha update data-bytes@0x5573f4161ac8 (length 8) | 02 00 00 00 65 61 73 74 | hmac PRF sha final-bytes@0x7ffeae0b1150 (length 20) | 58 22 05 7e de 4b 58 cd cd 31 c4 93 9f b0 c9 5e | d5 9a 79 75 | received 'Main' message HASH_R data ok | authentication succeeded | FOR_EACH_CONNECTION_... in ISAKMP_SA_established | complete v1 state transition with STF_OK | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #23 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 | parent state #23: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA) | event_already_set, deleting event | state #23 requesting EVENT_RETRANSMIT to be deleted | #23 STATE_MAIN_I4: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f40c45d8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41632f8 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x5573f41632f8 | inserting event EVENT_SA_REPLACE, timeout in 2864 seconds for #23 | libevent_malloc: new ptr-libevent@0x7ffab8003ad8 size 128 | pstats #23 ikev1.isakmp established "3des" #23: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP2048} | DPD: dpd_init() called on ISAKMP SA | DPD: Peer supports Dead Peer Detection | DPD: not initializing DPD because DPD is disabled locally | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | unpending state #23 | creating state object #24 at 0x5573f4166828 | State DB: adding IKEv1 state #24 in UNDEFINED | pstats #24 ikev1.ipsec started | duplicating state object #23 "3des" as #24 for IPSEC SA | #24 setting local endpoint to 192.1.2.45:500 from #23.st_localport (in duplicate_state() at state.c:1484) | duplicate_state: reference st_skeyid_nss-key@0x5573f414f010 | duplicate_state: reference st_skey_d_nss-key@0x5573f414d560 | duplicate_state: reference st_skey_ai_nss-key@0x5573f40bfec0 | duplicate_state: reference st_skey_ar_nss-key@NULL | duplicate_state: reference st_skey_ei_nss-key@0x5573f4150e50 | duplicate_state: reference st_skey_er_nss-key@NULL | duplicate_state: reference st_skey_pi_nss-key@NULL | duplicate_state: reference st_skey_pr_nss-key@NULL | duplicate_state: reference st_enc_key_nss-key@0x5573f4165b30 | duplicate_state: reference st_sk_d_no_ppk-key@NULL | duplicate_state: reference st_sk_pi_no_ppk-key@NULL | duplicate_state: reference st_sk_pr_no_ppk-key@NULL | suspend processing: state #23 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | start processing: state #24 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685) | child state #24: UNDEFINED(ignore) => QUICK_I1(established CHILD SA) "3des" #24: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#23 msgid:e4243476 proposal=3DES_CBC-HMAC_SHA1_96-MODP2048 pfsgroup=MODP2048} | adding quick_outI1 KE work-order 31 for state #24 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41635f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x5573f416e398 size 128 | stop processing: state #24 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | resume processing: state #23 connection "3des" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764) | unqueuing pending Quick Mode with 192.1.2.23 "3des" | removing pending policy for no connection {0x5573f40bb898} | close_any(fd@24) (in release_whack() at state.c:654) | crypto helper 3 resuming | crypto helper 3 starting work-order 31 for state #24 | #23 spent 0.243 milliseconds in process_packet_tail() | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 31 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | stop processing: state #23 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.356 milliseconds in comm_handle_cb() reading and processing packet | NSS: Value of Prime: | ff ff ff ff ff ff ff ff c9 0f da a2 21 68 c2 34 | c4 c6 62 8b 80 dc 1c d1 29 02 4e 08 8a 67 cc 74 | 02 0b be a6 3b 13 9b 22 51 4a 08 79 8e 34 04 dd | ef 95 19 b3 cd 3a 43 1b 30 2b 0a 6d f2 5f 14 37 | 4f e1 35 6d 6d 51 c2 45 e4 85 b5 76 62 5e 7e c6 | f4 4c 42 e9 a6 37 ed 6b 0b ff 5c b6 f4 06 b7 ed | ee 38 6b fb 5a 89 9f a5 ae 9f 24 11 7c 4b 1f e6 | 49 28 66 51 ec e4 5b 3d c2 00 7c b8 a1 63 bf 05 | 98 da 48 36 1c 55 d3 9a 69 16 3f a8 fd 24 cf 5f | 83 65 5d 23 dc a3 ad 96 1c 62 f3 56 20 85 52 bb | 9e d5 29 07 70 96 96 6d 67 0c 35 4e 4a bc 98 04 | f1 74 6c 08 ca 18 21 7c 32 90 5e 46 2e 36 ce 3b | e3 9e 77 2c 18 0e 86 03 9b 27 83 a2 ec 07 a2 8f | b5 c5 5d f0 6f 4c 52 c9 de 2b cb f6 95 58 17 18 | 39 95 49 7c ea 95 6a e5 15 d2 26 18 98 fa 05 10 | 15 72 8e 5a 8a ac aa 68 ff ff ff ff ff ff ff ff | NSS: Value of base: 02 | DH secret MODP2048@0x7ffabc003188: created | NSS: Local DH MODP2048 secret (pointer): 0x7ffabc003188 | NSS: Public DH wire value: | dc fd bd f4 a5 b4 2d a3 18 6f 76 d4 63 b2 4a 02 | 51 84 44 6b a0 12 f7 b9 8f 37 cc 81 3a 5a 8b eb | 21 2b f5 c2 91 51 5e 19 bd 9f d4 23 13 b5 5d 1f | 02 0b 18 04 f6 06 78 56 26 85 8d b4 ad 38 54 e0 | c7 6e 2b a9 47 97 9a 52 04 ca dd 69 4d 10 c1 15 | c5 b9 b3 65 86 ba 48 07 26 93 b3 2c fe 1f 89 de | e2 ab cb 90 23 0a 85 9c e8 46 ca 27 c9 d0 90 7d | 65 55 d6 45 8f 67 d9 8d ea d8 8d dd a3 43 c7 bf | f9 f0 36 6e 75 12 36 91 e5 8e 1d bb ef 30 78 39 | 25 9b 3c ca e8 18 dd 63 21 73 5b 67 2f 94 08 a7 | ed df 13 68 1c c0 2e 7e c9 14 2b 3c 9e a8 60 11 | 60 db 40 c5 e3 87 94 1b 42 69 ce 88 55 f9 76 f1 | 39 d2 03 d1 11 04 8a f8 90 ce 07 79 b4 d5 e2 12 | f6 a6 41 2f d1 3c 33 5a 2c 4d 43 25 ac 7a cb 9e | 7d 39 68 8e 20 cd 91 22 0e 7c dc 3e 02 35 b6 e9 | ab 8a 89 5d 40 c2 5e 37 43 0e 47 64 3e 71 d4 07 | Generated nonce: 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | Generated nonce: c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 31 time elapsed 0.000874 seconds | (#24) spent 0.867 milliseconds in crypto helper computing work-order 31: quick_outI1 KE (pcr) | crypto helper 3 sending results from work-order 31 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | crypto helper 3 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 3 replies to request ID 31 | calling continuation function 0x5573f2c98b50 | quick_outI1_continue for #24: calculated ke+nonce, sending I1 | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3827577974 (0xe4243476) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | emitting quick defaults using policy none | kernel_alg_db_new() initial trans_cnt=135 | adding proposal: 3DES_CBC-HMAC_SHA1_96-MODP2048 | kernel_alg_db_new() will return p_new->protoid=3, p_new->trans_cnt=1 | kernel_alg_db_new() trans[0]: transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2 | returning new proposal from esp_info | ***emit ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | DOI: ISAKMP_DOI_IPSEC (0x1) | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA) | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet' | ****emit IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ikev1_out_sa pcn: 0 has 1 valid proposals | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 1 | ****emit ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' | netlink_get_spi: allocated 0x49f089c5 for esp.0@192.1.2.45 | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload | SPI 49 f0 89 c5 | *****emit ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******emit ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | emitting length of ISAKMP Transform Payload (ESP): 28 | emitting length of ISAKMP Proposal Payload: 40 | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0 | emitting length of ISAKMP Security Association Payload: 52 | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0 | ***emit ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE) | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet' | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload | Ni 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | Ni c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | emitting length of ISAKMP Nonce Payload: 36 | wire (crypto helper) group MODP2048 and state group MODP2048 match | DH secret MODP2048@0x7ffabc003188: transferring ownership from helper KE to state #24 | ***emit ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE) | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet' | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload | keyex value dc fd bd f4 a5 b4 2d a3 18 6f 76 d4 63 b2 4a 02 | keyex value 51 84 44 6b a0 12 f7 b9 8f 37 cc 81 3a 5a 8b eb | keyex value 21 2b f5 c2 91 51 5e 19 bd 9f d4 23 13 b5 5d 1f | keyex value 02 0b 18 04 f6 06 78 56 26 85 8d b4 ad 38 54 e0 | keyex value c7 6e 2b a9 47 97 9a 52 04 ca dd 69 4d 10 c1 15 | keyex value c5 b9 b3 65 86 ba 48 07 26 93 b3 2c fe 1f 89 de | keyex value e2 ab cb 90 23 0a 85 9c e8 46 ca 27 c9 d0 90 7d | keyex value 65 55 d6 45 8f 67 d9 8d ea d8 8d dd a3 43 c7 bf | keyex value f9 f0 36 6e 75 12 36 91 e5 8e 1d bb ef 30 78 39 | keyex value 25 9b 3c ca e8 18 dd 63 21 73 5b 67 2f 94 08 a7 | keyex value ed df 13 68 1c c0 2e 7e c9 14 2b 3c 9e a8 60 11 | keyex value 60 db 40 c5 e3 87 94 1b 42 69 ce 88 55 f9 76 f1 | keyex value 39 d2 03 d1 11 04 8a f8 90 ce 07 79 b4 d5 e2 12 | keyex value f6 a6 41 2f d1 3c 33 5a 2c 4d 43 25 ac 7a cb 9e | keyex value 7d 39 68 8e 20 cd 91 22 0e 7c dc 3e 02 35 b6 e9 | keyex value ab 8a 89 5d 40 c2 5e 37 43 0e 47 64 3e 71 d4 07 | emitting length of ISAKMP Key Exchange Payload: 260 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 01 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | ***emit ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID) | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet' | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) | client network c0 00 02 00 | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) | client mask ff ff ff 00 | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0d28 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4169350 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4169350 | HASH(1): release clone-key@0x5573f4169350 | HASH(1) PRF sha crypt-prf@0x5573f4165ac8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0e0c (length 4) | e4 24 34 76 | HASH(1) PRF sha update payload-bytes@0x5573f2d968f4 (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 49 f0 89 c5 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 05 eb 40 84 8a 2e 2d f1 | 61 73 3a ef 15 33 e0 b4 c6 07 83 1b 48 4c 28 99 | 48 b7 b9 af e9 81 1d 3f 05 00 01 04 dc fd bd f4 | a5 b4 2d a3 18 6f 76 d4 63 b2 4a 02 51 84 44 6b | a0 12 f7 b9 8f 37 cc 81 3a 5a 8b eb 21 2b f5 c2 | 91 51 5e 19 bd 9f d4 23 13 b5 5d 1f 02 0b 18 04 | f6 06 78 56 26 85 8d b4 ad 38 54 e0 c7 6e 2b a9 | 47 97 9a 52 04 ca dd 69 4d 10 c1 15 c5 b9 b3 65 | 86 ba 48 07 26 93 b3 2c fe 1f 89 de e2 ab cb 90 | 23 0a 85 9c e8 46 ca 27 c9 d0 90 7d 65 55 d6 45 | 8f 67 d9 8d ea d8 8d dd a3 43 c7 bf f9 f0 36 6e | 75 12 36 91 e5 8e 1d bb ef 30 78 39 25 9b 3c ca | e8 18 dd 63 21 73 5b 67 2f 94 08 a7 ed df 13 68 | 1c c0 2e 7e c9 14 2b 3c 9e a8 60 11 60 db 40 c5 | e3 87 94 1b 42 69 ce 88 55 f9 76 f1 39 d2 03 d1 | 11 04 8a f8 90 ce 07 79 b4 d5 e2 12 f6 a6 41 2f | d1 3c 33 5a 2c 4d 43 25 ac 7a cb 9e 7d 39 68 8e | 20 cd 91 22 0e 7c dc 3e 02 35 b6 e9 ab 8a 89 5d | 40 c2 5e 37 43 0e 47 64 3e 71 d4 07 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | 00 5f ed 9c 5c 62 00 42 9f 26 fa 80 36 50 67 8c | b2 a8 e5 41 | outI1 HASH(1): | 00 5f ed 9c 5c 62 00 42 9f 26 fa 80 36 50 67 8c | b2 a8 e5 41 | last Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | current Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0b0e1c (length 4) | e4 24 34 76 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | db dc fb 19 e8 10 c9 25 eb 08 3d 5a 47 36 1c 2f | 58 eb 96 85 | encrypting: 01 00 00 18 00 5f ed 9c 5c 62 00 42 9f 26 fa 80 | encrypting: 36 50 67 8c b2 a8 e5 41 0a 00 00 34 00 00 00 01 | encrypting: 00 00 00 01 00 00 00 28 00 03 04 01 49 f0 89 c5 | encrypting: 00 00 00 1c 00 03 00 00 80 03 00 0e 80 04 00 01 | encrypting: 80 01 00 01 80 02 70 80 80 05 00 02 04 00 00 24 | encrypting: 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | encrypting: c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | encrypting: 05 00 01 04 dc fd bd f4 a5 b4 2d a3 18 6f 76 d4 | encrypting: 63 b2 4a 02 51 84 44 6b a0 12 f7 b9 8f 37 cc 81 | encrypting: 3a 5a 8b eb 21 2b f5 c2 91 51 5e 19 bd 9f d4 23 | encrypting: 13 b5 5d 1f 02 0b 18 04 f6 06 78 56 26 85 8d b4 | encrypting: ad 38 54 e0 c7 6e 2b a9 47 97 9a 52 04 ca dd 69 | encrypting: 4d 10 c1 15 c5 b9 b3 65 86 ba 48 07 26 93 b3 2c | encrypting: fe 1f 89 de e2 ab cb 90 23 0a 85 9c e8 46 ca 27 | encrypting: c9 d0 90 7d 65 55 d6 45 8f 67 d9 8d ea d8 8d dd | encrypting: a3 43 c7 bf f9 f0 36 6e 75 12 36 91 e5 8e 1d bb | encrypting: ef 30 78 39 25 9b 3c ca e8 18 dd 63 21 73 5b 67 | encrypting: 2f 94 08 a7 ed df 13 68 1c c0 2e 7e c9 14 2b 3c | encrypting: 9e a8 60 11 60 db 40 c5 e3 87 94 1b 42 69 ce 88 | encrypting: 55 f9 76 f1 39 d2 03 d1 11 04 8a f8 90 ce 07 79 | encrypting: b4 d5 e2 12 f6 a6 41 2f d1 3c 33 5a 2c 4d 43 25 | encrypting: ac 7a cb 9e 7d 39 68 8e 20 cd 91 22 0e 7c dc 3e | encrypting: 02 35 b6 e9 ab 8a 89 5d 40 c2 5e 37 43 0e 47 64 | encrypting: 3e 71 d4 07 05 00 00 10 04 00 00 00 c0 00 01 00 | encrypting: ff ff ff 00 00 00 00 10 04 00 00 00 c0 00 02 00 | encrypting: ff ff ff 00 | IV: db dc fb 19 e8 10 c9 25 eb 08 3d 5a 47 36 1c 2f | IV: 58 eb 96 85 | unpadded size is: 404 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 408 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 436 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 59 73 d4 c3 ec 60 58 5d | sending 436 bytes for reply packet from quick_outI1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 20 01 e4 24 34 76 00 00 01 b4 7b 14 58 ed | 89 0f a2 e1 3f 0a 41 dd 2a 69 97 f0 f5 92 c3 50 | 39 33 e4 ae e2 2b 09 9a 59 5d 2d fc c0 94 2a a1 | ba 9d a5 f2 59 c3 17 86 a7 36 c1 2a 29 9c 85 a3 | 34 fc 68 d8 d4 34 c7 16 63 31 23 c5 3f e7 39 f5 | cf 1b 8d c5 e7 9c 2d 30 b5 a1 52 09 a8 69 73 04 | 4e 72 db 01 7b 28 9e 74 57 ea 0b d5 45 67 46 29 | d5 66 cc 3b 0f e7 30 91 74 c1 53 a0 64 b8 45 bd | 41 96 19 6e a0 68 26 f7 5c aa 31 39 f1 95 c2 3b | 15 1a 1e 45 79 9d c0 88 ba 1b 46 de 82 3e df 56 | ab 7e 07 8b 4a 46 f4 59 49 4a 2c 1a 21 6b 5d 44 | 83 3f ed a7 07 d9 36 cc ff 6a 1a b2 e4 89 bb 6e | 0a 9e 6f d1 47 cf 60 9e f5 fd 95 bf f1 b4 2b 74 | 41 45 b3 f5 eb 21 fb a6 2a eb 85 48 d5 fa 7e 2a | 0d 07 15 ac 6d f3 a9 8a a6 ad 21 51 e8 53 15 30 | 4b ad de 24 83 b2 43 d3 8c 05 6d f8 85 f5 17 f1 | 26 a9 87 80 70 8a c7 c2 01 4e f9 73 1a 36 97 3a | a5 1c 25 1e ea 5d eb 1d e2 73 57 b7 83 ec 93 d4 | 53 a9 f2 89 61 3e b9 88 2d 4f 26 05 a5 fc 40 33 | 9a bc d5 62 27 7a bd 52 92 cf b2 7f da f6 e3 c6 | 37 5c 00 49 69 bf 95 a8 9a 70 10 2a 89 8a c4 ed | e5 4c 28 87 9c 4a 49 06 42 2c 6f 0f 65 72 10 52 | 94 ad ec fc 6e 08 ff 64 22 b8 8c 6d 6c 90 1f 10 | ea 9b 7e 0c fa fe 87 40 ee ad 9b 9b 1a 68 cc 3b | 09 a9 12 dd 91 61 3e 34 cf b1 8b 44 fe 07 e2 de | ae b2 51 ad 2a 9f a0 f0 75 6b a1 f2 59 73 d4 c3 | ec 60 58 5d | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x5573f416e398 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41635f8 | event_schedule: new EVENT_RETRANSMIT-pe@0x5573f41635f8 | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #24 | libevent_malloc: new ptr-libevent@0x5573f4134ce8 size 128 | #24 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 10456.181417 | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 0.416 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffabc003088 | spent 0.00246 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 436 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 20 01 e4 24 34 76 00 00 01 b4 93 f0 57 97 | fd e2 52 7a 64 89 55 e9 14 a6 62 b4 e5 4b 24 56 | b2 78 b1 5a 67 17 cc 9f f1 8d 1a b5 b6 3d 0f 8c | 41 a5 75 8f 1d ec 84 d2 d3 5e a9 e9 94 00 29 16 | 0b 81 4e dc 8e 3c 76 02 cb 4b 97 fc 71 c0 47 ae | 6f 57 60 be 06 d5 81 92 fb a3 75 7e 27 83 07 97 | a8 b0 1c a1 2f e0 92 ba b1 57 77 ac f3 e1 90 de | 69 8d 27 d4 da 59 95 34 06 12 91 ae 22 72 9e d6 | ce 2a de 42 81 31 74 78 b0 34 bf be 51 97 31 8a | 84 f5 16 27 19 13 38 77 ae 05 e5 31 ad d5 d6 b7 | 4e ec a2 42 83 79 1b 28 08 81 0f e2 03 fe 54 55 | 55 ad aa 22 56 40 7c 8a 7f 06 04 4b d7 95 8c e7 | 84 66 f4 05 72 7a 9f 53 07 df 27 b2 72 89 d4 6b | d3 b6 42 fa ad 59 e8 df 82 c1 3f 3f e9 6f 72 d2 | 56 48 6a 43 30 d7 ca 97 e3 f2 09 56 ee 32 e2 d8 | 37 8c e8 6a 5c 91 c1 ce 8a 17 38 e8 5c c6 40 40 | f0 b8 50 b8 a6 13 b9 68 6f be 1d 8d eb ba e3 2b | a9 66 63 0d 4b 15 61 11 4e 54 3a 00 c3 85 e7 63 | 22 e1 38 11 6a 51 62 5c 1c b9 d3 8d ac a4 5f e5 | d7 55 5d 8f 37 96 af f6 b5 9c e5 00 cd 25 83 5b | 58 ad a3 e4 32 76 e4 c0 66 b9 0a 8b 47 cf 34 3a | 3f 56 26 2f 8a 7b 0c 5a 03 f8 1f 1c 89 dd ee 8b | ed 41 7a dc a1 5a 8f 01 ac 6a 8d fc 70 48 d2 c3 | c1 57 2a cc 7c 7b cd 3b 02 b4 2d 8e e8 fa d1 99 | fd 0e 18 d7 70 58 85 2c 3c d0 65 49 08 47 69 3d | 7d 5d 1d 61 eb 01 40 da 63 b6 56 e9 44 e7 db 80 | 9b 1b e9 7f | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3827577974 (0xe4243476) | length: 436 (0x1b4) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32) | State DB: found IKEv1 state #24 in QUICK_I1 (find_state_ikev1) | start processing: state #24 connection "3des" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633) | #24 is idle | #24 idle | received encrypted packet from 192.1.2.23:500 | decrypting 408 bytes using algorithm 3DES_CBC | IV before: 59 73 d4 c3 ec 60 58 5d | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | IV after: 44 e7 db 80 9b 1b e9 7f | decrypted payload (starts at offset -408): | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 20 01 e4 24 34 76 00 00 01 b4 01 00 00 18 | 30 57 5f 11 14 92 0b 9a 42 56 bc 8b 0c 74 51 63 | ad 0f 62 29 0a 00 00 34 00 00 00 01 00 00 00 01 | 00 00 00 28 00 03 04 01 40 ea 8f a7 00 00 00 1c | 00 03 00 00 80 03 00 0e 80 04 00 01 80 01 00 01 | 80 02 70 80 80 05 00 02 04 00 00 24 9e 13 10 73 | e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 d8 31 5a ce | 75 e6 6f 0e df 7d c3 91 4f 99 73 ec 05 00 01 04 | 09 b0 35 d1 33 6c bc 30 86 a2 ff a4 97 5c f0 e7 | 30 48 48 6d 9f 8f 35 68 d2 ac 44 63 21 6d a4 eb | d9 0b 28 2a 8b c9 2b 1f d1 7d 4c a9 ca bf be 2e | ee 24 91 89 3a d0 45 25 c7 48 67 29 5e 4d ad 06 | 1b 56 22 f1 fb 20 69 12 b7 6b a6 99 78 66 20 15 | b8 ba 6c d7 cd e2 86 9d 9d 96 25 f1 8f 6b 88 41 | 33 d5 96 a7 fd 17 b3 e6 24 01 13 bd 67 fb b4 9b | 14 4e cf 33 f7 ce c4 1b 83 6a eb aa 6a 6f 40 0d | ba 7f ff 88 4d a7 32 29 7d 65 99 4b 48 76 03 3b | 20 cf b3 10 b2 e4 d1 ea d2 23 62 54 de dd e0 89 | 48 8f f0 81 59 4a 20 45 39 20 3b 82 c8 4d 24 fa | 31 f1 6b e6 3e 39 e4 10 48 d1 a4 bd c8 be cf 92 | 07 7b 6f a8 48 26 5c 1d 23 cf 8c 00 d8 9f a3 d3 | 2d b8 e4 c6 3f 98 c8 e1 6a 54 c3 40 14 e0 b5 8e | 71 6e cb 71 ee 08 08 ae f1 ec 91 ca c7 9a 38 83 | ce b7 0e c9 38 19 1b f5 1c f8 de 14 4b 37 59 a1 | 05 00 00 10 04 00 00 00 c0 00 01 00 ff ff ff 00 | 00 00 00 10 04 00 00 00 c0 00 02 00 ff ff ff 00 | 00 00 00 00 | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030 | ***parse ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_SA (0x1) | length: 24 (0x18) | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030 | ***parse ISAKMP Security Association Payload: | next payload type: ISAKMP_NEXT_NONCE (0xa) | length: 52 (0x34) | DOI: ISAKMP_DOI_IPSEC (0x1) | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030 | ***parse ISAKMP Nonce Payload: | next payload type: ISAKMP_NEXT_KE (0x4) | length: 36 (0x24) | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Key Exchange Payload: | next payload type: ISAKMP_NEXT_ID (0x5) | length: 260 (0x104) | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_ID (0x5) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 01 00 ff ff ff 00 | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030 | ***parse ISAKMP Identification Payload (IPsec DOI): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 16 (0x10) | ID type: ID_IPV4_ADDR_SUBNET (0x4) | Protocol ID: 0 (0x0) | port: 0 (0x0) | obj: c0 00 02 00 ff ff ff 00 | removing 4 bytes of padding | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b1018 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4169350 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4169350 | HASH(1): release clone-key@0x5573f4169350 | HASH(1) PRF sha crypt-prf@0x5573f4165ac8 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b10fc (length 4) | e4 24 34 76 | HASH(1) PRF sha update Ni_b-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | HASH(1) PRF sha update payload-bytes@0x5573f416896c (length 380) | 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28 | 00 03 04 01 40 ea 8f a7 00 00 00 1c 00 03 00 00 | 80 03 00 0e 80 04 00 01 80 01 00 01 80 02 70 80 | 80 05 00 02 04 00 00 24 9e 13 10 73 e4 23 e6 a3 | 56 b0 5a 41 15 1d 33 15 d8 31 5a ce 75 e6 6f 0e | df 7d c3 91 4f 99 73 ec 05 00 01 04 09 b0 35 d1 | 33 6c bc 30 86 a2 ff a4 97 5c f0 e7 30 48 48 6d | 9f 8f 35 68 d2 ac 44 63 21 6d a4 eb d9 0b 28 2a | 8b c9 2b 1f d1 7d 4c a9 ca bf be 2e ee 24 91 89 | 3a d0 45 25 c7 48 67 29 5e 4d ad 06 1b 56 22 f1 | fb 20 69 12 b7 6b a6 99 78 66 20 15 b8 ba 6c d7 | cd e2 86 9d 9d 96 25 f1 8f 6b 88 41 33 d5 96 a7 | fd 17 b3 e6 24 01 13 bd 67 fb b4 9b 14 4e cf 33 | f7 ce c4 1b 83 6a eb aa 6a 6f 40 0d ba 7f ff 88 | 4d a7 32 29 7d 65 99 4b 48 76 03 3b 20 cf b3 10 | b2 e4 d1 ea d2 23 62 54 de dd e0 89 48 8f f0 81 | 59 4a 20 45 39 20 3b 82 c8 4d 24 fa 31 f1 6b e6 | 3e 39 e4 10 48 d1 a4 bd c8 be cf 92 07 7b 6f a8 | 48 26 5c 1d 23 cf 8c 00 d8 9f a3 d3 2d b8 e4 c6 | 3f 98 c8 e1 6a 54 c3 40 14 e0 b5 8e 71 6e cb 71 | ee 08 08 ae f1 ec 91 ca c7 9a 38 83 ce b7 0e c9 | 38 19 1b f5 1c f8 de 14 4b 37 59 a1 05 00 00 10 | 04 00 00 00 c0 00 01 00 ff ff ff 00 00 00 00 10 | 04 00 00 00 c0 00 02 00 ff ff ff 00 | HASH(1) PRF sha final-bytes@0x7ffeae0b1180 (length 20) | 30 57 5f 11 14 92 0b 9a 42 56 bc 8b 0c 74 51 63 | ad 0f 62 29 | quick_inR1_outI2 HASH(2): | 30 57 5f 11 14 92 0b 9a 42 56 bc 8b 0c 74 51 63 | ad 0f 62 29 | received 'quick_inR1_outI2' message HASH(2) data ok | ****parse IPsec DOI SIT: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1) | ****parse ISAKMP Proposal Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 40 (0x28) | proposal number: 0 (0x0) | protocol ID: PROTO_IPSEC_ESP (0x3) | SPI size: 4 (0x4) | number of transforms: 1 (0x1) | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI | SPI 40 ea 8f a7 | *****parse ISAKMP Transform Payload (ESP): | next payload type: ISAKMP_NEXT_NONE (0x0) | length: 28 (0x1c) | ESP transform number: 0 (0x0) | ESP transform ID: ESP_3DES (0x3) | encryption ike_alg_lookup_by_id id: 3DES=3, found 3DES_CBC | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+GROUP_DESCRIPTION (0x8003) | length/value: 14 (0xe) | [14 is OAKLEY_GROUP_MODP2048] | DH ike_alg_lookup_by_id id: MODP2048=14, found MODP2048 | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+ENCAPSULATION_MODE (0x8004) | length/value: 1 (0x1) | [1 is ENCAPSULATION_MODE_TUNNEL] | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_TYPE (0x8001) | length/value: 1 (0x1) | [1 is SA_LIFE_TYPE_SECONDS] | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002) | length/value: 28800 (0x7080) | ******parse ISAKMP IPsec DOI attribute: | af+type: AF+AUTH_ALGORITHM (0x8005) | length/value: 2 (0x2) | [2 is AUTH_ALGORITHM_HMAC_SHA1] | integrity ike_alg_lookup_by_id id: HMAC_SHA1=2, found HMAC_SHA1_96 | ESP IPsec Transform verified; matches alg_info entry | DH public value received: | 09 b0 35 d1 33 6c bc 30 86 a2 ff a4 97 5c f0 e7 | 30 48 48 6d 9f 8f 35 68 d2 ac 44 63 21 6d a4 eb | d9 0b 28 2a 8b c9 2b 1f d1 7d 4c a9 ca bf be 2e | ee 24 91 89 3a d0 45 25 c7 48 67 29 5e 4d ad 06 | 1b 56 22 f1 fb 20 69 12 b7 6b a6 99 78 66 20 15 | b8 ba 6c d7 cd e2 86 9d 9d 96 25 f1 8f 6b 88 41 | 33 d5 96 a7 fd 17 b3 e6 24 01 13 bd 67 fb b4 9b | 14 4e cf 33 f7 ce c4 1b 83 6a eb aa 6a 6f 40 0d | ba 7f ff 88 4d a7 32 29 7d 65 99 4b 48 76 03 3b | 20 cf b3 10 b2 e4 d1 ea d2 23 62 54 de dd e0 89 | 48 8f f0 81 59 4a 20 45 39 20 3b 82 c8 4d 24 fa | 31 f1 6b e6 3e 39 e4 10 48 d1 a4 bd c8 be cf 92 | 07 7b 6f a8 48 26 5c 1d 23 cf 8c 00 d8 9f a3 d3 | 2d b8 e4 c6 3f 98 c8 e1 6a 54 c3 40 14 e0 b5 8e | 71 6e cb 71 ee 08 08 ae f1 ec 91 ca c7 9a 38 83 | ce b7 0e c9 38 19 1b f5 1c f8 de 14 4b 37 59 a1 | started looking for secret for @west->@east of kind PKK_PSK | actually looking for secret for @west->@east of kind PKK_PSK | line 1: key type PKK_PSK(@west) to type PKK_PSK | 1: compared key @east to @west / @east -> 004 | 2: compared key @west to @west / @east -> 014 | line 1: match=014 | match 014 beats previous best_match 000 match=0x5573f40bbc48 (line=1) | concluding with best_match=014 best=0x5573f40bbc48 (lineno=1) | DH secret MODP2048@0x7ffabc003188: transferring ownership from state #24 to helper IKEv1 DH | adding quick outI2 DH work-order 32 for state #24 | state #24 requesting EVENT_RETRANSMIT to be deleted | #24 STATE_QUICK_I1: retransmits: cleared | libevent_free: release ptr-libevent@0x5573f4134ce8 | free_event_entry: release EVENT_RETRANSMIT-pe@0x5573f41635f8 | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x5573f41635f8 | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #24 | libevent_malloc: new ptr-libevent@0x7ffabc003088 size 128 | complete v1 state transition with STF_SUSPEND | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648) | suspending state #24 and saving MD | #24 is busy; has a suspended MD | #24 spent 0.119 milliseconds in process_packet_tail() | crypto helper 4 resuming | crypto helper 4 starting work-order 32 for state #24 | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380) | crypto helper 4 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 | peer's g: 09 b0 35 d1 33 6c bc 30 86 a2 ff a4 97 5c f0 e7 | peer's g: 30 48 48 6d 9f 8f 35 68 d2 ac 44 63 21 6d a4 eb | peer's g: d9 0b 28 2a 8b c9 2b 1f d1 7d 4c a9 ca bf be 2e | peer's g: ee 24 91 89 3a d0 45 25 c7 48 67 29 5e 4d ad 06 | peer's g: 1b 56 22 f1 fb 20 69 12 b7 6b a6 99 78 66 20 15 | peer's g: b8 ba 6c d7 cd e2 86 9d 9d 96 25 f1 8f 6b 88 41 | stop processing: state #24 connection "3des" from 192.1.2.23 (in process_md() at demux.c:382) | peer's g: 33 d5 96 a7 fd 17 b3 e6 24 01 13 bd 67 fb b4 9b | peer's g: 14 4e cf 33 f7 ce c4 1b 83 6a eb aa 6a 6f 40 0d | peer's g: ba 7f ff 88 4d a7 32 29 7d 65 99 4b 48 76 03 3b | peer's g: 20 cf b3 10 b2 e4 d1 ea d2 23 62 54 de dd e0 89 | peer's g: 48 8f f0 81 59 4a 20 45 39 20 3b 82 c8 4d 24 fa | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.424 milliseconds in comm_handle_cb() reading and processing packet | peer's g: 31 f1 6b e6 3e 39 e4 10 48 d1 a4 bd c8 be cf 92 | peer's g: 07 7b 6f a8 48 26 5c 1d 23 cf 8c 00 d8 9f a3 d3 | peer's g: 2d b8 e4 c6 3f 98 c8 e1 6a 54 c3 40 14 e0 b5 8e | peer's g: 71 6e cb 71 ee 08 08 ae f1 ec 91 ca c7 9a 38 83 | peer's g: ce b7 0e c9 38 19 1b f5 1c f8 de 14 4b 37 59 a1 | Started DH shared-secret computation in NSS: | new : g_ir-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | DH secret MODP2048@0x7ffabc003188: computed shared DH secret key@0x5573f4169350 | dh-shared : g^ir-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | crypto helper 4 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 32 time elapsed 0.000919 seconds | (#24) spent 0.908 milliseconds in crypto helper computing work-order 32: quick outI2 DH (pcr) | crypto helper 4 sending results from work-order 32 for state #24 to event queue | scheduling resume sending helper answer for #24 | libevent_malloc: new ptr-libevent@0x7ffab0005848 size 128 | crypto helper 4 waiting (nothing to do) | processing resume sending helper answer for #24 | start processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:797) | crypto helper 4 replies to request ID 32 | calling continuation function 0x5573f2c98b50 | quick_inR1_outI2_continue for #24: calculated ke+nonce, calculating DH | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_QUICK (0x20) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 3827577974 (0xe4243476) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | DH secret MODP2048@0x7ffabc003188: transferring ownership from helper IKEv1 DH to state #24 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 01 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | our client is subnet 192.0.1.0/24 | our client protocol/port is 0/0 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address | ID address c0 00 02 00 | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask | ID mask ff ff ff 00 | peer client is subnet 192.0.2.0/24 | peer client protocol/port is 0/0 | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0b08 | result: clone-key@0x5573f40c6080 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f40c6080 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f40c6080 | HASH(1): release clone-key@0x5573f40c6080 | HASH(1) PRF sha crypt-prf@0x7ffab8008c38 | HASH(1) PRF sha update 0-byte@0x0 (0) | 00 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0b0bec (length 4) | e4 24 34 76 | HASH(1) PRF sha update Ni_b-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | HASH(1) PRF sha update Nr_b-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | HASH(1) PRF sha final-bytes@0x5573f2d968e0 (length 20) | c5 6b 3c 27 9e 2e d7 07 8d ea d4 f4 1b 43 f8 51 | f1 d3 47 67 | quick_inR1_outI2 HASH(3): | c5 6b 3c 27 9e 2e d7 07 8d ea d4 f4 1b 43 f8 51 | f1 d3 47 67 | compute_proto_keymat: needed_len (after ESP enc)=24 | compute_proto_keymat: needed_len (after ESP auth)=44 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f40c6080 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac prf: begin sha with context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac: release clone-key@0x5573f40c6080 | hmac PRF sha crypt-prf@0x5573f4165ac8 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x5573f40c4668 | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 49 f0 89 c5 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 40 ea 8f a7 | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha final-bytes@0x7ffac0002b78 (length 20) | d4 c6 9b 32 08 98 8f a9 9c e4 4a 1c be 67 f9 c5 | 3b 37 f1 f0 | hmac PRF sha final-bytes@0x7ffaac002b78 (length 20) | 7b e7 8e 71 53 7c 21 87 61 48 09 f9 09 5d 22 e5 | 10 dc 35 3e | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x5573f40c4618 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f40c6080 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac prf: begin sha with context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac: release clone-key@0x5573f40c6080 | hmac PRF sha crypt-prf@0x7ffab8008c38 | hmac PRF sha update data-bytes@0x7ffac0002b78 (length 20) | d4 c6 9b 32 08 98 8f a9 9c e4 4a 1c be 67 f9 c5 | 3b 37 f1 f0 | hmac PRF sha update data-bytes@0x7ffaac002b78 (length 20) | 7b e7 8e 71 53 7c 21 87 61 48 09 f9 09 5d 22 e5 | 10 dc 35 3e | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 49 f0 89 c5 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 40 ea 8f a7 | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha final-bytes@0x7ffac0002b8c (length 20) | 22 d1 6a c9 85 3f 74 20 b8 f9 df b8 79 7f 49 59 | a2 ed 8a a8 | hmac PRF sha final-bytes@0x7ffaac002b8c (length 20) | ed 5d e1 5f 8d d9 38 bb b3 87 57 35 44 48 68 fd | 0c 40 58 1a | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f40c6080 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac prf: begin sha with context 0x7ffabc0041f0 from symkey-key@0x5573f40c6080 | hmac: release clone-key@0x5573f40c6080 | hmac PRF sha crypt-prf@0x5573f4165ac8 | hmac PRF sha init symkey-key@0x5573f414d560 (size 20) | hmac: symkey-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f414d560 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0b0a88 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | hmac prf: created sha context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac prf: begin sha with context 0x7ffab4002b50 from symkey-key@0x5573f4150a70 | hmac: release clone-key@0x5573f4150a70 | hmac PRF sha crypt-prf@0x5573f40c4668 | hmac PRF sha update data-bytes@0x7ffac0002b8c (length 20) | 22 d1 6a c9 85 3f 74 20 b8 f9 df b8 79 7f 49 59 | a2 ed 8a a8 | hmac PRF sha update data-bytes@0x7ffaac002b8c (length 20) | ed 5d e1 5f 8d d9 38 bb b3 87 57 35 44 48 68 fd | 0c 40 58 1a | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x5573f4168d18 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update g^xy-key@0x5573f4169350 (size 256) | hmac: g^xy-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | nss hmac digest hack extracting all 256 bytes of key@0x5573f4169350 | nss hmac digest hack: symkey-key@0x5573f4169350 (256-bytes, CONCATENATE_DATA_AND_BASE) | : ephemeral-key@0x5573f40c51c0 (16-bytes, AES_KEY_GEN) | nss hmac digest hack: new slot-key@0x5573f414a280 (256-bytes, CONCATENATE_DATA_AND_BASE) | sizeof bytes 256 | wrapper: (SECItemType)-221257007: 66 62 c7 de b4 7b 8c fe f9 e9 61 fc d1 4f 60 8c 7e c2 58 32 0e a2 6b 31 bb 0c 05 b7 fd 1a 9c 95 95 ba 7f 77 82 40 47 f3 62 22 b3 2b 81 f5 3c 15 a1 10 e4 64 f0 20 d8 b1 f5 db f0 82 cb 4e 90 44 ae b1 cb 22 52 52 55 40 a8 46 29 92 82 61 c2 c7 f0 a0 1b 2c 9f 02 7a 26 c4 5f d5 7d 73 42 2c f7 ab dc ca f5 1f 80 c9 f1 6f 26 53 84 d2 52 77 1e f6 d6 d0 b0 98 00 ff db 40 57 07 71 f7 f5 eb 03 e9 2f ef 11 f8 13 1f 5b 01 80 aa 63 46 c7 21 fe b8 a5 c2 67 33 8e 0e 9c a2 cf 92 27 a4 6a 61 d3 7a 33 a6 c3 bb 2a 45 2f 5d c4 3a c5 a8 12 20 e7 90 03 c4 87 89 c9 3d 47 1e e0 eb 7e 4f 8f 26 70 18 d2 5f b7 92 39 75 e7 f7 1d bd 1f 8d bd bd c1 69 7e 64 3d bc 38 d4 c6 62 60 7d e2 35 2d 8b b2 9d 7e 3c 20 2b 91 54 2b 81 e3 88 64 32 69 99 83 b9 ea a2 9a a8 26 80 72 8b 58 17 88 56 cc b0 c3 | nss hmac digest hack: release slot-key-key@0x5573f414a280 | nss hmac digest hack extracted len 256 bytes at 0x7ffac0000b48 | unwrapped: 82 a7 b5 0a ce c4 a8 b8 ff 59 ed 95 b2 84 60 f7 | unwrapped: ce 42 d0 5a bf 58 e5 61 0e 46 43 f6 43 38 55 9a | unwrapped: 7c e4 d3 58 91 87 23 1f d3 ca 09 92 26 45 c5 5a | unwrapped: b9 3a 69 b0 ed 36 d0 48 c0 7b bb 39 1d 10 88 f5 | unwrapped: 7e 2a 9a 58 33 ab a0 88 ce 6f e7 68 19 d3 0f 02 | unwrapped: 47 41 1f 75 dc 40 66 80 d1 b1 23 8b 10 34 eb 6a | unwrapped: 9f 9c f8 99 db f1 da a5 f1 9e 3f b0 59 dc 3e b1 | unwrapped: 5e 6d f9 36 b5 89 64 db 35 48 68 c3 89 26 e5 f6 | unwrapped: 29 1b 93 d7 29 fe b8 d6 d5 01 f4 53 29 bb 24 ae | unwrapped: 2a bf d5 0e 03 fc b7 de 89 e9 e3 79 62 7c da ff | unwrapped: c7 2f 5e 0b 23 85 93 11 78 4b ac 7e 03 4b 36 39 | unwrapped: 18 75 70 7e c6 bb ff c4 3b 8b e7 62 2d 15 84 c9 | unwrapped: 4f 12 e8 0b 64 40 d8 d9 eb 68 8a 4a fe b6 ea 19 | unwrapped: 0d 4a 4b 31 b5 df 2f da 14 fd ae 2f 0f dc 82 86 | unwrapped: 37 0f c3 fc 58 e4 8c 1f 03 91 13 f7 b2 d3 77 2b | unwrapped: f4 a5 d7 33 26 93 ea ab 16 4a 1b b9 17 63 50 89 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x7ffeae0b0bbc (length 1) | 03 | hmac PRF sha update data-bytes@0x5573f4166a30 (length 4) | 49 f0 89 c5 | hmac PRF sha update data-bytes@0x5573f4166a10 (length 4) | 40 ea 8f a7 | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x7ffabc003758 (length 32) | 05 eb 40 84 8a 2e 2d f1 61 73 3a ef 15 33 e0 b4 | c6 07 83 1b 48 4c 28 99 48 b7 b9 af e9 81 1d 3f | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha update data-bytes@0x5573f4165a78 (length 32) | 9e 13 10 73 e4 23 e6 a3 56 b0 5a 41 15 1d 33 15 | d8 31 5a ce 75 e6 6f 0e df 7d c3 91 4f 99 73 ec | hmac PRF sha final-bytes@0x7ffac0002ba0 (length 20) | 64 25 70 3e ea 94 7d b5 ff 46 35 2e 6a 15 07 04 | 7e a8 b6 b3 | hmac PRF sha final-bytes@0x7ffaac002ba0 (length 20) | df e6 1e 19 4f d7 2a a9 0e 6f 85 d8 72 93 48 4a | a1 8f 55 9a | install_ipsec_sa() for #24: inbound and outbound | could_route called for 3des (kind=CK_PERMANENT) | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.40ea8fa7@192.1.2.23 included non-error error | set up outgoing SA, ref=0/0 | looking for alg with encrypt: 3DES_CBC keylen: 192 integ: HMAC_SHA1_96 | encrypt 3DES_CBC keylen=192 transid=3, key_size=24, encryptalg=3 | st->st_esp.keymat_len=44 is encrypt_keymat_size=24 + integ_keymat_size=20 | setting IPsec SA replay-window to 32 | NIC esp-hw-offload not for connection '3des' not available on interface eth1 | netlink: enabling tunnel mode | netlink: setting IPsec SA replay-window to 32 using old-style req | netlink: esp-hw-offload not set for IPsec SA | netlink response for Add SA esp.49f089c5@192.1.2.45 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => tun.10000@192.1.2.45 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | set up incoming SA, ref=0/0 | sr for #24: unrouted | route_and_eroute() for proto 0, and source port 0 dest port 0 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL; eroute owner: NULL | route_and_eroute with c: 3des (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #24 | priority calculation of connection "3des" is 0xfe7e7 | eroute_connection add eroute 192.0.1.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) | IPsec Sa SPD priority set to 1042407 | raw_eroute result=success | running updown command "ipsec _updown" for verb up | command executing up-client | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x40ea8fa7 SPI_OUT=0x | popen cmd is 1023 chars long | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFA: | cmd( 80):CE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' : | cmd( 160):PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_M: | cmd( 240):ASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1643: | cmd( 320):2' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_: | cmd( 400):CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK=': | cmd( 480):255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUT: | cmd( 560):O_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+: | cmd( 640):IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PL: | cmd( 720):UTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS: | cmd( 800):_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLU: | cmd( 880):TO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHAR: | cmd( 960):ED='no' SPI_IN=0x40ea8fa7 SPI_OUT=0x49f089c5 ipsec _updown 2>&1: | route_and_eroute: firewall_notified: true | running updown command "ipsec _updown" for verb prepare | command executing prepare-client | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x40ea8fa7 | popen cmd is 1028 chars long | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_: | cmd( 400):PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_M: | cmd( 480):ASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='': | cmd( 560): PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PF: | cmd( 640):S+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANEN: | cmd( 720):T' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEE: | cmd( 800):R_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0: | cmd( 880):' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI: | cmd( 960):_SHARED='no' SPI_IN=0x40ea8fa7 SPI_OUT=0x49f089c5 ipsec _updown 2>&1: | running updown command "ipsec _updown" for verb route | command executing route-client | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x40ea8fa7 SPI_ | popen cmd is 1026 chars long | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTE: | cmd( 80):RFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@wes: | cmd( 160):t' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIEN: | cmd( 240):T_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='1: | cmd( 320):6432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PE: | cmd( 400):ER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MAS: | cmd( 480):K='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' P: | cmd( 560):LUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+: | cmd( 640):UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x40ea8fa7 SPI_OUT=0x49f089c5 ipsec _updown 2>&1: | route_and_eroute: instance "3des", setting eroute_owner {spd=0x5573f4162958,sr=0x5573f4162958} to #24 (was #0) (newest_ipsec_sa=#0) | #23 spent 1.46 milliseconds in install_ipsec_sa() | encrypting: 00 00 00 18 c5 6b 3c 27 9e 2e d7 07 8d ea d4 f4 | encrypting: 1b 43 f8 51 f1 d3 47 67 | IV: 44 e7 db 80 9b 1b e9 7f | unpadded size is: 24 | encrypting 24 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 52 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 05 08 ff 2c f0 a1 78 64 | inR1_outI2: instance 3des[0], setting IKEv1 newest_ipsec_sa to #24 (was #0) (spd.eroute=#24) cloned from #23 | DPD: dpd_init() called on IPsec SA | DPD: Peer does not support Dead Peer Detection | complete v1 state transition with STF_OK | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673) | #24 is idle | doing_xauth:no, t_xauth_client_done:no | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 | child state #24: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA) | event_already_set, deleting event | state #24 requesting EVENT_CRYPTO_TIMEOUT to be deleted | libevent_free: release ptr-libevent@0x7ffabc003088 | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x5573f41635f8 | sending reply packet to 192.1.2.23:500 (from 192.1.2.45:500) | sending 52 bytes for STATE_QUICK_I1 through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #24) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 20 01 e4 24 34 76 00 00 00 34 5a da 26 2f | 46 b4 2a d5 36 4f c3 42 c9 1f 87 5a 05 08 ff 2c | f0 a1 78 64 | !event_already_set at reschedule | event_schedule: new EVENT_SA_REPLACE-pe@0x7ffab4002b78 | inserting event EVENT_SA_REPLACE, timeout in 27983 seconds for #24 | libevent_malloc: new ptr-libevent@0x5573f416e398 size 128 | pstats #24 ikev1.ipsec established | NAT-T: encaps is 'auto' "3des" #24: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x40ea8fa7 <0x49f089c5 xfrm=3DES_CBC-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} | modecfg pull: noquirk policy:push not-client | phase 1 is done, looking for phase 2 to unpend | close_any(fd@25) (in release_whack() at state.c:654) | resume sending helper answer for #24 suppresed complete_v1_state_transition() | #24 spent 2.39 milliseconds in resume sending helper answer | stop processing: state #24 connection "3des" from 192.1.2.23 (in resume_handler() at server.c:833) | libevent_free: release ptr-libevent@0x7ffab0005848 | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.019 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0028 milliseconds in signal handler PLUTO_SIGCHLD | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00277 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_STATE_... in show_traffic_status (sort_states) | FOR_EACH_STATE_... in sort_states | get_sa_info esp.49f089c5@192.1.2.45 | get_sa_info esp.40ea8fa7@192.1.2.23 | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0604 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | FOR_EACH_STATE_... in shared_phase1_connection | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #24 | suspend processing: connection "3des" (in foreach_state_by_connection_func_delete() at state.c:1310) | start processing: state #24 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #24 ikev1.ipsec deleted completed | [RE]START processing: state #24 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #24: deleting state (STATE_QUICK_I2) aged 0.061s and sending notification | child state #24: QUICK_I2(established CHILD SA) => delete | get_sa_info esp.40ea8fa7@192.1.2.23 | get_sa_info esp.49f089c5@192.1.2.45 "3des" #24: ESP traffic information: in=84B out=84B | #24 send IKEv1 delete notification for STATE_QUICK_I2 | FOR_EACH_STATE_... in find_phase1_state | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2755615256 (0xa43f5a18) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 3 (0x3) | SPI size: 4 (0x4) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload | delete payload 49 f0 89 c5 | emitting length of ISAKMP Delete Payload: 16 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4150a70 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4150a70 | HASH(1) prf: begin sha with context 0x7ffabc0041f0 from SKEYID_a-key@0x5573f4150a70 | HASH(1): release clone-key@0x5573f4150a70 | HASH(1) PRF sha crypt-prf@0x5573f40c4618 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | a4 3f 5a 18 | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 16) | 00 00 00 10 00 00 00 01 03 04 00 01 49 f0 89 c5 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 84 f4 db 2a b0 b5 65 8b a1 ac 4c 21 f2 02 b8 82 | 2d 31 2c 92 | send delete HASH(1): | 84 f4 db 2a b0 b5 65 8b a1 ac 4c 21 f2 02 b8 82 | 2d 31 2c 92 | last Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | current Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | a4 3f 5a 18 | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | da 4d 31 e0 4d 28 53 8b cf 89 a5 de b0 11 7d a8 | d5 96 0c ce | encrypting: 0c 00 00 18 84 f4 db 2a b0 b5 65 8b a1 ac 4c 21 | encrypting: f2 02 b8 82 2d 31 2c 92 00 00 00 10 00 00 00 01 | encrypting: 03 04 00 01 49 f0 89 c5 | IV: da 4d 31 e0 4d 28 53 8b cf 89 a5 de b0 11 7d a8 | IV: d5 96 0c ce | unpadded size is: 40 | encrypting 40 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 68 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 47 a9 6f 01 09 75 37 b4 | sending 68 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 05 01 a4 3f 5a 18 00 00 00 44 ea 17 d2 61 | 72 0c e1 ef a1 17 4e 34 4f e4 70 6b e8 b1 a6 f1 | 9c 07 bb 9f dd 94 0d 53 2b 9e 75 f9 47 a9 6f 01 | 09 75 37 b4 | state #24 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x5573f416e398 | free_event_entry: release EVENT_SA_REPLACE-pe@0x7ffab4002b78 | running updown command "ipsec _updown" for verb down | command executing down-client | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566825170' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x40ea8fa7 | popen cmd is 1031 chars long | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTER: | cmd( 80):FACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west: | cmd( 160):' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT: | cmd( 240):_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16: | cmd( 320):432' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEE: | cmd( 400):R_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK: | cmd( 480):='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PL: | cmd( 560):UTO_STACK='netkey' PLUTO_ADDTIME='1566825170' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUN: | cmd( 640):NEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMA: | cmd( 720):NENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_: | cmd( 800):PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER: | cmd( 880):='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' : | cmd( 960):VTI_SHARED='no' SPI_IN=0x40ea8fa7 SPI_OUT=0x49f089c5 ipsec _updown 2>&1: | shunt_eroute() called for connection '3des' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | IPsec Sa SPD priority set to 1042407 | delete esp.40ea8fa7@192.1.2.23 | netlink response for Del SA esp.40ea8fa7@192.1.2.23 included non-error error | priority calculation of connection "3des" is 0xfe7e7 | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.1.0/24:0 => unk255.10000@192.1.2.45 (raw_eroute) | raw_eroute result=success | delete esp.49f089c5@192.1.2.45 | netlink response for Del SA esp.49f089c5@192.1.2.45 included non-error error | stop processing: connection "3des" (BACKGROUND) (in update_state_connection() at connections.c:4076) | start processing: connection NULL (in update_state_connection() at connections.c:4077) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #24 in QUICK_I2 | child state #24: QUICK_I2(established CHILD SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffabc003188: destroyed | stop processing: state #24 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f4169350 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4165b30 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | state #23 | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | state #23 | start processing: state #23 connection "3des" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310) | pstats #23 ikev1.isakmp deleted completed | [RE]START processing: state #23 connection "3des" from 192.1.2.23 (in delete_state() at state.c:879) "3des" #23: deleting state (STATE_MAIN_I4) aged 0.076s and sending notification | parent state #23: MAIN_I4(established IKE SA) => delete | #23 send IKEv1 delete notification for STATE_MAIN_I4 | **emit ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_NONE (0x0) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 4076371548 (0xf2f87e5c) | next payload chain: saving message location 'ISAKMP Message'.'next payload type' | ***emit ISAKMP Hash Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH) | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg' | emitting 20 zero bytes of HASH DATA into ISAKMP Hash Payload | emitting length of ISAKMP Hash Payload: 24 | ***emit ISAKMP Delete Payload: | next payload type: ISAKMP_NEXT_NONE (0x0) | DOI: ISAKMP_DOI_IPSEC (0x1) | protocol ID: 1 (0x1) | SPI size: 16 (0x10) | number of SPIs: 1 (0x1) | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D) | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg' | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload | initiator SPI c7 8f 09 fa d1 8f 64 81 | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload | responder SPI fb 73 14 a9 9f 11 cd 78 | emitting length of ISAKMP Delete Payload: 28 | HASH(1) PRF sha init SKEYID_a-key@0x5573f40bfec0 (size 20) | HASH(1): SKEYID_a-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | key-offset: 0, key-size: 20 | EXTRACT_KEY_FROM_KEY: | target: SHA_1_HMAC | flags: SIGN | key_size: 20-bytes | base: base-key@0x5573f40bfec0 (20-bytes, EXTRACT_KEY_FROM_KEY) | operation: FLAGS_ONLY | params: 8-bytes@0x7ffeae0ab8b8 | result: clone-key@0x5573f4169350 (20-bytes, SHA_1_HMAC) | HASH(1) prf: created sha context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4169350 | HASH(1) prf: begin sha with context 0x7ffaac002b50 from SKEYID_a-key@0x5573f4169350 | HASH(1): release clone-key@0x5573f4169350 | HASH(1) PRF sha crypt-prf@0x7ffabc003038 | HASH(1) PRF sha update M-ID-bytes@0x7ffeae0ab99c (length 4) | f2 f8 7e 5c | HASH(1) PRF sha update payload-bytes@0x7ffeae0abd44 (length 28) | 00 00 00 1c 00 00 00 01 01 10 00 01 c7 8f 09 fa | d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | HASH(1) PRF sha final-bytes@0x7ffeae0abd30 (length 20) | 5b b5 02 10 f9 e1 96 48 9f 48 5c 89 80 d5 2a af | 10 3f cd 37 | send delete HASH(1): | 5b b5 02 10 f9 e1 96 48 9f 48 5c 89 80 d5 2a af | 10 3f cd 37 | last Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | current Phase 1 IV: d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha init | Phase 2 IV hash sha digest PH1_IV-bytes@0x5573f4163e08 (length 8) | d2 d9 01 0c 33 6b 79 87 | Phase 2 IV hash sha digest MSGID-bytes@0x7ffeae0ab9ac (length 4) | f2 f8 7e 5c | Phase 2 IV hash sha final bytes@0x5573f4163d88 (length 20) | 32 7d af 5b 98 12 e7 24 9e 54 c0 aa af 58 bc 85 | f2 82 6e 99 | encrypting: 0c 00 00 18 5b b5 02 10 f9 e1 96 48 9f 48 5c 89 | encrypting: 80 d5 2a af 10 3f cd 37 00 00 00 1c 00 00 00 01 | encrypting: 01 10 00 01 c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 | encrypting: 9f 11 cd 78 | IV: 32 7d af 5b 98 12 e7 24 9e 54 c0 aa af 58 bc 85 | IV: f2 82 6e 99 | unpadded size is: 52 | emitting 4 zero bytes of encryption padding into ISAKMP Message | encrypting 56 using 3DES_CBC | no IKEv1 message padding required | emitting length of ISAKMP Message: 84 | NSS ike_alg_nss_cbc: 3des_cbc - enter | NSS ike_alg_nss_cbc: 3des_cbc - exit | next IV: 6f 6e a5 9e 03 86 47 d6 | sending 84 bytes for delete notify through eth1 from 192.1.2.45:500 to 192.1.2.23:500 (using #23) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 05 01 f2 f8 7e 5c 00 00 00 54 9d aa b5 48 | 7e ac 0f 55 1b ed e9 b8 44 a0 3e de af 69 25 c9 | b6 df ae 20 ef 28 a9 99 21 bf 6d 30 a6 6b 93 91 | 44 f8 1f c7 fd d7 d6 3c 49 f5 07 e2 6f 6e a5 9e | 03 86 47 d6 | state #23 requesting EVENT_SA_REPLACE to be deleted | libevent_free: release ptr-libevent@0x7ffab8003ad8 | free_event_entry: release EVENT_SA_REPLACE-pe@0x5573f41632f8 | State DB: IKEv1 state not found (flush_incomplete_children) | in connection_discard for connection 3des | State DB: deleting IKEv1 state #23 in MAIN_I4 | parent state #23: MAIN_I4(established IKE SA) => UNDEFINED(ignore) | DH secret MODP2048@0x7ffac00045a8: destroyed | stop processing: state #23 from 192.1.2.23 (in delete_state() at state.c:1143) | delete_state: release st->st_shared_nss-key@0x5573f41619f0 | delete_state: release st->st_skeyid_nss-key@0x5573f414f010 | delete_state: release st->st_skey_d_nss-key@0x5573f414d560 | delete_state: release st->st_skey_ai_nss-key@0x5573f40bfec0 | delete_state: release st->st_skey_ar_nss-key@NULL | delete_state: release st->st_skey_ei_nss-key@0x5573f4150e50 | delete_state: release st->st_skey_er_nss-key@NULL | delete_state: release st->st_skey_pi_nss-key@NULL | delete_state: release st->st_skey_pr_nss-key@NULL | delete_state: release st->st_enc_key_nss-key@0x5573f4165b30 | delete_state: release st->st_sk_d_no_ppk-key@NULL | delete_state: release st->st_sk_pi_no_ppk-key@NULL | delete_state: release st->st_sk_pr_no_ppk-key@NULL | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312) | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 1.49 milliseconds in whack | spent 0.00146 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 68 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 05 01 99 ec b7 78 00 00 00 44 81 b1 e7 e6 | df c7 35 f7 d1 61 85 1e 62 e8 89 e3 1d 0d c5 ef | 89 52 91 66 93 4a a0 7b 6e ad a7 ed a6 17 59 a1 | 93 77 94 05 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 2582427512 (0x99ecb778) | length: 68 (0x44) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x99ecb778 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | c7 8f 09 fa d1 8f 64 81 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | fb 73 14 a9 9f 11 cd 78 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0837 milliseconds in comm_handle_cb() reading and processing packet | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.0046 milliseconds in signal handler PLUTO_SIGCHLD | spent 0.00264 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() | *received 84 bytes from 192.1.2.23:500 on eth1 (192.1.2.45:500) | c7 8f 09 fa d1 8f 64 81 fb 73 14 a9 9f 11 cd 78 | 08 10 05 01 2e 2d 61 81 00 00 00 54 75 93 c8 63 | 4e a8 19 2f 97 c8 fd 24 99 98 f9 bf 24 b5 e2 55 | 9d 83 cd 9d ad 81 f8 78 15 44 4f 9e 85 aa 73 61 | 73 34 07 f9 b4 08 cd 81 01 0c 3e 7b d7 4f 9d 95 | 7b 62 0a c5 | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) | **parse ISAKMP Message: | initiator cookie: | c7 8f 09 fa d1 8f 64 81 | responder cookie: | fb 73 14 a9 9f 11 cd 78 | next payload type: ISAKMP_NEXT_HASH (0x8) | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) | exchange type: ISAKMP_XCHG_INFO (0x5) | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) | Message ID: 774726017 (0x2e2d6181) | length: 84 (0x54) | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5) | State DB: IKEv1 state not found (find_v1_info_state) | State DB: IKEv1 state not found (find_state_ikev1_init) | Informational Exchange is for an unknown (expired?) SA with MSGID:0x2e2d6181 | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes: | c7 8f 09 fa d1 8f 64 81 | - unknown SA's md->hdr.isa_ike_responder_spi.bytes: | fb 73 14 a9 9f 11 cd 78 | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) | processing: STOP state #0 (in process_md() at demux.c:382) | processing: STOP connection NULL (in process_md() at demux.c:383) | spent 0.0713 milliseconds in comm_handle_cb() reading and processing packet | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in terminate_a_connection() at terminate.c:69) "3des": terminating SAs using this connection | connection '3des' -POLICY_UP | connection not shared - terminating IKE and IPsec SA | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | stop processing: connection "3des" (in terminate_a_connection() at terminate.c:87) | FOR_EACH_CONNECTION_... in conn_by_name | start processing: connection "3des" (in delete_connection() at connections.c:189) | Deleting states for connection - not including other IPsec SA's | pass 0 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | pass 1 | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete | shunt_eroute() called for connection '3des' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0 | netlink_shunt_eroute for proto 0, and source port 0 dest port 0 | priority calculation of connection "3des" is 0xfe7e7 | priority calculation of connection "3des" is 0xfe7e7 | FOR_EACH_CONNECTION_... in route_owner | conn 3des mark 0/00000000, 0/00000000 vs | conn 3des mark 0/00000000, 0/00000000 | route owner of "3des" unrouted: NULL | running updown command "ipsec _updown" for verb unroute | command executing unroute-client | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@west' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0 | popen cmd is 1012 chars long | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='3des' PLUTO_IN: | cmd( 80):TERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.2.45' PLUTO_MY_ID='@w: | cmd( 160):est' PLUTO_MY_CLIENT='192.0.1.0/24' PLUTO_MY_CLIENT_NET='192.0.1.0' PLUTO_MY_CLI: | cmd( 240):ENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID=: | cmd( 320):'16432' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO: | cmd( 400):_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_: | cmd( 480):MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA=': | cmd( 560):' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+P: | cmd( 640):FS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT': | cmd( 720): PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_: | cmd( 800):DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' : | cmd( 880):PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_S: | cmd( 960):HARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1: "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. "3des": unroute-client output: Error: Peer netns reference is invalid. | free hp@0x5573f4163218 | flush revival: connection '3des' wasn't on the list | stop processing: connection "3des" (in discard_connection() at connections.c:249) | FOR_EACH_CONNECTION_... in conn_by_name | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.869 milliseconds in whack | processing signal PLUTO_SIGCHLD | waitpid returned ECHILD (no child processes left) | spent 0.00355 milliseconds in signal handler PLUTO_SIGCHLD | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | old debugging base+cpu-usage+crypt + none | base debugging = base+cpu-usage+crypt | old impairing delete-on-retransmit + none - bust-mi2+bust-mr2+drop-i2+sa-creation+jacob-two-two+allow-null-none+major-version-bump+minor-version-bump+timeout-on-retransmit+delete-on-retransmit+suppress-retransmits+send-bogus-payload-flag+send-bogus-isakmp-flag+send-no-delete+send-no-ikev2-auth+send-no-xauth-r0+drop-xauth-r0+send-no-main-r2+force-fips+send-key-size-check+send-bogus-dcookie+omit-hash-notify+ignore-hash-notify+ignore-hash-notify-resp+ikev2-exclude-integ-none+ikev2-include-integ-none+replay-duplicates+replay-forward+replay-backward+replay-encrypted+corrupt-encrypted+proposal-parser+add-unknown-payload-to-sa-init+add-unknown-payload-to-auth+add-unknown-payload-to-auth-sk+unknown-payload-critical+allow-dns-insecure+send-pkcs7-thingie+ikev1-del-with-notify+bad-ikev2-auth-xchg | base impairing = none | ike-key-length-attribute: disabled | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.0914 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) | FOR_EACH_CONNECTION_... in show_connections_status | FOR_EACH_STATE_... in show_states_status (sort_states) | close_any(fd@16) (in whack_process() at rcv_whack.c:700) | spent 0.267 milliseconds in whack | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) shutting down | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) | certs and keys locked by 'free_preshared_secrets' forgetting secrets | certs and keys unlocked by 'free_preshared_secrets' | crl fetch request list locked by 'free_crl_fetch' | crl fetch request list unlocked by 'free_crl_fetch' shutting down interface lo/lo 127.0.0.1:4500 shutting down interface lo/lo 127.0.0.1:500 shutting down interface eth0/eth0 192.0.1.254:4500 shutting down interface eth0/eth0 192.0.1.254:500 shutting down interface eth1/eth1 192.1.2.45:4500 shutting down interface eth1/eth1 192.1.2.45:500 | FOR_EACH_STATE_... in delete_states_dead_interfaces | libevent_free: release ptr-libevent@0x5573f4156138 | free_event_entry: release EVENT_NULL-pe@0x5573f4161f28 | libevent_free: release ptr-libevent@0x5573f40eb4d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4161fd8 | libevent_free: release ptr-libevent@0x5573f40eb5d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4162088 | libevent_free: release ptr-libevent@0x5573f40e8768 | free_event_entry: release EVENT_NULL-pe@0x5573f4162138 | libevent_free: release ptr-libevent@0x5573f40c04e8 | free_event_entry: release EVENT_NULL-pe@0x5573f41621e8 | libevent_free: release ptr-libevent@0x5573f40c01d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4162298 | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations | libevent_free: release ptr-libevent@0x5573f41561e8 | free_event_entry: release EVENT_NULL-pe@0x5573f4149f28 | libevent_free: release ptr-libevent@0x5573f40eb3d8 | free_event_entry: release EVENT_NULL-pe@0x5573f4149eb8 | libevent_free: release ptr-libevent@0x5573f412d808 | free_event_entry: release EVENT_NULL-pe@0x5573f4149378 | global timer EVENT_REINIT_SECRET uninitialized | global timer EVENT_SHUNT_SCAN uninitialized | global timer EVENT_PENDING_DDNS uninitialized | global timer EVENT_PENDING_PHASE2 uninitialized | global timer EVENT_CHECK_CRLS uninitialized | global timer EVENT_REVIVE_CONNS uninitialized | global timer EVENT_FREE_ROOT_CERTS uninitialized | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized | global timer EVENT_NAT_T_KEEPALIVE uninitialized | libevent_free: release ptr-libevent@0x5573f40f1aa8 | signal event handler PLUTO_SIGCHLD uninstalled | libevent_free: release ptr-libevent@0x5573f41615f8 | signal event handler PLUTO_SIGTERM uninstalled | libevent_free: release ptr-libevent@0x5573f4161708 | signal event handler PLUTO_SIGHUP uninstalled | libevent_free: release ptr-libevent@0x5573f4161948 | signal event handler PLUTO_SIGSYS uninstalled | releasing event base | libevent_free: release ptr-libevent@0x5573f4161818 | libevent_free: release ptr-libevent@0x5573f4144888 | libevent_free: release ptr-libevent@0x5573f4144838 | libevent_free: release ptr-libevent@0x7ffabc003e78 | libevent_free: release ptr-libevent@0x5573f4144788 | libevent_free: release ptr-libevent@0x5573f41613c8 | libevent_free: release ptr-libevent@0x5573f4161578 | libevent_free: release ptr-libevent@0x5573f4144a38 | libevent_free: release ptr-libevent@0x5573f4149b48 | libevent_free: release ptr-libevent@0x5573f414a038 | libevent_free: release ptr-libevent@0x5573f4162308 | libevent_free: release ptr-libevent@0x5573f4162258 | libevent_free: release ptr-libevent@0x5573f41621a8 | libevent_free: release ptr-libevent@0x5573f41620f8 | libevent_free: release ptr-libevent@0x5573f4162048 | libevent_free: release ptr-libevent@0x5573f4161f98 | libevent_free: release ptr-libevent@0x5573f40e7fb8 | libevent_free: release ptr-libevent@0x5573f41616c8 | libevent_free: release ptr-libevent@0x5573f41615b8 | libevent_free: release ptr-libevent@0x5573f4161538 | libevent_free: release ptr-libevent@0x5573f41617d8 | libevent_free: release ptr-libevent@0x5573f4161408 | libevent_free: release ptr-libevent@0x5573f40bf908 | libevent_free: release ptr-libevent@0x5573f40bfd38 | libevent_free: release ptr-libevent@0x5573f40e8328 | releasing global libevent data | libevent_free: release ptr-libevent@0x5573f40bf7f8 | libevent_free: release ptr-libevent@0x5573f40bfcd8 | libevent_free: release ptr-libevent@0x5573f40bfdd8 leak detective found no leaks